Machine Learning Challenges for IoT Device Fingerprints Identification

Abstract

Abstract The dramatic growth of Internet of Things (IoT) devices in recent years increases the IoT networks’ vulnerabilities and introduces new challenges among machine learning (ML) algorithms to detect the networked devices. The creation of a Device Fingerprint (DFP) may depend on extracting the network traffic features related to the device except for the identities assigned to it. In this paper, Device Fingerprints for 20 IoT devices are created by extracting 30 features during startup operation. Wireshark Network Protocol Analyzer is used to collect network traffic of 8 home IoT devices, meanwhile the traffics of the remaining devices are taken from the captures_IoT-Sentinel publicly available dataset. Four supervised machine learning algorithms were applied and tested to detect authorized devices and isolate unknown devices, namely: Support Vector Machine (SVM), Decision Tree (DT), Ensemble Random Forest (RF), and Gradient Boosting Classifier (GBC). Random Forest model and Gradient Boosting Classifier both showed better results of about 98.8% as an average of overall accuracy with less difference comparing with the accuracy of Decision Tree. Voting classifier was applied using the three estimators that resulted in high accuracy (DT, RF, and GBC) and achieving 99.5% as an average of overall accuracy.