Adversarial Attacks Against IoT Identification Systems

While machine learning (ML)-based solutions for Internet of Things (IoT) device identification are effective in identifying IoT devices connected to the network, they may be vulnerable to adversarial attacks. Conventional approaches for crafting adversarial attacks from the computer vision (CV) domain are not applicable in the computer network domain as they interfere with the meaningful communication of devices. In this research, we evaluate the robustness of payload-based IoT device identification solutions against adversarial examples generated using our new approach for the real-time crafting of adversarial examples; this approach, which is also applicable to the computer network domain, uses heatmaps generated by class activation mapping (CAM) and Grad-CAM++. We evaluate the effectiveness of adversarial examples generated using the above two methods against six variants of an existing payload-based ML IoT identification solution in a real-time end-to-end scenario. We show that in many cases, an adversarial example crafted using a heatmap can fool the examined variants of an existing payload-based IoT device identification solution with up to 100% accuracy.