Jamal, Mohd Saalim and S, Venkata Keerthy and Ochiai, Hideya and Esaki, Hiroshi and Kataoka, Kotaro
(2018)
INSTRUCT: A Clustering Based Identification of Valid Communications in IoT Networks.
In: Fifth International Conference on Internet of Things: Systems, Management and Security, 15-18 October 2018, Valencia, Spain, Spain.
Full text not available from this repository.
(
Request a copy)
Abstract
Providing access control to the IoT devices is an essential task in today's ever-growing IoT network. IoT devices are deployed in smart homes, smart buildings, social infrastructures etc. Illegitimate users or malware should be denied access to these devices to protect the sensitive information collected by these devices and the login privileges of its operating system. This paper proposes INSTRUCT, a mechanism for providing access control by identifying valid communication in a network consisting of IoT devices using clustering techniques. INSTRUCT uses the fact that the IoT devices usually communicate with a fixed set of hosts/servers repetitively. By capturing the network traffic and learning the patterns out of the network traffic, this mechanism allows the automatic generation of access control list that can be deployed at the intermediate network switches. INSTRUCT proposes two different algorithms for TCP and UDP respectively. These algorithms are applied to two different IoT networks for evaluation. A signature-based manual analysis is used to compare with the automatically generated access control list from the algorithms. In our experiments, INSTRUCT achieved an accuracy of 100% as compared to the signature based analysis in identifying valid TCP communication. In the case of UDP, it is close to 95%.
Actions (login required)
|
View Item |