Go to CCWC 2022 homepageSmart Recon: Network Traffic Fingerprinting for IoT Device Identification
Abstract: The ubiquity of IoT devices in both public and private networks has increased dramatically in the last few years with billions of network connected devices appearing in every sector. In many cases these devices provide low-power and low-cost solutions to multiple problems, but this convenience comes with a price. Low-powered devices often lack the computational capacity to support encryption or other means of protection. In addition, devices are often optimized for easy connection out-of-the-box, potentially leaving them vulnerable due to default configurations. Accounting for IoT devices within a network can be problematic as spoofing of IP and MAC addresses is trivial, but device identification is fundamental to network security. Much work has been done in recent times to address the problem of identification by fingerprinting network traffic using various machine learning techniques, allowing network administrators to track device membership and detect anomalous behavior. While a high degree of accuracy has been achieved, effective feature extraction and acceptable computational overhead continue to be an issue. In addition, machine leaning models must be frequently modified and updated to remain effective. We apply a combination of locality sensitive hashing and neural networks to identify specific devices based on their network traffic, eliminating the need for complex feature engineering and model retraining. Our approach achieves an accuracy identifying known devices as high as 98 % using only a single packet sniffed from the network, allowing for real-time device identification. In addition, our approach eliminates the need for feature extraction providing a significant improvement over other approaches.
0 Replies
Loading