SigDetect: Collaborative Endpoint-based Signal Injection Attack Detection based on Channel Frequency Response

SigDetect: Collaborative Endpoint-based Signal Injection Attack Detection based on Channel Frequency Response

연구 분야: Safety

학회: 2025 IEEE 26th International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM)

Unencrypted broadcast data in cellular networks is vulnerable to signal injection attacks that are capable of revealing sensitive information and disrupting critical services. Existing detection methods struggle with such attacks, especially for attacks with low transmission power. This paper introduces SigDetect, a collaborative anomaly detection system that leverages complex channel frequency response (CFR) measurements and machine learning to detect signal injection attacks reliably. Extensive evaluations demonstrate that individual SigDetect detectors outperform a Received Signal Strength (RSS)-based method by 32.8% in outdoor experiments with stationary radios and 26.7% in indoor experiments where one of the radios is in motion. SigDetect also outperforms a CFR approach while eliminating the need to adjust thresholds to adapt to different wireless environments. Finally, SigDetect’s collaborative approach, in which neighboring network endpoints aid in detection, improves detection accuracy from 90.2% to 97.2% while reducing the false alarm from rate 11.2% to 0.7% and the missed detection rate from 8.3% to 4.9% in an indoor environment without mobile endpoints. These results suggest that SigDetect offers a promising solution for protecting cellular networks against low-power signal injection attacks.