A Survey on Wireless Security: Technical Challenges, Recent Advances and Future Trends

This paper examines the security vulnerabilities and threats imposed by the inherent open nature of wireless communications and to devise efficient defense mechanisms for improving the wireless network security. We first summarize the security requirements of wireless networks, including their authenticity, confidentiality, integrity and availability issues. Next, a comprehensive overview of security attacks encountered in wireless networks is presented in view of the network protocol architecture, where the potential security threats are discussed at each protocol layer. We also provide a survey of the existing security protocols and algorithms that are adopted in the existing wireless network standards, such as the Bluetooth, Wi-Fi, WiMAX, and the long-term evolution (LTE) systems. Then, we discuss the state-of-the-art in physical-layer security, which is an emerging technique of securing the open communications environment against eavesdropping attacks at the physical layer. We also introduce the family of various jamming attacks and their counter-measures, including the constant jammer, intermittent jammer, reactive jammer, adaptive jammer and intelligent jammer. Additionally, we discuss the integration of physical-layer security into existing authentication and cryptography mechanisms for further securing wireless networks. Finally, some technical challenges which remain unresolved at the time of writing are summarized and the future trends in wireless security are discussed.Comment: 36 pages. Accepted to Appear in Proceedings of the IEEE, 201

Reconfigurable Intelligent Surface-Assisted Secret Key Generation in Spatially Correlated Channels

Reconfigurable intelligent surface (RIS) is a disruptive technology to enhance the performance of physical-layer key generation (PKG) thanks to its ability to smartly customize the radio environments. Existing RIS-assisted PKG methods are mainly based on the idealistic assumption of an independent and identically distributed (i.i.d.) channel model at both the base station (BS) and the RIS. However, the i.i.d. model is inaccurate for a typical RIS in an isotropic scattering environment and neglecting the existence of channel spatial correlation would possibly degrade the PKG performance. In this paper, we establish a general spatially correlated channel model and propose a new channel probing framework based on the transmit and the reflective beamforming. We derive a closed-form key generation rate (KGR) expression and formulate an optimization problem, which is solved by using the low-complexity Block Successive Upper-bound Minimization (BSUM) with Mirror-Prox method. Simulation results show that compared to the existing methods based on the i.i.d. fading model, our proposed method achieves about $5$ dB transmit power gain when the spacing between two neighboring RIS elements is a quarter of the wavelength. Also, the KGR increases significantly with the number of RIS elements while that increases marginally with the number of BS antennas.Comment: arXiv admin note: text overlap with arXiv:2207.1175

Mobile Jammers for Secrecy Rate Maximization in Cooperative Networks

We consider a source (Alice) trying to communicate with a destination (Bob), in a way that an unauthorized node (Eve) cannot infer, based on her observations, the information that is being transmitted. The communication is assisted by multiple multi-antenna cooperating nodes (helpers) who have the ability to move. While Alice transmits, the helpers transmit noise that is designed to affect the entire space except Bob. We consider the problem of selecting the helper weights and positions that maximize the system secrecy rate. It turns out that this optimization problem can be efficiently solved, leading to a novel decentralized helper motion control scheme. Simulations indicate that introducing helper mobility leads to considerable savings in terms of helper transmit power, as well as total number of helpers required for secrecy communications.Comment: ICASSP 201

Reconfigurable Intelligent Surfaces: The New Frontier of Next G Security

RIS is one of the significant technological advancements that will mark next-generation wireless. RIS technology also opens up the possibility of new security threats, since the reflection of impinging signals can be used for malicious purposes. This article introduces the basic concept for a RIS-assisted attack that re-uses the legitimate signal towards a malicious objective. Specific attacks are identified from this base scenario, and the RIS-assisted signal cancellation attack is selected for evaluation as an attack that inherently exploits RIS capabilities. The key takeaway from the evaluation is that an effective attack requires accurate channel information, a RIS deployed in a favorable location (from the point of view of the attacker), and it disproportionately affects legitimate links that already suffer from reduced path loss. These observations motivate specific security solutions and recommendations for future work.Comment: This work has been submitted to the IEEE for possible publication. Copyright may be transferred without notice, after which this version may no longer be accessibl

Zero-Forcing Beamforming for RIS-Enhanced Secure Transmission

This article considers a reconfigurable intelligent surface (RIS) enhanced multi-antenna secure transmission system in the presence of both active eavesdroppers (AEves) and passive eavesdroppers (PEves). We propose a zero-forcing (ZF) beamforming strategy that can steer transmit beam to the null space of AEves' channel, while simultaneously enhancing the SNRs for a legitimate user equipment (UE) and PEves without perfect channel state information (CSI). The design goal is to maximize the SNR of UE subject to the transmit power constraint at the BS, SNR limitations on PEves, and reflection constraints at RIS. Due to the complexity of modeling, we first introduce a homogeneous Poisson point process (HPPP) to imitate the distribution of spatially random PEves, which derives a complicated non-convex problem. We then develop an efficient alternating algorithm where the transmit beamforming vector and the reflective beamforming vector are obtained by convex-concave procedure (CCP) and semi-definite relaxation (SDR) technique, respectively. Simulation results validate the performance advantages of the proposed optimized design

On the feasibility and applications of in-band full-duplex radios for future wireless networks

Due to the continuous increase of the demands for the wireless network’s capacity, in-band full-duplex (IBFD) has recently become a key research topic due to its potential to double spectral efficiency, reduce latency, enhance emerging applications, etc., by transmitting and receiving simultaneously over the same channel. Meanwhile, many studies in the literature experimentally demonstrated the feasibility of IBFD radios, which leads to the belief that it is possible to introduce IBFD in the standard of the next-generation networks. Therefore, in this thesis, we timely study the feasibility of IBFD and investigate its advantages for emerging applications in future networks. In the first part, we investigate the interference suppression methods to maximize the IBFD gain by minimizing the effects of self-interference (SI) and co-channel interference (CCI). To this end, we first study a 3-step self-interference cancellation (SIC) scheme. We focus on the time domain-based analog canceller and nonlinear digital canceller, explaining their rationale, demonstrating their effectiveness, and finding the optimal design by minimizing the residual effects. To break the limitation of conventional electrical radio frequency (RF) cancellers, we study the photonic-assisted canceller (PAC) and propose a new design, namely a fiber array-based canceller. We propose a new low-complexity tuning algorithm for the PAC. The effectiveness of the proposed fiber array canceller is demonstrated via simulations. Furthermore, we construct a prototype of the fiber array canceller with two taps and carry out experiments in real-world environments. Results show that the 3-step cancellation scheme can bring the SI close to the receiver's noise floor. Then, we consider the multiple-input multiple-output (MIMO) scenarios, proposing to employ hybrid RF-digital beamforming to reduce the implementation cost and studying its effects on the SIC design. Additionally, we propose a user allocation algorithm to reduce the CCI from the physical layer. A heterogeneous industrial Internet of Things (IIoT) scenario is considered, while the proposed algorithm can be generalized by modifying the parameters to fit any other network. In the second part, we study the beamforming schemes for IBFD multi-cell multi-user (IBFD-MCMU) networks. The transceiver hardware impairments (HWIs) and channel uncertainty are considered for robustness. We first enhance zero-forcing (ZF) and maximum ratio transmission and combining (MRTC) beamforming to be compatible with IBFD-MCMU networks in the presence of multi-antenna users. Then, we study beamforming for SIC, which is challenging for MCMU networks due to the limited antennas but complex interference. We propose a minimum mean-squared error (MMSE)-based scheme to enhance the SIC performance while minimizing its effects on the sum rate. Furthermore, we investigate a robust joint power allocation and beamforming (JPABF) scheme, which approaches the performance of existing optimal designs with reduced complexity. Their performance is evaluated and compared through 3GPP-based simulations. In the third part, we investigate the advantages of applying IBFD radios for physical layer security (PLS). We focus on a channel frequency response (CFR)-based secret key generation (SKG) scheme in MIMO systems. We formulate the intrinsic imperfections of IBFD radios (e.g., SIC overheads and noise due to imperfect SIC) and derive their effects on the probing errors. Then we derive closed-form expressions for the secret key capacity (SKC) of the SKG scheme in the presence of a passive eavesdropper. We analyze the asymptotic behavior of the SKC in the high-SNR regime and reveal the fundamental limits for IBFD and half-duplex (HD) radios. Based on the asymptotic SKC, numerical results illustrate that effective analog self-interference cancellation (ASIC) is the basis for IBFD to gain benefits over HD. Additionally, we investigate essential processing for the CFR-based SKG scheme and verify its effectiveness via simulations and the National Institute of Standards and Technology (NIST) test. In the fourth part, we consider a typical application of IBFD radios: integrated sensing and communication (ISAC). To provide reliable services in high-mobility scenarios, we introduce orthogonal time frequency space (OTFS) modulation and develop a novel framework for OTFS-ISAC. We give the channel representation in different domains and reveal the limitations and disadvantages of existing ISAC frameworks for OTFS waveforms and propose a novel radar sensing method, including a conventional MUSIC algorithm for angle estimation and a delay-time domain-based range and velocity estimator. Additionally, we study the communication design based on the estimated radar sensing parameters. To enable reliable IBFD radios in high-mobility scenarios, a SIC scheme compatible with OTFS and rapidly-changing channels is proposed, which is lacking in the literature. Numerical results demonstrate that the proposed ISAC waveform and associated estimation algorithm can provide both reliable communications and accurate radar sensing with reduced latency, improved spectral efficiency, etc