Physical Layer-Based Device Fingerprinting for Wireless Security: From Theory to Practice

The identification of the devices from which a message is received is part of security mechanisms to ensure authentication in wireless communications. Conventional authentication approaches are cryptography-based, which, however, are usually computationally expensive and not adequate in the Internet of Things (IoT), where devices tend to be low-cost and with limited resources. This paper provides a comprehensive survey of physical layer-based device fingerprinting, which is an emerging device authentication for wireless security. In particular, this article focuses on hardware impairment-based identity authentication and channel features-based authentication. They are passive techniques that are readily applicable to legacy IoT devices. Their intrinsic hardware and channel features, algorithm design methodologies, application scenarios, and key research questions are extensively reviewed here. The remaining research challenges are discussed, and future work is suggested that can further enhance the physical layer-based device fingerprinting.

Protocol-agnostic and Data-free Backdoor Attacks on Pre-trained Models in RF Fingerprinting

While supervised deep neural networks (DNNs) have proven effective for device authentication via radio frequency (RF) fingerprinting, they are hindered by domain shift issues and the scarcity of labeled data. The success of large language models has led to increased interest in unsupervised pre-trained models (PTMs), which offer better generalization and do not require labeled datasets, potentially addressing the issues mentioned above. However, the inherent vulnerabilities of PTMs in RF fingerprinting remain insufficiently explored. In this paper, we thoroughly investigate data-free backdoor attacks on such PTMs in RF fingerprinting, focusing on a practical scenario where attackers lack access to downstream data, label information, and training processes. To realize the backdoor attack, we carefully design a set of triggers and predefined output representations (PORs) for the PTMs. By mapping triggers and PORs through backdoor training, we can implant backdoor behaviors into the PTMs, thereby introducing vulnerabilities across different downstream RF fingerprinting tasks without requiring prior knowledge. Extensive experiments demonstrate the wide applicability of our proposed attack to various input domains, protocols, and PTMs. Furthermore, we explore potential detection and defense methods, demonstrating the difficulty of fully safeguarding against our proposed backdoor attack.

Noise-Robust Radio Frequency Fingerprint Identification Using Denoise Diffusion Model

Securing Internet of Things (IoT) devices presents increasing challenges due to their limited computational and energy resources. Radio Frequency Fingerprint Identification (RFFI) emerges as a promising authentication technique to identify wireless devices through hardware impairments. RFFI performance under low signal-to-noise ratio (SNR) scenarios is significantly degraded because the minute hardware features can be easily swamped in noise. In this paper, we leveraged the diffusion model to effectively restore the RFF under low SNR scenarios. Specifically, we trained a powerful noise predictor and tailored a noise removal algorithm to effectively reduce the noise level in the received signal and restore the device fingerprints. We used Wi-Fi as a case study and created a testbed involving 6 commercial off-the-shelf Wi-Fi dongles and a USRP N210 software-defined radio (SDR) platform. We conducted experimental evaluations on various SNR scenarios. The experimental results show that the proposed algorithm can improve the classification accuracy by up to 34.9%.

Towards Robust RF Fingerprint Identification Using Spectral Regrowth and Carrier Frequency Offset

Radio frequency fingerprint identification (RFFI) is a promising device authentication approach by exploiting the unique hardware impairments as device identifiers. Because the hardware features are extracted from the received waveform, they are twisted with the channel propagation effect. Hence, channel elimination is critical for a robust RFFI system. In this paper, we designed a channel-robust RFFI scheme for IEEE 802.11 devices based on spectral regrowth and proposed a carrier frequency offset (CFO)-assisted collaborative identification mechanism. In particular, the spectral regrowth was utilized as a channel-resilient RFF representation which is rooted in the power amplifier nonlinearity. While CFO is time-varying and cannot be used alone as a reliable feature, we used CFO as an auxiliary feature to adjust the deep learning-based inference. Finally, a collaborative identification was adopted to leverage the diversity in a multi-antenna receiver. Extensive experimental evaluations were performed in practical environments using 10 IEEE 802.11 devices and a universal software radio peripheral (USRP) X310 receiver with 4 antennas. The results demonstrated the effectiveness of the proposed method against diverse channel conditions and CFO drift, where an average classification accuracy of 92.76% was achieved against channel variations and a 5-month time span, significantly outperforming existing methods.

Distributed pressure matching strategy using diffusion adaptation

Personal sound zone (PSZ) systems, which aim to create listening (bright) and silent (dark) zones in neighboring regions of space, are often based on time-varying acoustics. Conventional adaptive-based methods for handling PSZ tasks suffer from the collection and processing of acoustic transfer functions~(ATFs) between all the matching microphones and all the loudspeakers in a centralized manner, resulting in high calculation complexity and costly accuracy requirements. This paper presents a distributed pressure-matching (PM) method relying on diffusion adaptation (DPM-D) to spread the computational load amongst nodes in order to overcome these issues. The global PM problem is defined as a sum of local costs, and the diffusion adaption approach is then used to create a distributed solution that just needs local information exchanges. Simulations over multi-frequency bins and a computational complexity analysis are conducted to evaluate the properties of the algorithm and to compare it with centralized counterparts.

Adaptive Quantization for Key Generation in Low-Power Wide-Area Networks

Physical layer key generation based on reciprocal and random wireless channels has been an attractive solution for securing resource-constrained low-power wide-area networks (LPWANs). When quantizing channel measurements, namely received signal strength indicator (RSSI), into key bits, the existing works mainly adopt fixed quantization levels and guard band parameters, which fail to fully extract keys from RSSI measurements. In this paper, we propose a novel adaptive quantization scheme for key generation in LPWANs, taking LoRa as a case study. The proposed adaptive quantization scheme can dynamically adjust the quantization parameters according to the randomness of RSSI measurements estimated by Lempel-Ziv complexity (LZ76), while ensuring a predefined key disagreement ratio (KDR). Specifically, our scheme uses pre-trained linear regression models to determine the appropriate quantization level and guard band parameter for each segment of RSSI measurements. Moreover, we propose a guard band parameter calibration scheme during information reconciliation during real-time key generation operation. Experimental evaluations using LoRa devices show that the proposed adaptive quantization scheme outperforms the benchmark differential quantization and fixed quantization with up to 2.35$\times$ and 1.51$\times$ key generation rate (KGR) gains, respectively.

Secret Key Generation for IRS-Assisted Multi-Antenna Systems: A Machine Learning-Based Approach

Physical-layer key generation (PKG) based on wireless channels is a lightweight technique to establish secure keys between legitimate communication nodes. Recently, intelligent reflecting surfaces (IRSs) have been leveraged to enhance the performance of PKG in terms of secret key rate (SKR), as it can reconfigure the wireless propagation environment and introduce more channel randomness. In this paper, we investigate an IRS-assisted PKG system, taking into account the channel spatial correlation at both the base station (BS) and the IRS. Based on the considered system model, the closed-form expression of SKR is derived analytically considering correlated eavesdropping channels. Aiming to maximise the SKR, a joint design problem of the BS precoding matrix and the IRS phase shift vector is formulated. To address this high-dimensional non-convex optimisation problem, we propose a novel unsupervised deep neural network (DNN)-based algorithm with a simple structure. Different from most previous works that adopt iterative optimisation to solve the problem, the proposed DNN-based algorithm directly obtains the BS precoding and IRS phase shifts as the output of the DNN. Simulation results reveal that the proposed DNN-based algorithm outperforms the benchmark methods with regard to SKR.

Federated Radio Frequency Fingerprinting with Model Transfer and Adaptation

The Radio frequency (RF) fingerprinting technique makes highly secure device authentication possible for future networks by exploiting hardware imperfections introduced during manufacturing. Although this technique has received considerable attention over the past few years, RF fingerprinting still faces great challenges of channel-variation-induced data distribution drifts between the training phase and the test phase. To address this fundamental challenge and support model training and testing at the edge, we propose a federated RF fingerprinting algorithm with a novel strategy called model transfer and adaptation (MTA). The proposed algorithm introduces dense connectivity among convolutional layers into RF fingerprinting to enhance learning accuracy and reduce model complexity. Besides, we implement the proposed algorithm in the context of federated learning, making our algorithm communication efficient and privacy-preserved. To further conquer the data mismatch challenge, we transfer the learned model from one channel condition and adapt it to other channel conditions with only a limited amount of information, leading to highly accurate predictions under environmental drifts. Experimental results on real-world datasets demonstrate that the proposed algorithm is model-agnostic and also signal-irrelevant. Compared with state-of-the-art RF fingerprinting algorithms, our algorithm can improve prediction performance considerably with a performance gain of up to 15\%.

Machine Learning-Based Secret Key Generation for IRS-assisted Multi-antenna Systems

Physical-layer key generation (PKG) based on wireless channels is a lightweight technique to establish secure keys between legitimate communication nodes. Recently, intelligent reflecting surfaces (IRSs) have been leveraged to enhance the performance of PKG in terms of secret key rate (SKR), as it can reconfigure the wireless propagation environment and introduce more channel randomness. In this paper, we investigate an IRS-assisted PKG system, taking into account the channel spatial correlation at both the base station (BS) and the IRS. Based on the considered system model, the closed form expression of SKR is derived analytically. Aiming to maximize the SKR, a joint design problem of the BS precoding matrix and the IRS reflecting coefficient vector is formulated. To address this high-dimensional non-convex optimization problem, we propose a novel unsupervised deep neural network (DNN) based algorithm with a simple structure. Different from most previous works that adopt the iterative optimization to solve the problem, the proposed DNN based algorithm directly obtains the BS precoding and IRS phase shifts as the output of the DNN. Simulation results reveal that the proposed DNN-based algorithm outperforms the benchmark methods with regard to SKR.

Enabling Deep Learning-based Physical-layer Secret Key Generation for FDD-OFDM Systems in Multi-Environments

Deep learning-based physical-layer secret key generation (PKG) has been used to overcome the imperfect uplink/downlink channel reciprocity in frequency division duplexing (FDD) orthogonal frequency division multiplexing (OFDM) systems. However, existing efforts have focused on key generation for users in a specific environment where the training samples and test samples obey the same distribution, which is unrealistic for real world applications. This paper formulates the PKG problem in multiple environments as a learning-based problem by learning the knowledge such as data and models from known environments to generate keys quickly and efficiently in multiple new environments. Specifically, we propose deep transfer learning (DTL) and meta-learning-based channel feature mapping algorithms for key generation. The two algorithms use different training methods to pre-train the model in the known environments, and then quickly adapt and deploy the model to new environments. Simulation results show that compared with the methods without adaptation, the DTL and meta-learning algorithms both can improve the performance of generated keys. In addition, the complexity analysis shows that the meta-learning algorithm can achieve better performance than the DTL algorithm with less time, lower CPU and GPU resources.