Fingerprinting Industrial IoT devices based on multi-branch neural network

Industrial Internet-of-Things systems suffer from a vast and vulnerable attack surface, raising widespread concerns about shielding IIoT devices from malicious attacks and reducing cyber risks. Device identification is the prerequisite to safeguard IIoT systems. We leverage the observation that IIoT network protocol implementations vary due to different hardware architectures/configurations and design tasks of IIoT devices, which cause the difference in their network traffic payloads. Specifically, we develop a novel neural network to learn the semantic/syntax features among multiple IIoT packets. The neural network has multiple branches, each of which consists of convolution layers, attention modules, and highway units for learning the classification model of IIoT devices. To validate the precision and recall of our neural network in IIoT devices fingerprinting, we have implemented a prototype of the proposed IIoT device identification system. Our results show that our approach achieves 95.8% precision and 95.4% recall, significantly outperforming other classification models.