A MODEL FOR USING OPERATING SYSTEM (SO) FINGERPRINTS TO IDENTIFY AND RESPOND TO UNAUTHORIZED CONNECTIONS FROM IOT DEVICES IN THE ABSENCE OF NETWORK ADMISSION CONTROL (NAC).
IoT, Internet of Things, OS fingerprints, Network admission, unauthorized devices.
The proliferation of Internet of Things (IoT) devices presents significant challenges for network security. Detecting and responding to unauthorised connections to these devices is key to maintaining the integrity and security of networks, especially in situations where network admission control (NAC) has not yet been implemented. This article proposes a model that uses operating system (OS) fingerprints to identify unauthorised IoT devices on a network and block them. The model incorporates a comprehensive set of tests to evaluate the effectiveness of the proposed approach in responding to different adversary scenarios. The results demonstrate the model's ability to identify unauthorised IoT devices and respond appropriately, improving network security even in the absence of NAC, or as long as this protection technology is not deployable.