IoT Device Identification with Machine Learning: Common Pitfalls and Best Practices
Kahraman Kostas, Rabia Yasa Kostas
TL;DR
The paper tackles the challenge of IoT device identification using machine learning by dissecting the pipeline into method selection, data handling, feature extraction, and evaluation to reveal systemic pitfalls. It analyzes scope definitions, labeling integrity, data leakage risks, and the impact of feature choices on overfitting and generalizability. It advocates practical guidelines, such as aligning identification granularity with suitable features, avoiding proxy labels, enforcing clean train-test splits before augmentation, sanitizing inputs, and preferring modular One-vs-Rest architectures with diverse algorithm benchmarking. The result is a set of actionable recommendations to improve reproducibility, scalability, and robustness of IoT security models in real-world heterogeneous networks.
Abstract
This paper critically examines the device identification process using machine learning, addressing common pitfalls in existing literature. We analyze the trade-offs between identification methods (unique vs. class based), data heterogeneity, feature extraction challenges, and evaluation metrics. By highlighting specific errors, such as improper data augmentation and misleading session identifiers, we provide a robust guideline for researchers to enhance the reproducibility and generalizability of IoT security models.
