{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,25]],"date-time":"2026-02-25T17:52:42Z","timestamp":1772041962754,"version":"3.50.1"},"publisher-location":"Cham","reference-count":36,"publisher":"Springer International Publishing","isbn-type":[{"value":"9783030372279","type":"print"},{"value":"9783030372286","type":"electronic"}],"license":[{"start":{"date-parts":[[2019,1,1]],"date-time":"2019-01-01T00:00:00Z","timestamp":1546300800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2019]]},"DOI":"10.1007\/978-3-030-37228-6_8","type":"book-chapter","created":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T10:00:05Z","timestamp":1576490405000},"page":"147-167","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":13,"title":["Automated IoT Device Fingerprinting Through Encrypted Stream Classification"],"prefix":"10.1007","author":[{"given":"Jianhua","family":"Sun","sequence":"first","affiliation":[]},{"given":"Kun","family":"Sun","sequence":"additional","affiliation":[]},{"given":"Chris","family":"Shenefiel","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2019,12,13]]},"reference":[{"key":"8_CR1","unstructured":"Nmap, Network Security Scanner Tool (2012). \nhttps:\/\/nmap.org\/"},{"key":"8_CR2","unstructured":"20 billion IoT devices by 2020 (2017). \nhttps:\/\/www.gartner.com\/newsroom\/id\/3598917"},{"key":"8_CR3","unstructured":"The Transport Layer Security (TLS) Protocol Version 1.3 (2018). \nhttps:\/\/datatracker.ietf.org\/doc\/rfc8446\/"},{"key":"8_CR4","unstructured":"Joy (2019). \nhttps:\/\/github.com\/cisco\/joy"},{"key":"8_CR5","unstructured":"Keras: Deep Learning for humans (2019). \nhttps:\/\/github.com\/keras-team\/keras"},{"key":"8_CR6","unstructured":"Shodan (2019). \nhttps:\/\/www.shodan.io\/"},{"key":"8_CR7","unstructured":"Abadi, M., et al.: TensorFlow: a system for large-scale machine learning. In: OSDI, vol. 16, pp. 265\u2013283 (2016)"},{"key":"8_CR8","doi-asserted-by":"crossref","unstructured":"Anderson, B., McGrew, D.: Machine learning for encrypted malware traffic classification: accounting for noisy labels and non-stationarity. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining, pp. 1723\u20131732. ACM (2017)","DOI":"10.1145\/3097983.3098163"},{"key":"8_CR9","unstructured":"Antonakakis, M., et al.: Understanding the Mirai Botnet. In: 26th USENIX Security Symposium (USENIX Security 2017), pp. 1093\u20131110 (2017)"},{"issue":"1","key":"8_CR10","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1023\/A:1010933404324","volume":"45","author":"L Breiman","year":"2001","unstructured":"Breiman, L.: Random forests. Mach. Learn. 45(1), 5\u201332 (2001)","journal-title":"Mach. Learn."},{"key":"8_CR11","doi-asserted-by":"crossref","unstructured":"Brik, V., Banerjee, S., Gruteser, M., Oh, S.: Wireless device identification with radiometric signatures. In: Proceedings of the 14th ACM International Conference on Mobile Computing and Networking, pp. 116\u2013127. ACM (2008)","DOI":"10.1145\/1409944.1409959"},{"issue":"3","key":"8_CR12","first-page":"273","volume":"20","author":"C Cortes","year":"1995","unstructured":"Cortes, C., Vapnik, V.: Support-vector networks. Mach. Learn. 20(3), 273\u2013297 (1995)","journal-title":"Mach. Learn."},{"key":"8_CR13","unstructured":"Costin, A., Zaddach, J.: IoT malware: comprehensive survey, analysis framework and case studies. BlackHat USA (2018)"},{"key":"8_CR14","doi-asserted-by":"crossref","unstructured":"Durumeric, Z., Adrian, D., Mirian, A., Bailey, M., Halderman, J.A.: A search engine backed by internet-wide scanning. In: Proceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security, CCS 2015 (2015)","DOI":"10.1145\/2810103.2813703"},{"key":"8_CR15","unstructured":"Feng, X., Li, Q., Wang, H., Sun, L.: Acquisitional rule-based engine for discovering internet-of-things devices. In: 27th USENIX Security Symposium (USENIX Security 2018), pp. 327\u2013341 (2018)"},{"key":"8_CR16","unstructured":"Franklin, J., McCoy, D., Tabriz, P., Neagoe, V., Randwyk, J.V., Sicker, D.: Passive data link layer 802.11 wireless device driver fingerprinting. In: USENIX Security Symposium, vol. 3, pp. 16\u201389 (2006)"},{"issue":"11","key":"8_CR17","doi-asserted-by":"publisher","first-page":"2851","DOI":"10.1109\/TMC.2016.2516020","volume":"15","author":"Y Fu","year":"2016","unstructured":"Fu, Y., Xiong, H., Lu, X., Yang, J., Chen, C.: Service usage classification with encrypted internet traffic in mobile messaging apps. IEEE Trans. Mob. Comput. 15(11), 2851\u20132864 (2016)","journal-title":"IEEE Trans. Mob. Comput."},{"issue":"Jul","key":"8_CR18","first-page":"1519","volume":"8","author":"K Koh","year":"2007","unstructured":"Koh, K., Kim, S.J., Boyd, S.: An interior-point method for large-scale l1-regularized logistic regression. J. Mach. Learn. Res. 8(Jul), 1519\u20131555 (2007)","journal-title":"J. Mach. Learn. Res."},{"issue":"2","key":"8_CR19","doi-asserted-by":"publisher","first-page":"93","DOI":"10.1109\/TDSC.2005.26","volume":"2","author":"T Kohno","year":"2005","unstructured":"Kohno, T., Broido, A., Claffy, K.C.: Remote physical device fingerprinting. IEEE Trans. Dependable Secure Comput. 2(2), 93\u2013108 (2005)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"7","key":"8_CR20","doi-asserted-by":"publisher","first-page":"80","DOI":"10.1109\/MC.2017.201","volume":"50","author":"C Kolias","year":"2017","unstructured":"Kolias, C., Kambourakis, G., Stavrou, A., Voas, J.: DDoS in the IoT: Mirai and other Botnets. Computer 50(7), 80\u201384 (2017)","journal-title":"Computer"},{"key":"8_CR21","unstructured":"Kone\u010dn\u1ef3, J., McMahan, H.B., Yu, F.X., Richt\u00e1rik, P., Suresh, A.T., Bacon, D.: Federated learning: strategies for improving communication efficiency. arXiv preprint \narXiv:1610.05492\n\n (2016)"},{"key":"8_CR22","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"247","DOI":"10.1007\/978-3-319-66399-9_14","volume-title":"Computer Security \u2013 ESORICS 2017","author":"RR Maiti","year":"2017","unstructured":"Maiti, R.R., Siby, S., Sridharan, R., Tippenhauer, N.O.: Link-layer device type classification on encrypted wireless traffic with COTS radios. In: Foley, S.N., Gollmann, D., Snekkenes, E. (eds.) ESORICS 2017. LNCS, vol. 10493, pp. 247\u2013264. Springer, Cham (2017). \nhttps:\/\/doi.org\/10.1007\/978-3-319-66399-9_14"},{"key":"8_CR23","unstructured":"Maurice, C., Onno, S., Neumann, C., Heen, O., Francillon, A.: Improving 802.11 fingerprinting of similar devices by cooperative fingerprinting. In: 2013 International Conference on Security and Cryptography (SECRYPT), pp. 1\u20138. IEEE (2013)"},{"key":"8_CR24","unstructured":"Meidan, Y., et al.: Detection of unauthorized IoT devices using machine learning techniques. arXiv preprint \narXiv:1709.04647\n\n (2017)"},{"key":"8_CR25","unstructured":"Merino, B.: Instant Traffic Analysis with Tshark How-to. Packt Publishing Ltd (2013)"},{"key":"8_CR26","doi-asserted-by":"crossref","unstructured":"Miettinen, M., Marchal, S., Hafeez, I., Asokan, N., Sadeghi, A.R., Tarkoma, S.: IoT sentinel: automated device-type identification for security enforcement in IoT. In: 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS), pp. 2177\u20132184. IEEE (2017)","DOI":"10.1109\/ICDCS.2017.284"},{"key":"8_CR27","unstructured":"Nguyen, T.D., Marchal, S., Miettinen, M., Dang, M.H., Asokan, N., Sadeghi, A.R.: DIoT: a crowdsourced self-learning approach for detecting compromised IoT devices. arXiv preprint \narXiv:1804.07474\n\n (2018)"},{"issue":"Oct","key":"8_CR28","first-page":"2825","volume":"12","author":"F Pedregosa","year":"2011","unstructured":"Pedregosa, F., et al.: Scikit-learn: machine learning in python. J. Mach. Learn. Res. 12(Oct), 2825\u20132830 (2011)","journal-title":"J. Mach. Learn. Res."},{"issue":"5","key":"8_CR29","doi-asserted-by":"publisher","first-page":"519","DOI":"10.1109\/TDSC.2014.2369033","volume":"12","author":"SV Radhakrishnan","year":"2015","unstructured":"Radhakrishnan, S.V., Uluagac, A.S., Beyah, R.: GTID: a technique for physical deviceanddevice type fingerprinting. IEEE Trans. Dependable Secure Comput. 12(5), 519\u2013532 (2015)","journal-title":"IEEE Trans. Dependable Secure Comput."},{"issue":"4","key":"8_CR30","doi-asserted-by":"publisher","first-page":"2196","DOI":"10.1109\/TNET.2015.2447492","volume":"24","author":"Z Shamsi","year":"2016","unstructured":"Shamsi, Z., Nandwani, A., Leonard, D., Loguinov, D.: Hershel: single-packet OS fingerprinting. IEEE\/ACM Trans. Network. 24(4), 2196\u20132209 (2016)","journal-title":"IEEE\/ACM Trans. Network."},{"key":"8_CR31","doi-asserted-by":"crossref","unstructured":"Shamsi, Z., Cline, D.B., Loguinov, D.: Faulds: a non-parametric iterative classifier for internet-wide OS fingerprinting. In: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, CCS 2017 (2017)","DOI":"10.1145\/3133956.3133963"},{"key":"8_CR32","doi-asserted-by":"crossref","unstructured":"Sivanathan, A., et al.: Characterizing and classifying IoT traffic in smart cities and campuses. In: 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS)","DOI":"10.1109\/INFCOMW.2017.8116438"},{"key":"8_CR33","unstructured":"Sugiyama, Y., Goto, K.: Design and implementation of a network emulator using virtual network stack. In: 7th International Symposium on Operations Research and Its Applications (ISORA 2008), pp. 351\u2013358 (2008)"},{"issue":"1","key":"8_CR34","doi-asserted-by":"publisher","first-page":"63","DOI":"10.1109\/TIFS.2017.2737970","volume":"13","author":"VF Taylor","year":"2018","unstructured":"Taylor, V.F., Spolaor, R., Conti, M., Martinovic, I.: Robust smartphone app identification via encrypted network traffic analysis. IEEE Trans. Inf. Forensics Secur. 13(1), 63\u201378 (2018)","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"8_CR35","unstructured":"Zalewski, M.: p0f v3 (2012). \nhttp:\/\/lcamtuf.coredump.cx\/p0f3\/"},{"key":"8_CR36","doi-asserted-by":"publisher","first-page":"25","DOI":"10.1016\/j.jnca.2017.02.009","volume":"84","author":"BB Zarpelao","year":"2017","unstructured":"Zarpelao, B.B., Miani, R.S., Kawakani, C.T., de Alvarenga, S.C.: A survey of intrusion detection in internet of things. J. Netw. Comput. Appl. 84, 25\u201337 (2017)","journal-title":"J. Netw. Comput. Appl."}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-37228-6_8","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,12,16]],"date-time":"2019-12-16T10:05:35Z","timestamp":1576490735000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-37228-6_8"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019]]},"ISBN":["9783030372279","9783030372286"],"references-count":36,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-37228-6_8","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"value":"1867-8211","type":"print"},{"value":"1867-822X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019]]},"assertion":[{"value":"13 December 2019","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"SecureComm","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Security and Privacy in Communication Systems","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Orlando, VA","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"USA","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2019","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"23 October 2019","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"25 October 2019","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"15","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"securecomm2019","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/securecomm.org","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Single-blind","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"easychair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"149","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"38","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"18","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"26% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"3,5","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"2","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}},{"value":"No","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information (provided by the conference organizers)"}}]}}