IoT Device Identification Method Based on Causal Inference

Abstract

With the development of 5G, the number of IoT (Internet of Things) devices connected to the Internet will grow explosively. However, due to the vulnerability of the devices, attackers can launch attacks on the vulnerable IoT devices, causing great impact on the security of the network environment. Fine-grained identification of IoT devices can help network administrators set up appropriate security policies based on the functionality and heterogeneity of the devices, while enabling timely updates and upgrades for devices with security vulnerabilities or the isolation of these dangerous devices. However, most of the existing IoT device identification methods rely on a priori knowledge or expert experience in selecting features, which cannot weigh the identification performance and labor cost. In this paper, we design a fine-grained identification method for IoT devices based on causal inference, which automatically extracts key features in the protocol fields of device communication from the perspective of causality and then classifies key features using a Stacking integrated learning method to achieve high-precision and fine-grained device identification. Through experimental verification, the proposed method achieves 96.3% and 97.7% device model identification accuracy under HTTP/TCP and SSH/TCP protocol clusters.