Authentication of Everything in the Internet of Things: Learning and Environmental Effects

Reaping the benefits of the Internet of things (IoT) system is contingent upon developing IoT-specific security solutions. Conventional security and authentication solutions often fail to meet IoT security requirements due to the computationally limited and portable nature of IoT objects. In this paper, an IoT objects authentication framework is proposed. The framework uses device-specific information, called fingerprints, along with a transfer learning tool to authenticate objects in the IoT. The framework tracks the effect of changes in the physical environment on fingerprints and uses unique IoT environmental effects features to detect both cyber and cyber-physical emulation attacks. The proposed environmental effects estimation framework is proven to improve the detection rate of attackers without increasing the false positives rate. The proposed framework is also shown to be able to detect cyber-physical attackers that are capable of replicating the fingerprints of target objects which conventional methods are unable to detect. A transfer learning approach is proposed to allow the use of objects with different types and features in the environmental effects estimation process to enhance the performance of the framework while capturing practical IoT deployments with diverse object types. Simulation results using real IoT device data show that the proposed approach can yield a 40% improvement in cyber emulation attacks detection and is able to detect cyber-physical emulation attacks that conventional methods cannot detect. The results also show that the proposed framework improves the authentication accuracy while the transfer learning approach yields up to 70% additional performance gains.