IoT Eye An Efficient System for Dynamic IoT Devices Auto-discovery on Organization Level

Internet of Things (IoT) serves not only as an essential part of the new generation information technology but as an important development stage in the information era. IoT devices such as unmanned aerial vehicles, robots and wearable equipments have been widely used in recent years. For most organizations' inner networks, innumerable dynamic connections with Internet accessible IoT devices occur at many parts all the time. It is usually these temporal links that arise potential threats to the security of the whole intranet. In this paper, we propose a new system named IoT Eye, which automatically discovers the IoT devices in real time. The IoT Eye detects all the potential IoT target hosts using an innovative two-stage architecture: (1) Scanning suspicious IP segments with stateless TCP SYN scan model and zero copy TCP stack; (2) Identifying each IoT device on various protocols using PI-AC, which is a novel high-performance multi-pattern matching algorithm. The preceding model ensures the IoT Eye searching each newly connected device out in rather small time delay, which minimizes the missing and wrong detection rates. Related intelligence on the active IoT devices linked with the organization's intranets are of great importance to the professionals. Since it can help them: (1) re-examine the borders of large intranets; (2) reduce non-essential device access; (3) fix security vulnerabilities timely.