← Current filings
Not in archiveU.S. Air Force

Internet of things (IoT) identifying system and associated methods

US10826902B1

Drawing from US10826902B1

Abstract

A wireless Internet-of-Things (IoT) device identification method and framework incorporates machine learning (ML) techniques with information from the protocol used (e.g., Bluetooth, Bluetooth Low Energy/Bluetooth Smart, and others). A passive, non-intrusive feature selection technique targets IoT device captures with an ML classifier selection algorithm for the identification of IoT devices (i.e., picking the best performing ML algorithm among multiple ML algorithms available). Using an input training label and training dataset (e.g., training wireless IoT packets) associated with the IoT device, a classifier and a filter are selected. An inter-arrival-time (IAT) associated with the filtered training data set and a density distribution for the IAT are then calculated. After converting the density distribution to the training feature vector, a prediction model and the selected classifier are stored for subsequent application to testing datasets to detect and display an association of the testing dataset to a matched IoT device (i.e., identification).

Description (excerpt)

GOVERNMENT INTEREST The invention described herein may be manufactured and used by or for the Government of the United States for all governmental purposes without the payment of any royalty. FIELD OF THE INVENTION The present invention relates to generally to identification of networked computing devices. More specifically, this invention pertains to systems and methods for identification of Internet of Things (IoT) devices for security and logistics purposes. BACKGROUND OF THE INVENTION As described below, automated identification of computing devices that are interconnected via the Internet may serve as a complementary security measure to be used in device authentication and/or access control. The following references, which are not admitted prior art with respect to the present invention by inclusion in this section, are offered as background on the theoretical basis of identification of resource-limited devices: (1) Vulnerable “smart” devices make an internet of insecure things. (Accessed: Jan. 25, 2016). http://spectrum.ieee.org/riskfactor/computing/networks/vulnerable-smart-devices-make-an-internet-of-insecure-things; (2) Project ubertooth (2015). http://ubertooth.sourceforge.net; (3) Java (convolutional or fully-connected) neural network implementation with plugin for weka. uses dropout and rectified linear units (2016). https://github.com/amten/NeuralNetwork; (4) Arp, D., Spreitzenbarth, M., Hubner, M., Gascon, H., and Rieck, K. (2014). Drebin: Effective and explainable detection of android malware in your pocket. NDSS; (5) Avdiienko, V., Kuznetsov, K., Gorla, A., Zeller, A., Arzt, S., Rasthofer, S., and Bodden, E. (May 2015). Mining apps for abnormal usage of sensitive data. 2015 IEEE/ACM 37 th IEEE International Conference on Software Engineering , volume 1, pages 426-436; (6) Bao, T., Burket, J., Woo, M., Turner, R., and Brumley, D. (August 2014). Byteweight: Learning to recognize functions in binary code. 23 rd USENIX Security Symposium ( USENIX Security 14), pages 845-860. USENIX Association, San Diego, Calif.; (7) Bari, N., Mani, G., and Berkovich, S. (2013). Internet of things as a methodological concept. Computing for Geospatial Research and Application ( COM. Geo ), 2013 Fourth International Conference on , pages 48-55. IEEE; (8) Brik, V., Banerjee, S., Gruteser, M., and Oh, S. (2008). Wireless device identification with radiometric signatures. Proc. of the 14 th ACM International Conf. on Mobile Computing and Networking ( MobiCom ); (9) Chakradeo S., Reaves, B., Traynor, P., and Enck, W. (2013) Mast: triage for market-scale mobile malware analysis. Proceedings of the sixth ACM conference on Security and privacy in wireless and mobile networks , pages 13-24. ACM; (10) Danev, B., Zanetti, D., and Capkun, S. (December 2012). On physical-layer identification of wireless devices. ACM Comput. Surv., 45(1):6:1-6:29; (11) H.-P. Enterprise. (November 2015). Internet of things research study; (12) Georgios Kakavelakis, R. B. and Young, J. (Dec. 4, 2011). Auto-learning of smtp tcp transport-layer features for spam and abusive message detection, lisa 2011, 25th large installation system administration conf.; (13) Greenough, J. (April 2015). How the ‘internet of things’ will impact consumers, businesses, and governments in 2016 and beyond; (14) Hall, J., Barbeau, M., and Kranakis, E. (2006). Rogue devices in bluetooth networks using radio frequency fingerprinting. IASTED International Conf. on Communications and Computer Networks ( CCN ); (15) Hall, M., Frank, E., Holmes, G., Pfahringer, B., Reutemann, P., and Witten, I. H. (November 2009). The weka data mining software: An update. SIGKDD Explor. Newsl., 11(1):10-18; (16) J. Han, M. Kamber, and J. Pe. Data mining: Concepts and techniques: Concepts and techniques; (17) P. Hu, K. Xing, X. Cheng, H. Wei, and H. Zhu. Information leaks out: Attacks and countermeasures on compressive data gathering in wireless sensor networks. In INFOCOM, 2014 Proceedings IEEE, pages 1258-1266, April 2014; (18) S. Jana and S. K. Kasera. On fast and accurate detection of unauthorized wireless access points using clock skews. In MobiCom '08: Proc. of the 14th ACM International Conf. on Mobile computing and networking, pages 104-115; (19) R. Jordaney, Z. Wang, D. Papini, I. Nouretdinov, and L. Cavallaro. Misleading metrics: On evaluating machine learning for malware with confidence. Technical report, Royal Holloway, University of London, 2016; (20) B. Kang, B. Kang, J. Kim, and E. G. Im. Android malware classification method: Dalvik bytecode frequency analysis. In Proceedings of the 2013 Research in Adaptive and Convergent Systems, RACS '13, pages 349-35

Filing details

Inventors
Hidayet Aksu
Assignee
The United States Of America As Represented By The Secretary Of The Air Force
Filed
Mar 1, 2018
Granted
Nov 3, 2020

Bibliographic data and excerpted text sourced from Google Patents (public record) as part of IP TechMatch's current-filings monitor. This filing is not part of the 2019 historical archive. For the authoritative full text, drawings, and legal status, see the source links above or consult USPTO records directly.