Location-Invariant Physical Layer Identification Approach for WiFi Devices

Li, Guyue; Yu, Jongmin; Xing, Yacheng; Hu, Aiqun

doi:10.1109/access.2019.2933242

Cited by 47 publications

(14 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Radiometric fingerprinting can enhance the security of networks by enabling means of additional authentication based on physical layer properties of devices [5,21,23]. However, we found that an adversary can easily impersonate other devices exploiting the fingerprinting scheme proposed by Liu et al [23].…”

Section: Attack Scenario Ii: Compromising Security Via Impersonation Attacksmentioning

confidence: 84%

“…We have also witnessed a variety of masquerading attacks in which the adversary mounts a machine-in-themiddle (MitM) attack by creating a rogue access point (AP), mimicking the identity (i.e., SSID) of a legitimate AP. It has been shown that physical layer security, in particular, radiometric (radio frequency) fingerprinting can thwart such attacks [5,21,23].…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Stay Connected, Leave no Trace

Fernando

BäumlAndreas

Hong

et al. 2020

Proc. ACM Meas. Anal. Comput. Syst.

View full text Add to dashboard Cite

The intrinsic hardware imperfection of WiFi chipsets manifests itself in the transmitted signal, leading to a unique radiometric fingerprint. This fingerprint can be used as an additional means of authentication to enhance security. In fact, recent works propose practical fingerprinting solutions that can be readily implemented in commercial-off-the-shelf devices. In this paper, we prove analytically and experimentally that these solutions are highly vulnerable to impersonation attacks. We also demonstrate that such a unique device-based signature can be abused to violate privacy by tracking the user device, and, as of today, users do not have any means to prevent such privacy attacks other than turning off the device. We propose RF-Veil, a radiometric fingerprinting solution that not only is robust against impersonation attacks but also protects user privacy by obfuscating the radiometric fingerprint of the transmitter for non-legitimate receivers. Specifically, we introduce a randomized pattern of phase errors to the transmitted signal such that only the intended receiver can extract the original fingerprint of the transmitter. In a series of experiments and analyses, we expose the vulnerability of adopting naive randomization to statistical attacks and introduce countermeasures. Finally, we show the efficacy of RF-Veil experimentally in protecting user privacy and enhancing security. More importantly, our proposed solution allows communicating with other devices, which do not employ RF-Veil.

show abstract

Section: Attack Scenario Ii: Compromising Security Via Impersonation Attacksmentioning

confidence: 84%

Section: Introductionmentioning

confidence: 99%

Stay Connected, Leave no Trace

Fernando

BäumlAndreas

Hong

et al. 2020

Proc. ACM Meas. Anal. Comput. Syst.

View full text Add to dashboard Cite

show abstract

“…RFF identification has been prototyped in conjunction with a number of wireless techniques, such as WiFi [285], [290], ZigBee [287], [291], Bluetooth [292] and LoRa [293]- [295], just to name a few. Because RFF identification exploits the features of wireless transceivers, it is a perfect candidate for key generation in an integrated security framework [87].…”

Section: B Rff Identificationmentioning

confidence: 99%

A New Frontier for IoT Security Emerging From Three Decades of Key Generation Relying on Wireless Channels

et al. 2020

Self Cite

View full text Add to dashboard Cite

The Internet of Things (IoT) is a transformative technology, which is revolutionizing our everyday life by connecting everyone and everything together. The massive number of devices are preferably connected wirelessly because of the easy installment and flexible deployment. However, the broadcast nature of the wireless medium makes the information accessible to everyone including malicious users, which should hence be protected by encryption. Unfortunately, the secure and efficient provision of cryptographic keys for low-cost IoT devices is challenging; weak keys have resulted in severe security breaches, as evidenced by numerous notorious cyberattacks. This paper provides a comprehensive survey of lightweight security solutions conceived for IoT, relying on key generation from wireless channels. We first introduce the key generation fundamentals and protocols. We then examine how to apply this emerging technique to secure IoT and demonstrate that key generation relying on the randomness of wireless channels is eminently suitable for IoT. This paper reviews the extensive research efforts in the areas of theoretical modelling, simulation based validation and experimental exploration. We finally discuss the hurdles and challenges that key generation is facing and suggest future work to make key generation a reliable and secure solution to safeguard the IoT.

show abstract

“…It should be noted that a great majority of CSI enabled researches depend on limited categories of Network Interface Cards (NICs) for data collection, owing to the limitation of CSI Tools [90]. However, the authors in [102] forward way is to remap signals into the time-frequency domain [103]. In [104], the authors use the STFT (Short-Time Fourier Transform) with the SVM algorithm to identify four different transceivers.…”

Section: B Feature-based Statistical Learning For Specific Device Ide...mentioning

confidence: 99%

Machine Learning for the Detection and Identification of Internet of Things (IoT) Devices: A Survey

Liu

Wang

et al. 2021

Preprint

View full text Add to dashboard Cite

The Internet of Things (IoT) is becoming an indispensable part of everyday life, enabling a variety of emerging services and applications. However, the presence of rogue IoT devices has exposed the IoT to untold risks with severe consequences. The first step in securing the IoT is detecting rogue IoT devices and identifying legitimate ones. Conventional approaches use cryptographic mechanisms to authenticate and verify legitimate devices' identities. However, cryptographic protocols are not available in many systems. Meanwhile, these methods are less effective when legitimate devices can be exploited or encryption keys are disclosed. Therefore, non-cryptographic IoT device identification and rogue device detection become efficient solutions to secure existing systems and will provide additional protection to systems with cryptographic protocols. Noncryptographic approaches require more effort and are not yet adequately investigated. In this paper, we provide a comprehensive survey on machine learning technologies for the identification of IoT devices along with the detection of compromised or falsified ones from the viewpoint of passive surveillance agents or network operators. We classify the IoT device identification and detection into four categories: device-specific pattern recognition, Deep Learning enabled device identification, unsupervised device identification, and abnormal device detection. Meanwhile, we discuss various ML-related enabling technologies for this purpose. These enabling technologies include learning algorithms, feature engineering on network traffic traces and wireless signals, continual learning, and abnormality detection.

show abstract

Location-Invariant Physical Layer Identification Approach for WiFi Devices

Cited by 47 publications

References 39 publications

Stay Connected, Leave no Trace

Stay Connected, Leave no Trace

A New Frontier for IoT Security Emerging From Three Decades of Key Generation Relying on Wireless Channels

Machine Learning for the Detection and Identification of Internet of Things (IoT) Devices: A Survey

Contact Info

Product

Resources

About