DOI : https://doi.org/10.18517/ijaseit.12.1.14349

Early Generation and Detection of Efficient IoT Device Fingerprints Using Machine Learning

Vian Adnan Ferman (1), Mohammed Ali Tawfeeq (2)
(1) Computer Engineering Dept, Mustansiriyah University, Baghdad,10052, Iraq
(2) Computer Engineering Dept, Mustansiriyah University, Baghdad,10052, Iraq
Fulltext View | Download
How to cite (IJASEIT) :
Adnan Ferman, Vian, and Mohammed Ali Tawfeeq. “Early Generation and Detection of Efficient IoT Device Fingerprints Using Machine Learning”. International Journal on Advanced Science, Engineering and Information Technology, vol. 12, no. 1, Jan. 2022, pp. 53-60, doi:10.18517/ijaseit.12.1.14349.
Citation Format :
The proliferation of Internet of Things (IoT) markets in the last decade introduces new challenges for network traffic analysis, and processing packet flows to identify IoT devices. This type of device suffers from scarcity, making them vulnerable to spoofing operations. In such circumstances, the device can be recognized by identifying its fingerprint. In this paper, a novel idea to elicit Device FingerPrint (DFP) is presented by extracting 30 features from the collected traffic packets of 19 IoT devices during setup and startup operations. Raspberry Pi 3 Model B+ is configured as an access point to collect and analyze the traffic of seven networked IoT devices using Wireshark Network Protocol Analyzer. Moreover, the rest of IoT devices traffic is taken from the publicly available network traffic dataset. Each IoT device's feature extraction process starts from getting Extensible Authentication Protocol over LAN (EAPOL) protocol, continuing with the other flowed protocols until the first session of Transmission Control Protocol (TCP) related to that device is closed. Depending on some produced variation of device traffic features, 20 fingerprints for each device are created. The probability theorem of Gaussian Naive Bayes (GNB) supervised machine learning is utilized to identify fingerprints of individual known devices and isolate the unknown ones. The performance evaluation for the proposed technique was calculated based on two measures, F1-score and identification accuracy. The average F1 score was around 0.99, while the overall identification accuracy rate was 98.35%.

A. Aksoy and M. H. Gunes, “Automated IoT device identification using network traffic,” in ICC 2019-2019 IEEE International Conference on Communications (ICC), 2019, pp. 1-7.

S. Zeadally and M. Tsikerdekis, “Securing Internet of Things (IoT) with machine learning,” Int. J. Commun. Syst., vol. 33, no. 1, p. e4169, 2020.

A. Sivanathan et al., “Classifying IoT devices in smart environments using network traffic characteristics,” IEEE Trans. Mob. Comput., vol. 18, no. 8, pp. 1745-1759, 2018.

T. Alam, “A reliable communication framework and its use in internet of things (IoT),” CSEIT1835111| Receiv., vol. 10, pp. 450-456, 2018.

B. Charyyev and M. H. Gunes, “IoT Traffic Flow Identification using Locality Sensitive Hashes,” in ICC 2020-2020 IEEE International Conference on Communications (ICC), 2020, pp. 1-6.

C. Kolias, G. Kambourakis, A. Stavrou, and J. Voas, “DDoS in the IoT: Mirai and other botnets,” Computer (Long. Beach. Calif)., vol. 50, no. 7, pp. 80-84, 2017.

M. Antonakakis et al., “Understanding the mirai botnet,” in 26th {USENIX} security symposium ({USENIX} Security 17), 2017, pp. 1093-1110.

M. M. Salim, S. Rathore, and J. H. Park, “Distributed denial of service attacks and its defenses in IoT: a survey,” J. Supercomput., pp. 1-44, 2019.

L. Bai, L. Yao, S. S. Kanhere, X. Wang, and Z. Yang, “Automatic device classification from network traffic streams of internet of things,” in 2018 IEEE 43rd conference on local computer networks (LCN), 2018, pp. 1-9.

A. Sivanathan et al., “Characterizing and classifying IoT traffic in smart cities and campuses,” in 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), 2017, pp. 559-564.

S. Aneja, N. Aneja, and M. S. Islam, “IoT device fingerprint using deep learning,” in 2018 IEEE International Conference on Internet of Things and Intelligence System (IOTAIS), 2018, pp. 174-179.

Q. Xu, R. Zheng, W. Saad, and Z. Han, “Device fingerprinting in wireless networks: Challenges and opportunities,” IEEE Commun. Surv. Tutorials, vol. 18, no. 1, pp. 94-104, 2015.

M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, A.-R. Sadeghi, and S. Tarkoma, “IoT sentinel: Automated device-type identification for security enforcement in IoT,” in 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), 2017, pp. 2177-2184.

“The kaggle website,” 2021..

Y. Meidan et al., “ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis,” in Proceedings of the symposium on applied computing, 2017, pp. 506-509.

Y. C. Lin and F. Wang, “Machine Learning Techniques for Recognizing IoT Devices,” in International Computer Symposium, 2018, pp. 673-680.

M. R. Shahid, G. Blanc, Z. Zhang, and H. Debar, “Iot devices recognition through network traffic analysis,” in 2018 IEEE International Conference on Big Data (Big Data), 2018, pp. 5187-5192.

S. A. Hamad, W. E. Zhang, Q. Z. Sheng, and S. Nepal, “IoT device Identification via network-flow based fingerprinting and learning,” in 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2019, pp. 103-111.

J. Kotak and Y. Elovici, “IoT device identification using deep learning,” in Conference on Complex, Intelligent, and Software Intensive Systems, 2020, pp. 76-86.

B. Bezawada, M. Bachani, J. Peterson, H. Shirazi, I. Ray, and I. Ray, “Iotsense: Behavioral fingerprinting of IoT devices,” arXiv Prepr. arXiv1804.03852, 2018.

O. Salman, I. H. Elhajj, A. Chehab, and A. Kayssi, “A machine learning-based framework for IoT device identification and abnormal traffic detection,” Trans. Emerg. Telecommun. Technol., p. e3743, 2019.

L. Deng, Y. Feng, D. Chen, and N. Rishe, “IoTspot: Identifying the IoT devices using their anonymous network traffic data,” in MILCOM 2019-2019 IEEE Military Communications Conference (MILCOM), 2019, pp. 1-6.

W. Cheng, Z. Ding, C. Xu, X. Wu, Y. Xia, and J. Mao, “RAFM: A Real-time Auto Detecting and Fingerprinting Method for IoT devices,” in Journal of Physics: Conference Series, 2020, vol. 1518, no. 1, p. 12043.

J. Bao, B. Hamdaoui, and W.-K. Wong, “IoT device type identification using hybrid deep learning approach for increased IoT security,” in 2020 International Wireless Communications and Mobile Computing (IWCMC), 2020, pp. 565-570.

L. Nagy and A. ColeÅŸa, “Router-based IoT Security using Raspberry Pi,” in 2019 18th RoEduNet Conference: Networking in Education and Research (RoEduNet), 2019, pp. 1-6.

J. Brownlee, “Naive Bayes,” in Master Machine Learning Algorithms: discover how they work and implement them from scratch. 2016.

F.-J. Yang, “An implementation of naive Bayes classifier,” in 2018 International Conference on Computational Science and Computational Intelligence (CSCI), 2018, pp. 301-306.

Authors who publish with this journal agree to the following terms:

    1. Authors retain copyright and grant the journal right of first publication with the work simultaneously licensed under a Creative Commons Attribution License that allows others to share the work with an acknowledgement of the work's authorship and initial publication in this journal.
    2. Authors are able to enter into separate, additional contractual arrangements for the non-exclusive distribution of the journal's published version of the work (e.g., post it to an institutional repository or publish it in a book), with an acknowledgement of its initial publication in this journal.
    3. Authors are permitted and encouraged to post their work online (e.g., in institutional repositories or on their website) prior to and during the submission process, as it can lead to productive exchanges, as well as earlier and greater citation of published work (See The Effect of Open Access).