Article: Automated identification of vulnerable devices in networks using traffic data and deep learning Journal: International Journal of Information Privacy, Security and Integrity (IJIPSI) 2021 Vol.5 No.1 pp.1 - 17 Abstract: Many IoT devices are vulnerable to attacks due to flawed security designs and lacking mechanisms for firmware updates or patches to eliminate the security vulnerabilities. Device-type identification combined with data from vulnerability databases can pinpoint vulnerable IoT devices in a network and can be used to constrain the communications of vulnerable devices for preventing damage. In this contribution, we present and evaluate two deep learning approaches to the reliable IoT device-type identification, namely a recurrent and a convolutional network architecture. Both deep learning approaches show accuracies of 97% and 98%, respectively, and thereby outperform an up-to-date IoT device-type identification approach using hand-crafted fingerprint features obtaining an accuracy of 82%. The runtime performance for the IoT identification of both deep learning approaches outperforms the hand-crafted approach by three magnitudes. Finally, importance metrics explain the results of both deep learning approaches in terms of the utilisation of the analysed traffic data flow. Inderscience Publishers - linking academia, business and industry through research

Title: Automated identification of vulnerable devices in networks using traffic data and deep learning

Authors: Jakob Greis; Artem Yushchenko; Daniel Vogel; Michael Meier; Volker Steinhage

Addresses: Institute of Computer Science IV, University of Bonn, Friedrich-Hirzebruch-Allee 8, Bonn 53115, Germany ' Institute of Computer Science IV, University of Bonn, Friedrich-Hirzebruch-Allee 8, Bonn 53115, Germany ' Institute of Computer Science IV, University of Bonn, Friedrich-Hirzebruch-Allee 8, Bonn 53115, Germany ' Institute of Computer Science IV, University of Bonn, Friedrich-Hirzebruch-Allee 8, Bonn 53115, Germany; Fraunhofer Institute for Communication, Information Processing and Ergonomics (FKIE), Friedrich-Hirzebruch-Allee 8, Bonn 53115, Germany ' Institute of Computer Science IV, University of Bonn, Friedrich-Hirzebruch-Allee 8, Bonn 53115, Germany

Abstract: Many IoT devices are vulnerable to attacks due to flawed security designs and lacking mechanisms for firmware updates or patches to eliminate the security vulnerabilities. Device-type identification combined with data from vulnerability databases can pinpoint vulnerable IoT devices in a network and can be used to constrain the communications of vulnerable devices for preventing damage. In this contribution, we present and evaluate two deep learning approaches to the reliable IoT device-type identification, namely a recurrent and a convolutional network architecture. Both deep learning approaches show accuracies of 97% and 98%, respectively, and thereby outperform an up-to-date IoT device-type identification approach using hand-crafted fingerprint features obtaining an accuracy of 82%. The runtime performance for the IoT identification of both deep learning approaches outperforms the hand-crafted approach by three magnitudes. Finally, importance metrics explain the results of both deep learning approaches in terms of the utilisation of the analysed traffic data flow.

Keywords: internet of things; IoT; security vulnerabilities; IoT device type identification; representation learning; deep learning; explainability; importance metrics.

DOI: 10.1504/IJIPSI.2021.119166

International Journal of Information Privacy, Security and Integrity, 2021 Vol.5 No.1, pp.1 - 17

Received: 01 Mar 2021
Accepted: 20 Jul 2021
Published online: 26 Nov 2021 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article

Title: Automated identification of vulnerable devices in networks using traffic data and deep learning

Keep up-to-date