Radio Frequency (RF) fingerprinting is to identify a wireless device from its uniqueness of the analog circuitry or hardware imperfections. However, unlike the MAC address which can be modified, such hardware feature is inevitable for the signal emitted to air, which can possibly reveal device whereabouts, e.g., a sniffer can use a pre-trained model to identify a nearby device when receiving its signal. Such fingerprint may expose critical private information, e.g., the associated upper-layer applications or the end-user. In this paper, we propose to erase such RF feature for wireless devices, which can prevent fingerprinting by actively perturbation from the signal perspective. Specifically, we consider a common RF fingerprinting scenario, where machine learning models are trained from pilot signal data for identification. A novel adversarial attack solution is designed to generate proper perturbations, whereby the perturbed pilot signal can hide the hardware feature and misclassify the model. We theoretically show that the perturbation would not affect the communication function within a tolerable perturbation threshold. We also implement the pilot signal fingerprinting and the proposed perturbation process in a practical LTE system. Extensive experiment results demonstrate that the RF fingerprints can be effectively erased to protect the user privacy.

翻译：射频指纹识别旨在通过模拟电路或硬件缺陷的独特性来识别无线设备。然而，与可修改的MAC地址不同，这种硬件特征在发射到空中的信号中不可避免，可能泄露设备位置信息——例如，嗅探器在接收到信号时，可利用预训练模型识别附近设备。此类指纹可能暴露关键隐私信息，如上层的关联应用或终端用户。本文提出一种为无线设备擦除此类射频特征的方法，通过从信号层面施加主动扰动来防止指纹识别。具体而言，我们考虑一种常见的射频指纹识别场景：机器学习模型基于导频信号数据进行训练以实现设备识别。我们设计了一种新颖的对抗攻击方案来生成合适的扰动，使得受扰动的导频信号能够隐藏硬件特征并导致模型误判。理论分析表明，在可容忍的扰动阈值内，该扰动不会影响通信功能。我们还在实际LTE系统中实现了导频信号指纹识别与所提出的扰动流程。大量实验结果表明，所提方法能有效擦除射频指纹以保护用户隐私。