395 research outputs found
Your Smart Home Can't Keep a Secret: Towards Automated Fingerprinting of IoT Traffic with Neural Networks
The IoT (Internet of Things) technology has been widely adopted in recent
years and has profoundly changed the people's daily lives. However, in the
meantime, such a fast-growing technology has also introduced new privacy
issues, which need to be better understood and measured. In this work, we look
into how private information can be leaked from network traffic generated in
the smart home network. Although researchers have proposed techniques to infer
IoT device types or user behaviors under clean experiment setup, the
effectiveness of such approaches become questionable in the complex but
realistic network environment, where common techniques like Network Address and
Port Translation (NAPT) and Virtual Private Network (VPN) are enabled. Traffic
analysis using traditional methods (e.g., through classical machine-learning
models) is much less effective under those settings, as the features picked
manually are not distinctive any more. In this work, we propose a traffic
analysis framework based on sequence-learning techniques like LSTM and
leveraged the temporal relations between packets for the attack of device
identification. We evaluated it under different environment settings (e.g.,
pure-IoT and noisy environment with multiple non-IoT devices). The results
showed our framework was able to differentiate device types with a high
accuracy. This result suggests IoT network communications pose prominent
challenges to users' privacy, even when they are protected by encryption and
morphed by the network gateway. As such, new privacy protection methods on IoT
traffic need to be developed towards mitigating this new issue
Preprint: Using RF-DNA Fingerprints To Classify OFDM Transmitters Under Rayleigh Fading Conditions
The Internet of Things (IoT) is a collection of Internet connected devices
capable of interacting with the physical world and computer systems. It is
estimated that the IoT will consist of approximately fifty billion devices by
the year 2020. In addition to the sheer numbers, the need for IoT security is
exacerbated by the fact that many of the edge devices employ weak to no
encryption of the communication link. It has been estimated that almost 70% of
IoT devices use no form of encryption. Previous research has suggested the use
of Specific Emitter Identification (SEI), a physical layer technique, as a
means of augmenting bit-level security mechanism such as encryption. The work
presented here integrates a Nelder-Mead based approach for estimating the
Rayleigh fading channel coefficients prior to the SEI approach known as RF-DNA
fingerprinting. The performance of this estimator is assessed for degrading
signal-to-noise ratio and compared with least square and minimum mean squared
error channel estimators. Additionally, this work presents classification
results using RF-DNA fingerprints that were extracted from received signals
that have undergone Rayleigh fading channel correction using Minimum Mean
Squared Error (MMSE) equalization. This work also performs radio discrimination
using RF-DNA fingerprints generated from the normalized magnitude-squared and
phase response of Gabor coefficients as well as two classifiers. Discrimination
of four 802.11a Wi-Fi radios achieves an average percent correct classification
of 90% or better for signal-to-noise ratios of 18 and 21 dB or greater using a
Rayleigh fading channel comprised of two and five paths, respectively.Comment: 13 pages, 14 total figures/images, Currently under review by the IEEE
Transactions on Information Forensics and Securit
A Review of Performance, Energy and Privacy of Intrusion Detection Systems for IoT
Internet of Things (IoT) forms the foundation of next generation infrastructures, enabling development of future cities that are inherently sustainable. Intrusion detection for such paradigms is a non-trivial challenge which has attracted further significance due to extraordinary growth in the volume and variety of security threats for such systems. However, due to unique characteristics of such systems i.e., battery power, bandwidth and processor overheads and network dynamics, intrusion detection for IoT is a challenge, which requires taking into account the trade-off between detection accuracy and performance overheads. In~this context, we are focused at highlighting this trade-off and its significance to achieve effective intrusion detection for IoT. Specifically, this paper presents a comprehensive study of existing intrusion detection systems for IoT systems in three aspects: computational overhead, energy consumption and privacy implications. Through extensive study of existing intrusion detection approaches, we have identified open challenges to achieve effective intrusion detection for IoT infrastructures. These include resource constraints, attack complexity, experimentation rigor and unavailability of relevant security data. Further, this paper is envisaged to highlight contributions and limitations of the state-of-the-art within intrusion detection for IoT, and~aid the research community to advance it by identifying significant research directions
Machine Learning based Attacks Detection and Countermeasures in IoT
While the IoT offers important benefits and opportunities for users, the technology raises various security issues and threats. These threats may include spreading IoT botnets through IoT devices which are the common and most malicious security threat in the world of internet. Protecting the IoT devices against these threats and attacks requires efficient detection. While we need to take into consideration IoT devices memory capacity limitation and low power processors. In this paper, we will focus in proposing low power consumption Machine Learning (ML) techniques for detecting IoT botnet attacks using Random forest as ML-based detection method and describing IoT common attacks with its countermeasures. The experimental result of our proposed solution shows higher accuracy. From the results, we conclude that IoT botnet detection is possible; achieving a higher accuracy rate as an experimental result indicates an accuracy rate of over 99.99% where the true positive rate is 1.000 and the false-negative rate is 0.000
- …