Please use this identifier to cite or link to this item: http://dx.doi.org/10.14279/depositonce-12008
For citation please use:
Main Title: A Haystack Full of Needles: Scalable Detection of IoT Devices in the Wild
Author(s): Saidi, Said Jawad
Mandalari, Anna Maria
Kolcun, Roman
Haddadi, Hamed
Dubois, Daniel J.
Choffnes, David
Smaragdakis, Georgios
Feldmann, Anja
Type: Conference Object
Language Code: en
Abstract: Consumer Internet of Things (IoT) devices are extremely popular, providing users with rich and diverse functionalities, from voice assistants to home appliances. These functionalities often come with significant privacy and security risks, with notable recent large-scale coordinated global attacks disrupting large service providers. Thus, an important first step to address these risks is to know what IoT devices are where in a network. While some limited solutions exist, a key question is whether device discovery can be done by Internet service providers that only see sampled flow statistics. In particular, it is challenging for an ISP to efficiently and effectively track and trace activity from IoT devices deployed by its millions of subscribers---all with sampled network data. In this paper, we develop and evaluate a scalable methodology to accurately detect and monitor IoT devices at subscriber lines with limited, highly sampled data in-the-wild. Our findings indicate that millions of IoT devices are detectable and identifiable within hours, both at a major ISP as well as an IXP, using passive, sparsely sampled network flow headers. Our methodology is able to detect devices from more than 77% of the studied IoT manufacturers, including popular devices such as smart speakers. While our methodology is effective for providing network analytics, it also highlights significant privacy consequences.
URI: https://depositonce.tu-berlin.de/handle/11303/13213
http://dx.doi.org/10.14279/depositonce-12008
Issue Date: 27-Oct-2020
Date Available: 8-Jun-2021
DDC Class: 000 Informatik, Informationswissenschaft, allgemeine Werke
Subject(s): Internet of Things
IoT detection
IoT security
IoT privacy
internet measurement
network measurement
Sponsor/Funder: EC/H2020/679158/EU/Resolving the Tussle in the Internet: Mapping, Architecture, and Policy Making/ResolutioNet
License: https://creativecommons.org/licenses/by/4.0/
Proceedings Title: Proceedings of the ACM Internet Measurement Conference (IMC 2020)
Publisher: Association for Computing Machinery (ACM)
Publisher Place: New York, NY
Publisher DOI: 10.1145/3419394.3423650
Page Start: 87
Page End: 100
ISBN: 978-1-4503-8138-3
Appears in Collections:FG Internet Measurement and Analysis (IMA) » Publications

Files in This Item:
3419394.3423650.pdf
Format: Adobe PDF | Size: 777.79 kB
DownloadShow Preview
Thumbnail

Item Export Bar

This item is licensed under a Creative Commons License Creative Commons