Physical Layer Defenses Against Primary User Emulation Attacks

Cognitive Radio (CR) is a promising technology that works by detecting unused parts of the spectrum and automatically reconfiguring the communication system\u27s parameters in order to operate in the available communication channels while minimizing interference. CR enables efficient use of the Radio Frequency (RF) spectrum by generating waveforms that can coexist with existing users in licensed spectrum bands. Spectrum sensing is one of the most important components of CR systems because it provides awareness of its operating environment, as well as detecting the presence of primary (licensed) users of the spectrum

Learning Robust Radio Frequency Fingerprints Using Deep Convolutional Neural Networks

Radio Frequency Fingerprinting (RFF) techniques, which attribute uniquely identifiable signal distortions to emitters via Machine Learning (ML) classifiers, are limited by fingerprint variability under different operational conditions. First, this work studied the effect of frequency channel for typical RFF techniques. Performance characterization using the multi-class Matthews Correlation Coefficient (MCC) revealed that using frequency channels other than those used to train the models leads to deterioration in MCC to under 0.05 (random guess), indicating that single-channel models are inadequate for realistic operation. Second, this work presented a novel way of studying fingerprint variability through Fingerprint Extraction through Distortion Reconstruction (FEDR), a neural network-based approach for quantifying signal distortions in a relative distortion latent space. Coupled with a Dense network, FEDR fingerprints were evaluated against common RFF techniques for up to 100 unseen classes, where FEDR achieved best performance with MCC ranging from 0.945 (5 classes) to 0.746 (100 classes), using 73% fewer training parameters than the next-best technique

A Comparison of RF-DNA Fingerprinting Using High/Low Value Receivers with ZigBee Devices

The ZigBee specification provides a niche capability, extending the IEEE 802.15.4 standard to provide a wireless mesh network solution. ZigBee-based devices require minimal power and provide a relatively long-distance, inexpensive, and secure means of networking. The technology is heavily utilized, providing energy management, ICS automation, and remote monitoring of Critical Infrastructure (CI) operations; it also supports application in military and civilian health care sectors. ZigBee networks lack security below the Network layer of the OSI model, leaving them vulnerable to open-source hacking tools that allow malicous attacks such as MAC spoofing or Denial of Service (DOS). A method known as RF-DNA Fingerprinting provides an additional level of security at the Physical (PHY) level, where the transmitted waveform of a device is examined, rather than its bit-level credentials which can be easily manipulated. RF-DNA fingerprinting allows a unique human-like signature for a device to be obtained and a subsequent decision made whether to grant access or deny entry to a secure network. Two NI receivers were used here to simultaneously collect RF emissions from six Atmel AT86RF230 transceivers. The time-domain response of each device was used to extract features and generate unique RF-DNA fingerprints. These fingeprints were used to perform Device Classification using two discrimination processes known as MDA/ML and GRLVQI. Each process (classifier) was used to examine both the Full-Dimensional (FD) and reduced dimensional feature-sets for the high-value PXIe and low-value USRP receivers. The reduced feature-sets were determined using DRA for both quantitative and qualitative subsets. Additionally, each classifier performed Device Classification using a hybrid interleaved set of fingerprints from both receivers

Secure OFDM System Design for Wireless Communications

Wireless communications is widely employed in modern society and plays an increasingly important role in people\u27s daily life. The broadcast nature of radio propagation, however, causes wireless communications particularly vulnerable to malicious attacks, and leads to critical challenges in securing the wireless transmission. Motivated by the insufficiency of traditional approaches to secure wireless communications, physical layer security that is emerging as a complement to the traditional upper-layer security mechanisms is investigated in this dissertation. Five novel techniques toward the physical layer security of wireless communications are proposed. The first two techniques focus on the security risk assessment in wireless networks to enable a situation-awareness based transmission protection. The third and fourth techniques utilize wireless medium characteristics to enhance the built-in security of wireless communication systems, so as to prevent passive eavesdropping. The last technique provides an embedded confidential signaling link for secure transmitter-receiver interaction in OFDM systems

Using RF-DNA Fingerprints to Discriminate ZigBee Devices in an Operational Environment

This research was performed to expand AFIT\u27s Radio Frequency Distinct Native Attribute (RF-DNA) fingerprinting process to support IEEE 802.15.4 ZigBee communication network applications. Current ZigBee bit-level security measures include use of network keys and MAC lists which can be subverted through interception and spoofing using open-source hacking tools. This work addresses device discrimination using Physical (PHY) waveform alternatives to augment existing bit-level security mechanisms. ZigBee network vulnerability to outsider threats was assessed using Receiver Operating Characteristic (ROC) curves to characterize both Authorized Device ID Verification performance (granting network access to authorized users presenting true bit-level credentials) and Rogue Device Rejection performance (denying network access to unauthorized rogue devices presenting false bit-level credentials). Radio Frequency Distinct Native Attribute (RF-DNA) features are extracted from time-domain waveform responses of 2.4 GHz CC2420 ZigBee transceivers to enable humanlike device discrimination. The fingerprints were constructed using a hybrid pool of emissions collected under a range of conditions, including anechoic chamber and an indoor office environment where dynamic multi-path and signal degradation factors were present. The RF-DNA fingerprints were input to a Multiple Discriminant Analysis, Maximum Likelihood (MDA/ML) discrimination process and a 1 vs. many Looks most like? classification assessment made. The hybrid MDA model was also used for 1 vs. 1 Looks how much like? verification assessment. ZigBee Device Classification performance was assessed using both full and reduced dimensional fingerprint sets. Reduced dimensional subsets were selected using Dimensional Reduction Analysis (DRA) by rank ordering 1) pre-classification KS-Test p-values and 2) post-classification GRLVQI feature relevance values. Assessment of Zigbee device ID verification capability

Cyber-Physical Security with RF Fingerprint Classification through Distance Measure Extensions of Generalized Relevance Learning Vector Quantization

Radio frequency (RF) fingerprinting extracts fingerprint features from RF signals to protect against masquerade attacks by enabling reliable authentication of communication devices at the “serial number” level. Facilitating the reliable authentication of communication devices are machine learning (ML) algorithms which find meaningful statistical differences between measured data. The Generalized Relevance Learning Vector Quantization-Improved (GRLVQI) classifier is one ML algorithm which has shown efficacy for RF fingerprinting device discrimination. GRLVQI extends the Learning Vector Quantization (LVQ) family of “winner take all” classifiers that develop prototype vectors (PVs) which represent data. In LVQ algorithms, distances are computed between exemplars and PVs, and PVs are iteratively moved to accurately represent the data. GRLVQI extends LVQ with a sigmoidal cost function, relevance learning, and PV update logic improvements. However, both LVQ and GRLVQI are limited due to a reliance on squared Euclidean distance measures and a seemingly complex algorithm structure if changes are made to the underlying distance measure. Herein, the authors (1) develop GRLVQI-D (distance), an extension of GRLVQI to consider alternative distance measures and (2) present the Cosine GRLVQI classifier using this framework. To evaluate this framework, the authors consider experimentally collected Z -wave RF signals and develop RF fingerprints to identify devices. Z -wave devices are low-cost, low-power communication technologies seen increasingly in critical infrastructure. Both classification and verification, claimed identity, and performance comparisons are made with the new Cosine GRLVQI algorithm. The results show more robust performance when using the Cosine GRLVQI algorithm when compared with four algorithms in the literature. Additionally, the methodology used to create Cosine GRLVQI is generalizable to alternative measures