SG11201907943WA - Method and apparatus for determining an identity of an unknown internet-of-things (iot) device in a communication network - Google Patents

Method and apparatus for determining an identity of an unknown internet-of-things (iot) device in a communication network

Info

Publication number
SG11201907943WA
SG11201907943WA SG11201907943WA SG11201907943WA SG11201907943WA SG 11201907943W A SG11201907943W A SG 11201907943WA SG 11201907943W A SG11201907943W A SG 11201907943WA SG 11201907943W A SG11201907943W A SG 11201907943WA SG 11201907943W A SG11201907943W A SG 11201907943WA
Authority
SG
Singapore
Prior art keywords
singapore
unknown
technologies
network
international
Prior art date
Application number
SG11201907943WA
Inventor
Martin Ochoa
Nils Ole Tippenhauer
Juan Guarnizo
Yuval Elovici
Asaf Shabtai
Michael Bohadana
Yair Meidan
Original Assignee
Univ Singapore Technology & Design
B G Negev Technologies And Applications Ltd At Ben Gurion University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Univ Singapore Technology & Design, B G Negev Technologies And Applications Ltd At Ben Gurion University filed Critical Univ Singapore Technology & Design
Publication of SG11201907943WA publication Critical patent/SG11201907943WA/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/14Network analysis or design
    • H04L41/145Network analysis or design involving simulating, designing, planning or modelling of a network
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • G06F18/2155Generating training patterns; Bootstrap methods, e.g. bagging or boosting characterised by the incorporation of unlabelled data, e.g. multiple instance learning [MIL], semi-supervised techniques using expectation-maximisation [EM] or naïve labelling
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • G06N20/20Ensemble learning
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/01Dynamic search techniques; Heuristics; Dynamic trees; Branch-and-bound
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y10/00Economic sectors
    • G16Y10/75Information technology; Communication
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y20/00Information sensed or collected by the things
    • G16Y20/20Information sensed or collected by the things relating to the thing itself
    • GPHYSICS
    • G16INFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR SPECIFIC APPLICATION FIELDS
    • G16YINFORMATION AND COMMUNICATION TECHNOLOGY SPECIALLY ADAPTED FOR THE INTERNET OF THINGS [IoT]
    • G16Y30/00IoT infrastructure
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/06Generation of reports
    • H04L43/065Generation of reports related to network devices

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Software Systems (AREA)
  • Data Mining & Analysis (AREA)
  • General Engineering & Computer Science (AREA)
  • Artificial Intelligence (AREA)
  • General Physics & Mathematics (AREA)
  • Evolutionary Computation (AREA)
  • Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Medical Informatics (AREA)
  • Development Economics (AREA)
  • Business, Economics & Management (AREA)
  • Accounting & Taxation (AREA)
  • Economics (AREA)
  • General Business, Economics & Management (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Computational Linguistics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Evolutionary Biology (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Telephonic Communication Services (AREA)

Abstract

Receive network traffic 711 generated by an unknown loT device 150a. 720 730 740 Extract device network behaviour 721 from the generated network traffic 711 of the unknown loT device 150a. W O 20 18/ 160 136 Al Apply a selected machine learning based classifier 731a from a set of machine learning based classifiers 731 to analyse the device network behaviour 721. Determine the iden ity of the unknown loT device 150a from a list of known loT devices 103 Figure 7 (12) INTERNATIONAL APPLICATION PUBLISHED UNDER THE PATENT COOPERATION TREATY (PCT) (19) World Intellectual Property Organization International Bureau (43) International Publication Date 07 September 2018 (07.09.2018) WIPO I PCT omit VIII °nolo omioollm mom oimIE (10) International Publication Number WO 2018/160136 Al (51) International Patent Classification: HO4L 12/24 (2006.01) G06N 99/00 (2010.01) GOON 3/00 (2006.01) HO4L 29/00 (2006.01) GO6F 19/24 (2011.01) (21) International Application Number: PCT/SG2018/050089 (22) International Filing Date: 27 February 2018 (27.02.2018) (25) Filing Language: English (26) Publication Language: English (30) Priority Data: 10201701692Y 02 March 2017 (02.03.2017) SG (71) Applicants: SINGAPORE UNIVERSITY OF TECH- NOLOGY AND DESIGN [SG/SG]; 8 Somapah Road, Singapore 487372 (SG). B. G. NEGEV TECH- NOLOGIES AND APPLICATIONS LTD., AT BEN- GURION UNIVERSITY [IL/IL]; P.O. Box 653, Beer- Sheva 8410501 (IL). (72) Inventors: OCHOA, Martin; c/o Singapore University of Technology and Design, 8 Somapah Road, Singapore 487372 (SG). TIPPENHAUER, Nils Ole; c/o Singapore University of Technology and Design, 8 Somapah Road, Singapore 487372 (SG). GUARNIZO, Juan; c/o Singa- pore University of Technology and Design, 8 Somapah Road, Singapore 487372 (SG). ELOVICI, Yuval; BGN Technologies Ltd., The Energy St. 77, (Ha Energia St), Ad- vanced Technologies Park, Building 1, 3rd. Floor, POB 653, 8410501 Beer-Sheva (IL). SHABTAI, Asaf; BGN Tech- nologies Ltd., The Energy St. 77, (Ha Energia St), Ad- vanced Technologies Park, Building 1, 3rd. Floor, POB 653, 8410501 Beer-Sheva (IL). BOHADANA, Michael; BGN Technologies Ltd., The Energy St. 77, (Ha Energia St), Ad- vanced Technologies Park, Building 1, 3rd. Floor, POB 653, 8410501 Beer-Sheva (IL). MEIDAN, Yair; BGN Tech- nologies Ltd., The Energy St. 77, (Ha Energia St), Ad- vanced Technologies Park, Building 1, 3rd. Floor, POB 653, 8410501 Beer-Sheva (IL). (74) Agent: POH, Chee Kian, Daniel; Marks & Clerk Singa- pore LLP, Tanjong Pagar, P 0 Box 636, Singapore 910816 (SG). (81) Designated States (unless otherwise indicated, for every kind of national protection available): AE, AG, AL, AM, AO, AT, AU, AZ, BA, BB, BG, BH, BN, BR, BW, BY, BZ, CA, CH, CL, CN, CO, CR, CU, CZ, DE, DJ, DK, DM, DO, DZ, EC, EE, EG, ES, FI, GB, GD, GE, GH, GM, GT, HN, = (54) Title: METHOD AND APPARATUS FOR DETERMINING AN IDENTITY OF AN UNKNOWN INTERNET-OF-THINGS (I0T) DEVICE IN A COMMUNICATION NETWORK 700 (57) : A method 100 and apparatus for determining an identi- ty of an unknown Internet-of-Things (IoT) device 150a in a communi- cation network is disclosed. The method 100 includes the steps of re- ceiving network traffic 711 generated by the unknown IoT device 150a at 710, extracting device network behavior 721 from the generated net- work traffic 711 at 720, and determining the identity of the unknown IoT device 150a from a list of known IoT devices 103 at 740 by ap- plying a selected machine learning based classifier 731a from a set of machine learning based classifiers 731 at 730 to analyze the device net- work behavior 721. Each machine learning based classifier of the set 731 is trained by a dataset including a plurality of features represent- ing network behavior 721 of a respective known IoT device 103 from the list and the known IoT device's identity. The plurality of features is associated with the corresponding device network behavior 721 of the generated network traffic 711. [Continued on next page] WO 2018/160136 Al MUNRO DOI 01011MHE OMMINIIMOMMEONVOIS HR, HU, ID, IL, IN, IR, IS, JO, JP, KE, KG, KH, KN, KP, KR, KW, KZ, LA, LC, LK, LR, LS, LU, LY, MA, MD, ME, MG, MK, MN, MW, MX, MY, MZ, NA, NG, NI, NO, NZ, OM, PA, PE, PG, PH, PL, PT, QA, RO, RS, RU, RW, SA, SC, SD, SE, SG, SK, SL, SM, ST, SV, SY, TH, TJ, TM, TN, TR, TT, TZ, UA, UG, US, UZ, VC, VN, ZA, ZM, ZW. (84) Designated States (unless otherwise indicated, for every kind of regional protection available): ARIPO (BW, GH, GM, KE, LR, LS, MW, MZ, NA, RW, SD, SL, ST, SZ, TZ, UG, ZM, ZW), Eurasian (AM, AZ, BY, KG, KZ, RU, TJ, TM), European (AL, AT, BE, BG, CH, CY, CZ, DE, DK, EE, ES, FI, FR, GB, GR, HR, HU, IE, IS, IT, LT, LU, LV, MC, MK, MT, NL, NO, PL, PT, RO, RS, SE, SI, SK, SM, TR), OAPI (BF, BJ, CF, CG, CI, CM, GA, GN, GQ, GW, KM, ML, MR, NE, SN, TD, TG). Declarations under Rule 4.17: — of inventorship (Rule 4.17(iv)) Published: — with international search report (Art. 21(3))
SG11201907943WA 2017-03-02 2018-02-27 Method and apparatus for determining an identity of an unknown internet-of-things (iot) device in a communication network SG11201907943WA (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
SG10201701692Y 2017-03-02
PCT/SG2018/050089 WO2018160136A1 (en) 2017-03-02 2018-02-27 Method and apparatus for determining an identity of an unknown internet-of-things (iot) device in a communication network

Publications (1)

Publication Number Publication Date
SG11201907943WA true SG11201907943WA (en) 2019-09-27

Family

ID=63369539

Family Applications (2)

Application Number Title Priority Date Filing Date
SG11201907943WA SG11201907943WA (en) 2017-03-02 2018-02-27 Method and apparatus for determining an identity of an unknown internet-of-things (iot) device in a communication network
SG10201913257UA SG10201913257UA (en) 2017-03-02 2018-02-27 Method and apparatus for determining an identity of an unknown internet-of-things (iot) device in a communication network

Family Applications After (1)

Application Number Title Priority Date Filing Date
SG10201913257UA SG10201913257UA (en) 2017-03-02 2018-02-27 Method and apparatus for determining an identity of an unknown internet-of-things (iot) device in a communication network

Country Status (4)

Country Link
US (1) US20200211721A1 (en)
IL (1) IL268940A (en)
SG (2) SG11201907943WA (en)
WO (1) WO2018160136A1 (en)

Families Citing this family (15)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US10867055B2 (en) * 2017-12-28 2020-12-15 Corlina, Inc. System and method for monitoring the trustworthiness of a networked system
US11509636B2 (en) 2018-01-30 2022-11-22 Corlina, Inc. User and device onboarding
CN109309630B (en) * 2018-09-25 2021-09-21 深圳先进技术研究院 Network traffic classification method and system and electronic equipment
US10440577B1 (en) * 2018-11-08 2019-10-08 Cisco Technology, Inc. Hard/soft finite state machine (FSM) resetting approach for capturing network telemetry to improve device classification
US11100364B2 (en) * 2018-11-19 2021-08-24 Cisco Technology, Inc. Active learning for interactive labeling of new device types based on limited feedback
WO2020139862A1 (en) * 2018-12-28 2020-07-02 AVAST Software s.r.o. Adaptive device type classification
US11038910B1 (en) * 2019-01-25 2021-06-15 Trend Micro Incorporated Cybersecurity for a smart home
US11115823B1 (en) * 2019-04-30 2021-09-07 Rapid7, Inc. Internet-of-things device classifier
US11893456B2 (en) * 2019-06-07 2024-02-06 Cisco Technology, Inc. Device type classification using metric learning in weakly supervised settings
US11539741B2 (en) * 2019-09-05 2022-12-27 Bank Of America Corporation Systems and methods for preventing, through machine learning and access filtering, distributed denial of service (“DDoS”) attacks originating from IoT devices
CN112600793A (en) * 2020-11-23 2021-04-02 国网山东省电力公司青岛供电公司 Internet of things equipment classification and identification method and system based on machine learning
DE112021006382T5 (en) * 2021-02-08 2023-11-16 Mitsubishi Electric Corporation TERMINAL DEVICE, DEVICE MANAGEMENT SERVER, INFORMATION PROCESSING SYSTEM, INFORMATION PROCESSING METHOD AND INFORMATION PROCESSING PROGRAM
JP7298646B2 (en) * 2021-05-19 2023-06-27 横河電機株式会社 NETWORK SIMULATOR, NETWORK SIMULATION METHOD AND NETWORK SIMULATION PROGRAM
US20230280993A1 (en) * 2022-03-07 2023-09-07 Universal Electronics Inc. Apparatus, system and method for app discovery and installation
CN116682167B (en) * 2023-08-01 2023-10-27 山东威尔数据股份有限公司 Cluster type IoT-based face feature extraction method

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8737204B2 (en) * 2011-05-02 2014-05-27 Telefonaktiebolaget Lm Ericsson (Publ) Creating and using multiple packet traffic profiling models to profile packet flows
US9106536B2 (en) * 2013-04-15 2015-08-11 International Business Machines Corporation Identification and classification of web traffic inside encrypted network tunnels
CN104883278A (en) * 2014-09-28 2015-09-02 北京匡恩网络科技有限责任公司 Method for classifying network equipment by utilizing machine learning
US9967188B2 (en) * 2014-10-13 2018-05-08 Nec Corporation Network traffic flow management using machine learning

Also Published As

Publication number Publication date
WO2018160136A1 (en) 2018-09-07
US20200211721A1 (en) 2020-07-02
IL268940A (en) 2019-10-31
SG10201913257UA (en) 2020-02-27

Similar Documents

Publication Publication Date Title
SG11201907943WA (en) Method and apparatus for determining an identity of an unknown internet-of-things (iot) device in a communication network
SG11201904942YA (en) Blockchain-based service execution method and apparatus, and electronic device
SG11201907383QA (en) Systems and methods for vehicle sharing service
SG11201909643RA (en) Dynamic response prediction for improved bot task processing
SG11201806440WA (en) System and method for controlling an unmanned vehicle and releasing a payload from the same
SG11201807679XA (en) Methods and devices for determining precoder parameters in a wireless communication network
SG11201909117SA (en) Relocation of access and mobility management function (amf) upon a network-triggered change of network slices supported for a user equipment
SG11201811740WA (en) Systems and methods for identifying risky driving behavior
SG11201807307VA (en) System and method for aerial system discrimination and action
SG11201908336XA (en) Smart plans
SG11201808968WA (en) Time division multiplexing of synchronization channels
SG11201807387YA (en) System and method for beam management
SG11201806711QA (en) Method and system for efficient transfer of cryptocurrency associated with a payroll on a blockchain that leads to An Automated payroll method and system based on smart contracts
SG11201907125XA (en) Dynamic execution of parameterized applications for the processing of keyed network data streams
SG11201909671TA (en) Method of living body detection and terminal device
SG11201906623SA (en) A fluid-driven actuator and its applications
SG11201805352QA (en) Method and system for determining network connections
SG11201808419YA (en) All-digital software-defined cognitive heterogeneous network transceiver architecture
SG11201808476SA (en) Recycling of polymer matrix composite
SG11201908260WA (en) Device, system, and method for facilitating communications between electronic gaming machines and mobile devices
SG11201906550SA (en) Methods and systems for access point clustering
SG11201804482UA (en) Search and retrieval data processing system for computing near real-time data aggregations
SG11201803998PA (en) Systems and methods for updating sequence of services
SG11201906844RA (en) Biometric feature database establishing method and apparatus
SG11201811409UA (en) Systems and methods for determining combinative service requesters