Skip to main content
SpringerLink
Log in
Book cover

International Symposium on Cyber Security Cryptography and Machine Learning

CSCML 2021: Cyber Security Cryptography and Machine Learning pp 432–450Cite as

Trust and Verify: A Complexity-Based IoT Behavioral Enforcement Method

  • Conference paper
  • First Online:

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 12716))

Abstract

In an Internet of Things (IoT) environment, devices may become compromised by cyber or physical attacks causing security and privacy breaches. When a device is compromised, its network behavior changes. In an IoT environment where there is insufficient attack data available and the data is unlabeled, novelty detection algorithms may be used to detect outliers. A novelty threshold determines whether the network flow is an outlier. In an IoT environment, we have different types of devices, some more complex than others. Simple devices have more predictable network behavior than complex ones. This work introduces a novel access control method for IoT devices by tuning novelty detection algorithm hyper-parameters based on a device’s network complexity. This method relies only on network flow characteristics and is accomplished in an autonomous fashion requiring no labeled data. By analyzing connection based parameters and variance of each device’s network traffic, we develop a formalized measurement of complexity for each device. We show that this complexity measure is positively correlated to how accurately a device can be modeled by a novelty detection algorithm. We then use this complexity metric to tune the hyper-parameters of the algorithm specific to each device. We propose an enforcement architecture based on Software Defined Networking (SDN) that uses the complexity of the device to define the precision of the decision boundary of the novelty algorithm.

This work was supported by NSF under Award Number CNS 1822118, Cyber Risk Research, NIST, Statnett, AMI, and Cable Television Laboratories.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

References

  1. Apthorpe, N., Reisman, D., Feamster, N.: A smart home is no castle: Privacy vulnerabilities of encrypted IOT traffic. arXiv preprint arXiv:1705.06805 (2017)

  2. Bezawada, B., Bachani, M., Peterson, J., Shirazi, H., Ray, I., Ray, I.: Behavioral fingerprinting of IOT devices. In: Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, pp. 41–50. ACM (2018)

    Google Scholar 

  3. Bialek, W., Nemenman, I., Tishby, N.: Predictability, complexity, and learning. Neural Comput. 13(11), 2409–2463 (2001)

    Article  Google Scholar 

  4. Fagan, M., Megas, K., Scarfone, K., Matthew, S.: Core cybersecurity feature baseline for securable IOT devices. Technical report, National Institute of Standards and Technology (2019)

    Google Scholar 

  5. Group, C.C.W.: The c2 consensus on IOT device security baseline capabilities. Technical report, Consumer Technology Association (2019)

    Google Scholar 

  6. Haefner, K., Ray, I.: Complexiot: behavior-based trust for IOT networks. In: 2019 First IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA), pp. 56–65. IEEE (2019)

    Google Scholar 

  7. Hafeez, I., Antikainen, M., Ding, A.Y., Tarkoma, S.: Iot-keeper: Securing IOT communications in edge networks. arXiv preprint arXiv:1810.08415 (2018)

  8. Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: Ddos in the IOT Mirai and other botnets. Computer 50(7), 80–84 (2017)

    Google Scholar 

  9. Kolmogorov, A.N.: On tables of random numbers. Sankhyā: The Indian Journal of Statistics, Series A, pp. 369–376 (1963)

    Google Scholar 

  10. Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Network traffic classifier with convolutional and recurrent neural networks for internet of things. IEEE Access 5, 18042–18050 (2017)

    Article  Google Scholar 

  11. Manevitz, L.M., Yousef, M.: One-class svms for document classification. J. Mach. Learn. Res. 2(12), 139–154 (2001)

    Google Scholar 

  12. Marchal, S., Miettinen, M., Nguyen, T.D., Sadeghi, A.R., Asokan, N.: Audi: toward autonomous IOT device-type identification using periodic communication. IEEE J. Sel. Areas Commun. 37(6), 1402–1412 (2019)

    Article  Google Scholar 

  13. Miettinen, M., Marchal, S., Hafeez, I., Asokan, N., Sadeghi, A.R., Tarkoma, S.: Iot sentinel: automated device-type identification for security enforcement in IOT. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2177–2184. IEEE (2017)

    Google Scholar 

  14. Nguyen, T.D., Marchal, S., Miettinen, M., Fereidooni, H., Asokan, N., Sadeghi, A.R.: Dïot: a federated self-learning anomaly detection system for IOT. In: 2019 IEEE 39th International Conference on Distributed Computing Systems (ICDCS), pp. 756–767. IEEE (2019)

    Google Scholar 

  15. An extensible netflow v5/v9/ipfix probe for ipv4/v6 (2020). https://www.ntop.org/products/netflow/nprobe/

  16. Openflow switch erata, open networking foundation, onf ts-001 (2012). https://www.opennetworking.org/wp-content/uploads/2013/07/openflow-spec-v1.0.1.pdf

  17. Production quality, multilayer open virtual switch (2019). https://www.openvswitch.org

  18. Ortiz, J., Crawford, C., Le, F.: Devicemien: network device behavior modeling for identifying unknown IOT devices. In: Proceedings of the International Conference on Internet of Things Design and Implementation, pp. 106–117. ACM (2019)

    Google Scholar 

  19. Ren, J., Dubois, D.J., Choffnes, D., Mandalari, A.M., Kolcun, R., Haddadi, H.: Information exposure from consumer IOT devices: a multidimensional, network-informed measurement approach. In: Proceedings of the Internet Measurement Conference, pp. 267–279. ACM (2019)

    Google Scholar 

  20. Requirements for internet hosts - communication layers (1989). https://tools.ietf.org/html/rfc1122

  21. Rissanen, J.: Stochastic complexity in statistical inquiry. World Scientific (1989)

    Google Scholar 

  22. Ryu sdn framework (2019). https://osrg.github.io/ryu/

  23. Sachidananda, V., Siboni, S., Shabtai, A., Toh, J., Bhairav, S., Elovici, Y.: Let the cat out of the bag: a holistic approach towards security analysis of the internet of things. In: Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security, pp. 3–10. ACM (2017)

    Google Scholar 

  24. Various: Open connectivity foundation (ocf) specification – part 2: Security specification. Standard, Open Connectivity Foundation (2019)

    Google Scholar 

  25. Wilson, C., Hargreaves, T., Hauxwell-Baldwin, R.: Benefits and risks of smart home technologies. Energ. Policy 103, 72–83 (2017)

    Article  Google Scholar 

  26. Yang, Y., Wu, L., Yin, G., Li, L., Zhao, H.: A survey on security and privacy issues in internet-of-things. IEEE Internet Things J. 4(5), 1250–1258 (2017)

    Article  Google Scholar 

  27. Zhao, K., Ge, L.: A survey on the internet of things security. In: 2013 Ninth International Conference on Computational Intelligence and Security, pp. 663–667. IEEE (2013)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Colorado State University, Fort Collins, CO, 80523, USA

    Kyle Haefner & Indrakshi Ray

Authors
  1. Kyle Haefner
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Indrakshi Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Kyle Haefner .

Editor information

Editors and Affiliations

  1. Ben-Gurion University of the Negev, Be'er Sheva, Israel

    Shlomi Dolev

  2. Ben-Gurion University of the Negev, Be'er Sheva, Israel

    Oded Margalit

  3. Bar-Ilan University, Tel Aviv, Israel

    Benny Pinkas

  4. Augusta University, Augusta, GA, USA

    Alexander Schwarzmann

Rights and permissions

Reprints and permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Haefner, K., Ray, I. (2021). Trust and Verify: A Complexity-Based IoT Behavioral Enforcement Method. In: Dolev, S., Margalit, O., Pinkas, B., Schwarzmann, A. (eds) Cyber Security Cryptography and Machine Learning. CSCML 2021. Lecture Notes in Computer Science(), vol 12716. Springer, Cham. https://doi.org/10.1007/978-3-030-78086-9_32

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-78086-9_32

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-78085-2

  • Online ISBN: 978-3-030-78086-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation