Distributed SIMO Physical Layer Authentication: Performance Bounds Under Optimal Attacker Strategies

We provide worst-case bounds for the detection performance of a physical layer authentication scheme where authentication is based on channel-state information (CSI) observed at multiple distributed remote radio-heads (RRHs). The bounds are established based on two physical-layer attack strategies that a sophisticated attacker can launch against a given deployment. First, we consider a power manipulation attack, in which a single-antenna attacker adopts optimal transmit power and phase, and derive an approximation for the missed detection probability that is applicable for both statistical and perfect CSI knowledge at the attacker. Secondly, we characterize the spatial attack position that maximizes the attacker's success probability under strong line-of-sight conditions. We use this to provide a heuristic truncated search algorithm that efficiently finds the optimal attack position, and hence, constitutes a powerful tool for planning, analyzing, and optimizing deployments. Interestingly, our results show that there is only a small gap between the detection performance under a power manipulation attack based on statistical respectively perfect CSI knowledge, which significantly strengthens the relevance and applicability of our results in real-world scenarios. Furthermore, our results illustrate the benefits of the distributed approach by showing that the worst-case bounds can be reduced by 4 orders of magnitude without increasing the total number of antennas.Comment: Submitted to IEEE Transactions on Wireless Communication

Physical Layer Authentication in Mission-Critical MTC Networks: A Security and Delay Performance Analysis

We study the detection and delay performance impacts of a feature-based physical layer authentication (PLA) protocol in mission-critical machine-type communication (MTC) networks. The PLA protocol uses generalized likelihood-ratio testing based on the line-of-sight (LOS), single-input multiple-output channel-state information in order to mitigate impersonation attempts from an adversary node. We study the detection performance, develop a queueing model that captures the delay impacts of erroneous decisions in the PLA (i.e., the false alarms and missed detections), and model three different adversary strategies: data injection, disassociation, and Sybil attacks. Our main contribution is the derivation of analytical delay performance bounds that allow us to quantify the delay introduced by PLA that potentially can degrade the performance in mission-critical MTC networks. For the delay analysis, we utilize tools from stochastic network calculus. Our results show that with a sufficient number of receive antennas (approx. 4-8) and sufficiently strong LOS components from legitimate devices, PLA is a viable option for securing mission-critical MTC systems, despite the low latency requirements associated to corresponding use cases. Furthermore, we find that PLA can be very effective in detecting the considered attacks, and in particular, it can significantly reduce the delay impacts of disassociation and Sybil attacks