Internet of Things: Digital Footprints Carry A Device Identity

Rajarshi Roy Chowdhury,Azam Che Idris,Pg Emeroylariffion Abas
DOI: https://doi.org/10.1063/5.0111335
2023-01-01
Abstract:The usage of technologically advanced devices has seen a boom in many domains, including education, automation, and healthcare; with most of the services requiring Internet connectivity. To secure a network, device identification plays key role. In this paper, a device fingerprinting (DFP) model, which is able to distinguish between Internet of Things (IoT) and non-IoT devices, as well as uniquely identify individual devices, has been proposed. Four statistical features have been extracted from the consecutive five device-originated packets, to generate individual device fingerprints. The method has been evaluated using the Random Forest (RF) classifier and different datasets. Experimental results have shown that the proposed method achieves up to 99.8% accuracy in distinguishing between IoT and non-IoT devices and over 97.6% in classifying individual devices. These signify that the proposed method is useful in assisting operators in making their networks more secure and robust to security breaches and unauthorized access.
Machine Learning,Cryptography and Security
What problem does this paper attempt to address?
The main problem that this paper attempts to solve is the challenges faced by network - connected devices (especially Internet of Things (IoT) and non - IoT devices) in terms of network security. With the progress of technology, more and more devices are connected to the Internet, which brings new challenges to network administrators and operators in managing and controlling the operation and security of these devices. Traditional device identification methods (such as using IP addresses and MAC addresses) are vulnerable to attacks (such as spoofing attacks) and are therefore not secure and reliable enough. For this reason, the paper proposes a method based on device fingerprinting (DFP), which can distinguish between IoT and non - IoT devices by analyzing the characteristics in device communication traffic and can uniquely identify individual devices. Specifically, the contributions of the paper include: 1. **Extract device - specific features from device communication traffic**: Generate device signatures for classification. 2. **Establish an experimental test platform**: Set up non - IoT devices in a laboratory environment for data collection. 3. **Evaluate the performance of the DFP scheme**: Based on supervised learning algorithms, evaluate the performance of the model in distinguishing between IoT and non - IoT devices and in identifying individual devices. Through this method, researchers hope to improve the security and robustness of the network and prevent unauthorized access and other security vulnerabilities. The experimental results show that the proposed DFP method has an accuracy rate of 99.8% in distinguishing between IoT and non - IoT devices and also exceeds 97.6% in accuracy in identifying individual devices. ### Key Formulas and Concepts - Four statistical features are extracted: - Mean ($\mu$) - Standard deviation ($\sigma$) - These features are calculated from the values of `ip.len` and `tcp.window_size` in five consecutive data packets sent by each device. ### Conclusion The research results show that the proposed DFP model is very useful for device identification and can help network administrators provide a more secure network environment.