Characterizing and Mining Traffic Patterns of IoT Devices in Edge Networks

Research output: Contribution to journalArticlepeer-review

Abstract

As connected Internet-of-things (IoT) devices in smart homes, smart cities, and smart industries continue to grow in size and complexity, managing and securing them in distributed edge networks have become daunting but crucial tasks. The recent spate of cyber attacks exploiting the vulnerabilities and insufficient security management of IoT devices have highlighted the urgency and challenges for securing billions of IoT devices and applications. As a first step towards understanding and mitigating diverse security threats of IoT devices, this paper develops an IoT traffic measurement framework on programmable and intelligent edge routers to automatically collect incoming, outgoing, and internal network traffic of IoT devices in edge networks, and to build multidimensional behavioral profiles which characterize who, when, what, and why on the behavioral patterns of IoT devices based on continuously collected traffic data. To the best of our knowledge, this paper is the first effort to shed light on the IP-spatial, temporal, entropy, and cloud service patterns of IoT devices in edge networks, and to explore these multidimensional behavioral fingerprints for IoT device classification, anomaly traffic detection, and network security monitoring for vulnerable and resource-constrained IoT devices on the Internet.

Original languageEnglish (US)
Article number9206046
Pages (from-to)89-101
Number of pages13
JournalIEEE Transactions on Network Science and Engineering
Volume8
Issue number1
DOIs
StatePublished - Jan 1 2021

Keywords

  • Internet-of-Things
  • anomaly traffic detection
  • measurement
  • network monitoring
  • smart home

ASJC Scopus subject areas

  • Control and Systems Engineering
  • Computer Science Applications
  • Computer Networks and Communications

Fingerprint Dive into the research topics of 'Characterizing and Mining Traffic Patterns of IoT Devices in Edge Networks'. Together they form a unique fingerprint.

Cite this