Open Set Recognition (OSR) is a classification paradigm where a model must accurately identify known, enrolled device classes while simultaneously detecting and rejecting any previously unseen, unknown, or rogue emitters by assigning them to an 'unknown' class. Unlike traditional closed-set classification, which forcibly maps every input to one of the known classes, OSR operates under the realistic assumption that the model will encounter novel signals from devices it was never trained on.
Glossary
Open Set Recognition

What is Open Set Recognition?
A classification paradigm where a model must accurately identify known, enrolled devices while simultaneously detecting and rejecting any previously unseen, unknown, or rogue emitters as an 'unknown' class.
In RF fingerprinting, OSR is critical for physical layer security because an authentication system must not only verify legitimate transmitters but also flag zero-day spoofing attacks and unauthorized radios. This is typically achieved by learning a discriminative embedding space where known device clusters are compact, and a rejection boundary is established using techniques like OpenMax or Extreme Value Theory (EVT) to model the probability that a sample belongs to an unknown distribution.
Core Characteristics of Open Set Recognition
Open Set Recognition (OSR) extends traditional classification by requiring models to operate in the real world where unknown, never-before-seen emitters constantly appear. Unlike closed-set systems that forcibly map every input to a known class, OSR systems must simultaneously identify known devices and reject unknown imposters.
Open Space Risk Management
The fundamental challenge of OSR is formally bounding open space risk—the measurable danger of labeling an unknown input as known. A robust OSR model must define a compact abatement probability for each known class, ensuring that feature space far from any training sample is labeled 'unknown' rather than incorrectly assigned to the nearest known emitter. This is achieved through techniques like extreme value theory to model the boundary between known and unknown space.
Discriminative Feature Embedding
OSR systems rely on learning a latent representation where known classes form tight, separable clusters with significant inter-class margins. The empty space between clusters becomes the unknown rejection zone. Key techniques include:
- Center loss to minimize intra-class variance
- Angular margin penalties to maximize inter-class separation
- Contrastive learning to explicitly push unknown-like samples away from known centroids
Thresholding on Activation Statistics
Rather than relying solely on the maximum softmax probability—which is notoriously unreliable for unknown inputs—modern OSR systems apply calibrated thresholds to activation statistics. Common approaches include:
- Energy-based scores derived from logit magnitudes
- Mahalanobis distance from class-conditional Gaussian fits in feature space
- OpenMax, which recalibrates softmax scores using a Weibull distribution fitted to extreme distances per class
Novelty Detection vs. Open Set Recognition
While related, these paradigms differ critically:
- Novelty Detection: Assumes only normal data during training; detects any deviation as novel. No multi-class discrimination.
- Open Set Recognition: Trains on multiple known classes and must simultaneously perform fine-grained classification of knowns while rejecting unknowns. This dual objective makes OSR significantly more challenging and directly applicable to RF emitter identification where many legitimate devices must be distinguished from rogue transmitters.
Evaluation Metrics Beyond Accuracy
Closed-set accuracy is dangerously misleading for OSR. Proper evaluation requires:
- Open Set Classification Rate (OSCR) curves that plot correct known classification against false positive rate as threshold varies
- Area Under the ROC Curve (AUROC) for binary known-vs-unknown detection
- F1-score at a fixed, low false positive rate relevant to security applications
- Closed-set accuracy on known classes only, reported separately from rejection performance
Generative Models for Unknown Synthesis
A powerful training strategy involves synthesizing proxy unknowns to teach the model where the open space boundary should lie. Techniques include:
- Generative Adversarial Networks (GANs) trained to produce samples at the fringes of known class distributions
- Manifold sampling that generates points on the learned data manifold but far from any class centroid
- Mixup and CutMix variants that create ambiguous samples between known classes, forcing the model to assign low confidence to boundary regions
Frequently Asked Questions
Addressing the most critical questions about building RF fingerprinting systems that can confidently identify known devices while detecting and rejecting unknown, rogue, or spoofed emitters.
Open Set Recognition (OSR) is a classification paradigm where a machine learning model must simultaneously perform two tasks: accurately identify known, enrolled devices into their correct classes, and detect any input from a previously unseen, unknown, or rogue emitter, labeling it as 'unknown' rather than forcibly misclassifying it into a known class. In the context of RF fingerprinting, this means the system distinguishes between a legitimate, authorized transmitter and a sophisticated impersonator or a completely new device that was not present during training. This is fundamentally different from traditional 'closed set' classification, which assumes all possible classes are known during training and will always map an input to one of them, creating a critical security vulnerability. An effective OSR system builds a decision boundary that not only separates known classes but also encapsulates the 'known world' to reject anything outside it, using techniques like extreme value theory to model the distribution of known class activations and set a rejection threshold.
Open Set vs. Closed Set Recognition
A technical comparison of the assumptions, outputs, and operational constraints distinguishing closed set and open set classification frameworks for RF emitter identification.
| Feature | Closed Set Recognition | Open Set Recognition |
|---|---|---|
World Assumption | All test classes are known and present in the training set | Unknown, novel, or rogue emitter classes may appear during inference |
Output Space | Fixed set of K known classes | K known classes + 1 'unknown' rejection class |
Decision Boundary Type | Partitioning boundaries between known classes only | Closed boundaries around each known class with open space risk management |
Unknown Emitter Handling | ||
Rogue Device Detection | ||
Typical ROC Metric | Top-1 Classification Accuracy | Area Under ROC Curve (AUROC) with open-set F1 |
Primary Risk | Misclassifying one known emitter as another | Falsely accepting an unknown emitter as a known, authorized device |
Thresholding Mechanism | Softmax probability maximum | OpenMax, EVM, or distance-based rejection score |
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Open Set Recognition in RF fingerprinting requires a constellation of supporting techniques to manage the unknown. These related concepts form the technical foundation for building authentication systems that can confidently reject novel or rogue emitters.
Specific Emitter Identification (SEI)
The core process that OSR protects. SEI uniquely identifies a physical radio transmitter by analyzing distinct, unintentional features in its waveform. While a closed-set SEI classifier assumes every signal belongs to a known device, an open set SEI system adds the critical capability to reject signals from transmitters never seen during training, preventing spoofing by cloned or rogue hardware.
Contrastive Learning
A deep learning training methodology essential for building discriminative OSR embedding spaces. The model learns to pull representations of signals from the same device closer together while pushing representations from different devices apart. This creates a structured feature space where unknown emitters naturally fall into low-density regions far from known clusters, making them easier to detect and reject.
Dimensionality Reduction
A critical preprocessing step for OSR systems using algorithms like Principal Component Analysis (PCA) or t-SNE. By projecting high-dimensional RF fingerprint vectors into a lower-dimensional space, redundancy and noise are removed while preserving the discriminative structure between known classes. This compact representation makes the subsequent open-set decision boundary more robust and computationally efficient to calculate.
Adversarial Attack
A deliberate, often imperceptible perturbation crafted by an adversary to fool a deep learning classifier. In an OSR context, attacks can aim to cause a known emitter to be rejected as unknown (denial-of-service) or, more dangerously, cause an unknown rogue emitter to be accepted as a legitimate, enrolled device. Robust OSR models must be hardened against these evasion attacks.
Drift Compensation
An adaptive mechanism that updates a device's stored fingerprint model over time to account for gradual, environmentally-induced changes. Without drift compensation, a legitimate device experiencing temperature variation or component aging may see its signature drift outside its known class boundary, causing an OSR system to falsely reject it as an unknown. This maintains the stability of the open-set decision threshold.
Continuous Authentication
A zero-trust security model where a device's physical-layer fingerprint is verified persistently throughout a session. OSR is fundamental here: the system must continuously distinguish between the legitimate enrolled device and any unknown transmitter that might attempt session hijacking. A single successful rejection of an unknown emitter during a session prevents a complete security breach.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us