Browsing by Author "Aluthge, Nishadh"

Exponential growth of Internet of Things complicates the network management in terms of security and device troubleshooting due to the heterogeneity of IoT devices. In the absence of a proper device identification mechanism, network administrators are unable to limit unauthorized accesses, locate vulnerable/rogue devices or assess the security policies applicable to these devices. Hence identifying the devices connected to the network is essential as it provides important insights about the devices that enable proper application of security measures and improve the efficiency of device troubleshooting. Despite the fact that active device fingerprinting reveals in depth information about devices, passive device fingerprinting has gained focus as a consequence of the lack of cooperation of devices in active fingerprinting. We propose a passive, feature based device identification technique that extracts features from a sequence of packets during the initial startup of a device and then uses machine learning for classification. Proposed system improves the average device prediction F1-score up to 0.912 which is a 14% increase compared with the state-of-the-art technique. In addition, We have analyzed the impact of confidence threshold on device prediction accuracy when a previously unknown device is detected by the classifier. As future work we suggest a feature-based approach to detect anomalies in devices by comparing long-term device behaviors.