A Generic Machine Learning Approach for IoT Device Identification

Abstract

The rapidly prevailing Internet of Things (IoT) devices in numerous sectors, may jeopardize a vast amount of confidential data, raising threats to network security. Thereby, it is crucial to verify the data source and device identity to ensure network security. Thus, the identification of IoT devices is a substantial step in securing the underlying network system. The models which are proposed in previous studies are trained and tested on the same dataset, which leads to overfitting. In this work, we propose a generic machine learning approach for IoT device identification and test the trained models on four publically available datasets. To better identify IoT devices in the network through machine learning models, we first extracted 85 features from packet capture (.pcap) files using NFStream. We then selected 20 features using the information gain method and trained six machine learning models in our experiments on two publicly available datasets, i.e., UNSW IoT Traces, and Your Things dataset, for binary classification. In the training phase, we obtained the highest 99% accuracy for IoT device identification using Random Forest and Naïve Bayes classifiers over UNSW and Your Things dataset respectively. Further, we evaluated these models on two other publicly available datasets. Overall, the Naïve Bayes classifier outperformed all other classifiers for detecting both IoT and non-IoT traffic, with 92% average accuracy.