M.A. Temple

Air Force Institute of Technology, باتيرسون, California, United States

Are you M.A. Temple?

Claim your profile

Publications (138)77.09 Total impact

  • Source

  • Source
    Trevor J Bihl · Kenneth W Bauer · Michael A Temple · Benjamin Ramsey ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Radio Frequency RF Distinct Native Attribute (RF-DNA) Fingerprinting is a PHY-based security method that enhances device identification (ID). ZigBee 802.15.4 security is of interest here given its widespread deployment in Critical Infrastructure (CI) applications. RF-DNA features can be numerous, correlated, and noisy. Feature Dimensional Reduction Analysis (DRA) is considered here with a goal of: 1) selecting appropriate features (feature selection) and 2) selecting the appropriate number of features (dimensionality assessment). Five selection methods are considered based on Generalized Relevance Learning Vector Quantization-Improved (GRLVQI) feature relevance ranking, and p-value and test statistic rankings from both the two-sample Kolmogorov-Smirnov (KS) Test and the one-way Analysis of Variance (ANOVA) F-test. Dimensionality assessment is considered using previous qualitative (subjective) methods and quantitative methods developed herein using data covariance matrices and the KS and F-test p-values. ZigBee discrimination (classification and ID verification) is evaluated under varying signal-to-noise ratio (SNR) conditions for both authorized and unauthorized rogue devices. Test statistic approaches emerge as superior to p-value approaches and offer both higher resolution in selecting features and generally better device discrimination. With appropriate feature selection, using only 16% of the data is shown to achieve better classification performance than when using all of the data. Preliminary first-look results for Z-Wave devices are also presented and shown to be consistent with ZigBee device fingerprinting performance.
    Military Communications Conference (MILCOM), Tampa, FL; 10/2015
  • Donald R. Reising · Michael A. Temple · Julie A. Jackson ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Unauthorized network access and spoofing attacks at wireless access points (WAPs) have been traditionally addressed using bit-centric security measures and remain a major information technology security concern. This has been recently addressed using RF fingerprinting methods within the physical layer to augment WAP security. This paper extends the RF fingerprinting knowledge base by: 1) identifying and removing less-relevant features through dimensional reduction analysis (DRA) and 2) providing a first look assessment of device identification (ID) verification that enables the detection of rogue devices attempting to gain network access by presenting false bit-level credentials of authorized devices. DRA benefits and rogue device rejection performance are demonstrated using discrete Gabor transform features extracted from experimentally collected orthogonal frequency division multiplexing-based wireless fidelity (WiFi) and worldwide interoperability for microwave access (WiMAX) signals. Relative to empirically selected full-dimensional feature sets, performance using DRA-reduced feature sets containing only 10% of the highest ranked features (90% reduction), includes: 1) maintaining desired device classification accuracy and 2) improving authorized device ID verification for both WiFi and WiMAX signals. Reliable burst-by-burst rogue device rejection of better than 93% is achieved for 72 unique spoofing attacks and improvement to 100% is demonstrated when an accurate sample of the overall device population is employed. DRA-reduced feature set efficiency is reflected in DRA models requiring only one-tenth the number of features and processing time.
    IEEE Transactions on Information Forensics and Security 06/2015; 10(6):1-1. DOI:10.1109/TIFS.2015.2400426 · 2.41 Impact Factor
  • Source
    Timothy J Carbino · Michael A Temple · Trevor J Bihl ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Improved network security is addressed using device dependent physical-layer (PHY) based fingerprints from Ether-net cards to augment traditional MAC-based ID verification. The investigation uses unintentional Ethernet cable emissions and device fingerprints comprised of Constellation-Based, Distinct Native Attribute (CB-DNA) features. Near-field collection probe derivative effects dictated the need for developing a two-dimensional (2D) binary constellation for demodulation and CB-DNA extraction. Results show that the 2D constellation provides reliable demodulation (bit estimation) and device discrimination using symbol cluster statistics for CB-DNA. Bit Error Rate (BER) and Cross-Manufacturer Discrimination (CMD) results are provided for 16 devices from 4 different manufactures. Device discrimination is assessed using both Nearest Neighbor (NN) and Multiple Discriminant Analysis, Maximum Likelihood (MDA/ML) classifiers. Overall results are promising and include CMD average classification accuracy of %C = 76.73% (NN) and %C = 91.38% (MDA/ML).
    International Conference on Computing, Networking and Communications (ICNC); 03/2015
  • Hiren J. Patel · Michael A. Temple · Rusty O. Baldwin ·
    [Show abstract] [Hide abstract]
    ABSTRACT: The popularity of ZigBee devices continues to grow in home automation, transportation, traffic management, and Industrial Control System (ICS) applications given their low-cost and low-power. However, the decentralized architecture of ZigBee ad-hoc networks creates unique security challenges for network intrusion detection and prevention. In the past, ZigBee device authentication reliability was enhanced by Radio Frequency-Distinct Native Attribute (RF-DNA) fingerprinting using a Fisher-based Multiple Discriminant Analysis and Maximum Likelihood (MDA-ML) classification process to distinguish between devices in low Signal-to-Noise Ratio (SNR) environments. However, MDA-ML performance inherently degrades when RF-DNA features do not satisfy Gaussian normality conditions, which often occurs in real-world scenarios where radio frequency (RF) multipath and interference from other devices is present. We introduce non-parametric Random Forest (RndF) and Multi-Class AdaBoost (MCA) ensemble classifiers into the RF-DNA fingerprinting arena, and demonstrate improved ZigBee device authentication. Results are compared with parametric MDA-ML and Generalized Relevance Learning Vector Quantization-Improved (GRLVQI) classifier results using identical input feature sets. Fingerprint dimensional reduction is examined using three methods, namely a pre-classification Kolmogorov-Smirnoff Test (KS-Test), a post-classification RndF feature relevance ranking, and a GRLVQI feature relevance ranking. Using the ensemble methods, an SNR=18.0 dB improvement over MDA-ML processing is realized at an arbitrary correct classification rate (%C) benchmark of %C=90%; for all SNR ∈ [0, 30] dB considered, %C improvement over MDA-ML ranged from 9% to 24%. Relative to GRLVQI processing, ensemble methods again provided improvement for all SNR, with a best improvement of %C=10% achieved at the lowest tested SNR=0.0 dB. Network penetration, measured using rogue ZigBee devices, show that at the SNR=12.- dB (%C=90%) the ensemble methods correctly reject 31 of 36 rogue access attempts based on Receiver Operating Characteristic (ROC) curve analysis and an arbitrary Rogue Accept Rate of . This performance is better than MDA-ML, and GRLVQI which rejected 25/36, and 28/36 rogue access attempts respectively. The key benefit of ensemble method processing is improved rogue rejection in noisier environments; gains of 6.0 dB, and 18.0 dB are realized over GRLVQI, and MDA-ML, respectively. Collectively considering the demonstrated %C and rogue rejection capability, the use of ensemble methods improves ZigBee network authentication, and enhances anti-spoofing protection afforded by RF-DNA fingerprinting.
    IEEE Transactions on Reliability 03/2015; 64(1):221-233. DOI:10.1109/TR.2014.2372432 · 1.93 Impact Factor
  • Samuel J. Stone · Michael A. Temple · Rusty O. Baldwin ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Industrial control systems are used to operate critical infrastructure assets in the civilian and military sectors. Current industrial control system architectures are predominantly based on networked digital computers that enable reliable monitoring and control of critical functions via localized and distributed operations. Many industrial control systems, in particular, supervisory control and data acquisition (SCADA) systems, implement monitoring and control using programmable logic controllers, which have served as gateways through which cyber attacks have been orchestrated against high-profile industrial control system targets.
    International Journal of Critical Infrastructure Protection 02/2015; 9. DOI:10.1016/j.ijcip.2015.02.001 · 1.00 Impact Factor
  • [Show abstract] [Hide abstract]
    ABSTRACT: Low-data-rate wireless networks incorporated in critical infrastructure applications can be protected through 128-bit encryption keys and address-based access control lists. However, these bit-level credentials are vulnerable to interception, extraction and spoofing using software tools available free of charge on the Internet. Recent research has demonstrated that wireless physical layer device fingerprinting can be used to defend against replay and spoofing attacks. However, radio frequency (RF) fingerprinting typically uses expensive signal collection systems; this is because fingerprinting wireless devices with low-cost receivers has been reported to have inconsistent accuracy. This paper demonstrates a robust radio frequency fingerprinting process that is consistently accurate with both high-end and low-cost receivers. Indeed, the results demonstrate that low-cost software-defined radios can be used to perform accurate radio frequency fingerprinting and to identify spoofing attacks in critical IEEE 802.15.4-based infrastructure networks such as ZigBee.
    International Journal of Critical Infrastructure Protection 01/2015; 8:27-39. DOI:10.1016/j.ijcip.2014.11.002 · 1.00 Impact Factor
  • Mathew W Lukacs · Angela J. Zeqolari · Peter J. Collins · Michael A. Temple ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Device classification is important for many applications such as industrial quality controls, through-wall imaging, and network security. A novel approach to detection is proposed using a random noise radar (RNR), coupled with Radio Frequency “Distinct Native Attribute (RF-DNA)” fingerprinting processing algorithms to non-destructively interrogate microwave devices. RF-DNA has previously demonstrated “serial number” discrimination of passive Radio Frequency (RF) emissions such as Orthogonal Frequency Division Multiplexed (OFDM) signals, Worldwide Interoperability for Microwave Access (WiMAX) signals and others with classification accuracies above 80% using a Multiple Discriminant Analysis/Maximum Likelihood (MDAML) classifier. This approach proposes to couple the classification successes of the RF-DNA fingerprint processing with a non-destructive active interrogation waveform. An Ultra Wideband (UWB) noise waveform is uniquely suitable as an active interrogation method since it will not cause damage to sensitive microwave components and multiple RNRs can operate simultaneously in close proximity, allowing for significant parallelization of detection systems.
    IEEE Antennas and Wireless Propagation Letters 01/2015; 14:1-1. DOI:10.1109/LAWP.2015.2411608 · 1.58 Impact Factor
  • Source
    D.P. Montminy · R.O. Baldwin · M.A. Temple · M.E. Oxley ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Side-channel analysis has been used to successfully attack many cryptographic systems. However, to improve trace quality and make collection of side-channel data easier, the attacker typically modifies the target device to add a trigger signal. This trigger implies a very powerful attacker with virtually complete control over the device. This paper describes a method to collect side-channel data using a software defined radio (SDR) in real-time without requiring a collection device trigger. A correlation-based frequency-dependent leakage mapping technique is introduced to evaluate a 32-bit microprocessor, revealing that individual key bytes leak at different frequencies. Key byte-dependent leakage is observed in both SDR collected and triggered oscilloscope-based collections (which serve to validate the SDR data). This research is the first to demonstrate effective differential attack using SDRs. Successful attacks are presented using two SDRs, including a US$20 digital television receiver with modified drivers.
    IEEE Transactions on Information Forensics and Security 12/2013; 8(12):2101-2114. DOI:10.1109/TIFS.2013.2287600 · 2.41 Impact Factor
  • Xue Li · Steven Hong · V.D. Chakravarthy · Michael Temple · Zhiqiang Wu ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Orthogonal Frequency Division Multiplexing (OFDM) has been considered as a strong candidate for next generation wireless communication systems. Compared to traditional OFDM, Single Carrier OFDM (SC-OFDM) has demonstrated excellent bit error rate (BER) performance, as well as low peak to average power ratio (PAPR). Similar to other multi-carrier transmission technologies, SC-OFDM suffers significant performance degradation resulting from intercarrier interference (ICI) in high mobility environments. Existing techniques for OFDM can be directly adopted in SC-OFDM to improve performance, however, this improved performance comes at costs such as decreased throughput. In this paper, we analyze the effect of ICI on an SC-OFDM system and propose a novel modulation scheme. The proposed Magnitude-Keyed Modulation (MKM) modulation provides SC-OFDM system immunity to ICI and with an easy implementation it significantly outperforms OFDM, SC-OFDM and MC-CDMA systems with Phase Shift Keying (PSK) modulation and Quadrature Amplitude Modulation (QAM) in severe ICI environment. Analysis also illustrates the proposed SC-OFDM system with MKM modulation maintains low PAPR compared to traditional OFDM and SC-OFDM systems with PSK and QAM modulations. Simulation results for different modulation schemes in various ICI environments confirm the effectiveness of the proposed system.
    IEEE Transactions on Communications 02/2013; 61(2):658-668. DOI:10.1109/TCOMM.2012.122112.110214 · 1.99 Impact Factor
  • P.K. Harmer · D.R. Reising · M.A. Temple ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Cognitive Radio (CR) networks create an environment that presents unique security challenges, with reliable user authentication being essential for mitigating Primary User Emulation (PUE) spoofing and ensuring the cognition engine is using reliable information when dynamically reconfiguring the network. Unfortunately, wireless network edge devices increase spoofing potential as all devices can “see” all network traffic within RF range. Conventional bit-level security helps, but additional security based on physical-layer (PHY) attributes is required to ensure unauthorized devices do not adversely impact CR reliability during environmental assessment. RF Distinct Native Attribute (RF-DNA) fingerprinting is one PHY technique for reliably identifying devices based on inherent emission differences. These differences are exploited to uniquely identify, by serial number, hardware devices and aid cognitive network security. Reliable device discrimination has been achieved using Multiple Discriminant Analysis, Maximum Likelihood (MDA/ML) processing. However, MDA/ML provides no insight into feature relevance which limits its use for optimizing feature selection. This limitation is addressed here using Generalized Relevance Learning Vector Quantization-Improved (GRLVQI) and Learning from Signals (LFS) classifiers. Comparative assessment shows that GRLVQI and LFS classification performance rivals that of MDA/ML, overcomes inherent MDA/ML limitations, and provides benefit for CR network applications where reliable RF environment assessment and PUE mitigation is essential.
    Communications (ICC), 2013 IEEE International Conference on; 01/2013
  • Qian Han · Xue Li · M. Temple · Zhiqiang Wu ·
    [Show abstract] [Hide abstract]
    ABSTRACT: It is well known that Orthogonal Frequency Division Multiplexing (OFDM) systems suffer from intercarrier interference (ICI) in mobile environment due to loss of orthogonality among subcarriers caused by Doppler shifts. There exist many ICI mitigation techniques in the literature to improve the performance of OFDM systems. However, most of the existing ICI mitigation techniques assume the OFDM transmission bandwidth is narrow enough that the frequency offsets on all subcarriers are identical. In a wideband OFDM transmission or a non-contiguous OFDM spanning over large bandwidth, the Doppler shifts on different subcarriers are different, especially in high speed aerial vehicle communication systems. In this paper, we analyze the wideband OFDM system in high mobility environment where the frequency offsets vary from subcarrier to subcarrier. We then propose a novel ICI cancellation scheme to eliminate the ICI effect and offer the wideband OFDM system significantly improved BER performance. Simulation results in AWGN channel and multipath fading channel confirm the effectiveness of the proposed scheme in the presence of frequency offset and time variations in the channel, offering the best BER performance available which matches the BER performance of wideband OFDM system without ICI. To our knowledge, this paper is the first to address the ICI problem of varying frequency offsets across subcarriers in wideband OFDM system.
    Computing, Networking and Communications (ICNC), 2013 International Conference on; 01/2013
  • P.K. Harmer · M.A. Temple ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Security and privacy within existing wireless architectures remain a major concern and may be further compounded when considering multi-node wireless cognitive networks. However, the same computational capabilities that enable cognitive transceiver operation can also be used to enhance physical-layer security at each node. The approach here uses RF Distinct Native Attribute (RF-DNA) features that embody unique statistical properties of received RF emissions. The baseline system uses a Multiple Discriminant Analysis, Maximum Likelihood (MDA/ML) process to classify devices by exploiting RF-DNA uniqueness that enables serial number discrimination. MDA/ML limitations, to include a lack of feature relevance indication, are addressed using a previously investigated Learning From Signals (LFS) process. Of significance here is the expansion of LFS capability which will be readily implementable in envisioned cognitive network architectures. By coupling Kernel Regression (KR) with a Differential Evolution (DE) genetic algorithm, LFS is able to “learn” an improved model of the signal environment. Results here for experimentally collected 802.11a WiFi signals demonstrate recent improvements to the LFS engine that enable it to operate more effectively within a higher-dimensional RF-DNA feature space. The addition of a fractional Euclidean Distance (ED) similarity metric and vector class labeling provide improvement of 9 % to 23 % in average percent correct classification over the earlier LFS implementation.
    Computing, Networking and Communications (ICNC), 2013 International Conference on; 01/2013
  • Samuel Stone · Michael Temple ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Advances in the processing power and efficiency of computers have led to the proliferation of information technology (IT) systems in nearly every aspect of our daily lives. The pervasiveness and reliance on IT systems, however, have increased the susceptibility to cyber attacks. This is of particular concern with regard to supervisory control and data acquisition (SCADA) systems in the critical infrastructure. Compromises of SCADA systems–in particular, the programmable logic controllers (PLCs) used as field devices to control and monitor remote processes–could have devastating consequences. However, because of their limited onboard computing resources (e.g., processing power and memory), conventional bit-level IT security mechanisms are not well suited to safeguarding PLCs.This paper describes a methodology for detecting anomalous operations of PLCs. The methodology uses information extracted from radio frequency (RF) features to identify changes in operating characteristics due to malicious actions or system failure. The experimental results demonstrate the utility of the RF-based anomaly detection methodology for PLC verification.
    International Journal of Critical Infrastructure Protection 07/2012; 5(2):66–73. DOI:10.1016/j.ijcip.2012.05.001 · 1.00 Impact Factor
  • David P. Montminy · Rusty O. Baldwin · Michael A. Temple · Eric D. Laspe ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Template attacks are a very powerful form of side-channel analysis. It is assumed an adversary has access to a training device, identical to the device under attack, to build a precise multivariate characterization of the side-channel emissions. The training and test devices are assumed to have identical, or at least very similar, electromagnetic emissions. Often, when evaluating the effectiveness of a template attack, training and test data are from the same-device. The effectiveness of collecting training and test data from different devices, or cross-device attacks, are evaluated here using 40 PIC microcontroller devices. When the standard template attack methodology fails to produce adequate results, each step is evaluated to identify device-dependent variations. A simple pre-processing technique, normalizing the trace means and variances from the training and test devices, is evaluated for various test data set sizes. This step improves the success key-byte extraction rate for same part number cross-device template attacks from 65.1 to 100 % and improves attacks against similar devices in the same-device family. Additionally, it is demonstrated that due to differences in device leakage, minimizing the number of distinguishing features reduces the effectiveness of cross-device attacks.
    Journal of Cryptographic Engineering 06/2012; 3(2). DOI:10.1007/s13389-012-0038-y
  • Donald R. Reising · Michael A. Temple ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Considerable effort has been put forth to exploit physical layer attributes to augment network bit-level security mechanisms. RF-DNA fingerprints possess such attributes and can be used to uniquely identify authorized users and mitigate unauthorized network activity. These attributes are unique to a given electronic device and difficult to replicate for cloning, spoofing, etc. Device discrimination (identification) of WiMAX devices has been successfully demonstrated using a one-to-many comparison against a pool of unknown device fingerprints. The work here now addresses device authentication using a one-to-one comparison against the specific fingerprint associated with a claimed bit-level identity (MAC, SIM, IMEI, etc). The concept is demonstrated using Gabor-based RF-DNA extracted from near-transient burst responses of 802.16e WiMAX mobile subscriber devices-device identification of better than 96% is achieved with verification EER ≤ 1.6% for SNR ≥ -3 dB.
    Communications (ICC), 2012 IEEE International Conference on; 06/2012
  • William E. Cobb · Eric D. Laspe · Rusty O. Baldwin · Michael A. Temple · Yong C. Kim ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Radio-frequency distinct native attribute (RF-DNA) fingerprinting is adapted as a physical-layer technique to improve the security of integrated circuit (IC)-based multifactor authentication systems. Device recognition tasks (both identification and verification) are accomplished by passively monitoring and exploiting the intrinsic features of an IC's unintentional RF emissions without requiring any modification to the device being analyzed. Device discrimination is achieved using RF-DNA fingerprints comprised of higher order statistical features based on instantaneous amplitude, phase, and frequency responses as a device executes a sequence of operations. The recognition system is trained using multiple discriminant analysis to reduce data dimensionality while retaining class separability, and the resultant fingerprints are classified using a linear Bayesian classifier. Demonstrated identification and verification performance includes average identification accuracy of greater than 99.5% and equal error rates of less than 0.05% for 40 near-identical devices. Depending on the level of required classification accuracy, RF-DNA fingerprint-based authentication is well-suited for implementation as a countermeasure to device cloning, and is promising for use in a wide variety of related security problems.
    IEEE Transactions on Information Forensics and Security 02/2012; 7(1):14-24. DOI:10.1109/TIFS.2011.2160170 · 2.41 Impact Factor
  • Source
    Benjamin W Ramsey · Michael A Temple · Barry E Mullins ·
    [Show abstract] [Hide abstract]
    ABSTRACT: The ZigBee specification builds upon IEEE 802.15.4 low-rate wireless personal area standards by adding security and mesh networking functionality. ZigBee networks may be secured through 128-bit encryption keys and by MAC address access control lists, yet these credentials are vulnerable to interception and spoofing via free software tools available over the Internet. This work proposes a multi-factor PHY-MAC-NWK security framework for ZigBee that augments bit-level security using radio frequency (RF) PHY features. These features, or RF fingerprints, can be used to differentiate between dissimilar or like-model wireless devices. Previous PHY-based works on mesh network device differentiation predominantly exploited the signal turn-on region, measured in nanoseconds. For an arbitrary benchmark of 90% or better classification accuracy, this work shows that reliable PHY-based ZigBee device discrimination can be achieved at SNR ≥ 8 dB. This is done using the entire transmission preamble, which is less technically challenging to detect and is over 1000 times longer than the signal turn-on region. This work also introduces a statistical, pre-classification feature ranking technique for identifying relevant features that dramatically reduces the number of RF fingerprint features without sacrificing classification performance.
    01/2012; DOI:10.1109/GLOCOM.2012.6503210
  • Donald R. Reising · Michael A. Temple · Mark E. Oxley ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Previous work has demonstrated the viability of using RF-DNA fingerprinting to provide serial number discrimination of IEEE 802.11a WiFi devices as a means to augment conventional bit-level security. This was done using RF-DNA extracted from signal regions containing standard pre-defined responses (preamble, midamble, etc.). Using these responses, proof-of-concept demonstrations with RF-DNA fingerprinting have shown some effectiveness for providing serial number discrimination. The discrimination challenge increases considerably when pre-defined signal responses are not present. This challenge is addressed here using experimentally collected IEEE 802.16e WiMAX signals from Alvarion BreezeMAX Mobile Subscriber (MS) devices. Relative to previous Time Domain (TD) and Spectral Domain (SD) fingerprint features, joint time-frequency Gabor (GT) and Gabor-Wigner (GWT) Transform features are considered here as a means to extract greater device discriminating information. For comparison, RF-DNA is extracted from TD, SD, GT, and GWT responses and MDA/ML feature extraction and classification performed. Preliminary assessment shows that Gabor-based RF-DNA fingerprinting is much more effective than either TD or SD methods. GT RF-DNA fingerprinting achieves individual WiMAX MS device classification of 98.5% or better for SNR ≥ -3 dB.
    Computing, Networking and Communications (ICNC), 2012 International Conference on; 01/2012
  • C.K. Dubendorfer · B.W. Ramsey · M.A. Temple ·
    [Show abstract] [Hide abstract]
    ABSTRACT: Impersonation of authorized network devices is a serious concern in applications involving monitoring and control of battlefield operations and military installation infrastructure-ZigBee is among the ad hoc network alternatives used for such purposes. There are considerable security concerns given the availability of ZigBee “hacking” tools that have evolved from methods used for IEEE 802.11 Wi-Fi and IEEE 802.15.1 Bluetooth attacks. To mitigate the effectiveness of these bit-level attacks, RF waveform features within the lowest OSI physical (PHY) layer are used to augment bit-level security mechanisms within higher OSI layers. The evolution of RF 'Distinct Native Attribute' (RF-DNA) fingerprinting continues here with a goal toward improving defensive RF Intelligence (RFINT) measures and enhancing rogue device detection. Demonstrations here involve ZigBee burst collection and RF-DNA fingerprint generation using experimentally collected emissions from like-model CC2420 ZigBee devices operating at 2.4 GHz. RF-DNA fingerprints from 7 authorized devices are used for Multiple Discriminant Analysis (MDA) training and authorized device classification performance assessed, i.e. answering: “Is the device 1 of M authorized devices?” Additional devices are introduced as impersonating rogue devices attempting to gain unauthorized network access by presenting false bit-level credentials for one of the M authorized devices. Granting or rejecting rogue network access is addressed using a claimed identity verification process, i.e, answering: “Does the device's current RF-DNA match its claimed bit-level identity?” For authorized devices, arbitrary classification and verification benchmarks of %C>; 90% and %V >; 90% are achieved at SNR≈10.0 dB using a test statistic based on assumed Multivariate Gaussian (MVG) likelihood values. Overall, rogue device rejection capability is promising using the same verification test - tatistic, with %V

Publication Stats

1k Citations
77.09 Total Impact Points


  • 1998-2015
    • Air Force Institute of Technology
      • Department of Electrical & Computer Engineering
      باتيرسون, California, United States
  • 2002-2012
    • United States Air Force
      New York City, New York, United States
  • 2010
    • Wright State University
      • Department of Electrical Engineering
      Dayton, Ohio, United States
  • 2003-2010
    • Wright-Patterson Air Force Base
      Dayton, Ohio, United States

We use cookies to give you the best possible experience on ResearchGate. Read our cookies policy to learn more.