Device Identification in IoT Networks using Network Trace Fingerprinting

Abstract

With the rapid growth in the number of IoT (Internet of Things) devices becoming part of the network, the management and monitoring of these connected devices is becoming increasingly difficult. IoT networks handle the data produced by the physical world, and with the increase in the number of IoT devices, the exploitation of these devices has also increased. Because these devices are constrained in terms of power and computational capabilities, they cannot handle complex cryptographic schemes. Most devices are manufactured on a mass scale with different deployment options and vendors, so they can be easily tampered with or compromised,even if device authentication is part of their operation, there is still a high chance of intrusion in the IoT ecosystem and these devices are prone to attacks.The data collected are critical or personal and require strict security and privacy. Therefore, the security of the IoT devices is crucial. Devices are typically authenticated once (typically when they connect to the network for the first time) and are expected to continuously relay data. Even though they are required to periodically re-authenticate, the device constraints do not facilitate this, thereby resulting in a security concern if compromised. The proposed approach is to secure IoT devices by keeping track of devices connected to the network. Hence, a device fingerprint is created from a network trace that identifies the different types of devices connected to the network. Five additional features are included in the dataset used in [1]. The new device fingerprint contributed to higher accuracy. The labeled data are fed into a machine learning model for the classification of the types of devices, where the accuracy increased to 84.5%. and F1-score of 83.3%.