Watermarking and Anomaly Detection in Machine Learning Models for LORA RF Fingerprinting
This work addresses security issues in wireless device authentication for applications like IoT, but it is incremental as it builds on existing methods like ResNet and VAE with specific enhancements.
The paper tackled the vulnerability of deep learning models in radio frequency fingerprint identification to copying and tampering by combining watermarking for ownership proof and anomaly detection for spotting suspicious inputs, achieving 94.6% accuracy, 98% watermark success, and 0.94 AUROC on the LoRa dataset.
Radio frequency fingerprint identification (RFFI) distinguishes wireless devices by the small variations in their analog circuits, avoiding heavy cryptographic authentication. While deep learning on spectrograms improves accuracy, models remain vulnerable to copying, tampering, and evasion. We present a stronger RFFI system combining watermarking for ownership proof and anomaly detection for spotting suspicious inputs. Using a ResNet-34 on log-Mel spectrograms, we embed three watermarks: a simple trigger, an adversarially trained trigger robust to noise and filtering, and a hidden gradient/weight signature. A convolutional Variational Autoencoders (VAE) with Kullback-Leibler (KL) warm-up and free-bits flags off-distribution queries. On the LoRa dataset, our system achieves 94.6% accuracy, 98% watermark success, and 0.94 AUROC, offering verifiable, tamper-resistant authentication.