An Adversarial-Driven Experimental Study on Deep Learning for RF Fingerprinting
This work addresses security risks in RF fingerprinting for zero trust architectures and beyond 5G networks, identifying novel attack vectors that are incremental but critical for system robustness.
The paper tackles the security vulnerabilities of deep learning-based RF fingerprinting systems by conducting an adversarial-driven experimental analysis, revealing that domain shifts can cause consistent misclassification exploitable as a backdoor, and showing that training on raw signals entangles fingerprints with environmental features, creating unmitigable attack vectors.
Radio frequency (RF) fingerprinting, which extracts unique hardware imperfections of radio devices, has emerged as a promising physical-layer device identification mechanism in zero trust architectures and beyond 5G networks. In particular, deep learning (DL) methods have demonstrated state-of-the-art performance in this domain. However, existing approaches have primarily focused on enhancing system robustness against temporal and spatial variations in wireless environments, while the security vulnerabilities of these DL-based approaches have often been overlooked. In this work, we systematically investigate the security risks of DL-based RF fingerprinting systems through an adversarial-driven experimental analysis. We observe a consistent misclassification behavior for DL models under domain shifts, where a device is frequently misclassified as another specific one. Our analysis based on extensive real-world experiments demonstrates that this behavior can be exploited as an effective backdoor to enable external attackers to intrude into the system. Furthermore, we show that training DL models on raw received signals causes the models to entangle RF fingerprints with environmental and signal-pattern features, creating additional attack vectors that cannot be mitigated solely through post-processing security methods such as confidence thresholds.