Keeping the Internet of Things safe from hackers 

From wearable fitness trackers to farm machinery, more than 17 billion devices around the world now exchange data across the Internet of Things (IoT). Equipped with sensors, and increasingly commonly built-in AI, these devices are transforming how we live, work and play; automating everything from homes and cities to healthcare and recreation.  

With each new connection comes a new vulnerability: the risk that hackers will enter the system. To stop this happening, each device needs to be authenticated before it joins the network, making security a growing and complex challenge.  

Now, researchers from Khalifa University have trained a neural network to emulate a physical authentication system virtually. Besides enhancing security, the virtual authentication system would reduce device cost and power consumption enabling safe, affordable smart devices to join the IoT. 

One solution for authentication of IoT devices is the use of physically unclonable functions (PUFs). These exploit tiny variations in computer chips to generate unique device fingerprints that enable secure connections between cloud servers and devices.  

“Future enhancements include [improving] robustness against adversarial threats, including both physical tampering and eavesdropping attacks.” 

Hani Saleh

“A hardware PUF uses uncontrollable physical variations in silicon chips to generate unique security keys as device ‘fingerprints’ for authentication,” says Raviha Khan, a PhD student at the Center for Cyber-Physical Systems.  

But these physical elements add complexity and cost to device circuits and increase power consumption. Also, the physical characteristics that generate the authentication key can be altered over time or react to changes in temperature, causing authentication mismatches. While error-correction techniques can help prevent this, they compound problems of cost, complexity and energy use making them unattractive for the average mass-produced IoT device. 

That’s where the Khalifa team, led by Hani Saleh from the System on Chip Research Center and Sami Muhaidat from the 6G Research Center, stepped in to develop a virtual PUF (VPUF). The team trained a neural network to mimic a device’s hardware PUF, eliminating the reliance on physical components. 

“Our VPUF uses a neural network with a split-learning architecture where an encoder deployed on the IoT device and decoder on the authentication server are jointly trained on hardware PUF data,” says Muhaidat. 

In this way, the research team was able to effectively retain the characteristics and uniqueness of a traditional hardware PUF without its physical limitations. The resulting VPUF is more consistent, efficient and primed for long-term performance. 

“This work highlights that software-based VPUFs, when combined with machine learning and split learning, can match or surpass hardware PUFs in security and efficiency,” says Saleh. “Future enhancements include the potential to extend this architecture with digital watermarking and model encryption to enhance robustness against adversarial threats, including both physical tampering and eavesdropping attacks, in real-world deployments.” 

Reference

Khan, R., Eldeeb, H.B., Mefgouda, B., Alhussein, O., Saleh, H. & Muhaidat, S. Encoder decoder-based Virtual Physically Unclonable Function for Internet of Things device authentication using split-learning. Comput. Secur. 148, 104164, 2025. | Article