Transferability of machine learning model for IoT device identification and vulnerability assessment
University of New Brunswick
The lack of appropriate cyber security measures deployed on IoT makes these devices prone to many security issues. Machine learning (ML) models used to monitor devices in a network and make predictions by differentiating between benign and malicious devices have made tremendous strides. However, most of the research in profiling and identification uses the same data for training and testing. Hence, a slight change in the data renders most learning algorithms to work poorly. This study uses a transferability approach based on the concept of transductive transfer learning for IoT device profiling and identification. We propose a three-component system comprising the device type identification, the vulnerability assessment, and the visualization module. The device type identification component uses the underlying concept of transductive transfer learning, where the trained model is transferred to a remote lab for testing. This type of transfer learning works by explicitly assigning labels to the testing data in the target domain using the test feature space in the target domain, with training data from the source domain. The test dataset (target domain) will employ the trained model (source domain) knowledge. Furthermore, the vulnerability of the predicted device type is assessed using three vulnerability databases: Vulners, NVD, and IBM X-Force. Lastly, the results from the vulnerability assessment are visualized.