Principles of Physical Layer Security in Multiuser Wireless Networks: A Survey

This paper provides a comprehensive review of the domain of physical layer security in multiuser wireless networks. The essential premise of physical-layer security is to enable the exchange of confidential messages over a wireless medium in the presence of unauthorized eavesdroppers without relying on higher-layer encryption. This can be achieved primarily in two ways: without the need for a secret key by intelligently designing transmit coding strategies, or by exploiting the wireless communication medium to develop secret keys over public channels. The survey begins with an overview of the foundations dating back to the pioneering work of Shannon and Wyner on information-theoretic security. We then describe the evolution of secure transmission strategies from point-to-point channels to multiple-antenna systems, followed by generalizations to multiuser broadcast, multiple-access, interference, and relay networks. Secret-key generation and establishment protocols based on physical layer mechanisms are subsequently covered. Approaches for secrecy based on channel coding design are then examined, along with a description of inter-disciplinary approaches based on game theory and stochastic geometry. The associated problem of physical-layer message authentication is also introduced briefly. The survey concludes with observations on potential research directions in this area.Comment: 23 pages, 10 figures, 303 refs. arXiv admin note: text overlap with arXiv:1303.1609 by other authors. IEEE Communications Surveys and Tutorials, 201

A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Artificial-Noise-Aided Secure Multi-Antenna Transmission with Limited Feedback

We present an optimized secure multi-antenna transmission approach based on artificial-noise-aided beamforming, with limited feedback from a desired single-antenna receiver. To deal with beamformer quantization errors as well as unknown eavesdropper channel characteristics, our approach is aimed at maximizing throughput under dual performance constraints - a connection outage constraint on the desired communication channel and a secrecy outage constraint to guard against eavesdropping. We propose an adaptive transmission strategy that judiciously selects the wiretap coding parameters, as well as the power allocation between the artificial noise and the information signal. This optimized solution reveals several important differences with respect to solutions designed previously under the assumption of perfect feedback. We also investigate the problem of how to most efficiently utilize the feedback bits. The simulation results indicate that a good design strategy is to use approximately 20% of these bits to quantize the channel gain information, with the remainder to quantize the channel direction, and this allocation is largely insensitive to the secrecy outage constraint imposed. In addition, we find that 8 feedback bits per transmit antenna is sufficient to achieve approximately 90% of the throughput attainable with perfect feedback.Comment: to appear in IEEE Transactions on Wireless Communication

Performance Analysis of Secondary Users in Heterogeneous Cognitive Radio Network

Continuous increase in wireless subscriptions and static allocation of wireless frequency bands to the primary users (PUs) are fueling the radio frequency (RF) shortage problem. Cognitive radio network (CRN) is regarded as a solution to this problem as it utilizes the scarce RF in an opportunisticmanner to increase the spectrumefficiency. InCRN, secondary users (SUs) are allowed to access idle frequency bands opportunistically without causing harmful interference to the PUs. In CRN, the SUs determine the presence of PUs through spectrum sensing and access idle bands by means of dynamic spectrum access. Spectrum sensing techniques available in the literature do not consider mobility. One of the main objectives of this thesis is to include mobility of SUs in spectrum sensing. Furthermore, due to the physical characteristics of CRN where licensed RF bands can be dynamically accessed by various unknown wireless devices, security is a growing concern. This thesis also addresses the physical layer security issues in CRN. Performance of spectrum sensing is evaluated based on probability of misdetection and false alarm, and expected overlapping time, and performance of SUs in the presence of attackers is evaluated based on secrecy rates

On the Design and Analysis of Secure Inference Networks

Parallel-topology inference networks consist of spatially-distributed sensing agents that collect and transmit observations to a central node called the fusion center (FC), so that a global inference is made regarding the phenomenon-of-interest (PoI). In this dissertation, we address two types of statistical inference, namely binary-hypothesis testing and scalar parameter estimation in parallel-topology inference networks. We address three different types of security threats in parallel-topology inference networks, namely Eavesdropping (Data-Confidentiality), Byzantine (Data-Integrity) or Jamming (Data-Availability) attacks. In an attempt to alleviate information leakage to the eavesdropper, we present optimal/near-optimal binary quantizers under two different frameworks, namely differential secrecy where the difference in performances between the FC and Eve is maximized, and constrained secrecy where FC’s performance is maximized in the presence of tolerable secrecy constraints. We also propose near-optimal transmit diversity mechanisms at the sensing agents in detection networks in the presence of tolerable secrecy constraints. In the context of distributed inference networks with M-ary quantized sensing data, we propose a novel Byzantine attack model and find optimal attack strategies that minimize KL Divergence at the FC in the presence of both ideal and non-ideal channels. Furthermore, we also propose a novel deviation-based reputation scheme to detect Byzantine nodes in a distributed inference network. Finally, we investigate optimal jamming attacks in detection networks where the jammer distributes its power across the sensing and the communication channels. We also model the interaction between the jammer and a centralized detection network as a complete information zero-sum game. We find closed-form expressions for pure-strategy Nash equilibria and show that both the players converge to these equilibria in a repeated game. Finally, we show that the jammer finds no incentive to employ pure-strategy equilibria, and causes greater impact on the network performance by employing mixed strategies

Optimising multiple antenna techniques for physical layer security

Wireless communications offer data transmission services anywhere and anytime, but with the inevitable cost of introducing major security vulnerabilities. Indeed, an eavesdropper can overhear a message conveyed over the open insecure wireless media putting at risk the confidentiality of the wireless users. Currently, the way to partially prevent eavesdropping attacks is by ciphering the information between the authorised parties through complex cryptographic algorithms. Cryptography operates in the upper layers of the communication model, bit it does not address the security problem where the attack is suffered: at the transmission level. In this context, physical layer security has emerged as a promising framework to prevent eavesdropping attacks at the transmission level. Physical layer security is based on information-theoretic concepts and exploits the randomness and the uniqueness of the wireless channel. In this context, this thesis presents signal processing techniques to secure wireless networks at the physical layer by optimising the use of multiple-antennas. A masked transmission strategy is used to steer the confidential information towards the intended receiver, and, at the same time, broadcast an interfering signal to confuse unknown eavesdroppers. This thesis considers practical issues in multiple-antenna networks such as limited transmission resources and the lack of accurate information between the authorised transmission parties. The worst-case for the security, that occurs when a powerful eavesdropper takes advantage of any opportunity to put at risk the transmission confidentiality, is addressed. The techniques introduced improve the security by offering efficient and innovative transmission solutions to lock the communication at the physical layer. Notably, these transmission mechanisms strike a balance between confidentiality and quality to satisfy the practical requirements of modern wireless networks

Tradeoffs between Anonymity and Quality of Services in Data Networking and Signaling Games

Timing analysis has long been used to compromise users\u27 anonymity in networks. Even when data is encrypted, an adversary can track flows from sources to the corresponding destinations by merely using the correlation between the inter-packet timing on incoming and outgoing streams at intermediate routers. Anonymous network systems, where users communicate without revealing their identities, rely on the idea of Chaum mixing to hide `networking information\u27. Chaum mixes are routers or proxy servers that randomly reorder the outgoing packets to prevent an eavesdropper from tracking the flow of packets. The effectiveness of such mixing strategies is, however, diminished under constraints on network Quality of Services (QoS)s such as memory, bandwidth, and fairness. In this work, two models for studying anonymity, packet based anonymity and flow based anonymity, are proposed to address these issues quantitatively and a trade-off between network constraints and achieved anonymity is studied. Packet based anonymity model is proposed to study the short burst traffic arrival models of users such as in web browsing. For packet based anonymity, an information theoretic investigation of mixes under memory constraint and fairness constraint is established. Specifically, for memory constrained mixes, the first single letter characterization of the maximum achievable anonymity for a mix serving two users with equal arrival rates is provided. Further, for two users with unequal arrival rates the anonymity is expressed as a solution to a series of finite recursive equations. In addition, for more than two users and arbitrary arrival rates, a lower bound on the convergence rate of anonymity is derived as buffer size increases and it is shown that under certain arrival configurations the lower bound is tight. The adverse effects of requirement of fairness in data networking on anonymous networking is also studied using the packet based anonymity model and a novel temporal fairness index is proposed to compare the tradeoff between fairness and achieved anonymity of three diverse and popular fairness paradigms: First Come First Serve, Fair Queuing and Proportional Method. It is shown that FCFS and Fair Queuing algorithms have little inherent anonymity. A significant improvement in anonymity is therefore achieved by relaxing the fairness paradigms. The analysis of the relaxed FCFS criterion, in particular, is accomplished by modeling the problem as a Markov Decision Process (MDP). The proportional method of scheduling, while avoided in networks today, is shown to significantly outperform the other fair scheduling algorithms in anonymity, and is proven to be asymptotically optimal as the buffer size of the scheduler is increased. Flow based anonymity model is proposed to study long streams traffic models of users such as in media streaming. A detection theoretic measure of anonymity is proposed to study the optimization of mixing strategies under network constraints for this flow based anonymity model. Specifically, using the detection time of the adversary as a metric, the effectiveness of mixing strategies is maximized under constraints on memory and throughput. A general game theoretic model is proposed to study the mixing strategies when an adversary is capable of capturing a fraction of incoming packets. For the proposed multistage game, existence of a Nash equilibrium is proven, and the optimal strategies for the mix and adversary were derived at the equilibrium condition.It is noted in this work that major literature on anonymity in Internet is focused on achieving anonymity using third parties like mixes or onion routers, while the contributions of users\u27 individual actions such as accessing multiple websites to hide the targeted websites, using multiple proxy servers to hide the traffic routes are overlooked. In this thesis, signaling game model is proposed to study specifically these kind of problems. Fundamentally, signaling games consist of two players: senders and receivers and each sender belongs to one of multiple types. The users who seek to achieve anonymity are modeled as the sender of a signaling game and their types are identified by their personal information that they want to hide. The eavesdroppers are modeled as the receiver of the signaling game. Senders transmit their messages to receivers. The transmission of these messages can be seen as inevitable actions that a user have to take in his/her daily life, like the newspapers he/she subscribes on the Internet, online shopping that he/she does, but these messages are susceptible to reveal the user identity such as his/her political affiliation or his/her affluence level. The receiver (eavesdropper) uses these messages to interpret the senders\u27 type and take optimal actions according to his belief of senders\u27 type. Senders choose their messages to increase their reward given that they know the optimal policies of the receivers for choosing the action based on the transmitted message. However, sending the messages that increases senders\u27 reward may reveal their type to receivers thus violating their privacy and can be used by eavesdropper in future to harm the senders. In this work, the payoff of a signalling game is adjusted to incorporate the information revealed to an eavesdropper such that this information leakage is minimized from the users\u27 perspective. The existence of Bayesian-Nash equilibrium is proven in this work for the signaling games even after the incorporation of users\u27 anonymity. It is also proven that the equilibrium point is unique if the desired anonymity is below a certain threshold