A Haystack Full of Needles: Scalable Detection of IoT Devices in the Wild

by   Said Jawad Saidi, et al.

Consumer Internet of Things (IoT) devices are extremely popular, providing users with rich and diverse functionalities, from voice assistants to home appliances. These functionalities often come with significant privacy and security risks, with notable recent large scale coordinated global attacks disrupting large service providers. Thus, an important first step to address these risks is to know what IoT devices are where in a network. While some limited solutions exist, a key question is whether device discovery can be done by Internet service providers that only see sampled flow statistics. In particular, it is challenging for an ISP to efficiently and effectively track and trace activity from IoT devices deployed by its millions of subscribers –all with sampled network data. In this paper, we develop and evaluate a scalable methodology to accurately detect and monitor IoT devices at subscriber lines with limited, highly sampled data in-the-wild. Our findings indicate that millions of IoT devices are detectable and identifiable within hours, both at a major ISP as well as an IXP, using passive, sparsely sampled network flow headers. Our methodology is able to detect devices from more than 77 including popular devices such as smart speakers. While our methodology is effective for providing network analytics, it also highlights significant privacy consequences.


page 8

page 10


Machine Learning DDoS Detection for Consumer Internet of Things Devices

An increasing number of Internet of Things (IoT) devices are connecting ...

Quantifying and Managing Impacts of Concept Drifts on IoT Traffic Inference in Residential ISP Networks

Millions of vulnerable consumer IoT devices in home networks are the ena...

One Bad Apple Can Spoil Your IPv6 Privacy

IPv6 is being more and more adopted, in part to facilitate the millions ...

Deep Dive into the IoT Backend Ecosystem

Internet of Things (IoT) devices are becoming increasingly ubiquitous, e...

Towards Automatic Identification and Blocking of Non-Critical IoT Traffic Destinations

The consumer Internet of Things (IoT) space has experienced a significan...

Privacy-Preserving Detection of IoT Devices Connected Behind a NAT in a Smart Home Setup

Today, telecommunication service providers (telcos) are exposed to cyber...

Self-Serviced IoT: Practical and Private IoT Computation Offloading with Full User Control

The rapid increase in the adoption of Internet-of-Things (IoT) devices r...

Please sign up or login with your details

Forgot password? Click here to reset