Radio Frequency (RF) fingerprinting is to identify a wireless device from its uniqueness of the analog circuitry or hardware imperfections. However, unlike the MAC address which can be modified, such hardware feature is inevitable for the signal emitted to air, which can possibly reveal device whereabouts, e.g., a sniffer can use a pre-trained model to identify a nearby device when receiving its signal. Such fingerprint may expose critical private information, e.g., the associated upper-layer applications or the end-user. In this paper, we propose to erase such RF feature for wireless devices, which can prevent fingerprinting by actively perturbation from the signal perspective. Specifically, we consider a common RF fingerprinting scenario, where machine learning models are trained from pilot signal data for identification. A novel adversarial attack solution is designed to generate proper perturbations, whereby the perturbed pilot signal can hide the hardware feature and misclassify the model. We theoretically show that the perturbation would not affect the communication function within a tolerable perturbation threshold. We also implement the pilot signal fingerprinting and the proposed perturbation process in a practical LTE system. Extensive experiment results demonstrate that the RF fingerprints can be effectively erased to protect the user privacy.

翻译：射频指纹识别旨在通过模拟电路或硬件缺陷的独特性来识别无线设备。然而，与可修改的MAC地址不同，此类硬件特征在发射到空中的信号中不可避免，可能泄露设备位置信息，例如嗅探器可在接收信号时使用预训练模型识别附近设备。此类指纹可能暴露关键隐私信息，例如关联的上层应用或终端用户。本文提出为无线设备消除此类射频特征，从信号角度通过主动扰动防止指纹识别。具体而言，我们考虑一种常见的射频指纹识别场景，即从导频信号数据训练机器学习模型以实现设备识别。我们设计了一种新颖的对抗性攻击方案来生成适当扰动，使受扰动的导频信号能够隐藏硬件特征并误导分类模型。我们从理论上证明，在可容忍的扰动阈值内，该扰动不会影响通信功能。我们还在实际LTE系统中实现了导频信号指纹识别与所提出的扰动流程。大量实验结果表明，射频指纹可被有效消除以保护用户隐私。