Wireless Device Authentication Techniques Using Physical-Layer Device Fingerprint

Due to the open nature of the radio signal propagation medium, wireless communication is inherently more vulnerable to various attacks than wired communication. Consequently, communication security is always one of the critical concerns in wireless networks. Given that the sophisticated adversaries may cover up their malicious behaviors through impersonation of legitimate devices, reliable wireless authentication is becoming indispensable to prevent such impersonation-based attacks through verification of the claimed identities of wireless devices. Conventional wireless authentication is achieved above the physical layer using upper-layer identities and key-based cryptography. As a result, user authenticity can even be validated for the malicious attackers using compromised security key. Recently, many studies have proven that wireless devices can be authenticated by exploiting unique physical-layer characteristics. Compared to the key-based approach, the possession of such physical-layer characteristics is directly associated with the transceiver\u27s unique radio-frequency hardware and corresponding communication environment, which are extremely difficult to forge in practice. However, the reliability of physical-layer authentication is not always high enough. Due to the popularity of cooperative communications, effective implementation of physical-layer authentication in wireless relay systems is urgently needed. On the other hand, the integration with existing upper-layer authentication protocols still has many challenges, e.g., end-to-end authentication. This dissertation is motivated to develop novel physical-layer authentication techniques in addressing the aforementioned challenges. In achieving enhanced wireless authentication, we first specifically identify the technique challenges in authenticating cooperative amplify-and-forward (AF) relay. Since AF relay only works at the physical layer, all of the existing upper-layer authentication protocols are ineffective in identifying AF relay nodes. To solve this problem, a novel device fingerprint of AF relay consisting of wireless channel gains and in-phase and quadrature imbalances (IQI) is proposed. Using this device fingerprint, satisfactory authentication accuracy is achieved when the signal-to-noise ratio is high enough. Besides, the optimal AF relay identification system is studied to maximize the performance of identifying multiple AF relays in the low signal-to-noise regime and small IQI. The optimal signals for quadrature amplitude modulation and phase shift keying modulations are derived to defend against the repeated access attempts made by some attackers with specific IQIs. Exploring effective authentication enhancement technique is another key objective of this dissertation. Due to the fast variation of channel-based fingerprints as well as the limited range of device-specific fingerprints, the performance of physical-layer authentication is not always reliable. In light of this, the physical-layer authentication is enhanced in two aspects. On the one hand, the device fingerprinting can be strengthened by considering multiple characteristics. The proper characteristics selection strategy, measurement method and optimal weighted combination of the selected characteristics are investigated. On the other hand, the accuracy of fingerprint estimation and differentiation can be improved by exploiting diversity techniques. To be specific, cooperative diversity in the form of involving multiple collaborative receivers is used in differentiating both frequency-dependent and frequency-independent device fingerprints. As a typical combining method of the space diversity techniques, the maximal-ratio combining is also applied in the receiver side to combat the channel degeneration effect and increase the fingerprint-to-noise ratio. Given the inherent weaknesses of the widely utilized upper-layer authentication protocols, it is straightforward to consider physical-layer authentication as an effective complement to reinforce existing authentication schemes. To this end, a cross-layer authentication is designed to seamlessly integrate the physical-layer authentication with existing infrastructures and protocols. The specific problems such as physical-layer key generation as well as the end-to-end authentication in networks are investigated. In addition, the authentication complexity reduction is also studied. Through prediction, pre-sharing and reusing the physical-layer information, the authentication processing time can be significantly shortened

FID: Function Modeling-based Data-Independent and Channel-Robust Physical-Layer Identification

Trusted identification is critical to secure IoT devices. However, the limited memory and computation power of low-end IoT devices prevent the direct usage of conventional identification systems. RF fingerprinting is a promising technique to identify low-end IoT devices since it only requires the RF signals that most IoT devices can produce for communication. However, most existing RF fingerprinting systems are data-dependent and/or not robust to impacts from wireless channels. To address the above problems, we propose to exploit the mathematical expression of the physical-layer process, regarded as a function $\mathbf{\mathcal{F}(\cdot)}$, for device identification. $\mathbf{\mathcal{F}(\cdot)}$ is not directly derivable, so we further propose a model to learn it and employ this function model as the device fingerprint in our system, namely $\mathcal{F}$ID. Our proposed function model characterizes the unique physical-layer process of a device that is independent of the transmitted data, and hence, our system $\mathcal{F}$ID is data-independent and thus resilient against signal replay attacks. Modeling and further separating channel effects from the function model makes $\mathcal{F}$ID channel-robust. We evaluate $\mathcal{F}$ID on thousands of random signal packets from $33$ different devices in different environments and scenarios, and the overall identification accuracy is over $99\%$.Comment: Accepted to INFOCOM201