Abstract
IoT devices are widely present in production and life. To provide unique resource requirements and Quality of Service for different device types, we are prompted to implement IoT device identification. Existing IoT device identification methods either need to extract features manually or suffer from low effectiveness. In addition, these methods mainly focus on plaintext traffic, and their effectiveness will not work in the encryption era. It remains a challenging task to conduct IoT device identification via TLS encrypted traffic analysis accurately. This work fills the gap by presenting THG-IoT, a novel device identification method using graph convolutional network (GCN). We propose a graph structure named traffic heterogeneous graph (THG), an information-rich representation of encrypted IoT network traffic. The key novelty of THG is two-fold: i) it is a traffic heterogeneous graph containing two kinds of nodes and two kinds of edges. Compared with the sequence model, THG can better model the relationship between the flows and the packets. ii) it implicitly reserves multiple heterogeneous information, including packet length, packet message type, packet context, and flow composition, in the bidirectional packet sequence. Moreover, we utilize THG to convert IoT device identification into a graph node classification problem and design a powerful GCN-based classifier. The experimental results show that THG-IoT achieves excellent performance. The TPR exceeds 95% and the FPR is less than 0.4%, superior to the state-of-the-art methods.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Aneja, S., Aneja, N., Islam, M.S.: IoT device fingerprint using deep learning. In: 2018 IEEE International Conference on Internet of Things and Intelligence System (IOTAIS), pp. 174–179. IEEE (2018)
Hinton, G.E., Srivastava, N., Krizhevsky, A., Sutskever, I., Salakhutdinov, R.R.: Improving neural networks by preventing co-adaptation of feature detectors. arXiv preprint arXiv:1207.0580 (2012)
Jafari, H., Omotere, O., Adesina, D., Wu, H.H., Qian, L.: IoT devices fingerprinting using deep learning. In: MILCOM 2018-2018 IEEE Military Communications Conference (MILCOM), pp. 1–9. IEEE (2018)
Kingma, D.P., Ba, J.: Adam: a method for stochastic optimization. arXiv preprint arXiv:1412.6980 (2014)
Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks. arXiv preprint arXiv:1609.02907 (2016)
Korczyński, M., Duda, A.: Markov chain fingerprinting to classify encrypted traffic. In: IEEE INFOCOM 2014-IEEE Conference on Computer Communications, pp. 781–789. IEEE (2014)
Li, Q., Han, Z., Wu, X.M.: Deeper insights into graph convolutional networks for semi-supervised learning. In: Proceedings of the AAAI Conference on Artificial Intelligence, vol. 32 (2018)
Liu, C., Cao, Z., Xiong, G., Gou, G., Yiu, S.M., He, L.: MaMPF: encrypted traffic classification based on multi-attribute Markov probability fingerprints. In: 2018 IEEE/ACM 26th International Symposium on Quality of Service (IWQoS), pp. 1–10. IEEE (2018)
Liu, C., He, L., Xiong, G., Cao, Z., Li, Z.: Fs-Net: a flow sequence network for encrypted traffic classification. In: IEEE INFOCOM 2019-IEEE Conference on Computer Communications, pp. 1171–1179. IEEE (2019)
Lopez-Martin, M., Carro, B., Sanchez-Esguevillas, A., Lloret, J.: Network traffic classifier with convolutional and recurrent neural networks for internet of things. IEEE Access 5, 18042–18050 (2017)
Marchal, S., Miettinen, M., Nguyen, T.D., Sadeghi, A.R., Asokan, N.: AuDI: toward autonomous IoT device-type identification using periodic communication. IEEE J. Sel. Areas Commun. 37(6), 1402–1412 (2019)
Msadek, N., Soua, R., Engel, T.: IoT device fingerprinting: machine learning based encrypted traffic analysis. In: 2019 IEEE Wireless Communications and Networking Conference (WCNC), pp. 1–8. IEEE (2019)
Ortiz, J., Crawford, C., Le, F.: DeviceMien: network device behavior modeling for identifying unknown IoT devices. In: Proceedings of the International Conference on Internet of Things Design and Implementation, pp. 106–117 (2019)
Riad, K., Huang, T., Ke, L.: A dynamic and hierarchical access control for IoT in multi-authority cloud storage. J. Network Comput. Appl. 160, 102633 (2020)
Shen, M., Wei, M., Zhu, L., Wang, M.: Classification of encrypted traffic with second-order Markov chains and application attribute bigrams. IEEE Trans. Inf. Forensics Secur. 12(8), 1830–1843 (2017)
Sivanathan, A., et al.: Classifying IoT devices in smart environments using network traffic characteristics. IEEE Trans. Mob. Comput. 18(8), 1745–1759 (2018)
Thangavelu, V., Divakaran, D.M., Sairam, R., Bhunia, S.S., Gurusamy, M.: DEFT: a distributed IoT fingerprinting technique. IEEE Internet Things J. 6(1), 940–952 (2018)
Acknowledgement
We thank the anonymous reviewers for their insightful comments. This work was supported by the National Key Research and Development Program of China (Grant No. 2019YFB1804504).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Yang, J., Sang, Y., Zhang, Y., Chang, P., Peng, C. (2021). Exploiting Heterogeneous Information for IoT Device Identification Using Graph Convolutional Network. In: Gao, H., Wang, X. (eds) Collaborative Computing: Networking, Applications and Worksharing. CollaborateCom 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 406. Springer, Cham. https://doi.org/10.1007/978-3-030-92635-9_33
Download citation
DOI: https://doi.org/10.1007/978-3-030-92635-9_33
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-92634-2
Online ISBN: 978-3-030-92635-9
eBook Packages: Computer ScienceComputer Science (R0)