An Overview of Radio Frequency Fingerprinting for Low-End Devices

An Overview of Radio Frequency Fingerprinting for Low-End Devices

Saeed Ur Rehman (Unitec Institute of Technology, Auckland, New Zealand), Shafiq Alam (The University of Auckland, Auckland, New Zealand) and Iman T. Ardekani (Unitec Institute of Technology, Auckland, New Zealand)
DOI: 10.4018/IJMCMC.2014070101


RF fingerprinting is proposed as a means of providing an additional layer of security for wireless devices. A masquerading or impersonation attacks can be prevented by establishing the identity of wireless transmitter using unique transmitter RF fingerprint. Unique RF fingerprints are attributable to the analog components (digital-to-analog converters, band-pass filters, frequency mixers and power amplifiers) present in the RF front ends of transmitters. Most of the previous researches have reported promising results with an accuracy of up to 99% using high-end receivers (e.g. Giga-sampling rate oscilloscopes, spectrum and vector signal analysers) to validate the proposed techniques. However, practical implementation of RF fingerprinting would require validation with low-end (low-cost) devices that also suffers from impairments due to the presence of analog components in the front end of its receiver. This articles provides the analysis and implementation of RF fingerprinting using low-cost receivers and challenges associated with it.
Article Preview


The inventor of wireless communication, Guglielmo Marconi demonstrated the communication of telegraphic messages in the late nineteen-century. Since then, the world has seen an explosive growth in the field of wireless communication. Particularly in the last ten years, several new wireless technologies have been invented to expand the growing application of wireless communications. In the coming days, wireless modules will be embedded in various objects, such as home appliances, transport, clothes, gadgets, toys, food carts, roads, bridge, farms, buildings, animals and people.

The continued proliferation of inexpensive wireless Radio Frequency (RF) devices provides worldwide communication connectivity to virtually every individual. These wireless devices broadcast information to intended recipients in the form of an electromagnetic emission. However, the electromagnetic emission may be remotely monitored, recorded, intercepted or analyzed by unintended recipients owing to the broadcasting nature of the wireless medium. Generally, the communicators are unaware of this activity, and moreover, the intentions of unintended recipients vary. The unintended recipient may simply listen to the communication activity and remain passive – an activity that is difficult to detect– or may become active and compromise the identity of the wireless device by launching “spoofing” or “man in the middle” type attacks (Meyer &Wetzel, 2004). For example, the software within a wireless device allows the Medium Access Control (MAC) address of a network interface card to be modified and thus it is vulnerable to a spoofing attack (Faria & Cheriton, 2006). Similarly, the Erasable Programmable Read Only Memory (EPROM) of a cellular phone carries the phone’s Electronic Serial Number (ESN) and Mobile Identification Number (MIN), which can be changed by replacing the EPROM, hence allowing the identity of the phone to be changed (Nguyen, et al., 2011). Compromising the identity of wireless devices makes them vulnerable to a variety of attacks, which can take the form of impersonation, intrusion, theft of bandwidth and denial of service.

To increase network security and mitigate identity theft attacks, much of the research is focused on traditional bit-level algorithmic. In conventional wireless networks, security issues are primarily considered above the physical layer and are usually based on cryptographic methods, where the cryptographic algorithms are mainly used for establishing the identity of a legitimate wireless device. A two-way communication is required to establish a session key in the cryptography. However, the security algorithm would be compromised upon access to the key, thus making it difficult to distinguish a legitimate key/device and cloned key/device (Mathur, et al., 2010). Additionally, higher-layer security key distribution and management may be difficult to implement and may be vulnerable to attacks in some environments, such as ad-hoc or relay networks, in which transceivers may join or leave randomly (Debbah, 2008; Kauffmann, et al., 2007). Furthermore, some recent wireless technologies do not allow an interactive communication for establishing a cryptography key due to its unique architecture. One such example is Cognitive Radio Network (CRN), which is invented in order to increase the efficient utilization of the spectrum. However, if a Primary User Emulation (PUE) attack is launched then the whole operation of CRN is jeopardize by effectively limiting the access of legitimate users to idle spectrum (Chen, et al., 2008).

More recently consideration has been given to detecting and mitigating spoofing near or at the bottom of the Open Systems Interconnection (OSI) network stack. One such work includes the addition of a “lightweight security layer” hosted within the Medium Access Control (MAC) layer to detect spoofing and anomalous traffic (Li &Trappe, 2007). Other recent efforts have focused on Physical (PHY) layer implementations with a goal of exploiting RF characteristics (radio and environmental) that are difficult to mimic, thus minimizing the opportunity for spoofing. Hence, identity theft can be effectively tackled using physical layer security. Physical layer security based on the extraction of unique feature from the analog signal is called RF fingerprinting.

Complete Article List

Search this Journal:
Open Access Articles: Forthcoming
Volume 11: 4 Issues (2020): Forthcoming, Available for Pre-Order
Volume 10: 4 Issues (2019): 2 Released, 2 Forthcoming
Volume 9: 4 Issues (2018)
Volume 8: 4 Issues (2017)
Volume 7: 4 Issues (2016)
Volume 6: 4 Issues (2014)
Volume 5: 4 Issues (2013)
Volume 4: 4 Issues (2012)
Volume 3: 4 Issues (2011)
Volume 2: 4 Issues (2010)
Volume 1: 4 Issues (2009)
View Complete Journal Contents Listing