RF Fingerprinting to Detect Beamstealing Attacks in mmWave 5G Communications

Abstract

5G mmWave networks rely on directional beamforming to ensure high-bandwidth connectivity, but the initial beam alignment process is vulnerable to beam-stealing attacks. In this scenario, an adversary transmits forged synchronization signals to hijack the receiver's connection, potentially leading to denial of service. This paper analyzes these threats and proposes a physical-layer detection mechanism based on radio frequency fingerprinting. Using a 60 GHz laboratory test-bed, we emulate legitimate and malicious transmission scenarios to evaluate specific hardware impairments. We investigate two primary detection metrics: power amplifier nonlinearities, analyzed via their Amplitude Modulation to Amplitude Modulation (AM/AM) characteristics, and local oscillator stability, quantified by carrier frequency offset drift. Experimental results demonstrate that these metrics can successfully distinguish among different transmitting devices based on their saturation levels and frequency stability profiles. The study confirms that lightweight radio frequency (RF) fingerprinting is a viable solution for hardening 5G beam management against spoofing.