What's the problem, and why is it important:

The problem is “How to improve classification of IoT devices in efficiency and security?”. It is important, because IoT and IoT devices are more popular, but they are still vulnerable. Before antivirus software involves, anomaly detection will find attacks in early stages, by analyzing data flows. However, data flows will be different with different types of devices, such as manufacturer, usage, and hardware. Therefore, classifying the types of devices by their data flow will be helpful to detect anomalies more accurately and faster.

What has been done, why are they not sufficient, and our other previous ongoing projects:

Two documents about MUD[1], and Audi[2] have been read and studied. MUD is manufacturer-provided device-type specifications, which completely depended on manufacturers. While Audi is also based on data flows, it chose federated learning to train the classification model. As model aggregation in federated learning is centralized, it could lead to security and efficiency problems.

Approach, and why can it do better or differently:

The approaches are designing experiments, simulation, comparison among different classification models, and explanation. Moreover, the approach of implementation is a decentralized way to aggregate the classification model. This is a different approach, for example, there are several networks, as known as nodes, of IoT devices, which could be a house, an office, etc. The models are trained separately, and when one is finished, the node sends parameters to another node to help it refine the model. After models are refined several rounds, it will be stable and reliable. The combination of experiments, simulation, explanation, and comparison will highlight our approach to improve classification of IoT devices.

Expected deliverables:

paper/report with charts and analyze, code, trained models.

Biweekly time schedule: (every Monday)

Feb 22: research on p2p application

Mar 8: research on classification model and combine it with p2p network

Mar 22: writing codes

Apr 5: finishing codes, doing experiment, and writing report

Apr 19: submitting the code and report.

Resources needed:

VM, IoT devices, and extra IoT devices data

References:

[1] E. Lear, R. Droms, and D. Romascanu, “Manufacturer usage description specification,” https://tools.ietf.org/html/draft-ietf-opsawg-mud-25, IETF Network Working Group

[2] S. Marchal, M. Miettinen, T. D. Nguyen, A. Sadeghi, and N. Asokan, “Audi: Towards autonomous iot device-type identification using periodic communication,” IEEE Journal on Selected Areas in Communications , pp. 1–1, 2019.