{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,1]],"date-time":"2026-02-01T04:55:14Z","timestamp":1769921714543,"version":"3.49.0"},"reference-count":50,"publisher":"MDPI AG","issue":"21","license":[{"start":{"date-parts":[[2019,11,3]],"date-time":"2019-11-03T00:00:00Z","timestamp":1572739200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/501100004054","name":"King Abdulaziz University","doi-asserted-by":"publisher","award":["KAU1455"],"award-info":[{"award-number":["KAU1455"]}],"id":[{"id":"10.13039\/501100004054","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Sensors"],"abstract":"<jats:p>Many people use smart-home devices, also known as the Internet of Things (IoT), in their daily lives. Most IoT devices come with a companion mobile application that users need to install on their smartphone or tablet to control, configure, and interface with the IoT device. IoT devices send information about their users from their app directly to the IoT manufacturer\u2019s cloud; we call this the \u201dapp-to-cloud way\u201d. In this research, we invent a tool called IoT-app privacy inspector that can automatically infer the following from the IoT network traffic: the packet that reveals user interaction type with the IoT device via its app (e.g., login), the packets that carry sensitive Personal Identifiable Information (PII), the content type of such sensitive information (e.g., user\u2019s location). We use Random Forest classifier as a supervised machine learning algorithm to extract features from network traffic. To train and test the three different multi-class classifiers, we collect and label network traffic from different IoT devices via their apps. We obtain the following classification accuracy values for the three aforementioned types of information: 99.4%, 99.8%, and 99.8%. This tool can help IoT users take an active role in protecting their privacy.<\/jats:p>","DOI":"10.3390\/s19214777","type":"journal-article","created":{"date-parts":[[2019,11,4]],"date-time":"2019-11-04T04:13:08Z","timestamp":1572840788000},"page":"4777","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":32,"title":["Detecting IoT User Behavior and Sensitive Information in Encrypted IoT-App Traffic"],"prefix":"10.3390","volume":"19","author":[{"given":"Alanoud","family":"Subahi","sequence":"first","affiliation":[{"name":"School of Computer Science and Informatics, Cardiff University, Cardiff CF10 3AT, UK"},{"name":"Faculty of Computing and Information Technology, King Abdulaziz University, Rabigh 25732, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-2701-7809","authenticated-orcid":false,"given":"George","family":"Theodorakopoulos","sequence":"additional","affiliation":[{"name":"School of Computer Science and Informatics, Cardiff University, Cardiff CF10 3AT, UK"}]}],"member":"1968","published-online":{"date-parts":[[2019,11,3]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"2787","DOI":"10.1016\/j.comnet.2010.05.010","article-title":"The internet of things: A survey","volume":"54","author":"Atzori","year":"2010","journal-title":"Comput. Netw."},{"key":"ref_2","first-page":"34","article-title":"Vision and challenges for realising the Internet of Things","volume":"3","author":"Sundmaeker","year":"2010","journal-title":"Clust. Eur. Res. Proj. Internet Things Eur. Comm."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"23","DOI":"10.1016\/j.clsr.2009.11.008","article-title":"Internet of Things\u2013New security and privacy challenges","volume":"26","author":"Weber","year":"2010","journal-title":"Comput. Law Secur. Rev."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Zhao, K., and Ge, L. (2013, January 14\u201315). A survey on the internet of things security. Proceedings of the 2013 Ninth International Conference on Computational Intelligence and Security, Emei Moutain, China.","DOI":"10.1109\/CIS.2013.145"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"1745","DOI":"10.1109\/TMC.2018.2866249","article-title":"Classifying IoT devices in smart environments using network traffic characteristics","volume":"18","author":"Sivanathan","year":"2018","journal-title":"IEEE Trans. Mob. Comput."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Tekeoglu, A., and Tosun, A.\u015e. (2016, January 10\u201313). A testbed for security and privacy analysis of IoT devices. Proceedings of the 2016 IEEE 13th International Conference on Mobile Ad Hoc and Sensor Systems (MASS), Brasilia, Brazil.","DOI":"10.1109\/MASS.2016.051"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Ferrando, R., and Stacey, P. (2017, January 17\u201318). Classification of device behaviour in internet of things infrastructures: Towards distinguishing the abnormal from security threats. Proceedings of the 1st International Conference on Internet of Things and Machine Learning, Liverpool, UK.","DOI":"10.1145\/3109761.3109791"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"1645","DOI":"10.1016\/j.future.2013.01.010","article-title":"Internet of Things (IoT): A vision, architectural elements, and future directions","volume":"29","author":"Gubbi","year":"2013","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_9","first-page":"32","article-title":"Privacy of big data in the internet of things era","volume":"6","author":"Perera","year":"2015","journal-title":"IEEE IT Spec. Issue Internet Anything"},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Ukil, A., Bandyopadhyay, S., and Pal, A. (May, January 27). IoT-privacy: To be private or not to be private. Proceedings of the 2014 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Toronto, ON, Canada.","DOI":"10.1109\/INFCOMW.2014.6849186"},{"key":"ref_11","unstructured":"Grimes, R.A. (2019, November 01). What Is Personally Identifiable Information (PII)? How to Protect It Under GDPR. Available online: https:\/\/www.csoonline.com\/article\/3215864\/how-to-protect-personally-identifiable-information-pii-under-gdpr.html."},{"key":"ref_12","unstructured":"Rouse, M. (2019, November 01). Personally Identifiable Information (PII). Available online: https:\/\/searchfinancialsecurity.techtarget.com\/definition\/personally-identifiable-information."},{"key":"ref_13","unstructured":"ICO (2019, November 01). What Is Personal Data?. Available online: https:\/\/ico.org.uk\/media\/for-organisations\/documents\/1549\/determining_what_is_personal_data_quick_reference_guide.pdf."},{"key":"ref_14","unstructured":"Sweeney, M. (2019, November 01). What Is PII, Non-PII, and Personal Data?. Available online: https:\/\/piwik.pro\/blog\/what-is-pii-personal-data\/."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"Crabtree, A. (2016, January 4\u20138). Enabling the new economic actor: Personal data regulation and the digital economy. Proceedings of the 2016 IEEE International Conference on Cloud Engineering Workshop (IC2EW), Berlin, Germany.","DOI":"10.1109\/IC2EW.2016.18"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Subahi, A., and Theodorakopoulos, G. (2018, January 6\u20138). Ensuring compliance of IoT devices with their Privacy Policy Agreement. Proceedings of the 2018 IEEE 6th International Conference on Future Internet of Things and Cloud (FiCloud), Barcelona, Spain.","DOI":"10.1109\/FiCloud.2018.00022"},{"key":"ref_17","first-page":"208","article-title":"Sok: Security evaluation of home-based iot deployments","volume":"2019","author":"Alrawi","year":"2019","journal-title":"IEEE S&P"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Andrea, I., Chrysostomou, C., and Hadjichristofi, G. (2015, January 6\u20139). Internet of Things: Security vulnerabilities and challenges. Proceedings of the 2015 IEEE Symposium on Computers and Communication (ISCC), Larnaca, Cyprus.","DOI":"10.1109\/ISCC.2015.7405513"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Bonetto, R., Bui, N., Lakkundi, V., Olivereau, A., Serbanati, A., and Rossi, M. (2012, January 25\u201328). Secure communication for smart IoT objects: Protocol stacks, use cases and practical examples. Proceedings of the 2012 IEEE International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), San Francisco, CA, USA.","DOI":"10.1109\/WoWMoM.2012.6263790"},{"key":"ref_20","doi-asserted-by":"crossref","first-page":"40","DOI":"10.1049\/et.2017.0303","article-title":"Securing IoT: In your smart home and your connected enterprise","volume":"12","author":"Moskvitch","year":"2017","journal-title":"Eng. Technol."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Sivanathan, A., Sherratt, D., Gharakheili, H.H., Sivaraman, V., and Vishwanath, A. (2016, January 6\u20139). Low-cost flow-based security solutions for smart-home IoT devices. Proceedings of the 2016 IEEE International Conference on Advanced Networks and Telecommunications Systems (ANTS), Bangalore, India.","DOI":"10.1109\/ANTS.2016.7947781"},{"key":"ref_22","doi-asserted-by":"crossref","first-page":"5","DOI":"10.1023\/A:1010933404324","article-title":"Random forests","volume":"45","author":"Breiman","year":"2001","journal-title":"Mach. Learn."},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Wang, D., He, D., Cheng, H., and Wang, P. (July, January 28). fuzzyPSM: A new password strength meter using fuzzy probabilistic context-free grammars. Proceedings of the 2016 46th Annual IEEE\/IFIP International Conference on Dependable Systems and Networks (DSN), Toulouse, France.","DOI":"10.1109\/DSN.2016.60"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Wang, D., Zhang, Z., Wang, P., Yan, J., and Huang, X. (2016, January 24\u201328). Targeted online password guessing: An underestimated threat. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, Vienna, Austria.","DOI":"10.1145\/2976749.2978339"},{"key":"ref_25","unstructured":"Das, A., Bonneau, J., Caesar, M., Borisov, N., and Wang, X. (2019, November 01). The Tangled Web of Password Reuse. Available online: https:\/\/www.semanticscholar.org\/paper\/The-Tangled-Web-of-Password-Reuse-Das-Bonneau\/b085a4e0a2b2a059b59937934c615d5a52393051."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Wang, H., Lai, T.T.T., and Roy Choudhury, R. (2015, January 7\u201311). Mole: Motion leaks through smartwatch sensors. Proceedings of the 21st Annual International Conference on Mobile Computing and Networking, Paris, France.","DOI":"10.1145\/2789168.2790121"},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Das, A.K., Pathak, P.H., Chuah, C.N., and Mohapatra, P. (2016, January 23\u201324). Uncovering privacy leakage in ble network traffic of wearable fitness trackers. Proceedings of the 17th International Workshop on Mobile Computing Systems and Applications, Augustine, FL, USA.","DOI":"10.1145\/2873587.2873594"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"477","DOI":"10.1016\/j.cose.2018.07.016","article-title":"EclipseIoT: A secure and adaptive hub for the Internet of Things","volume":"78","author":"Anthi","year":"2018","journal-title":"Comput. Secur."},{"key":"ref_29","doi-asserted-by":"crossref","unstructured":"Hale, M.L., Ellis, D., Gamble, R., Waler, C., and Lin, J. (2015, January 3). Secu Wear: An open source, multi-component hardware\/software platform for exploring wearable security. Proceedings of the 2015 IEEE International Conference on Mobile Services, Coimbra, Portugal.","DOI":"10.1109\/MobServ.2015.23"},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"26","DOI":"10.1145\/2981546","article-title":"Advanced security testbed framework for wearable IoT devices","volume":"16","author":"Siboni","year":"2016","journal-title":"ACM Trans. Internet Technol. (TOIT)"},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Tekeoglu, A., and Tosun, A.S. (2015, January 3\u20136). Investigating security and privacy of a cloud-based wireless IP camera: NetCam. Proceedings of the 2015 24th International Conference on Computer Communication and Networks (ICCCN), Las Vegas, NV, USA.","DOI":"10.1109\/ICCCN.2015.7288421"},{"key":"ref_32","unstructured":"West, J., Kohno, T., Lindsay, D., and Sechman, J. (2019, November 01). Wearfit: Security design analysis of a wearable fitness tracker. Available online: https:\/\/cybersecurity.ieee.org\/blog\/2016\/02\/17\/wearfit-security-design-analysis-of-a-wearable-fitness-tracker\/."},{"key":"ref_33","doi-asserted-by":"crossref","first-page":"65","DOI":"10.1145\/2318857.2254767","article-title":"A first look at cellular machine-to-machine traffic: Large scale measurement and characterization","volume":"40","author":"Shafiq","year":"2012","journal-title":"ACM SIGMETRICS Perform. Eval. Rev."},{"key":"ref_34","unstructured":"Laner, M., Svoboda, P., Nikaein, N., and Rupp, M. (2013, January 27\u201330). Traffic models for machine type communications. Proceedings of the ISWCS 2013 Tenth International Symposium on Wireless Communication Systems, Ilmenau, Germany."},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Sivanathan, A., Sherratt, D., Gharakheili, H.H., Radford, A., Wijenayake, C., Vishwanath, A., and Sivaraman, V. (2017, January 1\u20134). Characterizing and classifying IoT traffic in smart cities and campuses. Proceedings of the 2017 IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), Atlanta, GA, USA.","DOI":"10.1109\/INFCOMW.2017.8116438"},{"key":"ref_36","first-page":"1","article-title":"Object classification based context management for identity management in internet of things","volume":"63","author":"Mahalle","year":"2013","journal-title":"Int. J. Comput. Appl."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Meidan, Y., Bohadana, M., Shabtai, A., Guarnizo, J.D., Ochoa, M., Tippenhauer, N.O., and Elovici, Y. (2017, January 4\u20136). ProfilIoT: A machine learning approach for IoT device identification based on network traffic analysis. Proceedings of the Symposium on Applied Computing, Marrakech, Morocco.","DOI":"10.1145\/3019612.3019878"},{"key":"ref_38","unstructured":"Apthorpe, N., Reisman, D., and Feamster, N. (2017). A smart home is no castle: Privacy vulnerabilities of encrypted iot traffic. arXiv."},{"key":"ref_39","unstructured":"(2019, November 01). Amazon Echo\u2014Previous Generation. Available online: https:\/\/www.amazon.com\/Amazon-Echo-Bluetooth-Speaker-with-WiFi-Alexa\/dp\/B00X4WHP5E."},{"key":"ref_40","unstructured":"(2019, November 01). Nest Cam Indoor|This Is What a Home Security Camera Should Be|Nest. Available online: https:\/\/nest.com\/cameras\/nest-cam-indoor\/overview\/."},{"key":"ref_41","unstructured":"(2019, November 01). Belkin|iPhone, Apple Watch, iPad, Kindle, Samsung & Networking Accessories. Available online: http:\/\/www.belkin.com\/us\/."},{"key":"ref_42","unstructured":"Trackers, B.S. (2019, November 01). Hello Sense. Available online: https:\/\/sleeptrackers.io\/sense\/."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Siby, S., Maiti, R.R., and Tippenhauer, N. (2017). Iotscanner: Detecting and classifying privacy threats in iot neighborhoods. arXiv.","DOI":"10.1145\/3055245.3055253"},{"key":"ref_44","unstructured":"Apthorpe, N., Reisman, D., Sundaresan, S., Narayanan, A., and Feamster, N. (2017). Spying on the smart home: Privacy attacks and defenses on encrypted iot traffic. arXiv."},{"key":"ref_45","unstructured":"(2019, November 01). Wireshark Chapter 1. Introduction. Available online: https:\/\/www.wireshark.org\/docs\/wsug_html_chunked\/ChapterIntroduction.html."},{"key":"ref_46","unstructured":"(2019, November 01). ARP Spoofing. Available online: https:\/\/www.veracode.com\/security\/arp-spoofing."},{"key":"ref_47","unstructured":"(2019, November 01). Configuring an Android Device to Work Wi..\u201d., PortSwigger Web Security. Available online: https:\/\/support.portswigger.net\/customer\/portal\/articles\/1841101-configuring-an-android-device-to-work-with-burp."},{"key":"ref_48","doi-asserted-by":"crossref","unstructured":"Merzdovnik, G., Buhov, D., Voyiatzis, A.G., and Weippl, E.R. (September, January 31). Notary-Assisted Certificate Pinning for Improved Security of Android Apps. Proceedings of the 2016 11th International Conference on Availability, Reliability and Security (ARES), Salzburg, Austria.","DOI":"10.1109\/ARES.2016.42"},{"key":"ref_49","doi-asserted-by":"crossref","first-page":"1153","DOI":"10.1109\/COMST.2015.2494502","article-title":"A survey of data mining and machine learning methods for cyber security intrusion detection","volume":"18","author":"Buczak","year":"2015","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_50","unstructured":"(2019, November 01). sklearn.ensemble.RandomForestClassifier\u2014Scikit-Learn 0.21.1 Documentation. Available online: https:\/\/scikit-learn.org\/stable\/modules\/generated\/sklearn.ensemble.RandomForestClassifier.html."}],"container-title":["Sensors"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1424-8220\/19\/21\/4777\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T13:31:33Z","timestamp":1760189493000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1424-8220\/19\/21\/4777"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2019,11,3]]},"references-count":50,"journal-issue":{"issue":"21","published-online":{"date-parts":[[2019,11]]}},"alternative-id":["s19214777"],"URL":"https:\/\/doi.org\/10.3390\/s19214777","relation":{},"ISSN":["1424-8220"],"issn-type":[{"value":"1424-8220","type":"electronic"}],"subject":[],"published":{"date-parts":[[2019,11,3]]}}}