Benjamin W. Ramsey scite author profile

Improved wireless ZigBee network security provides a means to mitigate malicious network activity due to unauthorized devices. Security enhancement using RF-based features can augment conventional bit-level security approaches that are solely based on the MAC addresses of Zig-Bee devices. This paper presents a device identity verification process using RF fingerprints from like-model CC2420 2.4 GHz ZigBee device transmissions in operational indoor scenarios involving line-of-sight and through-wall propagation channels, as well as an anechoic chamber representing near-ideal conditions. A trained multiple discriminant analysis model was generated using normalized multivariate Gaussian test statistics from authorized network devices. Authorized device classification and ID verification were assessed using pre-classification Kolmogorov-Smirnov (KS) feature ranking and post-classification generalized relevance learning vector quantization improved (GRLVQI) relevance ranking. A true verification rate greater than 90% and a false verification rate less than 10% were obtained when assessing authorized device IDs. When additional rogue devices were introduced that attempted to gain unauthorized network access by spoofing the bit-level credentials of authorized devices, the KS-test feature set achieved a true verification rate greater than 90% and a rogue reject rate greater than 90% in 29 of 36 rogue scenarios while the GRLVQI feature set was successful in 28 of 36 scenarios.

show abstract

PHY foundation for multi-factor ZigBee node authentication

Ramsey

Temple

Mullins

2012

View full text Add to dashboard Cite

The ZigBee specification builds upon IEEE 802.15.4 low-rate wireless personal area standards by adding security and mesh networking functionality. ZigBee networks may be secured through 128-bit encryption keys and by MAC address access control lists, yet these credentials are vulnerable to interception and spoofing via free software tools available over the Internet. This work proposes a multi-factor PHY-MAC-NWK security framework for ZigBee that augments bit-level security using radio frequency (RF) PHY features. These features, or RF fingerprints, can be used to differentiate between dissimilar or like-model wireless devices. Previous PHY-based works on mesh network device differentiation predominantly exploited the signal turn-on region, measured in nanoseconds. For an arbitrary benchmark of 90% or better classification accuracy, this work shows that reliable PHY-based ZigBee device discrimination can be achieved at SNR ≥ 8 dB. This is done using the entire transmission preamble, which is less technically challenging to detect and is over 1000 times longer than the signal turn-on region. This work also introduces a statistical, pre-classification feature ranking technique for identifying relevant features that dramatically reduces the number of RF fingerprint features without sacrificing classification performance.

show abstract

Dimensional reduction analysis for Physical Layer device fingerprints with application to ZigBee and Z-Wave devices

Bihl

Bauer

Temple

et al. 2015

View full text Add to dashboard Cite

Radio Frequency RF Distinct Native Attribute (RF-DNA) Fingerprinting is a PHY-based security method that enhances device identification (ID). ZigBee 802.15.4 security is of interest here given its widespread deployment in Critical Infrastructure (CI) applications. RF-DNA features can be numerous, correlated, and noisy. Feature Dimensional Reduction Analysis (DRA) is considered here with a goal of: 1) selecting appropriate features (feature selection) and 2) selecting the appropriate number of features (dimensionality assessment). Five selection methods are considered based on Generalized Relevance Learning Vector Quantization-Improved (GRLVQI) feature relevance ranking, and p-value and test statistic rankings from both the two-sample Kolmogorov-Smirnov (KS) Test and the one-way Analysis of Variance (ANOVA) F-test. Dimensionality assessment is considered using previous qualitative (subjective) methods and quantitative methods developed herein using data covariance matrices and the KS and F-test p-values. ZigBee discrimination (classification and ID verification) is evaluated under varying signal-to-noise ratio (SNR) conditions for both authorized and unauthorized rogue devices. Test statistic approaches emerge as superior to p-value approaches and offer both higher resolution in selecting features and generally better device discrimination. With appropriate feature selection, using only 16% of the data is shown to achieve better classification performance than when using all of the data. Preliminary firstlook results for Z-Wave devices are also presented and shown to be consistent with ZigBee device fingerprinting performance.

show abstract

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.