Preliminary classification results of RF emission based feature extraction in Internet of Things devices

As the Internet of Things (IoT) grows to include billions of connected devices, securing these devices from executing malicious code has become a primary concern. Traditional methods of security such as anti-malware software and firewall protection are often impractical due to the limited computing resources these devices often feature. Given these conditions, one possible approach to securing IoT devices is external monitoring for detection of anomalous behavior. Much like spectral signatures used in remote sensing for object identification, Internet of Things (IoT) devices unintentionally generate a unique signature in the radio frequency (RF) spectrum based on the code being executed. This study investigates methods for processing time domain RF data into a set of machine learning features that can be used to distinguish between a set of known instructions, sub-routines, and programs. A feature clustering approach using the magnitude of points in the frequency spectrum is presented along with other feature extraction methods.