The Day-After-Tomorrow: On the Performance of Radio Fingerprinting over Time

The performance of Radio Frequency (RF) Fingerprinting (RFF) techniques is negatively impacted when the training data is not temporally close to the testing data. This can limit the practical implementation of physical-layer authentication solutions. To circumvent this problem, current solutions involve collecting training and testing datasets at close time intervals - this being detrimental to the real-life deployment of any physical-layer authentication solution. We refer to this issue as the Day-After-Tomorrow (DAT) effect, being widely attributed to the temporal variability of the wireless channel, which masks the physical-layer features of the transmitter, thus impairing the fingerprinting process. In this work, we investigate the DAT effect shedding light on its root causes. Our results refute previous knowledge by demonstrating that the DAT effect is not solely caused by the variability of the wireless channel. Instead, we prove that it is also due to the power cycling of the radios, i.e., the turning off and on of the radios between the collection of training and testing data. We show that state-of-the-art RFF solutions double their performance when the devices under test are not power cycled, i.e., the accuracy increases from about 0.5 to about 1 in a controlled scenario. Finally, we show how to mitigate the DAT effect in real-world scenarios, through pre-processing of the I-Q samples. Our experimental results show a significant improvement in accuracy, from approximately 0.45 to 0.85. Additionally, we reduce the variance of the results, making the overall performance more reliable.</p

Jamming Detection in Low-BER Mobile Indoor Scenarios via Deep Learning

The current state of the art on jamming detection relies on link-layer metrics. A few examples are the bit-error-rate (BER), the packet delivery ratio, the throughput, and the increase in the signal-to-noise ratio (SNR). As a result, these techniques can only detect jamming \emph{ex-post}, i.e., once the attack has already taken down the communication link. These solutions are unfit for mobile devices, e.g., drones, which might lose the connection to the remote controller, being unable to predict the attack. Our solution is rooted in the idea that a drone unknowingly flying toward a jammed area is experiencing an increasing effect of the jamming, e.g., in terms of BER and SNR. Therefore, drones might use the above-mentioned phenomenon to detect jamming before the decrease of the BER and the increase of the SNR completely disrupt the communication link. Such an approach would allow drones and their pilots to make informed decisions and maintain complete control of navigation, enhancing security and safety. This paper proposes Bloodhound+, a solution for jamming detection on mobile devices in low-BER regimes. Our approach analyzes raw physical-layer information (I-Q samples) acquired from the wireless channel. We assemble this information into grayscale images and use sparse autoencoders to detect image anomalies caused by jamming attacks. To test our solution against a wide set of configurations, we acquired a large dataset of indoor measurements using multiple hardware, jamming strategies, and communication parameters. Our results indicate that Bloodhound+ can detect indoor jamming up to 20 meters from the jamming source at the minimum available relative jamming power, with a minimum accuracy of 99.7\%. Our solution is also robust to various sampling rates adopted by the jammer and to the type of signal used for jamming.Comment: 16 pages, 16 figures, 3 tables; Submitted and under revie

Your Culture is in Your Password: An Analysis of a Demographically-diverse Password Dataset

A large number of studies on passwords make use of passwords leaked by attackers who compromised online services. Frequently, these leaks contain only the passwords themselves, or basic information such as usernames or email addresses. While metadata-rich leaks exist, they are often limited in the variety of demographics they cover. In this work, we analyze a meta-data rich data leak from a Middle Eastern bank with a demographically-diverse user base. We provide an analysis of passwords created by groups of people of different cultural backgrounds, some of which are under-represented in existing data leaks, e.g., Arab, Filipino, Indian, and Pakistani. The contributions provided by this work are many-fold. First, our results contribute to the existing body of knowledge regarding how users include personal information in their passwords. Second, we illustrate the differences that exist in how users from different cultural/linguistic backgrounds create passwords. Finally, we study the (empirical and theoretical) guessability of the dataset based on two attacker models, and show that a state of the art password strength estimator inflates the strength of passwords created by users from non-English speaking backgrounds. We improve its estimations by training it with contextually relevant information