{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,26]],"date-time":"2026-04-26T00:36:08Z","timestamp":1777163768339,"version":"3.51.4"},"reference-count":23,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2021,8,12]],"date-time":"2021-08-12T00:00:00Z","timestamp":1628726400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["JCP"],"abstract":"In some wireless networks Received Signal Strength Indicator (RSSI) based device profiling may be the only viable approach to combating MAC-layer spoofing attacks, while in others it can be used as a valuable complement to the existing defenses. Unfortunately, the previous research works on the use of RSSI-based profiling as a means of detecting MAC-layer spoofing attacks are largely theoretical and thus fall short of providing insights and result that could be applied in the real world. Our work aims to fill this gap and examine the use of RSSI-based device profiling in dynamic real-world environments\/networks with moving objects. The main contributions of our work and this paper are two-fold. First, we demonstrate that in dynamic real-world networks with moving objects, RSSI readings corresponding to one fixed transmitting node are neither stationary nor i.i.d., as generally has been assumed in the previous literature. This implies that in such networks, building an RSSI-based profile of a wireless device using a single statistical\/ML model is likely to yield inaccurate results and, consequently, suboptimal detection performance against adversaries. Second, we propose a novel approach to MAC-layer spoofing detection based on RSSI profiling using multi-model Long Short-Term Memory (LSTM) autoencoder\u2014a form of deep recurrent neural network. Through real-world experimentation we prove the performance superiority of this approach over some other solutions previously proposed in the literature. Furthermore, we demonstrate that a real-world defense system using our approach has a built-in ability to self-adjust (i.e., to deal with unpredictable changes in the environment) in an automated and adaptive manner.<\/jats:p>","DOI":"10.3390\/jcp1030023","type":"journal-article","created":{"date-parts":[[2021,8,12]],"date-time":"2021-08-12T10:54:41Z","timestamp":1628765681000},"page":"453-469","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":9,"title":["RSSI-Based MAC-Layer Spoofing Detection: Deep Learning Approach"],"prefix":"10.3390","volume":"1","author":[{"given":"Pooria","family":"Madani","sequence":"first","affiliation":[{"name":"Electrical Engineering and Computer Science, York University, Toronto, ON M3J 1P3, Canada"}]},{"given":"Natalija","family":"Vlajic","sequence":"additional","affiliation":[{"name":"Electrical Engineering and Computer Science, York University, Toronto, ON M3J 1P3, Canada"}]}],"member":"1968","published-online":{"date-parts":[[2021,8,12]]},"reference":[{"key":"ref_1","unstructured":"Lashkari, A.H., Danesh, M.M.S., and Samadi, B. (2009, January 8\u201311). A survey on wireless security protocols (WEP, WPA and WPA2\/802.11 i). Proceedings of the 2009 2nd IEEE International Conference on Computer Science and Information Technology, Beijing, China."},{"key":"ref_2","unstructured":"(2020, September 01). The Independent IT Security Institute AX Test. Available online: https:\/\/www.iot-tests.org\/2017\/06\/hue-let-there-be-light\/."},{"key":"ref_3","doi-asserted-by":"crossref","first-page":"54","DOI":"10.1109\/MC.2002.1039518","article-title":"Denial of service in sensor networks","volume":"35","author":"Wood","year":"2002","journal-title":"Computer"},{"key":"ref_4","doi-asserted-by":"crossref","first-page":"51915","DOI":"10.1109\/ACCESS.2019.2911424","article-title":"Energy depletion attacks in low power wireless networks","volume":"7","author":"Nguyen","year":"2019","journal-title":"IEEE Access"},{"key":"ref_5","doi-asserted-by":"crossref","unstructured":"Ahmad, M.S., and Tadakamadla, S. (2011, January 14\u201317). Short paper: Security evaluation of IEEE 802.11 w specification. Proceedings of the Fourth ACM Conference on Wireless Network Security, Hamburg, Germany.","DOI":"10.1145\/1998412.1998424"},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"1550147718795838","DOI":"10.1177\/1550147718795838","article-title":"PRAPD: A novel received signal strength-based approach for practical rogue access point detection","volume":"14","author":"Wu","year":"2018","journal-title":"Int. J. Distrib. Sens. Netw."},{"key":"ref_7","first-page":"65","article-title":"RSSAT: A Wireless Intrusion Detection System Based on Received Signal Strength Acceptance Test","volume":"4","author":"Moosavirad","year":"2013","journal-title":"J. Adv. Comput. Res."},{"key":"ref_8","unstructured":"Demirbas, M., and Song, Y. (2006, January 26\u201329). An RSSI-based scheme for sybil attack detection in wireless sensor networks. Proceedings of the 2006 International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM\u201906), Buffalo-Niagara Falls, NY, USA."},{"key":"ref_9","doi-asserted-by":"crossref","first-page":"16","DOI":"10.1016\/j.is.2015.04.007","article-title":"Time-series clustering\u2014A decade review","volume":"53","author":"Aghabozorgi","year":"2015","journal-title":"Inf. Syst."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Madani, P., Vlajic, N., and Sadeghpour, S. (2020, January 15). MAC-Layer Spoofing Detection and Prevention in IoT Systems: Randomized Moving Target Approach. Proceedings of the 2020 Joint Workshop on CPS & IoT Security and Privacy, Lisbon, Portugal.","DOI":"10.1145\/3411498.3419968"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Faria, D.B., and Cheriton, D.R. (2006). Detecting identity-based attacks in wireless networks using signalprints. Proceedings of the 5th ACM Workshop on Wireless Security, ACM.","DOI":"10.1145\/1161289.1161298"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Chen, Y., Trappe, W., and Martin, R.P. (2007, January 18\u201321). Detecting and localizing wireless spoofing attacks. Proceedings of the 2007 4th Annual IEEE Communications Society Conference on Sensor, Mesh and Ad Hoc Communications and Networks, San Diego, CA, USA.","DOI":"10.1109\/SAHCN.2007.4292831"},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Sheng, Y., Tan, K., Chen, G., Kotz, D., and Campbell, A. (2008, January 13\u201318). Detecting 802.11 MAC layer spoofing using received signal strength. Proceedings of the IEEE INFOCOM 2008\u2014The 27th Conference on Computer Communications, Phoenix, AZ, USA.","DOI":"10.1109\/INFOCOM.2008.239"},{"key":"ref_14","doi-asserted-by":"crossref","unstructured":"Gonzales, H., Bauer, K., Lindqvist, J., McCoy, D., and Sicker, D. (2010, January 6\u201310). Practical defenses for evil twin attacks in 802.11. Proceedings of the 2010 IEEE Global Telecommunications Conference (GLOBECOM 2010), Miami, FL, USA.","DOI":"10.1109\/GLOCOM.2010.5684213"},{"key":"ref_15","first-page":"13","article-title":"Query Strategies for Evading Convex-Inducing Classifiers","volume":"13","author":"Nelson","year":"2012","journal-title":"J. Mach. Learn. Res."},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Madani, P., and Vlajic, N. (2018, January 10\u201311). Robustness of deep autoencoder in intrusion detection under adversarial contamination. Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security, Raleigh, NC, USA.","DOI":"10.1145\/3190619.3190637"},{"key":"ref_17","unstructured":"Goodfellow, I., Bengio, Y., Courville, A., and Bengio, Y. (2016). Deep Learning, MIT press."},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Kim, J., Kim, J., Thu, H.L.T., and Kim, H. (2016, January 15\u201317). Long short term memory recurrent neural network classifier for intrusion detection. Proceedings of the 2016 International Conference on Platform Technology and Service (PlatCon), Jeju, Korea.","DOI":"10.1109\/PlatCon.2016.7456805"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Luo, W., Liu, W., and Gao, S. (2017, January 10\u201314). Remembering history with convolutional lstm for anomaly detection. Proceedings of the 2017 IEEE International Conference on Multimedia and Expo (ICME), Hong Kong, China.","DOI":"10.1109\/ICME.2017.8019325"},{"key":"ref_20","unstructured":"Malhotra, P., Ramakrishnan, A., Anand, G., Vig, L., Agarwal, P., and Shroff, G. (2016). LSTM-based encoder-decoder for multi-sensor anomaly detection. arXiv."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Safaric, S., and Malaric, K. (2006, January 7\u20139). ZigBee wireless standard. Proceedings of the ELMAR 2006, Zadar, Croatia.","DOI":"10.1109\/ELMAR.2006.329562"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Zhang, Z. (2018, January 4\u20136). Improved adam optimizer for deep neural networks. Proceedings of the 2018 IEEE\/ACM 26th International Symposium on Quality of Service (IWQoS), Banff, AB, Canada.","DOI":"10.1109\/IWQoS.2018.8624183"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Laxhammar, R. (2014). Conformal Anomaly Detection: Detecting Abnormal Trajectories in Surveillance Applications. [Ph.D. Thesis, University of Sk\u00f6vde].","DOI":"10.1016\/B978-0-12-398537-8.00004-3"}],"container-title":["Journal of Cybersecurity and Privacy"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2624-800X\/1\/3\/23\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T06:44:34Z","timestamp":1760165074000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2624-800X\/1\/3\/23"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,8,12]]},"references-count":23,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2021,9]]}},"alternative-id":["jcp1030023"],"URL":"https:\/\/doi.org\/10.3390\/jcp1030023","relation":{},"ISSN":["2624-800X"],"issn-type":[{"value":"2624-800X","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,8,12]]}}}