{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,5,19]],"date-time":"2026-05-19T14:48:02Z","timestamp":1779202082443,"version":"3.51.4"},"publisher-location":"Cham","reference-count":35,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030172763","type":"print"},{"value":"9783030172770","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-17277-0_10","type":"book-chapter","created":{"date-parts":[[2019,4,24]],"date-time":"2019-04-24T09:55:51Z","timestamp":1556099751000},"page":"180-201","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":21,"title":["Policy-Based Identification of IoT Devices\u2019 Vendor and Type by DNS Traffic Analysis"],"prefix":"10.1007","author":[{"given":"Franck","family":"Le","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Jorge","family":"Ortiz","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dinesh","family":"Verma","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Dilip","family":"Kandlur","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2019,4,25]]},"reference":[{"key":"10_CR1","unstructured":"Gartner Research: Gartner Says 8.4 Billion Connected \u201cThings\u201d Will Be in Use in 2017, Up 31 Percent From 2016 (2017). \n                      http:\/\/www.gartner.com\/newsroom\/id\/3598917"},{"key":"10_CR2","unstructured":"Hautala, L.: Why it was so easy to hack the cameras that took down the web. In: CNET Security (2016)"},{"key":"10_CR3","unstructured":"Palmer, D.: 175,000 IoT cameras can be remotely hacked thanks to flaw, says security researcher. In: ZDNet (2017)"},{"key":"10_CR4","doi-asserted-by":"crossref","unstructured":"Yu, T., Sekar, V., Seshan, S., Agarwal, Y., Xu, C.: Handling a trillion (unfixable) flaws on a billion devices: rethinking network security for the internet-of-things. In: ACM Workshop on Hot Topics in Networks (2015)","DOI":"10.1145\/2834050.2834095"},{"key":"10_CR5","unstructured":"Apthorpe, N., Reissman, D., Feamster, N.: A smart home is no castle: privacy vulnerabilities of encrypted IoT traffic. In: Workshop on Data and Algorithmic Transparency (DAT) (2016)"},{"key":"10_CR6","doi-asserted-by":"crossref","unstructured":"Sivanathan, A., Sherratt, D., Gharakheili, H.H., Vishwanath, A., Sivaraman, V.: Low-cost flow-based security solutions for smart-home IoT devices. In: Advanced Networks and Telecommunications Systems (2016)","DOI":"10.1109\/ANTS.2016.7947781"},{"key":"10_CR7","doi-asserted-by":"crossref","unstructured":"Miettinen, M., et al.: IoT sentinel demo: automated device-type identification for security enforcement in IoT. In: IEEE International Conference on Distributed Computing Systems (2017)","DOI":"10.1109\/ICDCS.2017.284"},{"key":"10_CR8","doi-asserted-by":"crossref","unstructured":"Sivanathan, A., et al.: Characterizing and classifying IoT traffic in smart cities and campuses. In: IEEE INFOCOM Workshop Smart Cities and Urban Computing (SmartCity 2017) (2017)","DOI":"10.1109\/INFCOMW.2017.8116438"},{"key":"10_CR9","unstructured":"Cisco identity services engine. \n                      https:\/\/www.cisco.com\/c\/en\/us\/products\/security\/identity-services-engine\/"},{"key":"10_CR10","unstructured":"IEEE: OUI Public Listing. \n                      http:\/\/standards.ieee.org\/develop\/regauth\/oui\/oui.txt\n                      \n                    . Accessed 18 Jan 2018"},{"key":"10_CR11","doi-asserted-by":"crossref","unstructured":"Markowsky, L., Markowsky, G.: Scanning for vulnerable devices in the internet of things. In: Intelligent Data Acquisition and Advanced Computing Systems: Technology and Applications (IDAACS) (2015)","DOI":"10.1109\/IDAACS.2015.7340779"},{"key":"10_CR12","unstructured":"Ramos, J.: Using TF-IDF to determine word relevance in document queries. Department of Computer Science, Rutgers University (1999)"},{"key":"10_CR13","doi-asserted-by":"crossref","unstructured":"Mockapetris, P.: Domain names - implementation and specification. RFC 1035, Internet Engineering Task Force (1987)","DOI":"10.17487\/rfc1035"},{"key":"10_CR14","volume-title":"The DHCP Handbook: Understanding, Deploying, and Managing Automated Configuration Services","author":"R Droms","year":"1999","unstructured":"Droms, R., Lemon, T.: The DHCP Handbook: Understanding, Deploying, and Managing Automated Configuration Services. New Riders Publishing, Thousand Oaks (1999)"},{"key":"10_CR15","unstructured":"Neustar security - DNS services. \n                      https:\/\/www.security.neustar\/dns-services\n                      \n                    . Accessed 18 Jan 2018"},{"key":"10_CR16","unstructured":"easyDNS technologies inc. domains - register, transfer domains. \n                      https:\/\/www.easydns.com\/\n                      \n                    . Accessed 18 Jan 2018"},{"key":"10_CR17","unstructured":"Le, Q., Mikolov, T.: Distributed representations of sentences and documents. In: International Conference on International Conference on Machine Learning (2014)"},{"key":"10_CR18","doi-asserted-by":"publisher","DOI":"10.1007\/978-0-387-89009-8","volume-title":"Principles of Computer Systems and Network Management","author":"D Verma","year":"2009","unstructured":"Verma, D.: Principles of Computer Systems and Network Management. Springer, New York (2009)"},{"key":"10_CR19","volume-title":"SNMP, SNMPv2, SNMPv3, and RMON 1 and 2","author":"W Stallings","year":"1998","unstructured":"Stallings, W.: SNMP, SNMPv2, SNMPv3, and RMON 1 and 2. Addison-Wesley Longman Publishing Co., Inc., Boston (1998)"},{"key":"10_CR20","unstructured":"Breitbart, Y., Garofalakis, M., Martin, C., Rastogi, R., Seshadri, S., Silberschatz, A.: Topology discovery in heterogeneous IP networks. In: IEEE INFOCOM (2000)"},{"key":"10_CR21","unstructured":"DMTF: Desktop management task force CIM-RS. \n                      https:\/\/www.dmtf.org\/standards\/cimrs\n                      \n                    . Accessed 18 Jan 2018"},{"key":"10_CR22","doi-asserted-by":"crossref","unstructured":"Pautasso, C., Zimmermann, O., Leymann, F.: Restful web services vs. big\u2019web services: making the right architectural decision. In: Proceedings of the 17th International Conference on World Wide Web, pp. 805\u2013814. ACM (2008)","DOI":"10.1145\/1367497.1367606"},{"key":"10_CR23","doi-asserted-by":"crossref","unstructured":"Martin, J., Rye, E., Beverly, R.: Decomposition of MAC address structure for granular device inference. In: Proceedings of the 32nd Annual Conference on Computer Security Applications. ACM (2016)","DOI":"10.1145\/2991079.2991098"},{"key":"10_CR24","unstructured":"Franklin, J., McCoy, D., Tabriz, P., Neagoe, V., Randwyk, J.V., Sicker, D.: Passive data link layer 802.11 wireless device driver fingerprinting. In: USENIX Security Symposium, vol. 3, pp. 16\u201389 (2006)"},{"key":"10_CR25","doi-asserted-by":"crossref","unstructured":"Martin, J., Rhame, D., Beverly, R., McEachen, J.: Correlating GSM and 802.11 hardware identifiers. In: Military Communications Conference, MILCOM 2013\u20132013 IEEE, pp. 1398\u20131403. IEEE (2013)","DOI":"10.1109\/MILCOM.2013.237"},{"key":"10_CR26","unstructured":"Fingerbank device fingerprints. \n                      https:\/\/fingerbank.org\/\n                      \n                    . Accessed 18 Jan 2018"},{"key":"10_CR27","doi-asserted-by":"crossref","unstructured":"Hupperich, T., Maiorca, D., K\u00fchrer, M., Holz, T., Giacinto, G.: On the robustness of mobile device fingerprinting: can mobile users escape modern web-tracking mechanisms? In: Proceedings of the 31st Annual Computer Security Applications Conference, pp. 191\u2013200. ACM (2015)","DOI":"10.1145\/2818000.2818032"},{"key":"10_CR28","doi-asserted-by":"crossref","unstructured":"Guo, H., Heidemann, J.: IP-based IoT device detection. In: Proceedings of the 2018 Workshop on IoT Security and Privacy. ACM (2018)","DOI":"10.1145\/3229565.3229572"},{"key":"10_CR29","doi-asserted-by":"publisher","first-page":"2435","DOI":"10.1016\/S1389-1286(99)00112-7","volume":"31","author":"V Paxson","year":"1999","unstructured":"Paxson, V.: Bro: a system for detecting network intruders in real-time. Comput. Netw. 31, 2435\u20132463 (1999)","journal-title":"Comput. Netw."},{"key":"10_CR30","unstructured":"Cisco: Chromecast as mDNS service in order to cast screen configuration on WLC. \n                      https:\/\/www.cisco.com\/c\/en\/us\/support\/docs\/wireless-mobility\/wireless-mobility\/119017-config-chromecast-mdns-wlc-00.html\n                      \n                    . Accessed 18 Jan 2018"},{"key":"10_CR31","unstructured":"ICANN: WHOIS. \n                      https:\/\/whois.icann.org\/en"},{"key":"10_CR32","doi-asserted-by":"crossref","unstructured":"Chokhani, S., Ford, W., Sabett, R., Merrill, C., Wu, S.: Internet x.509 public key infrastructure certificate policy and certification practices framework (2003)","DOI":"10.17487\/rfc3647"},{"key":"10_CR33","unstructured":"Google: Chromecast. \n                      https:\/\/store.google.com\/us\/product\/chromecast_2015?hl=en-US\/\n                      \n                    . Accessed 11 Oct 2017"},{"key":"10_CR34","unstructured":"NTP pool project. \n                      http:\/\/www.pool.ntp.org\/en\/\n                      \n                    . Accessed 18 Jan 2018"},{"key":"10_CR35","unstructured":"Lyon, G.F.: Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning. Insecure, USA (2009)"}],"container-title":["Lecture Notes in Computer Science","Policy-Based Autonomic Data Governance"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-17277-0_10","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,5,20]],"date-time":"2019-05-20T09:44:54Z","timestamp":1558345494000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-17277-0_10"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030172763","9783030172770"],"references-count":35,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-17277-0_10","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"25 April 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}}]}}