{"title":"BF-IoT: Securing the IoT Networks via Fingerprinting-Based Device Authentication","authors":"Tianbo Gu, P. Mohapatra","doi":"10.1109/MASS.2018.00047","DOIUrl":null,"url":null,"abstract":"Bluetooth low energy (BLE) based devices are already deployed in massive quantity as Internet-of-things (IoT) becomes prominent in the last two decades. In order to lower the energy consumption, BLE devices have to compromise with security and privacy problems. Existing research work shows that BLE devices can be easily spoofed and leveraged to gain access to a networking system. In this paper, we propose BF-IoT, the first IoT secure communication framework for BLE-based networks that guards against device spoofing via monitoring the work-life cycles of devices. We dig into the BLE protocol stack and extract the unique network-flow features from the link layer and ATT/GATT service layer so as to generate the fingerprints for device authentication. BF-IoT provides two-phase defense against malicious entities: continuously authenticating device identity before the connection setup and during session establishment. We build a customized system to validate the effectiveness of our mechanism. We extensively evaluate BF-IoT with a dozen of different off-the-shelf commodity IoT devices which shows that the devices can be accurately authenticated via only sniffing the transmission characteristics.","PeriodicalId":146214,"journal":{"name":"2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS)","volume":"77 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"37","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 IEEE 15th International Conference on Mobile Ad Hoc and Sensor Systems (MASS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/MASS.2018.00047","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 37
Abstract
Bluetooth low energy (BLE) based devices are already deployed in massive quantity as Internet-of-things (IoT) becomes prominent in the last two decades. In order to lower the energy consumption, BLE devices have to compromise with security and privacy problems. Existing research work shows that BLE devices can be easily spoofed and leveraged to gain access to a networking system. In this paper, we propose BF-IoT, the first IoT secure communication framework for BLE-based networks that guards against device spoofing via monitoring the work-life cycles of devices. We dig into the BLE protocol stack and extract the unique network-flow features from the link layer and ATT/GATT service layer so as to generate the fingerprints for device authentication. BF-IoT provides two-phase defense against malicious entities: continuously authenticating device identity before the connection setup and during session establishment. We build a customized system to validate the effectiveness of our mechanism. We extensively evaluate BF-IoT with a dozen of different off-the-shelf commodity IoT devices which shows that the devices can be accurately authenticated via only sniffing the transmission characteristics.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
