November 18, 2020

Toka’s patented approach to analyzing the IoT landscape suddenly makes secure order out of chaos

At Toka, we develop technologies and solutions that help trusted agencies enhance effectiveness and achieve their primary mission to defend against terror and crime. We focus on creating solutions and products for the often-neglected field of the Internet of Things (IoT) and aim to offer faster and easier tools for the operations teams to conduct intelligence collection, forensic investigations, or covert activities to keep citizens safe.

Yet with more than 20 billion IoT devices in use around the world, it can be challenging to prioritize what to focus on first. The variety of devices and the multitude of manufacturers require a thorough market research process to support product development. While common market research strategies rely on conducting surveys, reading manufacturer statements, and studying analyst reports, this approach is often time-consuming and might not offer a comprehensive view of the device landscape. Working with defense and law enforcement agencies, our data has to match reality. So, when we begin a project in a new area, we must understand the local distribution and the various types of IoT devices that are present. The new, effective method Toka developed uses innovative technology and can be quickly deployed on-demand.

Toka Utilizing the IoT landscape for intelligence and operational purposes
Utilizing the IoT landscape for intelligence and operational purposes

After our research, we developed a patented, active approach to deploy our technology and discover IoT devices, their types, and the distribution of vendors in each region. This approach is possible because some IoT devices can be controlled remotely via their local web/control server and must export their control ports. These directly connected devices can be found and are reachable from a wide area network (WAN). Examples of these devices include routers, security cameras, security systems, 3D printers, lighting systems, sprinkler systems, and HVAC units.

While many devices exclusively communicate with their cloud servers, directly connected devices still represent the majority of IoT devices and provide a good sample of the distribution of devices in a specific location.
After the discovery stage, we need to quickly classify accessible control ports to the right category by vendor and device type. However, retrieving all the data from each web page and comparing the sources is time-consuming and a drain on resources. Instead, we use a screening process that narrows down the web pages that need to be examined by grouping together identical web pages. We facilitate this by classifying web pages according to their metadata and taking into account multiple factors like headers and content length. This smart filtering discards the majority of irrelevant hits and leaves only a fraction of results to examine.

The classification phase outputs three clusters. The first cluster contains all the web pages that perfectly match our pre-defined parameters for each vendor. We can use these results to easily map the device types and vendors distribution. The second is a cluster of all known irrelevant web pages and services that we can discard from our consideration.The third cluster is the unknown ports/services that will require additional research for classification. By constantly examining these newly discovered services, our process is always improving, and the signatures are refined.

Toka’s innovative scanning and classification method is an essential step to develop our products, and it helps us and our partners save time and resources. This approach will become more useful as the number of connected IoT devices continues to grow.

This U.S. patented approach, made possible thanks to our R&D team and Toka’s innovative technology, is an essential step in the process to achieve our overall goal: helping defense and law enforcement agencies keep citizens safe and defend against terror and crime.

Toka's infograph that shows high-level process
High-level process

Toka - Example of the distribution map
Example of the distribution map