Application of wavelet-based RF fingerprinting to enhance wireless network security

This work continues a trend of developments aimed at exploiting the physical layer of the open systems interconnection (OSI) model to enhance wireless network security. The goal is to augment activity occurring across other OSI layers and provide improved safeguards against unauthorized access. Relative to intrusion detection and anti-spoofing, this paper provides details for a proof-of-concept investigation involving “air monitor” applications where physical equipment constraints are not overly restrictive. In this case, RF fingerprinting is emerging as a viable security measure for providing device-specific identification (manufacturer, model, and/or serial number). RF fingerprint features can be extracted from various regions of collected bursts, the detection of which has been extensively researched. Given reliable burst detection, the near-term challenge is to find robust fingerprint features to improve device distinguishability. This is addressed here using wavelet domain (WD) RF fingerprinting based on dual-tree complex wavelet transform (DT-CWT) features extracted from the non-transient preamble response of OFDM-based 802.11a signals. Intra-manufacturer classification performance is evaluated using four like-model Cisco devices with dissimilar serial numbers. WD fingerprinting effectiveness is demonstrated using Fisher-based multiple discriminant analysis (MDA) with maximum likelihood (ML) classification. The effects of varying channel SNR, burst detection error and dissimilar SNRs for MDA/ML training and classification are considered. Relative to time domain (TD) RF fingerprinting, WD fingerprinting with DT-CWT features emerged as the superior alternative for all scenarios at SNRs below 20 dB while achieving performance gains of up to 8 dB at 80% classification accuracy.

[1]  O. Ureten,et al.  Bayesian detection of Wi-Fi transmitter RF fingerprints , 2005 .

[2]  Sergey Bratus,et al.  Active behavioral fingerprinting of wireless devices , 2008, WiSec '08.

[3]  Shigeo Abe DrEng Pattern Classification , 2001, Springer London.

[4]  David G. Stork,et al.  Pattern Classification , 1973 .

[5]  O. Ureten,et al.  Generalised dimension characterisation of radio transmitter turn-on transients , 2000 .

[6]  E. Merenyi,et al.  Relevance-based Feature Extraction from Hyperspectral Images in the Complex Wavelet Domain , 2006, 2006 IEEE Mountain Workshop on Adaptive and Learning Systems.

[7]  Richard Baraniuk,et al.  The Dual-tree Complex Wavelet Transform , 2007 .

[8]  Robert F. Mills,et al.  Using Spectral Fingerprints to Improve Wireless Network Security , 2008, IEEE GLOBECOM 2008 - 2008 IEEE Global Telecommunications Conference.

[9]  T. Kohno,et al.  Remote physical device fingerprinting , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[10]  Robert F. Mills,et al.  Radio frequency fingerprinting commercial communication devices to enhance electronic security , 2008, Int. J. Electron. Secur. Digit. Forensics.

[11]  Michael A. Temple,et al.  Sensitivity Analysis of Burst Detection and RF Fingerprinting Classification Performance , 2009, 2009 IEEE International Conference on Communications.

[12]  Yong Sheng,et al.  Detecting 802.11 MAC Layer Spoofing Using Received Signal Strength , 2008, IEEE INFOCOM 2008 - The 27th Conference on Computer Communications.

[13]  A. Prochazka,et al.  Wavelet transform use for signal classification by self-organizing neural networks , 1995 .

[14]  N. Serinken,et al.  Characteristics of radio transmitter fingerprints , 2001 .

[15]  O. H. Tekbas,et al.  Improvement of transmitter identification system for low SNR transients , 2004 .

[16]  O. H. Tekbas,et al.  An experimental performance evaluation of a novel radio-transmitter identification system under diverse environmental conditions , 2004, Canadian Journal of Electrical and Computer Engineering.

[17]  Ivan W. Selesnick,et al.  On the Dual-Tree Complex Wavelet Packet and $M$-Band Transforms , 2008, IEEE Transactions on Signal Processing.

[18]  R. Fisher THE USE OF MULTIPLE MEASUREMENTS IN TAXONOMIC PROBLEMS , 1936 .

[19]  M. Mendenhall,et al.  Relevance-Based Feature Extraction for Hyperspectral Images , 2008, IEEE Transactions on Neural Networks.

[20]  D. Hatzinakos,et al.  Bayesian frame synchronization for 802.11a WLANs: experimental results , 2005, Canadian Conference on Electrical and Computer Engineering, 2005..

[21]  Witold Kinsner,et al.  Transient analysis and genetic algorithms for classification , 1995, IEEE WESCANEX 95. Communications, Power, and Computing. Conference Proceedings.

[22]  Raymond R. Hill,et al.  Discrete-Event Simulation: A First Course , 2007, J. Simulation.

[23]  N. Serinken,et al.  DETECTION. CHARACTERIZATION AND CLASSIFICATION OF RADIO TRANSMITTER TURN-ON TRANSIENTS , 2002 .

[24]  O. Ureten,et al.  Detection of radio transmitter turn-on transients , 1999 .

[25]  Michel Barbeau,et al.  DETECTION OF TRANSIENT IN RADIO FREQUENCY FINGERPRINTING USING SIGNAL PHASE , 2003 .

[26]  Michael A. Temple,et al.  Application of wavelet denoising to improve OFDM-based signal detection and classification , 2010, Secur. Commun. Networks.

[27]  Srdjan Capkun,et al.  Implications of radio fingerprinting on the security of sensor networks , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[28]  Oktay Ureten,et al.  Wireless security through RF fingerprinting , 2007, Canadian Journal of Electrical and Computer Engineering.

[29]  Yong Wang,et al.  A vision from the future: beyond 3G TDD , 2005, IEEE Commun. Mag..

[30]  Damon McCoy,et al.  Passive Data Link Layer 802.11 Wireless Device Driver Fingerprinting , 2006, USENIX Security Symposium.

[31]  Srdjan Capkun,et al.  Transient-based identification of wireless sensor nodes , 2009, 2009 International Conference on Information Processing in Sensor Networks.

[32]  Dimitrios Hatzinakos,et al.  Bayesian frame synchronization using periodic preamble for OFDM-based WLANs , 2005, IEEE Signal Processing Letters.

[33]  Simon Haykin,et al.  Cognitive radio: brain-empowered wireless communications , 2005, IEEE Journal on Selected Areas in Communications.

[34]  Patricia H. Carter Transient detection using wavelets , 2008 .

[35]  Richard P. Martin,et al.  Detecting and Localizing Wireless Spoofing Attacks , 2007, 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks.

[36]  Oktay Üreten,et al.  Improved Coarse Timing For Burst Mode OFDM , 2007, IEEE GLOBECOM 2007 - IEEE Global Telecommunications Conference.

[37]  Jeyanthi Hall,et al.  Detection of rogue devices in wireless networks , 2006 .

[38]  Erzsébet Merényi,et al.  GENERALIZED RELEVANCE LEARNING VECTOR QUANTIZATION FOR CLASSIFICATION-DRIVEN FEATURE EXTRACTION FROM HYPERSPECTRAL DATA , 2006 .

[39]  William C. Y. Lee,et al.  CS-OFDMA: a new wireless CDD physical layer scheme , 2005, IEEE Communications Magazine.

[40]  W. Kinsner,et al.  Multifractal modelling of radio transmitter transients for classification , 1997, IEEE WESCANEX 97 Communications, Power and Computing. Conference Proceedings.