Next Article in Journal
Pattern Augmented Lightweight Convolutional Neural Network for Intrusion Detection System
Next Article in Special Issue
Drift Adaptive Online DDoS Attack Detection Framework for IoT System
Previous Article in Journal
Image Division Using Threshold Schemes with Privileges
Previous Article in Special Issue
Machine Learning Techniques for Cyberattack Prevention in IoT Systems: A Comparative Perspective of Cybersecurity and Cyberdefense in Colombia
 
 
Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
Journals
Electronics
Volume 13
Issue 5
10.3390/electronics13050930
Review Report
electronics-logo
Submit to this Journal Review for this Journal Propose a Special Issue
Article Menu

Article Menu

share Share announcement Help format_quote Cite question_answer Discuss in SciProfiles
Article
Peer-Review Record

Traffic Fingerprints for Homogeneous IoT Traffic Based on Packet Payload Transition Patterns

Electronics 2024, 13(5), 930; https://doi.org/10.3390/electronics13050930
by Mingrui Fan 1, Jiaqi Gao 2, Yaru He 2, Weidong Shi 1 and Yueming Lu 1,*
Reviewer 1: Anonymous
Reviewer 2: Anonymous
Electronics 2024, 13(5), 930; https://doi.org/10.3390/electronics13050930
Submission received: 8 January 2024 / Revised: 24 January 2024 / Accepted: 29 January 2024 / Published: 29 February 2024
(This article belongs to the Special Issue Advances in IoT Security)

Round 1

Reviewer 1 Report

Comments and Suggestions for Authors

The authors propose a new method to fingerprint IoT traffic based on packets' payloads size differences, and a more efficient solution to handle the overlapping phenomenon.

The contribution is interesting and the paper is well-written enough, but for a pair of things that should be addressed before publication:

* there should be a more detailed primer on IoT traffic characteristics such to help the reader understand why many classic features are not suitable for fingerprinting;

* the way to populate the traffic feature matrix should be explained in more detail and clearer examples.

Also: the sentence "The application of new technologies represented by 5G has deepened the homogeneity of IoT Traffic" at lines 28-29 should have a citation.

Comments on the Quality of English Language

The paper is generally understandable, but it has some hard-to-read or parts and small typos.

Some examples of parts that should be rephrased are:

* lines 21-23 of the introduction;
* lines 159-163 (section "Proposed Methods").

Some example of typos:

* Figure 2: cloud should read "Hard to classificate";
* line 236: "Supple" should be "Supply";
* line 348: "Forrest" should be "Forest";
* line 412: "researchers" I assume it should be "researches".

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Reviewer 2 Report

Comments and Suggestions for Authors

The research investigates the effectiveness of traditional traffic fingerprints as a security protection mechanism in 5G IoT scenarios. Replication experiments reveal that classic traffic fingerprints, based on simple network traffic attribute features, exhibit significantly lower device identification ability in real 5G IoT scenarios compared to traditional IoT scenarios.

The study attributes this decline to the growing homogenization of IoT traffic caused by the implementation of 5G. The research identifies the need for an enhanced traffic fingerprint to address the homogeneity in IoT traffic.

Moreover, the study recognizes that the solution to the overlap issue is crucial in restricting the recognition ability of one-vs-all multi-classifiers, with existing methods having room for optimization. To address these concerns, the research proposes an enhanced IoT terminal traffic fingerprint based on packet payload transition patterns and an improved overlap solution based on density centers.
Experimental results demonstrate that the proposed traffic fingerprint achieves a Macro-Average Precision of close to 90% for network traffic from real 5G IoT terminals, while the overlap solution reduces decision-making time from hundreds to tens of seconds, maintaining accuracy.

Author Response

Please see the attachment

Author Response File: Author Response.pdf

Back to TopTop