Biblio

Non-orthogonal multiple access (NOMA) is emerging as a popular radio access technique to serve multiple users under the same resource block to improve spectral efficiency in 5G and 6G communication. But the resource sharing in NOMA causes concerns on data security. Since power domain NOMA exploits the difference in channel properties for bandwidth-efficient communication, it is feasible to ensure data confidentiality in NOMA communication through physical layer security techniques. In this work, we propose to ensure resistance against internal eavesdropping in NOMA communication through a secret key derived from channel randomness. A unique secret key is derived from the channel of each NOMA user; which is used to randomize the data of the respective user before superposition coding (SC) to prevent internal eavesdropping. The simulation results show that the proposed system provides very good security against internal eavesdropping in NOMA.

Physical-layer security is a new paradigm that offers data protection against eavesdropping in wireless 5G networks. In this context, the Gaussian channel is a typical model that captures the practical aspects of confidentially transmitting a message through the wireless medium. In this paper, we consider the peculiar case of transmitting a message through a wireless, state-dependent channel which is prone to eavesdropping, where the state knowledge is non-causally known and shared between the sender and the eavesdropper. We show that a novel structured coding scheme, which combines random coding arguments and the dirty-paper coding technique, achieves the fundamental limit of secure and reliable communication for the considered model.

Nowadays, smartphones are everywhere. They play an indispensable role in our lives and makes people convenient to communicate, pay, socialize, etc. However, they also bring a lot of security and privacy risks. Keystroke operations of numeric keypad are often required when users input password to perform mobile payment or input other privacy-sensitive information. Different keystrokes may cause different finger movements that will bring different interference to WiFi signal, which may be reflected by channel state information (CSI). In this paper, we propose WiPass, a password-keystroke recognition system for numerical keypad input on smartphones, which especially occurs frequently in mobile payment APPs. Based on only a public WiFi hotspot deployed in the victim payment scenario, WiPass would extracts and analyzes the CSI data generated by the password-keystroke operation of the smartphone user, and infers the user's payment password by comparing the CSI waveforms of different keystrokes. We implemented the WiPass system by using COTS WiFi AP devices and smartphones. The average keystroke segmentation accuracy was 80.45%, and the average keystroke recognition accuracy was 74.24%.

Due to the reciprocity of wireless channels, the communication parties can directly extract the shared key from channel. This solution were verified through several schemes. However, in real situations, channel sampling of legitimate transceivers might be impacted by noises and other interferences, which makes the channel states obtained by initiator and responder might be obvious different. The efficiency and even availability of physical layer key generation are thus reduced. In this paper, we propose a lightweight and efficient physical layer key generation scheme, which extract shared secret keys from channel state information (CSI). To improve the key generation process, the discrete cosine transform (DCT) is employed to reduce differences of channel states of legitimate transceivers. Then, these outputs are quantified and encoded through multi-bit adaptive quantization(MAQ) quantizer and gray code to generate binary bit sequence, which can greatly reduce the bit error rate. Moreover, the low density parity check (LDPC) code and universal hashing functions are used to achieve information reconciliation and privacy amplifification. By adding preprocessing methods in the key generation process and using the rich information of CSI, the security of communications can be increased on the basis of improving the key generation rate. To evaluate this scheme, a number of experiments in various real environments are conducted. The experimental results show that the proposed scheme can effificiently generate shared secret keys for nodes and protect their communication.

We investigate the potential of an information-spectrum approach to information-theoretic security. We show how this approach provides conceptually simple yet powerful results that can be used to investigate complex communication scenarios. In particular, we illustrate the usefulness of information-spectrum methods by analyzing the effect of channel state information (CSI) on the secure rates achievable over wiretap channels. We establish a formula for secrecy capacity, which we then specialize to compute achievable rates for ergodic fading channels in the presence of imperfect CSI. Our results confirm the importance of having some knowledge about the eavesdropper's channel, but also show that imperfect CSI does not necessarily preclude security.

This paper considers the transmission of confidential data over wireless channels. Based on an information-theoretic formulation of the problem, in which two legitimates partners communicate over a quasi-static fading channel and an eavesdropper observes their transmissions through a second independent quasi-static fading channel, the important role of fading is characterized in terms of average secure communication rates and outage probability. Based on the insights from this analysis, a practical secure communication protocol is developed, which uses a four-step procedure to ensure wireless information-theoretic security: (i) common randomness via opportunistic transmission, (ii) message reconciliation, (iii) common key generation via privacy amplification, and (iv) message protection with a secret key. A reconciliation procedure based on multilevel coding and optimized low-density parity-check (LDPC) codes is introduced, which allows to achieve communication rates close to the fundamental security limits in several relevant instances. Finally, a set of metrics for assessing average secure key generation rates is established, and it is shown that the protocol is effective in secure key renewal-even in the presence of imperfect channel state information.

We consider the problem of covert communication when Channel State Information (CSI) is available non-causally, causally, and strictly causally at both transmitter and receiver, as well as the case when channel state information is only available at the transmitter. Covert communication with respect to an adversary referred to as the "warden", is one in which the distribution induced during communication at the channel output observed by the warden is identical to the output distribution conditioned on an innocent channel-input symbol. In contrast to previous work, we do not assume the availability of a shared key at the transmitter and legitimate receiver; instead shared randomness is extracted from the channel state, in a manner that keeps it secret from the warden despite the influence of the channel state on the warden's output. When CSI is available at both transmitter and receiver, we derive the covert capacity region; when CSI is only available at the transmitter, we derive inner and outer bounds on the covert capacity. We also derive the covert capacity when the warden's channel is less noisy with respect to the legitimate receiver. We provide examples for which covert capacity is zero without channel state information, but is positive in the presence of channel state information.

This paper investigates the physical layer (PHY-layer) authentication that exploits channel state information (CSI) to enhance multiple-input multiple-output orthogonal frequency division multiplexing (MIMO-OFDM) system security by detecting spoofing attacks in wireless networks. A multi-user authentication system is proposed using convolutional neural networks (CNNs) which also can distinguish spoofers effectively. In addition, the mini batch scheme is used to train the neural networks and accelerate the training speed. Meanwhile, L1 regularization is adopted to prevent over-fitting and improve the authentication accuracy. The convolutional-neural-network-based (CNN-based) approach can authenticate legitimate users and detect attackers by CSIs with higher performances comparing to traditional hypothesis test based methods.

In recent years, secret key generation based on physical layer security has gradually attracted high attentions. The wireless channel reciprocity and eavesdropping attack are critical problems in secret key generation studies. In this paper, we carry out a simulation and experimental study of channel reciprocity in terms of measuring channel state information (CSI) in both time division duplexing (TDD) and frequency division duplexing (FDD) modes. In simulation study, a close eavesdropping wiretap channel model is introduced to evaluate the security of the CSI by using Pearson correlation coefficient. In experimental study, an indoor wireless CSI measurement system is built with N210 and X310 universal software radio peripheral (USRP) platforms. In TDD mode, theoretical analysis and most of experimental results show that the closer eavesdropping distance, the higher CSI correlation coefficient between eavesdropping channel and legitimate channel. However, in actual environment, when eavesdropping distance is too close (less than 1/4 wavelength), this CSI correlation seriously dropped. In FDD mode, both theoretical analysis and experimental results show that the wireless channel still owns some reciprocity. When frequency interval increases, the FDD channel reciprocity in actual environment is better than that in theoretical analysis.

This paper studies secure communication from a multi-antenna transmitter to a single-antenna receiver in the presence of multiple multi-antenna eavesdroppers, considering constraints of security quality of service (QoS), i.e., minimum allowable signal-to-interference-and-noise ratio (SINR) at receiver and maximum tolerable SINR at eavesdroppers. The robust joint optimal beamforming (RJOBF) of secret signal and artificial noise (AN) is designed to minimize transmit power while estimation errors of channel state information (CSI) for wiretap channels are taken into consideration. The formulated design problem is shown to be nonconvex and we transfer it into linear matrix inequalities (LMIs) along with semidefinite relaxation (SDR) technique. The simulation results illustrate that our proposed RJOBF is efficient for power saving in security communication.

Recent indoor positioning systems that utilize channel state information (CSI) consider ideal scenarios to achieve high-accuracy performance in fingerprint matching. However, one essential component in achieving high accuracy is the collection of high-quality fingerprints. The quality of fingerprints may vary due to uncontrollable factors such as environment noise, interference, and hardware instability. In our paper, we propose a method for collecting high-quality fingerprints for indoor positioning. First, we have developed a logistic regression classifier based on gradient descent to evaluate the quality of the collected channel frequency response (CFR) samples. We employ the classifier to sift out poor CFR samples and only retain good ones as input to the positioning system. We discover that our classifier can achieve high classification accuracy from over thousands of CFR samples. We then evaluate the positioning accuracy based on two techniques: Time-Reversal Resonating Strength (TRRS) and Support Vector Machines (SVM). We find that the sifted fingerprints always result in better positioning performance. For example, an average percentage improvement of 114% for TRRS and 22% for SVM compared to that of unsifted fingerprints of the same 40-MHz effective bandwidth.

A physical layer network coding (PLNC) is a highly efficient scheme for exchanging information between two nodes. Since the relay receives the interfered signal between two signals sent by two nodes, it hardly decodes any information from received signal. Therefore, the secure wireless communication link to the untrusted relay is constructed. The two nodes optimize the transmit power control for maximizing the secure capacity but these depend on the channel state information informed by the relay station. Therefore, the untrusted relay disguises the informed CSI for exploiting the information from two nodes. This paper constructs the game of two optimizations between the legitimate two nodes and the untrusted relay for clarifying the security of PLNC with untrusted relay.

A limit SNR(signal noise ratio) -1.6dB has been derived in continuous AWGN channel by shannon theorem. In this paper we study the channel capacity and limit SNR by series representation unlike iteration method for BI-AWGN(discrete binary input, continuous output) and rayleigh channel in BPSK modulation. The limit SNR is obtained under the help of Cesαro series summation rule. We figure out that BI-AWGN and rayleigh channel with (channel state information)CSI behave the same in limit SNR in terms of R → 0 and P → 0. For rayleigh channel without CSI, We solve it approximately by series expanded in R → 0 and an expression of capacity behaves more simple than the two others derived before.

Tactical MANETs are deployed in several challenging situations such as node mobility, presence of radio interference together with malicious jamming attacks, and execrable terrain features etc. Jamming attacks are especially harmful to the reliability of wireless communication, as they can effectively disrupt communication between any node pairs. The nature of Tactical MANETs hinders ineffective most of existing reliable routing schemes for ordinary wireless mobile networks. Routing Protocols in Tactical MANET s face serious security and reliability challenges. Selecting a long lasting and steady-going route is a critical task. Due to the lack of accurate acquisition and evaluation of the transmission characteristics, routing algorithms may result in continual reconstruction and high control overhead. This paper studies the impact of jamming and interference on the common protocols of tactical communications and presents a neighbor dependency-based reliable routing algorithm. According to the neighbor dependency based on channel state information evaluated by Exponential Smoothing Method, how to select a neighboring node as the next hop will greatly affect the transmission reliability. Finally, the performance of the reliable routing protocol based on neighbor dependency is tested in OPNET, and compared with the classical AODV algorithm and the improved AODV based on link Cost (CAODV) algorithm. The simulation results show that the protocol presented in this paper has better data transmission reliability.

In this study, we present WindTalker, a novel and practical keystroke inference framework that allows an attacker to infer the sensitive keystrokes on a mobile device through WiFi-based side-channel information. WindTalker is motivated from the observation that keystrokes on mobile devices will lead to different hand coverage and the finger motions, which will introduce a unique interference to the multi-path signals and can be reflected by the channel state information (CSI). The adversary can exploit the strong correlation between the CSI fluctuation and the keystrokes to infer the user's number input. WindTalker presents a novel approach to collect the target's CSI data by deploying a public WiFi hotspot. Compared with the previous keystroke inference approach, WindTalker neither deploys external devices close to the target device nor compromises the target device. Instead, it utilizes the public WiFi to collect user's CSI data, which is easy-to-deploy and difficult-to-detect. In addition, it jointly analyzes the traffic and the CSI to launch the keystroke inference only for the sensitive period where password entering occurs. WindTalker can be launched without the requirement of visually seeing the smart phone user's input process, backside motion, or installing any malware on the tablet. We implemented Windtalker on several mobile phones and performed a detailed case study to evaluate the practicality of the password inference towards Alipay, the largest mobile payment platform in the world. The evaluation results show that the attacker can recover the key with a high successful rate.

Device-free localization of people and objects indoors not equipped with radios is playing a critical role in many emerging applications. This paper presents a novel channel state information (CSI) pre-processing scheme that enables accurate device-free localization indoors. The basic idea is simple: CSI is sensitive to a target's location and by modelling the CSI measurements of multiple wireless links as a set of power fading based equations, the target location can be determined. However, due to rich multipaths in indoor environment, the received signal strength (RSS) or even the fine-grained CSI can not be easily modelled. We observe that even in a rich multipath environment, not all subcarriers are equally affected by multipath reflections. Our preprocessing scheme tries to identify the subcarriers not affected by multipath. Thus, CSIs on the "clean" subcarriers can be modelled and utilized for accurate localization. Extensive experiments demonstrate the effectiveness of the proposed pre-processing scheme.

Device-free localization of people and objects indoors not equipped with radios is playing a critical role in many emerging applications. This paper presents an accurate model-based device-free localization system LiFS, implemented on cheap commercial off-the-shelf (COTS) Wi-Fi devices. Unlike previous COTS device-based work, LiFS is able to localize a target accurately without offline training. The basic idea is simple: channel state information (CSI) is sensitive to a target's location and by modelling the CSI measurements of multiple wireless links as a set of power fading based equations, the target location can be determined. However, due to rich multipath propagation indoors, the received signal strength (RSS) or even the fine-grained CSI can not be easily modelled. We observe that even in a rich multipath environment, not all subcarriers are affected equally by multipath reflections. Our pre-processing scheme tries to identify the subcarriers not affected by multipath. Thus, CSIs on the "clean" subcarriers can be utilized for accurate localization. We design, implement and evaluate LiFS with extensive experiments in three different environments. Without knowing the majority transceivers' locations, LiFS achieves a median accuracy of 0.5 m and 1.1 m in line-of-sight (LoS) and non-line-of-sight (NLoS) scenarios respectively, outperforming the state-of-the-art systems. Besides single target localization, LiFS is able to differentiate two sparsely-located targets and localize each of them at a high accuracy.

We consider the block Rayleigh fading multiple-input multiple-output (MIMO) wiretap channel with no prior channel state information (CSI) available at any of the terminals. The channel gains remain constant in a coherence time of T symbols, and then change to another independent realization. The transmitter, the legitimate receiver and the eavesdropper have nt, nr and ne antennas, respectively. We determine the exact secure degrees of freedom (s.d.o.f.) of this system when T ≥ 2 min(nt, nr). We show that, in this case, the s.d.o.f. is exactly (min(nt, nr) - ne)+(T - min(nt, nr))/T. The first term can be interpreted as the eavesdropper with ne antennas taking away ne antennas from both the transmitter and the legitimate receiver. The second term can be interpreted as a fraction of s.d.o.f. being lost due to the lack of CSI at the legitimate receiver. In particular, the fraction loss, min(nt, nr)/T, can be interpreted as the fraction of channel uses dedicated to training the legitimate receiver for it to learn its own CSI. We prove that this s.d.o.f. can be achieved by employing a constant norm channel input, which can be viewed as a generalization of discrete signalling to multiple dimensions.