Abstract
Different kinds of Internet-of-Things (IoT) devices have been widely deployed in recent years, bringing great convenience as well as security threats. Given the grim situation of IoT security, various traffic-based security management systems specially designed for IoT systems have also been developed, such as device identification systems and anomaly detection systems. A lot of such systems are trained and evaluated on datasets collected only in short time periods and lack long-term evaluation. Intuitively, the communication behaviors and traffic profile of IoT devices may keep evolving due to factors like software or firmware update and the changes of user habits. It remains to be evaluated whether these IoT security management systems can adapt well to the device behavior evolutions, which matters a lot to the real-world performance. In this paper, we give a systematic discussion about the adaptability of IoT security management systems. We summarize the factors that may cause changes on the traffic profiles of IoT devices and how they can influence the long-term performance of IoT security management systems. We hope our work can serve as a base for further study on the building of adaptive systems for the security of IoT devices.
This work is supported by the National Key Research and Development Program of China (No. 2017YFB0803004).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
CADE: Detecting and explaining concept drift samples for security applications. In: 30th USENIX Security Symposium (USENIX Security 2021). USENIX Association, Vancouver, B.C. (2021). https://www.usenix.org/conference/usenixsecurity21/presentation/yang
Antonakakis, M., et al.: Understanding the mirai botnet. In: 26th USENIX security symposium (USENIX Security 2017), pp. 1093–1110 (2017)
Du, M., Chen, Z., Liu, C., Oak, R., Song, D.: Lifelong anomaly detection through unlearning. In: Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security, pp. 1283–1297 (2019)
Gama, J.A., Žliobaitundefined, I., Bifet, A., Pechenizkiy, M., Bouchachia, A.: A survey on concept drift adaptation. ACM Comput. Surv. 46(4) (2014). https://doi.org/10.1145/2523813
Gu, T., Fang, Z., Abhishek, A., Fu, H., Hu, P., Mohapatra, P.: IoTGaze: IoT security enforcement via wireless context analysis. In: IEEE INFOCOM 2020-IEEE Conference on Computer Communications, pp. 884–893. IEEE (2020)
Guo, H., Heidemann, J.: Detecting IoT devices in the internet. IEEE/ACM Trans. Netw. 28(5), 2323–2336 (2020)
Herwig, S., Harvey, K., Hughey, G., Roberts, R., Levin, D.: Measurement and analysis of Hajime, a peer-to-peer IoT botnet. In: NDSS (2019)
Junges, P., François, J., Festor, O.: Passive inference of user actions through IoT gateway encrypted traffic analysis. In: 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), pp. 7–12 (2019)
Ma, X., Qu, J., Li, J., Lui, J.C., Li, Z., Guan, X.: Pinpointing hidden IoT devices via spatial-temporal traffic fingerprinting. In: IEEE INFOCOM 2020-IEEE Conference on Computer Communications, pp. 894–903. IEEE (2020)
Marchal, S., Miettinen, M., Nguyen, T.D., Sadeghi, A.R., Asokan, N.: AuDI: toward autonomous IoT device-type identification using periodic communication. IEEE J. Sel. Areas Commun. 37(6), 1402–1412 (2019)
Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: an ensemble of autoencoders for online network intrusion detection. In: Network and Distributed System Security Symposium, NDSS (2018)
Sivanathan, A., et al.: Classifying IoT devices in smart environments using network traffic characteristics. IEEE Trans. Mob. Comput. 18(8), 1745–1759 (2018)
Soltan, S., Mittal, P., Poor, H.V.: BlackIoT: IoT botnet of high wattage devices can disrupt the power grid. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 15–32 (2018)
Trimananda, R., Varmarken, J., Markopoulou, A., Demsky, B.: Packet-level signatures for smart home devices. In: Network and Distributed System Security Symposium, NDSS (2020)
Wan, Y., Xu, K., Xue, G., Wang, F.: IoTArgos: a multi-layer security monitoring system for internet-of-things in smart homes. In: IEEE INFOCOM 2020-IEEE Conference on Computer Communications, pp. 874–883. IEEE (2020)
Zhang, W., Meng, Y., Liu, Y., Zhang, X., Zhang, Y., Zhu, H.: HoMonit: monitoring smart home apps from encrypted traffic. In: Proceedings of the 2018 ACM SIGSAC Conference on Computer and Communications Security, pp. 1074–1088 (2018)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Duan, C. et al. (2021). Towards the Adaptability of Traffic-Based IoT Security Management Systems to the Device Behavior Evolutions. In: Chen, B., Huang, X. (eds) Applied Cryptography in Computer and Communications. AC3 2021. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 386. Springer, Cham. https://doi.org/10.1007/978-3-030-80851-8_15
Download citation
DOI: https://doi.org/10.1007/978-3-030-80851-8_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-80850-1
Online ISBN: 978-3-030-80851-8
eBook Packages: Computer ScienceComputer Science (R0)