Abstract
Long Range (LoRa) communications are gaining popularity in the Industrial Internet of Things (IIoT) domain due to their large coverage and high energy efficiency. However, LoRa-enabled IIoT networks are susceptible to cyberattacks mainly due to their wide transmission window and freely operated frequency band. This has led to several categories of cyberattacks. However, existing intrusion detection systems are inefficient in detecting compromised device due to the dense deployment and heterogeneous devices. This work introduces \(\textsf{Hawk}\), a distributed anomaly detection system for detecting compromised devices in LoRa-enabled IIoT. \(\textsf{Hawk}\) first measures a device-type specific physical layer feature, Carrier Frequency Offset (CFO) and then leverages the CFO for fingerprinting the device and consequently detecting anomalous deviations in the CFO behavior, potentially caused by adversaries. To aggregate the device-type specific CFO behavior profile efficiently, \(\textsf{Hawk}\) uses federated learning. To the best of our knowledge, \(\textsf{Hawk}\) is the first to use a federated learning method for anomaly-based intrusion detection in LoRa-enabled IIoT. We perform extensive experiments on a real-world dataset collected using 60 LoRa devices, primarily to assess the effectiveness of \(\textsf{Hawk}\) against passive attacks. The results show that \(\textsf{Hawk}\) improves the detection accuracy by 8% and reduces the storage overhead by 40% than the state-of-the-art solutions.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Figueroa-Lorenzo, S., Añorga, J., Arrizabalaga, S.: A survey of IIoT protocols: a measure of vulnerability risk analysis based on CVSS. ACM Comput. Surv. 53(2), 1–53 (2020)
Sundaram, J.P.S., Du, W., Zhao, Z.: A survey on loRa networking: research problems, current solutions, and open issues. IEEE Commun. Surv. Tutorials 22(1), 371–388 (2019)
Heeger, D., Plusquellic, J.: Analysis of IoT authentication over LoRa. In: 16th International Proceedings on DCOSS, pp. 458–465. IEEE, California, USA (2020)
Chen, D., et al.: Privacy-preserving encrypted traffic inspection with symmetric cryptographic techniques in IoT. IEEE Internet Things J. 1–15 (2022)
Yan, X., Xu, Y., Xing, X., Cui, B., Guo, Z., Guo, T.: Trustworthy network anomaly detection based on an adaptive learning rate and momentum in IIoT. IEEE Trans. Indust. Inf. 16(9), 6182–6192 (2020)
Abdel-Basset, M., Chang, V., Hawash, H., Chakrabortty, R.K., Ryan, M.: Deep-ifs: intrusion detection approach for IIoT traffic in fog environment. IEEE Trans. Indust. Inf. 17(11), 7704–7715 (2021)
Babun, L., Aksu, H., Uluagac, A.S.: CPS device-class identification via behavioral fingerprinting: from theory to practice. IEEE Trans. Inf. Forensics Secur. 16, 2413–2428 (2021)
Zhang, J., Woods, R., Sandell, M., Valkama, M., Marshall, A., Cavallaro, J.: Radio frequency fingerprint identification for narrowband systems, modelling and classification. IEEE Trans. Inf. Forensics Secur. 16, 3974–3987 (2021)
Ren, Z., Ren, P., Zhang, T.: Deep RF device fingerprinting by semi-supervised learning with meta pseudo time-frequency labels. In: Proceedings on IEEE WCNC, pp. 2369–2374. IEEE, California, USA (2022)
Shen, G., Zhang, J., Marshall, A., Cavallaro, J.: Towards scalable and channel-robust radio frequency fingerprint identification for LoRa. IEEE Trans. Inf. Forensics Secur. 17, 774–787 (2022)
Xie, R., et al.: A generalizable model-and-data driven approach for open-set RFF authentication. IEEE Trans. Inf. Forensics Secur. 16, 4435–4450 (2021)
Rey, V., Sánchez, P.M.S., Celdrán, A.H., Bovet, G.: Federated learning for malware detection in IoT devices. Comput. Networks 204 (2022)
Hou, W., Wang, X., Chouinard, J.-Y., Refaey, A.: Physical layer authentication for mobile systems with time-varying carrier frequency offsets. IEEE Trans. Commun. 62(5), 1658–1667 (2014)
Haddadpajouh, H., Mohtadi, A., Dehghantanaha, A., Karimipour, H., Lin, X., Choo, K.-K.R.: A multi-kernel and meta-heuristic feature selection approach for IoT malware threat hunting in the edge layer. IEEE Internet Things J. 8(6), 4540–4547 (2021)
Heeger, D., Plusquellic, J.: Slora: towards secure LoRa communications with fine-grained physical layer features. In: 18th International Proceedings on SenSys, pp. 258–270. ACM, Yokohama, Japan (2020)
Huong, T., et al.: Detecting cyberattacks using anomaly detection in industrial control systems: a federated learning approach. Comput. Indust. 132 (2021)
Perdisci, R., Papastergiou, T., Alrawi, O., Antonakakis, M.: Iotfinder: efficient large-scale identification of IoT devices via passive DNS traffic analysis. In: 5th International Proceedings on EuroS &P, pp. 474–489. IEEE, Genova, Italy (2020)
Dong, S., Li, Z., Tang, D., Chen, J., Sun, M., Zhang, K.: Your smart home can’t keep a secret: towards automated fingerprinting of IoT traffic. In: 15th International Proceedings on AsiaCCS, pp. 47–59. ACM, Taipei, Taiwan (2020)
Haugerud, H., Tran, H.N., Aitsaadi, N., Yazidi, A.: A dynamic and scalable parallel network intrusion detection system using intelligent rule ordering and network function virtualization. Future Gener. Comput. Syst. 124, 254–267 (2021)
Lu, K.-D., Zeng, G.-Q., Luo, X., Weng, J., Luo, W., Wu, Y.: Evolutionary deep belief network for cyber-attack detection in industrial automation and control system. IEEE Trans. Indust. Inf. 17(11), 7618–7627 (2021)
Charyyev, B., Gunes, M.H.: Locality-sensitive IoT network traffic fingerprinting for device identification. IEEE Internet Things J. 8(3), 1272–1281 (2021)
LoRa Modulation Crystal Oscillator Guidance, AN1200.14, Rev 2, July 2017. https://lora-developers.semtech.com/library/product-documents/. Accessed 6 May 2021
Nguyen, T.D., Marchal, S., Miettinen, M., Fereidooni, H., Asokan, N., Sadeghi, A.-R.: DIoT: a federated self-learning anomaly detection system for IoT. In: 39th International Proceedings on IEEE ICDCS, pp. 756–767. IEEE, Dallas, USA (2019)
Acknowledgment
This work has received funding from the European Union’s Horizon 2020 research and innovation programme under the Marie Skłodowska–Curie grant agreement No. 847577; and a research grant from Science Foundation Ireland (SFI) under Grant Number 16/RC/3918 (Ireland’s European Structural and Investment Funds Programmes and the European Regional Development Fund 2014–2020).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 Springer Nature Switzerland AG
About this paper
Cite this paper
Halder, S., Newe, T. (2022). Robust Anomaly Detection via Radio Fingerprinting in LoRa-Enabled IIoT. In: Su, C., Gritzalis, D., Piuri, V. (eds) Information Security Practice and Experience. ISPEC 2022. Lecture Notes in Computer Science, vol 13620. Springer, Cham. https://doi.org/10.1007/978-3-031-21280-2_9
Download citation
DOI: https://doi.org/10.1007/978-3-031-21280-2_9
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-21279-6
Online ISBN: 978-3-031-21280-2
eBook Packages: Computer ScienceComputer Science (R0)