Channel Impulse Response-based Distributed Physical Layer Authentication

In this preliminary work, we study the problem of {\it distributed} authentication in wireless networks. Specifically, we consider a system where multiple Bob (sensor) nodes listen to a channel and report their {\it correlated} measurements to a Fusion Center (FC) which makes the ultimate authentication decision. For the feature-based authentication at the FC, channel impulse response has been utilized as the device fingerprint. Additionally, the {\it correlated} measurements by the Bob nodes allow us to invoke Compressed sensing to significantly reduce the reporting overhead to the FC. Numerical results show that: i) the detection performance of the FC is superior to that of a single Bob-node, ii) compressed sensing leads to at least $20\%$ overhead reduction on the reporting channel at the expense of a small ($<1$ dB) SNR margin to achieve the same detection performance.Comment: 6 pages, 5 figures, accepted for presentation at IEEE VTC 2017 Sprin

SDR for Physical Layer Authentication

Wireless networks and devices are easy and useful solutions nowadays, regardless of the context in which they are implemented. However, it is in the broadcast nature of wireless networks that some vulnerabilities arise. To protect against these vulnerabilities, encryp- tion and authentication methods are commonly used. However, such methods come at the expense of their own complexity, requiring high enough computational power to solve, and introducing latency. To try to reduce the complexity of the conventional ways of user authentication, this work has studied mechanisms to implement reliable authentication at the physical layer, analyzing the various devices signal characteristics. To achieve this analysis, the GNU Radio platform was used to process incoming signals and extract the necessary features. Given the open source nature of GNU Radio, this provides a customiz- able and low-cost solution to signal processing and feature extraction. This research uses the GNU Radio to implement a feature extraction solution and constructs a feature vector with size 1 × 95. This thesis studies the extracted features of eleven IEEE 802.15.4 devices in regards to their separability and proposes a solution for feature reduction. The feature vectors are passed through a Random Forest and a Deep Neural Network (DNN) classifier, achieving accuracies as high as 99% for short distance communication.Redes e dispositivos sem fio são implementações úteis e fáceis de realizar atualmente, independentemente do contexto em que são desenvolvidas. No entanto, é na natureza de difusão destas redes que surgem algumas vulnerabilidades. Métodos de criptografia e autenticação são usualmente utilizados para proteger contra essas vulnerabilidades. No entanto, esses métodos apresentam uma complexidade inerente, necessitando de poder computacional e introduzindo latência. Para tentar reduzir a complexidade das formas convencionais de autenticação de utilizadores das redes, esta dissertação estudou me- canismos para implementar uma autenticação fiável na camada física, analisando as ca- racterísticas dos sinais dos diversos dispositivos que utilizam a rede. Para realizar esta análise, a plataforma GNU Radio foi utilizada para processar sinais recebidos e extrair as características necessárias. Dada a natureza de código aberto do GNU Radio, é possível desenvolver uma solução customizável e de baixo custo. Esta dissertação utiliza o GNU Radio para implementar uma solução de extração de características e constrói um vetor de características de tamanho 1×95. Esta dissertação estuda as características extraídas de onze dispositivos IEEE 802.15.4 em relação à separabilidade destas e propõe uma solução para redução de características. Os vetores são passados por um classificador de Florestas Aleatórias (Random Forest) e um classificador de Redes Neurais Profundas, atingindo precisões de até 99% para comunicação a curta distância

Physical Layer Authentication

A fundamental problem in security is authentication: namely, how to verify the identity of another party. Without this verification, the ideas of privacy and integrity are moot. Modern authentication techniques use cryptographic operations that secure the system against adversaries that do not have tremendous amounts of computation and memory. However, when the abilities of the adversary increase, such authentication paradigms become more susceptible to defeat. With the greater threat of defeat, the secret authentication keys must be replaced more often. Unfortunately, the popular key replacement algorithms typically rely on either third parties or on non-trivial computational ability. In this thesis we attack these two aspects of the authentication problem by presenting novel methods for authentication and key replacement in wireless environments. We describe how to exploit the randomness of the physical layer to hide the authentication from adversaries. Typically, no effort is made to hide the authentication - it is sent in plain view of friend and foe alike. The proposed technique reveals significantly less key information than traditional authentication methods and can increase the data throughput of the system. We define metrics to quantify the performance of the proposed authentication system and use them to study the associated tradeoffs. A software radio implementation is then presented to demonstrate the feasibility of the proposed scheme. Finally, we consider how secret keys can be replaced in an efficient manner. We describe a novel method of key replacement and generation that, unlike other methods, requires no additional message exhanges after initialization and yet generates highly random keys. As an added benefit, the method is shown to be extremely lightweight in terms of computation and memory requirements

Physical layer authentication for wireless communications

指導教員：姜　暁

EsaNet: Environment Semantics Enabled Physical Layer Authentication

Wireless networks are vulnerable to physical layer spoofing attacks due to the wireless broadcast nature, thus, integrating communications and security (ICAS) is urgently needed for 6G endogenous security. In this letter, we propose an environment semantics enabled physical layer authentication network based on deep learning, namely EsaNet, to authenticate the spoofing from the underlying wireless protocol. Specifically, the frequency independent wireless channel fingerprint (FiFP) is extracted from the channel state information (CSI) of a massive multi-input multi-output (MIMO) system based on environment semantics knowledge. Then, we transform the received signal into a two-dimensional red green blue (RGB) image and apply the you only look once (YOLO), a single-stage object detection network, to quickly capture the FiFP. Next, a lightweight classification network is designed to distinguish the legitimate from the illegitimate users. Finally, the experimental results show that the proposed EsaNet can effectively detect physical layer spoofing attacks and is robust in time-varying wireless environments

Physical Layer Authentication Using Intelligent Reflective Surfaces

The Intelligent Reflective Surface (IRS) is one of the key technologies that will increase the coverage of cellular networks and enhance their performance at a low cost. Moreover, the IRS will improve the performance of the Channel-based Physical layer Authentication security mechanism. In this thesis, we propose an authentication scheme that takes advantage of the presence of the IRS in the IRS-assisted multiple input multiple output (MIMO) system to improve the security performance of the system. The proposed cascaded channel estimation authentication scheme has been developed and compared with a systematic channel estimation authentication scheme. We consider a non-line of sight communication between the transmitter and the receiver through the IRS. We will also demonstrate the efficiency of the proposed scheme by comparing it with one of the commonly used schemes. Moreover, we will formulate the optimal attack strategies to test the security of the proposed scheme. The performance of the proposed scheme is evaluated, and the numerical results show the merit of the proposed approach that can be adopted as a Physical layer authentication mechanism.The Intelligent Reflective Surface (IRS) is one of the key technologies that will increase the coverage of cellular networks and enhance their performance at a low cost. Moreover, the IRS will improve the performance of the Channel-based Physical layer Authentication security mechanism. In this thesis, we propose an authentication scheme that takes advantage of the presence of the IRS in the IRS-assisted multiple input multiple output (MIMO) system to improve the security performance of the system. The proposed cascaded channel estimation authentication scheme has been developed and compared with a systematic channel estimation authentication scheme. We consider a non-line of sight communication between the transmitter and the receiver through the IRS. We will also demonstrate the efficiency of the proposed scheme by comparing it with one of the commonly used schemes. Moreover, we will formulate the optimal attack strategies to test the security of the proposed scheme. The performance of the proposed scheme is evaluated, and the numerical results show the merit of the proposed approach that can be adopted as a Physical layer authentication mechanism

On the Achievable Error Region of Physical Layer Authentication Techniques over Rayleigh Fading Channels

For a physical layer message authentication procedure based on the comparison of channel estimates obtained from the received messages, we focus on an outer bound on the type I/II error probability region. Channel estimates are modelled as multivariate Gaussian vectors, and we assume that the attacker has only some side information on the channel estimate, which he does not know directly. We derive the attacking strategy that provides the tightest bound on the error region, given the statistics of the side information. This turns out to be a zero mean, circularly symmetric Gaussian density whose correlation matrices may be obtained by solving a constrained optimization problem. We propose an iterative algorithm for its solution: Starting from the closed form solution of a relaxed problem, we obtain, by projection, an initial feasible solution; then, by an iterative procedure, we look for the fixed point solution of the problem. Numerical results show that for cases of interest the iterative approach converges, and perturbation analysis shows that the found solution is a local minimum