Table 1.
Comparison of the proposed work with state-of-the-art techniques.
| Pap. | Purpose | Identification Method | Considered Features | Implementation | Attack Status |
|---|---|---|---|---|---|
| [20] | To identify the device type and device model | Calculating the similarity of features | Communication features extracted from header | Network cameras and factory-used devices | No attack |
| [21] | To employ behavioral fingerprinting for identification and authentication | K-nearest-neighbors (K-NN), Decision Trees (DT), gradient boosting, and majority voting | Header feature and payload-based features | 14 home IoT devices | No attack |
| [4] | To automatically classify the IoT devices using TCP/IP packets | ML algorithms (DT, K48, OneR, PART) to classify device type | GA to determine most unique features from network, transport, and application layer | a database from [18] | No attack |
| [22] | To identify IoT devices using ML algorithms on network traffic data | Two-stages classifier: I. distinguish IoT vs non-IoT II. determine device class | features from network, transport, and application layer + data from Alexa Rank and GeoIP | 9 distinct IoT devices, and PCs and smartphones | No attack |
| [23] | To identify IoT device types from the white list | multi-class classifier using RF | Features from Transmission Control Protocol/Internet Protocol (TCP/IP) sessions | 17 different IoT devices (9 device type) by different vendors | Based on local organizational security policies violations |
| [24] | To classify IoT devices using traffic characteristics | multi-stage ML: Stage-0. Naïve Bayes Stage-1. RF | statistical attributes: activity cycles, port number, signaling patterns, and cipher suites | a living lab with 28 IoT devices | User Datagram Protocol (UDP) reflection and TCP SYN attacks |
| [26] | To recognize IoT devices by analyzing the generated network traffic | RF, DT, Support Vector Machine (SVM), k-NN, Artificial Neural Network and Gaussian Naive Bayes | Size of first 10 pack sent/ received and interval times | experimental smart home network of 4 devices | No attack |
| [25] | To automatically identify white-listed device types | ML classifiers ( e.g., SVM and K-NN) | behavioural and flow-based features | 31 off-the-shelf IoT device (27 device types) | Adversaries compromising devices on network |
| [27] | To identify device-type without human intervention | unsupervised learning method | 4 types of features: periodic flaws, periodic accuracy, period duration, and period stability | a dataset comprising 33 typical commercial IoT devices | Spoofing device fingerprints |
| Our work | To identify the device using device profiling | ML methods (RF, SVM, and Logistic Regression (LR)) | header information, sensor measurements, and statistical features | 2 types of sensors in an office | physical and remote attacks (Object emulation and Botnet attack) |