Rapid IoT Device Identification at the Edge
This addresses security and privacy threats for IoT users by enabling rapid device identification, though it is an incremental improvement over existing methods.
The paper tackles the problem of identifying IoT devices at the edge to enhance security and privacy by using neural networks trained on DNS traffic, achieving 82% accuracy for product type and 93% for device manufacturer classification in experiments with 30 devices.
Consumer Internet of Things (IoT) devices are increasingly common in everyday homes, from smart speakers to security cameras. Along with their benefits come potential privacy and security threats. To limit these threats we must implement solutions to filter IoT traffic at the edge. To this end the identification of the IoT device is the first natural step. In this paper we demonstrate a novel method of rapid IoT device identification that uses neural networks trained on device DNS traffic that can be captured from a DNS server on the local network. The method identifies devices by fitting a model to the first seconds of DNS second-level-domain traffic following their first connection. Since security and privacy threat detection often operate at a device specific level, rapid identification allows these strategies to be implemented immediately. Through a total of 51,000 rigorous automated experiments, we classify 30 consumer IoT devices from 27 different manufacturers with 82% and 93% accuracy for product type and device manufacturers respectively.