Identifying Devices of the Internet of Things Using Machine Learning on Clock Characteristics

Oser, Pascal; Kargl, Frank; Lüders, S.

doi:10.1007/978-3-030-05345-1_36

Cited by 19 publications

(11 citation statements)

References 18 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Timestamp -The timestamp component in the hash table denotes the specific date and time that the data or message arrived at the device. The timestamp consists of the date and time components that records the actual date and time the message or data arrived at the at the centralized node [27] Whirlpool -The message digest of the data to be communicated is produced using the whirlpool cryptographic hash function. The message digest is then stored in the whirlpool field, for each data.…”

Section: Methodsmentioning

confidence: 99%

A Cryptographic Technique for Communication among IoT Devices using Tiger192 and Whirlpool

Asare¹,

Kester²,

Nana³

2021

IJACSA

View full text Add to dashboard Cite

The heterogeneous standards and operational platforms of IoT devices, introduce additional security loopholes into the network thereby increasing the attack surface for the IoT. Most of the devices used in these IoT systems are not secure by design. Such vulnerable devices pose a great threat to the IoT system. In recent times, there have been a lot of research works on improving existing mechanisms for securing IoT data at both the software and hardware levels. Although there exist cryptographic research solutions to secure data at the node level in IoT systems, there is not a lot of these security solutions that target securing both the IoT data and validating IoT nodes. The Authors propose a cryptographic solution that uses double hashing to provide improved security for IoT node data and validating nodes in IoT system. A cryptographic mechanism that is composed of the Tiger192 cryptographic hash and the whirlpool hash function is proposed in authenticating IoT data and validating devices in this paper. The use of digital ledger technology and cryptographic double hashing algorithm provided enhanced security, privacy, and integrity of data among IoT nodes. It also assured the availability of IoT data.

show abstract

Section: Methodsmentioning

confidence: 99%

A Cryptographic Technique for Communication among IoT Devices using Tiger192 and Whirlpool

Asare¹,

Kester²,

Nana³

2021

IJACSA

View full text Add to dashboard Cite

show abstract

“…Computer security research progressed in systematically evaluating the security of IoT devices. Recent work demonstrated that IoT devices can be categorized and identified in a network through machine learning algorithms [32]. This is a first crucial step on the way to large-scale, automated risk evaluations.…”

Section: Risk Assessment and Presentationmentioning

confidence: 99%

“…To prevent attackers from tricking SAFER by taking over and mimicking a secure device, the device identification component launches two different scan mechanisms to validate the identified device category, manufacturer, model, and possibly firmware version of queried devices. One identification mechanism we use from Oser et al [32] is based on TCP timestamps [5], which relies on the hardware of embedded devices. The second mechanism uses characteristic web patterns of a device's web-page to identify the device in question.…”

Section: General Architecturementioning

confidence: 99%

“…IoT devices are diverse and they are not always designed with security as a priority. Devices ranging from Programmable Logic Controllers (PLCs), smart thermometers and smart appliances, CCTV cameras, and printers are only a few examples of general purpose IoT devices that can be found in a large organization [32]. These devices are highly heterogeneous with regard to the communication protocols used, and the range of other devices they can control or be controlled by [8].…”

Section: Socio-technical Aspects Of Securitymentioning

confidence: 99%

“…We manually accessed the web-pages and compared the device identifications of both identification mechanisms. We evaluated the device identification approach by Oser et al [32] on even more devices. After that, we reverse-engineered the firmware images to find the contained third-party libraries and compared the results.…”

Section: General Architecturementioning

confidence: 99%

See 2 more Smart Citations

Safer

Oser

Feger

Woźniak

et al. 2020

Proc. ACM Interact. Mob. Wearable Ubiquitous Technol.

Self Cite

View full text Add to dashboard Cite

Users of Internet of Things (IoT) devices are often unaware of their security risks and cannot sufficiently factor security considerations into their device selection. This puts networks, infrastructure and users at risk. We developed and evaluated SAFER, an IoT device risk assessment framework designed to improve users' ability to assess the security of connected devices. We deployed SAFER in a large multinational organization that permits use of private devices. To evaluate the framework, we conducted a mixed-method study with 20 employees. Our findings suggest that SAFER increases users' awareness of security issues. It provides valuable advice and impacts device selection. Based on our findings, we discuss implications for the design of device risk assessment tools, with particular regard to the relationship between risk communication and user perceptions of device complexity. CCS Concepts: • Security and privacy → Usability in security and privacy; • Human-centered computing → Empirical studies in HCI; Ubiquitous and mobile computing systems and tools; Information visualization.

show abstract

Behavioral fingerprinting of Internet‐of‐Things devices

Bezawada

Ray

2019

WIREs Data Min & Knowl

View full text Add to dashboard Cite

Rapid advances in the Internet‐of‐Things (IoT) domain have led to the development of several useful and interesting devices that have enhanced the quality of home living and industrial automation. The vulnerabilities in the IoT devices have rendered them susceptible to compromise and forgery. The problem of device authentication, that is, the question of whether a device's identity is what it claims to be, is still an open problem. Device fingerprinting seems to be a promising authentication mechanism. Device fingerprinting profiles a device based on information available about the device and generate a robust, verifiable and unique identity for the device. Existing approaches for device fingerprinting may not be feasible or cost‐effective for the IoT domain due to the resource constraints and heterogeneity of the IoT devices. Due to resource and cost constraints, behavioral fingerprinting provides promising directions for fingerprinting IoT devices. Behavioral fingerprinting allows security researchers to understand the behavioral profile of a device and to establish some guidelines regarding the device operations. In this article, we discuss existing approaches for behavioral fingerprinting of devices in general and evaluate their applicability for IoT devices. Furthermore, we discuss potential approaches for fingerprinting IoT devices and give an overview of some of the preliminary attempts to fingerprint IoT devices. We conclude by highlighting the future research directions for fingerprinting in the IoT domain. This article is categorized under: Application Areas > Science and Technology Application Areas > Internet Technologies > Machine Learning Application Areas > Industry Specific Applications

show abstract

Identifying Devices of the Internet of Things Using Machine Learning on Clock Characteristics

Cited by 19 publications

References 18 publications

A Cryptographic Technique for Communication among IoT Devices using Tiger192 and Whirlpool

A Cryptographic Technique for Communication among IoT Devices using Tiger192 and Whirlpool

Safer

Behavioral fingerprinting of Internet‐of‐Things devices

Contact Info

Product

Resources

About