Research On Intelligent IoT Device Identification And Its Abnormal Traffic Detection Method

The information society is gradually evolving from the Internet era to the Internet of Things era with the advent of the Internet of Everything era.In recent years,it has brought convenience to human production and productive life,but also triggered a series of cybersecurity issues,as a large number of IoT smart terminals have entered the Internet.More and more personal information is being exposed in cyberspace,and the related privacy and security issues are becoming more and more important.In an increasingly complex IoT landscape,the challenge of effectively discovering IoT devices and anomalous traffic is critical.Therefore,pre-identification of IoT devices and further detection of their abnormal traffic are needed to achieve effective management and security monitoring of IoT devices to ensure the security of cyberspace.The main research work of this paper is as follows.(1)To address the problem that the existing IoT device identification method fails to characterize the device communication traffic in an all-round manner,this paper proposes an IoT device identification method based on the phase residual of spatio-temporal characteristics.The method preprocesses the original traffic generated by the communication between IoT devices to obtain the corresponding device fingerprint map,and realizes the automatic extraction of its spatial features and temporal features through a deep learning model,and adopts the residual structure for further fusion,which makes up for the limitations of the existing methods for the study of the single mode of device traffic data structure and improves the characterization of device behavior traffic data information to a greater extent,and realizes the accurate characterization of IoT devices.The method is designed to improve the characterisation of device behavioural traffic information and to achieve accurate and effective fine-grained identification of IoT devices.The proposed method is demonstrated to be superior for IoT device identification by experimenting with two publicly available datasets.(2)To address the problem of low detection accuracy,high false alarm rate and privacy protection of IoT anomaly detection data caused by the "data silo" phenomenon in IoT device anomaly traffic detection.In this paper,we propose a federal learning and deep separable convolutional neural network-based method for detecting anomalous traffic of IoT devices.The model adopts a federation learning architecture,uses deep separable convolutional neural networks as local models,and uses decentralised end devices to collaboratively train the same model,solving the problem of insufficient attack instances caused by "data silos" and effectively protecting data privacy and security.Experimental validation shows that the proposed model can achieve high detection accuracy in IoT device anomaly traffic detection,proving the advancement of the method in IoT device anomaly traffic detection.