Enhancing Privacy in IoT Networks: A Comparative Analysis of Classification and Defense Methods

The rapid proliferation of Internet of Things (IoT) devices has led to a substantial increase in network packet traffic, raising significant privacy concerns. Although traffic encryption is employed to protect the privacy of IoT devices, attackers can still leverage Machine Learning (ML) and Deep Learning (DL) techniques to classify device types by analyzing packet characteristics, such as size and timing. The main challenges in the state of the art are the lack of effective methods for exposing privacy violations in encrypted IoT traffic, and the absence of robust defense mechanisms to mitigate privacy breaches caused by network traffic analysis. Considering these challenges, this study presents two key contributions: (i) a novel vector-based classification method that enhances device-type identification from encrypted IoT traffic using advanced ML and DL techniques, and (ii) a robust defense mechanism based on Differential Privacy (DP) and advanced padding techniques against traffic analysis attacks. Therefore, the study examines privacy risks associated with sequential IoT device data and evaluates the effectiveness of ML algorithms using two datasets. The results demonstrate that the proposed vector-based classification method significantly improves the attacker’s classification accuracy, even when privacy-preserving techniques, such as padding, are used to obscure device-type classification. For this purpose, the study evaluates eXtreme Gradient Boosting (XGBoost), Long Short-Term Memory (LSTM), and Gated Recurrent Unit (GRU) for IoT traffic classification, achieving an accuracy rate of 99.61% with XGBoost, 96.74% with LSTM, and 96.94% with GRU. Additionally, the Decision Tree (DT), Random Forest (RF), k-Nearest Neighbors (kNN), and GRU classification algorithms are also evaluated and compared with the XGBoost and LSTM classifiers for the proposed attack model. As a defense mechanism, DP is applied using the Fourier Perturbation Algorithm (FPA) to optimize padding strategies while maintaining network efficiency. A comparative analysis with state of the art padding techniques, including Adaptive Packet Padding (APP), and the proposed DP-based defense mechanism demonstrates that the proposed defense approach achieves a superior privacy-utility balance. The findings reveal that while padding techniques reduce classification accuracy, the novel vector method significantly enhances attack performance, underscoring the need for stronger defense strategies. Consequently, this study addresses a critical gap in the literature by providing a comprehensive evaluation of privacy risks, classification robustness, and the effectiveness of DP-based defense in IoT network traffic. Thus, the proposed research provides practical insights for enhancing privacy preservation while maintaining network performance, thereby contributing to the development of more secure IoT communication frameworks.