Exploring the Physical-layer Identification of GSM Devices

In this work, we study the physical-layer identification of GSM devices. For our exploration, we build an ad-hoc acquisition setup that collects GSM signals during voice calls. We collect signals from a population of 18 mobile devices and build fingerprints by considering both the transient and the data parts of the acquired signals. Our results show that devices of different models and manufacturers can be identified with high accuracy (0% identification error) by exploiting transient-based fingerprints. Same model and manufacturer devices could also be identified by using transient-based fingerprints: we find an identification error between 0 and 8% depending on the considered device set. We also find that the built transient-based fingerprints are sensitive to the device transmission power, but only partially to the device position with respect to our acquisition setup antenna. This possibly enables defensive (e.g., access control) applications. Although with less accuracy with respect to transient-based fingerprints, data-based fingerprints could also be used to identify same model and manufacturer devices. However, these seem to be sensitive to the device position.

[1]  Srdjan Capkun,et al.  Transient-based identification of wireless sensor nodes , 2009, 2009 International Conference on Information Processing in Sensor Networks.

[2]  Marco Gruteser,et al.  Wireless device identification with radiometric signatures , 2008, MobiCom '08.

[3]  W. Kinsner,et al.  Multifractal modelling of radio transmitter transients for classification , 1997, IEEE WESCANEX 97 Communications, Power and Computing. Conference Proceedings.

[4]  Chih-Ming Wang,et al.  Electromagnetic Measurements for Counterfeit Detection of Radio Frequency Identification Cards , 2009, IEEE Transactions on Microwave Theory and Techniques.

[5]  Jia Di,et al.  Ownership Transfer of RFID Tags based on Electronic Fingerprint , 2008, Security and Management.

[6]  Srdjan Capkun,et al.  Physical-layer identification of UHF RFID tags , 2010, MobiCom.

[7]  Michael A. Temple,et al.  Improving Intra-Cellular Security Using Air Monitoring with RF Fingerprints , 2010, 2010 IEEE Wireless Communication and Networking Conference.

[8]  Michael A. Temple,et al.  Augmenting Bit-Level Network Security Using Physical Layer RF-DNA Fingerprinting , 2010, 2010 IEEE Global Telecommunications Conference GLOBECOM 2010.

[9]  Jia Di,et al.  Fingerprinting RFID Tags , 2011, IEEE Transactions on Dependable and Secure Computing.

[10]  Dale R. Thompson,et al.  Fingerprinting Radio Frequency Identification Tags Using Timing Characteristics , 2009 .

[11]  Radford M. Neal Pattern Recognition and Machine Learning , 2007, Technometrics.

[12]  Sharath Pankanti,et al.  Guide to Biometrics , 2003, Springer Professional Computing.

[13]  Michael A. Temple,et al.  Improved wireless security for GMSK-based devices using RF fingerprinting , 2010, Int. J. Electron. Secur. Digit. Forensics.

[14]  Michel Barbeau,et al.  Enhancing intrusion detection in wireless networks using radio frequency fingerprinting , 2004, Communications, Internet, and Information Technology.

[15]  Chih-Ming Wang,et al.  Identifying RF Identification Cards From Measurements of Resonance and Carrier Harmonics , 2010, IEEE Transactions on Microwave Theory and Techniques.

[16]  Oktay Ureten,et al.  Wireless security through RF fingerprinting , 2007, Canadian Journal of Electrical and Computer Engineering.

[17]  Srdjan Capkun,et al.  Physical-layer Identification of RFID Devices , 2009, USENIX Security Symposium.

[18]  Srdjan Capkun,et al.  Implications of radio fingerprinting on the security of sensor networks , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[19]  Sneha Kumar Kasera,et al.  On Fast and Accurate Detection of Unauthorized Wireless Access Points Using Clock Skews , 2010, IEEE Transactions on Mobile Computing.

[20]  Srdjan Capkun,et al.  Physical-Layer Identification of Wireless Devices , 2011 .

[21]  M. W. Oliphant,et al.  An introduction to GSM , 1995 .

[22]  O. Ureten,et al.  Detection of radio transmitter turn-on transients , 1999 .

[23]  E. U. Warriach,et al.  ACM/IEEE Conference on Information Processing in Sensor Networks , 2013 .