Characterizing DNS Behaviors of Internet of Things in Edge Networks

Kuai Xu, Feng Wang, Sergio Jimenez, Andrew Lamontagne, John Cummings, Mitchell Hoikka

Research output: Contribution to journalArticlepeer-review

9 Scopus citations


The recent spate of cyber attacks and security threats toward Internet-of-Things (IoT) systems in smart cities, smart homes, and industry 4.0 calls for effective techniques to understand if, when, who, what IoT systems are exploited and compromised by Internet attackers. Toward this end, this article attempts to study DNS behavioral patterns of IoT systems in edge networks as a first step of characterizing their communication patterns and their interactions with IoT users, cloud servers, and other IoT or non-IoT devices in the same edge networks. Specifically, we analyze the temporal-spatial patterns of DNS behaviors of a variety of IoT systems in two dozens of edge networks and develop a simple yet effective Bloom filter mechanism for detecting anomalous traffic patterns based on unusual DNS queries and answers. To the best of our knowledge, this article is the first effort to systematically measure and monitor IoT network traffic from a DNS perspective for providing the security of heterogeneous IoT systems and ensuring IoT user privacy.

Original languageEnglish (US)
Article number9105052
Pages (from-to)7991-7998
Number of pages8
JournalIEEE Internet of Things Journal
Issue number9
StatePublished - Sep 2020


  • Internet-of-Things (IoT) network traffic
  • security and privacy
  • smart cities
  • smart homes

ASJC Scopus subject areas

  • Signal Processing
  • Information Systems
  • Hardware and Architecture
  • Computer Science Applications
  • Computer Networks and Communications


Dive into the research topics of 'Characterizing DNS Behaviors of Internet of Things in Edge Networks'. Together they form a unique fingerprint.

Cite this