Related papers: WiFinger: Fingerprinting Noisy IoT Event Traffic Using Packet-level Sequence Matching

WiFinger: Fingerprinting Noisy IoT Event Traffic Using Packet-level Sequence Matching

URL: http://arxiv.org/abs/2508.03151v1
Date: Tue, 05 Aug 2025 06:55:21 GMT
Title: WiFinger: Fingerprinting Noisy IoT Event Traffic Using Packet-level Sequence Matching
Authors: Ronghua Li, Shinan Liu, Haibo Hu, Qingqing Ye, Nick Feamster,
Abstract summary: WiFinger is a fine-grained multi-IoT event fingerprinting approach against noisy traffic.<n>Our method achieves an average recall of 85% for various IoT events while maintaining almost zero false positives for most of them.
Score: 18.566305912162463
License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
Abstract: IoT environments such as smart homes are susceptible to privacy inference attacks, where attackers can analyze patterns of encrypted network traffic to infer the state of devices and even the activities of people. While most existing attacks exploit ML techniques for discovering such traffic patterns, they underperform on wireless traffic, especially Wi-Fi, due to its heavy noise and packet losses of wireless sniffing. In addition, these approaches commonly target at distinguishing chunked IoT event traffic samples, and they failed at effectively tracking multiple events simultaneously. In this work, we propose WiFinger, a fine-grained multi-IoT event fingerprinting approach against noisy traffic. WiFinger turns the traffic pattern classification task into a subsequence matching problem and introduces novel techniques to account for the high time complexity while maintaining high accuracy. Experiments demonstrate that our method outperforms existing approaches on Wi-Fi traffic, achieving an average recall of 85% (vs. 0.49% and 0.46%) for various IoT events while maintaining almost zero false positives for most of them.

Related papers

Machine Learning for Cyber-Attack Identification from Traffic Flows [5.834276858232939]
This paper presents our simulation of cyber-attacks and detection strategies on the traffic control system in Daytona Beach, FL.<n>We try to answer the research questions: are we able to identify cyber attacks by only analyzing traffic flow patterns.
arXiv Detail & Related papers (2025-05-02T17:34:19Z)
Intelligent Detection of Non-Essential IoT Traffic on the Home Gateway [45.70482328441101]
This work presents ML-IoTrim, a system for detecting and mitigating non-essential IoT traffic by analyzing network behavior at the edge.<n>We test our framework in a consumer smart home setup with IoT devices from five categories, demonstrating that the model can accurately identify and block non-essential traffic.<n>This research advances privacy-aware traffic control in smart homes, paving the way for future developments in IoT device privacy.
arXiv Detail & Related papers (2025-04-22T09:40:05Z)
NetFlowGen: Leveraging Generative Pre-training for Network Traffic Dynamics [72.95483148058378]
We propose to pre-train a general-purpose machine learning model to capture traffic dynamics with only traffic data from NetFlow records.<n>We address challenges such as unifying network feature representations, learning from large unlabeled traffic data volume, and testing on real downstream tasks in DDoS attack detection.
arXiv Detail & Related papers (2024-12-30T00:47:49Z)
MIETT: Multi-Instance Encrypted Traffic Transformer for Encrypted Traffic Classification [59.96233305733875]
Classifying traffic is essential for detecting security threats and optimizing network management.<n>We propose a Multi-Instance Encrypted Traffic Transformer (MIETT) to capture both token-level and packet-level relationships.<n>MIETT achieves results across five datasets, demonstrating its effectiveness in classifying encrypted traffic and understanding complex network behaviors.
arXiv Detail & Related papers (2024-12-19T12:52:53Z)
AI-Driven Fast and Early Detection of IoT Botnet Threats: A Comprehensive Network Traffic Analysis Approach [3.783757921469148]
This study proposes a comprehensive methodology for analyzing IoT network traffic. It explores a wide spectrum of network features critical for representing network traffic and characterizing benign IoT traffic patterns. Through extensive experimentation with the IoT-23 dataset, we have demonstrated the feasibility of detecting botnet traffic corresponding to different operations and types of bots.
arXiv Detail & Related papers (2024-07-22T14:54:40Z)
Effective Intrusion Detection in Heterogeneous Internet-of-Things Networks via Ensemble Knowledge Distillation-based Federated Learning [52.6706505729803]
We introduce Federated Learning (FL) to collaboratively train a decentralized shared model of Intrusion Detection Systems (IDS) FLEKD enables a more flexible aggregation method than conventional model fusion techniques. Experiment results show that the proposed approach outperforms local training and traditional FL in terms of both speed and performance.
arXiv Detail & Related papers (2024-01-22T14:16:37Z)
Autosen: improving automatic wifi human sensing through cross-modal autoencoder [56.44764266426344]
WiFi human sensing is highly regarded for its low-cost and privacy advantages in recognizing human activities. Traditional cross-modal methods, aimed at enabling self-supervised learning without labeled data, struggle to extract meaningful features from amplitude-phase combinations. We introduce AutoSen, an innovative automatic WiFi sensing solution that departs from conventional approaches.
arXiv Detail & Related papers (2024-01-08T19:50:02Z)
Detecting Anomalous Microflows in IoT Volumetric Attacks via Dynamic Monitoring of MUD Activity [1.294952045574009]
Anomaly-based detection methods are promising in finding new attacks. There are certain practical challenges like false-positive alarms, hard to explain, and difficult to scale cost-effectively. In this paper, we use SDN to enforce and monitor the expected behaviors of each IoT device.
arXiv Detail & Related papers (2023-04-11T05:17:51Z)
Correlating sparse sensing for large-scale traffic speed estimation: A Laplacian-enhanced low-rank tensor kriging approach [76.45949280328838]
We propose a Laplacian enhanced low-rank tensor (LETC) framework featuring both lowrankness and multi-temporal correlations for large-scale traffic speed kriging. We then design an efficient solution algorithm via several effective numeric techniques to scale up the proposed model to network-wide kriging.
arXiv Detail & Related papers (2022-10-21T07:25:57Z)
Clustering Algorithm to Detect Adversaries in Federated Learning [0.6091702876917281]
In this paper, we have proposed an approach that detects the adversaries with the help of a clustering algorithm. Our proposed gradient filtration approach does not require any processing power from the client-side and does not use excessive bandwidth. Our approach has been very successful in boosting the global model accuracy, up to 99% even in the presence of 40% adversaries.
arXiv Detail & Related papers (2021-02-22T06:49:59Z)
Harnessing Wireless Channels for Scalable and Privacy-Preserving Federated Learning [56.94644428312295]
Wireless connectivity is instrumental in enabling federated learning (FL) Channel randomnessperturbs each worker inversions model update while multiple workers updates incur significant interference on bandwidth. In A-FADMM, all workers upload their model updates to the parameter server using a single channel via analog transmissions. This not only saves communication bandwidth, but also hides each worker's exact model update trajectory from any eavesdropper.
arXiv Detail & Related papers (2020-07-03T16:31:15Z)
Anomalous Communications Detection in IoT Networks Using Sparse Autoencoders [0.0]
We present a method to detect anomalous network communications in IoT networks using a set of sparse autoencoders. The proposed approach allows us to differentiate malicious communications from legitimate ones. Depending on the value of N, the developed model achieves attack detection rates ranging from 86.9% to 91.2%, and false positive rates ranging from 0.1% to 0.5%.
arXiv Detail & Related papers (2019-12-26T10:47:35Z)

This list is automatically generated from the titles and abstracts of the papers in this site.