Abstract
Internet-connected Internet of Things (IoT) devices are exploding, which pose a significant threat for their management and security protection. IoT device identification is a prerequisite for discovering, monitoring, and protecting these devices. Although the existing proactive identification methods based on protocol fingerprint can discover and identify large-scale IoT devices, the fingerprint granularity is difficult to meet the requirements of security risk assessment for large-scale IoT devices. Since IoT devices usually support multiple network protocols for specific collection and control tasks, we propose a cross-layer protocol fingerprint to achieve large-scale fine-grained devices identification instead of traditional single protocol fingerprint. We first design a probing scheme for gathering HTTP and TCP cross-layer packets. Then we select the specific field of the HTTP and TCP protocols based on the diversity and consistence of field value. Finally, we utilize convolutional neural network (CNN) and long-term memory network (LSTM) to extract and construct feature fingerprint of these specific fields, and achieve a fine-grain IoT devices identification with high accuracy. The experimental results show that our identification accuracy of devices model reaches 96.6%, the recall rate reaches 97.4%.
Highlights
With Internet of Things (IoT) devices exploding, the number of Internet-connected devices will grow rapidly and its impact on society is gradually increasing
More and more commercial Internet of things applications have been developed, such as the mobile crowdsourcing mentioned by Zhibo Wang et al, which is becoming an indispensable part of our life [2], which highlights the importance of Internet of things devices
We propose a fine-grained large-scale proactive IoT devices identification method based on cross-layer protocol fingerprint
Summary
With Internet of Things (IoT) devices exploding, the number of Internet-connected devices will grow rapidly and its impact on society is gradually increasing. The proactive identification method can send a request packet to any devices, and identify the device attribute (e.g. type, brand, model) according to the diversity of response. We propose a fine-grained large-scale proactive IoT devices identification method based on cross-layer protocol fingerprint. The response packet of HTTP protocol contains a large number of device banner information. We select 4 kinds of fields in the HTTP response packet and 2 kinds of fields in the TCP response packet We use these fields as the input of the CNN+LSTM neural network model to further complete the feature extraction and fingerprint construction. We propose a devices fingerprint generation method based on HTTP and TCP protocols field. We use the neural network model to extract feature and construct fingerprint, and realized the large-scale finegrain devices identification.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
