Please wait a minute...
 首页  期刊介绍 期刊订阅 联系我们 横山亮次奖 百年刊庆
 
最新录用  |  预出版  |  当期目录  |  过刊浏览  |  阅读排行  |  下载排行  |  引用排行  |  横山亮次奖  |  百年刊庆
清华大学学报(自然科学版)  2020, Vol. 60 Issue (5): 365-370    DOI: 10.16511/j.cnki.qhdxxb.2019.22.050
  专题:漏洞分析与风险评估 本期目录 | 过刊浏览 | 高级检索 |
基于二阶段多分类的物联网设备识别算法
宋宇波1,2, 祁欣妤1,2, 黄强1,2, 胡爱群1,2, 杨俊杰1,2
1. 东南大学 网络空间安全学院, 江苏省计算机网络技术重点实验室, 南京 211189;
2. 网络通信与安全紫金山实验室, 南京 211189
Two-stage multi-classification algorithm for Internet of Things equipment identification
SONG Yubo1,2, QI Xinyu1,2, HUANG Qiang1,2, HU Aiqun1,2, YANG Junjie1,2
1. Jiangsu Key Laboratory of Computer Networking Technology, School of Cyber Science and Engineering, Southeast University, Nanjing 211189, China;
2. Purple Mountain Laboratories, Nanjing 211189, China
全文: PDF(1177 KB)  
输出: BibTeX | EndNote (RIS)      
摘要 物联网让万物互联互通,为了避免恶意设备对网络系统的破坏,必须采取有效的访问控制。通过提取网络流量特征作为设备指纹进行设备识别,只需耗费较少网络资源,成为了当前最有效的设备识别方法。然而,现有的设备识别算法准确率不高,尤其对于相似的两种设备,往往会出现分类重叠问题。该文提出了一种基于流量特征的二阶段多分类设备识别算法。当出现分类重叠问题时,即采用最大相似度比较算法进行二次分类。实验结果表明,该算法的平均识别准确率达到了93.2%。
服务
把本文推荐给朋友
加入引用管理器
E-mail Alert
RSS
作者相关文章
宋宇波
祁欣妤
黄强
胡爱群
杨俊杰
关键词 设备识别多分类技术最大相似度机器学习    
Abstract:The Internet of Things will have a large number of devices interconnected through the network with effective network access control needed to avoid damage from malicious devices on the system. At present, the most effective method is to extract network traffic characteristics as the device fingerprint for device identification since this method requires relatively few network resources. However, existing device identification algorithms are not very accurate, especially for similar devices since classification overlap is unavoidable. This paper presents a two-stage multi-classification algorithm that identifies the equipment according to its network traffic characteristics. When classification overlap occurs, the maximum similarity comparison algorithm is used for secondary classification. Tests show that the average recognition accuracy of this algorithm is 93.2%.
Key wordsdevice identification    multi-classification technology    maximum similarity    machine learning
收稿日期: 2019-08-23      出版日期: 2020-04-26
引用本文:   
宋宇波, 祁欣妤, 黄强, 胡爱群, 杨俊杰. 基于二阶段多分类的物联网设备识别算法[J]. 清华大学学报(自然科学版), 2020, 60(5): 365-370.
SONG Yubo, QI Xinyu, HUANG Qiang, HU Aiqun, YANG Junjie. Two-stage multi-classification algorithm for Internet of Things equipment identification. Journal of Tsinghua University(Science and Technology), 2020, 60(5): 365-370.
链接本文:  
http://jst.tsinghuajournals.com/CN/10.16511/j.cnki.qhdxxb.2019.22.050  或          http://jst.tsinghuajournals.com/CN/Y2020/V60/I5/365
  
  
  
  
  
  
  
[1] BERTINO E, ISLAM N. Botnets and Internet of Things security[J]. Computer, 2017, 50(2):76-79.
[2] MINOLI D, SOHRABY K, OCCHIOGROSSO B. IoT considerations, requirements, and architectures for smart buildings:Energy optimization and next-generation building management systems[J]. IEEE Internet of Things Journal, 2017, 4(1):269-283.
[3] Gartner. Gartner says worldwide IoT security spending will reach $1.5 billion in 2018[N/OL].[2019-04-15]. https://www.gartner.com/en/newsroom/press-releases/2018-03-21-gartner-says-worldwide-iot-security-spending-will-reach-1-point-5-billion-in-2018.
[4] COPPI R, GIL M A, KIERS H A L. The fuzzy approach to statistical analysis[J]. Computational Statistics & Data Analysis, 2006, 51(1):1-14.
[5] JANA S, KASERA S K. On fast and accurate detection of unauthorized wireless access points using clock skews[J]. IEEE Transactions on Mobile Computing, 2010, 9(3):449-462.
[6] GAO K, CORBETT C, BEYAH R. A passive approach to wireless device fingerprinting[C]//2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN). Chicago, USA, 2010:383-392.
[7] KOHNO T, BROIDO A, CLAFFY K C. Remote physical device fingerprinting[J]. IEEE Transactions on Dependable and Secure Computing, 2005, 2(2):93-108.
[8] CORBETT C L, BEYAH R A, COPELAND J A. Passive classification of wireless NICs during active scanning[J]. International Journal of Information Security, 2008, 7(5):335-348.
[9] YANG K, LI Q, SUN L M. Towards automatic fingerprinting of IoT devices in the cyberspace[J]. Computer Networks, 2019, 148:318-327.
[10] AULD T, MOORE A W, GULL S F. Bayesian neural networks for Internet traffic classification[J]. IEEE Transactions on Neural Networks, 2007, 18(1):223-239.
[11] CELIK Z B, MCDANIEL P, BOWEN T. Malware modeling and experimentation through parameterized behavior[J]. The Journal of Defense Modeling and Simulation:Applications, Methodology, Technology, 2018, 15(1):31-48.
[12] LIU Z, WANG R Y, JAPKOWICZ N, et al. Mobile app traffic flow feature extraction and selection for improving classification robustness[J]. Journal of Network and Computer Applications, 2019, 125:190-208.
[13] MOORE A W, ZUEV D. Internet traffic classification using Bayesian analysis techniques[C]//Proceedings of the 2005 ACM SIGMETRICS International Conference on Measurement and Modeling of Computer Systems. Banff, Canada, 2005:50-60.
[14] SHAFIQ M, YU X Z, BASHIR A K, et al. A machine learning approach for feature selection traffic classification using security analysis[J]. The Journal of Supercomputing, 2018, 74(10):4867-4892.
[15] FORMBY D, SRINIVASAN P, LEONARD A, et al. Who's in control of your control system? Device fingerprinting for cyber-physical systems[C]//Network and Distributed System Security Symposium. San Diego, USA, 2016:1-15.
[16] RADHAKRISHNAN S V, ULUAGAC A S, BEYAH R. GTID:A technique for physical device and device type fingerprinting[J]. IEEE Transactions on Dependable and Secure Computing, 2015, 12(5):519-532.
[17] MIETTINEN M, MARCHAL S, HAFEEZ I, et al. IoT Sentinel:Automated device-type identification for security enforcement in IoT[C]//Proceedings of the 37th International Conference on Distributed Computing Systems (ICDCS). Atlanta, USA, 2017:2177-2184.
[18] HSU C W, LIN C J. A comparison of methods for multiclass support vector machines[J]. IEEE Transactions on Neural Networks, 2002, 13(2):415-425.
[1] 赵祺铭, 毕可鑫, 邱彤. 基于机器学习的乙烯裂解过程模型比较与集成[J]. 清华大学学报(自然科学版), 2022, 62(9): 1450-1457.
[2] 曹来成, 李运涛, 吴蓉, 郭显, 冯涛. 多密钥隐私保护决策树评估方案[J]. 清华大学学报(自然科学版), 2022, 62(5): 862-870.
[3] 王豪杰, 马子轩, 郑立言, 王元炜, 王飞, 翟季冬. 面向新一代神威超级计算机的高效内存分配器[J]. 清华大学学报(自然科学版), 2022, 62(5): 943-951.
[4] 陆思聪, 李春文. 基于场景与话题的聊天型人机会话系统[J]. 清华大学学报(自然科学版), 2022, 62(5): 952-958.
[5] 李维, 李城龙, 杨家海. As-Stream:一种针对波动数据流的算子智能并行化策略[J]. 清华大学学报(自然科学版), 2022, 62(12): 1851-1863.
[6] 刘强墨, 何旭, 周佰顺, 吴昊霖, 张弛, 秦羽, 沈晓梅, 高小榕. 基于机器学习和瞳孔响应的简易高性能自闭症分类模型[J]. 清华大学学报(自然科学版), 2022, 62(10): 1730-1738.
[7] 马晓悦, 孟啸. 用户参与视角下多图推文的图像位置和布局效应[J]. 清华大学学报(自然科学版), 2022, 62(1): 77-87.
[8] 汤志立, 王雪, 徐千军. 基于过采样和客观赋权法的岩爆预测[J]. 清华大学学报(自然科学版), 2021, 61(6): 543-555.
[9] 王志国, 章毓晋. 监控视频异常检测:综述[J]. 清华大学学报(自然科学版), 2020, 60(6): 518-529.
[10] 芦效峰, 蒋方朔, 周箫, 崔宝江, 伊胜伟, 沙晶. 基于API序列特征和统计特征组合的恶意样本检测框架[J]. 清华大学学报(自然科学版), 2018, 58(5): 500-508.
[11] 邹权臣, 张涛, 吴润浦, 马金鑫, 李美聪, 陈晨, 侯长玉. 从自动化到智能化:软件漏洞挖掘技术进展[J]. 清华大学学报(自然科学版), 2018, 58(12): 1079-1094.
[12] 方勇, 刘道胜, 黄诚. 基于层次聚类的虚假用户检测[J]. 清华大学学报(自然科学版), 2017, 57(6): 620-624.
[13] 强茂山, 张东成, 江汉臣. 基于加速度传感器的建筑工人施工行为识别方法[J]. 清华大学学报(自然科学版), 2017, 57(12): 1338-1344.
[14] 赵晶玲, 陈石磊, 曹梦晨, 崔宝江. 基于离线汇编指令流分析的恶意程序算法识别技术[J]. 清华大学学报(自然科学版), 2016, 56(5): 484-492.
[15] 刘泽文, 丁冬, 李春文. 基于条件随机场的中文短文本分词方法[J]. 清华大学学报(自然科学版), 2015, 55(8): 906-910,915.
Viewed
Full text


Abstract

Cited

  Shared   
  Discussed   
版权所有 © 《清华大学学报(自然科学版)》编辑部
本系统由北京玛格泰克科技发展有限公司设计开发 技术支持:support@magtech.com.cn