IoT Device Fingerprint using Deep Learning

Device Fingerprinting (DFP) is the identification of a device without using its network or other assigned identities including IP address, Medium Access Control (MAC) address, or International Mobile Equipment Identity (IMEI) number. DFP identifies a device using information from the packets which the device uses to communicate over the network. Packets are received at a router and processed to extract the information. In this paper, we worked on the DFP using Inter Arrival Time (IAT). IAT is the time interval between the two consecutive packets received. This has been observed that the IAT is unique for a device because of different hardware and the software used for the device. The existing work on the DFP uses the statistical techniques to analyze the IAT and to further generate the information using which a device can be identified uniquely. This work presents a novel idea of DFP by plotting graphs of IAT for packets with each graph plotting 100 IATs and subsequently processing the resulting graphs for the identification of the device. This approach improves the efficiency to identify a device DFP due to achieved benchmark of the deep learning libraries in the image processing. We configured Raspberry Pi to work as a router and installed our packet sniffer application on the Raspberry Pi . The packet sniffer application captured the packet information from the connected devices in a log file. We connected two Apple devices iPad4 and iPhone 7 Plus to the router and created IAT graphs for these two devices. We used Convolution Neural Network (CNN) to identify the devices and observed the accuracy of 86.7%

Stay Connected, Leave no Trace: Enhancing Security and Privacy in WiFi via Obfuscating Radiometric Fingerprints

The intrinsic hardware imperfection of WiFi chipsets manifests itself in the transmitted signal, leading to a unique radiometric fingerprint. This fingerprint can be used as an additional means of authentication to enhance security. In fact, recent works propose practical fingerprinting solutions that can be readily implemented in commercial-off-the-shelf devices. In this paper, we prove analytically and experimentally that these solutions are highly vulnerable to impersonation attacks. We also demonstrate that such a unique device-based signature can be abused to violate privacy by tracking the user device, and, as of today, users do not have any means to prevent such privacy attacks other than turning off the device. We propose RF-Veil, a radiometric fingerprinting solution that not only is robust against impersonation attacks but also protects user privacy by obfuscating the radiometric fingerprint of the transmitter for non-legitimate receivers. Specifically, we introduce a randomized pattern of phase errors to the transmitted signal such that only the intended receiver can extract the original fingerprint of the transmitter. In a series of experiments and analyses, we expose the vulnerability of adopting naive randomization to statistical attacks and introduce countermeasures. Finally, we show the efficacy of RF-Veil experimentally in protecting user privacy and enhancing security. More importantly, our proposed solution allows communicating with other devices, which do not employ RF-Veil.Comment: ACM Sigmetrics 2021 / In Proc. ACM Meas. Anal. Comput. Syst., Vol. 4, 3, Article 44 (December 2020

Cooperative positioning studies based on WLANs

Location information and location-based service have gained importance in recent years because, based on their concept, a new business market has been opened which encompass emergency services, security, monitoring, tracking, logistics, etc. Nowadays, the most developed positioning systems, namely the Global Navigation Satellite Systems (GNSS), are meant for outdoor use. In order to integrate outdoor and indoor localization in the same mobile application, several lines of research have been created for the purpose of investigating the possibility of wireless network technologies and of overcoming the challenges faced by GNSS in performing localization and navigation in indoor environments. The benefit in using wireless networks is that they provide a minimally invasive solution which is based on software algorithms that can be implemented and executed in the Mobile Station (MS) or in a Location Server connected to the network. This thesis focuses on the development of localization approaches based on Received Signal Strength (RSS) and applied in WLANs. Such approaches demonstrated in recent research advances that RSS-based localization algorithms are the simplest existing approaches due to the fact that the RSSs are most accessible existing measurements. RSS measurements can be used with two main algorithms, which are addressed in this thesis: Fingerprinting method (FP) and Pathloss method (PL). These two methods can be applied in both cooperative and non-cooperative algorithms. Such algorithms are evaluated here in terms of Root Mean Square Error (RMSE) for both simulated and real-field data

Développement du changement aléatoire d'adresse MAC étudié grâce á l'utilisation des adresses MAC localement administrée

In this document, we study the spread of random MAC addresses in Wi-Fi service discovery. To do so, we gather several datasets of probe requests from 2013-2017 and leverage an indicator of such addresses: the Locally Administered bit. We observe a trend of global increase in absolute random addresses use, even though the per-frame count these addresses is still low.Dans ce document, nous étudions l'évolution des adresses MAC aléatoires dans la découverte de service Wi-Fi. Pour ce faire, nous rassemblons plusieurs jeux de données récoltés entre 2013 et 2017 et nous servons d'un indicateur de l'utilisation de telles adresses : le bit Localement Administré. Nous observons une tendance globale à l'augmentation du nombre absolu d'adresses aléatoires utilisées, bien que le compte par trame soit toujours faible

On the trade-off between uncertainty and delay in UWB and 5G localization

Location-aware technologies in combination with emerging wireless communication systems\ua0have revolutionized many aspects of our daily lives by means of applications within\ua0the commercial, public and military sectors. Ultra-wideband (UWB) and 5G stand\ua0out as emerging radio frequency (RF) based technologies that tackle the limitations of\ua0Global Positioning System solutions. The thrive in search for better accuracy involves\ua0improved ranging algorithms, higher transmission powers, network densification, larger\ua0bandwidths, and the use of cooperation among nodes in the network. However, practical\ua0implementations introduce communication related constraints. In this thesis, we study\ua0the trade-off between localization accuracy and communication constraints in terms of\ua0delay. This trade-off is investigated and quantified for two of the most rapidly growing\ua0RF technologies for high precision positioning: UWB and 5G.In UWB, we investigate the trade-off between medium access control (MAC) delay and\ua0accuracy based on a two-way-ranging and a spatial time division multiple access scheme.\ua0We quantify this relationship by deriving lower bounds on localization accuracy and MAC\ua0delay during the measurements phase, which is often neglected in the analyses. We find\ua0that the traditional means to improve accuracy such as increased number of anchors,\ua0increased communication range, and cooperation among nodes, come at a significant cost\ua0in terms of delay, which can be mitigated by means of techniques such as selective ranging\ua0and eavesdropping. We summarize and generalize our findings by characterizing the\ua0position error and delay lower bounds by deriving asymptotic scaling laws. These scaling\ua0laws are presented for dense noncooperative and cooperative networks in combination\ua0with delay mitigation techniques. Moreover, we introduce a delay/accuracy trade-off\ua0parameter, which can uniquely quantify the trade-off as a function of the agent and\ua0anchor density. Finally, we consider the problem of fast link scheduling and propose an\ua0optimization strategy to perform robust ranging scheduling with localization constraints.\ua0We propose two MAC-aware link selection heuristic approximation approaches which\ua0show similar performance as the optimal solution, but alleviate the problem complexity.In 5G, we analyze the interplay between communication and positioning within the initial\ua0access procedure between a transmitter and a receiver in a millimeter-wave multipleinput\ua0multiple-output system. We exploit the ability of the receiver to determine its\ua0location during the beam selection process and thus, improve the subsequent selection\ua0of beams within initial access. First, assuming that only the transmitter has beamforming\ua0capabilities, we propose an in-band position-aided transmitter beam selection\ua0protocol for scenarios with direct line-of-sight and scattering. Then, we extend the work\ua0and propose an in-band position-aided beam selection protocol where we also allow for\ua0the receiver to perform beamforming in scenarios with line-of-sight, reflected paths, and\ua0possible beam alignment errors. Both protocols show similar performance compared to\ua0their conventional counterparts in terms of final achieved signal-to-noise ratio, but they\ua0are significantly faster and can additionally provide the position and orientation of the\ua0devices in an accurate manner

Location-Enabled IoT (LE-IoT): A Survey of Positioning Techniques, Error Sources, and Mitigation

The Internet of Things (IoT) has started to empower the future of many industrial and mass-market applications. Localization techniques are becoming key to add location context to IoT data without human perception and intervention. Meanwhile, the newly-emerged Low-Power Wide-Area Network (LPWAN) technologies have advantages such as long-range, low power consumption, low cost, massive connections, and the capability for communication in both indoor and outdoor areas. These features make LPWAN signals strong candidates for mass-market localization applications. However, there are various error sources that have limited localization performance by using such IoT signals. This paper reviews the IoT localization system through the following sequence: IoT localization system review -- localization data sources -- localization algorithms -- localization error sources and mitigation -- localization performance evaluation. Compared to the related surveys, this paper has a more comprehensive and state-of-the-art review on IoT localization methods, an original review on IoT localization error sources and mitigation, an original review on IoT localization performance evaluation, and a more comprehensive review of IoT localization applications, opportunities, and challenges. Thus, this survey provides comprehensive guidance for peers who are interested in enabling localization ability in the existing IoT systems, using IoT systems for localization, or integrating IoT signals with the existing localization sensors