CSI-based WIFI Device Identification Solution

Yiming Li

doi:10.54097/06xu0k9d

Authors

Yiming Li

DOI:

https://doi.org/10.54097/06xu0k9d

Keywords:

Relative Phase Error, CSI, RAP

Abstract

In recent years, wireless devices such as WIFI routers have become increasingly common in various fields. Rogue access point (RAP) is one of the threats that has persisted in wireless LAN (WLAN) for many years and can cause varying degrees of property damage and privacy leaks. In response to these threats, we propose a new security mechanism, called Rdi, which uses environment-independent features extracted from channel state information (CSI) as fingerprints for device identification. We found that the phase errors between multiple antennas on a single MIMO-OFDM (Multiple Input Multiple Output-Orthogonal Frequency Division Multiplexing) transmitter are not the same. This phase offset is due to the I/Q imbalance and imperfect oscillator of each WiFi network card, and it will not change with factors such as environment and time. Therefore, we inferred and verified that there must be some relationship between the phase errors of multiple groups of antennas, that is, the relative phase error (RPE). In addition, RPE will also vary with different WiFi devices. Compared with some similar fingerprint detection methods in the past, the use of specific connections between group phase errors between antennas can better reveal the different attributes between devices, thereby enhancing the uniqueness of features. Therefore, we believe that RPE can be used as an effective fingerprint to detect RAP attacks. We conduct a large number of experimental demonstrations on this, and innovatively built a multi-modal convolutional neural network (CNN) model to perform efficient classification work for our solution. Experiments on 22 WiFi devices and various scenarios show that the detection rate of Rdi can reach more than 98% in both dynamic and static device states.

Downloads

Download data is not yet available.

References

S. Jana and S. K. Kasera, “On fast and accurate detection of unauthorized wireless access points using clock skews.” in Proc. of the 14th ACM international conference on Mobile computing and networking (MobiCom’08), 2008, pp. 104–115.

K. Gao, C. Corbett, and R. Beyah, “A passive approach to wireless device fingerprinting,” in 2010 IEEE/IFIP International Conference on Dependable Systems Networks (DSN), June 2010, pp. 383–392.

C. L. Corbett, R. A. Beyah, and J. A. Copeland, “Passive classification of wireless nics during active scanning,” International Journal of Information Security, vol. 7, no. 5, pp. 335–348, Oct 2008.

J. Hua, H. Sun, Z. Shen, Z. Qian, and S. Zhong, “Accurate and efficient wireless device fingerprinting using channel state information,” in IEEEINFOCOM 2018 - IEEE Conference on Computer Communications, April 2018, pp. 1–9.

Boyao Y u∗†, Chao Yang∗†, and Jianfeng Ma∗ “Continuous Authentication for the Internet of Things Using Channel State Information”.

Pengfei Liu, Panlong Yang, Wen-Zhan Song, Y ubo Yan, Xiang-Yang Li “Real-time Identification of Rogue WiFi Connections Using Environment-Independent Physical Features”.

K. Gao, C. Corbett, and R. Beyah, “A passive approach to wireless device fingerprinting,” in 2010 IEEE/IFIP International Conference on Dependable Systems & Networks (DSN). IEEE, 2010, pp. 383–392.

V . Brik, S. Banerjee, M. Gruteser, and S. Oh, “Wireless device identification with radiometric signatures,” in Proc. of the 14th ACM international conference on Mobile computing and networking (MobiCom’08), 2008, pp. 116–127.

Z. Jiang, J. Zhao, X. Y . Li, J. Han, and W. Xi, “Rejecting the attack: Source authentication for wi-fi management frames using csi information,” in 2013 Proceedings IEEE INFOCOM, April 2013, pp.2544–2552.

Z. Li, W. Xu, R. Miller, and W. Trappe, “Securing wireless systems via lower layer enforcements,” in Proceedings of the 5th ACM Workshop on Wireless Security, ser. WiSe ’06. New Y ork, NY , USA: ACM, 2006, pp. 33–42. [Online]. Available: http://doi.acm.org/10.1145/1161289.1161297

M. Young, The Techincal Writers Handbook. Mill Valley, CA: University Science, 1989.

J. U. Duncombe, “Infrared navigation—Part I: An assessment of feasibility (Periodical style),” IEEE Trans. Electron Devices, vol. ED-11, pp. 34–39, Jan. 1959.

S. Chen, B. Mulgrew, and P. M. Grant, “A clustering technique for digital communications channel equalization using radial basis function networks,” IEEE Trans. Neural Networks, vol. 4, pp. 570–578, Jul. 1993.

R. W. Lucky, “Automatic equalization for digital communication,” Bell Syst. Tech. J., vol. 44, no. 4, pp. 547–588, Apr. 1965.

S. P. Bingulac, “On the compatibility of adaptive controllers (Published Conference Proceedings style),” in Proc. 4th Annu. Allerton Conf. Circuits and Systems Theory, New York, 1994, pp. 8–16.

G. R. Faulhaber, “Design of service systems with priority reservation,” in Conf. Rec. 1995 IEEE Int. Conf. Communications, pp. 3–8.

J. G. Kreifeldt, “An analysis of surface-detected EMG as an amplitude-modulated noise,” presented at the 1989 Int. Conf. Medicine and Biological Engineering, Chicago, IL.

J. Williams, “Narrow-band analyzer (Thesis or Dissertation style),” Ph.D. dissertation, Dept. Elect. Eng., Harvard Univ., Cambridge, MA, 1993.

N. Kawasaki, “Parametric study of thermal and chemical nonequilibrium nozzle flow,” M.S. thesis, Dept. Electron. Eng., O.