Skip to main content
SpringerLink
Log in

Deriving Interpretable Rules for IoT Discovery Through Attention

  • Conference paper
  • First Online:
Book cover Internet of Things - ICIOT 2020 (ICIOT 2020)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 12405))

Included in the following conference series:

Abstract

Due to their high vulnerability, IoT has become a primary target for cybercriminals (e.g., botnets, network infiltration). As a result, many solutions have been developed to help users and administrators identify IoT devices. While solutions based on deep learning have been shown to outperform traditional approaches in other domains, their lack of explanation and their inference latency present major obstacles for their adoption in network traffic analysis, where throughputs of Gbps are typically expected. Extracting rules from a trained neural network presents a compelling solution, but existing methods are limited to feedforward networks, and RNN/LSTM. In contrast, attention-based models are a more recent architecture, and are replacing RNN/LSTM due to their higher performance. In this paper, we therefore propose a novel efficient algorithm to extract rules from a trained attention-based model. Evaluations on actual packet traces of more than 100 IoT devices demonstrate that the proposed algorithm reduces the storage requirements and inference latency by 4 orders of magnitude while still achieving an average f1-score of 0.995 and a fidelity score of 98.94%. Further evaluation on an independent dataset also shows improved generalization performance: The extracted rules achieve better performance, especially thanks to their inherent capability to identify unknown devices.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    Notations were slightly modified.

References

  1. Hautala, L.: Why it was so easy to hack the cameras that took down the web. In: CNET Security, October 2016

    Google Scholar 

  2. Palmer, D.: 175,000 IoT cameras can be remotely hacked thanks to flaw, says security researcher. In: ZDNet, July 2017

    Google Scholar 

  3. Yu, T., Sekar, V., Seshan, S., Agarwal, Y., Xu, C.: Handling a trillion (unfixable) flaws on a billion devices: rethinking network security for the internet-of-things. In: Proceedings of the 14th ACM Workshop on Hot Topics in Networks, HotNets-XIV (2015)

    Google Scholar 

  4. Sivanathan, A., et al.: Characterizing and classifying IoT traffic in smart cities and campuses. In: IEEE Infocom Workshop Smart Cities and Urban Computing (2017)

    Google Scholar 

  5. Miettinen, M., et al.: Iot sentinel demo: automated device-type identification for security enforcement in iot. In: IEEE ICDCS (2017)

    Google Scholar 

  6. Meidan, Y., et al.: Profiliot: a machine learning approach for IoT device identification based on network traffic analysis, April 2017

    Google Scholar 

  7. Guo, H., Heidemann, J.: IP-based IoT device detection. In: Proceedings of the 2018 Workshop on IoT Security and Privacy, IoT Samp;P 2018, (New York, NY, USA), pp. 36–42. Association for Computing Machinery (2018)

    Google Scholar 

  8. Ortiz, J., Crawford, C., Le, F.: Devicemien: network device behavior modeling for identifying unknown Iot devices. In: Proceedings of the International Conference on Internet of Things Design and Implementation, IoTDI 2019, (New York, NY, USA), pp. 106–117. Association for Computing Machinery (2019)

    Google Scholar 

  9. Bremler-Barr, A., Levy, H., Yakhini, Z.: IoT or not: identifying IoT devices in a shorttime scale (2019)

    Google Scholar 

  10. Mazhar, M.H., Shafiq, Z.: Characterizing smart home IoT traffic in the wild (2020)

    Google Scholar 

  11. Huang, D.Y., Apthorpe, N., Acar, G., Li, F., Feamster, N.: Iot inspector: crowdsourcing labeled network traffic from smart home devices at scale (2019)

    Google Scholar 

  12. Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31(23–24), 2435–2463 (1999)

    Article  Google Scholar 

  13. Roesch, M.: Snort - lightweight intrusion detection for networks. In: Proceedings of the 13th USENIX Conference on System Administration, LISA 1999 (USA), pp. 229–238. USENIX Association (1999)

    Google Scholar 

  14. Cleeremans, A., Servan-Schreiber, D., Mcclelland, J.: Finite state automata and simple recurrent networks. Neural Comput. - NECO 1, 372–381 (1989)

    Article  Google Scholar 

  15. Hayashi, Y., Imura, A.: Fuzzy neural expert system with automated extraction of fuzzy if-then rules from a trained neural network. In: Proceedings First International Symposium on Uncertainty Modeling and Analysis (1990)

    Google Scholar 

  16. Towell, G.G., Shavlik, J.W.: The extraction of refined rules from knowledge-based neural networks. In: Machine Learning, pp. 71–101 (1993)

    Google Scholar 

  17. Fu, L.: Rule generation from neural networks. In: IEEE Transactions on Systems, Man, and Cybernetics (1994)

    Google Scholar 

  18. Omlin, C., Giles, C.: Extraction of rules from discrete-time recurrent neural network. Neural Netw. 9, 41–52 (2001)

    Article  Google Scholar 

  19. Murdoch, W.J., Szlam, A.: Automatic rule extraction from long short term memory networks, CoRR, vol. abs/1702.02540 (2017)

    Google Scholar 

  20. Ribeiro, M.T., Singh, S., Guestrin, C.: “why should i trust you?": explaining the predictions of any classifier. In: Proceedings of the 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, KDD 2016, (New York, NY, USA), pp. 1135–1144. Association for Computing Machinery (2016)

    Google Scholar 

  21. Bahdanau, D., Cho, K., Bengio, Y.: Neural machine translation by jointly learning to align and translate. arXiv e-prints, p. arXiv:1409.0473, September 2014

  22. Xu, K., et al.: Show, attend and tell: neural image caption generation with visual attention. arXiv e-prints, p. arXiv:1502.03044, February 2015

  23. Chorowski, J.K., Bahdanau, D., Serdyuk, D., Cho, K., Bengio, Y.: Attention-based models for speech recognition. In: Cortes, C., Lawrence, N.D., Lee, D.D., Sugiyama, M., Garnett, R. (eds.) Advances in Neural Information Processing Systems 28, pp. 577–585. Curran Associates Inc. (2015)

    Google Scholar 

  24. Sutskever, I., Vinyals, O., Le, Q.V.: Sequence to sequence learning with neural networks. arXiv e-prints, p. arXiv:1409.3215, September 2014

  25. Cho, K., van Merrienboer, B., Gülçehre, Ç., Bougares, F., Schwenk, H., Bengio, Y.: Learning phrase representations using RNN encoder-decoder for statistical machine translation. CoRR, vol. abs/1406.1078 (2014)

    Google Scholar 

  26. Rayome, A.D.: Security flaw made 175,000 iot cameras vulnerable to becoming spy cams for hackers. https://www.techrepublic.com/article/security-flaw-made-175000-iot-cameras-vulnerable-to-becoming-spy-cams-for-hackers//. Accessed 01 August 2017

Download references

Acknowledgment

The authors would like to thank the anonymous reviewers for their suggestions, and comments.

Author information

Authors and Affiliations

  1. IBM T.J. Watson Research Center, Yorktown Heights, USA

    Franck Le & Mudhakar Srivatsa

Authors
  1. Franck Le
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Mudhakar Srivatsa
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Franck Le .

Editor information

Editors and Affiliations

  1. North China University of Technology, Beijing, China

    Wei Song

  2. Louisiana State University, Baton Rouge, LA, USA

    Kisung Lee

  3. Georgia State University, Atlanta, GA, USA

    Zhisheng Yan

  4. Kingdee International Software Group Co., Ltd., Shenzhen, China

    Liang-Jie Zhang

  5. Kingdee International Software Group Co., Ltd., Hong Kong, China

    Huan Chen

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Le, F., Srivatsa, M. (2020). Deriving Interpretable Rules for IoT Discovery Through Attention. In: Song, W., Lee, K., Yan, Z., Zhang, LJ., Chen, H. (eds) Internet of Things - ICIOT 2020. ICIOT 2020. Lecture Notes in Computer Science(), vol 12405. Springer, Cham. https://doi.org/10.1007/978-3-030-59615-6_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-59615-6_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-59614-9

  • Online ISBN: 978-3-030-59615-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation