Abstract
Internet of Things (IoT) devices connected to the Internet are exploding, which poses a significant threat for their management and security protection. IoT device identification is a prerequisite for discovering, monitoring, and protecting these devices. Although we can identify the device type easily through grabbing protocol banner information, both brand and model of different types of device are various and diverse. We should therefore utilize multi-protocol probes to improve the fineness of device identification and obtain the corresponding brand and model. However, it is still a challenge to balance between the multi-protocol probe overhead and the identification fineness. To solve this problem, we proposed a time-efficient multi-protocol probe scheme for fine-grain devices identification. We first adopted the concept of reinforcement learning to model the banner-based device identification process into a Markov decision process (MDP). Through the value iteration algorithm, an optimal multi-protocol probe sequence is generated for a type-known IoT device, and then the optimal multi-protocol probes sequence segment is extracted based on the gain threshold of identification accuracy. We took 132,835 webcams as the sample data to experiment. The experimental results showed that our optimal multi-protocol probes sequence segment could reduce the identification time of webcams’ brand and model by 50.76% and achieve the identification accuracy of 90.5% and 92.3% respectively. In addition, we demonstrated that our time-efficient optimal multi-protocol probe scheme could also significantly improve the identification efficiency of other IoT devices, such as routers and printers.
Highlights
With the development of communications technologies such as LoRa, NB-IoT and 5G [1], more and more Internet of Things (IoT) [2] devices such as routers, webcams, network printers, wearable smart devices, smart home devices and industrial control devices are emerging and exploding in number
Common protocols represent the predominant Internet protocol, and industry protocols are applied to handle some types of IoT devices, while the private protocols are just used for some brands of IoT devices
In order to fully explore the contribution of each protocol to the in Table 1, ten kinds of protocol probe packets are constructed by combining of service protocols and identification of brand and model information of webcams, we send all the ten protocol probe packets ports to probe the webcam device
Summary
With the development of communications technologies such as LoRa, NB-IoT and 5G [1], more and more Internet of Things (IoT) [2] devices such as routers, webcams, network printers, wearable smart devices, smart home devices and industrial control devices are emerging and exploding in number. We discuss for the first time the balance challenge between protocol probe overhead and identification fineness during banner-based device identification and design a time-efficient multi-protocol probe scheme for fine-grain IoT device identification to solve this challenge. We proposed a reinforcement learning method to model the banner-based device identification process into a Markov decision process, and introduce a new optimal strategy generation method to improve the value iteration algorithm so as to generate the optimal multi-protocol probe sequence, and further obtain the optimal multi-protocol probe sequence segment by introducing the gain threshold of identification accuracy. We implemented the time-efficient multi-protocol probe prototype system, and generated the optimal multi-protocol probe sequence segment for 132,835 webcams, which could reduce the webcams’ brand and model identification time by 50.76%, and achieved the identification accuracy of 90.5% and 92.3% respectively.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have