CyberRadar: A PUF-based Detecting and Mapping Framework for Physical Devices

The core issue of cyberspace detecting and mapping is to accurately identify and dynamically track devices. However, with the development of anonymization technology, devices can have multiple IP addresses and MAC addresses, and it is difficult to map multiple virtual attributes to the same physical device by existing detecting and mapping technologies. In this paper, we propose a detailed PUF-based detecting and mapping framework which can actively detect physical resources in cyberspace, construct resource portraits based on physical fingerprints, and dynamically track devices. We present a new method to implement a rowhammer DRAM PUF on a general PC equipped with DDR4 memory. The PUF performance evaluation shows that the extracted rowhammer PUF response is unique and reliable on PC, which can be treated as the device's unique physical fingerprint. The results of detecting and mapping experiments show that the framework we proposed can accurately identify the target devices. Even if the device modifies its MAC address, IP address, and operating system, by constructing a physical fingerprint database for device matching, the identification accuracy is close to the ideal value of 100%.