Abstract:
In recent years, resource-constrained Internet of Things (IoT) devices have been incorporated in many domains. However, malicious users and attackers in the cyberspace have been taking advantage of these technological advancement, to gain unauthorized access to these devices. It is essential to identify all connected devices uniquely, to improve network security as well as preserve user’s privacy and safety. In this paper, a device fingerprinting scheme have been proposed by utilizing device-originated communication traffic attributes from a single transmission control protocol (TCP)/internet protocol (IP) packet information. Nine features have been extracted for the proposed scheme. This approach has been evaluated using five machine learning algorithms: J48, Random Forest, Random Tree, Bagging, and Stacking, on three IoT datasets: the IoT Sentinel, UNSW, and D-Link IoT, to study the trade-off between classification performance and processing time. Experimental results have shown that the Bagging classifier achieves 96.6% precision, and 96.4% recall and f-measure using the D-Link IoT dataset, respectively, however, requiring a significant amount of time. On the other hand, the J48 classifier achieves comparable performance whilst requiring only a minimum time. The result is significant as the proposed device fingerprinting scheme can be used to increase security of an IoT network.