Xiao Hu’s research while affiliated with Chinese Academy of Sciences and other places

Internet of Things (IoT) device identification plays a basic and essential role in network management and cyberspace security. Previous device identification methods perform poorly in real-world networks where much unknown traffic exists, since they only focus on improving performance on closed datasets and rely on manual features that are difficult to generalize. To achieve robust IoT device identification, we propose a new approach with unknown traffic detection, which consists of general training and novel inference stage. In the first stage, a simple neural network is trained to extract spatial-temporal features automatically and explicitly form tight clusters of known devices through multi-task learning. Furthermore, we use extreme value theory (EVT) to model the boundary of each cluster in the feature space. Then the probability of unknown traffic is recalibrated in the inference stage. Experiments on a public IoT traffic dataset show that the accuracy and f1 score of our method are both over 92%, which significantly outperforms all compared methods under diverse experimental settings. In addition, the visualization of intermediate results illustrates the interpretability of our method.