IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT
With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack me...
Saved in:
| Published in: | Proceedings of the International Conference on Distributed Computing Systems pp. 2177 - 2184 |
|---|---|
| Main Authors: | , , , , , |
| Format: | Conference Proceeding |
| Language: | English |
| Published: |
IEEE
01.06.2017
|
| Subjects: | |
| ISSN: | 1063-6927 |
| Online Access: | Get full text |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Abstract | With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IoT Sentinel, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IoT Sentinel is effective in identifying device types and has minimal performance overhead. |
|---|---|
| AbstractList | With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing IP-connected devices for home and small office networks that often suffer from flawed security designs and implementations. They also tend to lack mechanisms for firmware updates or patches that can help eliminate security vulnerabilities. Securing networks where the presence of such vulnerable devices is given, requires a brownfield approach: applying necessary protection measures within the network so that potentially vulnerable devices can coexist without endangering the security of other devices in the same network. In this paper, we present IoT Sentinel, a system capable of automatically identifying the types of devices being connected to an IoT network and enabling enforcement of rules for constraining the communications of vulnerable devices so as to minimize damage resulting from their compromise. We show that IoT Sentinel is effective in identifying device types and has minimal performance overhead. |
| Author | Marchal, Samuel Hafeez, Ibbad Miettinen, Markus Sadeghi, Ahmad-Reza Asokan, N. Tarkoma, Sasu |
| Author_xml | – sequence: 1 givenname: Markus surname: Miettinen fullname: Miettinen, Markus email: markus.miettinen@trust.tu-darmstadt.de organization: Tech. Univ. Darmstadt, Darmstadt, Germany – sequence: 2 givenname: Ahmad-Reza surname: Sadeghi fullname: Sadeghi, Ahmad-Reza email: ahmad.sadeghi@trust.tu-darmstadt.de organization: Tech. Univ. Darmstadt, Darmstadt, Germany – sequence: 3 givenname: Samuel surname: Marchal fullname: Marchal, Samuel email: samuel.marchal@aalto.fi organization: Aalto Univ., Espoo, Finland – sequence: 4 givenname: N. surname: Asokan fullname: Asokan, N. email: asokan@acm.org organization: Aalto Univ., Espoo, Finland – sequence: 5 givenname: Ibbad surname: Hafeez fullname: Hafeez, Ibbad email: ibbad.hafeez@cs.helsinki.fi organization: Univ. of Helsinki, Helsinki, Finland – sequence: 6 givenname: Sasu surname: Tarkoma fullname: Tarkoma, Sasu email: sasu.tarkoma@cs.helsinki.fi organization: Univ. of Helsinki, Helsinki, Finland |
| BookMark | eNotjE1Lw0AUAFeoYFt79eJl_0Dqe7vJfngradRAqGDiuWw3b2HFJiVNhfx7C3oaBoZZsFnXd8TYA8IaEexTmW_zei0A9VoYecNWVhvMpFGorRAzNkdQMlFW6Du2OJ-_ACAzSs7ZR9k3vC52Tbkrqme-uYz90Y3U8i39RE9JM52Ily11YwzRuzH2HQ_9wGvylyGOEy-6q3o6XgseO37d3bPb4L7PtPrnkn2-FE3-llTvr2W-qZIoUhwT50gG71uw0GYmFXAgQZRq7YQxQViCEHSqUEFITeq8QnIIhg5ZQCkyJZfs8e8biWh_GuLRDdNeWwOotPwFiqhQEA |
| CODEN | IEEPAD |
| ContentType | Conference Proceeding |
| DBID | 6IE 6IH CBEJK RIE RIO |
| DOI | 10.1109/ICDCS.2017.283 |
| DatabaseName | IEEE Electronic Library (IEL) Conference Proceedings IEEE Proceedings Order Plan (POP) 1998-present by volume IEEE Xplore All Conference Proceedings IEEE Electronic Library (IEL) IEEE Proceedings Order Plans (POP) 1998-present |
| DatabaseTitleList | |
| Database_xml | – sequence: 1 dbid: RIE name: IEEE Electronic Library (IEL) url: https://ieeexplore.ieee.org/ sourceTypes: Publisher |
| DeliveryMethod | fulltext_linktorsrc |
| Discipline | Computer Science |
| EISBN | 9781538617922 1538617927 |
| EndPage | 2184 |
| ExternalDocumentID | 7980167 |
| Genre | orig-research |
| GroupedDBID | 23M 29G 29P 6IE 6IF 6IH 6IK 6IL 6IM 6IN AAJGR AAWTH ABLEC ACGFS ADZIZ ALMA_UNASSIGNED_HOLDINGS BEFXN BFFAM BGNUA BKEBE BPEOZ CBEJK CHZPO IEGSK IJVOP IPLJI M43 OCL RIE RIL RIO RNS |
| ID | FETCH-LOGICAL-i241t-aae3fccd090d58420be2ee477a288f29e0ff746160f484ac61ea108eb5f132563 |
| IEDL.DBID | RIE |
| ISICitedReferencesCount | 462 |
| ISICitedReferencesURI | http://www.webofscience.com/api/gateway?GWVersion=2&SrcApp=Summon&SrcAuth=ProQuest&DestLinkType=CitingArticles&DestApp=WOS_CPL&KeyUT=000412759500218&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| ISSN | 1063-6927 |
| IngestDate | Wed Aug 27 02:19:11 EDT 2025 |
| IsPeerReviewed | false |
| IsScholarly | true |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-i241t-aae3fccd090d58420be2ee477a288f29e0ff746160f484ac61ea108eb5f132563 |
| PageCount | 8 |
| ParticipantIDs | ieee_primary_7980167 |
| PublicationCentury | 2000 |
| PublicationDate | 2017-06 |
| PublicationDateYYYYMMDD | 2017-06-01 |
| PublicationDate_xml | – month: 06 year: 2017 text: 2017-06 |
| PublicationDecade | 2010 |
| PublicationTitle | Proceedings of the International Conference on Distributed Computing Systems |
| PublicationTitleAbbrev | ICDSC |
| PublicationYear | 2017 |
| Publisher | IEEE |
| Publisher_xml | – name: IEEE |
| SSID | ssj0005863 |
| Score | 2.5473275 |
| Snippet | With the rapid growth of the Internet-of-Things (IoT), concerns about the security of IoT devices have become prominent. Several vendors are producing... |
| SourceID | ieee |
| SourceType | Publisher |
| StartPage | 2177 |
| SubjectTerms | device fingerprinting device identification IoT security IP networks Logic gates Object recognition Ports (Computers) Protocols Security threat mitigation Wireless fidelity |
| Title | IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT |
| URI | https://ieeexplore.ieee.org/document/7980167 |
| WOSCitedRecordID | wos000412759500218&url=https%3A%2F%2Fcvtisr.summon.serialssolutions.com%2F%23%21%2Fsearch%3Fho%3Df%26include.ft.matches%3Dt%26l%3Dnull%26q%3D |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09b8IwELUAdehEW6j6LQ8da3CcxB_dKggqEopQoRIbMvFZYkkqGvr7aycpdOjSLYqUWPLJuXeX994h9EhBBzoQnMSRjkmkZUzUxlpimIoCKo2D3JVl_kykqVyt1LyFng5aGACoyGcw8JfVv3xTZHvfKhsKJT1rvo3aQohaq3Wkc0hek-l5SLhiojFoDKgaTkfj0cKzuMSAeXvAX2NUqiwy6f5v_TPUP8rx8PyQaM5RC_IL1P2Zx4Cb49lDb9NiiRdJupymyewZv-zLwuFRMHgM_ntAfM2Ja2WubVp12GFWvGhm2OHEa5OyqmGItzl2r-uj90myHL2SZmYC2bpcXBKtIbRZZqiixmELRjfAACIhNJPSMgXUWhHxgFMbyUhnPHDBohI2sXV1aczDS9TJixyuEM7cEw4uhLE1PAJv2mKtq2_C2DC3iGHXqOe3aP1R22Ksm925-fv2LTr1EahZVneoU-72cI9Osq9y-7l7qGL5DR0MnbI |
| linkProvider | IEEE |
| linkToHtml | http://cvtisr.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwlV09T8MwELVKQYKpQIv4xgMjLo7jOA4balM1IkQVLVK3Ko3PUpcElZTfj52EloGFLYqUD_nk3LvLe-8QuqeQOqnjC-Lx1CM8lR4JlloTxQLuUKkM5K4s82M_SeR8Hkxa6GGrhQGAinwGfXtY_ctXRbaxrbJHP5CWNb-H9j3OmVOrtXaEDilqOr1wiQiY31g0OjR4jAbDwdTyuPw-swaBvwapVHlk1PnfGxyj3k6QhyfbVHOCWpCfos7PRAbcbNAueouKGZ6GySxKwvgJP2_KwiBSUHgI9otAbNWJa22ubpp12KBWPG2m2OHQqpOyqmWIVzk2t-uh91E4G4xJMzWBrEw2LkmagquzTNGAKoMuGF0CA-C-nzIpNQuAau1z4QiqueRpJhwTLiph6WlTmXrCPUPtvMjhHOHMXGEAg-tpJThY2xatTYXjeoqZhyh2gbp2iRYftTHGolmdy79P36HD8ew1XsRR8nKFjmw0as7VNWqX6w3coIPsq1x9rm-ruH4Dgk6g-Q |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Abook&rft.genre=proceeding&rft.title=Proceedings+of+the+International+Conference+on+Distributed+Computing+Systems&rft.atitle=IoT+SENTINEL%3A+Automated+Device-Type+Identification+for+Security+Enforcement+in+IoT&rft.au=Miettinen%2C+Markus&rft.au=Sadeghi%2C+Ahmad-Reza&rft.au=Marchal%2C+Samuel&rft.au=Asokan%2C+N.&rft.date=2017-06-01&rft.pub=IEEE&rft.issn=1063-6927&rft.spage=2177&rft.epage=2184&rft_id=info:doi/10.1109%2FICDCS.2017.283&rft.externalDocID=7980167 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=1063-6927&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=1063-6927&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=1063-6927&client=summon |