Fast and efficient probing of heterogeneous IoT networks

Metongnon, Lionel [UCL] Sadre, Ramin [UCL]

The Internet of Things (IoT) leads to the interconnectivity of a wide range of device types running an equally wide range of operating systems and applications. This heterogeneity of hardware and software poses significant challenges to security. Constrained IoT devices often do not have enough resources to carry the overhead of an intrusion protection system or complex security protocols. Furthermore, they are often not properly managed and updated. Network scans are a valuable tool to discover vulnerable devices. In the context of IoT, the initiator of the scan can be particularly interested in finding constrained devices, assuming that they are easier targets for attacks. However, in IoT networks hosting devices of various types, performing a scan with a high discovery rate can be a challenging task, since a scan working well for, eg, a WiFi network might easily overload a low-power network such as IEEE 802.15.4. In this paper, we propose an approach to increase the efficiency of network scans in heterogeneous environments by combining them with active round-trip time measurements. The measurements allow the scanner to differentiate IoT nodes by the used network technology. Using the knowledge gained from this differentiation, our approach adapts the scan strategy to reduce probe losses, and hence the speed and efficiency of the scan. We validate our approach through simulations of a mixed IoT infrastructure consisting of WiFi and multihop IEEE 802.15.4 subnetworks.