Imperial College London
Portrait Picture

Dr Anna Maria Mandalari

Faculty of EngineeringInstitute for Security Science & Technology

Honorary Research Fellow
 
 
 
//

Contact

 

anna-maria.mandalari Website

 
 
//

Location

 

ObservatorySouth Kensington Campus

//

Summary

 

Publications

Citation

BibTex format

@unpublished{Saidi:2020,
author = {Saidi, SJ and Mandalari, AM and Kolcun, R and Haddadi, H and Dubois, DJ and Choffnes, D and Smaragdakis, G and Feldmann, A},
publisher = {arXiv},
title = {A haystack full of needles: scalable detection of IoT devices in the  wild},
url = {http://arxiv.org/abs/2009.01880v1},
year = {2020}
}
Download

RIS format (EndNote, RefMan)

TY  - UNPB
AB  - Consumer Internet of Things (IoT) devices are extremely popular, providingusers with rich and diverse functionalities, from voice assistants to homeappliances. These functionalities often come with significant privacy andsecurity risks, with notable recent large scale coordinated global attacksdisrupting large service providers. Thus, an important first step to addressthese risks is to know what IoT devices are where in a network. While somelimited solutions exist, a key question is whether device discovery can be doneby Internet service providers that only see sampled flow statistics. Inparticular, it is challenging for an ISP to efficiently and effectively trackand trace activity from IoT devices deployed by its millions of subscribers--all with sampled network data.  In this paper, we develop and evaluate a scalable methodology to accuratelydetect and monitor IoT devices at subscriber lines with limited, highly sampleddata in-the-wild. Our findings indicate that millions of IoT devices aredetectable and identifiable within hours, both at a major ISP as well as anIXP, using passive, sparsely sampled network flow headers. Our methodology isable to detect devices from more than 77% of the studied IoT manufacturers,including popular devices such as smart speakers. While our methodology iseffective for providing network analytics, it also highlights significantprivacy consequences.
AU  - Saidi,SJ
AU  - Mandalari,AM
AU  - Kolcun,R
AU  - Haddadi,H
AU  - Dubois,DJ
AU  - Choffnes,D
AU  - Smaragdakis,G
AU  - Feldmann,A
PB  - arXiv
PY  - 2020///
TI  - A haystack full of needles: scalable detection of IoT devices in the  wild
UR  - http://arxiv.org/abs/2009.01880v1
UR  - http://hdl.handle.net/10044/1/82881
ER  -
Download