{"id":"https://openalex.org/W4414270493","doi":"https://doi.org/10.1109/access.2025.3611160","title":"AI Versus IoT Security: Fingerprinting and Defenses Against TLS Handshake-Based IoT Device Classification","display_name":"AI Versus IoT Security: Fingerprinting and Defenses Against TLS Handshake-Based IoT Device Classification","publication_year":2025,"publication_date":"2025-01-01","ids":{"openalex":"https://openalex.org/W4414270493","doi":"https://doi.org/10.1109/access.2025.3611160"},"language":"en","primary_location":{"id":"doi:10.1109/access.2025.3611160","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3611160","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"type":"article","indexed_in":["crossref","doaj"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://doi.org/10.1109/access.2025.3611160","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5119647107","display_name":"Juan Diego Llano-Miraval","orcid":null},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":true,"raw_author_name":"Juan Diego Llano-Miraval","raw_affiliation_strings":["Department of Telematic Engineering, Universidad Carlos III de Madrid, Legan&#x00E9;s, Madrid, Spain","Department of Telematic Engineering, University Carlos III of Madrid, Legan&#x00E9;s(Madrid), MD, ES"],"affiliations":[{"raw_affiliation_string":"Department of Telematic Engineering, Universidad Carlos III de Madrid, Legan&#x00E9;s, Madrid, Spain","institution_ids":["https://openalex.org/I50357001"]},{"raw_affiliation_string":"Department of Telematic Engineering, University Carlos III of Madrid, Legan&#x00E9;s(Madrid), MD, ES","institution_ids":["https://openalex.org/I50357001"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021832848","display_name":"Celeste Campo","orcid":"https://orcid.org/0000-0003-1788-890X"},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Celeste Campo","raw_affiliation_strings":["Department of Telematic Engineering, Universidad Carlos III de Madrid, Legan&#x00E9;s, Madrid, Spain","Department of Telematic Engineering, University Carlos III of Madrid, Legan&#x00E9;s(Madrid), MD, ES"],"affiliations":[{"raw_affiliation_string":"Department of Telematic Engineering, Universidad Carlos III de Madrid, Legan&#x00E9;s, Madrid, Spain","institution_ids":["https://openalex.org/I50357001"]},{"raw_affiliation_string":"Department of Telematic Engineering, University Carlos III of Madrid, Legan&#x00E9;s(Madrid), MD, ES","institution_ids":["https://openalex.org/I50357001"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5089344826","display_name":"Carlos Garc\u00eda-Rubio","orcid":"https://orcid.org/0000-0002-4635-722X"},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Carlos Garcia-Rubio","raw_affiliation_strings":["Department of Telematic Engineering, Universidad Carlos III de Madrid, Legan&#x00E9;s, Madrid, Spain","Department of Telematic Engineering, University Carlos III of Madrid, Legan&#x00E9;s(Madrid), MD, ES"],"affiliations":[{"raw_affiliation_string":"Department of Telematic Engineering, Universidad Carlos III de Madrid, Legan&#x00E9;s, Madrid, Spain","institution_ids":["https://openalex.org/I50357001"]},{"raw_affiliation_string":"Department of Telematic Engineering, University Carlos III of Madrid, Legan&#x00E9;s(Madrid), MD, ES","institution_ids":["https://openalex.org/I50357001"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5039026107","display_name":"Marta Moure-Garrido","orcid":"https://orcid.org/0000-0001-6068-6233"},"institutions":[{"id":"https://openalex.org/I50357001","display_name":"Universidad Carlos III de Madrid","ror":"https://ror.org/03ths8210","country_code":"ES","type":"education","lineage":["https://openalex.org/I50357001"]}],"countries":["ES"],"is_corresponding":false,"raw_author_name":"Marta Moure-Garrido","raw_affiliation_strings":["Department of Telematic Engineering, Universidad Carlos III de Madrid, Legan&#x00E9;s, Madrid, Spain","Department of Telematic Engineering, University Carlos III of Madrid, Legan&#x00E9;s(Madrid), MD, ES"],"affiliations":[{"raw_affiliation_string":"Department of Telematic Engineering, Universidad Carlos III de Madrid, Legan&#x00E9;s, Madrid, Spain","institution_ids":["https://openalex.org/I50357001"]},{"raw_affiliation_string":"Department of Telematic Engineering, University Carlos III of Madrid, Legan&#x00E9;s(Madrid), MD, ES","institution_ids":["https://openalex.org/I50357001"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5119647107"],"corresponding_institution_ids":["https://openalex.org/I50357001"],"apc_list":{"value":1850,"currency":"USD","value_usd":1850},"apc_paid":{"value":1850,"currency":"USD","value_usd":1850},"fwci":0.0,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":{"value":0.31019332,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":null,"biblio":{"volume":"13","issue":null,"first_page":"165607","last_page":"165622"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9473000168800354,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9473000168800354,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/handshake","display_name":"Handshake","score":0.9293000102043152},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.6888999938964844},{"id":"https://openalex.org/keywords/overhead","display_name":"Overhead (engineering)","score":0.5871999859809875},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.5194000005722046},{"id":"https://openalex.org/keywords/metadata","display_name":"Metadata","score":0.5123000144958496},{"id":"https://openalex.org/keywords/perceptron","display_name":"Perceptron","score":0.451200008392334},{"id":"https://openalex.org/keywords/transport-layer-security","display_name":"Transport Layer Security","score":0.4438999891281128},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.4417000114917755},{"id":"https://openalex.org/keywords/server","display_name":"Server","score":0.4000999927520752},{"id":"https://openalex.org/keywords/cryptographic-protocol","display_name":"Cryptographic protocol","score":0.39559999108314514}],"concepts":[{"id":"https://openalex.org/C2778000800","wikidata":"https://www.wikidata.org/wiki/Q830043","display_name":"Handshake","level":3,"score":0.9293000102043152},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.849399983882904},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.6888999938964844},{"id":"https://openalex.org/C2779960059","wikidata":"https://www.wikidata.org/wiki/Q7113681","display_name":"Overhead (engineering)","level":2,"score":0.5871999859809875},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.5194000005722046},{"id":"https://openalex.org/C93518851","wikidata":"https://www.wikidata.org/wiki/Q180160","display_name":"Metadata","level":2,"score":0.5123000144958496},{"id":"https://openalex.org/C31258907","wikidata":"https://www.wikidata.org/wiki/Q1301371","display_name":"Computer network","level":1,"score":0.4733000099658966},{"id":"https://openalex.org/C60908668","wikidata":"https://www.wikidata.org/wiki/Q690207","display_name":"Perceptron","level":3,"score":0.451200008392334},{"id":"https://openalex.org/C148176105","wikidata":"https://www.wikidata.org/wiki/Q206494","display_name":"Transport Layer Security","level":3,"score":0.4438999891281128},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.4417000114917755},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.43470001220703125},{"id":"https://openalex.org/C93996380","wikidata":"https://www.wikidata.org/wiki/Q44127","display_name":"Server","level":2,"score":0.4000999927520752},{"id":"https://openalex.org/C33884865","wikidata":"https://www.wikidata.org/wiki/Q1254335","display_name":"Cryptographic protocol","level":3,"score":0.39559999108314514},{"id":"https://openalex.org/C81860439","wikidata":"https://www.wikidata.org/wiki/Q251212","display_name":"Internet of Things","level":2,"score":0.3926999866962433},{"id":"https://openalex.org/C190793597","wikidata":"https://www.wikidata.org/wiki/Q189768","display_name":"Application layer","level":3,"score":0.3856000006198883},{"id":"https://openalex.org/C81363708","wikidata":"https://www.wikidata.org/wiki/Q17084460","display_name":"Convolutional neural network","level":2,"score":0.3718999922275543},{"id":"https://openalex.org/C2780385302","wikidata":"https://www.wikidata.org/wiki/Q367158","display_name":"Protocol (science)","level":3,"score":0.3659000098705292},{"id":"https://openalex.org/C12267149","wikidata":"https://www.wikidata.org/wiki/Q282453","display_name":"Support vector machine","level":2,"score":0.3517000079154968},{"id":"https://openalex.org/C2777826928","wikidata":"https://www.wikidata.org/wiki/Q3745713","display_name":"Fingerprint (computing)","level":2,"score":0.34779998660087585},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.33559998869895935},{"id":"https://openalex.org/C12269588","wikidata":"https://www.wikidata.org/wiki/Q132364","display_name":"Communications protocol","level":2,"score":0.32510000467300415},{"id":"https://openalex.org/C761482","wikidata":"https://www.wikidata.org/wiki/Q118093","display_name":"Transmission (telecommunications)","level":2,"score":0.32100000977516174},{"id":"https://openalex.org/C168406668","wikidata":"https://www.wikidata.org/wiki/Q178022","display_name":"Fingerprint recognition","level":3,"score":0.31949999928474426},{"id":"https://openalex.org/C119857082","wikidata":"https://www.wikidata.org/wiki/Q2539","display_name":"Machine learning","level":1,"score":0.3190000057220459},{"id":"https://openalex.org/C2777505653","wikidata":"https://www.wikidata.org/wiki/Q4470796","display_name":"Sybil attack","level":3,"score":0.3075000047683716},{"id":"https://openalex.org/C11560541","wikidata":"https://www.wikidata.org/wiki/Q1756025","display_name":"Replay attack","level":3,"score":0.30660000443458557},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.30480000376701355},{"id":"https://openalex.org/C179717631","wikidata":"https://www.wikidata.org/wiki/Q2991667","display_name":"Multilayer perceptron","level":3,"score":0.295199990272522},{"id":"https://openalex.org/C154945302","wikidata":"https://www.wikidata.org/wiki/Q11660","display_name":"Artificial intelligence","level":1,"score":0.2849999964237213},{"id":"https://openalex.org/C513196756","wikidata":"https://www.wikidata.org/wiki/Q3295108","display_name":"Media access control","level":3,"score":0.28450000286102295},{"id":"https://openalex.org/C507571656","wikidata":"https://www.wikidata.org/wiki/Q848436","display_name":"Home automation","level":2,"score":0.2728999853134155},{"id":"https://openalex.org/C149635348","wikidata":"https://www.wikidata.org/wiki/Q193040","display_name":"Embedded system","level":1,"score":0.26600000262260437},{"id":"https://openalex.org/C35341882","wikidata":"https://www.wikidata.org/wiki/Q8795","display_name":"Internet Protocol","level":3,"score":0.26179999113082886},{"id":"https://openalex.org/C49289754","wikidata":"https://www.wikidata.org/wiki/Q2267081","display_name":"Side channel attack","level":3,"score":0.2590999901294708},{"id":"https://openalex.org/C113954288","wikidata":"https://www.wikidata.org/wiki/Q186885","display_name":"Timestamp","level":2,"score":0.2578999996185303},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.25429999828338623},{"id":"https://openalex.org/C52622490","wikidata":"https://www.wikidata.org/wiki/Q1026626","display_name":"Feature extraction","level":2,"score":0.25369998812675476},{"id":"https://openalex.org/C127162648","wikidata":"https://www.wikidata.org/wiki/Q16858953","display_name":"Channel (broadcasting)","level":2,"score":0.25189998745918274},{"id":"https://openalex.org/C169258074","wikidata":"https://www.wikidata.org/wiki/Q245748","display_name":"Random forest","level":2,"score":0.25110000371932983}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1109/access.2025.3611160","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3611160","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},{"id":"pmh:oai:doaj.org/article:51b49441d72b41c491e4e7e842187d27","is_oa":true,"landing_page_url":"https://doaj.org/article/51b49441d72b41c491e4e7e842187d27","pdf_url":null,"source":{"id":"https://openalex.org/S112646816","display_name":"SHILAP Revista de lepidopterolog\u00eda","issn_l":"0300-5267","issn":["0300-5267","2340-4078"],"is_oa":true,"is_in_doaj":true,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"IEEE Access, Vol 13, Pp 165607-165622 (2025)","raw_type":"article"}],"best_oa_location":{"id":"doi:10.1109/access.2025.3611160","is_oa":true,"landing_page_url":"https://doi.org/10.1109/access.2025.3611160","pdf_url":null,"source":{"id":"https://openalex.org/S2485537415","display_name":"IEEE Access","issn_l":"2169-3536","issn":["2169-3536"],"is_oa":true,"is_in_doaj":true,"is_core":true,"host_organization":"https://openalex.org/P4310319808","host_organization_name":"Institute of Electrical and Electronics Engineers","host_organization_lineage":["https://openalex.org/P4310319808"],"host_organization_lineage_names":["Institute of Electrical and Electronics Engineers"],"type":"journal"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"IEEE Access","raw_type":"journal-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":36,"referenced_works":["https://openalex.org/W2300496220","https://openalex.org/W2330219538","https://openalex.org/W2574448563","https://openalex.org/W2886320151","https://openalex.org/W2888505697","https://openalex.org/W2910704120","https://openalex.org/W2915352631","https://openalex.org/W2950767885","https://openalex.org/W2980558733","https://openalex.org/W2994639670","https://openalex.org/W3008916115","https://openalex.org/W3093697207","https://openalex.org/W3128612352","https://openalex.org/W3181520075","https://openalex.org/W3198264701","https://openalex.org/W3203063668","https://openalex.org/W3206818901","https://openalex.org/W4211032618","https://openalex.org/W4214863110","https://openalex.org/W4308167307","https://openalex.org/W4321021237","https://openalex.org/W4379986344","https://openalex.org/W4381736190","https://openalex.org/W4382753153","https://openalex.org/W4383373423","https://openalex.org/W4385624909","https://openalex.org/W4387682796","https://openalex.org/W4388163678","https://openalex.org/W4390886812","https://openalex.org/W4395110913","https://openalex.org/W4399555917","https://openalex.org/W4404583394","https://openalex.org/W4405722014","https://openalex.org/W4406126988","https://openalex.org/W4408236054","https://openalex.org/W4408750090"],"related_works":[],"abstract_inverted_index":{"The":[0,176],"number":[1],"of":[2,4,60,211,223,231],"Internet":[3,118],"Things":[5],"(IoT)":[6],"devices":[7,74],"in":[8,75,81,91,234],"smart":[9],"homes":[10],"is":[11],"steadily":[12],"increasing,":[13],"enhancing":[14],"convenience":[15],"but":[16],"also":[17],"raising":[18],"security":[19],"concerns.":[20],"While":[21],"secure":[22],"communication":[23],"protocols":[24],"like":[25],"Transport":[26],"Layer":[27],"Security":[28],"(TLS)":[29],"are":[30,55],"commonly":[31],"used,":[32],"attackers":[33],"can":[34],"still":[35,78],"exploit":[36],"metadata":[37,225],"to":[38,63,123,141,208],"profile":[39],"users":[40],"and":[41,107,117,127,149,174,227],"identify":[42,150],"vulnerabilities.":[43],"This":[44],"research":[45],"focuses":[46],"on":[47],"analyzing":[48],"the":[49,65,105,182,220,229],"TLS":[50,61,132,197,224],"handshake,":[51],"where":[52],"encryption":[53],"parameters":[54,134],"established.":[56],"Although":[57],"newer":[58],"versions":[59],"aim":[62],"encrypt":[64],"Server":[66],"Name":[67],"Indication":[68],"(SNI),":[69],"we":[70,98],"observed":[71],"that":[72,179],"some":[73],"real-world":[76],"environments":[77],"transmit":[79],"SNI":[80,92,106,214],"plaintext,":[82],"potentially":[83],"exposing":[84],"device":[85,188,237],"identities.":[86],"Given":[87],"this":[88],"practical":[89],"variability":[90,126],"transmission":[93],"among":[94],"diverse":[95],"IoT":[96,143,236],"devices,":[97,144],"conducted":[99],"two":[100],"parallel":[101],"studies,":[102],"one":[103,108],"including":[104],"without":[109],"it,":[110],"while":[111],"avoiding":[112],"Media":[113],"Access":[114],"Control":[115],"(MAC)":[116],"Protocol":[119],"(IP)":[120],"addresses":[121],"due":[122],"their":[124],"inherent":[125],"privacy":[128,199],"implications.":[129],"We":[130],"used":[131],"handshake":[133,198],"as":[135],"input":[136],"for":[137,187],"machine":[138,153],"learning":[139,154],"algorithms":[140],"fingerprint":[142],"classify":[145],"them":[146],"by":[147,200],"type,":[148],"manufacturers.":[151],"Six":[152],"models":[155],"were":[156],"evaluated:":[157],"Support":[158],"Vector":[159],"Machine":[160],"(SVM),":[161],"a":[162,209],"multi-layer":[163],"perceptron":[164],"(MLP),":[165],"Random":[166],"Forest":[167],"(RF),":[168],"Convolutional":[169],"Neural":[170],"Network":[171],"(CNN),":[172],"XGBoost,":[173],"CNN+RF.":[175],"results":[177],"showed":[178],"CNN+RF":[180],"achieved":[181],"highest":[183],"accuracy,":[184],"reaching":[185],"99%":[186],"type":[189],"classification.":[190],"However,":[191],"our":[192],"proposed":[193],"countermeasure,":[194],"which":[195],"enhances":[196],"obfuscating":[201],"specific":[202],"parameters,":[203],"significantly":[204],"reduced":[205],"fingerprinting":[206,238],"accuracy":[207],"maximum":[210],"80%":[212],"when":[213],"was":[215],"excluded.":[216],"These":[217],"findings":[218],"highlight":[219],"potential":[221],"risks":[222],"exposure":[226],"demonstrate":[228],"effectiveness":[230],"privacy-enhancing":[232],"countermeasures":[233],"mitigating":[235],"attacks.":[239]},"counts_by_year":[],"updated_date":"2026-03-27T05:58:40.876381","created_date":"2025-09-18T00:00:00"}