Journal of Engineering and Sustainable Development http://jeasd.uomustansiriyah.edu.iq/index.php https://doi.org/10.31272/jeasd.conf.2.1.14 2 nd online Scientific conference for Graduate Engineering Students June 2021 1-115 *Corresponding Author: egma018@uomustansiriyah.edu.iq Work of This Research is Licensed under CC BY Abstract: The pervasive availability of the Internet of Things (IoT) markets lures targets for cyber-attacks since most manufactured IoT devices are usually resource- constrained devices. The first powerful line of IoT network protection from these vulnerabilities is detecting IoT devices especially the unauthorized ones by utilizing machine learning (ML) algorithms. Actually, it is so difficult or even impossible to find individual unknown IoT devices during the setup phase but, knowing their manufacturers is a matter to be deliberate. In this paper, a new method based fingerprints generation is introduced to detect the connected devices in the setup phase. Fingerprints for 21 different IoT devices are generated using devices’ network traffic. The whole produced fingerprints of devices are divided into four groups according to their manufacturers or fingerprints similarity proportion. Gradient Boosting Algorithm is applied to achieve the identified purposes. The proposed method is considered as a preparatory study for early detection of unauthorized. The performance evaluation for the proposed method was calculated based on two metrics: Identification accuracy and F1-score. The average identification accuracy rate was around 98.65%, while the average F1-score was about 99%. Keywords: Device Fingerprint, Gradient Boosting Algorithm, Internet of Things (IoT), Machine Learning, Network Traffic. 1. Introduction Internet of Things (IoT) is defined as a distributed and interconnected network of embedded systems which are communicated through either wired or wireless communication network technologies. It is also regarded as the network of things or physical objects empowered with limited communication capabilities, computation, and storage as well as it is embedded with electronics (e.g. sensors and actuators), application, and network connectivity that giving these objects the ability to collect, exchange, and sometimes process data [1]. IoT is globally expanding, offering diverse benefits in almost every aspect of human life [2]. It is expected that the campuses’ and future enterprises’ networks will be instrumented with a massive number of smart devices to provide remote control, surveillance, security, entertainment, and powerful management for smart cities and industries [3]. Along with the benefits, this rapid development and integration of IoT in addition to the heterogeneity of the connected devices cause the security problem of IoT to be an urgent threat for this age. Once the IoT vulnerabilities are exploited by attackers, it will give them the ability to control the device, privacy leakage of users, and posing other security concerns like IoT Mirai botnet and launch some types of attacks on IoT network infrastructure which lead to network congestion [4], [5]. Although the embedded security modules are produced by many vendors on the markets, many attackers continue holding a dominant position due to the unprecedented amount of daily production and malware types [6]. Therefore, knowing which IoT devices are GRADIENT BOOSTING ALGORITHM FOR EARLY DETECTION OF UNKNOWN INTERNET OF THINGS DEVICES *Vian A. Ferman 1 Mohammed A. Tawfeeq 1 1) Computer Engineering Department, College of Engineering, Mustansiriyah University, Baghdad, Iraq