Comparison of High-end and Low-end Receivers for RF-DNA Fingerprinting

The widespread adoption of ZigBee devices in critical infrastructure applications has justifiably heightened security concerns. Attack methods exist that allow unauthorized rogue devices to insert themselves into established networks. Radio Frequency (RF) fingerprinting provides one countermeasure to spoofing attacks by identifying hardware devices by their unique RF characteristics. To make such methods more practical, this paper compares RF fingerprinting performance of a low-cost software defined radio receiver with that of a high-cost receiver using six like-model ZigBee devices of the same manufacturer, representing the most challenging scenario for RF fingerprinting. Comparable discrimination performance is achieved across a range of SNR using a random forest classifier and observations from both receivers. Network intrusion detection performance was comparable as well, with the high-cost receiver identifying on average 10% more rogue devices than the low-cost receiver. The viability of using low-cost receivers for RF fingerprinting is demonstrated, improving the practicality of RF-based antispoofing countermeasures.