Saved in:
Bibliographic Details
Main Authors: Ha, Tien Ngoc, Romero, Daniel
Format: Preprint
Published: 2024
Subjects:
Online Access:https://arxiv.org/abs/2401.08220
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866929210503725056
author Ha, Tien Ngoc
Romero, Daniel
author_facet Ha, Tien Ngoc
Romero, Daniel
contents In a spoofing attack, a malicious actor impersonates a legitimate user to access or manipulate data without authorization. The vulnerability of cryptographic security mechanisms to compromised user credentials motivates spoofing attack detection in the physical layer, which traditionally relied on channel features, such as the received signal strength (RSS) measured by spatially distributed receivers or access points. However, existing methods cannot effectively cope with the dynamic nature of channels, which change over time as a result of user mobility and other factors. To address this limitation, this work builds upon the intuition that the temporal pattern of changes in RSS features can be used to detect the presence of concurrent transmissions from multiple (possibly changing) locations, which in turn indicates the existence of an attack. Since a localization-based approach would require costly data collection and would suffer from low spatial resolution due to multipath, the proposed algorithm employs a deep neural network to construct a graph embedding of a sequence of RSS features that reflects changes in the propagation conditions. A graph neural network then classifies these embeddings to detect spoofing attacks. The effectiveness and robustness of the proposed scheme are corroborated by experiments with real-data.
format Preprint
id arxiv_https___arxiv_org_abs_2401_08220
institution arXiv
publishDate 2024
record_format arxiv
spellingShingle Spoofing Detection in the Physical Layer with Graph Neural Networks
Ha, Tien Ngoc
Romero, Daniel
Signal Processing
In a spoofing attack, a malicious actor impersonates a legitimate user to access or manipulate data without authorization. The vulnerability of cryptographic security mechanisms to compromised user credentials motivates spoofing attack detection in the physical layer, which traditionally relied on channel features, such as the received signal strength (RSS) measured by spatially distributed receivers or access points. However, existing methods cannot effectively cope with the dynamic nature of channels, which change over time as a result of user mobility and other factors. To address this limitation, this work builds upon the intuition that the temporal pattern of changes in RSS features can be used to detect the presence of concurrent transmissions from multiple (possibly changing) locations, which in turn indicates the existence of an attack. Since a localization-based approach would require costly data collection and would suffer from low spatial resolution due to multipath, the proposed algorithm employs a deep neural network to construct a graph embedding of a sequence of RSS features that reflects changes in the propagation conditions. A graph neural network then classifies these embeddings to detect spoofing attacks. The effectiveness and robustness of the proposed scheme are corroborated by experiments with real-data.
title Spoofing Detection in the Physical Layer with Graph Neural Networks
topic Signal Processing
url https://arxiv.org/abs/2401.08220