Search papers, labs, and topics across Lattice.
This paper introduces CITADEL, a novel two-stage hierarchical pipeline that leverages Channel State Information (CSI) measurements to effectively detect and classify both known and zero-day jamming attacks in Industrial Internet of Things (IIoT) networks. By achieving 100% detection of known attacks and 97.1% detection of zero-day attacks with a minimal false positive rate, CITADEL outperforms existing methods that rely on less informative features or require impractical hardware. The system demonstrates resilience against adversarial evasion, maintaining low evasion rates even under rigorous threat models, making it a viable solution for securing large-scale IIoT deployments.
CITADEL achieves unprecedented detection rates for both known and zero-day jamming attacks while maintaining a strikingly low false positive rate, setting a new benchmark for IIoT security.
Radio frequency jamming poses a critical threat to the availability of wireless Industrial Internet of Things (IIoT) networks. Existing detection and classification techniques are poorly suited to this setting: coarse signal-strength and cross-layer features lack information richness, while raw I/Q baseband approaches require hardware and throughput that is impractical at the scale of hundred-node IIoT deployments. This paper presents CITADEL, a lightweight two-stage hierarchical pipeline that uses only Channel State Information (CSI) measurements, which are natively available on commodity IIoT devices, to detect and classify jamming attacks including previously unseen ones. While prior work has shown that jamming leaves observable CSI signatures, CITADEL is the first system to translate this insight into an end-to-end pipeline that jointly achieves closed-set classification of known attacks, open-set detection of zero-day attacks, and resistance to adversarial evasion. Evaluated across 6 known attack types and 15 zero-day scenarios, CITADEL achieves 100% known-attack detection and 97.1% zero-day detection at a 0.4% end-to-end false positive rate. Under adversarial evaluation spanning white-box and black-box threat models, gradient-based evasion remains below 2% across all tested perturbation budgets and the strongest published CSI attack generator achieves less than 5% average evasion. A systematic comparison against eight baselines confirms that no existing method achieves comparable performance on CSI data across all three axes: detection, generalization, and robustness. The full pipeline completes inference in 14.2 ms at 95.9 mJ on an edge GPU, establishing CITADEL as a practical solution for large-scale IIoT network security.