Improved Wireless Security through Physical Layer Protocol Manipulation and Radio Frequency Fingerprinting

Wireless networks are particularly vulnerable to spoofing and route poisoning attacks due to the contested transmission medium. Traditional bit-layer defenses including encryption keys and MAC address control lists are vulnerable to extraction and identity spoofing, respectively. This dissertation explores three novel strategies to leverage the wireless physical layer to improve security in low-rate wireless personal area networks. The first, physical layer protocol manipulation, identifies true transceiver design within remote devices through analysis of replies in response to packets transmitted with modified physical layer headers. Results herein demonstrate a methodology that correctly differentiates among six IEEE 802.15.4 transceiver classes with greater than 99% accuracy, regardless of claimed bit-layer identity. The second strategy, radio frequency fingerprinting, accurately identifies the true source of every wireless transmission in a network, even among devices of the same design and manufacturer. Results suggest that even low-cost signal collection receivers can achieve greater than 90% authentication accuracy within a defense system based on radio frequency fingerprinting. The third strategy, based on received signal strength quantification, can be leveraged to rapidly locate suspicious transmission sources and to perform physical security audits of critical networks. Results herein reduce mean absolute percentage error of a widely-utilized distance estimation model 20% by examining signal strength measurements from real-world networks in a military hospital and a civilian hospital

Design of a Hybrid RF Fingerprint Extraction and Device Classification Scheme

Radio frequency (RF) fingerprint is the inherent hardware characteristics and has been employed to classify and identify wireless devices in many Internet of Things (IoT) applications. This paper extracts novel RF fingerprint features, designs a hybrid and adaptive classification scheme adjusting to the environment conditions, and carries out extensive experiments to evaluate the performance. In particular, four modulation features, namely differential constellation trace figure (DCTF), carrier frequency offset, modulation offset and I/Q offset extracted from constellation trace figure (CTF), are employed. The feature weights under different channel conditions are calculated at the training stage. These features are combined smartly with the weights selected according to the estimated signal to noise ratio (SNR) at the classification stage. We construct a testbed using universal software radio peripheral (USRP) platform as the receiver and 54 ZigBee nodes as the candidate devices to be classified, which are the most ZigBee devices ever tested. Extensive experiments are carried out to evaluate the classification performance under different channel conditions, namely line-of-sight (LOS) and non-line-of-sight (NLOS) scenarios. We then validate the robustness by carrying out the classification process 18 months after the training, which is the longest time gap. We also use a different receiver platform for classification for the first time. The classification error rate is as low as 0.048 in LOS scenario, and 0.1105 even when a different receiver is used for classification 18 months after the training. Our hybrid classification scheme has thus been demonstrated effective in classifying a large amount of ZigBee devices

Stay Connected, Leave no Trace: Enhancing Security and Privacy in WiFi via Obfuscating Radiometric Fingerprints

The intrinsic hardware imperfection of WiFi chipsets manifests itself in the transmitted signal, leading to a unique radiometric fingerprint. This fingerprint can be used as an additional means of authentication to enhance security. In fact, recent works propose practical fingerprinting solutions that can be readily implemented in commercial-off-the-shelf devices. In this paper, we prove analytically and experimentally that these solutions are highly vulnerable to impersonation attacks. We also demonstrate that such a unique device-based signature can be abused to violate privacy by tracking the user device, and, as of today, users do not have any means to prevent such privacy attacks other than turning off the device. We propose RF-Veil, a radiometric fingerprinting solution that not only is robust against impersonation attacks but also protects user privacy by obfuscating the radiometric fingerprint of the transmitter for non-legitimate receivers. Specifically, we introduce a randomized pattern of phase errors to the transmitted signal such that only the intended receiver can extract the original fingerprint of the transmitter. In a series of experiments and analyses, we expose the vulnerability of adopting naive randomization to statistical attacks and introduce countermeasures. Finally, we show the efficacy of RF-Veil experimentally in protecting user privacy and enhancing security. More importantly, our proposed solution allows communicating with other devices, which do not employ RF-Veil.Comment: ACM Sigmetrics 2021 / In Proc. ACM Meas. Anal. Comput. Syst., Vol. 4, 3, Article 44 (December 2020

Learning Robust Radio Frequency Fingerprints Using Deep Convolutional Neural Networks

Radio Frequency Fingerprinting (RFF) techniques, which attribute uniquely identifiable signal distortions to emitters via Machine Learning (ML) classifiers, are limited by fingerprint variability under different operational conditions. First, this work studied the effect of frequency channel for typical RFF techniques. Performance characterization using the multi-class Matthews Correlation Coefficient (MCC) revealed that using frequency channels other than those used to train the models leads to deterioration in MCC to under 0.05 (random guess), indicating that single-channel models are inadequate for realistic operation. Second, this work presented a novel way of studying fingerprint variability through Fingerprint Extraction through Distortion Reconstruction (FEDR), a neural network-based approach for quantifying signal distortions in a relative distortion latent space. Coupled with a Dense network, FEDR fingerprints were evaluated against common RFF techniques for up to 100 unseen classes, where FEDR achieved best performance with MCC ranging from 0.945 (5 classes) to 0.746 (100 classes), using 73% fewer training parameters than the next-best technique

The manipulation of RF-DNA fingerprints through the use of a phase-modulated clock in IEEE802.11a Wi-Fi signals

The ubiquity of IoT devices has created an urgent need to augment existing network security mechanisms by leveraging discriminating, waveform characteristics to facilitate the detection of unauthorized devices. RF-DNA fingerprints are a waveform-based approach capable of distinguishing one device from others of the same manufacturer and model. This work investigates the extent to which the intentionally inserted changes can alter the RF-DNA fingerprints of the transmitted signal without negatively impacting the receiver’s ability to demodulate the received signal. The experiments presented herein investigate intentional changes caused by the external clock to the preamble of the 802.11a Wi-Fi waveform from which RF-DNA fingerprints are extracted. Analysis is conducted using the Gabor Transform. The results show the structure of the preamble remains intact when the clock signal is phase-modulated using sine waves oscillating frequencies up to 10 kHz with deviation of 1.5 degrees, or 2.5 kHz with deviation of 90 degrees

A Comprehensive Review of Unmanned Aerial Vehicle Attacks and Neutralization Techniques

Unmanned Aerial Vehicles (UAV) have revolutionized the aircraft industry in this decade. UAVs are now capable of carrying out remote sensing, remote monitoring, courier delivery, and a lot more. A lot of research is happening on making UAVs more robust using energy harvesting techniques to have a better battery lifetime, network performance and to secure against attackers. UAV networks are many times used for unmanned missions. There have been many attacks on civilian, military, and industrial targets that were carried out using remotely controlled or automated UAVs. This continued misuse has led to research in preventing unauthorized UAVs from causing damage to life and property. In this paper, we present a literature review of UAVs, UAV attacks, and their prevention using anti-UAV techniques. We first discuss the different types of UAVs, the regulatory laws for UAV activities, their use cases, recreational, and military UAV incidents. After understanding their operation, various techniques for monitoring and preventing UAV attacks are described along with case studies