A Smart Internet-Wide Port Scan Approach for Improving IoT Security Under Dynamic WLAN Environments

The Internet of Things (IoT) has created acute network security concerns owing to their weak protocols and limited system resources. Vulnerable IoT devices increase the risk of compromising other devices connected to the network. Hence, vulnerability and risk assessments are necessary for IoT devices. Correspondingly, the Internet-wide port scan (IWPS) technique has garnered significant attention for its ability to discover and probe Internet-wide connected IoT devices. However, IWPS performance depends on the end wireless local area network (WLAN) state (e.g., congestion and signal-to-interference-plus-noise ratio). Scans oblivious to such dynamic WLAN factors can cause probe packet loss while increasing port-scan delays, which reduces the discovery rate, which misses the point of network security. Therefore, in this study, we propose a novel holistic approach to identifying WLAN environmental states based on round-trip time and probe-packet responses. To demonstrate the effectiveness of the proposed approach, we perform extensive experiments on real WLAN environments with various devices. The accuracy of the estimated states was validated at greater than 90% by analyzing the captured probe data at each WLAN.

Automated summary

The Internet of Things presents security concerns due to weak protocols and limited resources, necessitating vulnerability and risk assessments. The Internet-wide port scan (IWPS) technique is used for discovering IoT devices, but its performance is affected by WLAN conditions. A novel approach to identifying WLAN states using round-trip time and probe-packet responses was proposed and validated through experiments, achieving an accuracy of over 90%.