International Journal of Information Engineering and Electronic Business (IJIEEB)
IJIEEB Vol. 17, No. 3, 8 Jun. 2025
Cover page and Table of Contents: PDF (size: 1404KB)
Classifying IoT Device’s Traffic Traces Using Network Traffic Characteristics
PDF (1404KB), PP.1-13
Views: 0 Downloads: 0
Author(s)
Rajarshi Roy Chowdhury
1,*
Debashish Roy
2
Pg Emeroylariffion Abas
3
Index Terms
Internet of Things, Device Classification, Machine Learning, Network Traffic Traces, Traffic Features Analysis
Abstract
The escalating proliferation of devices, including both Internet of Things (IoT) and non-IoT devices, has triggered a suite of emergent security challenges in cyberspace, such as accurate device identification and authentication. The wide array of device types, protocols, and usability exacerbates these challenges. While conventional addressing schemes such as the logical Internet Protocol addressing and physical Media Access Control addressing schemes are integral for communication, they are susceptible to spoofing attacks. Device fingerprinting can be used to address the issue of identifying devices and traffic types using only implicit identifiers such as network traffic characteristics. In this paper, supervised machine learning based a device fingerprinting model has been proposed for the classification of both IoT and non-IoT devices on three levels based on their communication traffic characteristics. A meticulous feature selection process, employing two attribute evaluators, identified a subset of twenty features crucial for generating unique fingerprints from a large set of features pool. Three publicly available datasets and two supervised classifiers were utilized for evaluation purposes. Experimental results illustrated that the proposed model attained a classification accuracy exceeding 99% in discerning between known and unknown traffic traces (Level-1) on both the UNSW IoT and D-Link IoT datasets using the Random Forest (RF) classifier, and 99.74% accuracy in classifying network traffic types (Level-2) on the UNSW dataset. Individual device identification (Level-3) proves equally robust, with the RF and J48 classifiers achieving 99.03% and 98.14% accuracies on the UNSW non-IoT and IoT datasets, respectively. These findings underscore the potential of the device fingerprinting model in enhancing network security. The model’s robust classification capabilities across various datasets and identification levels make it a valuable asset in tackling modern security challenges in networked environments.
Cite This Paper
Rajarshi Roy Chowdhury, Debashish Roy, Pg Emeroylariffion Abas, "Classifying IoT Device’s Traffic Traces Using Network Traffic Characteristics", International Journal of Information Engineering and Electronic Business(IJIEEB), Vol.17, No.3, pp. 1-13, 2025. DOI:10.5815/ijieeb.2025.03.01
Reference
[1]Glowniak j. History, structure, and function of the internet. Seminars in Nuclear Medicine. 1998; 28(2): 135-144. doi: 10.1016/S0001-2998(98)80003-2.
[2]Madakam S, Ramaswamy R, Tripathi S. Internet of Things (IoT): A Literature Review. Journal of Computer and Communications. 2015; 3(5): 1-10. doi: 10.4236/jcc.2015.35021.
[3]Chowdhury RR, Che A, Abas PE. Packet-level and IEEE 802.11 MAC frame-level analysis for IoT device identification. Turkish Journal of Electrical Engineering and Computer Sciences. 2022; 30(5): 1-18. doi: 10.55730/1300-0632.3915.
[4]Chowdhury RR, Che A, Abas PE. A Deep Learning Approach for Classifying Network Connected IoT Devices Using Communication Traffic Characteristics. Journal of Network and Systems Management. 2023; 31(1). doi: 10.1007/s10922-022-09716-x.
[5]Chowdhury RR, Che A, Abas PE. Internet of things: Digital footprints carry a device identity. AIP Conference Proceedings 2643. 2023; 40003. doi: 10.1063/5.0111335.
[6]Miettinen M, Marchal S, Hafeez I, Asokan N, Sadeghi AR et al. IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. In: 2017 IEEE 37th International Conference on Distributed Computing Systems; Atlanta, GA, USA; 2017. pp. 2177-2184. doi: 10.1109/ICDCS.2017.283.
[7]Song Y, Huang Q, Yang J, Fan M, Hu A, Jiang Y. IoT device fingerprinting for relieving pressure in the access control. ACM International Conference Proceeding Series. 2019. pp. 1-8. doi: 10.1145/3321408.3326671.
[8]Jeong YS. An Efficient IoT Healthcare Service Management Model of Location Tracking Sensor. Journal of Digital Convergence. 2016; 14(3): 261–267. doi: 10.14400/jdc.2016.14.3.261.
[9]Ramnath S, Javali A, Narang B, Mishra P, Routray SK. IoT based localization and tracking. IEEE International Conference on IoT and its Applications (ICIOT 2017). 2017. doi: 10.1109/ICIOTA.2017.8073629.
[10]Aume C, Andrews K, Pal S, James A, Seth A, Mukhopadhyay S. TrackInk: An IoT-Enabled Real-Time Object Tracking System in Space. Sensors. 2022; 22(2): 1–15. doi: 10.3390/s22020608.
[11]Hasan M, Islam MM, Zarif MII, Hashem MMA. Attack and anomaly detection in IoT sensors in IoT sites using machine learning approaches. Internet of Things 2019; 7: 100059. doi: 10.1016/j.iot.2019.100059.
[12]Meidan Y, Bohadana M, Mathov Y, Mirsky Y, Shabtai A, Breitenbacher D, Elovici Y. N-BaIoT-Network-based detection of IoT botnet attacks using deep autoencoders. IEEE Pervasive Computing. 2018; 17(3): 12–22. doi: 10.1109/MPRV.2018.03367731.
[13]Nascita A, Cerasuolo F, Monda DD, Garcia J, Montieri A, Pescape A. Machine and Deep Learning Approaches for IoT Attack Classification. IEEE INFOCOM 2022 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). 2022; 1-6. doi: 10.1109/INFOCOMWKSHPS54753.2022.9797971.
[14]Garcia-Morchon O., Kumar S. Sethi M., Ericsson. Internet of Things (IoT) Security: State of the Art and Challenges (draft-irtf t2trg-iot-seccons-16). Datatracker. 2018; URL:https://datatracker.ietf.org/doc/draft-irtf-t2trg-iotseccons/16/.
[15]Chowdhury RR, Abas PE. A survey on device fingerprinting approach for resource-constraint IoT devices: Comparative study and research challenges. Internet of Things (Netherlands). 2022; 20(1). doi: 10.1016/j.iot.2022.100632.
[16]Saleh M., Jhanjhi N., Abdullah A., Saher R. Proposing Encryption Selection Model for IoT Devices Based on IoT Device Design. 23rd International Conference on Advanced Communication Technology. 2022; doi: 10.23919/ICACT53585.2022.9728914.
[17]Xu Q, Zheng R, Saad W, Han Z. Device Fingerprinting in Wireless Networks: Challenges and Opportunities. IEEE Communications Surveys & Tutorials 2015; 18(1): pp. 94-104. doi: 10.1109/COMST.2015.2476338.
[18]Sivanathan A, Gharakheili HH, Loi F, Radford A, Wijenayake C et al. Classifying IoT Devices in Smart Environments Using Network Traffic Characteristics. IEEE Transactions on Mobile Computing 2018; 18(8): 1745-1759. doi: 10.1109/TMC.2018.2866249.
[19]Sivanathan A, Sherratt D, Gharakheili HH, Radford A, Wijenayake C et al. Characterizing and classifying IoT traffic in smart cities and campuses. In: 2017 IEEE Conference on Computer Communications Workshops; Atlanta, GA, USA; 2017. pp. 559-564. doi: 10.1109/INFCOMW.2017.8116438.
[20]Chowdhury RR, Idris AC, Abas PE. Internet of Things Device Classification using Transport and Network Layers Communication Traffic Traces. International Journal of Computing and Digital Systems. 2022; 12(1): 2210–142. doi: 10.12785/ijcds/120144.
[21]Wang X, Zhang Y, Zhang H, Li Y, Wei X. Radio Frequency Signal Identification Using Transfer Learning Based on LSTM. Circuits Syst Signal Process. 2020; 39(11): 5514–5528. doi: 10.1007/s00034-020-01417-7.
[22]Robyns P, Bonne B, Quax P, Lamotte W. Noncooperative 802.11 MAC Layer Fingerprinting and Tracking of Mobile Devices. Security and Communication Networks 2017; 2017. doi: 10.1155/2017/6235484.
[23]Sivanathan A. IoT Behavioral Monitoring via Network Traffic Analysis. 2020. V. abs/2001.10632. URL: https://api.semanticscholar.org/CorpusID:210943061.
[24]Chowdhury RR, Aneja S, Aneja N, Abas PE. Network Traffic Analysis based IoT Device Identification. In: BDIOT 2020: Proceedings of the 2020 the 4th International Conference on Big Data and Internet of Things; Singapore; 2020. pp. 79–89. doi: 10.1145/3421537.3421545.
[25]Aksoy A, Gunes MH. Automated IoT Device Identification using Network Traffic. In: ICC 2019 - 2019 IEEE International Conference on Communications; Shanghai, China; 2019. pp. 1-7. doi: 10.1109/ICC.2019.8761559.
[26]Dalai AK, Jena SK. WDTF: A Technique for Wireless Device Type Fingerprinting. Wireless Personal Communications: An International Journal. 2017; 97(2): 1911–1928. doi: 10.1007/s11277-017-4652-y.
[27]Qing G, Wang H, Zhang T. Radio frequency fingerprinting identification for Zigbee via lightweight CNN. Physical Communication 2021; 44: 101250. doi: 10.1016/j.phycom.2020.101250.
[28]Chen L, Zhao C, Zheng Y, Wang Y. Radio Frequency Fingerprint Identification Based on Transfer Learning. 2021 IEEE/CIC International Conference on Communications in China (ICCC). 2021; 81–85. doi: 10.1109/ICCC52777.2021.9580203.
[29]Tian Q, Lin Y, Guo X, Wen J, Fang Y, Rodriguez J, Mumtaz S. New Security Mechanisms of High-Reliability IoT Communication Based on Radio Frequency Fingerprint. IEEE Internet Things Journal. 2019; 6(5): 7980–7987. doi: 10.1109/JIOT.2019.2913627.
[30]Hamad SA, Zhang WE, Sheng QZ, Nepal S. IoT Device Identification via Network-Flow Based Fingerprinting and Learning. In: 2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering; Rotorua, New Zealand; 2019. pp. 103–111. doi: 10.1109/TrustCom/BigDataSE.2019.00023.
[31]Aneja S, Aneja N, Bhargava B, Chowdhury RR. Device fingerprinting using deep convolutional neural networks. International Journal of Communication Networks and Distributed Systems 2022; 28(2): 171-198. doi: 10.1504/IJCNDS.2022.121197.
[32]Aneja S, Aneja N, Islam MS. IoT Device fingerprint using deep learning. Proceedings - 2018 IEEE International Conference on Internet of Things and Intelligence System (IOTAIS 2018) 2019; 174–179. doi: 10.1109/IOTAIS.2018.8600824.
[33]Radhakrishnan SV, Uluagac AS, Beyah R. GTID: A Technique for Physical Device and Device Type Fingerprinting. IEEE Transactions on Dependable and Secure Computing 2015; 12(5): 519-532. doi: 10.1109/TDSC.2014.2369033.
[34]Chowdhury RR, Aneja S, Aneja N, Abas PE. Packet-level and IEEE 802.11 MAC frame-level network traffic traces data of the D-Link IoT devices. Data in Brief 2021; 37: 107208. doi: 10.1016/j.dib.2021.107208.
[35]Wu P, Lu Z, Zhou Q, Lei Z, Li X, Qiu M. Bigdata logs analysis based on seq2seq networks for cognitive Internet of Things. Future Generation Computer Systems. 2019; 90: 477–488. doi: 10.1016/j.future.2018.08.021.
[36]Hameed A, Violos J, Leivadeas A. A Deep Learning Approach for IoT Traffic Multi-Classification in a Smart-City Scenario. IEEE Access. 2022; 10:21193-21210. doi: 10.1109/ACCESS.2022.3153331.
[37]Suroso DJ, Rudianto A, Arifin M, Hawibowo S. Random forest and interpolation techniques for fingerprint-based indoor positioning system in un-ideal Environment. International Journal of Computing and Digital Systems. 2021; 10(1). doi: 10.12785/IJCDS/100166.
[38]Quinlan JR. C4.5: programs for machine learning. Publisher: Morgan Kaufmann; San Francisco, CA, United States; 1993.
[39]Witten IH, Frank E, Hall MA, Pal CJ. Data Mining, Fourth Edition: Practical Machine Learning Tools and Techniques. Publisher: Morgan Kaufmann; San Francisco, CA, United States; 2016.
[40]Bouzida Y, Cuppens F. Neural networks vs. decision trees for intrusion detection. IEEE International Conference. 2006; 2394–2400; URL:https://api.semanticscholar.org/CorpusID:17067528.
[41]Moustafa N, Turnbull B, Choo K. An ensemble intrusion detection technique based on proposed statistical flow features for protecting network traffic of internet of things. IEEE Internet Things Journal. 2019; 6(3) 4815–4830. doi: 10.1109/JIOT.2018.2871719.
[42]Wu X, Kumar V, Quinlan JR, Ghosh J, Yang Q et al. Top 10 algorithms in data mining. Knowledge and Information Systems 2008; 14(1): 1–37. doi: 10.1007/s10115-007-0114-2.
[43]Anthi E, Williams L, Slowinska M, Theodorakopoulos G, Burnap P. A Supervised Intrusion Detection System for Smart Home IoT Devices. IEEE Internet Things Journal. 2019; 6(5): 9042–9053. doi: 10.1109/JIOT.2019.2926365.
[44]Ortega J, Resureccion MR, Natividad LR, Bantug ET, Lagman AC, Lopez SR. An Analysis of Classification of Breast Cancer Dataset Using J48 Algorithm. International Journal of Advanced Trends in Computer Science and Engineering. 2020; 9(1.3): 475-480. doi:10.30534/ijatcse/2020/7591.32020.
[45]Breiman L. Random forests. Machine Learning. 2001; 45: 5–32. doi: 10.1023/A:1010933404324.
[46]Ho TK. Random decision forests. 3rd international conference on document analysis and recognition. 1995; 278–282. doi: 10.1109/ICDAR.1995.598994.
[47]Mishra AK, Ratha BK. Study of Random Tree and Random Forest Data Mining Algorithms for Microarray Data Analysis. International Journal on Advanced Electrical and Computer Engineering (IJAECE). 2016; 3(4): 5–7. URL: http://www.irdindia.in/journal ijaece/pdf/vol3 iss4/2.pdf
[48]Ganesan E, Hwang IS, Liem AT, Ab-Rahman MS. Sdn-enabled fiwi-iot smart environment network traffic classification using supervised ml models. Photonics. 2021; 8(6). doi: 10.3390/photonics8060201.
[49]Nguyen-An H, Silverston T, Yamazaki T, Miyoshi T. Entropy-based IoT devices identification. APNOMS 2020 - 2020 21st Asia-Pacific Network Operations and Management Symposium: Towards Service and Networking Intelligence for Humanity. 2020; 73–78. doi: 10.23919/APNOMS50412.2020.9236963.
[50]Yousefnezhad N, Madhikermi M, Framling K. MeDI: Measurement-based Device Identification Framework for Internet of Things. 16th International Conference on Industrial Informatics, INDIN 2018. 2018; 95–100. doi: 10.1109/INDIN.2018.8472080.
[51]Nguyen-An H, Silverston T, Yamazaki T, Miyoshi T. IoT Traffic: Modeling and Measurement Experiments. IoT. 2021; 2(1): 140–162. doi: 10.3390/iot2010008.
[52]Yang L, Wu H, Jin X, Zheng p, Hu S, Xu X, Yu W, Yan j. Study of cardiovascular disease prediction model based on random forest in eastern China. Scientific Reports. 2020; 10(1): 1–8. doi: 10.1038/s41598-020-62133-5.
[53]Chowdhury RR, Idris AC, Abas PE. Identifying SH-IoT devices from network traffic characteristics using random forest classifier. Wireless Networks. 2023; 1-15 doi: 10.1007/s11276-023-03478-3.
[54]Chowdhury RR, Idris AC, Abas PE. Device identification using optimized digital footprints. IAES International Journal of Artificial Intelligence. 2023; 12(1):232-240 doi: 10.11591/ijai.v12.i1.pp232-240.