Obfuscating IoT Device Scanning Activity via Adversarial Example Generation

TL;DR

This paper introduces BANADV, a novel method using adversarial examples to modify IoT device banners, effectively disrupting fingerprinting techniques and enhancing privacy during network reconnaissance.

Contribution

BANADV is the first approach to apply adversarial example generation to IoT banners, achieving high spoofing success and revealing vulnerabilities in fingerprinting methods.

Findings

Achieves at least 80% success rate in spoofing fingerprinting techniques.

Disrupts state-of-the-art IoT device profiling methods.

Highlights weaknesses of learning-based and matching-based fingerprinting.

Abstract

Nowadays, attackers target Internet of Things (IoT) devices for security exploitation, and search engines for devices and services compromise user privacy, including IP addresses, open ports, device types, vendors, and products.Typically, application banners are used to recognize IoT device profiles during network measurement and reconnaissance. In this paper, we propose a novel approach to obfuscating IoT device banners (BANADV) based on adversarial examples. The key idea is to explore the susceptibility of fingerprinting techniques to a slight perturbation of an IoT device banner. By modifying device banners, BANADV disrupts the collection of IoT device profiles. To validate the efficacy of BANADV, we conduct a set of experiments. Our evaluation results show that adversarial examples can spoof state-of-the-art fingerprinting techniques, including learning- and matching-based approaches. We further provide a detailed analysis of the weakness of learning-based/matching-based fingerprints to carefully crafted samples. Overall, the innovations of BANADV lie in three aspects: (1) it utilizes an IoT-related semantic space and a visual similarity space to locate available manipulating perturbations of IoT banners; (2) it achieves at least 80\% success rate for spoofing IoT scanning techniques; and (3) it is the first to utilize adversarial examples of IoT banners in network measurement and reconnaissance.