Monitoring and Detection of Security Events through IoT Device Identification Using Application Layer Protocols
AUTHORS
Ammad Khan,Master’s Student,Dpt. of Information and Computer,Taiyuan University,China
Yongle Chen,Asst. Professor, Dpt. of Information and Computer, Taiyuan University,China
Waqas Ahmad,Master’s Student,Dpt. of Information and Computer,Taiyuan University,China
Kamran Javed,PhD Scholar,Dpt. of IoT Engineering, Hohai University, Nanjing, China
M. Bilal Zia,Master’s Student,Dpt. of Information and Computer,Taiyuan University,China
Arooj Khan,Master’s Student, Dpt. of Computer Science, Khawaja Fareed University, Pakistan
ABSTRACT
Internet of Things network is based on the distributed infrastructure as large of number of devices connected to the network makes the network an ultra-dense network. The profound devices are becoming capable of connecting to the other devices operating on different networks nature and different architecture thus giving birth to the heterogenic nature of the networks. In such environment where incident responders face challenges postured by the event occurred from IoT device networks becomes difficult to gather, analyze and examine its impending traces. This study proposed a contrivance to fetch and provide the information of the IoT devices connected to a certain network using protocols of application layers and associated open ports to the investigators and incident responders. This will be helpful in detecting and identifying the IoT devices connected to the network that will to a significant certainty aided to the work of investigators. For this purpose a tool will be presented through series of experiments and algorithmic development. The results of the experiment shows that the proposed tool effectively identified the IoT devices associated with open ports and also classification of the IoT and non-IoT devices is achieved.
KEYWORDS
Banner grabbing, IoT, Device discovery tools, Finger printing
REFERENCES
[1] Huffstutler A., “Video of aggravated assault shared on social media leads to arrest,” Retrieved 18 july, 2019, http://www.wrcbtv.com/story/37420342/video-of-aggravatedassault-shared-on-social-media-leads-to-arrest, (2018)
[2] Pandya J. A, “Changing internet: The convergence of blockchain, internet of things, and artificial intelligence,” AI and Big Data Retrieved 18 July, 2019, from https://www. forbes.com/sites/cognitivewo rld/2019/07/05/a-changing-internet-the-convergence-of-blockchain-internet-of-things-and-artificial-intelligence/#34d9a7297c58, (2019)
[3] “How Big is IoT?” 20.6 Billion Connected Devices By 2020, Retrieved 18 July, 2019, from https://mitechnews.com/internet-of-things/how-big-is-iot-20-6-billion-connected-devices-by-2020/, (2019)
[4] Shamsi Z., Cline D. B., and Loguinov D., “Faulds: A non-parametric iterative classifier for Internet-wide OS fingerprinting,” Paper presented at the Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, (2017)
[5] Caballero J., Venkataraman S., Poosankam P., Kang M. G., Song D., and Blum A., “FiG: Automatic fingerprint generation,” (2007)
[6] Shamsi Z., Nandwani A., Leonard D., and Loguinov D., “Hershel: Single-packet OS fingerprinting. IEEE/ACM Transactions on Networking (TON),” vol.24, no.4, pp.2196-2209, (2016)
[7] McClure S., Scambray J., and Kurtz G., “Hacking exposed fifth edition: Network security secrets and solutions: mcgraw-hill/Osborne, (2005)
[8] Antonakakis M., April T., Bailey M., Bernhard M., Bursztein E., Cochran J., and Kallitsis M., “Understanding the mirai botnet,” Paper presented at the 26th {USENIX} Security Symposium ({USENIX} Security 17), (2017)
[9] Fachkha C., Bou-Harb E., Keliris A., Memon N. D., and Ahamad M., “Internet-scale Probing of CPS: Inference, Characterization and Orchestration Analysis,” Paper presented at the NDSS, (2017)
[10] Durumeric Z., Adrian D., Mirian A., Bailey M., and Halderman J. A., “A search engine backed by Internet-wide scanning,” Paper presented at the Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, (2015)
[11] Durumeric Z., Bailey M., and Halderman J. A., “An internet-wide view of internet-wide scanning,” Paper presented at the 23rd, (2014)
[12] {USENIX} Security Symposium, Security, 14
CITATION
COPYRIGHT
© 2020 Ammad Khan et al. Published by Global Vision Press. This is an open access article distributed under the terms of the Creative Commons Attribution 4.0 International License (CCBY4.0), which permits unrestricted use, distribution, and reproduction in any medium, provided the original author and source are credited.