TY - GEN
T1 - Iot device identification using deep learning
AU - Kotak, Jaidip
AU - Elovici, Yuval
N1 - Publisher Copyright:
© The Editor(s) (if applicable) and The Author(s), under exclusive license to Springer Nature Switzerland AG 2021.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers due to the less secure nature of the devices. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization’s network also increases the risk of attacks. In order to address this threat, organizations often implement security policies in which only the connection of white-listed IoT devices is permitted. To monitor adherence to such policies and protect their networks, organizations must be able to identify the IoT devices connected to their networks and, more specifically, to identify connected IoT devices that are not on the white-list (unknown devices). In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network. In contrast to previous work, our approach does not require that complex feature engineering be applied on the network traffic, since we represent the “communication behavior” of IoT devices using small images built from the IoT devices’ network traffic payloads. In our experiments, we trained a multiclass classifier on a publicly available dataset, successfully identifying 10 different IoT devices and the traffic of smartphones and computers, with over 99% accuracy. We also trained multiclass classifiers to detect unauthorized IoT devices connected to the network, achieving over 99% overall average detection accuracy.
AB - The growing use of IoT devices in organizations has increased the number of attack vectors available to attackers due to the less secure nature of the devices. The widely adopted bring your own device (BYOD) policy which allows an employee to bring any IoT device into the workplace and attach it to an organization’s network also increases the risk of attacks. In order to address this threat, organizations often implement security policies in which only the connection of white-listed IoT devices is permitted. To monitor adherence to such policies and protect their networks, organizations must be able to identify the IoT devices connected to their networks and, more specifically, to identify connected IoT devices that are not on the white-list (unknown devices). In this study, we applied deep learning on network traffic to automatically identify IoT devices connected to the network. In contrast to previous work, our approach does not require that complex feature engineering be applied on the network traffic, since we represent the “communication behavior” of IoT devices using small images built from the IoT devices’ network traffic payloads. In our experiments, we trained a multiclass classifier on a publicly available dataset, successfully identifying 10 different IoT devices and the traffic of smartphones and computers, with over 99% accuracy. We also trained multiclass classifiers to detect unauthorized IoT devices connected to the network, achieving over 99% overall average detection accuracy.
KW - Cyber security
KW - Deep learning
KW - Internet of Things (IoT)
KW - IoT device identification
UR - http://www.scopus.com/inward/record.url?scp=85091164092&partnerID=8YFLogxK
U2 - 10.1007/978-3-030-57805-3_8
DO - 10.1007/978-3-030-57805-3_8
M3 - Conference contribution
AN - SCOPUS:85091164092
SN - 9783030578046
T3 - Advances in Intelligent Systems and Computing
SP - 76
EP - 86
BT - 13th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2020
A2 - Herrero, Álvaro
A2 - Cambra, Carlos
A2 - Urda, Daniel
A2 - Sedano, Javier
A2 - Quintián, Héctor
A2 - Corchado, Emilio
PB - Springer Science and Business Media Deutschland GmbH
T2 - 13th International Conference on Computational Intelligence in Security for Information Systems, CISIS 2020
Y2 - 16 September 2020 through 18 September 2020
ER -