Abstract
In an Internet of Things (IoT) environment, devices may become compromised by cyber or physical attacks causing security and privacy breaches. When a device is compromised, its network behavior changes. In an IoT environment where there is insufficient attack data available and the data is unlabeled, novelty detection algorithms may be used to detect outliers. A novelty threshold determines whether the network flow is an outlier. In an IoT environment, we have different types of devices, some more complex than others. Simple devices have more predictable network behavior than complex ones. This work introduces a novel access control method for IoT devices by tuning novelty detection algorithm hyper-parameters based on a device’s network complexity. This method relies only on network flow characteristics and is accomplished in an autonomous fashion requiring no labeled data. By analyzing connection based parameters and variance of each device’s network traffic, we develop a formalized measurement of complexity for each device. We show that this complexity measure is positively correlated to how accurately a device can be modeled by a novelty detection algorithm. We then use this complexity metric to tune the hyper-parameters of the algorithm specific to each device. We propose an enforcement architecture based on Software Defined Networking (SDN) that uses the complexity of the device to define the precision of the decision boundary of the novelty algorithm.
This work was supported by NSF under Award Number CNS 1822118, Cyber Risk Research, NIST, Statnett, AMI, and Cable Television Laboratories.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Apthorpe, N., Reisman, D., Feamster, N.: A smart home is no castle: Privacy vulnerabilities of encrypted IOT traffic. arXiv preprint arXiv:1705.06805 (2017)
Bezawada, B., Bachani, M., Peterson, J., Shirazi, H., Ray, I., Ray, I.: Behavioral fingerprinting of IOT devices. In: Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, pp. 41–50. ACM (2018)
Bialek, W., Nemenman, I., Tishby, N.: Predictability, complexity, and learning. Neural Comput. 13(11), 2409–2463 (2001)
Fagan, M., Megas, K., Scarfone, K., Matthew, S.: Core cybersecurity feature baseline for securable IOT devices. Technical report, National Institute of Standards and Technology (2019)
Group, C.C.W.: The c2 consensus on IOT device security baseline capabilities. Technical report, Consumer Technology Association (2019)
Haefner, K., Ray, I.: Complexiot: behavior-based trust for IOT networks. In: 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), pp. 56–65. IEEE (2019)
Hafeez, I., Antikainen, M., Ding, A.Y., Tarkoma, S.: Iot-keeper: Securing IOT communications in edge networks. arXiv preprint arXiv:1810.08415 (2018)
Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: Ddos in the IOT Mirai and other botnets. Computer 50(7), 80–84 (2017)
Kolmogorov, A.N.: On tables of random numbers. Sankhyā: The Indian Journal of Statistics, Series A, pp. 369–376 (1963)
Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Network traffic classifier with convolutional and recurrent neural networks for internet of things. IEEE Access 5, 18042–18050 (2017)
Manevitz, L.M., Yousef, M.: One-class svms for document classification. J. Mach. Learn. Res. 2(12), 139–154 (2001)
Marchal, S., Miettinen, M., Nguyen, T.D., Sadeghi, A.R., Asokan, N.: Audi: toward autonomous IOT device-type identification using periodic communication. IEEE J. Sel. Areas Commun. 37(6), 1402–1412 (2019)
Miettinen, M., Marchal, S., Hafeez, I., Asokan, N., Sadeghi, A.R., Tarkoma, S.: Iot sentinel: automated device-type identification for security enforcement in IOT. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2177–2184. IEEE (2017)
Nguyen, T.D., Marchal, S., Miettinen, M., Fereidooni, H., Asokan, N., Sadeghi, A.R.: Dïot: a federated self-learning anomaly detection system for IOT. In: 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp. 756–767. IEEE (2019)
An extensible netflow v5/v9/ipfix probe for ipv4/v6 (2020). https://www.ntop.org/products/netflow/nprobe/
Openflow switch erata, open networking foundation, onf ts-001 (2012). https://www.opennetworking.org/wp-content/uploads/2013/07/openflow-spec-v1.0.1.pdf
Production quality, multilayer open virtual switch (2019). https://www.openvswitch.org
Ortiz, J., Crawford, C., Le, F.: Devicemien: network device behavior modeling for identifying unknown IOT devices. In: Proceedings of the International Conference on Internet of Things Design and Implementation, pp. 106–117. ACM (2019)
Ren, J., Dubois, D.J., Choffnes, D., Mandalari, A.M., Kolcun, R., Haddadi, H.: Information exposure from consumer IOT devices: a multidimensional, network-informed measurement approach. In: Proceedings of the Internet Measurement Conference, pp. 267–279. ACM (2019)
Requirements for internet hosts - communication layers (1989). https://tools.ietf.org/html/rfc1122
Rissanen, J.: Stochastic complexity in statistical inquiry. World Scientific (1989)
Ryu sdn framework (2019). https://osrg.github.io/ryu/
Sachidananda, V., Siboni, S., Shabtai, A., Toh, J., Bhairav, S., Elovici, Y.: Let the cat out of the bag: a holistic approach towards security analysis of the internet of things. In: Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 3–10. ACM (2017)
Various: Open connectivity foundation (ocf) specification – part 2: Security specification. Standard, Open Connectivity Foundation (2019)
Wilson, C., Hargreaves, T., Hauxwell-Baldwin, R.: Benefits and risks of smart home technologies. Energ. Policy 103, 72–83 (2017)
Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 4(5), 1250–1258 (2017)
Zhao, K., Ge, L.: A survey on the internet of things security. In: 2013 Ninth International Conference on Computational Intelligence and Security, pp. 663–667. IEEE (2013)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Haefner, K., Ray, I. (2021). Trust and Verify: A Complexity-Based IoT Behavioral Enforcement Method. In: Dolev, S., Margalit, O., Pinkas, B., Schwarzmann, A. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2021. Lecture Notes in Computer Science(), vol 12716. Springer, Cham. https://doi.org/10.1007/978-3-030-78086-9_32
Download citation
DOI: https://doi.org/10.1007/978-3-030-78086-9_32
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-78085-2
Online ISBN: 978-3-030-78086-9
eBook Packages: Computer ScienceComputer Science (R0)