ISSN 1000-1239 CN 11-1777/TP

计算机研究与发展 ›› 2021, Vol. 58 ›› Issue (11): 2374-2399.doi: 10.7544/issn1000-1239.2021.20210676

所属专题: 2021密码学与网络空间安全治理专题

• 信息安全 • 上一篇    下一篇

基于混合特征指纹的无线设备身份识别方法

宋宇波1,2,3,陈冰1,2,3,4,郑天宇1,2,3,陈宏远1,2,3,陈立全1,2,3,胡爱群3,4   

  1. 1(东南大学网络空间安全学院 南京 211189);2(江苏省计算机网络技术重点实验室(东南大学) 南京 210096);3(紫金山实验室 南京 211111);4(东南大学信息科学与工程学院 南京 211189) (songyubo@seu.edu.cn)
  • 出版日期: 2021-11-01
  • 基金资助: 
    国家重点研发计划项目(2020YFE0200600)

Hybrid Feature Fingerprint-Based Wireless Device Identification

Song Yubo1,2,3, Chen Bing1,2,3,4, Zheng Tianyu1,2,3, Chen Hongyuan1,2,3, Chen Liquan1,2,3, Hu Aiqun3,4   

  1. 1(School of Cyber Science and Engineering, Southeast University, Nanjing 211189);2(Key Laboratory of Computer Network Technology of Jiangsu Province (Southeast University), Nanjing 210096);3(Purple Mountain Laboratories, Nanjing 211111);4(School of Information Science and Engineering, Southeast University, Nanjing 211189)
  • Online: 2021-11-01
  • Supported by: 
    This work was supported by the National Key Research and Development Program of China (2020YFE0200600).

摘要: 无线网络利用开放性的无线信道传输数据,因此容易遭受设备假冒攻击和通信数据伪造攻击,而防范此类攻击需要精准的设备识别.基于信道状态信息(channel state information, CSI)指纹的设备识别技术利用无线信道特征来识别设备.由于CSI提供细粒度的信道特征,并且可以从OFDM无线设备中轻松获取,因此该技术受到广泛的关注.但是反映无线信道特征的CSI指纹会随着终端的位置和所处环境的改变而改变,并且现有技术通常将机器学习用于指纹匹配以追求高识别准确率,随之而来的高计算复杂度使其无法在计算能力有限的嵌入式设备中实现.针对上述问题,提出了一种基于混合特征指纹的设备身份识别方法,包含终端接入时和通信时的设备识别.在接入时,引入了与终端外界因素无关的数据包到达时间间隔分布(packet arrival interval distribution, PAID)指纹进行识别,以弥补CSI指纹的缺陷;在通信时,借助CSI可以逐包获取的特点,从每个报文中提取CSI指纹并进行实时识别.同时,提出了一种计算复杂度较低的指纹匹配方案,以保证在计算能力有限的设备中也能快速且准确地识别终端.在树莓派上实现了设备识别原型系统并开展了实验,实验表明:该系统在接入时和通信时的识别准确率最高可达98.17%和98.7%,通信时单个数据包的识别时间仅需0.142ms.

关键词: 无线网络安全, 无线设备身份识别, 混合特征指纹, 信道状态信息, 自动编码器

Abstract: Wireless networks transmit data over open wireless channels, so they are vulnerable to impersonation attacks and information forgery attacks. To prevent such attacks, accurate device identification is required. The device identification technology based on channel state information (CSI) fingerprinting uses the wireless channel characteristics of device for identification. Since CSI can provide fine-grained channel characteristics and can be easily obtained from OFDM wireless devices, this technology has received wide attention. However, since CSI fingerprints identify the wireless channel characteristics of device, they change with the location or the environment of device. What’s more, the existing technologies usually use machine learning for fingerprint matching for increasing identification accuracy, but the computational complexity of fingerprint matching increases, which in turn cannot be implemented in embedded devices with limited computational ability. To address these problems, this paper proposes a hybrid feature fingerprint-based device identification scheme, which includes the identification in access stage and communication stage. Packet arrival interval distribution (PAID) fingerprint, which is independent of device’s location, is introduced for identification in access stage to compensate for the shortcomings of the CSI fingerprint. In communication stage, CSI fingerprints are extracted from each data packet and identified in real time with the feature that CSI can be acquired packet by packet. In addition, this paper proposes a fingerprint matching scheme with low computational complexity to ensure fast and accurate device identification even in devices with limited computational ability. We implement the identification system on Raspberry Pi and perform some experiments, which show that the identification accuracy is up to 98.17% and 98.7% in access stage and communication stage, and the identification time of a single packet in communication stage is only 0.142ms.

Key words: wireless network security, wireless device identification, hybrid feature fingerprint, channel state information (CSI), autoencoder

中图分类号: