Context-Aware Behavioral Fingerprinting of IoT Devices via Network Traffic Analysis

Arjun Prasad; Kevin Biju; Soumya Somani; Barsha Mitra

doi:10.5220/0012056000003555

Context-Aware Behavioral Fingerprinting of IoT Devices via Network Traffic Analysis

Arjun Prasad, Kevin Biju, Soumya Somani, Barsha Mitra

2023

Abstract

The large scale proliferation of IoT devices has necessitated the requirement of securing these devices from a massive spectrum of cyber security threats. IoT device fingerprinting is a defense strategy that can help to detect unauthorized device subversion and the consequent anomalous activities by identifying device behavior and characteristics. Device fingerprinting can be done by analyzing the network traffic features of the IoT devices present in a network, thereby creating a blueprint of normal device behavior and clearly distinguishing it from any kind of abnormal behavior. Since IoT devices operate under varying dynamic conditions, it is implicit that a single device exhibits different behavioral patterns under different contexts and operating modes. In this paper, we propose a context-aware behavioral fingerprinting of IoT devices that takes into account the circumstances or contexts under which the devices are operating. Each context results in a fingerprint and the complete behavioral fingerprint of an IoT device is the combination of all such fingerprints. We perform packet level feature engineering for finding the best possible set of features for performing device fingerprinting. Our fingerprinting strategy uses supervised learning for classifying the IoT devices. We have created an IoT test bed setup consisting of a gateway and several IoT devices. We have collected network traffic data of these IoT devices and have tested the efficacy of our proposed approach on these real data. Experimental results show that our fingerprinting technique is quite effective and is capable of identifying IoT devices with more than 94% accuracy.

Download

Paper Citation

in Harvard Style

Prasad A., Biju K., Somani S. and Mitra B. (2023). Context-Aware Behavioral Fingerprinting of IoT Devices via Network Traffic Analysis. In Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT; ISBN 978-989-758-666-8, SciTePress, pages 335-344. DOI: 10.5220/0012056000003555

in Bibtex Style

@conference{secrypt23,
author={Arjun Prasad and Kevin Biju and Soumya Somani and Barsha Mitra},
title={Context-Aware Behavioral Fingerprinting of IoT Devices via Network Traffic Analysis},
booktitle={Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT},
year={2023},
pages={335-344},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012056000003555},
isbn={978-989-758-666-8},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 20th International Conference on Security and Cryptography - Volume 1: SECRYPT
TI - Context-Aware Behavioral Fingerprinting of IoT Devices via Network Traffic Analysis
SN - 978-989-758-666-8
AU - Prasad A.
AU - Biju K.
AU - Somani S.
AU - Mitra B.
PY - 2023
SP - 335
EP - 344
DO - 10.5220/0012056000003555
PB - SciTePress