TY - JOUR
T1 - Characterizing and Mining Traffic Patterns of IoT Devices in Edge Networks
AU - Wan, Yinxin
AU - Xu, Kuai
AU - Wang, Feng
AU - Xue, Guoliang
N1 - Funding Information: Manuscript received May 18, 2020; revised August 6, 2020; accepted August 22, 2020. Date of publication September 25, 2020; date of current version March 17, 2021. The information reported here does not reflect the position or the policy of the funding agency. This research was supported by NSF under Grants 1816995, 1717197, and 1704092. Recommended for acceptance by Dr. Shiwen Mao. This paper was presented in part at the IEEE/ACM IWQoS, 2019, Phoenix, AZ, USA, Jun. 2019. [34] (Corresponding author: Guoliang Xue.) The authors are with the Arizona State University, Tempe, AZ 85281 USA (e-mail: [email protected]; [email protected]; [email protected]; [email protected]). Digital Object Identifier 10.1109/TNSE.2020.3026961 Publisher Copyright: © 2013 IEEE.
PY - 2021/1/1
Y1 - 2021/1/1
N2 - As connected Internet-of-things (IoT) devices in smart homes, smart cities, and smart industries continue to grow in size and complexity, managing and securing them in distributed edge networks have become daunting but crucial tasks. The recent spate of cyber attacks exploiting the vulnerabilities and insufficient security management of IoT devices have highlighted the urgency and challenges for securing billions of IoT devices and applications. As a first step towards understanding and mitigating diverse security threats of IoT devices, this paper develops an IoT traffic measurement framework on programmable and intelligent edge routers to automatically collect incoming, outgoing, and internal network traffic of IoT devices in edge networks, and to build multidimensional behavioral profiles which characterize who, when, what, and why on the behavioral patterns of IoT devices based on continuously collected traffic data. To the best of our knowledge, this paper is the first effort to shed light on the IP-spatial, temporal, entropy, and cloud service patterns of IoT devices in edge networks, and to explore these multidimensional behavioral fingerprints for IoT device classification, anomaly traffic detection, and network security monitoring for vulnerable and resource-constrained IoT devices on the Internet.
AB - As connected Internet-of-things (IoT) devices in smart homes, smart cities, and smart industries continue to grow in size and complexity, managing and securing them in distributed edge networks have become daunting but crucial tasks. The recent spate of cyber attacks exploiting the vulnerabilities and insufficient security management of IoT devices have highlighted the urgency and challenges for securing billions of IoT devices and applications. As a first step towards understanding and mitigating diverse security threats of IoT devices, this paper develops an IoT traffic measurement framework on programmable and intelligent edge routers to automatically collect incoming, outgoing, and internal network traffic of IoT devices in edge networks, and to build multidimensional behavioral profiles which characterize who, when, what, and why on the behavioral patterns of IoT devices based on continuously collected traffic data. To the best of our knowledge, this paper is the first effort to shed light on the IP-spatial, temporal, entropy, and cloud service patterns of IoT devices in edge networks, and to explore these multidimensional behavioral fingerprints for IoT device classification, anomaly traffic detection, and network security monitoring for vulnerable and resource-constrained IoT devices on the Internet.
KW - Internet-of-Things
KW - anomaly traffic detection
KW - measurement
KW - network monitoring
KW - smart home
UR - http://www.scopus.com/inward/record.url?scp=85102979560&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85102979560&partnerID=8YFLogxK
U2 - 10.1109/TNSE.2020.3026961
DO - 10.1109/TNSE.2020.3026961
M3 - Article
SN - 2327-4697
VL - 8
SP - 89
EP - 101
JO - IEEE Transactions on Network Science and Engineering
JF - IEEE Transactions on Network Science and Engineering
IS - 1
M1 - 9206046
ER -