Malicious relay node detection with unsupervised learning in amplify-forward cooperative networks

This paper presents malicious relay node detection in a cooperative network using unsupervised learning based on the received signal samples over the source to destination (S-D) link at the destination node. We consider the situations in which possible maliciousness of the relay is the regenerative, injection or garbling type attacks over the source signal according to attack modeling in the communication. The proposed approach here for such an attack detection problem is to apply unsupervised machine learning using one-class classifier (OCC) algorithms. Among the algorithms compared, One-Class Support Vector Machines (OSVM) with kernel radial basis function (RBF) has the largest accuracy performance in detecting malicious node attacks with certain types and also detect trustable relay by using specific features of the symbol constellation of the received signal. Results show that we can achieve detection accuracy about 99% with SVM-RBF and k-NN learning algorithms for garbling type relay attacks. The results also encourage that OCC algorithms considered in this study with different feature selections could be effective in detecting other types of relay attacks

Machine Learning For In-Region Location Verification In Wireless Networks

In-region location verification (IRLV) aims at verifying whether a user is inside a region of interest (ROI). In wireless networks, IRLV can exploit the features of the channel between the user and a set of trusted access points. In practice, the channel feature statistics is not available and we resort to machine learning (ML) solutions for IRLV. We first show that solutions based on either neural networks (NNs) or support vector machines (SVMs) and typical loss functions are Neyman-Pearson (N-P)-optimal at learning convergence for sufficiently complex learning machines and large training datasets . Indeed, for finite training, ML solutions are more accurate than the N-P test based on estimated channel statistics. Then, as estimating channel features outside the ROI may be difficult, we consider one-class classifiers, namely auto-encoders NNs and one-class SVMs, which however are not equivalent to the generalized likelihood ratio test (GLRT), typically replacing the N-P test in the one-class problem. Numerical results support the results in realistic wireless networks, with channel models including path-loss, shadowing, and fading

Cooperative Authentication in Underwater Acoustic Sensor Networks

With the growing use of underwater acoustic communications (UWAC) for both industrial and military operations, there is a need to ensure communication security. A particular challenge is represented by underwater acoustic networks (UWANs), which are often left unattended over long periods of time. Currently, due to physical and performance limitations, UWAC packets rarely include encryption, leaving the UWAN exposed to external attacks faking legitimate messages. In this paper, we propose a new algorithm for message authentication in a UWAN setting. We begin by observing that, due to the strong spatial dependency of the underwater acoustic channel, an attacker can attempt to mimic the channel associated with the legitimate transmitter only for a small set of receivers, typically just for a single one. Taking this into account, our scheme relies on trusted nodes that independently help a sink node in the authentication process. For each incoming packet, the sink fuses beliefs evaluated by the trusted nodes to reach an authentication decision. These beliefs are based on estimated statistical channel parameters, chosen to be the most sensitive to the transmitter-receiver displacement. Our simulation results show accurate identification of an attacker's packet. We also report results from a sea experiment demonstrating the effectiveness of our approach.Comment: Author version of paper accepted for publication in the IEEE Transactions on Wireless Communication

Physical Layer Security: Detection of Active Eavesdropping Attacks by Support Vector Machines

This paper presents a framework for converting wireless signals into structured datasets, which can be fed into machine learning algorithms for the detection of active eavesdropping attacks at the physical layer. More specifically, a wireless communication system, which consists of K legal users, one access point (AP) and one active eavesdropper, is considered. To cope with the eavesdropper who breaks into the system during the uplink phase, we first build structured datasets based on several different features. We then apply support vector machine (SVM) classifiers and one-class SVM classifiers to those structured datasets for detecting the presence of eavesdropper. Regarding the data, we first process received signals at the AP and then define three different features (i.e., MEAN, RATIO and SUM) based on the post-processing signals. Noticeably, our three defined features are formulated such that they have relevant statistical properties. Enabling the AP to simulate the entire process of transmission, we form the so-called artificial training data (ATD) that is used for training SVM (or one-class SVM) models. While SVM is preferred in the case of having perfect channel state information (CSI) of all channels, one-class SVM is preferred in the case of having only the CSI of legal users. We also evaluate the accuracy of the trained models in relation to the choice of kernel functions, the choice of features, and the change of eavesdropper's power. Numerical results show that the accuracy is relatively sensitive to adjusting parameters. Under some settings, SVM classifiers (or even one-class SVM) can bring about the accuracy of over 90%.Comment: All versions on this site are withdrawn because of their serious mistakes. Moreover, the contributions of the co-authors were not considered carefully. Two co-authors have little contributions, which cannot constitute any main contribution. It was a mistake when the first author forgot to update the actual authors, and he hurried to upload the incomplete and flaw file