IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT

M. Miettinen; S. Marchal; I. Hafeez; N. Asokan; Ahmad-Reza Sadeghi; S. Tarkoma

doi:10.1109/ICDCS.2017.283

IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT

M. Miettinen, S. Marchal, I. Hafeez, N. Asokan, Ahmad-Reza Sadeghi, S. Tarkoma

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

361 Citations (Scopus)

Abstract

With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IoT Sentinel, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IoT Sentinel is effective in identifying device types and has minimal performance overhead.

Original language	English
Title of host publication	2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS)
Editors	Kisung Lee, Ling Liu
Publisher	IEEE
Pages	2177-2184
Number of pages	8
ISBN (Print)	978-1-5386-1791-5
DOIs	https://doi.org/10.1109/ICDCS.2017.283
Publication status	Published - 1 Jun 2017
MoE publication type	A4 Article in a conference publication
Event	International Conference on Distributed Computing Systems - Atlanta, United States Duration: 5 Jun 2017 → 8 Jun 2017 Conference number: 37

Publication series

Name	International Conference on Distributed Computing Systems. Proceedings
Publisher	IEEE Computer Society
Volume	37
ISSN (Print)	1063-6927

Conference

Conference	International Conference on Distributed Computing Systems
Abbreviated title	ICDCS
Country/Territory	United States
City	Atlanta
Period	05/06/2017 → 08/06/2017

Keywords

Internet of Things
security of data
Internet-of-Things
IoT SENTINEL
IoT network
automated device-type identification
security enforcement
IP networks
Logic gates
Object recognition
Ports (Computers)
Protocols
Security
Wireless fidelity
IoT security
device fingerprinting
device identification
threat mitigation

Access to Document

10.1109/ICDCS.2017.283

https://arxiv.org/abs/1611.04880

OpenUrl availability

Full text

IoT devices captures
Marchal, S. (Creator), Aalto University, 3 Apr 2017
DOI: 10.24342/285a9b06-de31-4d8b-88e9-5bdba46cc161
Dataset

File

Cite this

Miettinen, M., Marchal, S., Hafeez, I., Asokan, N., Sadeghi, A-R., & Tarkoma, S. (2017). IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. In K. Lee, & L. Liu (Eds.), 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS) (pp. 2177-2184). (International Conference on Distributed Computing Systems. Proceedings ; Vol. 37). IEEE. https://doi.org/10.1109/ICDCS.2017.283

@inproceedings{8638e6390be946708e0ef42ab1172b2a,

title = "IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT",

abstract = "With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IoT Sentinel, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IoT Sentinel is effective in identifying device types and has minimal performance overhead.",

keywords = "Internet of Things, security of data, Internet-of-Things, IoT SENTINEL, IoT network, automated device-type identification, security enforcement, IP networks, Logic gates, Object recognition, Ports (Computers), Protocols, Security, Wireless fidelity, IoT security, device fingerprinting, device identification, threat mitigation",

author = "M. Miettinen and S. Marchal and I. Hafeez and N. Asokan and Ahmad-Reza Sadeghi and S. Tarkoma",

year = "2017",

month = jun,

day = "1",

doi = "10.1109/ICDCS.2017.283",

language = "English",

isbn = "978-1-5386-1791-5",

series = "International Conference on Distributed Computing Systems. Proceedings ",

publisher = "IEEE",

pages = "2177--2184",

editor = "Kisung Lee and Ling Liu",

booktitle = "2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS)",

address = "United States",

note = "International Conference on Distributed Computing Systems, ICDCS ; Conference date: 05-06-2017 Through 08-06-2017",

}

Miettinen, M, Marchal, S, Hafeez, I, Asokan, N, Sadeghi, A-R & Tarkoma, S 2017, IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. in K Lee & L Liu (eds), 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). International Conference on Distributed Computing Systems. Proceedings , vol. 37, IEEE, pp. 2177-2184, International Conference on Distributed Computing Systems, Atlanta, Georgia, United States, 05/06/2017. https://doi.org/10.1109/ICDCS.2017.283

IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. / Miettinen, M.; Marchal, S.; Hafeez, I. et al.

2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). ed. / Kisung Lee; Ling Liu. IEEE, 2017. p. 2177-2184 (International Conference on Distributed Computing Systems. Proceedings ; Vol. 37).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Scientific › peer-review

TY - GEN

T1 - IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT

AU - Miettinen, M.

AU - Marchal, S.

AU - Hafeez, I.

AU - Asokan, N.

AU - Sadeghi, Ahmad-Reza

AU - Tarkoma, S.

N1 - Conference code: 37

PY - 2017/6/1

Y1 - 2017/6/1

N2 - With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IoT Sentinel, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IoT Sentinel is effective in identifying device types and has minimal performance overhead.

AB - With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IoT Sentinel, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IoT Sentinel is effective in identifying device types and has minimal performance overhead.

KW - Internet of Things

KW - security of data

KW - Internet-of-Things

KW - IoT SENTINEL

KW - IoT network

KW - automated device-type identification

KW - security enforcement

KW - IP networks

KW - Logic gates

KW - Object recognition

KW - Ports (Computers)

KW - Protocols

KW - Security

KW - Wireless fidelity

KW - IoT security

KW - device fingerprinting

KW - device identification

KW - threat mitigation

U2 - 10.1109/ICDCS.2017.283

DO - 10.1109/ICDCS.2017.283

M3 - Conference contribution

SN - 978-1-5386-1791-5

T3 - International Conference on Distributed Computing Systems. Proceedings

SP - 2177

EP - 2184

BT - 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS)

A2 - Lee, Kisung

A2 - Liu, Ling

PB - IEEE

T2 - International Conference on Distributed Computing Systems

Y2 - 5 June 2017 through 8 June 2017

ER -

Miettinen M, Marchal S, Hafeez I, Asokan N, Sadeghi A-R, Tarkoma S. IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. In Lee K, Liu L, editors, 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). IEEE. 2017. p. 2177-2184. (International Conference on Distributed Computing Systems. Proceedings ). doi: 10.1109/ICDCS.2017.283

IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT

Abstract

Publication series

Conference

Keywords

Access to Document

OpenUrl availability

Fingerprint

Datasets

IoT devices captures

Cite this