Unveiling Behavioral Transparency of Protocols Communicated by IoT Networked Assets (Full Version)
arxiv(2024)
摘要
Behavioral transparency for Internet-of-Things (IoT) networked assets
involves two distinct yet interconnected tasks: (a) characterizing device types
by discerning the patterns exhibited in their network traffic, and (b)
assessing vulnerabilities they introduce to the network. While identifying
communication protocols, particularly at the application layer, plays a vital
role in effective network management, current methods are, at best, ad-hoc.
Accurate protocol identification and attribute extraction from packet payloads
are crucial for distinguishing devices and discovering vulnerabilities. This
paper makes three contributions: (1) We process a public dataset to construct
specific packet traces pertinent to six standard protocols (TLS, HTTP, DNS,
NTP, DHCP, and SSDP) of ten commercial IoT devices. We manually analyze TLS and
HTTP flows, highlighting their characteristics, parameters, and adherence to
best practices-we make our data publicly available; (2) We develop a common
model to describe protocol signatures that help with the systematic analysis of
protocols even when communicated through non-standard port numbers; and, (3) We
evaluate the efficacy of our data models for the six protocols, which
constitute approximately 97
in 0.3
detection. We draw insights into how various IoT devices behave across those
protocols by applying these models to our IoT traces.
更多查看译文
AI 理解论文
溯源树
样例
生成溯源树,研究论文发展脉络
Chat Paper
正在生成论文摘要