Feature Selection for RF Fingerprinting With Multiple Discriminant Analysis and Using ZigBee Device Emissions

“…Device hardware ID and operating state discrimination for CI security applications has been reliably demonstrated using Physical (PHY) layer security enhancement [4], [9], [15]. As discussed in [16], PHY layer security involves either 1) adding physically traceable objects to devices [17] or 2) Radio Frequency Distinct Native Attribute (RF-DNA) fingerprinting based on PHY device emissions which overcome limitations of encryption key-based measures [18]. RF-DNA differs from typical WPAN defense and security strategies that target higher bitlevel network layers [19], i.e., the Network (NWK) and Media Access Control (MAC) layers [20].…”

An Optimization Framework for Generalized Relevance Learning Vector Quantization with Application to Z-Wave Device Fingerprinting

“…Device hardware ID and operating state discrimination for CI security applications has been reliably demonstrated using Physical (PHY) layer security enhancement [4], [9], [15]. As discussed in [16], PHY layer security involves either 1) adding physically traceable objects to devices [17] or 2) Radio Frequency Distinct Native Attribute (RF-DNA) fingerprinting based on PHY device emissions which overcome limitations of encryption key-based measures [18]. RF-DNA differs from typical WPAN defense and security strategies that target higher bitlevel network layers [19], i.e., the Network (NWK) and Media Access Control (MAC) layers [20].…”

An Optimization Framework for Generalized Relevance Learning Vector Quantization with Application to Z-Wave Device Fingerprinting

“…Lukacs et al used multiple discriminant analysis (MDL) in order to reduce the dimensionality of RF-DNA fingerprints before applying them into a maximum likelihood (ML) classifier to identify known radio transmitters used in radar systems [24]. Similarly, Bihl et al showed that MDL can help in identifying most important features from RF-DNA fingerprints [26]. However, the evaluations performed by Stone et al on microcontroller based IoT devices indicates that further study is necessary to conclude the most reliable format to represent unintentional EM signals [27].…”

Leveraging Electromagnetic Side-Channel Analysis for the Investigation of IoT Devices

“…Consistent with [13], both a gain measure and an area under the classification curve approach can be used. Here, gain is defined as the reduction in required SNR, expressed in dB, for two methods to achieve the same %C, generally an arbitrary performance benchmark of %C = 90% accuracy [13] [47]. However, gain only considers one part of the %C vs. SNR curve; the Relative Accuracy Percentage (RAP) was introduced in [13] to provide for classifier assessment over the entire curve by 1) computing the Area Under Classification Curve (AUCC) values for each method via a trapezoidal approximation, and 2) computing the RAP of a given method's AUCC relative to the baseline AUCCBase method.…”

“…Verification performance is evaluated using Receiver Operating Characteristic (ROC) curves at a specified SNR, typically at the lowest SNR a %C = 90% accuracy threshold is reached [13]. In operation, and as described in [47], [46], verification involves: 1) anunknown device claiming bit level credentials (e.g., MAC address) which matching a specific authorized device, 2) extracting RF fingerprint features from the unknown device, and 3) comparing current RF fingerprints against the model for the claimed authorized device having the claimed identity. For authorized devices, ROC curves are plotted as True Verification Rate (TVR) versus False Reject Rate (FRR).…”

Multivariate Stochastic Approximation to Tune Neural Network Hyperparameters for Criticial Infrastructure Communication Device Identification