IoT-KEEPER: Securing IoT Communications in Edge Networks

• Main Authors: Hafeez, Ibbad, Antikainen, Markku, Ding, Aaron Yi, Tarkoma, Sasu
• Format: Journal Article
• Language: English
• Published: 19.10.2018
• Subjects: Computer Science - Cryptography and Security
• DOI: 10.48550/arxiv.1810.08415

The increased popularity of IoT devices have made them lucrative targets for attackers. Due to insecure product development practices, these devices are often vulnerable even to very trivial attacks and can be easily compromised. Due to the sheer number and heterogeneity of IoT devices, it is not possible to secure the IoT ecosystem using traditional endpoint and network security solutions. To address the challenges and requirements of securing IoT devices in edge networks, we present IoT-Keeper, which is a novel system capable of securing the network against any malicious activity, in real time. The proposed system uses a lightweight anomaly detection technique, to secure both device-to-device and device-to-infrastructure communications, while using limited resources available on the gateway. It uses unlabeled network data to distinguish between benign and malicious traffic patterns observed in the network. A detailed evaluation, done with real world testbed, shows that IoT-Keeper detects any device generating malicious traffic with high accuracy (0.982) and low false positive rate (0.01). The results demonstrate that IoT-Keeper is lightweight, responsive and can effectively handle complex D2D interactions without requiring explicit attack signatures or sophisticated hardware.