US20100100936A1 - Secure Wireless Network Using Radiometric Signatures - Google Patents

Secure Wireless Network Using Radiometric Signatures Download PDF

Info

Publication number
US20100100936A1
US20100100936A1 US12/555,369 US55536909A US2010100936A1 US 20100100936 A1 US20100100936 A1 US 20100100936A1 US 55536909 A US55536909 A US 55536909A US 2010100936 A1 US2010100936 A1 US 2010100936A1
Authority
US
United States
Prior art keywords
mobile
radio signals
transceivers
secure network
modulation domain
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US12/555,369
Inventor
Vladimir Alexander Brik
Suman Banerjee
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wisconsin Alumni Research Foundation
Original Assignee
Individual
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Individual filed Critical Individual
Priority to US12/555,369 priority Critical patent/US20100100936A1/en
Assigned to WISCONSIN ALUMNI RESEARCH FOUNDATION reassignment WISCONSIN ALUMNI RESEARCH FOUNDATION ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: BANERJEE, SUMAN, BRIK, VLADIMIR
Publication of US20100100936A1 publication Critical patent/US20100100936A1/en
Priority to US15/600,220 priority patent/US10397080B2/en
Assigned to NATIONAL SCIENCE FOUNDATION reassignment NATIONAL SCIENCE FOUNDATION CONFIRMATORY LICENSE (SEE DOCUMENT FOR DETAILS). Assignors: UNIVERSITY OF WISCONSIN, MADISON
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/08Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
    • H04L43/0823Errors, e.g. transmission errors
    • H04L43/0829Packet loss
    • H04L43/0835One way packet loss
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/02Capturing of monitoring data
    • H04L43/028Capturing of monitoring data by filtering
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L43/00Arrangements for monitoring or testing data switching networks
    • H04L43/04Processing captured monitoring data, e.g. for logfile generation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L45/00Routing or path finding of packets in data switching networks
    • H04L45/74Address processing for routing
    • H04L45/742Route cache; Operation thereof
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L47/00Traffic control in data switching networks
    • H04L47/10Flow control; Congestion control
    • H04L47/20Traffic policing
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/22Parsing or analysis of headers
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L69/00Network arrangements, protocols or services independent of the application payload and not provided for in the other groups of this subclass
    • H04L69/12Protocol engines
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks

Definitions

  • the present invention relates to security systems for computer networks and, in particular, to a security system for networks employing wireless communication links.
  • Providing security for data transmitted electronically over a computer network is important to prevent the theft of data or services, preserve privacy, and prevent the introduction of malware such as viruses.
  • One common method of ensuring network security uses a “white list” of authorized users and checks the identity of network users against this list at the time the users enter the network and/or periodically during their connection.
  • determining the identity of a user connecting to the network is not a simple matter.
  • One method is through the use of a personal identification number (PIN), password, or encryption key known only to the user. But such keys are often lost or stolen.
  • PIN personal identification number
  • password password
  • encryption key known only to the user. But such keys are often lost or stolen.
  • Additional security may be had by combining a user entered key, a machine identifier such as the MAC address of a network interface card, and a unique serial number assigned to each network interface card chip.
  • a machine identifier such as the MAC address of a network interface card
  • a unique serial number assigned to each network interface card chip Unfortunately, it is relatively easy to forge a MAC address. For this reason, more sophisticated machine/user identifiers may be used such as hardware fobs generating a series of pseudorandom numbers in parallel with similar hardware at a network gateway. All of these authenticating techniques, which allow the authentication to be implemented through data transmitted over the network, will be termed “network data implemented authenticators” because the authenticating information is conveyed using the data transmitting qualities of the network.
  • network data implemented authenticators may be supplemented with techniques that do not rely on the data conveyed by the network, for example limiting connection to the network to physically secure network jacks within a building. These measures are resistant to the loss or theft of passwords or hardware password devices.
  • the present invention provides a system that extracts a nearly unique “fingerprint” of the wireless device from imperfections in its radio transmitter circuitry and then uses such fingerprints to identify the physical transmitting device for security-related purposes.
  • the present invention operates primarily in the “modulation domain,” i.e. at the last stages of conversion of analog signal to digital data in contrast to some radio transmitter identifications systems which represent device identity in the “waveform domain”, i.e., based on information gathered in early stages of signal acquisition that do not take advantage of the signal properties due to modulation.
  • a test of the present invention with off-the-shelf wireless network cards indicates that sufficient variation exists even with mass-produced wireless network cards to reliably differentiate cards from each other in a typical wireless environment subject to noise, multipath effects, and channel distortion.
  • the exploited imperfections in the radio transmitters used for this identification are a product of the underlying difficulty and cost of controlling these imperfections, making the creation of a “mimic” for any particular transmitter card disproportionately expensive to someone who would breach the security of the network.
  • modulation domain parameters that make up the fingerprint are extracted using a process very similar to that already used in existing transceivers, making implementation of the invention relatively simple and inexpensive.
  • the present invention provides a secure network transceiver system for communicating network data with a plurality of mobile transceivers, each mobile transceiver having a digital signal portion communicating with an analog radio portion.
  • the secure network includes at least one base transceiver having: (1) an analog radio portion exchanging radio signals with the mobile transceivers, the analog radio portion providing modulation domain outputs reading modulation domain qualities of received radio signals from the mobile transceivers; (2) a digital signal portion communicating digital data with the analog radio portion related to encoded content of the radio signals; and (3) an electronic computer including a processor and a memory, the electronic computer exchanging network data related to the digital data with the digital signal portion and receiving modulation domain outputs from the analog radio portion.
  • the electronic computer executes a stored program contained in memory to: (1) execute an authentication process with mobile transceivers through the exchange of network data, the authentication process employing a network data authenticator; (2) characterize received radio signals of mobile transceivers according to the modulation domain qualities indicated by the modulation domain outputs; (3) compare the characterized radio signals to pre-established characterizations of authorized mobile transceivers; and (d) generate an output indicating a possible security violation when the characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
  • the electronic computer may further execute the stored program to revoke authorization of mobile transmitters whose characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
  • the modulation domain qualities may be selected from the group consisting of measurements related to trajectory of a received signal's phasor in the modulation domain. Including, but not limited to symbol phase error, symbol magnitude error, and symbol error vector magnitude. Alternatively or in addition, measurements may be related to overall modulation-domain characteristics of a received signal including, but not limited to carrier frequency offset, symbol clock offset, SYNC correlation. It is thus an object of the invention to use fundamental characteristics of analog transmitter circuitry revealed in a radio signal that provide sufficient variation to serve as transmitter identification.
  • the comparison may provide a multidimensional comparison using multiple different modulation domain qualities.
  • the network may include multiple base transceivers, and each of the base transceivers may use different pre-established characterizations each unique to one base transceiver receiver or the multiple base transceivers may share pre-established characterizations.
  • the comparison of the characterized radio signals may employ comparison algorithms selected from the group consisting of: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles.
  • the electronic computer may further execute the stored program contained in memory to change a pre-established characterization for a mobile transceiver on a periodic basis using recent transmissions when the characterization of the recent transmissions match existing characterizations to within a second predetermined threshold or when the characterization of the recent transmissions matches an original characterization to within a second predetermined threshold.
  • FIG. 1 is a representation of a simple wireless network having three multiple mobile users communicating with two base stations, the latter connected on a network with a central server;
  • FIG. 2 is a block diagram of a transceiver of the type used by the mobile users and base stations also showing a modification used in the base stations only;
  • FIG. 3 is a block diagram of the central server of FIG. 1 such as may contain the radiometric identification program of the present invention, radiometric information, and network data authenticators for use by the invention;
  • FIG. 4 is a flow chart of a program executed by the server of FIG. 4 during the commissioning of new mobile wireless device
  • FIG. 5 is a flow chart of a program executed by the server of FIG. 4 during a typical authorization of a pre-commissioned mobile wireless device
  • FIG. 6 is a constellation diagram of one type of quadrature modulation suitable for use with the present invention showing the radiometric information used by the present invention
  • FIG. 7 is a simplified representation of a nearest neighbor classification algorithm
  • FIG. 8 is a simplified representation of a support vector machine algorithm suitable for use with the present invention.
  • FIG. 9 is a detailed fragmentary view of one quadrant of quadrature constellation of FIG. 7 showing a possible strategy for heuristic modification of the radiometric fingerprints.
  • FIG. 10 an example of a possible phasor trajectory.
  • an example network 10 suitable for use with the present invention employs multiple mobile devices 12 , for example, laptop computers having wireless adapters 14 such as those employing the IEEE 802.11 wireless standard well known in the art.
  • the present invention however is not limited to the IEEE 802.11 standard.
  • the mobile devices 12 When connected in a network, the mobile devices 12 may communicate by radio waves over a wireless communication channel with one of two base stations 16 (typically stationary) that may in turn communicate on a wire or optical carrier medium 18 with a central server 20 .
  • the central server 20 may have additional connections, for example, to a secure institutional network 22 . In this way the mobile devices 12 may flexibly connect to the secure institutional network 22 .
  • each of the wireless adapters 14 and base stations 16 may include a transceiver 24 .
  • transceivers 24 are used in both the network adapters and base stations 16 ; however, a receiver portion of the transceiver 24 is modified slightly for the base station 16 only, as will be described below.
  • the depicted transceiver 24 is simplified and is one of many possible designs that can work with the present invention as will be understood from the following description to those of ordinary skill in the art.
  • the transceiver 24 may receive data from a processor 26 communicating with a memory 28 and executing a stored program in the memory 28 to produce a data stream 30 to be transmitted over the wireless communication channel.
  • This data stream 30 may be data exchanged between the base stations 16 and the mobile devices 12 as part of standard network communication and may include network data authenticators for authorizing the user.
  • the processor 26 may operate simply to exchange data with the server 20 and is connected to a network card 72 connecting it to the carrier medium 18 .
  • the processor 26 may be the microprocessor of a laptop or other mobile device such as a cell phone, portable digital assistant, camera, music player or the like and the network card 72 is not required.
  • data of the data stream 30 will typically be organized in a frame including a data packet encoded by the data link layer for digital transmission to a node (either the base station 16 or mobile device 12 ).
  • a frame will typically include a header synchronization section, a payload of network data, and a trailer, for example, of error correction codes or the like.
  • the data stream 30 will be received by a symbol encoder 32 which accepts sets of bits of each data packet in sequence and encodes them according to the particular encoding scheme used by the transceiver 24 .
  • the transceiver 24 uses QPSK modulation (quadrature phase-shift keying) in which data is encoded in the phase of quadrature subcarriers of the transmitter radiowave.
  • QPSK modulation quadrature phase-shift keying
  • I in-phase subcarrier
  • Q quadrature-phase subcarrier
  • the present invention can be used with a variety of other modulation systems including but not limited to 16-QAM, and 256 QAM.
  • a transmitter encodes discrete data onto a carrier signal by continuously varying, or modulating in time some analog, that is to say, continuous property of the carrier signal.
  • the receiver measures those variations and reconstructs signal's data payload according to the communication standard in use.
  • Practitioners in the art use the term “phasor” to describe an instantaneous value of those modulated properties (state of the signal) at a given point in time (see FIG. 10 ).
  • the exact relationship between phasor value and physical properties of a signal is defined by the communication protocol in use. Therefore, as time passes and signal's properties are changed by the transmitter, the phasor value changes accordingly.
  • I in-phase component
  • Q quadrature component
  • a physical radio wave is then equivalent to the trajectory of the phasor in an abstract two-dimensional space commonly called I/Q or modulation domain.
  • information may be encoded in higher-dimensional space, as is the case, for example, with MIMO (multiple input and multiple output) technology. Handling such cases would require only minor changes to the overall procedure, since, as long as the modulation format's number of symbols is finite, they can be mapped onto a two-dimensional space or multiple two-dimensional spaces.
  • the relationship between the dimensions of the modulation domain representation and waveform characteristics is determined by the communication protocol.
  • the I-dimension could correspond to the amplitude or the I-subcarrier at a point in time
  • Q-dimension could be related to the phase of the Q-subcarrier.
  • the exact relationships between waveform-domain representation and modulation-domain representation for the purposes of this invention are irrelevant, as long as they are known.
  • phasor trajectory as the entity encoding information.
  • keeping accurate track of phasor's trajectory is resource-intensive. Instead, practical systems periodically measure phasor's position at times dictated by the communication standard, and generally disregard phasor's intermediate transitions. Phasor values at these critical points in time form a “constellation” that serves as basis for analog-to-digital conversion, and a basis for representing identity in this invention.
  • One contributions of some embodiments of this invention is to base the notion of the transmitter's identity on the persistent device-specific properties of phasor trajectory of its signals that persistently manifest themselves regardless of the information encoded in the signal.
  • a signature, or a fingerprint of a specific device is based on some notion of difference between the phasor trajectory observed at the receiver and the phasor trajectory of the “ideal signal”, i.e. theoretical signal generated by conceptual model of a perfect transmitter, unaffected by hardware impairments or channel distortion.
  • the notion of the ideal reference signal is inevitably defined by the communication protocol in use, as part of the procedure for decoding of received signals.
  • phasor trajectory is periodically sampled at frequency determined by the communication standard, effectively producing a single position of the phasor corresponding to every elementary quantum of information encoded in the signal. Therefore, the most economical embodiment of the invention will represent phasor trajectory as a single point per quantum of information encoded in the signal, thereby leveraging capabilities of existing hardware.
  • the QPSK modulation system provides a modulation “constellation” admitting four different encoding states or “symbols” represented by points 34 a (with the I and Q phases positive), points 34 b (with the I phase positive and the Q phase negative), points 34 c , (with the I and Q phases negative), and points 34 d (with the I phase negative and the Q phase positive).
  • encoding points 34 permit the encoding of two bits per symbol with point 34 a encoding bits 00 , point 34 d encoding bits 01 , point 34 b encoding bits 10 , and point 34 c encoding bits 11 .
  • Symbol encoder 32 thus takes pairs of bits and encodes them into I and Q phases represented, for example, as two voltages indicating positive or negative I and Q phase shifts.
  • the I and Q phases produced by the symbol encoder 32 may be subject to a baseband filter 36 band limiting the transmission of data (for example by metering the symbol values appropriately).
  • the output of the baseband filter 36 may then be received by digital-to-analog converter 38 for conversion to analog I and Q values.
  • phase values from the digital-to-analog converter 38 are received by a mixer 40 multiplying these values by appropriate quadrature carriers produced by a carrier oscillator 42 according to standard modulation techniques.
  • the vector sum of the modulated phase values is then provided to an IF (intermediate frequency) filter 44 removing the out-of-band signal and then up-converted at up-converter 46 by a phase-locked, up-converting signal also from the carrier oscillator 42 (of different frequency than that provided to mixer 40 ).
  • the output of the up-converter 46 is amplified by amplifier 48 and transmitted over antenna 50 .
  • the transceivers 24 may also receive a modulated signal through the antenna 50 .
  • This signal is amplified by amplifier 52 and provided to down-converter 54 receiving a down converting signal from carrier oscillator 57 (possibly the same oscillator structure used for oscillator 42 ).
  • the oscillator 57 must be closely phase (and frequency) locked to the incoming signal for phase detection and thus may employ phase and frequency lock circuit naturally providing a carrier frequency output signal which will be used as described below.
  • the output of down-converter 54 is received by IF filter 56 removing out-of-band signals and then demodulated by demodulator 58 receiving a quadrature demodulation signal from carrier oscillator 57 (typically a different frequency than that provided to the down converter 54 ).
  • the output of the demodulator 58 is received by an analog-to-digital converter 60 (for example, a threshold detector) providing digital I and Q signals to a symbol decoder 62 .
  • the symbol decoder 62 matching the phase of the digital I and Q signals per FIG. 7 then provides network data 63 to the processor 26 .
  • the described circuitry of the transceiver 24 may be generally divided into an analog section 64 and a digital section 66 .
  • the analog section 64 holds the mixer 40 , oscillators 42 and 57 , the up converter 46 and down converter 54 , IF filters 44 and 56 , the demodulator 58 , and amplifiers 48 and 52 .
  • the digital section 66 holds the symbol encoder 32 , the symbol decoder 62 , and the baseband filter 36 .
  • Digital-to-analog converter 38 and analog-to-digital converter 60 form bridges between the analog section 64 and the digital section 66 .
  • Analog circuitry deals generally with continuous voltage and current ranges as understood in the art.
  • the signals manipulated by the analog section 64 will vary continuously and slightly with slight changes in values of the analog components. Further minor changes in the signals in one section of the analog circuitry will cause additional changes in those signals in later sections of the analog circuitry as a result of the continuous functions implemented by typical analog circuitry.
  • measurable differences in the resulting transmitted signal will be produced in the analog sections of different transceivers 24 for identical digital signals being modulated by different network cards. These differences manifest themselves as, for example, phase and amplitude variations that provide for the radiometric fingerprint used by the present invention.
  • Digital circuitry deals generally with discontinuous voltages providing discrete binary levels. For this reason, minor variations in the component values within normal manufacturing tolerances and the requirements of standards such as IEEE 8802.11 do not provide significant differences in the digital signals conveyed by the digital section 66 . Further, minor changes in the digital signal in one part of the digital circuitry will normally not be propagated through the digital circuitry.
  • the transceiver 24 and in particular the receiver portion of the transceiver 24 in the base stations 16 only, is modified to measure modulation parameters of the received signals by the addition of a monitoring block 70 .
  • the monitoring block 70 captures naturally occurring signals in the analog section 64 of the receiver and digitizes them as radiometric information 71 , sending them to the processor 26 . Because the monitoring block 70 may make use of circuitry already present in the receiver, the monitoring block represents a relatively minor modification of the transceiver 24 of the base station 16 and may be readily implemented. Further, this modification is not required of the transceivers 24 of the mobile devices 12 allowing the present invention to scale well with additional users.
  • the monitoring block 70 may first capture frequency data 59 from the demodulation oscillator 57 and is phase locked to the frequency of the incoming signal from antenna 50 .
  • This frequency data 59 characterizes minor frequency shifts in the carrier signal of the received signal.
  • the monitoring block 70 may receive one or more of the raw I and Q phase values per symbol from the demodulator 58 to detect minor variations in phase and amplitude of the carrier before digitization by the analog-to-digital converter 60 .
  • This radiometric information 71 from the monitoring block 70 is digitized, and provided to the processor 26 to be conveyed in the base stations by a network card 72 to the server 20 .
  • the server 20 may include a network interface card 74 connecting it to the carrier medium 18 for receiving network data 63 and radiometric data 71 .
  • the network interface card 74 may communicate with a microprocessor 76 , the latter of which connects via an internal bus with an electronic memory 78 , for example, composed of hard disk and solid-state memory elements.
  • the memory 78 may hold a network data authentication program 80 (employing network data authenticators) and a radiometric identification program 82 (employing modulation domain data) as will be described and which operate jointly to ensure network security.
  • the memory 78 may also include NDA (network data authenticator) table 84 holding passwords or secure keys of the type known in the art and one or more radiometric identification tables 86 holding radiometric templates used for radiometric comparison as will be described.
  • NDA network data authenticator
  • the authentication program 80 and radiometric identification program 82 may work together as indicated by process block 90 to commission a new mobile device 12 .
  • This process involves assigning a network data authenticator (e.g. a password or encryption key) to the user of the mobile devices 12 as will be required for entry onto the network 22 .
  • This network data authenticator may be assigned by a network administrator or may be generated in part by the user according to well-known techniques.
  • the resulting authenticator is then stored in the NDA table 84 providing a “white list” of authorized network users.
  • This authentication process may accept or transmit the authenticator data over the network itself or may use a more secure or different channel including but not limited to person-to-person transfer, mail or voice telephone communication.
  • the particular mobile device 12 being commissioned is operated for a period of time either in a controlled environment or during an initial login by the user required to exchange authenticator data.
  • radiometric data is collected from transmissions from the mobile device 12 .
  • This radiometric data may be collected by monitoring of arbitrary transmissions from the mobile device 12 or may use a special teaching transmission set intended to expose various modulation domain properties.
  • modulation domain properties are generally those that make measurements of modulated qualities of the radiowave including, for example, those related to the frequency or phase. Many such measurements require modulation circuitry for detection and are not apparent in conventional time domain monitoring tools such as, for example, oscilloscopes.
  • the radiometric data collected may include any of the modulation domain information provided in the following Table I.
  • phase error The angle between the ideal and measured phasors Average (peak) phase error The average (or peak) value of symbol phase errors within a single frame Symbol magnitude error The difference in the scalar magnitude between the ideal and measured phasors Average (peak) magnitude The average (or peak) value of symbol error magnitude errors within a single frame Symbol error vector The magnitude of the vector difference magnitude between the measured and ideal phasors Average (peak) error vector The average (or peak) magnitude of the magnitude vector difference between measured and ideal phasors of a frame Frame I/Q origin offset The distance between the constellation origin (0, 0) and the average of measured I/Q values of a frame Frame frequency error The difference between ideal and observed carrier frequencies Frame SYNC correlation Normalized cross correlation of the observed and the ideal SYNC preambles. This is the SYNC correlation of a frame. The larger the value, the higher the modulation quality.
  • Each of these radiometric quantities may be derived from the analog section 64 used to convert digital data into transmittable radio signals by modulation, filtering, and up or down converting. These measurements may be distinguished from measurements such as signal transients, which are time domain measurements.
  • the modulation domain outputs are characteristics of the radio transmitter and largely indifferent to the underlying data being transmitted or the network protocol.
  • these different radiometric measurements may be further explained by considering the point 34 a as a point defined by the tip of an ideal phasor (vector) 94 leading from the origin 96 of the constellation diagram and representing the de-modulated phase of the transmitted signal.
  • This ideal vector 94 shown represents a perfectly modulated quadrature carrier having positive I and positive Q phases. It will be understood that similar ideal vectors 94 exist for each of the points 34 b - d.
  • an actual vector 102 may be measured representing an actual measured point 34 a ′ of the transmitted signal.
  • This vector 102 may be extracted before the analog-to-digital converter 60 by the monitoring block 70 and deviates from the ideal vector 94 defined by point 34 a to be defined instead by a point 34 a ′ that nevertheless remains within an acceptable boundary 100 for the particular modulation standard (for example 802.11).
  • This actual vector 102 will have a different length from vector 94 and thus can be used to generate a scalar magnitude difference 104 with respect to ideal vector 94 (being their difference in length).
  • This magnitude difference 104 is the symbol magnitude error described above and may be used also to calculate the average (peak) magnitude errors described above.
  • a difference vector 106 can also be defined between point 34 a and 34 a ′.
  • the magnitude (lanes) of this vector 106 provides the symbol error vector magnitude described above.
  • Vectors 94 and 102 have an angular phase difference 108 .
  • This angular phase difference 108 provides the symbol phase error and the average (peak) phase errors described above.
  • the frame frequency error is the difference between the carrier frequency and the ideal carrier frequency described with respect to oscillator 57 above and extractable from the phase frequency lock circuitry used in the receiver.
  • the frame SYNC correlation correlates an ideal frame SYNC signal with that actually detected and serves as a measurement of modulation quality. Normally each of these last three errors will be evaluated over multiple bits in a given transmission frame.
  • the collected radiometric information is stored as a radiometric template associated with a particular mobile device 12 and a network data authenticator (e.g., password) as indicated by process block 114 .
  • a network data authenticator e.g., password
  • a single copy of these radiometric templates is stored in the radiometric identification tables 86 described above at the server 20 to be shared by both base stations 16 .
  • each base station 16 may provide its own radiometric identification table 86 reflecting the coloring of the modulation data of received signals as affected by the receiver of that base station 16 .
  • the commissioning process requires sequential data collection at each of the base stations 16 for the purpose of generating the radiometric templates.
  • the receiver path of each base station 16 may be pre-characterized allowing radiometric data collected by a single base station 16 to be modified for use by the individual base stations 16 to create base station unique radiometric templates.
  • the authentication program 80 and radiometric identification program 82 may work in conjunction to permit mobile devices 12 to log on to the network 22 and be authenticated for communication with the network 22 .
  • the beginning of this authentication process uses the network data authenticators described above, such as a password or secure key or network fob or MAC address. This step relies on the transfer of digital data conventionally conveyed by wireless communication.
  • the user provides an identification that is compared against the identifications in table 84 and used to identify the appropriate radiometric templates from table 86 associated with the user who is logging in.
  • radiometric data from the user logging in is collected either through a special authorization sequence executed by the mobile device 12 as prompted by the base stations 16 or by simply monitoring the communication of frames during process block 114 .
  • the collected radiometric data is compared with the radiometric templates stored in table 86 (collected per process block 114 in the commissioning process) to detect possible imposters.
  • this comparison process may use a variety of techniques and the present invention is not limited to any particular one of these comparison techniques.
  • the comparison is made through individual ones or combinations of the known comparison techniques or their equivalents including: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles.
  • SVM system vector machine
  • the radiometric templates stored in table 86 represent individual point 122 in an n-dimensional space where n equals the number of different radiometric parameters from Table I that will be used in a comparison process and which are embodied in the radiometric templates.
  • frame frequency error, SYNC correlation, frame I/Q offset, frame magnitude error, and frame phasor error are used in that order of importance. It will be understood that variations in these subsets are also possible.
  • Each template point 122 is constructed by monitoring frames during process block 92 of the commissioning process, described above, and discarding half of the collected frames for each parameter furthest from their average in the n-dimensional space. The remaining frames are then averaged to produce a single n-dimensional point 122 stored in table 86 and indexed to the user identification obtained in process block 116 .
  • the comparison of process block 120 analyzes the distance 124 from an average of the collected data 126 at process block 118 to the template point 122 .
  • the authorization of the mobile device 12 is rejected and the program proceeds to process block 130 .
  • the program may generate an output signal indicating a mismatched output to a system operator or a log entry.
  • the authorization of the mobile device 12 may be revoked either temporarily or until a reauthorization process per FIG. 5 maybe completed again. This revocation may be effected by removing or flagging the data in table 84 .
  • the comparison process of process block 120 uses a support vector machine algorithm.
  • data points 131 obtained in process block 114 , are collected into clusters identified to a particular mobile device 12 according to table 84 and stored as the radiometric templates.
  • Data points 126 collected during the authentication process are compared to the cluster using a support vector machine algorithm which provides a confidence value indicating whether the collected data point 126 belongs to that cluster. This confidence value may be used like the threshold value above to determine the presence of an imposter if the confidence value is below a certain value. Again, depending on the confidence value at decision block 128 , the program will branch to process block 130 or 132 .
  • the sensitivity of the present invention may be varied by simply adjusting the threshold or confidence levels of the comparison process of process block 120 to either increase or decrease the security of the network.
  • the present invention is intended to work together with an identifier, for example, secure key or password and to provide an augmentation of security or to increase security of an otherwise insecure system.
  • a trade-off between high levels of security and high levels of false negatives in the system may be implemented by allowing the evolution of the template stored in table 86 over a pre-established time period, for example, a given session being the time between logging in and logging out.
  • an initial template point 140 may be replaced with a later template point 141 so that the template value may evolve over time. Restraints on this process may be had by limiting the increment of evolution 142 per given time or session and providing a limit on the maximum evolution 144 until reauthorization.
  • points 140 and 141 are points in n-dimensional space similar to that described with respect to FIGS. 8 and 9 .
  • the program for radiometric identification of the present invention is located in a server 20 shared among base stations 16 ; however, it will be recognized that the base stations 16 themselves may provide for this functionality and, in fact, there is no particular significance to how the authentication program is distributed among hardware components, this being a matter of engineering choice to the extent that it does not affect security
  • the present invention was applied to differentiating among 138 identical IEEE 802.11 network interface cards and provided accuracy in excess of 99.99%.
  • the optimal feature set for differentiation of network interface cards in order of positive effect on performance for SVM comparison was (1) frequency error, (2) SYNC correlation, (3) I/Q offset, (4) magnitude, and phase errors.
  • the optimal feature set for differentiation of network interface cards in order of positive effect on performance was: (1) frequency error, (2) SYNC correlation, (3) I/Q offset.
  • the set of network cards most susceptible to false rejections with SVM were different from the set of network cards most susceptible to false rejections with k-nearest neighbor, so improved performance may be obtained by a combination of approaches to reduce false rejection rates. Details of the methodology of this experiment are provided in the attached appendix.
  • the present invention may also find use in identifying illegal transmitters based on fingerprints extracted from their illegal transmissions.
  • the present invention may base device identity of some notion of difference between the ideal and the observed phasor trajectories.
  • the present inventors have determined that good performance is possible when the trajectory is represented by a single measurement per symbol. This approach has the advantage of minimizing the necessary modifications to the existing hardware designs.
  • performance can be improved further by collecting more fine-grained information about the phasor trajectory (this is a mathematical fact; informally, the more data the less chance of a mistake).
  • Such optimization may require a more capable receiver but will allow to capture each symbol's signal state as a curve rather than a point, thus allowing use of additional metrics of deviation from the ideal signal.
  • curves could be represented using splines and wavelets, which are well-known in the art.
  • Such mathematical entities can be defined as a set of numeric parameters. The difference in the corresponding parameters between the ideal and observed signal could serve as a basis for a new dimension of analysis.
  • further optimization can be derived from the fact that modulation fidelity of adjacent symbols is not independent.
  • the correlation can be due to environmental factors as well as the fundamental properties of the transmitter hardware. In either case correlations between modulation errors of groups of symbols can be used to detect outliers or generate new ways to compare signals.
  • Analog transmissions of the same digital data by different transmitters differ, in part, due to relative reference-level differences between them. For example, one transmitter may be biased toward positive carrier frequency offset, while another to a negative offset. This happen while neither of them is aware of the inaccuracy nor has reliable means of measuring it. A further embodiment may focus on measuring such inaccuracies at the base station. However, a natural extension to the scheme would be for a sufficiently capable base station to alter characteristics of its outgoing signals based on the intended receiver to determine the point at which the receiver is unable to demodulate the signal, and use this information as an additional dimension of transceiver's signature.
  • a receiver that is biased toward positive carrier frequency offset will fail to demodulate a signal whose carrier frequency offset is higher than some critical number. This critical number will be even higher for another receiver with a negative carrier frequency bias.
  • the transmitter can use the difference between these critical values as another way of differentiating the receivers. Similar technique can be applied to other modulation accuracy metrics discussed here.
  • the main challenge of transmitter identification based on characteristics of its transmissions is dealing with noise and distortion.
  • Performing signature extraction and comparison in the modulation domain is superior to prior approaches because it leverages existing signal processing facilities whose purpose is, essentially, to de-noise the signal for the purposes of data recovery.
  • knowledge of the signal's structure allows the invention to collect at least as many measurements as there are symbols in a signal (and more in practice), further improving resilience to noise since there is enough data to perform outlier removal, for example, by considering the middle quartile of measurements.
  • there is only one short transient per transmission meaning that misclassifications need to be averaged out across entire transmissions, not symbols.

Abstract

A network security system for wireless devices derives a fingerprint from the modulation imperfections of the analog circuitry of the wireless transceivers. These fingerprints may be compared to templates obtained when the wireless devices are initially commissioned in a secure setting and used to augment passwords or other security tools in detecting intruders on the network.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application claims the benefit of U.S. provisional applications 61/097,406 filed Sep. 16, 2008 and 61/095,216 filed Sep. 8, 2008, both hereby incorporated by reference.
    • STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT
  • This invention was made with United States government support awarded by the following agency:
      • NSF 0520152
  • The United States government has certain rights in this invention.
    • BACKGROUND OF THE INVENTION
  • The present invention relates to security systems for computer networks and, in particular, to a security system for networks employing wireless communication links.
  • Providing security for data transmitted electronically over a computer network is important to prevent the theft of data or services, preserve privacy, and prevent the introduction of malware such as viruses. One common method of ensuring network security uses a “white list” of authorized users and checks the identity of network users against this list at the time the users enter the network and/or periodically during their connection.
  • Reliably determining the identity of a user connecting to the network is not a simple matter. One method is through the use of a personal identification number (PIN), password, or encryption key known only to the user. But such keys are often lost or stolen.
  • Additional security may be had by combining a user entered key, a machine identifier such as the MAC address of a network interface card, and a unique serial number assigned to each network interface card chip. Unfortunately, it is relatively easy to forge a MAC address. For this reason, more sophisticated machine/user identifiers may be used such as hardware fobs generating a series of pseudorandom numbers in parallel with similar hardware at a network gateway. All of these authenticating techniques, which allow the authentication to be implemented through data transmitted over the network, will be termed “network data implemented authenticators” because the authenticating information is conveyed using the data transmitting qualities of the network.
  • For highly secure networks, “network data implemented authenticators” may be supplemented with techniques that do not rely on the data conveyed by the network, for example limiting connection to the network to physically secure network jacks within a building. These measures are resistant to the loss or theft of passwords or hardware password devices.
  • This latter type of supplemental identification of the user is far more difficult with a wireless network which anticipates that users may be mobile and where it is difficult to contain the wireless signal within a building or controlled environment.
    • SUMMARY OF THE INVENTION
  • The present invention provides a system that extracts a nearly unique “fingerprint” of the wireless device from imperfections in its radio transmitter circuitry and then uses such fingerprints to identify the physical transmitting device for security-related purposes. The present invention operates primarily in the “modulation domain,” i.e. at the last stages of conversion of analog signal to digital data in contrast to some radio transmitter identifications systems which represent device identity in the “waveform domain”, i.e., based on information gathered in early stages of signal acquisition that do not take advantage of the signal properties due to modulation. A test of the present invention with off-the-shelf wireless network cards indicates that sufficient variation exists even with mass-produced wireless network cards to reliably differentiate cards from each other in a typical wireless environment subject to noise, multipath effects, and channel distortion.
  • Importantly, the exploited imperfections in the radio transmitters used for this identification are a product of the underlying difficulty and cost of controlling these imperfections, making the creation of a “mimic” for any particular transmitter card disproportionately expensive to someone who would breach the security of the network.
  • Significantly, too, all network communication over the wireless card must reveal the data necessary to extract the modulation domain fingerprint making this technique inescapable. At the same time, implementation of the invention does not require any modifications to the mobile wireless devices, making it easy to deploy in existing environments.
  • As an additional benefit, the modulation domain parameters that make up the fingerprint are extracted using a process very similar to that already used in existing transceivers, making implementation of the invention relatively simple and inexpensive.
  • In detail, then, the present invention provides a secure network transceiver system for communicating network data with a plurality of mobile transceivers, each mobile transceiver having a digital signal portion communicating with an analog radio portion. The secure network includes at least one base transceiver having: (1) an analog radio portion exchanging radio signals with the mobile transceivers, the analog radio portion providing modulation domain outputs reading modulation domain qualities of received radio signals from the mobile transceivers; (2) a digital signal portion communicating digital data with the analog radio portion related to encoded content of the radio signals; and (3) an electronic computer including a processor and a memory, the electronic computer exchanging network data related to the digital data with the digital signal portion and receiving modulation domain outputs from the analog radio portion.
  • The electronic computer executes a stored program contained in memory to: (1) execute an authentication process with mobile transceivers through the exchange of network data, the authentication process employing a network data authenticator; (2) characterize received radio signals of mobile transceivers according to the modulation domain qualities indicated by the modulation domain outputs; (3) compare the characterized radio signals to pre-established characterizations of authorized mobile transceivers; and (d) generate an output indicating a possible security violation when the characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
  • It is thus an object of the invention to provide a method of uniquely identifying a wireless transmitter that is difficult to forge and that is inescapably revealed in network communications. It is another object of the invention to provide a method that does not require special modification of the wireless transmitters of mobile devices and thus is scalable at low cost.
  • The electronic computer may further execute the stored program to revoke authorization of mobile transmitters whose characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
  • It is thus an object of the invention to provide a system that may automatically and rapidly stop security breaches.
  • The modulation domain qualities may be selected from the group consisting of measurements related to trajectory of a received signal's phasor in the modulation domain. Including, but not limited to symbol phase error, symbol magnitude error, and symbol error vector magnitude. Alternatively or in addition, measurements may be related to overall modulation-domain characteristics of a received signal including, but not limited to carrier frequency offset, symbol clock offset, SYNC correlation. It is thus an object of the invention to use fundamental characteristics of analog transmitter circuitry revealed in a radio signal that provide sufficient variation to serve as transmitter identification.
  • The comparison may provide a multidimensional comparison using multiple different modulation domain qualities.
  • Thus it is an object of the invention to produce a “fingerprint” that is extremely difficult to forge requiring the simultaneous control of multiple parameters of a radio transmitter that are normally electrically inter-dependent.
  • The network may include multiple base transceivers, and each of the base transceivers may use different pre-established characterizations each unique to one base transceiver receiver or the multiple base transceivers may share pre-established characterizations.
  • It is thus an object of the invention to provide a flexible trade-off between a simple commissioning process in which a set of measurements at one base station serve all base stations, and extremely precise radiometric characterization wherein each base transceiver creates a fingerprint unique to its own receiver characteristics.
  • The comparison of the characterized radio signals may employ comparison algorithms selected from the group consisting of: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles.
  • Thus it is an object of the invention to provide high accuracy by using a sophisticated multidimensional comparison algorithm.
  • The electronic computer may further execute the stored program contained in memory to change a pre-established characterization for a mobile transceiver on a periodic basis using recent transmissions when the characterization of the recent transmissions match existing characterizations to within a second predetermined threshold or when the characterization of the recent transmissions matches an original characterization to within a second predetermined threshold.
  • It is thus an object of the invention to permit tighter characterizations of mobile transceivers by accommodating slow evolution of transceiver parameters.
  • These particular objects and advantages may apply to only some embodiments falling within the claims, and thus do not define the scope of the invention.
    • DETAILED DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a representation of a simple wireless network having three multiple mobile users communicating with two base stations, the latter connected on a network with a central server;
  • FIG. 2 is a block diagram of a transceiver of the type used by the mobile users and base stations also showing a modification used in the base stations only;
  • FIG. 3 is a block diagram of the central server of FIG. 1 such as may contain the radiometric identification program of the present invention, radiometric information, and network data authenticators for use by the invention;
  • FIG. 4 is a flow chart of a program executed by the server of FIG. 4 during the commissioning of new mobile wireless device;
  • FIG. 5 is a flow chart of a program executed by the server of FIG. 4 during a typical authorization of a pre-commissioned mobile wireless device;
  • FIG. 6 is a constellation diagram of one type of quadrature modulation suitable for use with the present invention showing the radiometric information used by the present invention;
  • FIG. 7 is a simplified representation of a nearest neighbor classification algorithm;
  • FIG. 8 is a simplified representation of a support vector machine algorithm suitable for use with the present invention;
  • FIG. 9 is a detailed fragmentary view of one quadrant of quadrature constellation of FIG. 7 showing a possible strategy for heuristic modification of the radiometric fingerprints; and
  • FIG. 10 an example of a possible phasor trajectory.
    •  DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT General Description of the Network
  • Referring now to FIG. 1, an example network 10 suitable for use with the present invention employs multiple mobile devices 12, for example, laptop computers having wireless adapters 14 such as those employing the IEEE 802.11 wireless standard well known in the art. The present invention however is not limited to the IEEE 802.11 standard.
  • When connected in a network, the mobile devices 12 may communicate by radio waves over a wireless communication channel with one of two base stations 16 (typically stationary) that may in turn communicate on a wire or optical carrier medium 18 with a central server 20. The central server 20 may have additional connections, for example, to a secure institutional network 22. In this way the mobile devices 12 may flexibly connect to the secure institutional network 22.
    • Transceiver
  • Referring now to FIG. 2, each of the wireless adapters 14 and base stations 16 may include a transceiver 24. Generally, similar transceivers 24 are used in both the network adapters and base stations 16; however, a receiver portion of the transceiver 24 is modified slightly for the base station 16 only, as will be described below. The depicted transceiver 24 is simplified and is one of many possible designs that can work with the present invention as will be understood from the following description to those of ordinary skill in the art.
  • Referring still to FIG. 2, during transmission, the transceiver 24 may receive data from a processor 26 communicating with a memory 28 and executing a stored program in the memory 28 to produce a data stream 30 to be transmitted over the wireless communication channel. This data stream 30, for example, may be data exchanged between the base stations 16 and the mobile devices 12 as part of standard network communication and may include network data authenticators for authorizing the user. When the transceiver 24 is in the base station 16, the processor 26 may operate simply to exchange data with the server 20 and is connected to a network card 72 connecting it to the carrier medium 18. When the transceiver 24 is in the mobile devices 12, the processor 26 may be the microprocessor of a laptop or other mobile device such as a cell phone, portable digital assistant, camera, music player or the like and the network card 72 is not required.
  • As is understood in the art, data of the data stream 30 will typically be organized in a frame including a data packet encoded by the data link layer for digital transmission to a node (either the base station 16 or mobile device 12). A frame will typically include a header synchronization section, a payload of network data, and a trailer, for example, of error correction codes or the like.
  • Within the transceiver 24, the data stream 30 will be received by a symbol encoder 32 which accepts sets of bits of each data packet in sequence and encodes them according to the particular encoding scheme used by the transceiver 24. In this example, it will be assumed that the transceiver 24 uses QPSK modulation (quadrature phase-shift keying) in which data is encoded in the phase of quadrature subcarriers of the transmitter radiowave. These quadrature subcarriers will be termed the in-phase subcarrier (I) and the quadrature-phase subcarrier (Q) and are separated in phase by 90°. While this modulation technique is assumed in the following example, it should be emphasized that the present invention can be used with a variety of other modulation systems including but not limited to 16-QAM, and 256 QAM.
  • In general, a transmitter encodes discrete data onto a carrier signal by continuously varying, or modulating in time some analog, that is to say, continuous property of the carrier signal. The receiver measures those variations and reconstructs signal's data payload according to the communication standard in use. Practitioners in the art use the term “phasor” to describe an instantaneous value of those modulated properties (state of the signal) at a given point in time (see FIG. 10). The exact relationship between phasor value and physical properties of a signal is defined by the communication protocol in use. Therefore, as time passes and signal's properties are changed by the transmitter, the phasor value changes accordingly. As instantaneous value of a phasor is most commonly described using two independent components known as I (in-phase component) and Q (quadrature component). In the art, a physical radio wave is then equivalent to the trajectory of the phasor in an abstract two-dimensional space commonly called I/Q or modulation domain. In fact, information may be encoded in higher-dimensional space, as is the case, for example, with MIMO (multiple input and multiple output) technology. Handling such cases would require only minor changes to the overall procedure, since, as long as the modulation format's number of symbols is finite, they can be mapped onto a two-dimensional space or multiple two-dimensional spaces.
  • The relationship between the dimensions of the modulation domain representation and waveform characteristics is determined by the communication protocol. For example, the I-dimension could correspond to the amplitude or the I-subcarrier at a point in time, and Q-dimension could be related to the phase of the Q-subcarrier. The exact relationships between waveform-domain representation and modulation-domain representation for the purposes of this invention are irrelevant, as long as they are known.
  • Therefore, we can treat phasor trajectory as the entity encoding information. However, keeping accurate track of phasor's trajectory is resource-intensive. Instead, practical systems periodically measure phasor's position at times dictated by the communication standard, and generally disregard phasor's intermediate transitions. Phasor values at these critical points in time form a “constellation” that serves as basis for analog-to-digital conversion, and a basis for representing identity in this invention.
  • One contributions of some embodiments of this invention is to base the notion of the transmitter's identity on the persistent device-specific properties of phasor trajectory of its signals that persistently manifest themselves regardless of the information encoded in the signal. Specifically, a signature, or a fingerprint of a specific device is based on some notion of difference between the phasor trajectory observed at the receiver and the phasor trajectory of the “ideal signal”, i.e. theoretical signal generated by conceptual model of a perfect transmitter, unaffected by hardware impairments or channel distortion. The notion of the ideal reference signal is inevitably defined by the communication protocol in use, as part of the procedure for decoding of received signals.
  • Consumer-grade transceivers typically do not keep precise track of phasor trajectory, as doing so would require higher sampling rates and more capable hardware than what is minimally necessary to communicate in typical environments. Instead, phasor trajectory is periodically sampled at frequency determined by the communication standard, effectively producing a single position of the phasor corresponding to every elementary quantum of information encoded in the signal. Therefore, the most economical embodiment of the invention will represent phasor trajectory as a single point per quantum of information encoded in the signal, thereby leveraging capabilities of existing hardware.
  • In our implementation even such concise trajectory representation allowed degree of accuracy suitable for many applications. However, since in such embodiment most information about phasor trajectory is discarded, an embodiment designed to deliver maximal accuracy can benefit from a more enhanced and consequently costly receiver that is required strictly for data communication alone. Referring momentarily to FIG. 7, the QPSK modulation system provides a modulation “constellation” admitting four different encoding states or “symbols” represented by points 34 a (with the I and Q phases positive), points 34 b (with the I phase positive and the Q phase negative), points 34 c, (with the I and Q phases negative), and points 34 d (with the I phase negative and the Q phase positive). These four encoding points 34 permit the encoding of two bits per symbol with point 34 a encoding bits 00, point 34 d encoding bits 01, point 34 b encoding bits 10, and point 34 c encoding bits 11. Symbol encoder 32 thus takes pairs of bits and encodes them into I and Q phases represented, for example, as two voltages indicating positive or negative I and Q phase shifts.
  • The I and Q phases produced by the symbol encoder 32 may be subject to a baseband filter 36 band limiting the transmission of data (for example by metering the symbol values appropriately). The output of the baseband filter 36 may then be received by digital-to-analog converter 38 for conversion to analog I and Q values.
  • These phase values from the digital-to-analog converter 38 are received by a mixer 40 multiplying these values by appropriate quadrature carriers produced by a carrier oscillator 42 according to standard modulation techniques. The vector sum of the modulated phase values is then provided to an IF (intermediate frequency) filter 44 removing the out-of-band signal and then up-converted at up-converter 46 by a phase-locked, up-converting signal also from the carrier oscillator 42 (of different frequency than that provided to mixer 40). The output of the up-converter 46 is amplified by amplifier 48 and transmitted over antenna 50.
  • The transceivers 24 may also receive a modulated signal through the antenna 50. This signal is amplified by amplifier 52 and provided to down-converter 54 receiving a down converting signal from carrier oscillator 57 (possibly the same oscillator structure used for oscillator 42). The oscillator 57 must be closely phase (and frequency) locked to the incoming signal for phase detection and thus may employ phase and frequency lock circuit naturally providing a carrier frequency output signal which will be used as described below.
  • The output of down-converter 54 is received by IF filter 56 removing out-of-band signals and then demodulated by demodulator 58 receiving a quadrature demodulation signal from carrier oscillator 57 (typically a different frequency than that provided to the down converter 54). The output of the demodulator 58 is received by an analog-to-digital converter 60 (for example, a threshold detector) providing digital I and Q signals to a symbol decoder 62. The symbol decoder 62 matching the phase of the digital I and Q signals per FIG. 7 then provides network data 63 to the processor 26.
  • The described circuitry of the transceiver 24 may be generally divided into an analog section 64 and a digital section 66. The analog section 64 holds the mixer 40, oscillators 42 and 57, the up converter 46 and down converter 54, IF filters 44 and 56, the demodulator 58, and amplifiers 48 and 52. The digital section 66 holds the symbol encoder 32, the symbol decoder 62, and the baseband filter 36. Digital-to-analog converter 38 and analog-to-digital converter 60 form bridges between the analog section 64 and the digital section 66.
  • Analog circuitry deals generally with continuous voltage and current ranges as understood in the art. Generally, the signals manipulated by the analog section 64 will vary continuously and slightly with slight changes in values of the analog components. Further minor changes in the signals in one section of the analog circuitry will cause additional changes in those signals in later sections of the analog circuitry as a result of the continuous functions implemented by typical analog circuitry. Within normal manufacturing tolerances and the tolerances imposed by standards such as IEEE 802.11, measurable differences in the resulting transmitted signal will be produced in the analog sections of different transceivers 24 for identical digital signals being modulated by different network cards. These differences manifest themselves as, for example, phase and amplitude variations that provide for the radiometric fingerprint used by the present invention.
  • Digital circuitry deals generally with discontinuous voltages providing discrete binary levels. For this reason, minor variations in the component values within normal manufacturing tolerances and the requirements of standards such as IEEE 8802.11 do not provide significant differences in the digital signals conveyed by the digital section 66. Further, minor changes in the digital signal in one part of the digital circuitry will normally not be propagated through the digital circuitry.
  • Referring still to FIG. 2, the transceiver 24, and in particular the receiver portion of the transceiver 24 in the base stations 16 only, is modified to measure modulation parameters of the received signals by the addition of a monitoring block 70. The monitoring block 70 captures naturally occurring signals in the analog section 64 of the receiver and digitizes them as radiometric information 71, sending them to the processor 26. Because the monitoring block 70 may make use of circuitry already present in the receiver, the monitoring block represents a relatively minor modification of the transceiver 24 of the base station 16 and may be readily implemented. Further, this modification is not required of the transceivers 24 of the mobile devices 12 allowing the present invention to scale well with additional users.
  • The monitoring block 70 may first capture frequency data 59 from the demodulation oscillator 57 and is phase locked to the frequency of the incoming signal from antenna 50. This frequency data 59 characterizes minor frequency shifts in the carrier signal of the received signal. In addition, the monitoring block 70 may receive one or more of the raw I and Q phase values per symbol from the demodulator 58 to detect minor variations in phase and amplitude of the carrier before digitization by the analog-to-digital converter 60. This radiometric information 71 from the monitoring block 70 is digitized, and provided to the processor 26 to be conveyed in the base stations by a network card 72 to the server 20.
  • Referring now to FIG. 4, the server 20 may include a network interface card 74 connecting it to the carrier medium 18 for receiving network data 63 and radiometric data 71. The network interface card 74 may communicate with a microprocessor 76, the latter of which connects via an internal bus with an electronic memory 78, for example, composed of hard disk and solid-state memory elements. The memory 78 may hold a network data authentication program 80 (employing network data authenticators) and a radiometric identification program 82 (employing modulation domain data) as will be described and which operate jointly to ensure network security. The memory 78 may also include NDA (network data authenticator) table 84 holding passwords or secure keys of the type known in the art and one or more radiometric identification tables 86 holding radiometric templates used for radiometric comparison as will be described.
    • Secure Operation of the Network Commissioning a Mobile Device
  • Referring now to FIG. 5, the authentication program 80 and radiometric identification program 82 may work together as indicated by process block 90 to commission a new mobile device 12. This process involves assigning a network data authenticator (e.g. a password or encryption key) to the user of the mobile devices 12 as will be required for entry onto the network 22. This network data authenticator may be assigned by a network administrator or may be generated in part by the user according to well-known techniques. The resulting authenticator is then stored in the NDA table 84 providing a “white list” of authorized network users. This authentication process may accept or transmit the authenticator data over the network itself or may use a more secure or different channel including but not limited to person-to-person transfer, mail or voice telephone communication.
  • At process block 92, the particular mobile device 12 being commissioned is operated for a period of time either in a controlled environment or during an initial login by the user required to exchange authenticator data. During this operation, radiometric data is collected from transmissions from the mobile device 12. This radiometric data may be collected by monitoring of arbitrary transmissions from the mobile device 12 or may use a special teaching transmission set intended to expose various modulation domain properties.
  • Referring momentarily to FIG. 7, modulation domain properties are generally those that make measurements of modulated qualities of the radiowave including, for example, those related to the frequency or phase. Many such measurements require modulation circuitry for detection and are not apparent in conventional time domain monitoring tools such as, for example, oscilloscopes. In a preferred embodiment of the invention, the radiometric data collected may include any of the modulation domain information provided in the following Table I.
  • TABLE I
    Radiometric Data Type Short description
    Symbol phase error The angle between the ideal and measured
    phasors
    Average (peak) phase error The average (or peak) value of symbol
    phase errors within a single frame
    Symbol magnitude error The difference in the scalar magnitude
    between the ideal and measured phasors
    Average (peak) magnitude The average (or peak) value of symbol
    error magnitude errors within a single frame
    Symbol error vector The magnitude of the vector difference
    magnitude between the measured and ideal phasors
    Average (peak) error vector The average (or peak) magnitude of the
    magnitude vector difference between measured and
    ideal phasors of a frame
    Frame I/Q origin offset The distance between the constellation
    origin (0, 0) and the average of measured
    I/Q values of a frame
    Frame frequency error The difference between ideal and observed
    carrier frequencies
    Frame SYNC correlation Normalized cross correlation of the
    observed and the ideal SYNC preambles.
    This is the SYNC correlation of a frame.
    The larger the value, the higher the
    modulation quality.
  • Each of these radiometric quantities may be derived from the analog section 64 used to convert digital data into transmittable radio signals by modulation, filtering, and up or down converting. These measurements may be distinguished from measurements such as signal transients, which are time domain measurements. The modulation domain outputs are characteristics of the radio transmitter and largely indifferent to the underlying data being transmitted or the network protocol.
  • Referring again to FIG. 7, these different radiometric measurements may be further explained by considering the point 34 a as a point defined by the tip of an ideal phasor (vector) 94 leading from the origin 96 of the constellation diagram and representing the de-modulated phase of the transmitted signal. This ideal vector 94 shown, represents a perfectly modulated quadrature carrier having positive I and positive Q phases. It will be understood that similar ideal vectors 94 exist for each of the points 34 b-d.
  • As a signal is received by the transceiver 24, an actual vector 102 may be measured representing an actual measured point 34 a′ of the transmitted signal. This vector 102 may be extracted before the analog-to-digital converter 60 by the monitoring block 70 and deviates from the ideal vector 94 defined by point 34 a to be defined instead by a point 34 a′ that nevertheless remains within an acceptable boundary 100 for the particular modulation standard (for example 802.11). This actual vector 102 will have a different length from vector 94 and thus can be used to generate a scalar magnitude difference 104 with respect to ideal vector 94 (being their difference in length). This magnitude difference 104 is the symbol magnitude error described above and may be used also to calculate the average (peak) magnitude errors described above.
  • A difference vector 106 can also be defined between point 34 a and 34 a′. The magnitude (lanes) of this vector 106 provides the symbol error vector magnitude described above.
  • Vectors 94 and 102 have an angular phase difference 108. This angular phase difference 108 provides the symbol phase error and the average (peak) phase errors described above.
  • It will be understood that similar metrics can be derived for the other quadrants of the constellation and used for the average or peak measurements.
  • When multiple actual points 34′ are averaged (in an average that includes equal numbers of symbols from each quadrant) they provide an average value 110 offset from the origin by an amount 112. This is the frame I/Q origin offset.
  • The frame frequency error is the difference between the carrier frequency and the ideal carrier frequency described with respect to oscillator 57 above and extractable from the phase frequency lock circuitry used in the receiver.
  • The frame SYNC correlation correlates an ideal frame SYNC signal with that actually detected and serves as a measurement of modulation quality. Normally each of these last three errors will be evaluated over multiple bits in a given transmission frame.
  • Referring again to FIG. 5, after radiometric information has been collected for the mobile device 12 to be commissioned, the collected radiometric information is stored as a radiometric template associated with a particular mobile device 12 and a network data authenticator (e.g., password) as indicated by process block 114.
  • In one embodiment, a single copy of these radiometric templates is stored in the radiometric identification tables 86 described above at the server 20 to be shared by both base stations 16. Alternatively, each base station 16 may provide its own radiometric identification table 86 reflecting the coloring of the modulation data of received signals as affected by the receiver of that base station 16. In this case, the commissioning process requires sequential data collection at each of the base stations 16 for the purpose of generating the radiometric templates. Alternatively, the receiver path of each base station 16 may be pre-characterized allowing radiometric data collected by a single base station 16 to be modified for use by the individual base stations 16 to create base station unique radiometric templates.
    • Authentication of a Commissioned Wireless Device
  • Referring now to FIG. 6, after the mobile devices 12 have been commissioned and radiometric templates established for their transceivers 24, the authentication program 80 and radiometric identification program 82 may work in conjunction to permit mobile devices 12 to log on to the network 22 and be authenticated for communication with the network 22. The beginning of this authentication process, as indicated by process block 116, uses the network data authenticators described above, such as a password or secure key or network fob or MAC address. This step relies on the transfer of digital data conventionally conveyed by wireless communication. In this authentication, the user provides an identification that is compared against the identifications in table 84 and used to identify the appropriate radiometric templates from table 86 associated with the user who is logging in.
  • At process block 118, radiometric data from the user logging in is collected either through a special authorization sequence executed by the mobile device 12 as prompted by the base stations 16 or by simply monitoring the communication of frames during process block 114.
  • At process block 120, the collected radiometric data is compared with the radiometric templates stored in table 86 (collected per process block 114 in the commissioning process) to detect possible imposters.
  • Referring now to FIG. 8, this comparison process may use a variety of techniques and the present invention is not limited to any particular one of these comparison techniques. In the preferred embodiments, the comparison is made through individual ones or combinations of the known comparison techniques or their equivalents including: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles. The techniques of a “k-nearest neighbor” comparison or a “system vector machine” (SVM) comparison are described briefly below.
  • In the k-nearest neighbor approach, the radiometric templates stored in table 86 represent individual point 122 in an n-dimensional space where n equals the number of different radiometric parameters from Table I that will be used in a comparison process and which are embodied in the radiometric templates. In a preferred version of this embodiment of the present invention, frame frequency error, SYNC correlation, frame I/Q offset, frame magnitude error, and frame phasor error are used in that order of importance. It will be understood that variations in these subsets are also possible.
  • Each template point 122, in this case, is constructed by monitoring frames during process block 92 of the commissioning process, described above, and discarding half of the collected frames for each parameter furthest from their average in the n-dimensional space. The remaining frames are then averaged to produce a single n-dimensional point 122 stored in table 86 and indexed to the user identification obtained in process block 116.
  • The comparison of process block 120, in this case, analyzes the distance 124 from an average of the collected data 126 at process block 118 to the template point 122.
  • If that distance 124 is greater than a certain amount, then at decision block 128, the authorization of the mobile device 12 is rejected and the program proceeds to process block 130. At process block 130, the program may generate an output signal indicating a mismatched output to a system operator or a log entry. As noted, optionally at process block 134, the authorization of the mobile device 12 may be revoked either temporarily or until a reauthorization process per FIG. 5 maybe completed again. This revocation may be effected by removing or flagging the data in table 84.
  • On the other hand, if the average of the collected data 126 is within a predetermined distance of the indicated template point 122, then network connection is authorized and the program proceeds to process block 132 allowing the mobile device 12 access to the network 22.
  • Referring to FIG. 9, in a second embodiment, the comparison process of process block 120 uses a support vector machine algorithm. In this embodiment, data points 131, obtained in process block 114, are collected into clusters identified to a particular mobile device 12 according to table 84 and stored as the radiometric templates. Data points 126 collected during the authentication process are compared to the cluster using a support vector machine algorithm which provides a confidence value indicating whether the collected data point 126 belongs to that cluster. This confidence value may be used like the threshold value above to determine the presence of an imposter if the confidence value is below a certain value. Again, depending on the confidence value at decision block 128, the program will branch to process block 130 or 132.
  • It will be understood that the sensitivity of the present invention may be varied by simply adjusting the threshold or confidence levels of the comparison process of process block 120 to either increase or decrease the security of the network. The present invention is intended to work together with an identifier, for example, secure key or password and to provide an augmentation of security or to increase security of an otherwise insecure system.
  • Referring now to FIG. 10, a trade-off between high levels of security and high levels of false negatives in the system may be implemented by allowing the evolution of the template stored in table 86 over a pre-established time period, for example, a given session being the time between logging in and logging out. In such a system, an initial template point 140 may be replaced with a later template point 141 so that the template value may evolve over time. Restraints on this process may be had by limiting the increment of evolution 142 per given time or session and providing a limit on the maximum evolution 144 until reauthorization. It will be understood that points 140 and 141 are points in n-dimensional space similar to that described with respect to FIGS. 8 and 9.
  • As described, the program for radiometric identification of the present invention is located in a server 20 shared among base stations 16; however, it will be recognized that the base stations 16 themselves may provide for this functionality and, in fact, there is no particular significance to how the authentication program is distributed among hardware components, this being a matter of engineering choice to the extent that it does not affect security
    • Example I
  • The present invention was applied to differentiating among 138 identical IEEE 802.11 network interface cards and provided accuracy in excess of 99.99%. The optimal feature set for differentiation of network interface cards in order of positive effect on performance for SVM comparison was (1) frequency error, (2) SYNC correlation, (3) I/Q offset, (4) magnitude, and phase errors. For k-nearest neighbor comparison, the optimal feature set for differentiation of network interface cards in order of positive effect on performance was: (1) frequency error, (2) SYNC correlation, (3) I/Q offset. Interestingly, the set of network cards most susceptible to false rejections with SVM, were different from the set of network cards most susceptible to false rejections with k-nearest neighbor, so improved performance may be obtained by a combination of approaches to reduce false rejection rates. Details of the methodology of this experiment are provided in the attached appendix.
  • The present invention may also find use in identifying illegal transmitters based on fingerprints extracted from their illegal transmissions.
    • Alternative Embodiments
  • As noted, the present invention may base device identity of some notion of difference between the ideal and the observed phasor trajectories. The present inventors have determined that good performance is possible when the trajectory is represented by a single measurement per symbol. This approach has the advantage of minimizing the necessary modifications to the existing hardware designs.
  • However, in an alternative embodiment, performance can be improved further by collecting more fine-grained information about the phasor trajectory (this is a mathematical fact; informally, the more data the less chance of a mistake). Such optimization may require a more capable receiver but will allow to capture each symbol's signal state as a curve rather than a point, thus allowing use of additional metrics of deviation from the ideal signal. For example, in addition to analyses described here, curves could be represented using splines and wavelets, which are well-known in the art. Such mathematical entities can be defined as a set of numeric parameters. The difference in the corresponding parameters between the ideal and observed signal could serve as a basis for a new dimension of analysis.
  • In a further embodiment, further optimization can be derived from the fact that modulation fidelity of adjacent symbols is not independent. The correlation can be due to environmental factors as well as the fundamental properties of the transmitter hardware. In either case correlations between modulation errors of groups of symbols can be used to detect outliers or generate new ways to compare signals.
  • Analog transmissions of the same digital data by different transmitters differ, in part, due to relative reference-level differences between them. For example, one transmitter may be biased toward positive carrier frequency offset, while another to a negative offset. This happen while neither of them is aware of the inaccuracy nor has reliable means of measuring it. A further embodiment may focus on measuring such inaccuracies at the base station. However, a natural extension to the scheme would be for a sufficiently capable base station to alter characteristics of its outgoing signals based on the intended receiver to determine the point at which the receiver is unable to demodulate the signal, and use this information as an additional dimension of transceiver's signature.
  • For example, a receiver that is biased toward positive carrier frequency offset will fail to demodulate a signal whose carrier frequency offset is higher than some critical number. This critical number will be even higher for another receiver with a negative carrier frequency bias. The transmitter can use the difference between these critical values as another way of differentiating the receivers. Similar technique can be applied to other modulation accuracy metrics discussed here.
    • ADVANTAGES OVER PRIOR ART
  • The main challenge of transmitter identification based on characteristics of its transmissions is dealing with noise and distortion. Performing signature extraction and comparison in the modulation domain is superior to prior approaches because it leverages existing signal processing facilities whose purpose is, essentially, to de-noise the signal for the purposes of data recovery.
  • For example, approaches based on signal transients during power-on ramps (waveform domain techniques) are necessarily performed at the lowest layer of measurement because transients are unstructured and it is difficult to tell which properties of the transient are due to the transmitter's hardware and which are due to noise. In contrast, the present invention leverages structural knowledge of the modulation scheme being used to separate intentional (due to transmitter) and unintentional (due to noise) features of the signal. In a sense, this approach operates at the last analog stage of the communication process where continuous (I/Q) values falling in certain ranges are mapped to discrete values, as specified by the modulation format.
  • The theoretical downside of this approach is that it requires knowledge of the modulation scheme being used (unlike transient-based approaches). However, this is a nonissue in the context of network security, where all necessary information is always available.
  • Moreover, knowledge of the signal's structure allows the invention to collect at least as many measurements as there are symbols in a signal (and more in practice), further improving resilience to noise since there is enough data to perform outlier removal, for example, by considering the middle quartile of measurements. In contrast, there is only one short transient per transmission, meaning that misclassifications need to be averaged out across entire transmissions, not symbols.
  • It is specifically intended that the present invention not be limited to the embodiments and illustrations contained herein, but include modified forms of those embodiments including portions of the embodiments and combinations of elements of different embodiments as come within the scope of the following claims.

Claims (19)

1. A secure network transceiver system for communicating network data with a plurality of mobile transceivers, each mobile transceiver having a digital signal portion communicating with an analog radio portion, the secure network transceiver system comprising:
at least one base transceiver having:
an analog radio portion exchanging radio signals with the mobile transceivers, the analog radio portion including modulation domain outputs reading modulation domain qualities of received radio signals from the mobile transceivers;
a digital signal portion communicating digital data with the analog radio portion related to encoded content of the radio signals;
an electronic computer including a processor and a memory, the electronic computer exchanging network data related to the digital data with the digital signal portion and receiving modulation domain outputs from the analog radio portion, the electronic computer further executing a stored program contained in memory to:
(a) execute an authentication process with mobile transceivers through an exchange of network data, the authentication process employing a networks data authenticator;
(b) characterize received radio signals of mobile transceivers according to the modulation domain qualities indicated by the modulation domain outputs;
(c) compare the characterized radio signals to pre-established characterizations of authorized mobile transceivers; and
(d) generate an output indicating a possible security violation when the characterized radio signals do not match pre-established characterizations to within at least one predetermined criterion.
2. The secure network transceiver system of claim 1 wherein the electronic computer further executes the stored program contained in memory to:
(e) respond to the output to revoke authorization of mobile transmitters whose characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
3. The secure network transceiver system of claim 1 wherein the modulation domain qualities are selected from the group consisting of measurements of: symbol phase error, symbol magnitude error, and symbol error vector magnitude.
4. The secure network transceiver system of claim 3 wherein the modulation domain qualities include each of: symbol phase error and symbol magnitude error
5. The secure network transceiver system of claim 3 wherein the modulation domain qualities include each of: radio frequency error and frame SYNC correlation error.
6. The secure network transceiver system of claim 1 wherein the modulation domain qualities are selected from the group consisting of measurements of: carrier frequency offset, symbol clock offset, SYNC correlation.
7. The secure network transceiver system of claim 6 wherein the transceivers are 802.11 compliant.
8. The secure network transceiver system of claim 1 wherein the comparison of characterized radio signals provides a multidimensional comparison using multiple different modulation domain qualities.
9. The secure network transceiver system of claim 1 wherein the comparison of characterized radio signals employs comparison algorithms selected from the group consisting of: k-nearest-neighbor, support vector machines, decision trees, neural networks, Bayesian-based algorithms, polynomial classifiers, regression fitting, hidden Markov models, Gaussian mixture models, radial basis functions, classifier boosting, classifier ensembles.
10. The secure network transceiver system of claim 9 wherein the comparison of characterized radio signals employs a combination of at least two different comparison algorithms operating independently to make a comparison and then combining the results.
11. The secure network transceiver system of claim 1 including multiple base transceivers wherein each of the base transceivers uses a different pre-established characterization specific to a given base transceiver receiver.
12. The secure network transceiver system of claim 1 including multiple base transceivers wherein the multiple base transceivers share pre-established characterizations.
13. The secure network transceiver system of claim 1 wherein the electronic computer further executes the stored program contained in memory to characterize a new authorized mobile transceiver having a new secure key to produce a pre-established characterization for the new authorized mobile transceiver to be added to the pre-established characterizations of authorized mobile transceivers.
14. The secure network transceiver system of claim 1 wherein the electronic computer further executes the stored program contained in memory to change a pre-established characterization for a mobile transceiver on a periodic basis using recent transmissions when the characterization of the recent transmissions matches existing characterizations to within a second predetermined threshold.
15. The secure network transceiver system of claim 1 wherein the electronic computer further executes the stored program contained in memory to change a pre-established characterization for a mobile transceiver on a periodic basis using recent transmissions when the characterization of the recent transmissions matches an original characterization to within a second predetermined threshold.
16. A method of establishing a secure wireless network using a base transceiver communicating with a plurality of mobile transceivers, the base transceiver having an analog radio portion exchanging radio signals with the mobile transceivers, the analog radio portion including modulation domain outputs reading modulation domain qualities of received radio signals from the mobile transceivers, the method comprising:
(a) executing an authentication process with mobile transceivers through an exchange of network data, the authentication process employing a network data authenticator;
(b) characterizing received radio signals of mobile transceivers according to the modulation domain qualities indicated by the modulation domain outputs;
(c) comparing the characterized radio signals to pre-established characterizations of authorized mobile transceivers;
(d) generating an output indicating a possible security violation when characterized radio signals do not match pre-established characterizations to within a predetermined threshold.
17. The method of claim 16 further including:
(e) responding to the output to revoke authorization of mobile transmitters whose characterize radio signals do not match pre-established characterizations to within a predetermined threshold until a new security key has been established for those mobile transmitters.
18. The method of claim 16 further wherein the modulation domain qualities are selected from the group consisting of measurements of: symbol phase error, symbol magnitude error, radio frequency error, frame SYNC correlation error.
19. The method of claim 16 further including:
(e) allowing the mobile transceivers to use any commercially available 802.11 compatible wireless transceiver.
US12/555,369 2008-09-08 2009-09-08 Secure Wireless Network Using Radiometric Signatures Abandoned US20100100936A1 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
US12/555,369 US20100100936A1 (en) 2008-09-08 2009-09-08 Secure Wireless Network Using Radiometric Signatures
US15/600,220 US10397080B2 (en) 2008-09-08 2017-05-19 Secure wireless network using radiometric signatures

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
US9521608P 2008-09-08 2008-09-08
US9740608P 2008-09-16 2008-09-16
US12/555,369 US20100100936A1 (en) 2008-09-08 2009-09-08 Secure Wireless Network Using Radiometric Signatures

Related Child Applications (1)

Application Number Title Priority Date Filing Date
US15/600,220 Continuation US10397080B2 (en) 2008-09-08 2017-05-19 Secure wireless network using radiometric signatures

Publications (1)

Publication Number Publication Date
US20100100936A1 true US20100100936A1 (en) 2010-04-22

Family

ID=42007171

Family Applications (6)

Application Number Title Priority Date Filing Date
US12/555,369 Abandoned US20100100936A1 (en) 2008-09-08 2009-09-08 Secure Wireless Network Using Radiometric Signatures
US12/555,452 Active 2030-09-23 US8218493B2 (en) 2008-09-08 2009-09-08 System and method for interference mitigation in wireless networks
US12/555,379 Active 2030-10-23 US8498592B2 (en) 2008-09-08 2009-09-08 Method and apparatus for improving energy efficiency of mobile devices through energy profiling based rate adaptation
US12/555,462 Active 2030-10-07 US8233493B2 (en) 2008-09-08 2009-09-08 Packet router having improved packet classification
US12/555,353 Active 2030-01-30 US8005114B2 (en) 2008-09-08 2009-09-08 Method and apparatus to vary the transmission bit rate within individual wireless packets through multi-rate packetization
US15/600,220 Active US10397080B2 (en) 2008-09-08 2017-05-19 Secure wireless network using radiometric signatures

Family Applications After (5)

Application Number Title Priority Date Filing Date
US12/555,452 Active 2030-09-23 US8218493B2 (en) 2008-09-08 2009-09-08 System and method for interference mitigation in wireless networks
US12/555,379 Active 2030-10-23 US8498592B2 (en) 2008-09-08 2009-09-08 Method and apparatus for improving energy efficiency of mobile devices through energy profiling based rate adaptation
US12/555,462 Active 2030-10-07 US8233493B2 (en) 2008-09-08 2009-09-08 Packet router having improved packet classification
US12/555,353 Active 2030-01-30 US8005114B2 (en) 2008-09-08 2009-09-08 Method and apparatus to vary the transmission bit rate within individual wireless packets through multi-rate packetization
US15/600,220 Active US10397080B2 (en) 2008-09-08 2017-05-19 Secure wireless network using radiometric signatures

Country Status (1)

Country Link
US (6) US20100100936A1 (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100313025A1 (en) * 2009-06-05 2010-12-09 Rochester Institute Of Technology Methods establishing a symmetric encryption key and devices thereof
US9083527B1 (en) * 2012-08-31 2015-07-14 Symantec Corporation Using mobile data to establish a shared secret in second-factor authentication
US20210204122A1 (en) * 2018-06-19 2021-07-01 University Of Notre Dame Du Lac Security for Wireless Communications

Families Citing this family (51)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060167838A1 (en) * 2005-01-21 2006-07-27 Z-Force Communications, Inc. File-based hybrid file storage scheme supporting multiple file switches
ATE537670T1 (en) * 2008-12-23 2011-12-15 Abb Research Ltd MULTI-NETWORK MANAGER, METHOD AND SYSTEM
CN101860948B (en) * 2009-04-13 2014-07-30 华为技术有限公司 Method, equipment and system for regulating power consumption
US8213453B1 (en) * 2009-08-07 2012-07-03 Juniper Networks, Inc. Quality of service (QoS) configuration for network devices with multiple queues
WO2011071425A1 (en) * 2009-12-08 2011-06-16 Telefonaktiebolaget L M Ericsson (Publ) Method and arrangement for energy consumption balancing between base stations in a communication system
US20110298598A1 (en) * 2010-06-02 2011-12-08 Sokwoo Rhee System and Method for Low Latency Sensor Network
US8627448B2 (en) 2010-11-02 2014-01-07 Jose Renato Santos Selective invalidation of packet filtering results
JP5807676B2 (en) * 2010-12-15 2015-11-10 日本電気株式会社 Packet classifier, packet classification method, and packet classification program
EP2472948A2 (en) * 2010-12-28 2012-07-04 Thomson Licensing Method and processing device for optimal interference estimation and scheduling in a multi-hop wireless network with centralized control
US8966182B2 (en) * 2011-02-08 2015-02-24 International Business Machines Corporation Software and hardware managed dual rule bank cache for use in a pattern matching accelerator
US9208438B2 (en) 2011-08-02 2015-12-08 Cavium, Inc. Duplication in decision trees
US9183244B2 (en) 2011-08-02 2015-11-10 Cavium, Inc. Rule modification in decision trees
US10229139B2 (en) 2011-08-02 2019-03-12 Cavium, Llc Incremental update heuristics
WO2013020001A1 (en) 2011-08-02 2013-02-07 Cavium, Inc. Lookup front end output processor
US8645412B2 (en) * 2011-10-21 2014-02-04 International Business Machines Corporation Computing correlated aggregates over a data stream
US9379868B2 (en) * 2011-12-05 2016-06-28 Broadcom Corporation Subsequent association identifier (AID) update within single user, multiple user, multiple access, and/or MIMO wireless communications
US20140006537A1 (en) * 2012-06-28 2014-01-02 Wiliam H. TSO High speed record and playback system
WO2014006507A2 (en) * 2012-07-02 2014-01-09 Marvell Israel (M.I.S.L.) Ltd. Systems and methods for providing replicated data from memories to processing clients
US9672239B1 (en) * 2012-10-16 2017-06-06 Marvell Israel (M.I.S.L.) Ltd. Efficient content addressable memory (CAM) architecture
US11044009B2 (en) 2013-03-14 2021-06-22 Everactive, Inc. Methods and apparatus for networking using a proxy device and backchannel communication
US10420072B2 (en) 2013-03-14 2019-09-17 Everactive, Inc. Methods and apparatus for low power wireless communication
CN105379155B (en) * 2013-03-14 2019-06-14 皮斯基克有限公司 Method and apparatus for being carried out wireless communication via predefined sequence
US10083200B2 (en) 2013-03-14 2018-09-25 Cavium, Inc. Batch incremental update
US9595003B1 (en) 2013-03-15 2017-03-14 Cavium, Inc. Compiler with mask nodes
US9195939B1 (en) * 2013-03-15 2015-11-24 Cavium, Inc. Scope in decision trees
US10229144B2 (en) 2013-03-15 2019-03-12 Cavium, Llc NSP manager
US9219694B2 (en) * 2013-03-15 2015-12-22 Wisconsin Alumni Research Foundation Content addressable memory with reduced power consumption
CN104427632B (en) * 2013-09-11 2019-11-26 中兴通讯股份有限公司 Data transmission scheduling method, device and system
US9020483B1 (en) 2013-11-26 2015-04-28 At&T Mobility Ii Llc Setting voice and data priority using a registration message
US9544402B2 (en) 2013-12-31 2017-01-10 Cavium, Inc. Multi-rule approach to encoding a group of rules
US9275336B2 (en) 2013-12-31 2016-03-01 Cavium, Inc. Method and system for skipping over group(s) of rules based on skip group rule
US9667446B2 (en) 2014-01-08 2017-05-30 Cavium, Inc. Condition code approach for comparing rule and packet data that are provided in portions
US10129181B2 (en) * 2014-08-16 2018-11-13 New York University Controlling the reactive caching of wildcard rules for packet processing, such as flow processing in software-defined networks
US9591021B2 (en) * 2014-08-20 2017-03-07 Mcafee, Inc. Zero day threat detection using host application/program to user agent mapping
US20160335298A1 (en) * 2015-05-12 2016-11-17 Extreme Networks, Inc. Methods, systems, and non-transitory computer readable media for generating a tree structure with nodal comparison fields and cut values for rapid tree traversal and reduced numbers of full comparisons at leaf nodes
WO2017130824A1 (en) * 2016-01-26 2017-08-03 日本電気株式会社 Information processing device, information processing method, and recording medium containing information processing program
US9854528B2 (en) 2016-04-05 2017-12-26 At&T Intellectual Property I, L.P. Tuning networks and user equipment using a power profile
US10517021B2 (en) 2016-06-30 2019-12-24 Evolve Cellular Inc. Long term evolution-primary WiFi (LTE-PW)
EP3270621B1 (en) * 2016-07-11 2020-02-26 Alcatel Lucent Method and device for controlling a wireless access point
US10616030B2 (en) 2017-05-20 2020-04-07 Microsoft Technology Licensing, Llc Signal design for diverse data rates
WO2019136713A1 (en) * 2018-01-12 2019-07-18 Oppo广东移动通信有限公司 Data transmission method and device
US11096191B2 (en) * 2018-05-21 2021-08-17 Qualcomm Incorporated UE-centric clustering and efficient scheduling for CoMP
US10594727B2 (en) 2018-07-17 2020-03-17 Levl Technologies, Inc. Relay attack prevention
GB2580284B (en) * 2018-08-13 2021-01-06 Metaswitch Networks Ltd Generating packet processing graphs
WO2020044233A1 (en) 2018-08-27 2020-03-05 Levl Technologies, Inc. Carrier frequency offset modeling for radio frequency fingerprinting
WO2020070594A1 (en) * 2018-10-03 2020-04-09 Levl Technologies, Inc. Carrier frequency estimation for radio frequency fingerprinting
US10873488B2 (en) * 2019-01-22 2020-12-22 Qualcomm Incorporated Intra-packet rate adaptation for high capacity
US11146299B2 (en) 2019-09-09 2021-10-12 Everactive, Inc. Wireless receiver apparatus and method
US11431434B2 (en) 2019-12-10 2022-08-30 Electronics And Telecommunications Research Institute Method and apparatus for secure communication in wireless communication system
US11758480B2 (en) 2020-02-14 2023-09-12 Everactive Inc. Method and system for low power and secure wake-up radio
WO2023113110A1 (en) * 2021-12-15 2023-06-22 Samsung Electronics Co., Ltd. Method and system for authenticating wireless devices

Citations (38)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5440758A (en) * 1994-04-12 1995-08-08 Motorola, Inc. Method of preventing unauthorized access to a wireless communication system
US5706307A (en) * 1994-03-18 1998-01-06 Detemobil Deutsche Telekom Mobilfunk Gmbh Method and arrangement for the determination of the ratio for common-channel or adjacent-channel interferers in digital mobile communication networks
US5715518A (en) * 1996-03-06 1998-02-03 Cellular Technical Services Company, Inc. Adaptive waveform matching for use in transmitter identification
US5905949A (en) * 1995-12-21 1999-05-18 Corsair Communications, Inc. Cellular telephone fraud prevention system using RF signature analysis
US5999806A (en) * 1997-02-28 1999-12-07 Cellular Technical Services Company, Inc. Waveform collection for use in wireless telephone identification
US6035188A (en) * 1996-06-27 2000-03-07 Cellular Technical Services Company, Inc. Active waveform collection for use in transmitter identification
US6269246B1 (en) * 1998-09-22 2001-07-31 Ppm, Inc. Location determination using RF fingerprinting
US20020034191A1 (en) * 1998-02-12 2002-03-21 Shattil Steve J. Method and apparatus for transmitting and receiving signals having a carrier interferometry architecture
US6385448B1 (en) * 1998-03-16 2002-05-07 Ericsson Inc. Predictive registration identification timer
US6396818B1 (en) * 1998-03-20 2002-05-28 Ericsson Inc. Call routing interface for satellite communications user terminals
US20020065048A1 (en) * 1999-07-28 2002-05-30 Kazuo Nagatani Method and apparatus for compensating for distortion in radio apparatus
US6437735B1 (en) * 2000-09-07 2002-08-20 Ericsson Inc. Position detection system integrated into mobile terminal
US20020118834A1 (en) * 2001-02-28 2002-08-29 Wilson Dennis L. Analog privacy scrambler and scrambling method
US20020196188A1 (en) * 2001-06-25 2002-12-26 Harris Corporation System and method for determining the location of a transmitter using passive reflectors or refractors as proxy receivers and using database querying
US20030008668A1 (en) * 1998-09-22 2003-01-09 Ppm, Inc. Location determination using RF fingerprinting
US20030021582A1 (en) * 2001-07-27 2003-01-30 Nec Corporation Time shift reproduction method and device and bookmark being used in same
US20030110400A1 (en) * 2001-12-10 2003-06-12 Cartmell Brian Ross Method and system for blocking unwanted communications
US20030227342A1 (en) * 2002-06-07 2003-12-11 Dongtai Liu Multimode modulator employing a phase lock loop for wireless communications
US20040015990A1 (en) * 2000-10-18 2004-01-22 Sharp Kabushiki Kaisha Radio communication apparatus, transmitter apparatus and receiver apparatus
US6748036B1 (en) * 1997-12-18 2004-06-08 Nec Corporation Radio receiving method and apparatus
US20040166818A1 (en) * 2003-02-24 2004-08-26 Networkfab Corporation Method and system for emitter identification using transmission signatures
US20040192361A1 (en) * 2003-03-31 2004-09-30 Tadiran Communications Ltd. Reliable telecommunication
US20050143051A1 (en) * 2003-12-30 2005-06-30 Welgate Corporation Mobile authentication/financial transaction system using a unique mobile identification code and method thereof
US6915123B1 (en) * 2000-03-02 2005-07-05 Lucent Technologies Inc. Method and system for monitoring an operational area of a subscriber station
US20050163090A1 (en) * 2002-12-25 2005-07-28 Nobuhisa Aoki Wireless communications system, relaying apparatus and mobile terminal
US20050225396A1 (en) * 2004-04-08 2005-10-13 M/A-Com, Eurotec B.V. Bias circuit for power amplifier operated as a digital to analog converter
US20060008029A1 (en) * 2002-12-18 2006-01-12 Houman Jafari Transmitter stage
US20060126754A1 (en) * 2003-02-20 2006-06-15 Nikolai Filimonov Efficient modulation of rf signals
US20070025265A1 (en) * 2005-07-22 2007-02-01 Porras Phillip A Method and apparatus for wireless network security
US20070178914A1 (en) * 2006-01-31 2007-08-02 Microsoft Corporation Determining the network location of a user device based on transmitter fingerprints
US20070253499A1 (en) * 2006-01-26 2007-11-01 Texas Instruments Incorporated Robust Detection of Packet Types
US20070264939A1 (en) * 2006-05-09 2007-11-15 Cognio, Inc. System and Method for Identifying Wireless Devices Using Pulse Fingerprinting and Sequence Analysis
US20080024269A1 (en) * 2006-07-28 2008-01-31 Fuji Xerox Co., Ltd. Authenticity determination system of responder, identification system, and interrogation unit
US20080244707A1 (en) * 2007-03-26 2008-10-02 Bowser Robert A Wireless transmitter identity validation in a wireless network
US20090287764A1 (en) * 2008-05-15 2009-11-19 Motorola, Inc. Media access control server for radio access network
US7639806B2 (en) * 2004-03-24 2009-12-29 Iowa State University Research Foundation, Inc. Fingerprinting digital devices using electromagnetic characteristics of their communications
US8176533B1 (en) * 2006-11-06 2012-05-08 Oracle America, Inc. Complementary client and user authentication scheme
US8509735B2 (en) * 2005-08-25 2013-08-13 Motorola Mobility Llc Method and apparatus to facilitate detection of an unauthorized communication system user

Family Cites Families (57)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5329591A (en) * 1993-04-23 1994-07-12 Magrill Barry J Transmitter identification and validation system and method
US5893031A (en) * 1996-06-27 1999-04-06 Cellular Technical Services Company, Inc. System and method for collection of transmission characteristics
GB2315955B (en) * 1996-07-31 1998-06-24 Lucent Technologies Inc Subscriber authentication for radio local loop system
US5970405A (en) * 1997-02-28 1999-10-19 Cellular Technical Services Co., Inc. Apparatus and method for preventing fraudulent calls in a wireless telephone system using destination and fingerprint analysis
US5999807A (en) * 1997-02-28 1999-12-07 Cellular Technical Services Company, Inc. System and method for the verification of authentic telephone numbers in a wireless telephone system
JP3202658B2 (en) * 1997-06-20 2001-08-27 日本電気株式会社 Variable rate CDMA transmission power control method
US6101168A (en) * 1997-11-13 2000-08-08 Qualcomm Inc. Method and apparatus for time efficient retransmission using symbol accumulation
AU743933B2 (en) * 1998-07-20 2002-02-07 Robert Bosch Gmbh An entry system
EP1177668A2 (en) * 1999-05-10 2002-02-06 Nokia Corporation Header compression
JP3334753B2 (en) * 1999-06-15 2002-10-15 日本電気株式会社 Mobile terminal, mobile communication system, and method for suppressing power consumption of mobile terminal
JP4385489B2 (en) * 2000-03-03 2009-12-16 ソニー株式会社 COMMUNICATION SYSTEM, COMMUNICATION METHOD, AND COMMUNICATION DEVICE
US7257094B2 (en) * 2001-01-16 2007-08-14 Texas Instruments Incorporated Jointly controlling transmission rate and power in a communications system
US7193997B2 (en) * 2001-03-19 2007-03-20 International Business Machines Corporation Packet classification
US20020147025A1 (en) * 2001-04-05 2002-10-10 Telefonaktiebolaget Lm Ericsson Systems and methods for base station signal transmission power control
US6526031B1 (en) * 2001-06-21 2003-02-25 Motorola, Inc. Forward power control determination in spread spectrum communications systems
US6819938B2 (en) * 2001-06-26 2004-11-16 Qualcomm Incorporated System and method for power control calibration and a wireless communication device
JP4149145B2 (en) * 2001-06-27 2008-09-10 富士通株式会社 Network side apparatus and power management method for mobile communication system
US7095715B2 (en) * 2001-07-02 2006-08-22 3Com Corporation System and method for processing network packet flows
US7046966B2 (en) * 2001-08-24 2006-05-16 Kyocera Wireless Corp. Method and apparatus for assigning data rate in a multichannel communication system
CN1235354C (en) * 2001-10-04 2006-01-04 株式会社Ntt都科摩 Radio control apparatus, base station, mobile communication method, mobile communication program recording medium containing the same, and mobile communication system
US6735420B2 (en) * 2001-12-18 2004-05-11 Globespanvirata, Inc. Transmit power control for multiple rate wireless communications
US7184407B1 (en) * 2002-05-10 2007-02-27 Cisco Systems Wireless Networking (Australia) Pty Limited Detecting, reporting and mitigating hidden nodes in a wireless data network
US7079812B2 (en) * 2002-05-16 2006-07-18 Cognio, Inc. Systems and methods for interference mitigation with respect to periodic interferers in short-range wireless applications
KR100429904B1 (en) * 2002-05-18 2004-05-03 한국전자통신연구원 Router providing differentiated quality-of-service and fast internet protocol packet classification method for the same
US7221701B2 (en) * 2002-08-28 2007-05-22 Altratek, Inc. System and method for CDMA communications
BRPI0315991B1 (en) * 2002-11-04 2016-08-23 Blackberry Ltd mobile device for transmitting a wireless signal and method of amplifying a signal generated on a mobile device
US7328037B2 (en) * 2002-12-09 2008-02-05 Intel Corporation Method and apparatus to control transmitter
JP3809415B2 (en) * 2002-12-26 2006-08-16 松下電器産業株式会社 Transmission power determination device and transmission power determination method
WO2004095758A2 (en) * 2003-04-22 2004-11-04 Cognio, Inc. Signal classification methods for scanning receiver and other applications
JP4030482B2 (en) * 2003-08-18 2008-01-09 シャープ株式会社 I / Q demodulation circuit
US7831087B2 (en) * 2003-10-31 2010-11-09 Hewlett-Packard Development Company, L.P. Method for visual-based recognition of an object
US7610495B2 (en) * 2003-11-25 2009-10-27 Agere Systems Inc. Method and apparatus for power management using transmission mode with reduced power
US7894844B2 (en) * 2003-12-26 2011-02-22 Agere Systems Inc. Method and apparatus for automatic transmit power variation in a wireless communication system
US7333563B2 (en) * 2004-02-20 2008-02-19 Research In Motion Limited Method and apparatus for improving power amplifier efficiency in wireless communication systems having high peak to average power ratios
US7436832B2 (en) * 2004-05-05 2008-10-14 Gigamon Systems Llc Asymmetric packets switch and a method of use
US7653408B1 (en) * 2004-10-08 2010-01-26 Marvell International Ltd. Self-adaptive transmit power control for wireless network
US7408898B1 (en) * 2004-12-20 2008-08-05 The United States Of America As Represented By The United States Department Of Energy Flexible network wireless transceiver and flexible network telemetry transceiver
US20060136997A1 (en) * 2004-12-21 2006-06-22 Eastman Kodak Company Authentication system and method
US7463583B2 (en) * 2005-03-03 2008-12-09 Stmicroelectronics Ltd. Wireless LAN data rate adaptation
US7813695B2 (en) * 2005-05-06 2010-10-12 Telefonaktiebolaget L M Ericsson (Publ) Mobile assisted relay selection in a telecommunications system
KR20080016943A (en) * 2005-06-08 2008-02-22 아바야 테크놀러지 코퍼레이션 Avoding exposed node problems in wireless local area networks
US7940897B2 (en) * 2005-06-24 2011-05-10 American Express Travel Related Services Company, Inc. Word recognition system and method for customer and employee assessment
US7522569B2 (en) * 2005-06-30 2009-04-21 Netgear, Inc. Peripheral device with visual indicators to show utilization of radio component
JP2007019939A (en) * 2005-07-08 2007-01-25 Renesas Technology Corp Radio communications equipment and portable telephone terminal using the same
ITMI20051321A1 (en) * 2005-07-12 2007-01-13 St Microelectronics Srl EQUAL METHOD OF PLANNING FOR THE ACCESS TO THE CHANNEL OF A WIRELESS TYPE NETWORK
US8249028B2 (en) * 2005-07-22 2012-08-21 Sri International Method and apparatus for identifying wireless transmitters
KR100736044B1 (en) * 2005-09-01 2007-07-06 삼성전자주식회사 Method and apparatus for managing power in wireless device
JP4633592B2 (en) * 2005-09-28 2011-02-16 京セラ株式会社 Wireless communication terminal
JP4761365B2 (en) * 2005-12-28 2011-08-31 Kddi株式会社 Communication scheduling method
US20070165526A1 (en) * 2006-01-14 2007-07-19 Hyun Lee Wireless QoS by hardware packet sizing, data rate modulation, and transmit power controlling based on the accumulated packet drop rate
US7583625B2 (en) * 2006-04-06 2009-09-01 Broadcom Corporation Access point multi-level transmission power and protocol control based on the exchange of characteristics
US20090225682A1 (en) * 2006-04-04 2009-09-10 Alex Peter Grote-Lopez Optimization Procedure for Wireless Networks Operating in Infrastructure Mode with Standard Protocol IEEE 802.11
US7672645B2 (en) * 2006-06-15 2010-03-02 Bitwave Semiconductor, Inc. Programmable transmitter architecture for non-constant and constant envelope modulation
US7924864B2 (en) * 2006-07-26 2011-04-12 Nokia Corporation Terminal-based contention free low overhead access
US8774140B2 (en) * 2006-10-19 2014-07-08 Intel Corporation Method and apparatus to provide hidden node protection
US7949315B2 (en) * 2007-09-25 2011-05-24 Broadcom Corporation Power consumption management and data rate control based on transmit power and method for use therewith
US8041375B2 (en) * 2007-10-31 2011-10-18 Qualcomm Incorporated Methods and apparatus for use in peer to peer communications devices and/or systems relating to rate scheduling, traffic scheduling, rate control, and/or power control

Patent Citations (39)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5706307A (en) * 1994-03-18 1998-01-06 Detemobil Deutsche Telekom Mobilfunk Gmbh Method and arrangement for the determination of the ratio for common-channel or adjacent-channel interferers in digital mobile communication networks
US5440758A (en) * 1994-04-12 1995-08-08 Motorola, Inc. Method of preventing unauthorized access to a wireless communication system
US5905949A (en) * 1995-12-21 1999-05-18 Corsair Communications, Inc. Cellular telephone fraud prevention system using RF signature analysis
US5715518A (en) * 1996-03-06 1998-02-03 Cellular Technical Services Company, Inc. Adaptive waveform matching for use in transmitter identification
US6035188A (en) * 1996-06-27 2000-03-07 Cellular Technical Services Company, Inc. Active waveform collection for use in transmitter identification
US5999806A (en) * 1997-02-28 1999-12-07 Cellular Technical Services Company, Inc. Waveform collection for use in wireless telephone identification
US6748036B1 (en) * 1997-12-18 2004-06-08 Nec Corporation Radio receiving method and apparatus
US20020034191A1 (en) * 1998-02-12 2002-03-21 Shattil Steve J. Method and apparatus for transmitting and receiving signals having a carrier interferometry architecture
US6385448B1 (en) * 1998-03-16 2002-05-07 Ericsson Inc. Predictive registration identification timer
US6396818B1 (en) * 1998-03-20 2002-05-28 Ericsson Inc. Call routing interface for satellite communications user terminals
US6269246B1 (en) * 1998-09-22 2001-07-31 Ppm, Inc. Location determination using RF fingerprinting
US20030008668A1 (en) * 1998-09-22 2003-01-09 Ppm, Inc. Location determination using RF fingerprinting
US20020065048A1 (en) * 1999-07-28 2002-05-30 Kazuo Nagatani Method and apparatus for compensating for distortion in radio apparatus
US6915123B1 (en) * 2000-03-02 2005-07-05 Lucent Technologies Inc. Method and system for monitoring an operational area of a subscriber station
US6437735B1 (en) * 2000-09-07 2002-08-20 Ericsson Inc. Position detection system integrated into mobile terminal
US20040015990A1 (en) * 2000-10-18 2004-01-22 Sharp Kabushiki Kaisha Radio communication apparatus, transmitter apparatus and receiver apparatus
US20020118834A1 (en) * 2001-02-28 2002-08-29 Wilson Dennis L. Analog privacy scrambler and scrambling method
US20020196188A1 (en) * 2001-06-25 2002-12-26 Harris Corporation System and method for determining the location of a transmitter using passive reflectors or refractors as proxy receivers and using database querying
US20030021582A1 (en) * 2001-07-27 2003-01-30 Nec Corporation Time shift reproduction method and device and bookmark being used in same
US20030110400A1 (en) * 2001-12-10 2003-06-12 Cartmell Brian Ross Method and system for blocking unwanted communications
US20030227342A1 (en) * 2002-06-07 2003-12-11 Dongtai Liu Multimode modulator employing a phase lock loop for wireless communications
US20060008029A1 (en) * 2002-12-18 2006-01-12 Houman Jafari Transmitter stage
US20050163090A1 (en) * 2002-12-25 2005-07-28 Nobuhisa Aoki Wireless communications system, relaying apparatus and mobile terminal
US20060126754A1 (en) * 2003-02-20 2006-06-15 Nikolai Filimonov Efficient modulation of rf signals
US20040166818A1 (en) * 2003-02-24 2004-08-26 Networkfab Corporation Method and system for emitter identification using transmission signatures
US20040192361A1 (en) * 2003-03-31 2004-09-30 Tadiran Communications Ltd. Reliable telecommunication
US20050143051A1 (en) * 2003-12-30 2005-06-30 Welgate Corporation Mobile authentication/financial transaction system using a unique mobile identification code and method thereof
US7639806B2 (en) * 2004-03-24 2009-12-29 Iowa State University Research Foundation, Inc. Fingerprinting digital devices using electromagnetic characteristics of their communications
US20050225396A1 (en) * 2004-04-08 2005-10-13 M/A-Com, Eurotec B.V. Bias circuit for power amplifier operated as a digital to analog converter
US20070025265A1 (en) * 2005-07-22 2007-02-01 Porras Phillip A Method and apparatus for wireless network security
US8509735B2 (en) * 2005-08-25 2013-08-13 Motorola Mobility Llc Method and apparatus to facilitate detection of an unauthorized communication system user
US20070253499A1 (en) * 2006-01-26 2007-11-01 Texas Instruments Incorporated Robust Detection of Packet Types
US20070178914A1 (en) * 2006-01-31 2007-08-02 Microsoft Corporation Determining the network location of a user device based on transmitter fingerprints
US20070264939A1 (en) * 2006-05-09 2007-11-15 Cognio, Inc. System and Method for Identifying Wireless Devices Using Pulse Fingerprinting and Sequence Analysis
US20080024269A1 (en) * 2006-07-28 2008-01-31 Fuji Xerox Co., Ltd. Authenticity determination system of responder, identification system, and interrogation unit
US8176533B1 (en) * 2006-11-06 2012-05-08 Oracle America, Inc. Complementary client and user authentication scheme
US20080244707A1 (en) * 2007-03-26 2008-10-02 Bowser Robert A Wireless transmitter identity validation in a wireless network
US8018883B2 (en) * 2007-03-26 2011-09-13 Cisco Technology, Inc. Wireless transmitter identity validation in a wireless network
US20090287764A1 (en) * 2008-05-15 2009-11-19 Motorola, Inc. Media access control server for radio access network

Non-Patent Citations (11)

* Cited by examiner, † Cited by third party
Title
Banerjee (Banerjee et al. "Spectrum Enforcement in a Spectrum Sharing World", June 2008, "Congitive Wireless Networking Summit 2008), *
Chandra et al., "Wireless Networking: Know It All", Sep. 2007, ISBN-13:978-0-7506-8582-5. *
Gralla (Preston Gralla, "How Wireless Works", 2nd Edition, ISBN 0789733447, Oct. 2005, pg, 20-25 30-43. *
Hall-Detecting Rogue (Hall et al, "Detecting Rogue Devices in Bluetooth Networks Using Radio Frequency Fingerprinting", In the Proceedings of the IASTED International Conference on Communications and Computer Networks (CCN '06), October 2006, *
Hall-Detection of Transient (Hall et al., "Detection of Transient in Radio Frequency Fingerprinting Using Signal Phase", In the Proceedings of IASTED International Conference on Wireless and Optical Communications (WOC '03), 2003), *
Kirkhorn, "Introduction to IQ-demodulation of RF-data", 9/99, *
RadioElectronics.com, "Comparison of 8-QAM, 16-QAM, 32-QAM, 64-QAM 128-QAM, 256-QAM, Types, 9/14. *
RadioElectronics.com, "Quadrature FM Demodulator/Detector Tutorial, 8/14, *
Ureten, (Ureten et al., "Bayesian Detection of Wi-Fi Transmitter RF Fingerprints", In IEEE Electronics Letters 41(6), 2005, pages 373-374, *
Wikipedia, "In-phase and quadrature components", 11/13, *
Xiao (Xaio et al., "Fingerprints in the Ether: Using the Physical Layer for Wireless Authentication", In the Proceedings of the 2007 IEEE International Conference on Communications (ICC '07), June 2007, *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20100313025A1 (en) * 2009-06-05 2010-12-09 Rochester Institute Of Technology Methods establishing a symmetric encryption key and devices thereof
US8959348B2 (en) * 2009-06-05 2015-02-17 Rochester Institute Of Technology Methods establishing a symmetric encryption key and devices thereof
US9083527B1 (en) * 2012-08-31 2015-07-14 Symantec Corporation Using mobile data to establish a shared secret in second-factor authentication
US20210204122A1 (en) * 2018-06-19 2021-07-01 University Of Notre Dame Du Lac Security for Wireless Communications

Also Published As

Publication number Publication date
US8218493B2 (en) 2012-07-10
US20170257300A1 (en) 2017-09-07
US8233493B2 (en) 2012-07-31
US8005114B2 (en) 2011-08-23
US20100067546A1 (en) 2010-03-18
US20100067535A1 (en) 2010-03-18
US20100098138A1 (en) 2010-04-22
US10397080B2 (en) 2019-08-27
US20100080183A1 (en) 2010-04-01
US8498592B2 (en) 2013-07-30

Similar Documents

Publication Publication Date Title
US10397080B2 (en) Secure wireless network using radiometric signatures
Vo-Huu et al. Fingerprinting Wi-Fi devices using software defined radios
Zheng et al. FID: Function modeling-based data-independent and channel-robust physical-layer identification
Brik et al. Wireless device identification with radiometric signatures
US8249028B2 (en) Method and apparatus for identifying wireless transmitters
Polak et al. Identifying wireless users via transmitter imperfections
Danev et al. Attacks on physical-layer identification
US10742461B2 (en) Carrier frequency estimation for radio frequency fingerprinting
Knox et al. Wireless fingerprints inside a wireless sensor network
Candore et al. Robust stable radiometric fingerprinting for wireless devices
Zhao et al. A robust authentication scheme based on physical-layer phase noise fingerprint for emerging wireless networks
CN110381510B (en) Non-orthogonal multiple access authentication system based on superimposed physical layer authentication label
Edman et al. Active attacks against modulation-based radiometric identification
US10944603B2 (en) Wireless device profiling, classifying, and onboarding using baseband profiles of the wireless device
CN110035425A (en) Based on wireless network card to the physical fingerprint extracting method of wireless device
Ashtari et al. A new RF-PUF based authentication of internet of things using random forest classification
CN110324830B (en) Non-orthogonal multiple access authentication system based on time division multiplexing physical layer authentication label
CN110381511B (en) Non-orthogonal multiple access authentication system based on shared physical layer authentication label
Li et al. {PhyAuth}:{Physical-Layer} Message Authentication for {ZigBee} Networks
Li et al. Fractal dimension of dsss frame preamble: Radiometric feature for wireless device identification
Guo et al. Taming the errors in cross-technology communication: a probabilistic approach
Lin et al. Using SDR Platform to Extract the RF Fingerprint of the Wireless Devices for Device Identification
Rubino Wireless device identification from a phase noise prospective
CN110380798B (en) Non-orthogonal multiple access authentication system based on shared authentication label and parameter optimization method
JP2018129715A (en) Radio communication system, detector, radio communication terminal, method and program

Legal Events

Date Code Title Description
AS Assignment

Owner name: WISCONSIN ALUMNI RESEARCH FOUNDATION,WISCONSIN

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:BRIK, VLADIMIR;BANERJEE, SUMAN;SIGNING DATES FROM 20090518 TO 20090721;REEL/FRAME:023642/0326

STCB Information on status: application discontinuation

Free format text: ABANDONED -- AFTER EXAMINER'S ANSWER OR BOARD OF APPEALS DECISION

AS Assignment

Owner name: NATIONAL SCIENCE FOUNDATION, VIRGINIA

Free format text: CONFIRMATORY LICENSE;ASSIGNOR:UNIVERSITY OF WISCONSIN, MADISON;REEL/FRAME:044445/0371

Effective date: 20171113