Persistent connectivity of IoT devices in smart homes leads to privacy leakage and redundant network traffic; cloud-dependent detection schemes risk exposing sensitive data, while static whitelists fail to adapt to dynamic communication patterns. Method: We propose the first edge-gateway-oriented binary classification paradigm for assessing the necessity of IoT traffic, modeling device network behavior to determine whether cloud communication targets impact core functionality—enabling real-time identification and blocking of non-essential traffic. Our approach employs lightweight feature extraction, IoT-behavior-driven label construction, and an embedded machine learning model deployed on OpenWrt, requiring no raw data upload and no predefined whitelist. Contribution/Results: The method supports generalization to unseen destinations and achieves end-to-end latency <15 ms at scale (hundreds of devices) across five real-world IoT device types, with high accuracy in intercepting non-essential traffic.

The rapid expansion of Internet of Things (IoT) devices, particularly in smart home environments, has introduced considerable security and privacy concerns due to their persistent connectivity and interaction with cloud services. Despite advancements in IoT security, effective privacy measures remain uncovered, with existing solutions often relying on cloud-based threat detection that exposes sensitive data or outdated allow-lists that inadequately restrict non-essential network traffic. This work presents ML-IoTrim, a system for detecting and mitigating non-essential IoT traffic (i.e., not influencing the device operations) by analyzing network behavior at the edge, leveraging Machine Learning to classify network destinations. Our approach includes building a labeled dataset based on IoT device behavior and employing a feature-extraction pipeline to enable a binary classification of essential vs. non-essential network destinations. We test our framework in a consumer smart home setup with IoT devices from five categories, demonstrating that the model can accurately identify and block non-essential traffic, including previously unseen destinations, without relying on traditional allow-lists. We implement our solution on a home access point, showing the framework has strong potential for scalable deployment, supporting near-real-time traffic classification in large-scale IoT environments with hundreds of devices. This research advances privacy-aware traffic control in smart homes, paving the way for future developments in IoT device privacy.