Detecting Security Status Of Internet-of-things Based On Device Relationships

As Internet-of-Things(Io T)devices are joining the cyberspace,it would bring the convenience to people's live,such as manufacturing,smart-city,and smart-health.However,the security protection of Io T devices in cyberspace has more challenges to the research community.The security issues of Io T devices include two aspects: first,Io T devices have not been strictly tested and supervised by device vendors and developers;secondly,when Io T devices are deployed in the manufacturing environment,they are rarely upgraded,replaced,suspended and repair.To address those problems,this paper proposes device relationships to detect underlying risks for Io T devices in the cyberspace: the relationships between network addresses and devices;the relationships between geolocation and devices;relationships between device vulnerabilities and security patches.The main research points and contributions of this article are as follows:(1)The relationships between network hosts and Io T devices.I send probe packets to the network IPv4 addresses,and receive application-layer protocol packets.Then,my paper utilizes natural language processing technology extracts text features,and the machine learning model to identify Io T devices,including device type,vendor,and product version.The result shows that my model archives 98.7% precision and 98.4% recall.Further,I establish and visualize the relationships diagram of network hosts and Io T devices.(2)The relationship between geographic location and Io T devices.The paper collects geolocation landmarks from 100 aggregation sites hosting online surveillance devices.My work extracts the IP address,corresponding latitude and longitude for generating landmarks.Totally,my paper finds 16,000 fine-grained landmark data,and proposes the geolocation algorithm for building the relationship between geographic location and Io T devices.The experimental results of the paper demonstrate that my algorithm find nearly 80% of the devices with an error of less than 130 km,which is 10% higher than the current CBG positioning algorithm based on open source landmark data.Further,my work establishes and visualize the geographic location and Io T device associate the relationship.(3)The relationship between device vulnerabilities and security patches.To discover risks of Io T devices,my work utilizes a multiple online source to vulnerability information.To detect security patches of Io T devices,my paper utilizes the version semantic to identify insecure and secure dependency among numerous devices.Further,I establish and visualize the relationship between security patches and exploitable vulnerabilities.