MAC-Layer Spoofing Detection and Prevention in IoT Systems: Randomized Moving Target Approach

Abstract

MAC-layer spoofing, also known as identity spoofing, is recognized as a serious problem in many practical wireless systems. IoT systems are particularly vulnerable to this type of attack, as IoT devices (due to their various limitations) are often incapable of deploying advanced MAC-layer spoofing prevention and detection techniques-such as cryptographic authentication. Signal-level device fingerprinting is an approach to identity spoofing detection that is highly suitable for sensor-based IoT networks, but can be also utilized in many other types of wireless system. Unfortunately, the previous research works on signal-level device fingerprinting have been based on rather simplistic assumptions about both-The adversary's behavior as well as the operation of the defense system. The goal of our work was to examine the effectiveness of a novel system that combines signal-level device fingerprinting with the principles of Randomized Moving Target Defense (RMTD) when dealing with a very advanced adversary. The obtained results show that our RMTD-enhanced signal-level device fingerprinting technique exhibits far superior defense performance over the non-RMTD techniques previously discussed in the literature, and as such could be of great value for practical wireless systems subjected to identity spoofing attacks.