Detecting consumer IoT devices through the lens of an ISP

Conference paper (2021)

Authors

Said Jawad Saidi Max Planck Institut für Informatik
Anna Maria Mandalari Imperial College London
Hamed Haddadi Imperial College London
Daniel J. Dubois Northeastern University
David Choffnes Northeastern University
G. Smaragdakis TU Berlin and Max Planck, Technical University of Berlin
Anja Feldmann Saarland University
Affiliation
External organisation
Internet of things IoT security and privacy Internet measurement IoT detection
More Info
expand_more

Published Date

2021

Language

English

Reuse Rights

Other than for strictly personal use, it is not permitted to download, forward or distribute the text or part of it, without the consent of the author(s) and/or copyright holder(s), unless the work is under an open content license such as Creative Commons.

Affiliation

External organisation

Abstract

Internet of Things (IoT) devices are becoming increasingly popular and offer a wide range of services and functionality to their users. However, there are significant privacy and security risks associated with these devices. IoT devices can infringe users' privacy by ex-filtrating their private information to third parties, often without their knowledge. In this work we investigate the possibility to identify IoT devices and their location in an Internet Service Provider's network. By analyzing data from a large Internet Service Provider (ISP), we show that it is possible to recognize specific IoT devices, their vendors, and sometimes even their specific model, and to infer their location in the network. This is possible even with sparsely sampled flow data that are often the only datasets readily available at an ISP. We evaluate our proposed methodology [1] to infer IoT devices at subscriber lines of a large ISP. Given ground truth information on IoT devices location and models, we were able to detect more than 77% of the studied IoT devices from sampled flow data in the wild.