Device authentication for 5G terminals via Radio Frequency fingerprints

Ping Dong; Namin Hou; Yuting Tang; Yushi Cheng; Xiaoyu Ji

doi:10.1016/j.hcc.2024.100222

High-Confidence Computing ›› 2024, Vol. 4 ›› Issue (4) :100222 DOI: 10.1016/j.hcc.2024.100222

Research Articles

research-article

Device authentication for 5G terminals via Radio Frequency fingerprints

Author information +

History +

PDF (1313KB)

Abstract

The development of wireless communication network technology has provided people with diversified and convenient services. However, with the expansion of network scale and the increase in the number of devices, malicious attacks on wireless communication are becoming increasingly prevalent, causing significant losses. Currently, wireless communication systems authenticate identities through certain data identifiers. However, this software-based data information can be forged or replicated. This article proposes the authentication of device identity using the hardware fingerprint of the terminal’s Radio Frequency (RF) components, which possesses properties of being genuine, unique, and stable, holding significant implications for wireless communication security. Through the collection and processing of raw data, extraction of various features including time-domain and frequency-domain features, and utilizing machine learning algorithms for training and constructing a legal fingerprint database, it is possible to achieve close to a 97% recognition accuracy for Fifth Generation (5G) terminals of the same model. This provides an additional and robust hardware-based security layer for 5G communication security, enhancing monitoring capability and reliability.

Keywords

Radio Frequency fingerprint / 5G terminal authentication / Wireless security / Mobile communication networks

Cite this article

Download citation ▾

Ping Dong, Namin Hou, Yuting Tang, Yushi Cheng, Xiaoyu Ji. Device authentication for 5G terminals via Radio Frequency fingerprints. High-Confidence Computing, 2024, 4(4): 100222 DOI:10.1016/j.hcc.2024.100222

登录浏览全文

4963

注册一个新账户忘记密码

Declaration of competing interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgments

This paper is supported by the National Natural Science Foundation of China (62271280, 62222114, 61925109, and 62071428).

References

Publishing order | Descend order by publishing year | Descend order by cited within

[1]	D.M. Barnes,The introduction of cellular radio in the United Kingdom, in: 35th IEEE Vehicular Technology Conference, vol. 35, IEEE, 1985, pp. 147-152.

[2]	G. Miao, J. Zander, K.W. Sung, S.B. Slimane, Fundamentals of Mobile Data Networks, Cambridge University Press, 2016.

[3]	S. Segan,3G vs. 4G: What’s the difference? PC Mag. PC PCMag (2015).

[4]	M. Faulkner, Long term evolution (LTE): A technical overview, Motorola (2010) 5-13, Retrieved.

[5]

3GPP, Evolved Universal Terrestrial Radio Access (E-UTRA); Radio Resource Control (RRC); Protocol specification, Technical Specification (TS) 36.331, 3rd Generation Partnership Project ( 3GPP), 2017, URL https://portal.3gpp.org/desktopmodules/Specifications/SpecificationDetails.aspx?specificationId=2440, Version 14.2.2.

[6]	J. Brock, Jr., General Accounting Office Washington DC Washington DC United States, Information Security: Computer Attacks at Department of Defense Pose Increasing Risks, Technical Report, 1996.

[7]	A. Kulshrestha, S.K. Dubey, A literature reviewon sniffing attacks in computernetwork, Int. J. Adv. Eng. Res. Sci. ( IJAERS) 1 (2) (2014).

[8]	M. Jakobsson, S. Myers, Phishing and Countermeasures: Understanding the Increasing Problem of Electronic Identity Theft, John Wiley & Sons, 2006.

[9]	K. Rekouche, Early phishing, 2011, arXiv preprint arXiv:1106.4692.

[10]	R. Alabdan, Phishing attacks survey: Types, vectors, and technical approaches, Future Internet 12 (10) (2020) 168.

[11]	G.N. Nayak, S.G. Samaddar,Different flavours of man-in-the-middle attack, consequences and feasible solutions, in: 2010 3rd International Conference on Computer Science and Information Technology, vol. 5, IEEE, 2010, pp. 491-495.

[12]	S.M. Bellovin, M. Merritt, Encrypted key exchange: Password-based protocols secure against dictionary attacks, 1992.

[13]	R. Demillo, M. Merritt, Protocols for data security, Computer 16 (02) (1983) 39-51.

[14]	D. Rupprecht, K. Kohls, T. Holz, C. Pöpper,Breaking LTE on layer two, in: 2019 IEEE Symposium on Security and Privacy, SP, IEEE, 2019, pp. 1121-1136.

[15]	G. Intelligence, Understanding SIM evolution, 2015, White paper, GSM Association.

[16]

J. Liu, Y. Yu, F.-X. Standaert, Z. Guo, D. Gu, W. Sun, Y. Ge, X. Xie, Small tweaks do not help:Differential power analysis of milenage implementations in 3G/4G USIM cards, in: Computer Security-ESORICS 2015: 20th European Symposium on Research in Computer Security, Vienna, Austria, September 21-25, 2015, Proceedings, Part I 20, Springer, 2015, pp. 468-480.

[17]	B. Alecu, SMS fuzzing-SIM toolkit attack, DEF CON 21 (2013).

[18]	A. Merlo, M. Migliardi, N. Gobbo, F. Palmieri, A. Castiglione, A denial of service attack to UMTS networks using SIM-less devices, IEEE Trans. Dependable Secure Comput. 11 (3) (2014) 280-291.

[19]	J. Singh, R. Ruhl, D. Lindskog,GSM OTA SIM cloning attack and cloning resistance in EAP-SIM and USIM, in: 2013 International Conference on Social Computing, IEEE, 2013, pp. 1005-1010.

[20]	P. Eckersley, How unique is your web browser? in:Privacy Enhancing Technologies: 10th International Symposium, PETS 2010, Berlin, Germany, July 21-23, 2010. Proceedings 10, Springer, 2010, pp. 1-18.

[21]	S. Bratus, C. Cornelius, D. Kotz, D. Peebles, Active behavioral fingerprinting of wireless devices, in:Proceedings of the First ACM Conference on Wireless Network Security, 2008, pp. 56-61.

[22]	V. Brik, S. Banerjee, M. Gruteser, S. Oh, Wireless device identification with radiometric signatures, in:Proceedings of the 14th ACM International Conference on Mobile Computing and Networking, 2008, pp. 116-127.

[23]	F. Chen, Q. Yan, C. Shahriar, C. Lu, W. Lou, T.C. Clancy, On passive wireless device fingerprinting using infinite hidden markov random field, 2017, submitted for publication.

[24]	L.C.C. Desmond, C.C. Yuan, T.C. Pheng, R.S. Lee, Identifying unique devices through wireless fingerprinting, in:Proceedings of the First ACM Conference on Wireless Network Security, 2008, pp. 46-55.

[25]	J. Franklin, D. McCoy, P. Tabriz, V. Neagoe, J.V. Randwyk, D. Sicker,Passive data link layer 802.11 wireless device driver fingerprinting., in: USENIX Security Symposium, vol. 3, (2006) 2006, pp. 16-89.

[26]	K. Gao, C. Corbett, R. Beyah,A passive approach to wireless device fingerprinting, in: 2010 IEEE/IFIP International Conference on Dependable Systems & Networks, DSN, IEEE, 2010, pp. 383-392.

[27]	J. Hall, M. Barbeau, E. Kranakis, et al., Enhancing intrusion detection in wireless networks using radio frequency fingerprinting., Commun., Internet, Inf. Technol. 1 (2004).

[28]	N.T. Nguyen, G. Zheng, Z. Han, R. Zheng,Device fingerprinting to enhance wireless security using nonparametric Bayesian method, in: 2011 Proceedings IEEE INFOCOM, IEEE, 2011, pp. 1404-1412.

[29]	P. Scanlon, I.O. Kennedy, Y. Liu, Feature extraction approaches to RF fingerprinting for device identification in femtocells, Bell Labs Tech. J. 15 (3) (2010) 141-151.

[30]	J. Mitola, Software radios: Survey, critical evaluation and future directions, IEEE Aerosp. Electron. Syst. Mag. 8 (4) (1993) 25-36.

[31]	M. Dillinger, K. Madani, N. Alonistioti, Software Defined Radio: Architectures, Systems and Functions, John Wiley & Sons, 2005.

[32]	J. Hemanth, V.E. Balas, Biologically Rationalized Computing Techniques For Image Processing Applications, Springer, 2018.

[33]	P. Eckersley, How unique is your web browser? in:Privacy Enhancing Technologies: 10th International Symposium, PETS 2010, Berlin, Germany, July 21-23, 2010. Proceedings 10, Springer, 2010, pp. 1-18.

[34]	S. Mazumdar, V. Dhulipala, Biometric security using finger print recognition, Univ. California, San Diego 3 (2008).

[35]	F. Alaca, P.C. Van Oorschot, Device fingerprinting for augmenting web authentication: classification and analysis of methods,in:Proceedings of the 32nd Annual Conference on Computer Security Applications, 2016, pp. 289-301.

[36]	A. Vastel, P. Laperdrix, W. Rudametkin, R. Rouvoy,Fp-stalker: Tracking browser fingerprint evolutions, in: 2018 IEEE Symposium on Security and Privacy, SP, IEEE, 2018, pp. 728-741.

[37]	A. Sjösten, D. Hedin, A. Sabelfeld,Essentialfp: Exposing the essence of browser fingerprinting, in: 2021 IEEE European Symposium on Security and Privacy Workshops, ( EuroS&PW), IEEE, 2021, pp. 32-48.

[38]	M.A. Ferrag, L. Maglaras, A. Argyriou, D. Kosmanos, H. Janicke,Security for 4G and 5G cellular networks: A survey of existing authentication and privacy-preserving schemes, J. Netw. Comput. Appl. 101 (2018) 55-82.

[39]	S. Gao, J. Ma, W. Shi, G. Zhan, C. Sun, TrPF: A trajectory privacy-preserving framework for participatory sensing, IEEE Trans. Inf. Forensics Secur. 8 (6) (2013) 874-887.

[40]	J. Cao, H. Li, M. Ma, Y. Zhang, C. Lai, A simple and robust handover authentication between HeNB and eNB in lte networks, Comput. Netw. 56 (8) (2012) 2119-2131.

[41]	J. Cao, M. Ma, H. Li,Unified handover authentication between heterogeneous access systems in LTE networks, in: 2012 IEEE Global Communications Conference, GLOBECOM, IEEE, 2012, pp. 5308-5313.

[42]	J. Cao, H. Li, M. Ma,GAHAP: A group-based anonymity handover authentication protocol for MTC in LTE-A networks, in: 2015 IEEE International Conference on Communications, ICC, IEEE, 2015, pp. 3020-3025.

[43]	C.K. Dimitriadis, D. Polemi,An identity management protocol for internet applications over 3G mobile networks, Comput. Secur. 25 (1) (2006) 45-51.

[44]	G.C. Madueño, J.J. Nielsen, D.M. Kim, N.K. Pratas, Č. Stefanović, P. Popovski, Assessment of LTE wireless access for monitoring of energy distribution in the smart grid, IEEE J. Sel. Areas Commun. 34 (3) (2016) 675-688.

[45]	S. Gisdakis, V. Manolopoulos, S. Tao, A. Rusu, P. Papadimitratos, Secure and privacy-preserving smartphone-based traffic information systems, IEEE Trans. Intell. Transp. Syst. 16 (3) (2014) 1428-1438.

[46]	V. Manolopoulos, P. Papadimitratos, S. Tao, A. Rusu,Securing smartphone based ITS, in: 2011 11th International Conference on ITS Telecommunications, IEEE, 2011, pp. 201-206.

[47]	I. Terzis, G. Kambourakis, G. Karopoulos, C. Lambrinoudakis,Privacy preserving context transfer schemes for 4G networks, Wirel. Commun. Mob. Comput. 11 (2) (2011) 289-302.

[48]	J. Loughney, M. Nakhjiri, C. Perkins, R. Koodli, Context Transfer Protocol (CXTP), Technical Report, 2005.

[49]	C. Neuman, T. Yu, S. Hartman, K. Raeburn,The Kerberos Network Authentication Service (V5), Technical Report, 2005.

[50]	F. Pereniguez, R. Marin-Lopez, G. Kambourakis, S. Gritzalis, A. Gomez, PrivaKERB: A user privacy framework for kerberos, Comput. Secur. 30 (6-7) (2011) 446-463.

[51]	M.H. Eiza, Q. Ni, Q. Shi,Secure and privacy-aware cloud-assisted video reporting service in 5G-enabled vehicular networks, IEEE Trans. Veh. Technol. 65 (10) (2016) 7868-7881.

[52]	C.-I. Fan, Y.-H. Lin, Provably secure remote truly three-factor authentication scheme with privacy protection on biometrics, IEEE Trans. Inf. Forensics Secur. 4 (4) (2009) 933-945.

[53]	J. Lee, S. Ryu, K. Yoo, Fingerprint-based remote user authentication scheme using smart cards, Electron. Lett. 38 (12) (2002) 1.

[54]	C.-H. Lin, Y.-Y. Lai, A flexible biometrics remote user authentication scheme, Comput. Stand. Interfaces 27 (1) (2004) 19-23.

[55]	F. Wen, X. Li, An improved dynamic ID-based remote user authentication with key agreement scheme, Comput. Electr. Eng. 38 (2) (2012) 381-387.

[56]	S.A. Chaudhry, M.S. Farash, H. Naqvi, S. Kumari, M.K. Khan, An enhanced privacy preserving remote user authentication scheme with provable security, Secur. Commun. Netw. 8 (18) (2015) 3782-3795.