Exploitation of RF-DNA for Device Classification and Verification Using GRLVQI Processing

This dissertation introduces a GRLVQI classifier into an RF-DNA fingerprinting process and demonstrates applicability for device classification and ID verification. Unlike MDA/ML processing, GRLVQI provides a measure of feature relevance that enables Dimensional Reduction Analysis (DRA) to enhance the experimental-to-operational transition potential of RF-DNA fingerprinting. Using 2D Gabor Transform RF-DNA fingerprints extracted from experimentally collected OFDM-based 802.16 WiMAX and 802.11 WiFi device emissions, average GRLVQI classification accuracy of %C greater than or equal to 90% is achieved using full and reduced dimensional feature sets at SNR greater than or equal to 10.0 dB and SNR greater than or equal to 12.0 dB, respectively. Performance with DRA approximately 90% reduced feature sets included %C greater than or equal to 90% for 1) WiMAX features at SNR greater than or equal to 12.0 dB and 2) WiFi features at SNR greater than or equal to 13.0 dB. For device ID verification with DRA approximately 90% feature sets, GRLVQI enabled: 1) 100% ID verification of authorized WiMAX devices and 97% detection of spoofing attacks by rogue devices at SNR=18.0 dB, and 2) 100% ID verification of authorized WiFi devices at SNR=15.0 dB

Preprint: Using RF-DNA Fingerprints To Classify OFDM Transmitters Under Rayleigh Fading Conditions

The Internet of Things (IoT) is a collection of Internet connected devices capable of interacting with the physical world and computer systems. It is estimated that the IoT will consist of approximately fifty billion devices by the year 2020. In addition to the sheer numbers, the need for IoT security is exacerbated by the fact that many of the edge devices employ weak to no encryption of the communication link. It has been estimated that almost 70% of IoT devices use no form of encryption. Previous research has suggested the use of Specific Emitter Identification (SEI), a physical layer technique, as a means of augmenting bit-level security mechanism such as encryption. The work presented here integrates a Nelder-Mead based approach for estimating the Rayleigh fading channel coefficients prior to the SEI approach known as RF-DNA fingerprinting. The performance of this estimator is assessed for degrading signal-to-noise ratio and compared with least square and minimum mean squared error channel estimators. Additionally, this work presents classification results using RF-DNA fingerprints that were extracted from received signals that have undergone Rayleigh fading channel correction using Minimum Mean Squared Error (MMSE) equalization. This work also performs radio discrimination using RF-DNA fingerprints generated from the normalized magnitude-squared and phase response of Gabor coefficients as well as two classifiers. Discrimination of four 802.11a Wi-Fi radios achieves an average percent correct classification of 90% or better for signal-to-noise ratios of 18 and 21 dB or greater using a Rayleigh fading channel comprised of two and five paths, respectively.Comment: 13 pages, 14 total figures/images, Currently under review by the IEEE Transactions on Information Forensics and Securit

Real-Time RF-DNA Fingerprinting of ZigBee Devices Using a Software-Defined Radio with FPGA Processing

ZigBee networks are increasingly popular for use in medical, industrial, and other applications. Traditional security techniques for ZigBee networks are based on presenting and verifying device bit-level credentials (e.g. keys). While historically effective, ZigBee networks remain vulnerable to attack by any unauthorized rogue device that can obtain and present bit-level credentials for an authorized device. This research focused on utilizing a National Instruments (NI) X310 Software-Defined Radio (SDR) hosting an on-board Field Programmable Gate Array (FPGA). The demonstrations included device discrimination assessments using like-model ZigBee AVR RZUSBstick devices and included generating RF fingerprints in real-time, as an extension to AFIT\u27s RF-DNA fingerprinting work. The goal was to develop a fingerprinting process that was both 1) effective at discriminating between like-model ZigBee devices and 2) efficient for implementation in FPGA hardware. As designed and implemented, the full-dimensional FPGA fingerprint generator only utilized approximately 7% of the X310 Kintex-7 FPGA resources. The full-dimensional fingerprinting performance of using only 7% of FPGA resources demonstrates the feasibility for real-time RF-DNA fingerprint generation and like-model ZigBee device discrimination using an SDR platform

The impact of Rayleigh fading channel effects on the RF-DNA fingerprinting process

The Internet of Things (IoT) consists of many electronic and electromechanical devices connected to the Internet. It is estimated that the number of connected IoT devices will be between 20 and 50 billion by the year 2020. The need for mechanisms to secure IoT networks will increase dramatically as 70% of the edge devices have no encryption. Previous research has proposed RF-DNA fingerprinting to provide wireless network access security through the exploitation of PHY layer features. RF-DNA fingerprinting takes advantage of unique and distinct characteristics that unintentionally occur within a given radio’s transmit chain during waveform generation. In this work, the application of RF-DNA fingerprinting is extended by developing a Nelder-Mead-based algorithm that estimates the coefficients of an indoor Rayleigh fading channel. The performance of the Nelder-Mead estimator is compared to the Least Square estimator and is assessed with degrading signal-to-noise ratio. The Rayleigh channel coefficients set estimated by the Nelder-Mead estimator is used to remove the multipath channel effects from the radio signal. The resulting channel-compensated signal is the region where the RF-DNA fingerprints are generated and classified. For a signal-to-noise ratio greater than 21 decibels, an average percent correct classification of more than 95% was achieved in a two-reflector channel

PLC Hardware Discrimination using RF-DNA fingerprinting

Programmable Logic Controllers are used to control and monitor automated process in many Supervisory Control and Data Acquisition (SCADA) critical applications. As with virtually all electronic devices, PLCs contain Integrated Circuits (IC) that are often manufactured overseas. ICs that have been unknowingly altered (counterfeited, manufactured with hardware Trojans, etc.) pose a significant security vulnerability. To mitigate this risk, the RF-Distinct Native Attribute (RF-DNA) fingerprinting process is applied to PLC hardware devices to augment bit-level security. RF-DNA fingerprints are generated using two independent signal collection platforms. Two different classifiers are applied for device classification. A verification process is implemented for analysis of Authorized Device Identification and Rogue Device Rejection. Fingerprint feature dimensional reduction is evaluated both Qualitatively and Quantitatively to enhance experimental-to-operational transition potential. The findings of this research are that the higher quality signal collection platform had a classification performance gain of approximately 10dB SNR. Performance of the classifiers varied between signal collection platforms, and also with the application of fingerprint dimensional reduction. The lower quality signal collection platform saw a maximum gain of 5dB SNR using reduced dimensional feature sets compared against the full dimensional feature set

A Comparison of RF-DNA Fingerprinting Using High/Low Value Receivers with ZigBee Devices

The ZigBee specification provides a niche capability, extending the IEEE 802.15.4 standard to provide a wireless mesh network solution. ZigBee-based devices require minimal power and provide a relatively long-distance, inexpensive, and secure means of networking. The technology is heavily utilized, providing energy management, ICS automation, and remote monitoring of Critical Infrastructure (CI) operations; it also supports application in military and civilian health care sectors. ZigBee networks lack security below the Network layer of the OSI model, leaving them vulnerable to open-source hacking tools that allow malicous attacks such as MAC spoofing or Denial of Service (DOS). A method known as RF-DNA Fingerprinting provides an additional level of security at the Physical (PHY) level, where the transmitted waveform of a device is examined, rather than its bit-level credentials which can be easily manipulated. RF-DNA fingerprinting allows a unique human-like signature for a device to be obtained and a subsequent decision made whether to grant access or deny entry to a secure network. Two NI receivers were used here to simultaneously collect RF emissions from six Atmel AT86RF230 transceivers. The time-domain response of each device was used to extract features and generate unique RF-DNA fingerprints. These fingeprints were used to perform Device Classification using two discrimination processes known as MDA/ML and GRLVQI. Each process (classifier) was used to examine both the Full-Dimensional (FD) and reduced dimensional feature-sets for the high-value PXIe and low-value USRP receivers. The reduced feature-sets were determined using DRA for both quantitative and qualitative subsets. Additionally, each classifier performed Device Classification using a hybrid interleaved set of fingerprints from both receivers

Using RF-DNA Fingerprints to Discriminate ZigBee Devices in an Operational Environment

This research was performed to expand AFIT\u27s Radio Frequency Distinct Native Attribute (RF-DNA) fingerprinting process to support IEEE 802.15.4 ZigBee communication network applications. Current ZigBee bit-level security measures include use of network keys and MAC lists which can be subverted through interception and spoofing using open-source hacking tools. This work addresses device discrimination using Physical (PHY) waveform alternatives to augment existing bit-level security mechanisms. ZigBee network vulnerability to outsider threats was assessed using Receiver Operating Characteristic (ROC) curves to characterize both Authorized Device ID Verification performance (granting network access to authorized users presenting true bit-level credentials) and Rogue Device Rejection performance (denying network access to unauthorized rogue devices presenting false bit-level credentials). Radio Frequency Distinct Native Attribute (RF-DNA) features are extracted from time-domain waveform responses of 2.4 GHz CC2420 ZigBee transceivers to enable humanlike device discrimination. The fingerprints were constructed using a hybrid pool of emissions collected under a range of conditions, including anechoic chamber and an indoor office environment where dynamic multi-path and signal degradation factors were present. The RF-DNA fingerprints were input to a Multiple Discriminant Analysis, Maximum Likelihood (MDA/ML) discrimination process and a 1 vs. many Looks most like? classification assessment made. The hybrid MDA model was also used for 1 vs. 1 Looks how much like? verification assessment. ZigBee Device Classification performance was assessed using both full and reduced dimensional fingerprint sets. Reduced dimensional subsets were selected using Dimensional Reduction Analysis (DRA) by rank ordering 1) pre-classification KS-Test p-values and 2) post-classification GRLVQI feature relevance values. Assessment of Zigbee device ID verification capability

Exploratory study to explore the role of ICT in the process of knowledge management in an Indian business environment

In the 21st century and the emergence of a digital economy, knowledge and the knowledge base economy are rapidly growing. To effectively be able to understand the processes involved in the creating, managing and sharing of knowledge management in the business environment is critical to the success of an organization. This study builds on the previous research of the authors on the enablers of knowledge management by identifying the relationship between the enablers of knowledge management and the role played by information communication technologies (ICT) and ICT infrastructure in a business setting. This paper provides the findings of a survey collected from the four major Indian cities (Chennai, Coimbatore, Madurai and Villupuram) regarding their views and opinions about the enablers of knowledge management in business setting. A total of 80 organizations participated in the study with 100 participants in each city. The results show that ICT and ICT infrastructure can play a critical role in the creating, managing and sharing of knowledge in an Indian business environment

Radio Identity Verification-based IoT Security Using RF-DNA Fingerprints and SVM

It is estimated that the number of Internet of Things (IoT) devices will reach 75 billion in the next five years. Most of those currently and soon-to-be deployed devices lack sufficient security to protect themselves and their networks from attacks by malicious IoT devices masquerading as authorized devices in order to circumvent digital authentication approaches. This work presents a Physical (PHY) layer IoT authentication approach capable of addressing this critical security need through the use of feature-reduced, Radio Frequency-Distinct Native Attributes (RF-DNA) fingerprints and Support Vector Machines (SVM). This work successfully demonstrates (i) authorized Identity (ID) verification across three trials of six randomly chosen radios at signal-to-noise ratios greater than or equal to 6 dB and (ii) rejection of all rogue radio ID spoofing attacks at signal-to-noise ratios greater than or equal to 3 dB using RF-DNA fingerprints whose features are selected using the Relief-F algorithm