An efficient Internet of Things (IoT) device fingerprinting approach using machine learning
Date
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Internet of Things (IoT) usage is steadily becoming a way of life. IoT devices have applications in smart homes, factories, and farming. Thousands of IoT devices are hooked up to the cyberspace each day. However, the increased usage of IoT devices comes with many security concerns due to their small and constrained build-up; consequently, perpetrators could target an IoT device as an access point to attack the whole network. Further, the number of IoT device manufacturers keeps expanding by the day, although a high number of these manufacturers have less or little knowledge about IoT security. Therefore, a comprised IoT device in a network presents a vulnerability for an attacker to exploit the network. Notwithstanding, relying on the most typical approaches to securing IoT devices is becoming increasingly complex and less prone to attackers. To determine the identities (fingerprints) and nature of these devices, Mobile Network Operators (MNOs) often analyze the traffic generated by these devices (legitimate, faulty, or malicious). When a new IoT device is attached to the network and is compromised, the fingerprinting process takes quick action to determine the real identity of the device. This thesis presents an effective way to fingerprint IoT devices using machine learning. Many security benefits come with fingerprinting IoT devices on a network, including automatic vulnerability patching, the introduction of behaviour-based anomaly detection, and dynamic attack mitigation. A better way of securing IoT devices is by using a machine-learning algorithm to fingerprint IoT devices in the network accurately. This process should be achieved using minimal features to reduce the amount of data to process, which is critical in real-time prediction applications. Focusing on the optimal (minimal) features of IoT devices requires accurately fingerprinting the device. In this study, new features were generated from the original features of an IoT dataset that contains IoT network traffic. These new features, extracted using reduction methods, were then trained on selected machine learning algorithms, and the prediction quality of each model was analyzed. The obtained results are appealing. Indeed, with only five (5) features instead of the 17 features from the original dataset, the proposed solution is capable of accurately fingerprinting IoT devices with an accuracy of 97%, as measured using the Precision, Recall, and Harmonic mean metrics.