基于信道指纹的无线设备身份异常检测技术研究

信息安全研究 ›› 2021, Vol. 7 ›› Issue (9): 849-855.

基于信道指纹的无线设备身份异常检测技术研究

陈冰1,2,3,4 宋宇波1,3,4 施麟1,5 朱珍超1,3,4 郑天宇1,3,4 陈宏远1,3,4 吴天琦1,3,4

1 (东南大学网络空间安全学院南京 211189)
2 (东南大学信息科学与工程学院南京 211189)
3 (江苏省计算机网络技术重点实验室南京 210096)
4 (紫金山实验室南京 211111)
5 (江苏省财政厅信息管理中心南京 210024)

出版日期:2021-09-13 发布日期:2021-09-13
通讯作者: 陈冰
作者简介:陈冰本科生.主要研究方向为通信网络安全． chenbing9961@163.com 宋宇波博士，副教授.主要研究方向为通信网络安全、网络安全协议设计、用户隐私保护． songyubo@seu.edu.cn 施麟博士，高级工程师.主要研究方向为人工智能、信息安全、大数据分析． shiling717@nuaa.edu.cn 朱珍超博士，副教授.主要研究方向为密码学、网络安全． zhuzc@seu.edu.cn 郑天宇硕士研究生.主要研究方向为通信网络安全． egoistzty@gmail.com 陈宏远硕士研究生.主要研究方向为通信网络安全． 220205242@seu.edu.cn 吴天琦硕士研究生.主要研究方向为通信网络安全. 220205042@seu.edu.cn

Research on Channel Fingerprinting-Based Wireless Device Identity Anomaly Detection Technology

Online:2021-09-13 Published:2021-09-13

摘要/Abstract

摘要： 随着无线技术的快速发展以及无线通信基础设施的广泛覆盖，无线网络已经成为人们日常生活中的必需品．但是，层出不穷的无线设备假冒攻击使得无线网络的安全性受到极大的挑战．加密系统是抵抗假冒攻击的传统方案，但是其对于无线网络安全性的提升建立在系统生产成本和计算复杂度的增加上，同时破解技术的不断升级也对其安全性带来了威胁．本文提出了一个非加密型的无线设备身份异常检测系统．该系统使用细粒度的信道状态信息生成指纹，这种指纹携带设备的物理属性因此难以被伪造．该系统利用信道指纹构建本地设备校验文件，并借助局部离群因子算法结合校验文件来验证设备的身份．考虑到信道指纹的位置敏感性，我们提供了一种安全的校验文件更新方法，该方法能够避免对位置改变的合法设备产生误判，同时能够检测出试图干扰校验文件更新的假冒者．实验表明，本系统具有较高的异常检测准确率，在无线网络安全中具有良好的应用前景．

关键词: 无线安全, 无线设备身份异常检测, 信道指纹, 信道状态信息, 局部离群因子

Abstract: With the rapid development of wireless technology and the broad coverage of wireless communication infrastructure, wireless network has become a necessity in people's daily life．However, the endless impersonation attacks have greatly challenged the security of wireless network．Encryption system is a traditional solution to resist these attacks, but its improvement of security is based on the increase of system production cost and computational complexity．At the same time, the continuous upgrade of cracking techniques also poses a threat to its security． This paper proposes a non-cryptographic wireless device identity anomaly detection system．The system uses fine-grained channel state information (CSI) to generate channel fingerprinting．Such fingerprinting represents the physical properties of device and is therefore difficult to forge．The system uses fingerprinting to construct local device calibration files, and uses the local outlier factor (LOF) to verify devices’ identity．Considering the location sensitivity of channel fingerprinting, we provide a secure calibration file update method, which can avoid misjudgment of legal devices whose location has changed, and can also detect impostors who try to interfere with the update．Experiments showed that our system has a high accuracy rate of anomaly detection, which has a good application prospect in wireless network security．

Key words: wireless security, wireless device identity anomaly detection, channel fingerprinting, channel state information, local outlier factor

陈冰, 宋宇波, 施麟, 朱珍超, 郑天宇, 陈宏远, 吴天琦, . 基于信道指纹的无线设备身份异常检测技术研究[J]. 信息安全研究, 2021, 7(9): 849-855.

参考文献

[1] Kavianpour A, Anderson M．An overview of wireless network security [C] //Proc of the 4th IEEE Int Conf on Cyber Security and Cloud Computing (CSCloud)．Piscataway, NJ: IEEE, 2017: 306-309
[2] Moualeu J, Hamouda W, Takawira F．Intercept probability analysis of wireless networks in the presence of eavesdropping attack with co-channel interference [J]．IEEE Access, 2018, 6(1): 41490-41503
[3] Wang Xiaohui, Li Na, Li Meng, et al．A physical layer spoofing attack in spatial modulation [C] //Proc of the 2019 IEEE Globecom Workshops．Piscataway, NJ: IEEE, 2019: 1-5
[4] Aldaghri N, Mahdavifar H. Physical layer secret key generation in static environments [J]．IEEE Trans on Information Forensics and Security, 2020, 15(1): 2692-2705
[5] 宋宇波，胡爱群，姚冰心．802.11i认证协议可验安全性形式化分析 [J] ．中国工程科学，2010，12(1)：67-73
[6] Chatterjee U, Sadhukhan R, Mukhopadhyay D, et al．Stupify: A hardware countermeasure of kracks in WPA2 using physically unclonable functions [C] //Proc of the Web Conf 2020 (WWW’20)．New York: ACM, 2020: 217–221
[7] Song Yubo, Gao Shang, Hu Aiqun, et al．Novel attacks in OSPF networks to poison routing table [C] //Proc of the 2017 IEEE Int Conf on Communications (ICC)．Piscataway, NJ: IEEE, 2017: 1-6
[8] 郑瑞环，潘亚雄，胡勇．基于无线设备指纹的伪AP检测技术研究[J]．信息安全研究，2020，6(5)：441-447
[9] 冯鑫，胡勇．在智能家居环境下基于CSI的伪AP检测研究[J] ．信息安全研究，2018，4(02)：163-169
[10] Wan Xiaoyue, Xiao Liang, Li Qiangda, et al．FHY-layer authentication with multiple landmarks with reduced communication overhead [C] //Proc of the 2017 IEEE Int Conf on Communications (ICC)．Piscataway, NJ: IEEE, 2017: 1-6
[11] Mahmood A, Aman W, Iqbal M, et al．Channel impulse response-based distributed physical layer authentication [C] //Proc of the 85th IEEE Vehicular Technology Conf (VTC)．Piscataway, NJ: IEEE, 2017: 1-5
[12] Yi C, Wen H, Song H, et al．Lightweight one-time password authentication scheme based on radio-frequency fingerprinting [J]．IET Communications, 2018, 12(12): 1477-1484
[13] Rahman M, Yasmeen A, Gross J．PHY layer authentication via drifting oscillators [C] //Proc of the IEEE Global Communications Conf (GLOBECOM)．Piscataway, NJ: IEEE, 2014: 716-721
[14] Liao Runfa, Wen Hong, Pan Fei, et al．A novel physical layer authentication method with convolutional neural network [C] //Proc of the IEEE Int Conf on Artificial Intelligence and Computer Applications (ICAICA)．Piscataway, NJ: IEEE, 2019: 231–235
[15] Shi Cong, Liu Jian, Liu Hongbo, et al．Smart user authentication through actuation of daily activities leveraging WiFi-enabled IoT [C] //Proc of the 18th ACM Int Symp on Mobile Ad Hoc Networking and Computing (Mobihoc’17)．New York: ACM, 2017: 1–10