An enhanced behavioral fingerprinting approach for the Internet of Things

With the growing diffusion of the Internet of Things (IoT) technology across most of the aspects of people daily lives, security concerns have become critical to ensure the exploitation of advantages introduced by this technology. This is even more true in the context of Industry 4.0, for which the IoT is becoming an important driver for automation. The detection of anomalies in IoT systems to ensure the capability of such systems to tolerate attacks to single devices is a crucial aspect. Behavioral fingerprinting is a recent and promising security solution in this context, which still requires research efforts to embrace new challenges in such a complex environment. Existing solutions focus mostly on modeling the behavior of IoT devices by analyzing the information extracted from the header of exchanged networking packets. However, in many application contexts, also attacks on the content of the packets can lead to disruptive results. Our proposal focus on these approaches by addressing a fully distributed scenario in which computation is directly handled by IoT devices, also through delegation, and describes a novel behavioral fingerprinting approach based on features suitably engineered from packet payloads. The effective-ness of our proposed method is assessed by both simulated and experimental results.