Locality-Sensitive IoT Network Traffic Fingerprinting for Device Identification

Engineered systems get smarter with computing capabilities, particularly through a multitude of Internet-of-Things (IoT) devices. IoT devices, however, are prone to be compromised as they are often resource limited and optimized for a certain task. They lack computing power for security software hence, they have become a major target of malicious activities. In order to secure a network, administrators may isolate vulnerable devices and limit traffic to a device based on its communication needs. In this article, we introduce a novel approach to identify an IoT device based on the locality-sensitive hash of its traffic flow. Different from previous studies that employ machine learning, the proposed approach does not require feature extraction from the data, operates in all states of the device (e.g., setup, idle, and active), and does not require to retrain the model when a new device type/version is introduced. The evaluation results on different data sets show that our approach achieves precision and recall above 90% on average and performs equally well compared to the state-of-the-art machine learning-based methods.