Deep Learning–Assisted Passive Traffic Profiling in Large-Scale IoT Networks

Abstract

The fast trend in the Internet of Things (IoT) device proliferation has greatly complicated the modern network ecosystems and required the development of new strategies to track device behavior and identify anomalies without violating user privacy. The current work introduces a passive traffic profiling framework with the help of deep learning, characterized by a classification of IoT devices relying on the data presented in the network in terms of packet timing, header entropy, and the flow properties on the basis of network metadata only. CNN-LSTM model is a hybrid convolutional neural network that is trained using a dataset of more than 25 million packets measured in various IoT applications, and it has an average classification accuracy of 95 percent on sixteen device types. The comparative analysis indicates that the proposed framework is better than the traditional statistical and shallow learning models in terms of scalability, latency, and the ability to resist the effect of encryption. These findings confirm that passive profiling based on deep learning is a convenient and non-invasive method of monitoring a large network of IoT devices, allowing to strengthen network security, behavioral analytics, and provide early warning of threats.