Characterizing DNS Behaviors of Internet of Things in Edge Networks

Kuai Xu; Feng Wang; Sergio Jimenez; Andrew Lamontagne; John Cummings; Mitchell Hoikka

doi:10.1109/JIOT.2020.2999327

Characterizing DNS Behaviors of Internet of Things in Edge Networks

Kuai Xu, Feng Wang, Sergio Jimenez, Andrew Lamontagne, John Cummings, Mitchell Hoikka

Mathematical and Natural Sciences, School of (SMNS)

Research output: Contribution to journal › Article › peer-review

5 Scopus citations

Abstract

The recent spate of cyber attacks and security threats toward Internet-of-Things (IoT) systems in smart cities, smart homes, and industry 4.0 calls for effective techniques to understand if, when, who, what IoT systems are exploited and compromised by Internet attackers. Toward this end, this article attempts to study DNS behavioral patterns of IoT systems in edge networks as a first step of characterizing their communication patterns and their interactions with IoT users, cloud servers, and other IoT or non-IoT devices in the same edge networks. Specifically, we analyze the temporal-spatial patterns of DNS behaviors of a variety of IoT systems in two dozens of edge networks and develop a simple yet effective Bloom filter mechanism for detecting anomalous traffic patterns based on unusual DNS queries and answers. To the best of our knowledge, this article is the first effort to systematically measure and monitor IoT network traffic from a DNS perspective for providing the security of heterogeneous IoT systems and ensuring IoT user privacy.

Original language	English (US)
Article number	9105052
Pages (from-to)	7991-7998
Number of pages	8
Journal	IEEE Internet of Things Journal
Volume	7
Issue number	9
DOIs	https://doi.org/10.1109/JIOT.2020.2999327
State	Published - Sep 2020

Keywords

Internet-of-Things (IoT) network traffic
security and privacy
smart cities
smart homes

ASJC Scopus subject areas

Signal Processing
Information Systems
Hardware and Architecture
Computer Science Applications
Computer Networks and Communications

Access to Document

10.1109/JIOT.2020.2999327

Cite this

@article{f0264360db914c0a903d77cc1c294599,

title = "Characterizing DNS Behaviors of Internet of Things in Edge Networks",

abstract = "The recent spate of cyber attacks and security threats toward Internet-of-Things (IoT) systems in smart cities, smart homes, and industry 4.0 calls for effective techniques to understand if, when, who, what IoT systems are exploited and compromised by Internet attackers. Toward this end, this article attempts to study DNS behavioral patterns of IoT systems in edge networks as a first step of characterizing their communication patterns and their interactions with IoT users, cloud servers, and other IoT or non-IoT devices in the same edge networks. Specifically, we analyze the temporal-spatial patterns of DNS behaviors of a variety of IoT systems in two dozens of edge networks and develop a simple yet effective Bloom filter mechanism for detecting anomalous traffic patterns based on unusual DNS queries and answers. To the best of our knowledge, this article is the first effort to systematically measure and monitor IoT network traffic from a DNS perspective for providing the security of heterogeneous IoT systems and ensuring IoT user privacy. ",

keywords = "Internet-of-Things (IoT) network traffic, security and privacy, smart cities, smart homes",

author = "Kuai Xu and Feng Wang and Sergio Jimenez and Andrew Lamontagne and John Cummings and Mitchell Hoikka",

note = "Funding Information: Manuscript received February 27, 2020; revised April 25, 2020; accepted May 19, 2020. Date of publication June 1, 2020; date of current version September 15, 2020. This work was supported in part by NSF under Grant 1816995. (Corresponding author: Kuai Xu.) The authors are with the School of Mathematical and Natural Sciences, Arizona State University, Glendale, AZ 85306 USA (e-mail: kuai.xu@asu.edu). Digital Object Identifier 10.1109/JIOT.2020.2999327 Publisher Copyright: {\textcopyright} 2014 IEEE.",

year = "2020",

month = sep,

doi = "10.1109/JIOT.2020.2999327",

language = "English (US)",

volume = "7",

pages = "7991--7998",

journal = "IEEE Internet of Things Journal",

issn = "2327-4662",

publisher = "Institute of Electrical and Electronics Engineers Inc.",

number = "9",

}

TY - JOUR

T1 - Characterizing DNS Behaviors of Internet of Things in Edge Networks

AU - Xu, Kuai

AU - Wang, Feng

AU - Jimenez, Sergio

AU - Lamontagne, Andrew

AU - Cummings, John

AU - Hoikka, Mitchell

N1 - Funding Information: Manuscript received February 27, 2020; revised April 25, 2020; accepted May 19, 2020. Date of publication June 1, 2020; date of current version September 15, 2020. This work was supported in part by NSF under Grant 1816995. (Corresponding author: Kuai Xu.) The authors are with the School of Mathematical and Natural Sciences, Arizona State University, Glendale, AZ 85306 USA (e-mail: kuai.xu@asu.edu). Digital Object Identifier 10.1109/JIOT.2020.2999327 Publisher Copyright: © 2014 IEEE.

PY - 2020/9

Y1 - 2020/9

N2 - The recent spate of cyber attacks and security threats toward Internet-of-Things (IoT) systems in smart cities, smart homes, and industry 4.0 calls for effective techniques to understand if, when, who, what IoT systems are exploited and compromised by Internet attackers. Toward this end, this article attempts to study DNS behavioral patterns of IoT systems in edge networks as a first step of characterizing their communication patterns and their interactions with IoT users, cloud servers, and other IoT or non-IoT devices in the same edge networks. Specifically, we analyze the temporal-spatial patterns of DNS behaviors of a variety of IoT systems in two dozens of edge networks and develop a simple yet effective Bloom filter mechanism for detecting anomalous traffic patterns based on unusual DNS queries and answers. To the best of our knowledge, this article is the first effort to systematically measure and monitor IoT network traffic from a DNS perspective for providing the security of heterogeneous IoT systems and ensuring IoT user privacy.

AB - The recent spate of cyber attacks and security threats toward Internet-of-Things (IoT) systems in smart cities, smart homes, and industry 4.0 calls for effective techniques to understand if, when, who, what IoT systems are exploited and compromised by Internet attackers. Toward this end, this article attempts to study DNS behavioral patterns of IoT systems in edge networks as a first step of characterizing their communication patterns and their interactions with IoT users, cloud servers, and other IoT or non-IoT devices in the same edge networks. Specifically, we analyze the temporal-spatial patterns of DNS behaviors of a variety of IoT systems in two dozens of edge networks and develop a simple yet effective Bloom filter mechanism for detecting anomalous traffic patterns based on unusual DNS queries and answers. To the best of our knowledge, this article is the first effort to systematically measure and monitor IoT network traffic from a DNS perspective for providing the security of heterogeneous IoT systems and ensuring IoT user privacy.

KW - Internet-of-Things (IoT) network traffic

KW - security and privacy

KW - smart cities

KW - smart homes

UR - http://www.scopus.com/inward/record.url?scp=85092199754&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85092199754&partnerID=8YFLogxK

U2 - 10.1109/JIOT.2020.2999327

DO - 10.1109/JIOT.2020.2999327

M3 - Article

AN - SCOPUS:85092199754

SN - 2327-4662

VL - 7

SP - 7991

EP - 7998

JO - IEEE Internet of Things Journal

JF - IEEE Internet of Things Journal

IS - 9

M1 - 9105052

ER -

Characterizing DNS Behaviors of Internet of Things in Edge Networks

Abstract

Keywords

ASJC Scopus subject areas

Access to Document

Other files and links

Fingerprint

Cite this