Randomized Moving Target Approach for MAC-Layer Spoofing Detection and Prevention in IoT Systems

MAC-layer spoofing, also known as identity spoofing, is recognized as a serious problem in many practical wireless systems. IoT systems are particularly vulnerable to this type of attack as IoT devices (due to their various limitations) are often incapable of deploying advanced MAC-layer spoofing prevention and detection techniques, such as cryptographic authentication. Signal-level device fingerprinting is an approach to identity spoofing detection that is highly suitable for sensor-based IoT networks but can be also utilized in many other types of wireless systems. Previous research works on signal-level device fingerprinting have been based on rather simplistic assumptions about both the adversary’s behavior and the operation of the defense system. The goal of our work was to examine the effectiveness of a novel system that combines signal-level device fingerprinting with the principles of Randomized Moving Target Defense (RMTD) when dealing with a very advanced adversary. The obtained results show that our RMTD-enhanced signal-level device fingerprinting technique exhibits far superior defense performance over the non-RMTD techniques previously discussed in the literature and, as such, could be of great value for practical wireless systems subjected to identity spoofing attacks. We have also introduced a novel proof-of-concept adaptive parameter tuning approach for system practitioners with the ability to encode their risk profile and compute the most efficient hyper-parameters of our proposed defense system.