IP-Based IoT Device Detection. Guo, H. & Heidemann, J. In Proceedings of the ACM SIGCOMM Workshop on IoT Security and Privacy , pages 36–42, Budapest, Hungary, August, 2018. ACM.
IP-Based IoT Device Detection [link]Paper  doi  abstract   bibtex   
Recent IoT-based DDoS attacks have exposed how vulnerable the Internet can be to millions of insufficiently secured IoT devices. To understand the risks of these attacks requires learning about these IoT devices—where are they, how many are there, how are they changing? In this paper, we propose a new method to find IoT devices in Internet to begin to assess this threat. Our approach requires observations of flow-level network traffic and knowledge of servers run by the manufacturers of the IoT devices. We have developed our approach with 10 device models by 7 vendors and controlled experiments. We apply our algorithm to observations from 6 days of Internet traffic at a college campus and partial traffic from an IXP to detect IoT devices.
@InProceedings{Guo18b,
        author =        "Hang Guo and John Heidemann",
        title =         "IP-Based {IoT} Device Detection",
        booktitle =     "Proceedings of the " # " {ACM} SIGCOMM Workshop on {IoT} Security and Privacy ",
        year =          2018,
	sortdate = 		"2018-08-20", 
	project = "ant, retrofuturebridge, lacanic",
	jsubject = "topology_modeling",
        month =      aug,
	pages = "36--42",
        address =    "Budapest, Hungary",
        publisher =  "ACM",
        jlocation =   "johnh: pafile",
        keywords =   "iot, detection, scanning",
        doi =        "https://doi.org/10.1145/3229565.3229572",
	url =		"https://ant.isi.edu/%7ejohnh/PAPERS/Guo18b.html",
	pdfurl =	"https://ant.isi.edu/%7ejohnh/PAPERS/Guo18b.pdf",
	blogurl = "https://ant.isi.edu/blog/?p=1197",
	dataseturl = "https://ant.isi.edu/datasets/iot/",
	abstract =
"Recent IoT-based DDoS attacks have exposed how vulnerable the
Internet can be to millions of insufficiently
secured IoT devices. To understand the risks of
these attacks requires learning about these IoT
devices---where are they, how many are there, how
are they changing? In this paper, we propose a new
method to find IoT devices in Internet to begin to
assess this threat. Our approach requires
observations of flow-level network traffic and
knowledge of servers run by the manufacturers of the
IoT devices. We have developed our approach with 10
device models by 7 vendors and controlled
experiments. We apply our algorithm to observations
from 6 days of Internet traffic at a college campus
and partial traffic from an IXP to detect IoT
devices.",
}

Downloads: 0