Abstract
The network device identification technology refers to using the network detection technology to obtain device data and transform the device data into device fingerprints to identify network devices. Currently, the mainstream network device identification method obtains network traffic data generated in the process of device communication, extract device features, and identify devices based on a variety of machine learning algorithms. However, these methods ignore the impact of redundant features and interference features when analyzing device traffic data, resulting in a high-false positive rate and heavy time cost. In order to identify network devices more efficiently and accurately, we propose a network device recognition method based on feature reduction and dynamical feature weights assignment. Firstly, feature redundancy analysis was carried out based on fast filtering algorithm and redundant features were deleted. Then, each feature is dynamically weighted according to its relevance to the device type. Finally, the target device type is identified by calculating the similarity between the target device and the known device type. Experimental results on existing public data sets show that the proposed method improves the recognition accuracy by 3.5%, 10.8% and reduces the time cost by 80%, 72% in random forest and LightGBM respectively. The proposed method is better than the existing method based on feature reduction for device type recognition.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Gillivray, C.M., Reinsel, D.: IDC worldwide global data sphere IoT device and data forecast. Internet Data Center (2019)
Li, Q., Feng, X., Wang, H., Sun, L.: Automatically discovering surveillance devices in the cyberspace. In: Proceedings of MMSys, pp. 331–342 (2017)
Zhang, H., Han, W., Lai, X., Lin, D., Ma, J., Li, J.: Survey on cyberspace security. Sci. China Inf. Sci. 58(11), 1–43 (2015). https://doi.org/10.1007/s11432-015-5433-4
Feng, G.D., Zhang, Y., Zhang, Y.Q.: Overview of information security risk assessment. J. China Inst. Commun. 25(7), 10–18 (2004)
Xi, R.G., Yun, X.C., Jin, S.Y.: Research survey of network security situation awareness. Comput. Appl. 32(1), 1–4 (2012)
Bodenheim, R., Butts, J., Dunlap, S., Mullins, B.: Evaluation of the ability of the Shodan search engine to identify internet-facing industrial control devices. Int. J. Crit. Infrastruct. Prot. 7(2), 114–123 (2014)
Durumeric, Z., Adrian, D., Mirian, A.: A search engine backed by internet-wide scanning. In: Proceedings of ACM SIGSAC, pp. 542–553 (2015)
Li, R., Shen, M., Yu, H., Li, C., Duan, P., Zhu, L.: A survey on cyberspace search engines. In: Proceedings of CCIS, pp. 206–214 (2020)
Cui, A., Stolfo, S.: A quantitative analysis of the insecurity of embedded network devices: results of a wide-area scan. In: Proceedings of ACSAC, pp. 97–106 (2010)
Li, Q., Feng, X., Wang, R., Li, Z., Sun, L.: Towards fine-grained fingerprinting of firmware in online embedded devices. In: Proceedings of INFOCOM, pp. 2537–2545 (2018)
Kotak, J., Elovici, Y.: IoT device identification using deep learning. In: Herrero, Á., Cambra, C., Urda, D., Sedano, J., Quintián, H., Corchado, E. (eds.) CISIS 2019. AISC, vol. 1267, pp. 76–86. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-57805-3_8
Guo, X., Li, X., Li, R., Wang, X., Luo, X.: Network device identification based on MAC boundary inference. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds.) ICAIS 2021. CCIS, vol. 1424, pp. 697–712. Springer, Cham (2021). https://doi.org/10.1007/978-3-030-78621-2_58
Zande, S., Murdoch, S.J.: An improved clock-skew measurement technique for revealing hidden services. In: Proceedings of USENIX Security Symposium, pp. 211–226 (2008)
Zhu, B.K., et al.: IoT device monitoring system based on C5.0 decision tree and time-series analysis. IEEE Access 10, 36637–36648 (2021)
Gao, K.: A passive approach to wireless device fingerprinting. In: Proceedings of DSN, pp. 383–392 (2010)
Meidan, Y., et al.: ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis. In: Proceedings of SAC, pp. 506–509 (2017)
Sivanathan, A., Sherrat, D., Gharakheili, H.H., et al.: Characterizing and classifying IoT traffic in smart cities and campuses. In: Proceedings of INFOCOM WKSHPS, pp. 559–564 (2017)
Martin, J., Rye, E., Beverly, R.: Decomposition of MAC address structure for granular device inference. In: Proceedings of ACSAC, pp. 78–88 (2016)
Bekerman, D., Shapira, B., Rokach, L., Bar, A.: Unknown malware detection using network traffic classification. In: Proceedings of CNS, pp. 134–142 (2015)
Beigi, E.B., Jazi, H.H., Stakhanova, N., Ghorbani, A.A.: Towards effective feature selection in machine learning-based botnet detection approaches. In: Proceedings of IEEE CNS, pp. 247–255 (2014)
Sivanathan, A., et al.: Classifying IoT devices in smart environments using network traffic characteristics. IEEE Trans. Mob. Comput. 18(8), 1745–1759 (2019)
Umair, M.B., et al.: An efficient internet traffic classification system using deep learning for IoT. Comput. Mater. Contin. 71(1), 407–422 (2022)
Senliol, B., Gulgezen, G., Yu, L., Cataltepe, Z.: Fast correlation based filter (FCBF) with a different search strategy. In: Proceedings of ISCIS, pp. 1–4 (2008)
Xu. H.: Research on Markov blanket discovery algorithm based on Bayesian networks. M. S. Dissertation, University of Electronic Science and Technology of China, Chengdu (2012)
Funding
This work was supported by the National Natural Science Foundation of China (No. U1804263, 61872448, 62172435, and 62002386) and the Zhongyuan Science and Technology Innovation Leading Talent Project (No. 214200510019).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Ethics declarations
The authors declare that they have no conflicts of interest to report regarding the present study.
Rights and permissions
Copyright information
© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG
About this paper
Cite this paper
Wang, X., Luo, X., Du, S., Li, L., Yang, Y., Liu, F. (2022). A Rapid Device Type Identification Method Based on Feature Reduction and Dynamical Feature Weights Assignment. In: Sun, X., Zhang, X., Xia, Z., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2022. Lecture Notes in Computer Science, vol 13340. Springer, Cham. https://doi.org/10.1007/978-3-031-06791-4_52
Download citation
DOI: https://doi.org/10.1007/978-3-031-06791-4_52
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-06790-7
Online ISBN: 978-3-031-06791-4
eBook Packages: Computer ScienceComputer Science (R0)