IoT Device Discovery and Threat Detection

This result has generated a tool that allows the discovery of IoT devices and the detection of IoT based attacks in corporate networks. The AI models can differentiate between IoT devices and non-IoT devices (computers, servers, consoles, etc.). identify IoT device types and its operational state. Also, classify IoT traffic into good traffic and attack traffic.

The model created can identify the following: ML model for IoT device identification (one of 9 consumer IoT devices identification); further extended ML model to detect IoT device operational status (i.e., Power, Idle, Active); ML model developed for industrial IoT device identification (IoT versus Non-IoT).

ML models can detect IoT device security status (Port Scan, Slowloris, Syn Flood, Vulnerability Scan, Man-in-the-Middle, Teardrop Attack, OS Scan, DNS Flood, Brute Force Attack). The model can also identify additional IoT device security status (Brute Force, Dos, Port Scan, Data Poisoning, Infiltration).

To integrate this solution into the company's environment, it is necessary to have a Kubernetes cluster and install the ENTA tool. Furthermore, it is necessary that the ENTA tool can be accessed from outside the cluster in order to communicate with the models deployed in the cloud.

Solution integrators, Security departments in large enterprises and cybersecurity managed service providers

To reuse this software, you must hire the services of MTP to be able to install and adapt the tool to the environments and needs of each of the clients.