IoT or NoT: Identifying IoT Devices in a ShortTime Scale

Anat Bremler-Barr, Haim Levy, Zohar Yakhini
Conferences & Workshops
Cybersecurity, Internet of Things (IoT), Networking & ML


In recent years the number of IoT devices in home networks has increased dramatically. Whenever a new device connects to the network, it must be quickly managed and secured using the relevant security mechanism or QoS policy. Thus a key challenge is to distinguish between IoT and NoT devices in a matter of minutes. Unfortunately, there is no clear indication of whether a device in a network is an IoT. In this paper, we propose different classifiers that identify a device as IoT or non-IoT, in a short time scale, and with high accuracy.
Our classifiers were constructed using machine learning techniques on a seen (training) dataset and were tested on an unseen (test) dataset. They successfully classified devices that were not in the seen dataset with accuracy above 95%. The first classifier is a logistic regression classifier based on traffic features. The second classifier is based on features we retrieve from DHCP packets. Finally, we present a unified classifier that leverages the advantages of the other two classifiers.


  title={Iot or not: Identifying iot devices in a short time scale},
  author={Bremler-Barr, Anat and Levy, Haim and Yakhini, Zohar},
  booktitle={IEEE/IFIP Network Operations and Management Symposium},