Papers
Topics
Authors
Recent
Search
2000 character limit reached

IoT Device Labeling Using Large Language Models

Published 3 Mar 2024 in cs.CR and cs.NI | (2403.01586v1)

Abstract: The IoT market is diverse and characterized by a multitude of vendors that support different device functions (e.g., speaker, camera, vacuum cleaner, etc.). Within this market, IoT security and observability systems use real-time identification techniques to manage these devices effectively. Most existing IoT identification solutions employ machine learning techniques that assume the IoT device, labeled by both its vendor and function, was observed during their training phase. We tackle a key challenge in IoT labeling: how can an AI solution label an IoT device that has never been seen before and whose label is unknown? Our solution extracts textual features such as domain names and hostnames from network traffic, and then enriches these features using Google search data alongside catalog of vendors and device functions. The solution also integrates an auto-update mechanism that uses LLMs to update these catalogs with emerging device types. Based on the information gathered, the device's vendor is identified through string matching with the enriched features. The function is then deduced by LLMs and zero-shot classification from a predefined catalog of IoT functions. In an evaluation of our solution on 97 unique IoT devices, our function labeling approach achieved HIT1 and HIT2 scores of 0.7 and 0.77, respectively. As far as we know, this is the first research to tackle AI-automated IoT labeling.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (44)
  1. Network-protocol-based iot device identification. In 2019 Fourth International Conference on Fog and Mobile Edge Computing (FMEC), pages 204–209. IEEE, 2019.
  2. Iot device fingerprint using deep learning. In 2018 IEEE international conference on internet of things and intelligence system (IOTAIS), pages 174–179. IEEE, 2018.
  3. Anonymous. Dataset devices json: Enriched data., 2023.
  4. Automatic device classification from network traffic streams of internet of things. In 2018 IEEE 43rd conference on local computer networks (LCN), pages 1–9. IEEE, 2018.
  5. Iot device type identification using hybrid deep learning approach for increased iot security. In 2020 International Wireless Communications and Mobile Computing (IWCMC), pages 565–570. IEEE, 2020.
  6. Understanding passive and active service discovery. In Proceedings of the 7th ACM SIGCOMM conference on Internet measurement, pages 57–70, 2007.
  7. Active behavioral fingerprinting of wireless devices. In Proceedings of the first ACM conference on Wireless network security, pages 56–61, 2008.
  8. One mud to rule them all: Iot location impact. In NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, pages 1–5, 2022.
  9. Censys. Censys - internet security data for everyone. https://censys.com/, 2023. Accessed: [Insert date you accessed the website].
  10. Frugalgpt: How to use large language models while reducing cost and improving performance, 2023.
  11. Unsupervised cross-lingual representation learning at scale. arXiv preprint arXiv:1911.02116, 2019.
  12. Hugging Face. What is Zero-Shot Classification? https://huggingface.co/tasks/zero-shot-classification, Aug 2020. Accessed: 2023-Aug-02.
  13. Hugging Face. xlm-roberta-large-xnli model and fine-tunes it on a combination. https://huggingface.co/joeddav/xlm-roberta-large-xnli, June 2020. Accessed: 2022-Feb-02.
  14. Acquisitional rule-based engine for discovering iot devices. In 27th USENIX Security Symposium (USENIX Security 18), pages 327–341, 2018.
  15. Fing. Device recognition user guide. https://www.fing.com/images/uploads/general/Device_Recognition_User_Guide.pdf, 2018.
  16. 2023 FIREDOME. Iot endpoint protection platform, 2023. Accessed: 2023-07-28.
  17. Google. Google search central, 2023. [Online; accessed 13-Oct-2023].
  18. Ip-based iot device detection. In Proceedings of the 2018 workshop on IoT security and privacy, pages 36–42, 2018.
  19. Iot-keeper: Detecting malicious iot network activity using online traffic analysis at the edge. IEEE Transactions on Network and Service Management, 17(1):45–59, 2020.
  20. Clustering of iot devices using device profiling and behavioral analysis to build efficient network policies. Mehran University Research Journal Of Engineering & Technology, 40(2):335–345, 2021.
  21. Iothunter: Iot network traffic classification using device specific keywords. IET Networks, 10(2):59–75, 2021.
  22. Deniel Laurent. Wireshark manufacturer database.
  23. Policy-based identification of iot devices’ vendor and type by dns traffic analysis. In Policy-Based Autonomic Data Governance, pages 180–201. Springer, 2019.
  24. Manufacturer Usage Description Specification. RFC 8520, March 2019.
  25. Check Point Software Technologies Ltd. Quantum iot protect, 2023. Accessed: 2023-05-22.
  26. Protected or porous: A comparative analysis of threat detection capability of iot safeguards. In 2023 IEEE Symposium on Security and Privacy (SP), pages 3061–3078, may 2023.
  27. Audi: Toward autonomous iot device-type identification using periodic communication. IEEE Journal on Selected Areas in Communications, 37(6):1402–1412, 2019.
  28. Iot sentinel: Automated device-type identification for security enforcement in iot. In 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pages 2177–2184, 2017.
  29. Iot sentinel: Automated device-type identification for security enforcement in iot. In 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pages 2177–2184. IEEE, 2017.
  30. Iot device fingerprinting: Machine learning based encrypted traffic analysis. In 2019 IEEE wireless communications and networking conference (WCNC), pages 1–8. IEEE, 2019.
  31. Palo Alto Networks. Introduction to iot security. https://docs.paloaltonetworks.com/iot/iot-security-admin/iot-security-overview/introduction-to-iot-security#id235c0535-8183-48ce-b591-9f4f512fa914. Accessed: 2023-05-19.
  32. OpenAI. Openai gpt. https://openai.com/research/gpt-4, 2023. Accessed: 2023-Oct-01.
  33. Devicemien: network device behavior modeling for identifying unknown iot devices. In Proceedings of the International Conference on Internet of Things Design and Implementation, pages 106–117, 2019.
  34. Inc. Palo Alto Networks. Palalto: Iot security administrator’s guide.
  35. Iotfinder: Efficient large-scale identification of iot devices via passive dns traffic analysis. In 2020 IEEE European Symposium on Security and Privacy (EuroS&P), pages 474–489, 2020.
  36. A haystack full of needles: Scalable detection of iot devices in the wild. In Proceedings of the ACM Internet Measurement Conference, pages 87–100, 2020.
  37. Distilbert, a distilled version of bert: smaller, faster, cheaper and lighter, 2020.
  38. SerpAPI. Google search api. https://serpapi.com/.
  39. Shodan. Shodan - the search engine for the internet of things. https://www.shodan.io/, 2023.
  40. Managing iot cyber security using programmable telemetry and machine learning. IEEE Transactions on Network and Service Management, 17(1):60–74, 2020.
  41. Classifying iot devices in smart environments using network traffic characteristics. IEEE Transactions on Mobile Computing, 18(8):1745–1759, 2019.
  42. Inferring iot device types from network behavior using unsupervised clustering. In 2019 IEEE 44th Conference on Local Computer Networks (LCN), pages 230–233. IEEE, 2019.
  43. Wysiwyg: Iot device identification based on webui login pages. Sensors, 22(13):4892, 2022.
  44. Towards automatic fingerprinting of iot devices in the cyberspace. Computer Networks, 148:318–327, 2019.

Summary

No one has generated a summary of this paper yet.

Sign Up to Summarize

Paper to Video (Beta)

No one has generated a video about this paper yet.

Sign Up to Generate All Videos Subscribe on YouTube

Whiteboard

No one has generated a whiteboard explanation for this paper yet.

Sign Up to Generate

Open Problems

We haven't generated a list of open problems mentioned in this paper yet.

Generate Now

Continue Learning

We haven't generated follow-up questions for this paper yet.

Generate Now

Collections

Sign up for free to add this paper to one or more collections.

Sign Up