Biblio

In this paper, a method is proposed for improving the physical layer security for indoor visible light communication (VLC) networks with angle diversity transmitters. An angle diversity transmitter usually consists of multiple narrow-beam light-emitting diode (LED) elements with different orientations. Angle diversity transmitters are suitable for confidential data transmission, since data transmission via narrow light beams can effectively avoid the leakage of messages. In order to improve security performance, protection zones are introduced to the systems with angle diversity transmitters. Simulation results show that over 50% performance improvement can be obtained by adding protection zones.

The broadcast nature of visible light beam has aroused great concerns about the privacy and confidentiality of visible light communication (VLC) systems.In this paper, in order to enhance the physical layer security, we propose a channel scrambling scheme, which realizes orthogonal factorized channel scrambling with location information embedded (OFCS-LIE) for the VLC systems. We firstly embed the location information of the legitimate user, including the transmission angle and the distance, into a location information embedded (LIE) matrix, then the LIE matrix is factorized orthogonally in order that the LIE matrix is approximately uncorrelated to the multiple-input, multiple-output (MIMO) channels by the iterative orthogonal factorization method, where the iteration number is determined based on the orthogonal error. The resultant OFCS-LIE matrix is approximately orthogonal and used to enhance both the reliability and the security of information transmission. Furthermore, we derive the information leakage at the eavesdropper and the secrecy capacity to analyze the system security. Simulations are performed, and the results demonstrate that with the aid of the OFCS-LIE scheme, MIMO-based VLC system has achieved higher security when compared with the counterpart scrambling scheme and the system without scrambling.

Transmission techniques based on channel coding with feedback are proposed in this paper to enhance the security of wireless communications systems at the physical layer. Reliable and secure transmission over an additive noise Gaussian wiretap channel is investigated using Bose-Chaudhuri-Hocquenghem (BCH) and Low-Density Parity-Check (LDPC) channel codes. A hybrid automatic repeat-request (HARQ) protocol is used to allow for the retransmission of coded packets requested by the intended receiver (Bob). It is assumed that an eavesdropper (Eve) has access to all forward and feedback transmitted packets. To limit the information leakage to Eve, retransmitted packets are subdivided into smaller granular subpackets. Retransmissions are stopped as soon as the decoding process at the legitimate (Bob) receiver converges. For the hard decision decoded BCH codes, a framework to compute the frame error probability with granular HARQ is proposed. For LDPC codes, the HARQ retransmission requests are based on received symbols likelihood computations: the legitimate recipient request for the retransmission of the set of bits that are more likely to help for successful LDPC decoding. The performances of the proposed techniques are assessed for nul and negative security gap (SG) values, that is when the eavesdropper's channel benefits from equal or better channel conditions than the legitimate channel.

We discuss the use of formal modeling to discover potential attacks on Cyber-Physical systems, in particular Industrial Control Systems. We propose a general approach to achieve that goal considering physical-layer interactions, time and state discretization of the physical process and logic, and the use of suitable attacker profiles. We then apply the approach to model a real-world water treatment testbed using ASLan++ and analyze the resulting transition system using CL-AtSe, identifying four attack classes. To show that the attacks identified by our formal assessment represent valid attacks, we compare them against practical attacks on the same system found independently by six teams from industry and academia. We find that 7 out of the 8 practical attacks were also identified by our formal assessment. We discuss limitations resulting from our chosen level of abstraction, and a number of modeling shortcuts to reduce the runtime of the analysis.

Smart Grids (SGs) are Critical Infrastructures (CI), which are responsible for controlling and maintaining the distribution of electricity. To manage this task, modern SGs integrate an Information and Communication Infrastructure (ICT) beside the electrical power grid. Aside from the benefits derived from the increasing control and management capabilities offered by the ICT, unfortunately the introduction of this cyber layer provides an attractive attack surface for hackers. As a consequence, security becomes a fundamental prerequisite to be fulfilled. In this context, the adoption of Systems Engineering (SE) tools combined with Modeling and Simulation (M&S) techniques represent a promising solution to support the evaluation process of a SG during early design stages. In particular, the paper investigates on the identification, modeling and assessment of attacks in SG environments, by proposing a model for representing attack scenarios as a combination of attack types, attack schema and their temporal occurrence. Simulation techniques are exploited to enable the execution of such attack combinations in the SG domain. Specifically, a simulator, which allows to assess the SG behaviour to identify possible flaws and provide preventive actions before its realization, is developed on the basis of the proposed model and exemplified through a case study.

A vast literature on secret sharing protocols now exists based on the folk theorem that the wireless channel between communicating parties Alice and Bob cannot be controlled or predicted by a third party in a fine-grain way. We find that the folk theorem unfortunately does not hold. In particular, we show how an adversary, using a customized full-duplex forwarder, can control the channel seen by Alice and Bob in fine granularity without leaving a trace, while predicting with high probability the secrets generated by any channel reciprocity based secret sharing protocol. An implementation of our proposed secret manipulator, called Channel Spoofer, on a software-defined radio platform empirically verifies Channel Spoofer's effectiveness in breaking several representative state-of-the-art secret sharing protocols. To the best of our knowledge, the proposed Channel Spoofer is the first practical attacker against all extant channel reciprocity based secret sharing protocols.

As demonstrated recently, Wireless Physical Layer Security (WPLS) has the potential to offer substantial advantages for key management for small resource-constrained and, therefore, low-cost IoT-devices, e.g., the widely applied 8-bit MCU 8051. In this paper, we present a WPLS testbed implementation for independent performance and security evaluations. The testbed is based on off-the-shelf hardware and utilizes the IEEE 802.15.4 communication standard for key extraction and secret key rate estimation in real-time. The testbed can include generically multiple transceivers to simulate legitimate parties or eavesdropper. We believe with the testbed we provide a first step to make experimental-based WPLS research results comparable. As an example, we present evaluation results of several test cases we performed, while for further information we refer to https://pls.rub.de.

In cognitive radio network, the primary user (PU) network and the secondary user (SU) network interfered with each other because of sharing the spectral resource. Also interference among multi-downlinks in SU network decreased the sum rate in SU network and the eavesdropper in PU network decreased the secrecy rate in PU network. Focusing on above problem, this paper raised two channel selection and beamforming methods based on singular value decomposition (SVD) and uplink-downlink duality respectively, and then analyzed the performance of them in physical layer security.

In this paper, we address the physical layer security problem for Wireless Sensor Networks in the presence of passive eavesdroppers, i.e., the eavesdroppers' channels are unknown to the transmitter. We use a multi-antenna relay to guarantee physical layer security. Different from the existing work, we consider that the relay works in full duplex mode and transmits artificial noise (AN) in both stages of the decode-and-forward (DF) cooperative strategy. We proposed two optimal power allocation strategies for power constrained and power unconstrained systems respectively. For power constrained system, our aim is to minimize the secrecy rate outage probability. And for power unconstrained systems, we obtain the optimal power allocation to minimize the total power under the quality of service and secrecy constraints. We also consider the secrecy outage probability for different positions of eavesdropper. Simulation results are presented to show the performance of the proposed strategies.

The cyclostationary characteristics of signals has some important applications in such as blind channel equalization, blind adaptive beamforming, and system identification. However, the cyclostationary characteristics also can be a weak link in physical layer security. With high-order cyclostationary theory, some system information can be obtained easily. In this paper, we proposed a new algorithm based on constellation phase rotation and amplitude randomization, during which the cyclostationary feature of signals can be suppressed.

In this paper, we analyze the security-reliability tradeoff (SRT) performance of the multi-relay cooperative networks over Nakagami-m fading channels. By considering the reliability of the first phase from the source to relay, a cooperative jamming (CJ) assisted secure transmission scheme is investigated to improve the security performance of the considered system. Specifically, we derive the approximate closed-form expression of the outage probability (OP) and exact closed-form expression of the intercepted probability (IP) for the CJ scheme to evaluate the SRT performance of the system. Finally, the simulation results verify the validity of our theoretical derivations and the advantage of the CJ scheme compared to the traditional scheme with no cooperative jammer.

Establishing a secret and reliable wireless communication is a challenging task that is of paramount importance. In this paper, we investigate the physical layer security of a legitimate transmission link between a user that assists an Intrusion Detection System (IDS) in detecting eavesdropping and jamming attacks in the presence of an adversary that is capable of conducting an eavesdropping or a jamming attack. The user is being faced by a challenge of whether to transmit, thus becoming vulnerable to an eavesdropping or a jamming attack, or to keep silent and consequently his/her transmission will be delayed. The adversary is also facing a challenge of whether to conduct an eavesdropping or a jamming attack that will not get him/her to be detected. We model the interactions between the user and the adversary as a two-state stochastic game. Explicit solutions characterize some properties while highlighting some interesting strategies that are being embraced by the user and the adversary. Results show that our proposed system outperform current systems in terms of communication secrecy.

Next generation 5G wireless networks pose several important security challenges. One fundamental challenge is key management between the two communicating parties. The goal is to establish a common secret key through an unsecured wireless medium. In this paper, we introduce a new physical layer paradigm for secure key exchange between the legitimate communication parties in the presence of a passive eavesdropper. The proposed method ensures secrecy via pre-equalization and guarantees reliable communications by the use of Low Density Parity Check (LDPC) codes. One of the main findings of this paper is to demonstrate through simulations that the diversity order of the eavesdropper will be zero unless the main and eavesdropping channels are almost correlated, while the probability of key mismatch between the legitimate transmitter and receiver will be low. Simulation results demonstrate that the proposed approach achieves very low secret key mismatch between the legitimate users, while ensuring very high error probability at the eavesdropper.

Wireless communications in Cyber-Physical Systems (CPS) are vulnerable to many adversarial attacks such as eavesdropping. To secure the communications, secret session keys need to be established between wireless devices. In existing symmetric key establishment protocols, it is assumed that devices are pre-loaded with secrets. In the CPS, however, wireless devices are produced by different companies. It is not practical to assume that the devices are pre-loaded with certain secrets when they leave companies. As a consequence, existing symmetric key establishment protocols cannot be directly implemented in the CPS. Motivated by these observations, this paper presents a cross-layer key establishment model for heterogeneous wireless devices in the CPS. Specifically, by implementing our model, wireless devices extract master keys (shared with the system authority) at the physical layer using ambient wireless signals. Then, the system authority distributes secrets for devices (according to an existing symmetric key establishment protocol) by making use of the extracted master keys. Completing these operations, wireless devices can establish secret session keys at higher layers by calling the employed key establishment protocol. Additionally, we prove the security of the proposed model. We analyse the performance of the new model by implementing it and converting existing symmetric key establishment protocols into cross-layer key establishment protocols.

We propose a multi-level CSI quantization and key reconciliation scheme for physical layer security. The noisy wireless channel estimates obtained by the users first run through a transformation, prior to the quantization step. This enables the definition of guard bands around the quantization boundaries, tailored for a specific efficiency and not compromising the uniformity required at the output of the quantizer. Our construction results in an better key disagreement and initial key generation rate trade-off when compared to other level-crossing quantization methods.

A cross-layer secure communication scheme for multiple input multiple output (MIMO) system based on spatial modulation (SM) is proposed in this paper. The proposed scheme combined the upper layer stream cipher with the distorted signal design of the MIMO spatial modulation system in the physical layer to realize the security information transmission, which is called cross-layer secure communication system. Simulation results indicate that the novel scheme not only further ensure the legitimate user an ideal reception demodulation performance as the original system, but also make the eavesdropper' error rate stable at 0.5. The novel system do not suffer from a significant increasing complexity.

In this paper, a novel secure information exchange scheme has been proposed for MIMO vehicular ad hoc networks (VANETs) through physical layer approach. In the scheme, a group of On Board Units (OBUs) exchange information with help of one Road Side Unit (RSU). By utilizing the key signal processing technique, i.e., Direction Rotation Alignment technique, the information to be exchanged of the two neighbor OBUs are aligned into a same direction to form summed signal at RSU or external eavesdroppers. With such summed signal, the RSU or the eavesdropper cannot recover the individual information from the OBUs. By regulating the transmission rate for each OBU, the information theoretic security could be achieved. The secrecy sum-rates of the proposed scheme are analyzed following the scheme. Finally, the numerical results are conducted to demonstrate the theoretical analysis.

Physical-layer fingerprinting investigates how features extracted from radio signals can be used to uniquely identify devices. This paper proposes and analyses a novel methodology to fingerprint LoRa devices, which is inspired by recent advances in supervised machine learning and zero-shot image classification. Contrary to previous works, our methodology does not rely on localized and low-dimensional features, such as those extracted from the signal transient or preamble, but uses the entire signal. We have performed our experiments using 22 LoRa devices with 3 different chipsets. Our results show that identical chipsets can be distinguished with 59% to 99% accuracy per symbol, whereas chipsets from different vendors can be fingerprinted with 99% to 100% accuracy per symbol. The fingerprinting can be performed using only inexpensive commercial off-the-shelf software defined radios, and a low sample rate of 1 Msps. Finally, we release all datasets and code pertaining to these experiments to the public domain.

This paper investigates the physical layer security in a multibeam satellite communication system, where each legitimate user is surrounded by one eavesdropper. First of all, an optimization problem is formulated to maximize the sum of achievable secrecy rate, while satisfying the on-board satellite transmit power constraint. Then, two transmit beamforming(BF) schemes, namely, the zero-forcing (ZF) and the signal-to-leakage-and-noise ratio (SLNR) BF algorithms are proposed to obtain the BF weight vectors as well as power allocation coefficients. Finally, simulation results are provided to verify the validity of the two proposed methods and demonstrate that the SLNR BF algorithm outperforms the ZF BF algorithm.

Delay and security are both highly concerned in the Internet of Things (IoT). In this paper, we set up a secure analytical framework for IoT networks to characterize the network delay performance and secrecy performance. Firstly, stochastic geometry and queueing theory are adopted to model the location of IoT devices and the temporal arrival of packets. Based on this model, a low-complexity secure on-off scheme is proposed to improve the network performance. Then, the delay performance and secrecy performance are evaluated in terms of packet delay and packet secrecy outage probability. It is demonstrated that the intensity of IoT devices arouse a tradeoff between the delay and security and the secure on-off scheme can improve the network delay performance and secrecy performance. Moreover, secrecy transmission rate is adopted to reflect the delay-security tradeoff. The analytical and simulation results show the effects of intensity of IoT devices and secure on-off scheme on the network delay performance and secrecy performance.

We consider an underlay cognitive network with secondary users that support full-duplex communication. In this context, we propose the application of antenna selection at the secondary destination node to improve the secondary user secrecy performance. Antenna selection rules for cases where exact and average knowledge of the eavesdropping channels are investigated. The secrecy outage probabilities for the secondary eavesdropping network are analyzed, and it is shown that the secrecy performance improvement due to antenna selection is due to coding gain rather than diversity gain. This is very different from classical antenna selection for data transmission, which usually leads to a higher diversity gain. Numerical simulations are included to verify the performance of the proposed scheme.

This paper investigates physical layer security of non-orthogonal multiple access (NOMA) in cognitive radio (CR) networks. The techniques of NOMA and CR have improved the spectrum efficiency greatly in the traditional networks. Because of the difference in principles of spectrum improving, NOMA and CR can be combined together, i.e. CR NOMA network, and have great potential to improving the spectrum efficiency. However the physical layer security in CR NOMA network is different from any single network of NOMA or CR. We will study the physical layer security in underlay CR NOMA network. Firstly, the wiretap network model is constructed according to the technical characteristics of NOMA and CR. In addition, new exact and asymptotic expressions of the security outage probability are derived and been confirmed by simulation. Ultimately, we have studied the effect of some critical factors on security outage probability after simulation.

This paper considers the physical layer security for the cluster-based cooperative wireless sensor networks (WSNs), where each node is equipped with a single antenna and sensor nodes cooperate at each cluster of the network to form a virtual multi-input multi-output (MIMO) communication architecture. We propose a joint cooperative beamforming and jamming scheme to enhance the security of the WSNs where a part of sensor nodes in Alice's cluster are deployed to transmit beamforming signals to Bob while a part of sensor nodes in Bob's cluster are utilized to jam Eve with artificial noise. The optimization of beamforming and jamming vectors to minimize total energy consumption satisfying the quality-of-service (QoS) constraints is a NP-hard problem. Fortunately, through reformulation, the problem is proved to be a quadratically constrained quadratic problem (QCQP) which can be solved by solving constraint integer programs (SCIP) algorithm. Finally, we give the simulation results of our proposed scheme.

After being widely studied in theory, physical layer security schemes are getting closer to enter the consumer market. Still, a thorough practical analysis of their resilience against attacks is missing. In this work, we use software-defined radios to implement such a physical layer security scheme, namely, orthogonal blinding. To this end, we use orthogonal frequency-division multiplexing (OFDM) as a physical layer, similarly to WiFi. In orthogonal blinding, a multi-antenna transmitter overlays the data it transmits with noise in such a way that every node except the intended receiver is disturbed by the noise. Still, our known-plaintext attack can extract the data signal at an eavesdropper by means of an adaptive filter trained using a few known data symbols. Our demonstrator illustrates the iterative training process at the symbol level, thus showing the practicability of the attack.

We show for the first time that commodity devices can be used to generate wireless data transmissions that are confined to the human body. Specifically, we show that commodity input devices such as fingerprint sensors and touchpads can be used to transmit information to only wireless receivers that are in contact with the body. We characterize the propagation of the resulting transmissions across the whole body and run experiments with ten subjects to demonstrate that our approach generalizes across different body types and postures. We also evaluate our communication system in the presence of interference from other wearable devices such as smartwatches and nearby metallic surfaces. Finally, by modulating the operations of these input devices, we demonstrate bit rates of up to 50 bits per second over the human body.