Abstract
The recent spate of cyber attacks and security threats toward Internet-of-Things (IoT) systems in smart cities, smart homes, and industry 4.0 calls for effective techniques to understand if, when, who, what IoT systems are exploited and compromised by Internet attackers. Toward this end, this article attempts to study DNS behavioral patterns of IoT systems in edge networks as a first step of characterizing their communication patterns and their interactions with IoT users, cloud servers, and other IoT or non-IoT devices in the same edge networks. Specifically, we analyze the temporal-spatial patterns of DNS behaviors of a variety of IoT systems in two dozens of edge networks and develop a simple yet effective Bloom filter mechanism for detecting anomalous traffic patterns based on unusual DNS queries and answers. To the best of our knowledge, this article is the first effort to systematically measure and monitor IoT network traffic from a DNS perspective for providing the security of heterogeneous IoT systems and ensuring IoT user privacy.
| Original language | English (US) |
|---|---|
| Article number | 9105052 |
| Pages (from-to) | 7991-7998 |
| Number of pages | 8 |
| Journal | IEEE Internet of Things Journal |
| Volume | 7 |
| Issue number | 9 |
| DOIs | |
| State | Published - Sep 2020 |
Keywords
- Internet-of-Things (IoT) network traffic
- security and privacy
- smart cities
- smart homes
ASJC Scopus subject areas
- Signal Processing
- Information Systems
- Hardware and Architecture
- Computer Science Applications
- Computer Networks and Communications