research-article

Open access

Fingerprinting IoT Devices Using Latent Physical Side-Channels

Authors:

Dominic Konrad,

Timothy Jacques,

Danijela Cabric,

Nader SehatbakhshAuthors Info & Claims

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies, Volume 7, Issue 2

Article No.: 54, Pages 1 - 26

https://doi.org/10.1145/3596247

Published: 12 June 2023 Publication History

Abstract

The proliferation of low-end low-power internet-of-things (IoT) devices in "smart" environments necessitates secure identification and authentication of these devices via low-overhead fingerprinting methods. Previous work typically utilizes characteristics of the device's wireless modulation (WiFi, BLE, etc.) in the spectrum, or more recently, electromagnetic emanations from the device's DRAM to perform fingerprinting. The problem is that many devices, especially low-end IoT/embedded systems, may not have transmitter modules, DRAM, or other complex components, therefore making fingerprinting infeasible or challenging. To address this concern, we utilize electromagnetic emanations derived from the processor's clock to fingerprint. We present Digitus, an emanations-based fingerprinting system that can authenticate IoT devices at range. The advantage of Digitus is that we can authenticate low-power IoT devices using features intrinsic to their normal operation without the need for additional transmitters and/or other complex components such as DRAM. Our experiments demonstrate that we achieve ≥ 95% accuracy on average, applicability in a wide range of IoT scenarios (range ≥ 5m, non-line-of-sight, etc.), as well as support for IoT applications such as finding hidden devices. Digitus represents a low-overhead solution for the authentication of low-end IoT devices.

Supplemental Material

ZIP File - feng

Supplemental movie, appendix, image and software files for, Fingerprinting IoT Devices Using Latent Physical Side-Channels

Download
46.52 KB

References

[1]

STM 32. [n. d.]. https://www.st.com/en/microcontrollers-microprocessors/stm32--32-bit-arm-cortex-mcus.html. Accessed: 2022--11.

[2]

Mosabbah Mushir Ahmed, David Hely, Etienne Perret, Nicolas Barbot, Romain Siragusa, Maxime Bernier, and Fredric Garet. 2018. Authentication of microcontroller board using non-invasive em emission technique. In 2018 IEEE 3rd International Verification and Security Workshop (IVSW). IEEE, 25--30.

[3]

Amani Al-Shawabka, Francesco Restuccia, Salvatore D'Oro, Tong Jian, Bruno Costa Rendon, Nasim Soltani, Jennifer Dy, Stratis Ioannidis, Kaushik Chowdhury, and Tommaso Melodia. 2020. Exposing the fingerprint: Dissecting the impact of the wireless channel on radio fingerprinting. In IEEE INFOCOM 2020-IEEE Conference on Computer Communications. IEEE, 646--655.

Digital Library

[4]

Indoor TV Antenna. [n. d.]. https://www.amazon.com/dp/B01FUB4ZG8?psc=1&ref=ppx_yo2ov_dt_b_product_details. Accessed: 2022--11.

[5]

Jerome Antoni. [n. d.]. https://www.mathworks.com/matlabcentral/fileexchange/48909-cyclic-spectral-analysis/. Accessed: 2022--11.

[6]

Mahzad Azarmehr, Ankit Mehta, and Rashid Rashidzadeh. 2017. Wireless device identification using oscillator control voltage as RF fingerprint. In 2017 IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE). IEEE, 1--4.

[7]

USPR B205mini-i. [n. d.]. https://www.ettus.com/all-products/usrp-b205mini-i/. Accessed: 2022--11.

[8]

Trevor J Bihl, Kenneth W Bauer, and Michael A Temple. 2016. Feature selection for RF fingerprinting with multiple discriminant analysis and using ZigBee device emissions. IEEE Transactions on Information Forensics and Security 11,8 (2016), 1862--1874.

Digital Library

[9]

Vladimir Brik, Suman Banerjee, Marco Gruteser, and Sangho Oh. 2008. Wireless device identification with radiometric signatures. In Proceedings of the 14th ACM international conference on Mobile computing and networking. 116--127.

Digital Library

[10]

Robert Callan, Alenka Zajić, and Milos Prvulovic. 2015. FASE: Finding amplitude-modulated side-channel emanations. In 2015 ACM/IEEE 42nd Annual International Symposium on Computer Architecture (ISCA). IEEE, 592--603.

Digital Library

[11]

Giovanni Camurati, Aurélien Francillon, and François-Xavier Standaert. [n. d.]. Understanding screaming channels: From a detailed analysis to improved attacks. IACR Transactions on Cryptographic Hardware and Embedded Systems ([n. d.]).

[12]

Anadi Chaman, Jiaming Wang, Jiachen Sun, Haitham Hassanieh, and Romit Roy Choudhury. 2018. Ghostbuster: Detecting the presence of hidden eavesdroppers. In Proceedings of the 24th Annual International Conference on Mobile Computing and Networking. 337--351.

Digital Library

[13]

Batyr Charyyev and Mehmet Hadi Gunes. 2020. Locality-sensitive iot network traffic fingerprinting for device identification. IEEE Internet of Things Journal 8, 3 (2020), 1272--1281.

[14]

Yushi Cheng, Xiaoyu Ji, Tianyang Lu, and Wenyuan Xu. 2018. Dewicam: Detecting hidden wireless cameras via smartphones. In Proceedings of the 2018 on Asia Conference on Computer and Communications Security. 1--13.

Digital Library

[15]

Yushi Cheng, Xiaoyu Ji, Juchuan Zhang, Wenyuan Xu, and Yi-Chao Chen. 2019. Demicpu: Device fingerprinting with magnetic signals radiated by cpu. In Proceedings of the 2019 ACM SIGSAC Conference on Computer and Communications Security. 1149--1170.

Digital Library

[16]

Shane S Clark, Benjamin Ransford, Amir Rahmati, Shane Guineau, Jacob Sorber, Wenyuan Xu, and Kevin Fu. 2013. {WattsUpDoc}: Power Side Channels to Nonintrusively Discover Untargeted Malware on Embedded Medical Devices. In 2013 USENIX Workshop on Health Information Technologies (HealthTech 13).

[17]

Great Scott Gadgets. [n.d.]. https://greatscottgadgets.com/hackrf/. Accessed: 2022--11.

[18]

Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer. 2015. Stealing keys from PCs using a radio: Cheap electromagnetic attacks on windowed exponentiation. In International workshop on cryptographic hardware and embedded systems. Springer, 207--228.

Digital Library

[19]

Yi Han, Sriharsha Etigowni, Hua Liu, Saman Zonouz, and Athina Petropulu. 2017. Watch me, but don't touch me! contactless control flow monitoring via electromagnetic emanations. In Proceedings of the 2017 ACM SIGSAC conference on computer and communications security. 1095--1108.

Digital Library

[20]

Samer Hanna, Chris Dick, and Danijela Cabric. 2021. Signal Processing-Based Deep Learning for Blind Symbol Decoding and Modulation Classification. IEEE Journal on Selected Areas in Communications 40, 1 (2021), 82--96.

Digital Library

[21]

Samer Hanna, Samurdhi Karunaratne, and Danijela Cabric. 2020. Open set wireless transmitter authorization: Deep learning approaches and dataset considerations. IEEE Transactions on Cognitive Communications and Networking 7, 1 (2020), 59--72.

[22]

Samer S Hanna and Danijela Cabric. 2019. Deep learning based transmitter identification using power amplifier nonlinearity. In 2019 International Conference on Computing, Networking and Communications (ICNC). IEEE, 674--680.

[23]

Omar Adel Ibrahim, Savio Sciancalepore, Gabriele Oligeri, and Roberto Di Pietro. 2020. MAGNETO: Fingerprinting USB Flash Drives via Unintentional Magnetic Emissions. ACM Transactions on Embedded Computing Systems (TECS) 20, 1 (2020), 1--26.

Digital Library

[24]

Tong Jian, Yifan Gong, Zheng Zhan, Runbin Shi, Nasim Soltani, Zifeng Wang, Jennifer Dy, Kaushik Chowdhury, Yanzhi Wang, and Stratis Ioannidis. 2021. Radio frequency fingerprinting on the edge. IEEE Transactions on Mobile Computing 21, 11 (2021), 4078--4093.

[25]

Tong Jian, Bruno Costa Rendon, Emmanuel Ojuba, Nasim Soltani, Zifeng Wang, Kunal Sankhe, Andrey Gritsenko, Jennifer Dy, Kaushik Chowdhury, and Stratis Ioannidis. 2020. Deep learning for RF fingerprinting: A massive experimental study. IEEE Internet of Things Magazine 3, 1 (2020), 50--57.

[26]

Kyouwoong Kim, Ihsan A Akbar, Kyung K Bae, Jung-Sun Um, Chad M Spooner, and Jeffrey H Reed. 2007. Cyclostationary approaches to signal detection and classification in cognitive radio. In 2007 2nd ieee international symposium on new frontiers in dynamic spectrum access networks. IEEE, 212--215.

[27]

Kyuin Lee, Yucheng Yang, Omkar Prabhune, Aishwarya Lekshmi Chithra, Jack West, Kassem Fawaz, Neil Klingensmith, Suman Banerjee, and Younghyun Kim. 2022. AEROKEY: Using Ambient Electromagnetic Radiation for Secure and Usable Wireless Device Authentication. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 6, 1 (2022), 1--29.

Digital Library

[28]

Zhengxiong Li, Baicheng Chen, Xingyu Chen, Chenhan Xu, Yuyang Chen, Feng Lin, Changzhi Li, Karthik Dantu, Kui Ren, and Wenyao Xu. 2022. Reliable Digital Forensics in the Air: Exploring an RF-based Drone Identification System. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 6, 2 (2022), 1--25.

Digital Library

[29]

Tian Liu, Ziyu Liu, Jun Huang, Rui Tan, and Zhen Tan. 2018. Detecting wireless spy cameras via stimulating and probing. In Proceedings of the 16th Annual International Conference on Mobile Systems, Applications, and Services. 243--255.

Digital Library

[30]

Eman Maali, David Boyle, and Hamed Haddadi. 2020. Towards identifying IoT traffic anomalies on the home gateway. In Proceedings of the 18th Conference on Embedded Networked Sensor Systems. 735--736.

Digital Library

[31]

Laura J Mariano, Alexander Aubuchon, Troy Lau, Onur Ozdemir, Tomo Lazovich, and John Coakley. 2019. Classification of electronic devices and software processes via unintentional electronic emissions with neural decoding algorithms. IEEE Transactions on Electromagnetic Compatibility 62, 2 (2019), 470--477.

[32]

Kevin Merchant, Shauna Revay, George Stantchev, and Bryan Nousain. 2018. Deep learning for RF device fingerprinting in cognitive communication networks. IEEE Journal of Selected Topics in Signal Processing 12, 1 (2018), 160--167.

[33]

Markus Miettinen, Samuel Marchal, Ibbad Hafeez, N Asokan, Ahmad-Reza Sadeghi, and Sasu Tarkoma. 2017. Iot sentinel: Automated device-type identification for security enforcement in iot. In 2017 IEEE 37th International Conference on Distributed Computing Systems (ICDCS). IEEE, 2177--2184.

[34]

Alireza Nazari, Nader Sehatbakhsh, Monjur Alam, Alenka Zajic, and Milos Prvulovic. 2017. Eddie: Em-based detection of deviations in program execution. In Proceedings of the 44th Annual International Symposium on Computer Architecture. 333--346.

Digital Library

[35]

Jorge Ortiz, Catherine Crawford, and Franck Le. 2019. DeviceMien: network device behavior modeling for identifying unknown IoT devices. In Proceedings of the International Conference on Internet of Things Design and Implementation. 106--117.

Digital Library

[36]

Linning Peng, Aiqun Hu, Junqing Zhang, Yu Jiang, Jiabao Yu, and Yan Yan. 2018. Design of a hybrid RF fingerprint extraction and device classification scheme. IEEE Internet of Things Journal 6, 1 (2018), 349--360.

[37]

Roberto Perdisci, Thomas Papastergiou, Omar Alrawi, and Manos Antonakakis. 2020. Iotfinder: Efficient large-scale identification of iot devices via passive dns traffic analysis. In 2020 IEEE European Symposium on Security and Privacy (EuroS&P). IEEE, 474--489.

[38]

Donald Reising, Joseph Cancelleri, T Daniel Loveless, Farah Kandah, and Anthony Skjellum. 2020. Radio identity verification-based IoT security using RF-DNA fingerprints and SVM. IEEE Internet of Things Journal 8, 10 (2020), 8356--8371.

[39]

Ulrich Rührmair, Xiaolin Xu, Jan Sölter, Ahmed Mahmoud, Mehrdad Majzoobi, Farinaz Koushanfar, and Wayne Burleson. 2014. Efficient power and timing side channels for physical unclonable functions. In International Workshop on Cryptographic Hardware and Embedded Systems. Springer, 476--492.

Digital Library

[40]

Said Jawad Saidi, Anna Maria Mandalari, Roman Kolcun, Hamed Haddadi, Daniel J Dubois, David Choffnes, Georgios Smaragdakis, and Anja Feldmann. 2020. A haystack full of needles: Scalable detection of iot devices in the wild. In Proceedings of the ACM Internet Measurement Conference. 87--100.

Digital Library

[41]

Seun Sangodoyin, Frank T Werner, Baki B Yilmaz, Chia-Lin Cheng, Elvan M Ugurlu, Nader Sehatbakhsh, Milos Prvulović, and Alenka Zajic. 2020. Side-channel propagation measurements and modeling for hardware security in iot devices. IEEE Transactions on Antennas and Propagation 69, 6 (2020), 3470--3484.

[42]

Nader Sehatbakhsh, Monjur Alam, Alireza Nazari, Alenka Zajic, and Milos Prvulovic. 2018. Syndrome: Spectral analysis for anomaly detection on medical iot and embedded devices. In 2018 IEEE international symposium on hardware oriented security and trust (HOST). IEEE, 1--8.

[43]

Nader Sehatbakhsh, Alireza Nazari, Monjur Alam, Frank Werner, Yuanda Zhu, Alenka Zajic, and Milos Prvulovic. 2019. REMOTE: Robust external malware detection framework by using electromagnetic signals. IEEE Trans. Comput. 69, 3 (2019), 312--326.

Digital Library

[44]

Nader Sehatbakhsh, Baki Berkay Yilmaz, Alenka Zajic, and Milos Prvulovic. 2020. A new side-channel vulnerability on modern computers by exploiting electromagnetic emanations from the power management unit. In 2020 IEEE International Symposium on High Performance Computer Architecture (HPCA).

[45]

Rahul Anand Sharma, Elahe Soltanaghaei, Anthony Rowe, and Vyas Sekar. 2022. Lumos: Identifying and Localizing Diverse Hidden {IoT} Devices in an Unfamiliar Environment. In 31st USENIX Security Symposium (USENIX Security 22). 1095--1112.

[46]

Cheng Shen and Jun Huang. 2021. {EarFisher}: Detecting Wireless Eavesdroppers by Stimulating and Sensing Memory {EMR}. In 18th USENIX Symposium on Networked Systems Design and Implementation (NSDI 21). 873--886.

[47]

Cheng Shen, Jun Huang, Guangyu Sun, and Jingshu Chen. 2022. Electromagnetic Fingerprinting of Memory Heartbeats: System and Applications. Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies 6, 3 (2022), 1--23.

Digital Library

[48]

Akash Deep Singh, Luis Garcia, Joseph Noor, and Mani Srivastava. 2021. I Always Feel Like Somebody's Sensing Me! A Framework to Detect, Identify, and Localize Clandestine Wireless Sensors. In 30th USENIX Security Symposium (USENIX Security 21). 1829--1846.

[49]

Arunan Sivanathan, Hassan Habibi Gharakheili, Franco Loi, Adam Radford, Chamith Wijenayake, Arun Vishwanath, and Vijay Sivaraman. 2018. Classifying IoT devices in smart environments using network traffic characteristics. IEEE Transactions on Mobile Computing 18, 8 (2018), 1745--1759.

[50]

Semtech SX1262. [n. d.]. https://www.semtech.com/products/wireless-rf/lora-core/sx1262mb2cas/. Accessed: 2022--07.

[51]

Arduino Uno. [n. d.]. https://docs.arduino.cc/hardware/uno-rev3/. Accessed: 2022--11.

[52]

Qiang Xu, Rong Zheng, Walid Saad, and Zhu Han. 2015. Device fingerprinting in wireless networks: Challenges and opportunities. IEEE Communications Surveys & Tutorials 18, 1 (2015), 94--104.

Digital Library

[53]

Chouchang Yang and Alanson P Sample. 2016. EM-ID: Tag-less identification of electrical devices via electromagnetic emissions. In 2016 IEEE International Conference on RFID (RFID). IEEE, 1--8.

[54]

Jiabao Yu, Aiqun Hu, Guyue Li, and Linning Peng. 2019. A robust RF fingerprinting approach using multisampling convolutional neural network. IEEE Internet of Things Journal 6, 4 (2019), 6786--6799.

[55]

Zihao Zhan, Zhenkai Zhang, and Xenofon Koutsoukos. 2020. Bitjabber: The world's fastest electromagnetic covert channel. In 2020 IEEE International Symposium on Hardware Oriented Security and Trust (HOST). IEEE, 35--45.

[56]

Mark Zhao and G Edward Suh. 2018. FPGA-based remote power side-channel attacks. In 2018 IEEE Symposium on Security and Privacy (SP). IEEE, 229--244.

Cited By

Zavolokina LSprenkamp KKatashinskaya ZJones DSchwabe G(2024)Think Fast, Think Slow, Think Critical: Designing an Automated Propaganda Detection ToolProceedings of the CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642805(1-24)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642805
Arkannezhad FAghanoury PFeng JKhalili HSehatbakhsh N(2024)SideGuard: Non-Invasive On-Chip Malware Detection in Heterogeneous IoT Systems by Leveraging Side-Channels2024 IEEE Security and Privacy Workshops (SPW)10.1109/SPW63631.2024.00030(253-259)Online publication date: 23-May-2024
https://doi.org/10.1109/SPW63631.2024.00030

Index Terms

Fingerprinting IoT Devices Using Latent Physical Side-Channels
1. Computer systems organization
  1. Embedded and cyber-physical systems
    1. Embedded systems
      1. Embedded hardware
2. Security and privacy
  1. Security services
    1. Authentication

Recommendations

Everything has its Bad Side and Good Side: Turning Processors to Low Overhead Radios Using Side-Channels
IPSN '23: Proceedings of the 22nd International Conference on Information Processing in Sensor Networks

Side-channels have traditionally been exploited as a means of uncovering sensitive information such as cryptographic keys from a computing device. In particular, past work has shown that electromagnetic (EM) radiation from a device’s processor and memory ...
Toward Automatically Connecting IoT Devices with Vulnerabilities in the Wild
With the increasing number of Internet of Things (IoT) devices connected to the internet, the industry and research community have become increasingly concerned about their security impact. Adversaries or hackers often exploit public security flaws to ...
Fingerprinting Industrial IoT devices based on multi-branch neural network
Abstract
Industrial Internet-of-Things systems suffer from a vast and vulnerable attack surface, raising widespread concerns about shielding IIoT devices from malicious attacks and reducing cyber risks. Device identification is the prerequisite to ...
Highlights
- We propose a novel IIoT fingerprinting approach based on neural network.
- We conduct experiments to validate the effectiveness of it.
- The results show that our approach can achieve 95.8% precision.
- We demonstrate the usefulness ...

Comments

Information & Contributors

Information

Published In

cover image Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies

Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies Volume 7, Issue 2

June 2023

969 pages

EISSN:2474-9567

DOI:10.1145/3604631

Issue’s Table of Contents

Copyright © 2023 Owner/Author.

This work is licensed under a Creative Commons Attribution International 4.0 License.

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 12 June 2023

Published in IMWUT Volume 7, Issue 2

Check for updates

Author Tags

Qualifiers

Research-article
Research
Refereed

Funding Sources

NSF (National Science Foundation)
IARPA

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
1,000
Total Downloads

Downloads (Last 12 months)777
Downloads (Last 6 weeks)70

Reflects downloads up to 18 Aug 2024

Other Metrics

View Author Metrics

Citations

Cited By

Zavolokina LSprenkamp KKatashinskaya ZJones DSchwabe G(2024)Think Fast, Think Slow, Think Critical: Designing an Automated Propaganda Detection ToolProceedings of the CHI Conference on Human Factors in Computing Systems10.1145/3613904.3642805(1-24)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3642805
Arkannezhad FAghanoury PFeng JKhalili HSehatbakhsh N(2024)SideGuard: Non-Invasive On-Chip Malware Detection in Heterogeneous IoT Systems by Leveraging Side-Channels2024 IEEE Security and Privacy Workshops (SPW)10.1109/SPW63631.2024.00030(253-259)Online publication date: 23-May-2024
https://doi.org/10.1109/SPW63631.2024.00030

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Get Access

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Media

Figures

Other

Tables

View Issue’s Table of Contents