Internet of Things (IoT) is one of the technological advancements of the twenty-first century which can improve living standards. However, it also imposes new types of security challenges, including device authentication, traffic types classification, and malicious traffic identification, in the network domain. Traditionally, internet protocol (IP) and media access control (MAC) addresses are utilized for identifying network-connected devices in a network, whilst these addressing schemes are prone to be compromised, including spoofing attacks and MAC randomization. Therefore, device identification using only explicit identifiers is a challenging task. Accurate device identification plays a key role in securing a network. In this paper, a supervised machine learning-based device fingerprinting (DFP) model has been proposed for identifying network-connected IoT devices using only communication traffic characteristics (or implicit identifiers). A single transmission control protocol/internet protocol (TCP/IP) packet header features have been utilized for generating unique fingerprints, with the fingerprints represented as a vector of 22 features. Experimental results have shown that the proposed DFP method achieves over 98% in classifying individual IoT devices using the UNSW dataset with 22 smart-home IoT devices. This signifies that the proposed approach is invaluable to network operators in making their networks more secure.

翻译：物联网（IoT）是21世纪能够提升生活水平的技术进步之一。然而，它也在网络领域带来了新的安全挑战，包括设备认证、流量类型分类和恶意流量识别。传统上，互联网协议（IP）地址和媒体访问控制（MAC）地址被用于识别网络中的连接设备，但这些寻址方案容易受到攻击，包括欺骗攻击和MAC随机化。因此，仅使用显式标识符进行设备识别是一项具有挑战性的任务。准确的设备识别在保障网络安全中起着关键作用。本文提出了一种基于监督机器学习的设备指纹识别（DFP）模型，该模型仅使用通信流量特征（或隐式标识符）来识别网络连接的IoT设备。利用单个传输控制协议/互联网协议（TCP/IP）数据包头部特征生成唯一指纹，并将指纹表示为包含22个特征的向量。实验结果表明，所提出的DFP方法在使用包含22个智能家居IoT设备的UNSW数据集时，对单个IoT设备的分类准确率超过98%。这表明所提方法对于网络运营商增强网络安全具有重要价值。