Cross-Layer Protocol Fingerprint for Large-Scale Fine-Grain Devices Identification
Internet-connected Internet of Things (IoT) devices are exploding, which pose a significant threat for their management and security protection. IoT device identification is a prerequisite for discovering, monitoring, and protecting these devices. Although the existing proactive identification metho...
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2020-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/9205805/ |
| id |
doaj-f258e83f98bb47ae8c4b2e1388701ea7 |
|---|---|
| record_format |
Article |
| spelling |
doaj-f258e83f98bb47ae8c4b2e1388701ea72021-03-30T04:00:43ZengIEEEIEEE Access2169-35362020-01-01817629417630310.1109/ACCESS.2020.30268189205805Cross-Layer Protocol Fingerprint for Large-Scale Fine-Grain Devices IdentificationDan Yu0https://orcid.org/0000-0003-0999-8543Haoguang Xin1Yongle Chen2https://orcid.org/0000-0002-1000-1109Yao Ma3Junjie Chen4College of Information and Computer, Taiyuan University of Technology, Taiyuan, ChinaCollege of Information and Computer, Taiyuan University of Technology, Taiyuan, ChinaCollege of Information and Computer, Taiyuan University of Technology, Taiyuan, ChinaCollege of Information and Computer, Taiyuan University of Technology, Taiyuan, ChinaCollege of Information and Computer, Taiyuan University of Technology, Taiyuan, ChinaInternet-connected Internet of Things (IoT) devices are exploding, which pose a significant threat for their management and security protection. IoT device identification is a prerequisite for discovering, monitoring, and protecting these devices. Although the existing proactive identification methods based on protocol fingerprint can discover and identify large-scale IoT devices, the fingerprint granularity is difficult to meet the requirements of security risk assessment for large-scale IoT devices. Since IoT devices usually support multiple network protocols for specific collection and control tasks, we propose a cross-layer protocol fingerprint to achieve large-scale fine-grained devices identification instead of traditional single protocol fingerprint. We first design a probing scheme for gathering HTTP and TCP cross-layer packets. Then we select the specific field of the HTTP and TCP protocols based on the diversity and consistence of field value. Finally, we utilize convolutional neural network (CNN) and long-term memory network (LSTM) to extract and construct feature fingerprint of these specific fields, and achieve a fine-grain IoT devices identification with high accuracy. The experimental results show that our identification accuracy of devices model reaches 96.6%, the recall rate reaches 97.4%.https://ieeexplore.ieee.org/document/9205805/Internet of Thingsdevices identificationcross-layerfine-grainneural network |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Dan Yu Haoguang Xin Yongle Chen Yao Ma Junjie Chen |
| spellingShingle |
Dan Yu Haoguang Xin Yongle Chen Yao Ma Junjie Chen Cross-Layer Protocol Fingerprint for Large-Scale Fine-Grain Devices Identification IEEE Access Internet of Things devices identification cross-layer fine-grain neural network |
| author_facet |
Dan Yu Haoguang Xin Yongle Chen Yao Ma Junjie Chen |
| author_sort |
Dan Yu |
| title |
Cross-Layer Protocol Fingerprint for Large-Scale Fine-Grain Devices Identification |
| title_short |
Cross-Layer Protocol Fingerprint for Large-Scale Fine-Grain Devices Identification |
| title_full |
Cross-Layer Protocol Fingerprint for Large-Scale Fine-Grain Devices Identification |
| title_fullStr |
Cross-Layer Protocol Fingerprint for Large-Scale Fine-Grain Devices Identification |
| title_full_unstemmed |
Cross-Layer Protocol Fingerprint for Large-Scale Fine-Grain Devices Identification |
| title_sort |
cross-layer protocol fingerprint for large-scale fine-grain devices identification |
| publisher |
IEEE |
| series |
IEEE Access |
| issn |
2169-3536 |
| publishDate |
2020-01-01 |
| description |
Internet-connected Internet of Things (IoT) devices are exploding, which pose a significant threat for their management and security protection. IoT device identification is a prerequisite for discovering, monitoring, and protecting these devices. Although the existing proactive identification methods based on protocol fingerprint can discover and identify large-scale IoT devices, the fingerprint granularity is difficult to meet the requirements of security risk assessment for large-scale IoT devices. Since IoT devices usually support multiple network protocols for specific collection and control tasks, we propose a cross-layer protocol fingerprint to achieve large-scale fine-grained devices identification instead of traditional single protocol fingerprint. We first design a probing scheme for gathering HTTP and TCP cross-layer packets. Then we select the specific field of the HTTP and TCP protocols based on the diversity and consistence of field value. Finally, we utilize convolutional neural network (CNN) and long-term memory network (LSTM) to extract and construct feature fingerprint of these specific fields, and achieve a fine-grain IoT devices identification with high accuracy. The experimental results show that our identification accuracy of devices model reaches 96.6%, the recall rate reaches 97.4%. |
| topic |
Internet of Things devices identification cross-layer fine-grain neural network |
| url |
https://ieeexplore.ieee.org/document/9205805/ |
| work_keys_str_mv |
AT danyu crosslayerprotocolfingerprintforlargescalefinegraindevicesidentification AT haoguangxin crosslayerprotocolfingerprintforlargescalefinegraindevicesidentification AT yonglechen crosslayerprotocolfingerprintforlargescalefinegraindevicesidentification AT yaoma crosslayerprotocolfingerprintforlargescalefinegraindevicesidentification AT junjiechen crosslayerprotocolfingerprintforlargescalefinegraindevicesidentification |
| _version_ |
1724182576652877824 |