Intrusion Detection for IoT Devices based on RF Fingerprinting using Deep Learning

Abstract

Internet of Things (IoT) and 4G/5G wireless networks have added huge number of devices and new services, where commercial-of-the-shelf (COTS) IoT devices have been deployed extensively. To ensure secure operations of these systems with wireless transmission capabilities, Radio Frequency (RF) surveillance is important to monitor their activities in RF spectrum and detect unauthorized IoT devices. Specifically, in order to prevent an adversary from impersonating legitimate users using identical devices from the same manufacturer, unique “signatures” must be obtained for every individual device in order to uniquely identify each device. In this study, a novel intrusion detection method is proposed to detect unauthorized IoT devices using deep learning. The proposed method is based on RF fingerprinting since physical layer based features are device specific and more difficult to impersonate. RF traces are collected from six “identical” ZigBee devices via a USRP based test bed. The traces span a range of Signal-to-Noise Ratio, to ensure robustness of the model. A convolutional neural network is used to extract features from the RF traces, and dimension reduction and de-correlation are performed on the extracted features. The reduced features are then clustered to identify IoT devices. We show that the proposed method is able to identify devices that are not observed during training. The results not only highlight the benefit of deep learning based feature extraction, but also show promising prospects for being able to distinguish new devices (classes) that are not observed during training.