Skip to main content
SpringerLink
Log in

A Small World–Privacy Preserving IoT Device-Type Fingerprinting with Small Datasets

  • Conference paper
  • First Online:
Foundations and Practice of Security (FPS 2023)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 14551))

Included in the following conference series:

  • 56 Accesses

Abstract

Internet-of-Things (IoT) device-type fingerprinting is the process of identification of the specific type of an IoT device based on its characteristics, such as network behavior. Such fingerprinting can be used to detect anomalous behavior of the device, or even predict its behavior should it get compromised. The typical approach to fingerprint an IoT device-type is by collecting a significant number of short network trace samples from these devices when it performs various activities and use machine learning on these samples to construct the fingerprint. There are several challenges to this approach. The first challenge is identifying the exact set of packets that correspond to the observed device-type behavior when it is performing some activity. The second challenge is that a single organization may not have enough data corresponding to all possible activities of the IoT device. We propose techniques to overcome the above mentioned challenges. First, to enhance device-type fingerprinting from small data sets, we designed a sliding-window based packet analysis behavioral model that provides improved data coverage associated with the activities of the tasks. Second, to get a model of the network behavior for the different activities of IoT devices deployed at various organizations, we use distributed deep-learning model so as to protect the privacy and confidentiality of the data. Finally, we alleviate the issue of data shortage by supplementing the training data with synthetic data generated using an Adversarial Autoencoder (AAE) neural network. We evaluated our approach using three different sets of experiments using a small set of representative devices. We estimate the best sliding window size for modeling device behavior by comparing the distributed learning performance over a range of window sizes. For our distributed approach, we achieve fingerprinting accuracy in the range of 94–99%, which is an improvement over the centralized approach for the same data sets and experiments. We demonstrate accuracy of \(97\%\), on-par with state-of-the-art fingerprinting approaches, when using synthetic training data generated by our AAE. We note that, this is the first such method of fingerprinting device-types in a collaborative privacy preserving manner while alleviating small data sets.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 59.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 79.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Krebs, B.: Mirai IoT botnet co-authors plead guilty? Krebs on security, November 2017

    Google Scholar 

  2. Acar, A., et al.: Peek-a-boo: i see your smart home activities, even encrypted! In: Proceedings of the 13th ACM Conference on Security and Privacy in Wireless and Mobile Networks, pp. 207–218 (2020)

    Google Scholar 

  3. OConnor, T.J., Mohamed, R., Miettinen, M., Enck, W., Reaves, B., Sadeghi, A.-R.: HomeSnitch: behavior transparency and control for smart home IoT devices. In: Proceedings of the 12th Conference on Security and Privacy in Wireless and Mobile Networks, pp. 128–138 (2019)

    Google Scholar 

  4. Bai, L., Yao, L., Kanhere, S.S., Wang, X., Yang, Z.: Automatic device classification from network traffic streams of Internet of Things. In: 2018 IEEE 43rd Conference on Local Computer Networks (LCN), pp. 1–9. IEEE (2018)

    Google Scholar 

  5. Sivanathan, A., et al.: Classifying IoT devices in smart environments using network traffic characteristics. IEEE Trans. Mob. Comput. 18(8), 1745–1759 (2018)

    Article  Google Scholar 

  6. Dong, S., Li, Z., Tang, D., Chen, J., Sun, M., Zhang, K.: Your smart home can’t keep a secret: towards automated fingerprinting of IoT traffic. In: Proceedings of the 15th ACM Asia Conference on Computer and Communications Security, pp. 47–59 (2020)

    Google Scholar 

  7. Perdisci, R., Papastergiou, T., Alrawi, O., Antonakakis, M.: IoTFinder: efficient large-scale identification of IoT devices via passive DNS traffic analysis. In: 2020 IEEE European Symposium on Security and Privacy (EuroS &P), pp. 474–489. IEEE (2020)

    Google Scholar 

  8. Ahmed, D., Das, A., Zaffar, F.: Analyzing the feasibility and generalizability of fingerprinting Internet of Things devices. Proc. Priv. Enhancing Technol. 2, 2022 (2022)

    Google Scholar 

  9. Sharma, R.A., Soltanaghaei, E., Rowe, A., Sekar, V.: Lumos: identifying and localizing diverse hidden \(\{\)IoT\(\}\) devices in an unfamiliar environment. In: 31st USENIX Security Symposium (USENIX Security 2022), pp. 1095–1112 (2022)

    Google Scholar 

  10. Franklin, J., McCoy, D.: Passive data link layer 802.11 wireless device driver fingerprinting. In: Proceedings of the 15th USENIX Security Symposium, Vancouver, BC, Canada, 31 July–4 August 2006

    Google Scholar 

  11. Pang, J., Greenstein, B., Gummadi, R., Seshan, S., Wetherall, D.: 802.11 user fingerprinting. In: Proceedings of the 13th ACM MOBICOM, pp. 99–110. ACM (2007)

    Google Scholar 

  12. François, J., Abdelnur, H.J., State, R., Festor, O.: Automated behavioral fingerprinting. In: Proceedings of the 12th RAID Symposium, pp. 182–201 (2009)

    Google Scholar 

  13. Arackaparambil, C., Bratus, S., Shubina, A., Kotz, D.: On the reliability of wireless fingerprinting using clock skews. In: Proceedings of the Third ACM WiSec, pp. 169–174, New York, NY, USA. ACM (2010)

    Google Scholar 

  14. Kurtz, A., Gascon, H., Becker, T., Rieck, K., Freiling, F.: Fingerprinting mobile devices using personalized configurations. Proc. Priv. Enhancing Technol. 1, 4–19 (2016)

    Article  Google Scholar 

  15. Martin, A., Doddington, G., Kamm, T., Ordowski, M., Przybocki, M.: The DET curve in assessment of detection task performance. Technical report, National Institute of Standards and Technology Gaithersburg MD (1997)

    Google Scholar 

  16. Lippmann, R., Fried, D., Piwowarski, K., Streilein, W.: Passive operating system identification from TCP/IP packet headers. In: Workshop on Data Mining for Computer Security, p. 40 (2003)

    Google Scholar 

  17. Kohno, T., Broido, A., Claffy, K.C.: Remote physical device fingerprinting. IEEE Trans. Dependable Secure Comput. 2(2), 93–108 (2005)

    Article  Google Scholar 

  18. Brik, V., Banerjee, S., Gruteser, M., Oh, S.: Wireless device identification with radiometric signatures. In: Proceedings of the 14th ACM MOBICOM, pp. 116–127. ACM (2008)

    Google Scholar 

  19. Jana, S., Kasera, S.K.: On fast and accurate detection of unauthorized wireless access points using clock skews. IEEE Trans. Mobile Comput. 9(3), 449–462 (2010)

    Article  Google Scholar 

  20. Radhakrishnan, S.V., Uluagac, A.S., Beyah, R.A.: GTID: a technique for physical device and device type fingerprinting. IEEE Trans. Dependable Secure Comput. 12(5), 519–532 (2015)

    Article  Google Scholar 

  21. Formby, D., Srinivasan, P., Leonard, A., Rogers, J., Beyah, R.A.: Who’s in control of your control system? Device fingerprinting for cyber-physical systems. In: 23rd Annual ISOC NDSS (2016)

    Google Scholar 

  22. Van Goethem, T., Scheepers, W., Preuveneers, D., Joosen, W.: Accelerometer-based device fingerprinting for multi-factor mobile authentication. In: Caballero, J., Bodden, E., Athanasopoulos, E. (eds.) ESSoS 2016. LNCS, vol. 9639, pp. 106–121. Springer, Cham (2016). https://doi.org/10.1007/978-3-319-30806-7_7

    Chapter  Google Scholar 

  23. François, J., Abdelnur, H.J., State, R., Festor, O.: Machine learning techniques for passive network inventory. IEEE Trans. Netw. Serv. Manage. 7(4), 244–257 (2010)

    Article  Google Scholar 

  24. Gao, K., Corbett, C., Beyah, R.: A passive approach to wireless device fingerprinting. In: Proceedings of IEEE/IFIP DSN, pp. 383–392. IEEE (2010)

    Google Scholar 

  25. Miettinen, M., Marchal, S., Hafeez, I., Asokan, N., Sadeghi, A.-R., Tarkoma, S.: IoT SENTINEL: automated device-type identification for security enforcement in IoT. In: Proceedings of 37th IEEE ICDCS, pp. 2177–2184 (2017)

    Google Scholar 

  26. Siby, S., Maiti, R.R., Tippenhauer, N.: IoTScanner: detecting and classifying privacy threats in IoT neighborhoods. arXiv preprint arXiv:1701.05007 (2017)

  27. Bezawada, B., Bachani, M., Peterson, J., Shirazi, H., Ray, I., Ray, I.: Behavioral fingerprinting of IoT devices. In: Proceedings of the 2018 Workshop on Attacks and Solutions in Hardware Security, ASHES CCS 2018, Toronto, ON, Canada, 19 October 2018, pp. 41–50. ACM (2018)

    Google Scholar 

  28. Shokri, R., Shmatikov, V.: Privacy-preserving deep learning. In: 2015 53rd Annual Allerton Conference on Communication, Control, and Computing (Allerton), pp. 909–910 (2015)

    Google Scholar 

  29. McMahan, B., Moore, E., Ramage, D., Hampson, S., y Arcas, B.A.: Communication-efficient learning of deep networks from decentralized data. In: Proceedings of the 20th International Conference on Artificial Intelligence and Statistics, AISTATS 2017, 20–22 April 2017, Fort Lauderdale, FL, USA, vol. 54, pp. 1273–1282. PMLR (2017)

    Google Scholar 

  30. Gupta, O., Raskar, R.: Distributed learning of deep neural network over multiple agents. J. Netw. Comput. Appl. 116, 1–8 (2018)

    Article  Google Scholar 

  31. Lévy, D., Jain, A.: Breast mass classification from mammograms using deep convolutional neural networks. CoRR, abs/1612.00542 (2016)

    Google Scholar 

  32. Vepakomma, P., Gupta, O., Swedish, T., Raskar, R.: Split learning for health: distributed deep learning without sharing raw patient data. CoRR, abs/1812.00564 (2018)

    Google Scholar 

  33. Vepakomma, P., Raskar, R.: Split learning: a resource efficient model and data parallel approach for distributed deep learning. In: Ludwig, H., Baracaldo, N. (eds.) Federated Learning - A Comprehensive Overview of Methods and Applications, pp. 439–451. Springer, Cham (2022)

    Google Scholar 

  34. Niyaz, Q., Sun, W., Javaid, A.Y.: A deep learning based DDoS detection system in software-defined networking (SDN). EAI Endorsed Trans. Secur. Saf. 4(12), 12 (2017)

    Google Scholar 

  35. Deval, S.K., Tripathi, M., Bezawada, B., Ray, I.: “X-Phish: Days of Future Past”: adaptive & privacy preserving phishing detection. In: 2021 IEEE Conference on Communications and Network Security (CNS), pp. 227–235 (2021)

    Google Scholar 

  36. Phong, L.T., Phuong, T.T.: Privacy-preserving deep learning via weight transmission. IEEE Trans. Inf. Forensics Secur. 14(11), 3003–3015 (2019)

    Article  Google Scholar 

  37. Wang, H., Eklund, D., Oprea, A., Raza, S.: FL4IoT: IoT device fingerprinting and identification using federated learning. ACM Trans. Internet Things 4, 1–24 (2023)

    Article  Google Scholar 

  38. Kingma, D.P., Ba, J.: Adam: a method for stochastic optimization. In: 3rd International Conference on Learning Representations, ICLR 2015, San Diego, CA, USA, 7–9 May 2015, Conference Track Proceedings (2015)

    Google Scholar 

  39. Makhzani, A., Shlens, J., Jaitly, N., Goodfellow, I., Frey, B.: Adversarial autoencoders. arXiv preprint arXiv:1511.05644 (2015)

Download references

Acknowledgement

This work has been partially supported by funding from the NIST under award number 60NANB18D204, from NSF under award numbers DMS 2123761, CNS 2027750, CNS 1822118 and from the member partner of the NSF IUCRC Center for Cybersecurity Analytics and Automation – Statnett, Cyber Risk Research, AMI, NewPush, and ARL.

Author information

Authors and Affiliations

  1. Computer Science and Engineering Department, Colorado State University, Fort Collins, CO, 80526, USA

    Maxwel Bar-on, Indrakshi Ray & Indrajit Ray

  2. Mathematics and Computer Science Department, Southern Arkansas University, Magnolia, AR, 71753, USA

    Bruhadeshwar Bezawada

Authors
  1. Maxwel Bar-on
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Bruhadeshwar Bezawada
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Indrakshi Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Indrajit Ray
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bruhadeshwar Bezawada .

Editor information

Editors and Affiliations

  1. University of Bordeaux, Bordeaux, France

    Mohamed Mosbah

  2. Toulouse III - Paul Sabatier University, Toulouse, France

    Florence Sèdes

  3. Université Laval, Québec, QC, Canada

    Nadia Tawbi

  4. University of Bordeaux, Bordeaux, France

    Toufik Ahmed

  5. Polytechnique Montréal, Montreal, QC, Canada

    Nora Boulahia-Cuppens

  6. Telecom SudParis, Palaiseau, France

    Joaquin Garcia-Alfaro

Rights and permissions

Reprints and permissions

Copyright information

© 2024 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Bar-on, M., Bezawada, B., Ray, I., Ray, I. (2024). A Small World–Privacy Preserving IoT Device-Type Fingerprinting with Small Datasets. In: Mosbah, M., Sèdes, F., Tawbi, N., Ahmed, T., Boulahia-Cuppens, N., Garcia-Alfaro, J. (eds) Foundations and Practice of Security. FPS 2023. Lecture Notes in Computer Science, vol 14551. Springer, Cham. https://doi.org/10.1007/978-3-031-57537-2_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-031-57537-2_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-57536-5

  • Online ISBN: 978-3-031-57537-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation