Towards the Adaptability of Traffic-Based IoT Security Management Systems to the Device Behavior Evolutions

Different kinds of Internet-of-Things (IoT) devices have been widely deployed in recent years, bringing great convenience as well as security threats. Given the grim situation of IoT security, various traffic-based security management systems specially designed for IoT systems have also been developed, such as device identification systems and anomaly detection systems. A lot of such systems are trained and evaluated on datasets collected only in short time periods and lack long-term evaluation. Intuitively, the communication behaviors and traffic profile of IoT devices may keep evolving due to factors like software or firmware update and the changes of user habits. It remains to be evaluated whether these IoT security management systems can adapt well to the device behavior evolutions, which matters a lot to the real-world performance. In this paper, we give a systematic discussion about the adaptability of IoT security management systems. We summarize the factors that may cause changes on the traffic profiles of IoT devices and how they can influence the long-term performance of IoT security management systems. We hope our work can serve as a base for further study on the building of adaptive systems for the security of IoT devices.