Yair Meidan
Michael Bohadana
ABSTRACT
In this work we apply machine learning algorithms on network traffic data for accurate identification of IoT devices connected to a network. To train and evaluate the classifier, we collected and labeled network traffic data from nine distinct IoT devices, and PCs and smartphones. Using supervised learning, we trained a multi-stage meta classifier; in the first stage, the classifier can distinguish between traffic generated by IoT and non-IoT devices. In the second stage, each IoT device is associated a specific IoT device class. The overall IoT classification accuracy of our model is 99.281+.
- Alexa top sites. Retrieved April 14, 2016 from http://www.alexa.com/topsites.Google Scholar
- Geoip lookup service. Retrieved April 14, 2016 from http://geoip.com/.Google Scholar
- D. Bekerman. Network features. Retrieved April 14, 2016 from http://www.ise.bgu.ac.il/dima/network_traffic_features_set.pdf.Google Scholar
- D. Bekerman, B. Shapira, L. Rokach, and A. Bar. Unknown malware detection using network traffic classification. In Proc. of IEEE Conference on Communications and Network Security (CNS), 2015. Google ScholarCross Ref
- V. Brik, S. Banerjee, M. Gruteser, and S. Oh. Wireless device identification with radiometric signatures. In Proc. of ACM conference on Mobile computing and networking, 2008. Google ScholarDigital Library
- G. Combs et al. Wireshark-network protocol analyzer. Version 0.99, 5, 2008.Google Scholar
- G. Gu, R. Perdisci, J. Zhang, and W. Lee. BotMiner: Clustering analysis of network traffic for protocol-and structure-independent botnet detection. In Proc. of USENIX Security Symposium, 2008. Google ScholarDigital Library
- P. N. Mahalle, N. R. Prasad, and R. Prasad. Object classification based context management for identity management in internet of things. International Journal of Computer Applications, 63(12), 2013.Google ScholarCross Ref
- D. Miorandi, S. Sicari, F. De Pellegrini, and I. Chlamtac. Internet of Things: Vision, applications and research challenges. Ad Hoc Networks, 10(7):1497--1516, 2012. Google ScholarDigital Library
- I. H. Saruhan. Detecting and preventing rogue devices on the network. SANS Institute InfoSec Reading Room, sans. org, 2007.Google Scholar
- W. T. Strayer, D. Lapsely, R. Walsh, and C. Livadas. Botnet detection based on network behavior. In Botnet Detection: Countering the Largest Security Threat, pages 1--24. Springer, 2008. Google ScholarCross Ref
- K. I. Talbot, P. R. Duley, and M. H. Hyatt. Specific emitter identification and verification. Technology Review, page 113, 2003.Google Scholar
Index Terms
- ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis
Recommendations
Network Traffic Analysis based IoT Device Identification
BDIOT '20: Proceedings of the 2020 4th International Conference on Big Data and Internet of ThingsDevice identification is the process of identifying a device on Internet without using its assigned network or other credentials. The sharp rise of usage in Internet of Things (IoT) devices has imposed new challenges in device identification due to a ...
Position paper: A systematic framework for categorising IoT device fingerprinting mechanisms
AIChallengeIoT '20: Proceedings of the 2nd International Workshop on Challenges in Artificial Intelligence and Machine Learning for Internet of ThingsThe popularity of the Internet of Things (IoT) devices makes it increasingly important to be able to fingerprint them, for example in order to detect if there are misbehaving or even malicious IoT devices in one's network. However, there are many ...
Identifying Device Types for Anomaly Detection in IoT
Machine Learning for NetworkingAbstractWith the advances in Internet of Things (IoT) technologies, more and more smart sensors and devices are connected to the Internet. Since the original idea of smart devices is better connection with each other, very limited security mechanism has ...
Comments