Many IoT devices are vulnerable to attacks due to flawed security designs and lacking mechanisms for firmware updates or patches to eliminate the security vulnerabilities. Device-type identification combined with data from vulnerability databases can pinpoint vulnerable IoT devices in a network and can be used to constrain the communications of vulnerable devices for preventing damage. In this contribution, we present and evaluate two deep learning approaches to the reliable IoT device-type identification, namely a recurrent and a convolutional network architecture. Both deep learning approaches show accuracies of 97% and 98%, respectively, and thereby outperform an up-to-date IoT device-type identification approach using hand-crafted fingerprint features obtaining an accuracy of 82%. The runtime performance for the IoT identification of both deep learning approaches outperforms the hand-crafted approach by three magnitudes. Finally, importance metrics explain the results of both deep learning approaches in terms of the utilization of the analyzed traffic data flow.

中文翻译：

---

使用流量数据和深度学习自动识别网络中的脆弱设备

由于安全设计存在缺陷，并且缺乏固件更新或补丁程序消除安全漏洞的机制，许多物联网设备容易受到攻击。设备类型标识与漏洞数据库中的数据相结合，可以查明网络中易受攻击的IoT设备，并可用于限制易受攻击设备的通信以防止损坏。在此贡献中，我们提出并评估了两种深度学习方法，以进行可靠的IoT设备类型识别，即循环和卷积网络架构。两种深度学习方法的准确率分别为97％和98％，因此胜过使用手工指纹功能获得82％的准确性的最新IoT设备类型识别方法。两种深度学习方法的IoT识别的运行时性能都比手工方法高出三个数量级。最后，重要性指标根据所分析的交通数据流的使用情况解释了两种深度学习方法的结果。