Intrusion Detection System for IoT: Analysis of PSD Robustness

Abstract

The security of internet of things (IoT) devices remains a major concern. These devices are very vulnerable because of some of their particularities (limited in both their memory and computing power, and available energy) that make it impossible to implement traditional security mechanisms. Consequently, researchers are looking for new security mechanisms adapted to these devices and the networks of which they are part. One of the most promising new approaches is fingerprinting, which aims to identify a given device by associating it with a unique signature built from its unique intrinsic characteristics, i.e., inherent imperfections, introduced by the manufacturing processes of its hardware. However, according to state-of-the-art studies, the main challenge that fingerprinting faces is the nonrelevance of the fingerprinting features extracted from hardware imperfections. Since these hardware imperfections can reflect on the RF signal for a wireless communicating device, in this study, we aim to investigate whether or not the power spectral density (PSD) of a device's RF signal could be a relevant feature for its fingerprinting, knowing that a relevant fingerprinting feature should remain stable regardless of the environmental conditions, over time and under influence of any other parameters. Through experiments, we were able to identify limits and possibilities of power spectral density (PSD) as a fingerprinting feature.

Keywords: device fingerprinting; device identification; internet of things (IoT); power spectral density (PSD); relevant fingerprinting feature.

Figure 1

Comparison of different PSDs before and after the normalization. Parameter $d$ is frequency-dependent and is given by$d=\left|PS{D}_1^{*}\left(f\right)-PS{D}_2^{*}\left(f\right)\right|$, where * denotes the normalized amplitude. In this figure,$d$ is shown at $f=2.4255 \mathrm{GHz}$ as an example.

Figure 2

The BLE devices used in our experiments. These devices were designed in the context of the same project; they are different versions of the same product whose hardware and software architectures have evolved over time. Thus, v1 (the board at the left end) refers to the first ever version; v2 (the two boards in the middle) and v3 (the two boards at the right end) refer to the second and third versions, respectively.

Figure 3

Experimental setup in the anechoic chamber. The BLE device emits the signal at 2 m from the RSA306B. The latter is equipped with a BLE antenna and driven by the Tektronix SignalVu-PC software. This way, we can capture the BLE signal in real time and record it as IQ samples on the PC in order to be used later in the script for estimating the power spectral density using Welch’s average periodogram method.

Figure 4

Experiment schematic.

Figure 5

Profile of the power consumption of the BLE device during advertising, i.e., the broadcast of the advertising packet on each of the three primary advertising channels, one after another. Each peak corresponds to the advertising on a channel.

Figure 6

Twenty PSDs of a same BLE device in a static experimental setting. The region between the red lines is the band B where the PSDs are compared; we chose B = 2 MHz, which is the channel bandwidth of the BLE. So, we ignored the background noise to have a more relevant analysis.

Figure 7

(a) PSDs of anechoic chamber experiment (b) PSDs of open-space experiment.

Figure 8

PSDs of the same BLE device but measured with two different identifiers.

Figure 9

(a) PSDs of four different BLE devices using the same identifier (the one of dev48) and, thus, always transmitting exactly the same data. Graph (a) plots are an overlapping of graph (b) four groups of plots.

Figure 10

PSDs of dev48 (green plots) and devCA (brown plots) devices using the same identifier (the one of dev48) and, thus, always transmitting exactly the same data.