Malicious relay node detection with unsupervised learning in amplify-forward cooperative networks

This paper presents malicious relay node detection in a cooperative network using unsupervised learning based on the received signal samples over the source to destination (S-D) link at the destination node. We consider the situations in which possible maliciousness of the relay is the regenerative, injection or garbling type attacks over the source signal according to attack modeling in the communication. The proposed approach here for such an attack detection problem is to apply unsupervised machine learning using one-class classifier (OCC) algorithms. Among the algorithms compared, One-Class Support Vector Machines (OSVM) with kernel radial basis function (RBF) has the largest accuracy performance in detecting malicious node attacks with certain types and also detect trustable relay by using specific features of the symbol constellation of the received signal. Results show that we can achieve detection accuracy about 99% with SVM-RBF and k-NN learning algorithms for garbling type relay attacks. The results also encourage that OCC algorithms considered in this study with different feature selections could be effective in detecting other types of relay attacks

Detecting Byzantine Attacks Without Clean Reference

We consider an amplify-and-forward relay network composed of a source, two relays, and a destination. In this network, the two relays are untrusted in the sense that they may perform Byzantine attacks by forwarding altered symbols to the destination. Note that every symbol received by the destination may be altered, and hence no clean reference observation is available to the destination. For this network, we identify a large family of Byzantine attacks that can be detected in the physical layer. We further investigate how the channel conditions impact the detection against this family of attacks. In particular, we prove that all Byzantine attacks in this family can be detected with asymptotically small miss detection and false alarm probabilities by using a sufficiently large number of channel observations \emph{if and only if} the network satisfies a non-manipulability condition. No pre-shared secret or secret transmission is needed for the detection of these attacks, demonstrating the value of this physical-layer security technique for counteracting Byzantine attacks.Comment: 16 pages, 7 figures, accepted to appear on IEEE Transactions on Information Forensics and Security, July 201

Security and Prioritization in Multiple Access Relay Networks

In this work, we considered a multiple access relay network and investigated the following three problems: 1- Tradeoff between reliability and security under falsified data injection attacks; 2-Prioritized analog relaying; 3- mitigation of Forwarding Misbehaviors in Multiple access relay network. In the first problem, we consider a multiple access relay network where multiple sources send independent data to a single destination through multiple relays which may inject a falsified data into the network. To detect the malicious relays and discard (erase) data from them, tracing bits are embedded in the information data at each source node. Parity bits may be also added to correct the errors caused by fading and noise. When the total amount of redundancy, tracing bits plus parity bits, is fixed, an increase in parity bits to increase the reliability requires a decrease in tracing bits which leads to a less accurate detection of malicious behavior of relays, and vice versa. We investigate the tradeoff between the tracing bits and the parity bits in minimizing the probability of decoding error and maximizing the throughput in multi-source, multi-relay networks under falsified data injection attacks. The energy and throughput gains provided by the optimal allocation of redundancy and the tradeoff between reliability and security are analyzed. In the second problem, we consider a multiple access relay network where multiple sources send independent data simultaneously to a common destination through multiple relay nodes. We present three prioritized analog cooperative relaying schemes that provide different class of service (CoS) to different sources while being relayed at the same time in the same frequency band. The three schemes take the channel variations into account in determining the relay encoding (combining) rule, but differ in terms of whether or how relays cooperate. Simulation results on the symbol error probability and outage probability are provided to show the effectiveness of the proposed schemes. In the third problem, we propose a physical layer approach to detect the relay node that injects false data or adds channel errors into the network encoder in multiple access relay networks. The misbehaving relay is detected by using the maximum a posteriori (MAP) detection rule which is optimal in the sense of minimizing the probability of incorrect decision (false alarm and miss detection). The proposed scheme does not require sending extra bits at the source, such as hash function or message authentication check bits, and hence there is no transmission overhead. The side information regarding the presence of forwarding misbehavior is exploited at the decoder to enhance the reliability of decoding. We derive the probability of false alarm and miss detection and the probability of bit error, taking into account the lossy nature of wireless links

Distributed Space-Time Message Relaying for Uncoded/Coded Wireless Cooperative Communications

During wireless communications, nodes can overhear other transmissions through the wireless medium, suggested by the broadcast nature of plane wave propagation, and may help to provide extra observations of the source signals to the destination. Modern research in wireless communications pays more attention to these extra observations which were formerly neglected within networks. Cooperative communication processes this abundant information existing at the surrounding nodes and retransmits towards the destination in various forms to create spatial and/or coding diversity, thereby to obtain higher throughput and reliability. The aim of this work is to design cooperative communication systems with distributed space-time block codes (DSTBC) in different relaying protocols and theoretically derive the BER performance for each scenario. The amplify-and-forward (AF) protocol is one of the most commonly used protocols at the relays. It has a low implementation complexity but with a drawback of amplifying the noise as well. We establish the derivation of the exact one-integral expression of the average BER performance of this system, folloby a novel approximation method based on the series expansion. An emerging technology, soft decode-and-forward (SDF), has been presented to combine the desired features of AF and DF: soft signal representation in AF and channel coding gain in DF. In the SDF protocol, after decoding, relays transmit the soft-information, which represents the reliability of symbols passed by the decoder, to the destination. Instead of keeping the source node idling when the relays transmit as in the traditional SDF system, we let the source transmit hard information and cooperate with the relays using DSTBC. By theoretically deriving the detection performance at the destination by either using or not using the DSTBC, we make comparisons among three SDF systems. Interesting results have been shown, together with Monte-Carlo simulations, to illustrate that our proposed one-relay and two-relay SDF & DSTBC systems outperform traditional soft relaying for most of the cases. Finally, these analytic results also provide a way to implement the optimal power allocation between the source and the relay or between relays, which is illustrated in the line model

Prioritization, security and relay selection in network coded multiple access relay networks

Wireless communication is undoubtedly one of the most significant advancements by the mankind for improving quality of life. Information is transmitted from one point to another via electromagnetic waves. After Shannon\u27s landmark paper ``A Mathematical Theory of Communication\u27\u27 in 1948, significant advancements have occurred in providing reliable point to point wireless communication. With ever growing need for reliable high speed links, Cooperative communication and Network coding have emerged as viable technologies to bridge the gap. In today\u27s wireless network, different users have different demands for reliability based on their respective application. In this context, we propose flexible network coding scheme to adapt to user needs. We develop coding rules which achieve maximal diversity of the system, yet provide differentiated class of service to the users. The proposed scheme can be adjusted to accommodate the dynamic changes in quality of service(QoS) demand of users. Second we consider the issue of security in multiple access relay network. Security has always been a primary concern in wireless networks due to it broadcast nature of transmission. The intermediate relay nodes in a wireless network could be modified by adversary to transmit corrupted information. We propose a novel iterative packet recycling methodology which gives performance improvement over traditional approach of discarding received corrupted packets at the destination. Finally, we consider the problem of choosing relay for transmission. We propose a novel selection scheme which provides balanced relay utilization and reduces relay switching rate compared to the traditional selection algorithms. This cuts down energy wastage at the relay and improves the overall network lifetime

Wireless Device Authentication Techniques Using Physical-Layer Device Fingerprint

Due to the open nature of the radio signal propagation medium, wireless communication is inherently more vulnerable to various attacks than wired communication. Consequently, communication security is always one of the critical concerns in wireless networks. Given that the sophisticated adversaries may cover up their malicious behaviors through impersonation of legitimate devices, reliable wireless authentication is becoming indispensable to prevent such impersonation-based attacks through verification of the claimed identities of wireless devices. Conventional wireless authentication is achieved above the physical layer using upper-layer identities and key-based cryptography. As a result, user authenticity can even be validated for the malicious attackers using compromised security key. Recently, many studies have proven that wireless devices can be authenticated by exploiting unique physical-layer characteristics. Compared to the key-based approach, the possession of such physical-layer characteristics is directly associated with the transceiver\u27s unique radio-frequency hardware and corresponding communication environment, which are extremely difficult to forge in practice. However, the reliability of physical-layer authentication is not always high enough. Due to the popularity of cooperative communications, effective implementation of physical-layer authentication in wireless relay systems is urgently needed. On the other hand, the integration with existing upper-layer authentication protocols still has many challenges, e.g., end-to-end authentication. This dissertation is motivated to develop novel physical-layer authentication techniques in addressing the aforementioned challenges. In achieving enhanced wireless authentication, we first specifically identify the technique challenges in authenticating cooperative amplify-and-forward (AF) relay. Since AF relay only works at the physical layer, all of the existing upper-layer authentication protocols are ineffective in identifying AF relay nodes. To solve this problem, a novel device fingerprint of AF relay consisting of wireless channel gains and in-phase and quadrature imbalances (IQI) is proposed. Using this device fingerprint, satisfactory authentication accuracy is achieved when the signal-to-noise ratio is high enough. Besides, the optimal AF relay identification system is studied to maximize the performance of identifying multiple AF relays in the low signal-to-noise regime and small IQI. The optimal signals for quadrature amplitude modulation and phase shift keying modulations are derived to defend against the repeated access attempts made by some attackers with specific IQIs. Exploring effective authentication enhancement technique is another key objective of this dissertation. Due to the fast variation of channel-based fingerprints as well as the limited range of device-specific fingerprints, the performance of physical-layer authentication is not always reliable. In light of this, the physical-layer authentication is enhanced in two aspects. On the one hand, the device fingerprinting can be strengthened by considering multiple characteristics. The proper characteristics selection strategy, measurement method and optimal weighted combination of the selected characteristics are investigated. On the other hand, the accuracy of fingerprint estimation and differentiation can be improved by exploiting diversity techniques. To be specific, cooperative diversity in the form of involving multiple collaborative receivers is used in differentiating both frequency-dependent and frequency-independent device fingerprints. As a typical combining method of the space diversity techniques, the maximal-ratio combining is also applied in the receiver side to combat the channel degeneration effect and increase the fingerprint-to-noise ratio. Given the inherent weaknesses of the widely utilized upper-layer authentication protocols, it is straightforward to consider physical-layer authentication as an effective complement to reinforce existing authentication schemes. To this end, a cross-layer authentication is designed to seamlessly integrate the physical-layer authentication with existing infrastructures and protocols. The specific problems such as physical-layer key generation as well as the end-to-end authentication in networks are investigated. In addition, the authentication complexity reduction is also studied. Through prediction, pre-sharing and reusing the physical-layer information, the authentication processing time can be significantly shortened