Privacy-preserving detection of encrypted AI traffic in IoT using lightweight flow-level machine learning

Padmanabhan, Dinoja (2025) Privacy-preserving detection of encrypted AI traffic in IoT using lightweight flow-level machine learning. World Journal of Advanced Research and Reviews, 27 (1). pp. 1302-1308. ISSN 2581-9615

The widespread integration of AI-driven services into IoT ecosystems introduces pressing cybersecurity and traffic visibility challenges—particularly in the presence of encrypted, low-latency protocols such as WebSocket Secure (WSS) and Model Context Protocol (MCP) over HTTPS. Traditional Deep Packet Inspection (DPI) techniques are rendered ineffective due to encryption, and payload-dependence is increasingly impractical amid growing privacy and regulatory constraints. This study presents a novel, technically robust, and scalable machine learning framework that classifies AI-generated traffic using only flow-level metadata. By leveraging transport-layer characteristics such as session duration and directional byte counts, this method achieves high F1 scores across encrypted and unencrypted WebSocket traffic, and perfect accuracy in classifying MCP streams. The framework is evaluated across multiple traffic scenarios using Random Forest and Logistic Regression models, yielding F1 scores exceeding 0.97 for WebSockets and 0.99 for MCP. Designed for efficiency, the system executes with sub-5ms inference latency on edge-grade devices, making it ideal for real-time IoT deployments. This work addresses a critical visibility gap in encrypted AI communications and contributes a privacy-preserving, protocol-agnostic approach to next-generation traffic classification in smart environments.