Differential Contour Stellar-Based Radio Frequency Fingerprint Identification for Internet of Things

Data attacks from illegal access devices of the Internet of Things will cause serious interference and threats to the entire network. It is difficult to ensure the security of the communication system only by relying on traditional application layer password authentication methods. Therefore, it is of great significance to design an effective physical layer authentication system based on radio frequency fingerprints. Regarding the issue above, this paper proposes a novel physical layer authentication method for Internet of Things based on differential contour stellar. Through the test of identification and authentication of 20 WiFi network card devices from same manufacturer, same type and same batch, the recognition accuracy rate can reach 98.6% by the proposed method. The proposed method can improve the effect of radio frequency fingerprint identification from three aspects: i. The differential processing can effectively reduce the negative influence of phase rotation caused by carrier frequency offset and Doppler effects; ii. The color processing can effectively reduce the negative influence of random noise caused by channel noise; iii. It is suitable for processing large-scale networks and the massive data they bring.


I. INTRODUCTION
Information security is the key to building a reliable and robust Internet of Things (IoT). With the continuous emergence of information security problems brought about by wireless communication networks, how to accurately identify and authenticate IoT objects and prevent user identity impersonation and device cloning is the primary problem to be solved by the application of IoT. The traditional authentication mechanism is implemented at the application layer, using cryptographic algorithms to generate numerical results that are difficult for third parties to counterfeit, but this mechanism has risks such as protocol security vulnerabilities and key leakage. The terminal equipment of the perception layer of the Internet of Things has the characteristics of diversification, intelligence, complexity and a large number.
The associate editor coordinating the review of this manuscript and approving it for publication was Xiaochun Cheng.
Although the traditional authentication mechanism can guarantee information security to a certain extent, it is not suitable for processing large-scale networks and the massive data they bring, and it is difficult to meet the information security requirements of the Internet of Things. Therefore, research on a low error rate, high efficiency, and low cost individual identification method for communication radiation sources is the key to ensuring the stable operation of the Internet of Things.
Physical layer authentication is one of the core technologies to ensure the security of wireless communication. Its basic principle is to combine the space-time specificity of the transceiver channel and the transmitted signal to verify the physical characteristics of the communicating parties, thereby realizing identity authentication at the physical layer. Compared with the authentication technology at the application layer, it can effectively resist imitation attacks. It has the advantages of fast authentication speed, low complexity, good compatibility, and no need to consider the implementation of various protocols. Nowadays, the research on the physical layer security authentication technology is still in its infancy and the abundant physical layer resources have not been fully utilized, and there is still a lot of research space.
Radio frequency fingerprint identification is a nonpassword authentication method based on the physical layer hardware of the device. It does not need to consume additional computing resources or embed additional hardware. And it is a very potential technique to establish a low-cost, simpler and safer identification and authentication system [1]. The existing radio frequency fingerprint identification technology can be divided into channel-based fingerprint identification technology and transmission signal-based fingerprint identification technology according to the use of physical layer resources. The channel-based fingerprint identification technology aims to use the unique location information of the device as the identity detection indicator for different users in different scenarios, and is usually applied to indoor positioning of IoT devices [2]. Common channel characteristics include radio signal strength (RSS), channel state information (CSI) and channel frequency response (CFR) [3], [4]. The fingerprint identification technology based on the transmission signal is divided into the fingerprint identification technology based on the transient signal and the fingerprint identification technology based on the steady signal. The fingerprint identification based on the transient signal is a process of extracting radio frequency fingerprint from a section of transient signal sent at the moment the device is turned on/off [5]. The transient signal does not contain any data information, only reflects the hardware characteristics of the transmitter, and is independent. RF fingerprints are initially extracted from transient signals. Due to the short duration of the transient signal, it is difficult to capture, and it is more sensitive to the detection and location of mutation points, which limits its application in the actual environment [6]. The steady-state signal is the signal when the transmitter is in a stable working state. It has a long duration and is easier to obtain. It can be completed with a cheap receiver. However, the radio frequency fingerprints present in the steady-state signal are more difficult to extract [7], [8]. According to the different feature extraction methods, it can be divided into fingerprint identification methods based on waveform domain and fingerprint identification methods based on modulation domain. The fingerprint recognition method based on the waveform domain uses the time-domain waveform characteristics of the signal to directly recognize the signal. It can also perform various domain transformations on the signal before extracting its characteristics, such as Fourier transform, wavelet transform, Hilbert-Huang transform [9], Synchrosqueezing transform [10], improved fractal box dimension [11], etc. The transform domain method attempts to transform the time domain signal to other domains to maximize individual differences, but the features extracted by the transform domain method will vary with the changes in the transmitted data. In order to avoid the feature extraction method from being affected by the transmission data of the signal, radio frequency fingerprint extraction methods based on steady-state signals mostly use the preamble sequence repeatedly appearing in the signal. Electromagnetic signals are affected by factors such as transmitter carrier frequency offset, power amplifier nonlinearity, quadrature modulator imbalance and DC offset, and their differences are directly manifested in the modulation domain of the signal. This makes it possible to construct the radio frequency fingerprint identification of the transmitter in the modulation domain. At present, quadrature modulation has been widely used in communication signals, and the modulation domain features involved include carrier frequency offset, modulation offset, I/Q offset, constellation trace figure [12], differential constellation trace figure [13], etc. and their combinations. The modulation domain method takes I/Q signal samples as the basic processing unit, and uses the signal structure forced by the modulation scheme to make the specific attributes of the transmitter easier to identify. Knox et al. used the Ettus Labs USRP1 software radio platform as the receiving device (sampling frequency of 4MHz) for the classification problem of the SiLabs IEEE 802.15.4 2.4GHz RF device, and collected and demodulated signals from 5 same type RF devices from same manufacturer. The phase information of the baseband signal was extracted as a radio frequency fingerprint. The experimental results show that the classification performance of the RF fingerprint changes due to temperature difference and channel distance difference. The shorter the channel distance, the higher the recognition accuracy. When three different channel distances (i.e., short distance, medium distance, and long distance) were used, the average classification accuracy was 99.6%, 95.3%, and 81.9%, respectively [14]. Carbino et al. proposed a radio frequency fingerprint identification method based on constellation based-distinct native attribute (CB-DNA). The fingerprint of the device is extracted from the unintentional cable radiation of the Ethernet card to enhance the traditional MAC-based ID verification to reduce unauthorized network intrusion [15], [16]. In terms of feature engineering-based methods, the feature extraction methods have changed from using single-domain features to using multi-domain features, and shifting from methods based mainly on the waveform domain to methods based on the modulation domain. The classifier is designed to improve the generalization ability as the research goal, minimize the manually set parameters, and perform global optimization parameter settings.
In the identification and authentication stage, according to the type of classifier, classifiers for radio frequency fingerprint identification can be divided into traditional machine learning classifiers and deep learning classifiers. Classifier design is one of the key processing steps after extracting radio frequency fingerprints using feature engineering methods. At present, there are a large number of mature classifiers available, such as k-nearest neighbor, support vector machine, neural network, gray relation algorithm, extreme learning machine and other methods. Related research shows 53746 VOLUME 9, 2021 that it is best to combine feature selection, feature dimensionality reduction, and classifier design together, so that correlation analysis can be performed better, and radio frequency fingerprint features that are more conducive to classification can be obtained [17]. In addition, by integrating multiple classifiers through strategies, better classification performance can be obtained than a single classifier. This is the idea of ensemble learning classifiers. Deep learning methods have been successfully applied in the fields of image recognition, speech recognition, and autonomous driving. Scholars have continued to introduce deep learning methods into the field of radio frequency fingerprint identification to solve the difficulties of feature extraction, and feature selection in RFF recognition [18], [19]. Ding et al. proposed a SEI method based on deep learning. This method selects the steady-state part of the signal, and first uses bispectral transformation to extract features, then uses supervised dimensionality reduction method to significantly reduce the bispectrum dimensions, and finally uses convolutional neural network to use the compressed bispectrum to identify specific transmitters [20]. Zhao et al. used a transfer learning method based on rejection sampling to update weights, and combined the weights with rejection sampling to construct a training set. The model trained by this method is less affected by time-varying and channel environments [21]. Merchant et al. developed a framework for training convolutional neural networks directly using time-domain complex baseband error signals and successfully identified 7 ZigBee devices [18]. This method does not need to specifically use the preamble sequence or the signal segment that reappears at a fixed position, and the extracted radio frequency fingerprint feature has nothing to do with the content carried by the signal to be identified. In 2018, Chatterjee et al. proposed the concept of RF-PUF [22]. This method uses only the waveform of the data portion and does not require a preamble sequence. It is a framework based on deep neural networks. It uses 50 hidden layer neurons to detect features such as local oscillator offset and I/Q imbalance. Simulation results show that under different channel conditions, the recognition rate of 10,000 transmitters is as high as 99%. In 2019, Yu et al. proposed a multi-sampling convolutional neural network (MSCNN) and developed an adaptive ROI selection algorithm based on SNR [23]. USRP was used as the receiver and 54 CC2530 devices were used as recognition targets. The feasibility and reliability of the method in line of sight (LOS) and non line of sight (NLOS) scenarios were tested. The results show that the algorithm is robust under LOS and NLOS, and the classification accuracy is as high as 97% in the LOS environment with an SNR of 30dB. In the same year, Yu et al. also proposed a deep learning RFF recognition model based on denoising autoencoder (DAE) [24]. Compared with traditional CNN, under the additive white Gaussian noise channel, the recognition accuracy can be improved by 14% to 23.5% when the SNR is -10 dB to 5 dB. Even if the SNR is 10dB, the recognition accuracy is as high as 97.5%. In addition, the deep sparse capsule network can also be used for signal classification [25]. Compared with CNN, it not only has good classification performance, but also can automatically obtain hierarchical feature representations. Deep learning methods provide new ideas and techniques for radio frequency fingerprint identification. However, the current fingerprint recognition technology based on deep learning mainly directly uses baseband data as training data, trying to let the algorithm find fingerprint features by itself, and has achieved certain results. However, due to its ''black box'' characteristics, it is best to combine it with feature engineering methods to enhance the interpretability of deep learning models and improve the understanding of the mechanism of radio frequency fingerprint identification.
In this paper, the inherent and essential unintentional modulation information carried by the electromagnetic wave signal emitted by the terminal device of the Internet of Things is used as the identifiable fingerprint feature of the device. Through the effective feature extraction method of the differential contour stellar, a fine portrait database of the fingerprint features of the devices is constructed, and the one-dimensional radio frequency signal feature set is converted into a two-dimensional image data set. And a deep convolutional neural network is used to identify the extracted fine portrait of the RF fingerprint, which can achieve reliable identification and authentication of the physical layer terminal devices of the Internet of Things. And the main contribution of the paper is as follows: a. A differential contour stellar based RF fingerprint extraction method is proposed and can be used as a fine portrait of the transmitter's RF fingerprint by using transmission data segment of the steady-state signal. b. Deep convolutional neural network based RF Fingerprint identification scheme using differential contour stellar (DSC-CNN) is proposed. c. Based on the measured signals of 20 WiFi network card devices from the same manufacturer, same type and same batch, the validity and reliability of the method proposed in the paper are tested. d. Compared with the contour stellar [22], the differential contour stellar has better robustness as RF fingerprint. Even if the carrier frequency deviation and phase deviation of the receiver are not estimated and compensated, a reliable RF fingerprint of the communication radiation source (transmitter) can be obtained. The remainder of this paper is organized as follows. In Section II, the typical constellation method and the proposed method are described. The application and analysis are presented in Section III, and test results of the proposed method are also presented in Section III, followed by the conclusions in Section IV.

A. TYPICAL CONSTELLATION METHOD
Due to the deviation between the actual value and the nominal value of the electronic component, even if the transmitters composed of the same batch of electronic components still VOLUME 9, 2021 have differences, it is also called transmitter imperfection, which is the physical basis of RFF, as shown in fig.1. Even if it is device from the same manufacturer, same type and same batch, due to the tolerance effect of electronic components, the actual hardware parameters of some internal components such as oscillator (existence of frequency offset and phase noise), modulator (existence of modulation error) and power amplifier (existence of non-linear distortion) and so on, will also vary. The RF signal is modulated by modulating the current at the excitation source before transmission, and the information to be transmitted is added to the signal. In this process, the intentional modulation information transmitted is included, and the unintentional modulation information of the characteristics of the radiation source is also included [26]. Radio frequency fingerprint is an essential feature of the physical layer of a wireless communication device, and it is difficult to be tampered with. Just as different people have different fingerprints, different radio frequency fingerprints of different communication devices can be used for wireless device identification and access authentication. After these information-carrying electromagnetic waves start from the excitation source and propagate step by step, although the characteristics of the electromagnetic field at the excitation source are retained, they are also constantly affected by the transmission medium.
The constellation diagram is a vector diagram obtained by drawing the endpoints of the modulation signal under a specific base vector projection on the two-dimensional coordinates with I and Q as the horizontal and vertical axes. Each vector endpoint (also called a symbol point) can express two basic information of the amplitude and phase of the signal relative to the carrier at a certain moment, and its projection on the two coordinate axes is the two baseband signals at the current moment. The number of symbol points of the digital modulation signal is limited, and all symbol points are represented in the same vector diagram to form a constellation diagram, as shown in fig.2. Fig. 2 shows examples of transitions in the I/Q complex plane corresponding to QPSK, BPSK, and OQPSK. It can be seen that different modulation waveforms present different transition patterns in the I/Q complex plane. For example, the transitions between (1,0) and (-1, 0) are unique to BPSK but do not appear in QPSK, which has a substantially different constellation. It can constitute a unique signature of the RF baseband signal that can eventually be learned by the CNN's filters. At present, quadrature modulation has been extensively applied in communication signals, and the radio frequency fingerprint features in the modulation domain, such as constellation trace figure [12], [13], and constellation based contour stellar [27], have been typically proposed by scholars to represent radio frequency fingerprints. And a constellation figure of radio frequency baseband I/Q signals of a wifi network card device can be shown in fig.3. Since the constellation diagram corresponds to the amplitude and phase of the RF baseband signal, the shape of the array can also be used to analyze amplitude imbalance, quadrature error, correlated interference, phase/amplitude noise, phase error, modulation error ratio, etc.

B. THE PROPOSED METHOD
Assume that the radio frequency signal emitted by the communication radiation source (transmitter) is as follows: where X (t) is the transmitter baseband signal; f t c is the transmitter carrier frequency.
Assuming that the RF circuit of the transmitter is ideal and the channel is also ideal, the RF signal received by the receiver is as follows: The receiver down-converts the RF signal to obtain the baseband signal as follows: where f r c is the receiver carrier frequency; ϕ is the received signal phase offset.
when f t c = f r c , the receiver down-converts the RF signal to obtain the baseband signal as follows: where θ = f r c − f t c . Since the demodulated signal contains residual frequency deviation θ, each sampling point of the baseband signal has a phase rotation factor e j2π θt . The phase rotation factor e j2π θt varies with the position t of the sampling point, which usually leads to poor robustness and stability of the extracted constellation features, as shown in fig.4. In most coherent demodulation communication systems, the estimated frequency deviationθ and phase deviationφ can be obtained by estimating the frequency deviation and phase deviation. The receiver uses the estimated results to compensate the received signal for frequency deviationθ and phase deviationφ, thereby obtaining a stable constellation. In the radio frequency fingerprint extraction method based on constellation, the purpose of the receiver is not to demodulate each received signal symbol correctly. Therefore, the received I and Q baseband signals can be differentially processed according to a certain interval n to obtain a stable constellation diagram as follows: where Y * takes the conjugate value. Although the differentially processed signal D (t) still contains a phase rotation factor e −j2π θn , the phase rotation factor e −j2πθn is a constant value and will not change with the change of the sampling point position. Therefore, after differential processing, a stable constellation can be obtained even if the carrier frequency deviationθ and phase deviatioñ ϕ of the receiver are not estimated and compensated, as show in fig.5.
Here the new RF baseband signal after differential processing is as follows: Visualize the new In-phase signal and Quadrature signal after differential processing as a differential constellation. FIGURE 6. The transition from differential constellation to differential contour stellar.  where x 1 = I (t); y 1 = Q (t); x 2 = I (t + n); y 2 = Q (t + n). And the time interval n is 1.
Therefore, the subsequent feature extraction of the contour stellar based on the differential constellation can be performed. According to the different point density of the two-dimensional differential constellation diagram, the distribution of different colors is given to different areas, and the one-dimensional signal is converted into a two-dimensional color image (like an ultra-high-definition X-ray film), which can describe the subtle characteristics of the signal more comprehensively, as seen fig.6.
As shown in fig.6, when sliding the density window function on the differential constellation, the density window  function will calculate how many points are in the window. Different calculation results mean different densities, and different colors will be used to mark different densities. Yellow indicates a relatively high density area of sampling points, green indicates a relatively medium density area of sampling points, and blue indicates a low density area of sampling points. By calculating the point density on the differential constellation, and then coloring by sliding the rectangular window function (density window), the colored differential contour stellar of the RF baseband signal can be obtained as a fine portrait of the transmitter's RF fingerprint. Finally, a deep convolutional neural network can be used to identify the extracted fine portrait of the RF fingerprint, which can achieve reliable identification and authentication of the physical layer of the Internet of Things, as seen fig.7.
Mathematically speaking, the method (DSC-CNN) proposed in this paper can improve the effect of physical layer authentication from three aspects: i. The differential processing can effectively reduce the negative influence of phase rotation caused by carrier frequency offset and Doppler effect; ii. The color processing can effectively reduce the negative influence of random noise caused by channel noise; iii. It is suitable for processing large-scale networks and the massive data they bring.

III. EXPERIMENT AND ANALYSIS A. EXPERIMENT INTRODUCTION
The specific implementation case takes as an example the identification of 20 WiFi network card devices from the same manufacturer, same type and same batch, as shown in fig.8.
Among them, the radio frequency baseband signal acquisition equipment adopts FSW26 spectrum analyzer. The collection environment is a laboratory in line of sight (LOS) scenario. Collect 50 samples per device; The signal acquisition bandwidth is 80MHz, and each acquisition is 1.75ms, that is, 140,000 points per sample (take a single channel as an example). The effective data transmission section excluding the channel noise section is 80,000 points (all are steadystate signals). And then slice the effective data transmission section, and take 10,000 points as a new sample, and there are a total of 8,000 samples for these 20 WiFi network card devices. And one new sample for one WiFi network card device is seen in fig.9.

B. APPLICATION AND ANALYSIS
After generating a differential contour stellar for each new sample, randomly selects 320 samples for each device to be used for the training of the deep convolutional neural network, and the remaining 80 samples are tested for recognition.
In order to illustrate the effectiveness of the method proposed in this paper, compare it with the radio frequency fingerprint extraction method of the contour stellar [27], [28], and the deep convolutional neural network structure is unified as shown in Table 1, which is improved on the basis of AlexNet.
An example of the transition from constellation to contour stellar for the WiFi network card devices is shown in fig.10. An example of the transition from differential constellation to differential contour stellar for the WiFi network card devices.
Note: the x-axis is the In-phase signal and the y-axis is the Quadrature signal. Various modulation waveforms always present various transition patterns in the I/Q complex plane, and therefore the constellation figures can represent a distinctive signature of the radio frequency baseband I/Q signals.
An example of differential processing on the In-phase signal and Quadrature signal after delayer to form a new In-phase signal and Quadrature signal is shown in fig.11. An example of the transition from differential constellation to differential contour stellar for the WiFi network card devices is shown in fig.12.
We can see that, from fig.10 and fig.12, the differential contour stellar for each WiFi network card device is quite different from contour stellar. Finally, through the recognition and authentication of the deep convolutional neural network, VOLUME 9, 2021  the recognition results of the individual communication radiation source based on the contour stellar and the recognition results based on the method proposed in this paper are obtained respectively, as shown in fig.13 and fig.14.
From fig.13, we can see, the overall recognition success rate of a total of 1600 test samples from 20 WiFi network card devices is 90.4%. And a total of 6 devices are fully recognized correctly. And there are 5 devices with a recognition rate of below 87.5%, which are device#5, device#6, device#9, device#16, and device#18, and the recognition rate of device#18 is the lowest, only 57.5%.
From fig.14, we can see, the overall recognition success rate of a total of 1600 test samples from 20 WiFi network card devices reaches 98.6%. And a total of 14 devices are fully recognized correctly. The recognition rate of device#6 is the lowest, still as high as 92.5%. As the differential contour stellar can effectively reduce the negative effects of phase rotation and random noise, compared with the contour stellar [27], the differential contour stellar has better robustness as RF fingerprint. Even if the carrier frequency deviation and phase deviation of the receiver are not estimated and compensated, a reliable RF fingerprint of the communication radiation source (transmitter) can be obtained by the proposed method.

IV. CONCLUSION
This paper proposes a novel physical layer authentication method for Internet of Things based on differential contour stellar. First, collect the radio frequency baseband signal through the receiver, and collect the In-phase signal and Quadrature signal; Then carry out differential processing on the In-phase signal and Quadrature signal after delayer to form a new In-phase signal and Quadrature signal; Then visualize the new In-phase signal and Quadrature signal as a differential constellation; And next, by calculating the point density on the differential constellation, and then coloring by sliding the rectangular window function (density window), the colored differential contour stellar of each segment of the RF baseband signal is obtained as a fine portrait of the transmitter's RF fingerprint; Finally, a deep convolutional neural network is used to identify the extracted fine portrait of the RF fingerprint, which can achieve reliable identification and authentication of the physical layer of the Internet of Things. Through the test of identification and authentication of 20 WiFi network card devices from the same manufacturer, same type and same batch, some meaningful conclusions can be obtained as follows: (1) The differential contour stellar can be used as a fine portrait of the transmitter's RF fingerprint, extracted from the transmission data segment of the steady-state signal.
(2) Compared with the contour stellar, the differential contour stellar has better robustness as RF fingerprint. Even if the carrier frequency deviation and phase deviation of the receiver are not estimated and compensated, a reliable RF fingerprint of the communication radiation source can be obtained.
(3) Deep convolutional neural network based RF Fingerprint identification scheme using differential contour stellar (DSC-CNN) can achieve reliable identification and authentication of the physical layer of the Internet of Things.
In the future work, experimental case studies will be conducted for more wifi network card devices from same batch, same type, and same manufacturer, at mixed scenarios of lineof-sight (LOS) scene and non-line-of-sight (NOS) scene to further test the robustness of the proposed approach. And the deep convolutional neural network structure can be further improved.