Computer Science ›› 2020, Vol. 47 ›› Issue (7): 299-306.doi: 10.11896/jsjkx.190700199

• Information Security • Previous Articles     Next Articles

Method Based on Traffic Fingerprint for IoT Device Identification and IoT Security Model

YANG Wei-chao1,2, GUO Yuan-bo1, LI Tao1, ZHU Ben-quan2   

  1. 1 School of Cryptography,University of Information Engineering,Zhengzhou 450000,China
    2 61213 Troops of the Chinese People’s Liberation Army,Linfen,Shanxi 041000,China
  • Received:2019-07-29 Online:2020-07-15 Published:2020-07-16
  • About author:YANG Wei-chao,born in 1991,M.S.candidate.His research interests include security of internet of things and so on.
    GUO Yuan-bo,born in 1975,Ph.D,professor.His research interests include network attack and defense and so on.
  • Supported by:
    This work was supported by Foundation of Science and Technology on Information Assurance Laboratory (614211203010417)

Abstract: The large-scale deployment of the Internet of Things makes it possible for vulnerable IoT devices to be connected to the network.When an attacker uses a vulnerable device to access the target internal network,it can lurk to wait for an attack.To prevent such attacks,it is necessary to develop a security mechanism for access control of suspicious devices and management of internal devices.Firstly,in order to realize the access control of suspicious devices,a device identification method is given in this paper.By setting a white list,a communication traffic feature fingerprint is constructed,and a random forest method is used to train the device identification model.Secondly,to manage internal devices,an intelligent security management model is proposed to build an ontology threat model based on assets,vulnerabilities and security mechanisms.Finally,the experimental results verify the detection performance of the device recognition model,the recognition accuracy rate is above 96%.Compared with theexisting similar methods,the results prove that the proposed method has better detection stability.

Key words: Ontology threat modeling, IoT device identification, Traffic feature extraction, White list, Random forest

CLC Number: 

  • TP393
[1] HOWELL J.Number of connected iot devices will surge to 125 billion by 2030.[EB/OL].(2018-11-07)[2019-07-15].https://technology.ihs.com/596542/.
[2] BORGIA E.The Internet of Things vision:Key features,applications and open issues[J].Computer Communications,2014,1(1):1-31.
[3] RESTUCCIA F,D’ORO S,MELODIA T.Securing the internet of things:New perspectives and research challenges[J].IEEE Internet of Things Journal,2018,1(1):1-14.
[4] STANKOVIC J A.Research directions for the internet of things[J].IEEE Internet of Things Journal,2014,1(1):3-9.
[5] PACHECO J,HARIRI S.IoT security framework for smart cyber infrastructures[C]//2016 IEEE 1st International Workshops on Foundations and Applications of Self* Systems (FAS*W).IEEE,2016:242-247.
[6] CALERO.3 Ways the Internet of Things will Impact Enterprise Security[EB/OL].(2018-06-17)[2019-7-15].https://www.calero.com/mobility-service-support/3-ways-the-internet-of-things-will-impact-enterprise-security/.
[7] BOZTAS A,RIETHOVEN A,ROELOFFS M.Smart TV forensics:Digital traces on televisions.[EB/OL].https://doi.org/10.1016/j.diin.2015.01.012.
[8] SAM B.WikiLeaks Dump Shows CIA Could Turn Smart TVs into Listening Devices[EB/OL].https://theintercept.com/2017/03/07/wikileaks-dump-shows-cia-could-turn-smart-tvs-into-listening-devices.
[9] CACHE J.Fingerprinting 802.11 implementations via statistical analysis of the duration field[J].Uninformed.org,2006,5.
[10] FRANKLIN J,MCCOY D,TABRIZ P,et al.Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting[C]//USENIX Security Symposium.2006:16-89.
[11] BOJINOV H,MICHALEVSKY Y,NAKIBLY G,et al.Mobile device identification via sensor fingerprinting[J].arXiv:1408.1416.
[12] VAN G T,SCHEEPERS W,PREUVENEERS D,et al.Accelerometer-based device fingerprinting for multi-factor mobile authentication[C]//International Symposium on Engineering Secure Software and Systems.Cham:Springer,2016:106-121.
[13] MEIDAN Y,BOHADANA M,SHABTAI A,et al.Detection of unauthorized iot devices using machine learning techniques[J].arXiv:1709.04647.
[14] NGUYEN T D,MARCHAL S,MIETTINEN M,et al.Diot:A crowdsourced self-learning approach for detecting compromised iot devices[J].arXiv:1804.07474.
[15] MEIDAN Y,BOHADANA M,SHABTAI A,et al.ProfilIoT:a machine learning approach for IoT device identification based on network traffic analysis[C]//Proceedings of the Symposium on Applied Computing.ACM,2017:506-509.
[16] SHAIKH F,BOU-HARB E,CRICHIGNO J,et al.A Machine Learning Model for Classifying Unsolicited IoT Devices by Observing Network Telescopes[C]//2018 14th International Wireless Communications & Mobile Computing Conference (IWCMC).IEEE,2018:938-943.
[17] SALMAN O,CHADDAD L,ELHAJJ I H,et al.Pushing intelligence to the network edge[C]//2018 Fifth International Conference on Software Defined Systems (SDS).IEEE,2018:87-92.
[18] THANGAVELU V,DIVAKARAN D M,SAIRAM R,et al.Deft:A distributed iot fingerprinting technique[J].IEEE Internet of Things Journal,2018,6(1):940-952.
[19] MIETTINEN M,MARCHAL S,HAFEEZ I,et al.IoT Senti-nel:Automated device-type identification for security enforcement in IoT[C]//2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS).IEEE,2017:2177-2184.
[20] DIRO A A,CHILAMKURTI N.Distributed attack detectionscheme using deep learning approach for Internet of Things[J].Future Generation Computer Systems,2018,82(1):761-768.
[21] FAURI D,KAPSALAKIS M,DOSSANTOS D R,et al.Role In-ference+ Anomaly Detection= Situational Awareness in BAC-net Networks[C]//International Conference on Detection of Intrusions and Malware,and Vulnerability Assessment.Cham:Springer,2019:461-481.
[22] MILOSLAVSKAYA N,TOLSTOY A.Internet of Things:information security challenges and solutions[J].Cluster Computing,2019,1(1):1-17.
[23] NAWIR M,AMIR A,YAAKOB N,et al.Internet of Things(IoT):Taxonomy of security attacks[C]//2016 3rd International Conference on Electronic Design (ICED).IEEE,2016:321-326.
[24] PACHECO J,ZHU X,BADR Y,et al.Enabling risk management for smart infrastructures with an anomaly behavior analysis intrusion detection system[C]//2017 IEEE 2nd International Workshops on Foundations and Applications of Self* Systems (FAS* W).IEEE,2017:324-328.
[25] MOZZAQUATRO B,AGOSTINHO C,GONCALVES D,et al.An Ontology-Based Cybersecurity Framework for the Internet of Things[J].Sensors,2018,18(9):3053-3061.
[26] MOZZAQUATRO B A,JARDIM-GONCALVES R,Agostinho C.Towards a Reference Ontology for Security in the Internet of Things[C]//IEEE International Workshop on Measurement & Networking 2015.IEEE,2015:289-296.
[27] HERZOG A,SHAHMEHRI N,DUMA C.An ontology of information security[J].International Journal of Information Security and Privacy (IJISP),2007,1(4):1-23.
[28] FENZ S,EKELHART A.Formalizing information securityknowledge[C]//Proceedings of the 4th International Symposiumon Information,Computer,and Communications Security.ACM,2009:183-194.
[29] UNDERCOFFER J,JOSHI A,PINKSTON J.Modeling com-puter attacks:An ontology for intrusion detection[C]//International Workshop on Recent Advances in Intrusion Detection.Berlin:Springer,2003:113-135.
[30] ACRIS.IoT devices setup captures (IoT Sentinel experiments) [EB/OL].https:// research.Aalto.fi/files/1150458/captures IoT Sentinel.zip.
[1] LIU Zhen-peng, SU Nan, QIN Yi-wen, LU Jia-huan, LI Xiao-fei. FS-CRF:Outlier Detection Model Based on Feature Segmentation and Cascaded Random Forest [J]. Computer Science, 2020, 47(8): 185-188.
[2] ZHAO Rui-jie, SHI Yong, ZHANG Han, LONG Jun, XUE Zhi. Webshell File Detection Method Based on TF-IDF [J]. Computer Science, 2020, 47(11A): 363-367.
[3] WANG Xiao-hui, ZHANG Liang, LI Jun-qing, SUN Yu-cui, TIAN Jie, HAN Rui-yi. Study on XGBoost Improved Method Based on Genetic Algorithm and Random Forest [J]. Computer Science, 2020, 47(11A): 454-458.
[4] ZHANG Bin-bin, WANG Juan, YUE Kun, WU Hao, HAO Jia. Performance Prediction and Configuration Optimization of Virtual Machines Based on Random Forest [J]. Computer Science, 2019, 46(9): 85-92.
[5] PANG Yu, LIU Ping, LEI Yin-jie. Realization of “Uncontrolled” Object Recognition Algorithm Based on Mobile Terminal [J]. Computer Science, 2019, 46(6A): 153-157.
[6] SHI Yu-xin, DENG Hong-min, GUO Wei-lin. Static Gesture Recognition Based on Hybrid Convolution Neural Network [J]. Computer Science, 2019, 46(6A): 165-168.
[7] CHEN Xi, LI Lei-da, LI Qiao-yue, HAN Xi-xi, ZHU Han-cheng. No-reference Quality Assessment of Depth Images Based on Natural Scenes Statistics [J]. Computer Science, 2019, 46(6): 256-262.
[8] CUI Jing-chun, WANG Jing. Face Expression Recognition Model Based on Enhanced Head Pose Estimation [J]. Computer Science, 2019, 46(6): 322-327.
[9] ZHOU Ming,JIA Yan-ming,ZHOU Cai-lan,XU Ning. English Automated Essay Scoring Methods Based on Discourse Structure [J]. Computer Science, 2019, 46(3): 234-241.
[10] GUAN Xiao-qiang, PANG Ji-fang, LIANG Ji-ye. Randomization of Classes Based Random Forest Algorithm [J]. Computer Science, 2019, 46(2): 196-201.
[11] LI Guang-hua, LI Jun-qing, ZHANG Liang, XIN Yan-sen, DENG Hua-wei. Feature Selection Method Based on Ant Colony Optimization and Random Forest [J]. Computer Science, 2019, 46(11A): 212-215.
[12] ZENG Xing, SUN Bei ,LUO Wu-sheng, LIU Tao-cheng ,LU Qin. Sitting Posture Detection System Based on Depth Sensor [J]. Computer Science, 2018, 45(7): 237-242.
[13] PENG Zheng, WANG Ling-jiao, GUO Hua. Parallel Text Categorization of Random Forest [J]. Computer Science, 2018, 45(12): 148-152.
[14] SHI Yan-wen and WANG Hong-jie. Cost-sensitive Random Forest Classifier with New Impurity Measurement [J]. Computer Science, 2017, 44(Z11): 98-101.
[15] ZHOU Xian-ting, HUANG Wen-ming and DENG Zhen-rong. Micro-blog Retweet Behavior Prediction Algorithm Based on Anomaly Detection and Random Forest [J]. Computer Science, 2017, 44(7): 191-196.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
[1] LEI Li-hui and WANG Jing. Parallelization of LTL Model Checking Based on Possibility Measure[J]. Computer Science, 2018, 45(4): 71 -75 .
[2] SUN Qi, JIN Yan, HE Kun and XU Ling-xuan. Hybrid Evolutionary Algorithm for Solving Mixed Capacitated General Routing Problem[J]. Computer Science, 2018, 45(4): 76 -82 .
[3] ZHANG Jia-nan and XIAO Ming-yu. Approximation Algorithm for Weighted Mixed Domination Problem[J]. Computer Science, 2018, 45(4): 83 -88 .
[4] WU Jian-hui, HUANG Zhong-xiang, LI Wu, WU Jian-hui, PENG Xin and ZHANG Sheng. Robustness Optimization of Sequence Decision in Urban Road Construction[J]. Computer Science, 2018, 45(4): 89 -93 .
[5] SHI Wen-jun, WU Ji-gang and LUO Yu-chun. Fast and Efficient Scheduling Algorithms for Mobile Cloud Offloading[J]. Computer Science, 2018, 45(4): 94 -99 .
[6] ZHOU Yan-ping and YE Qiao-lin. L1-norm Distance Based Least Squares Twin Support Vector Machine[J]. Computer Science, 2018, 45(4): 100 -105 .
[7] LIU Bo-yi, TANG Xiang-yan and CHENG Jie-ren. Recognition Method for Corn Borer Based on Templates Matching in Muliple Growth Periods[J]. Computer Science, 2018, 45(4): 106 -111 .
[8] GENG Hai-jun, SHI Xin-gang, WANG Zhi-liang, YIN Xia and YIN Shao-ping. Energy-efficient Intra-domain Routing Algorithm Based on Directed Acyclic Graph[J]. Computer Science, 2018, 45(4): 112 -116 .
[9] CUI Qiong, LI Jian-hua, WANG Hong and NAN Ming-li. Resilience Analysis Model of Networked Command Information System Based on Node Repairability[J]. Computer Science, 2018, 45(4): 117 -121 .
[10] WANG Zhen-chao, HOU Huan-huan and LIAN Rui. Path Optimization Scheme for Restraining Degree of Disorder in CMT[J]. Computer Science, 2018, 45(4): 122 -125 .