Access Authentication Method for IoT Terminal Devices Based on Deep Learning

doi:10.3969/j.issn.1671-1122.2020.11.009

Abstract

Abstract:

At present, the fingerprint identification methods of passive devices based on data flow do not consider the time arrival order between packets, also can not extract its deep features. This paper proposes an access authentication method for Internet of things based on deep learning. This method extracts device features from the data packets generated in the configuration phase of device access to construct passive device fingerprints, uses Bi-LSTM to extract deep features from the device fingerprints. In order to improve the equipment recognition ability, this paper uses fixed window sliding mechanism and smote algorithm to enhance the data from feature extraction and vectorization processing, so as to solve the problem of data imbalance and remove the interference vector. The simulation results show that the method can effectively identify the device identity. Compared with the traditional machine learning and deep learning, the accuracy of the proposed method is improved by 6%.

Key words: IoT terminal device, access authentication, deep learning, device fingerprint recognition

CLC Number:

TP309

CHENG Yang, LEI Min, LUO Qun. Access Authentication Method for IoT Terminal Devices Based on Deep Learning[J]. Netinfo Security, 2020, 20(11): 67-74.

Figures/Tables 11

References 15

[1]	FIFIELD D, EGELMAN S. Fingerprinting Web Users Through Font Metrics[C]// Springer. International Conference Financial Cryptography and Data Security, Springer. January 26-30, 2015, San Juan, Puerto Rico. Berlin: Springer, 2015: 107-134.
[2]	ECKERSLEY P. How Unique Is Your Web Browser?[C]// ACM. Proceedings of the 10th International Conference on Privacy Enhancing Technologies, July 2010, Berlin, Heidelberg. New York: ACM, 2010: 1-18.
[3]	VASTEL A, LAPERDRIX P, RUDAMETKIN W, et al. FP-STALKER: Tracking Browser Fingerprint Evolutions[C]//IEEE. 2018 IEEE Symposium on Security and Privacy (SP), May 20-24, 2018, San Francisco, USA. Piscataway: IEEE, 2018: 728-741.
[4]	TAKEI N, SAITO T, TAKASU K, et al. Web Browser Fingerprinting Using Only Cascading Style Sheets[C]//IEEE. IEEE 2015 10th International Conference on Broadband and Wireless Computing, Communication and Applications(BWCCA), November 4-6, 2015, Krakow, Poland. Piscataway: IEEE, 2015: 57-63.
[5]	MOWERY K, SHACHAM H. Pixel Perfect Fingerprinting Canvas in HTML5[C]//IEEE. Proceedings of Web 2.0 Security & Privacy, May 24, 2012, San Francisco, USA. Piscataway: IEEE, 2012: 1-12.
[6]	STAROV O, NIKIFORAKIS N. Xhound: Quantifying the Fingerprintability of Browser Extensions[C]//IEEE. 2017 IEEE Symposium on Security and Privacy (SP), May 22-26, 2017, San Jose, USA. Piscataway: IEEE, 2017: 941-956.
[7]	LUO Yong, HU Han, WEN Yonggang, et al. Transforming Device Fingerprinting for Wireless Security via Online Multitask Metric Learning[J]. IEEE Internet of Things Journal, 2020,7(1):208-219.
[8]	MIETTINEN M, MARCHAL S, HAFEEZ I, et al. IoT Sentinel Demo: Automated Device-Type Identiﬁcation for Security Enforcement in IoT[C]//IEEE. 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), June 5-8, 2017, Atlanta, USA. Piscataway: IEEE, 2017: 2511-2514.
[9]	FRANKLIN J, MCCOY D, TABRIZ P, et al. Passive Data Link Layer 802. 11 Wireless Device Driver Fingerprinting[C]//AMC. Proceedings of the 15th Conference on USENIX Security Symposium, January 17, 2006, Berkeley, USA. New York: ACM, 2006: 167-178.
[10]	HAMAD S A, ZHANG W E, SHENG Q Z, et al. IoT Device Identification via Network-Flow Based Fingerprinting and Learning[C]//IEEE. 2019 18th IEEE International Conference on Trust, Security and Privacy in Computing and Communications/13th IEEE International Conference on Big Data Science and Engineering (TrustCom/BigDataSE), August 5-8, 2019, Rotorua, New Zealand. Piscataway: IEEE, 2019: 103-111.
[11]	RADHAKRISHNAN S V, ULUAGAC A S, BEYAH R. GTID: A Technique for Physical Device and Device Type Fingerprinting[J]. IEEE Transactions on Dependable and Secure Computing, 2015,5(12):519-532.
[12]	SIBY S, MAITI R R, Tippenhauer N O. IoT Scanner: Detecting Privacy Threats in IoT Neighborhoods[C]//ACM. The 3rd ACM International Workshop. April 2, 2017, Abu Dhabi United Arab Emirates. New York: ACM, 2017: 23-30.
[13]	ULUAGAC A S, RADHAKRISHNAN S V, CORBETT C, et al. A Passive Technique for Fingerprinting Wireless Devices with Wired-side Observations[C]//IEEE. 2013 IEEE Conference on Communications and Network Security (CNS), Octomber 14-16, 2013, National Harbor, USA. Piscataway: IEEE, 2013: 305-313.
[14]	KUMAR K, DALAI A K, PANIGRAHY S K, et al. An ANN Based Approach for Wireless Device Fingerprinting[C]//IEEE. 2017 2nd IEEE International Conference on Recent Trends in Electronics, Information & Communication Technology (RTEICT), May 19-20, 2017, Bangalore, India. Piscataway: IEEE, 2017: 1302-1307.
[15]	DALAI A K, JENA A, SHARMA S, et al. A Fingerprinting Technique for Identification of Wireless Devices[C]//IEEE. 2018 International Conference on Computer, Information and Telecommunication Systems (CITS), July 11-13, 2018, Colmar, France. Piscataway: IEEE, 2018: 1-5.

特征种类	类型	特征
协议类型特征	数据链路层协议	ARP
	网络层协议	IP/ICMP/ICMPv6/EAPoL/IGMP
	传输层协议	TCP/UDP
	应用层协议	HTTP/HTTPS/DHCP/BOOTP/SSDP/DNS/MDNS/NTP/SMB/SSH/AFP
	IP头选项	Padding/RouterAlert
统计类型特征	包内容	Raw data/Size（int）
	端口级别	Source(int)/Destination(int)
	时间	IAT（double）

	M Accuracy	M Precision	M Recall	M F1-Score
SVM	0.781538	0.911531	0.631538	0.726646
Adaboost	0.673462	0.768438	0.540769	0.590631
Randomforest	0.75	0.865915	0.586154	0.673838
LSTM	0.788077	0.869438	0.695385	0.764077
Bi-LSTM	0.877462	0.886285	0.831954	0.85826

	M Accuracy	M Precision	M Recall	M F1-Score
无SMOTE	0.858077	0.910154	0.690692	0.78538
SMOTE	0.877462	0.886285	0.831954	0.85766