Hiding Secrets in the CSI Quotient: A Robust Wi-Fi CSI Steganography System

Physical layer (PHY) steganography conceals secrets by making subtle modifications to transmitted radio waveforms, which can be applied to establish covert communication systems. Given the widespread deployment of Wi-Fi infrastructures, hiding secrets within Wi-Fi transmissions exhibits significant covertness and has attracted increasing research attention. Recent advances in Wi-Fi steganography have focused on embedding secrets within channel state information (CSI) by applying artificial finite impulse response (FIR) filters to outgoing signals. These methods can emulate natural wireless propagation effects, thereby evading detection by eavesdroppers. However, existing CSI-based approaches suffer from two critical limitations: vulnerability to environmental variations and limited steganographic capacity. This work presents a Wi-Fi steganography system that mitigates these constraints. Specifically, we introduce a CSI division mechanism to decouple artificial CSI components from natural wireless channel responses. In essence, secrets are embedded within the quotient of two consecutive CSI measurements. Furthermore, we propose an encoder-decoder neural network framework that automatically learns optimal strategies for FIR filter generation and secret recovery, substantially enhancing steganographic capacity. We implemented a prototype using commercial off-the-shelf hardware, including a software-defined radio (SDR) transmitter and two receiver platforms: ANTSDR and ESP32. Experimental evaluations demonstrate that the system achieves robust performance under dynamic environmental conditions while significantly improving steganographic capacity.

A Robust Anti-noise Scheme for RF Fingerprint Identification

Radio frequency (RF) fingerprint technology is utilized for wireless device identification, extensively employed in the internet of things (IoT). The operating environment for IoT devices is challenging, with pervasive noise and distortion on the signals which blur the feature space of RF fingerprints. Consequently, the model accuracy obtained through training at high signal-to-noise ratio (SNR) scenarios decreases with the low SNR of the received signals in testing. To solve the noise domain adaptation problem, an anti-noise scheme is proposed to enhance identification accuracy of RF fingerprint at varying SNRs. The squared cross power spectral density (SCPSD) features are first proposed to obtain the same RF fingerprint representation. Subsequently, the specific effect of noise on SCPSD is theoretically derived and the rationality of the scheme is demonstrated through simulation experiments. Finally, 60 off-the-shelf ZigBee devices are employed to evaluate the performance of the anti-noise algorithm. The experimental results show that employing the random subspace k-nearest neighbors (RSKNN) classifier not only effectively classifies devices with multi-cluster feature, but combined with the anti-noise scheme can significantly improve the accuracy by approximately 46% for SNRs not less than 5 dB.

Towards Robust RF Fingerprint Identification Using Spectral Regrowth and Carrier Frequency Offset

Radio frequency fingerprint identification (RFFI) is a promising device authentication approach by exploiting the unique hardware impairments as device identifiers. Because the hardware features are extracted from the received waveform, they are twisted with the channel propagation effect. Hence, channel elimination is critical for a robust RFFI system. In this paper, we designed a channel-robust RFFI scheme for IEEE 802.11 devices based on spectral regrowth and proposed a carrier frequency offset (CFO)-assisted collaborative identification mechanism. In particular, the spectral regrowth was utilized as a channel-resilient RFF representation which is rooted in the power amplifier nonlinearity. While CFO is time-varying and cannot be used alone as a reliable feature, we used CFO as an auxiliary feature to adjust the deep learning-based inference. Finally, a collaborative identification was adopted to leverage the diversity in a multi-antenna receiver. Extensive experimental evaluations were performed in practical environments using 10 IEEE 802.11 devices and a universal software radio peripheral (USRP) X310 receiver with 4 antennas. The results demonstrated the effectiveness of the proposed method against diverse channel conditions and CFO drift, where an average classification accuracy of 92.76% was achieved against channel variations and a 5-month time span, significantly outperforming existing methods.

Radio Frequency Fingerprint Identification for LoRa Using Spectrogram and CNN

Radio frequency fingerprint identification (RFFI) is an emerging device authentication technique that relies on intrinsic hardware characteristics of wireless devices. We designed an RFFI scheme for Long Range (LoRa) systems based on spectrogram and convolutional neural network (CNN). Specifically, we used spectrogram to represent the fine-grained time-frequency characteristics of LoRa signals. In addition, we revealed that the instantaneous carrier frequency offset (CFO) is drifting, which will result in misclassification and significantly compromise the system stability; we demonstrated CFO compensation is an effective mitigation. Finally, we designed a hybrid classifier that can adjust CNN outputs with the estimated CFO. The mean value of CFO remains relatively stable, hence it can be used to rule out CNN predictions whose estimated CFO falls out of the range. We performed experiments in real wireless environments using 20 LoRa devices under test (DUTs) and a Universal Software Radio Peripheral (USRP) N210 receiver. By comparing with the IQ-based and FFT-based RFFI schemes, our spectrogram-based scheme can reach the best classification accuracy, i.e., 97.61% for 20 LoRa DUTs.