IoT Device Identification Techniques: A Comparative Analysis for Security Practitioners

Ashley Andrews; George Oikonomou; Simon Armour; Paul Thomas; Thomas Cattermole

doi:10.1109/access.2025.3568673

IEEE Access (Jan 2025)

IoT Device Identification Techniques: A Comparative Analysis for Security Practitioners

Ashley Andrews,
George Oikonomou,
Simon Armour,
Paul Thomas,
Thomas Cattermole

Affiliations

Ashley Andrews: ORCiD; Department of Electrical, Electronic and Mechanical Engineering, University of Bristol, Merchant Venturers Building, Bristol, U.K.
George Oikonomou: ORCiD; Department of Electrical, Electronic and Mechanical Engineering, University of Bristol, Merchant Venturers Building, Bristol, U.K.
Simon Armour: Department of Electrical, Electronic and Mechanical Engineering, University of Bristol, Merchant Venturers Building, Bristol, U.K.
Paul Thomas: ORCiD; Department of Electrical, Electronic and Mechanical Engineering, University of Bristol, Merchant Venturers Building, Bristol, U.K.
Thomas Cattermole: ORCiD; Tiberos Research, Bencroft, Ware, U.K.

DOI: https://doi.org/10.1109/access.2025.3568673
Journal volume & issue: Vol. 13
pp. 82610 – 82620

Abstract

Read online

As the Internet of Things (IoT) continues to grow, networks are increasingly at risk from vulnerable devices that allow access to attackers. Two particular threats are posed by rogue devices (i.e. devices present on a network that should not be) and unpatched devices (devices with out-of-date software or firmware). A growing body of research attempts to address these risks: automated IoT device identification. By using methods to quickly and easily identify IoT devices on a network, vulnerable devices can be identified, improving network security. Although there have been publications that survey this research, they are typically broad, discussing IoT device identification only in passing, and do not provide a methodology to clearly compare existing (or future) research. Our novel approach in this paper is to provide a simple methodology for assessing and comparing research into IoT device identification, bypassing the need to delve into granular details such as specific algorithmic choices or feature selections, which are attributes not all papers have, and instead to focus on common attributes shared across papers. We provide a comprehensive literature review for the topic of identifying IoT devices in networks using passive network traffic, resulting in 69 publications examined. We systematically analyse the literature for key elements common across the studies that can allow a comparative analysis, and define five we determine to be most important. We state why these five elements in particular are important, and discuss trends in these elements across the studies. We then produce a summary table containing just the information for the five elements for each study, and how they can be used to understand and compare techniques, considering their context. This gives security professionals and researchers the necessary tools to compare studies, both current and future, to understand how to secure their networks and what they must consider when completing further research.

Published in IEEE Access

ISSN: 2169-3536 (Online)
Publisher: IEEE
Country of publisher: United States
LCC subjects: Technology: Electrical engineering. Electronics. Nuclear engineering
Website: https://ieeexplore.ieee.org/xpl/RecentIssue.jsp?punumber=6287639

About the journal

Abstract

Keywords