Corpus ID: 226975788

The Case for Retraining of ML Models for IoT Device Identification at the Edge

  title={The Case for Retraining of ML Models for IoT Device Identification at the Edge},
  author={Roman Kolcun and Diana Andreea Popescu and Vadim Safronov and Poonam Yadav and Anna Maria Mandalari and Yiming Xie and Richard Mortier and Hamed Haddadi},
Internet-of-Things (IoT) devices are known to be the source of many security problems, and as such they would greatly benefit from automated management. This requires robustly identifying devices so that appropriate network security policies can be applied. We address this challenge by exploring how to accurately identify IoT devices based on their network behavior, using resources available at the edge of the network. In this paper, we compare the accuracy of five different machine learning… Expand

Figures and Tables from this paper

Revisiting IoT Device Identification
This work compares the accuracy of four different previously proposed machine learning models (tree-based and neural network-based), and argues that, in order to keep the models’ accuracy at a high level, these need to be continuously updated. Expand
Data Transformation Schemes for CNN-Based Network Traffic Analysis: A Survey
This paper introduces a taxonomy of data transformation schemes, and uses this categorization to describe various CNN-based analytical approaches found in the literature. Expand
Hardware/Software Co-Design for TinyML Voice-Recognition Application on Resource Frugal Edge Devices
  • Jisu Kwon, Daejin Park
  • Applied Sciences
  • 2021
On-device artificial intelligence has attracted attention globally, and attempts to combine the internet of things and TinyML (machine learning) applications are increasing. Although most edgeExpand
TinyOL: TinyML with Online-Learning on Microcontrollers
A novel system called TinyOL (TinyML with Online-Learning), which enables incremental on-device training on streaming data and is suitable for constrained IoT devices is proposed. Expand


DeviceMien: network device behavior modeling for identifying unknown IoT devices
A probabilistic framework for providing meaningful feedback in device identification, particularly when the device has not been previously observed is introduced. Expand
Progressive Monitoring of IoT Networks Using SDN and Cost-Effective Traffic Signatures
SDN is used to dynamically monitor a selected portion of IoT packets or flows, and specialized models to learn corresponding traffic signatures are developed, developing a progressive inference pipeline comprising a number of machine-learning models each is specialized in certain features of IoT traffic. Expand
DÏoT: A Federated Self-learning Anomaly Detection System for IoT
DÏoT is highly effective and fast at detecting devices compromised by, for instance, the infamous Mirai malware and is the first system to employ a federated learning approach to anomaly-detection-based intrusion detection. Expand
Classifying IoT Devices in Smart Environments Using Network Traffic Characteristics
This study paves the way for operators of smart environments to monitor their IoT assets for presence, functionality, and cyber-security without requiring any specialized devices or protocols. Expand
ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis
This work trained a multi-stage meta classifier that can distinguish between traffic generated by IoT and non-IoT devices, and collected and labeled network traffic data from nine distinct IoT devices and PCs and smartphones. Expand
Image classification on IoT edge devices: profiling and modeling
The results indicate that the random forest model outperforms the two former algorithms, with an R-squared value of 0.95 and 0.79, and served as a feature extraction mechanism which enabled us to identify which predictor variables influenced the authors' model the most. Expand
SoK: Security Evaluation of Home-Based IoT Deployments
This work systematize the literature for home-based IoT using this methodology in order to understand attack techniques, mitigations, and stakeholders, and evaluates \numDevices devices to augment the systematized literature inorder to identify neglected research areas. Expand
Acquisitional Rule-based Engine for Discovering Internet-of-Thing Devices
An Acquisitional Rulebased Engine (ARE) is proposed, which can automatically generate rules for discovering and annotating IoT devices without any training data. Expand
Identifying IoT devices and events based on packet length from encrypted traffic
This paper proposes a solution that uses packet length statistics from encrypted traffic to characterize the behavior of IoT devices and events in a smart home scenario, making the use of TCP vectors unnecessary. Expand
CoLearn: enabling federated learning in MUD-compliant IoT edge networks
This work deploys CoLearn on resource-constrained devices in a lab environment to demonstrate an asynchronous participation mechanism for IoT devices in machine learning model training using a publish/subscribe architecture and a mechanism for reducing the attack surface in FL architecture by allowing only IoT MUD-compliant devices to participate in the training phases. Expand