Ning Wang,Weiwei Li,Amir Alipour-Fanid,Long Jiao,Monireh Dabaghchian,Kai Zeng

DOI: https://doi.org/10.1109/tifs.2020.3017932

IF: 7.231

2021-01-01

IEEE Transactions on Information Forensics and Security

Abstract:Grant-free random access is an emerging technology for providing massive connectivity for 5G massive machine-type communications (mMTC), where non-orthogonal pilot sequences are used to simultaneously detect active users and estimate channels. However, grant-free 5G IoT networks are vulnerable to pilot contamination attacks (PCA), where the attacker can send the same pilots as legitimate IoT users to harm the active user detection and channel estimation. To defend against this attack, in this article, we propose a physical-layer countermeasure based on the channel virtual representation (CVR). CVR can emphasize the unique characteristics of mmWave channels that are sensitive to the location of the sender. This can be utilized to counter PCA no matter if the attacker's pilots are superimposed to that of the victim or not. Based on this observation, to achieve an efficient PCA detection, a single-hidden-layer multiple measurement (SHMM) Siamese network is employed. This solution tackles the challenges of channel randomness and massive connectivity in mMTC IoT networks, and supports small sample learning. Simulation results evaluate and confirm the effectiveness of the proposed detection scheme under various scenarios. The detection accuracy can approach 99% with 128 antennas at the receiver and reach above 95% even with only 50 training samples.

computer science, theory & methods,engineering, electrical & electronic

Shiguo Wang,Qingyong Deng,Xuewen Fu,Peng Li

DOI: https://doi.org/10.1016/j.phycom.2023.102215

IF: 2.379

2023-11-06

Physical Communication

Abstract:For large-scale MIMO systems, upon the investigation of pilot spoofing on system security capacity, a novel detection scheme is proposed and the contaminated channel state information (CSI) is corrected. Specifically, a two-parts pilot sequence is exploited to implement channel estimation. The first one is conventional, and the other is partially randomized on the top of the first one. Leveraging the difference between the statistical characteristic of the estimated CSIs in two parts, a pilot spoofing detector is established based on the principle of the maximum likelihood ratio. Meanwhile, the contaminated CSI is purified with the obtained information in pilot spoofing detection, and thus system security capacity can be improved greatly. Finally, simulation results are presented to evaluate the superior performance of the proposed scheme.

telecommunications,engineering, electrical & electronic

Pedro Ivo da Cruz,Dimitri Leandro,Tito Spadini,Ricardo Suyama,Murilo Bellezoni Loiola

DOI: https://doi.org/10.1007/s11235-024-01163-0

2024-06-05

Telecommunication Systems

Abstract:Massive multiple-input multiple-output (MMIMO) is essential to modern wireless communication systems, like 5G and 6G, but it is vulnerable to active eavesdropping attacks. One type of such attack is the pilot contamination attack (PCA), where a malicious user copies pilot signals from an authentic user during uplink, intentionally interfering with the base station's (BS) channel estimation accuracy. In this work, we propose to use a Decision Tree (DT) algorithm for PCA detection at the BS in a multi-user system. We present a methodology to generate training data for the DT classifier and select the best DT according to their depth. Then, we simulate different scenarios that could be encountered in practice and compare the DT to a classical technique based on likelihood ratio testing (LRT) submitted to the same scenarios. The results revealed that a DT with only one level of depth is sufficient to outperform the LRT. The DT shows a good performance regarding the probability of detection in noisy scenarios and when the malicious user transmits with low power, in which case the LRT fails to detect the PCA. We also show that the reason for the good performance of the DT is its ability to compute a threshold that separates PCA data from non-PCA data better than the LRT's threshold. Moreover, the DT does not necessitate prior knowledge of noise power or assumptions regarding the signal power of malicious users, prerequisites typically essential for LRT and other hypothesis testing methodologies.

telecommunications

Wei Wang,Lingjie Duan,Xin Liu,Nan Zhao

DOI: https://doi.org/10.1109/lwc.2023.3344429

IF: 6.3

2024-01-01

IEEE Wireless Communications Letters

Abstract:In this correspondence, we investigate the legitimate surveillance of a suspicious intelligent multi-access (MA) network via pilot contamination attack (PCA). Specifically, the base station (BS) can switch between orthogonal multiple access (OMA) and non-orthogonal multiple access (NOMA) to achieve the optimal sum rate for the paired two users. The monitor sends PCA signals to distort the channel estimation and misleads the mode selection at the BS, i.e., from OMA to NOMA. As thus, the monitor can replace the stronger user in the NOMA pair by itself and wiretap the information of both users, owing to the superimposed signals in NOMA. To this end, the PCA power is minimized subject to the sum-rate requirement and eavesdropping condition, which guarantees that the information can be successfully recovered by the monitor. Simulation results confirm the effectiveness of our PCA scheme in achieving the surveillance in intelligent MA networks.

Yongpeng Wu,Chao-Kai Wen,Wen Chen,Shi Jin,Robert Schober,Giuseppe Caire

DOI: https://doi.org/10.1109/tcomm.2019.2907943

IF: 6.166

2019-01-01

IEEE Transactions on Communications

Abstract:In this paper, we study the design of secure communication for time-division duplex multi-cell multi-user massive multiple-input-multiple-output (MIMO) systems with active eavesdropping. We assume that the eavesdropper actively attacks the uplink pilot transmission and the uplink data transmission before eavesdropping the downlink data transmission of the users. We exploit both the received pilot's and the received data signals for uplink channel estimation. We show analytically that when both the number of transmit antennas and the length of the data vector tend to infinity, the signals of the desired user and the eavesdropper lie in different eigenspaces of the received signal matrix at the base station, provided their signal powers are different. This finding reveals that decreasing (instead of increasing) the desired user's signal power might be an effective approach to combat a strong active attack from an eavesdropper. Inspired by this observation, we propose a data-aided secure downlink transmission scheme and derive an asymptotic achievable secrecy sum-rate expression for the proposed design. For the special case of a single-cell single-user system with independent and identically distributed fading, the obtained expression reveals that the secrecy rate scales logarithmically with the number of transmit antennas. This is the same scaling law as for the achievable rate of a single-user massive MIMO system in the absence of eavesdroppers. The numerical results indicate that the proposed scheme achieves significant secrecy rate gains compared with alternative approaches based on matched filter precoding with artificial noise generation and null space transmission.

Delong Liu,Wei Wang,Yang Huang

DOI: https://doi.org/10.1049/ell2.70074

2024-10-30

Electronics Letters

Abstract:We present a pilot spoofing attack detection scheme by using the difference of two different estimators, that is, the least square estimator and the minimum mean square error estimator, without requiring any priori of eavesdroppers. In addition, we propose a data‐aided channel estimation scheme to eliminate the PSA effect. Pilot spoofing attack (PSA) is an active eavesdropping attack in massive multiple‐input multiple‐output systems, where the eavesdroppers transmit the same pilot sequence as the legitimate user does to the base station to confuse the normal channel estimation during the uplink channel training phase. With the contaminated channel estimations, more information will be leaked to eavesdroppers in the downlink transmission phase. However, it is a challenging issue to detect the PSA attack due to the similarity of the received signals and the variations of the wireless channels. Here, a new PSA detection scheme by using the difference of two different estimators is presented, that is, the least square estimator and the minimum mean square error estimator, without requiring any priori of eavesdroppers. Following that, a new data‐aided channel estimation scheme is proposed to eliminate the PSA effect. Simulation results demonstrate that the proposed PSA detection scheme outperforms the conventional energy detector, and more accurate legitimate channel estimation and higher sum secrecy rates can be obtained with the proposed scheme.

engineering, electrical & electronic

Ning Gao,Zhijin Qin,Xiaojun Jing

DOI: https://doi.org/10.1109/lsp.2019.2913085

2019-01-01

IEEE Signal Processing Letters

Abstract:In the channel training phase, the attacker launches a pilot contamination attack by sending a synchronized and identical pilot signal with the legitimate transmitter. Such an attack can contaminate the channel estimation and alter the legitimate beamformer design. In this letter, first, we propose a pilot contamination attack detection scheme for wireless communications. By considering the prior uncertainty of the attack, we find that the decision-maker will conservatively decide the state of the attack, which is a subjective choice. In this case, we derive the subjective detection probability, the subjective false alarm probability, and the threshold. We analyze the tradeoff problem between ergodic wire-tap channel rate and subjective detection probability. Next, based on the worst case that the attacker adopts the optimal power allocation to launch the optimal attack, we discuss the defense strategy of the optimal attack. Simulations show that the proposed scheme has a better performance than the benchmark method.

Yixin Wang,Yichen Wang,Tao Wang,Julian Cheng

DOI: https://doi.org/10.1109/vtc2024-spring62846.2024.10683251

2024-01-01

Abstract:Millimeter-wave (mmWave) grant-free (GF) access is a promising approach for massive machine-type communication (mMTC) networks to improve the access efficiency and alleviate the shortage of spectrum resources. Due to the lack of authentication, mmWave GF-mMTC networks are vulnerable to the pilot contamination attack (PCA), which can cause severe performance degradation of the channel estimation (CE) and user activity identification (UAI). However, the existing PCA resistance schemes for mmWave GF-mMTC networks perform the CE, UAI, and PCA detection through two separated phases, which will limit the system performance. To solve the problem, we establish a three-dimensional (3-D) transmission model with time-correlated two-dimensional sparsity for mmWave GF-mMTC networks under PCA, where the user activity sparsity, the virtual angular channel sparsity, and the temporal correlation of legitimate user (LU) status are jointly considered. Based on the established transmission model, we develop a 3-D compressive sensing based joint CE, UAI, and PCA detection (3D-CS-JCUPD) scheme. In this scheme, a parallel expectation-maximization vector approximate message passing with multiple measurement vector (Parallel EM-VAMP-MMV) algorithm is proposed to estimate the channel virtual representation (CVR) and the LU status is identified with the aid of different temporal correlation features between LUs and attackers. Moreover, we also develop a location information aided joint CE, UAI, and PCA detection (LIA-JCUPD) scheme to address the situation when attackers and LUs exhibit similar temporal correlations, where the BS utilizes the recorded LU location information to distinguish the LU status. Simulation results show that the developed schemes can achieve substantial performance gains over several reference schemes.

Die Hu,Wei Zhang,Lianghua He,Jun Wu

DOI: https://doi.org/10.1109/lwc.2018.2859329

IF: 6.3

2019-01-01

IEEE Wireless Communications Letters

Abstract:In this letter, we investigate secure transmission for multi-cell multi-user massive multiple-input multiple-output systems with an active eavesdropper. During the uplink (UL) training, the eavesdropper can attack the training phase to cause pilot contamination. To resist such pilot contamination attack (PCA), we propose a secure transmission that does not require statistical information of the channels. In the proposed transmission strategy, we first detect PCA by a simple method. If the PCA is not detected, we then estimate the UL data of the users by a semi-blind method based on an asynchronous protocol. After that, we perform the data-aided channel estimation and design the corresponding precoder. Simulation results demonstrate that the proposed transmission can effectively resist the PCA even when the PCA detection method fails.

Ke-Wen Huang,Hui-Ming Wang

DOI: https://doi.org/10.48550/arXiv.2009.08512

2020-09-18

Abstract:Pilot contamination attack (PCA) in a time division duplex wireless communication system is considered, where an eavesdropper (Eve) attacks the reverse pilot transmission phase in order to wiretap the data transmitted from a transmitter, Alice, to a receiver, Bob. We propose a new PCA scheme for Eve, wherein Eve does not emit any signal by itself but uses an intelligent reflecting surface (IRS) to reflect the pilot sent by Bob to Alice. The proposed new PCA scheme, referred to as IRS-PCA, increases the signal leakage from Alice to the IRS during the data transmission phase, which is then reflected by the IRS to Eve in order to improve the wiretapping capability of Eve. The proposed IRS-PCA scheme disables many existing countermeasures on PCA due to the fact that with IRS-PCA, Eve no longer needs to know the pilot sequence of Bob, and therefore, poses severe threat to the security of the legitimate wireless communication system. In view of this, the problems of 1) IRS-PCA detection and 2) secure transmission under IRSPCA are considered in this paper. For IRS-PCA detection, a generalized cumulative sum (GCUSUM) detection procedure is proposed based on the framework of quickest detection, aiming at detecting the occurrence of IRS-PCA as soon as possible once it occurs. For secure transmission under IRS-PCA, a cooperative channel estimation scheme is proposed to estimate the channel of the IRS, based on which zero-forcing beamforming is designed to reduce signal leakage.

Information Theory

Ning Wang,Weiwei Li,Amir Alipour-Fanid,Monireh Dabaghchian,Kai Zeng

DOI: https://doi.org/10.1109/jiot.2020.2991956

IF: 10.6

2020-08-01

IEEE Internet of Things Journal

Abstract:Nonorthogonal multiple access (NOMA) technology can significantly promote Internet-of-Things (IoT) networks on spectral efficiency and massive connectivity. However, NOMA-IoT communications are vulnerable to pilot contamination attacks, where the attacker can send the same pilot signals as legitimate IoT users. Most existing countermeasures to this physical-layer threat struggle to adapt to NOMA-IoT networks, in which superimposed signals appear and low-cost IoT devices exist. In this article, we propose a compressed-sensing-based detection scheme to defend against pilot contamination attacks in NOMA-IoT networks. In particular, we present a multiple measurement vector (MMV) compressed sensing model and a security spreading code generation (SSCG) framework to prevent pilot contamination attacks from spoofing base station (BS) in NOMA-IoT networks. Furthermore, to efficiently reconstruct the superimposed signals based on the SSCG framework, a matching pursuit (MP) multiple response sparse Bayesian learning (MSBL) algorithm (MP-MSBL) is proposed. The security analysis and algorithm complexity of the proposed algorithms are provided. The simulation results evaluate and confirm the effectiveness of the proposed detection schemes. The reconstruction and detection accuracy of pilots can be higher than 99% under different scenarios.

computer science, information systems,telecommunications,engineering, electrical & electronic

Liang Wu,Zaichen Zhang,Jian Dang,Jiangzhou Wang,Huaping Liu,Yongpeng Wu

DOI: https://doi.org/10.1109/tvt.2017.2698833

IF: 6.8

2017-01-01

IEEE Transactions on Vehicular Technology

Abstract:Pilot contamination (PC) is a major problem in massive multiple-input multiple-output (MIMO) systems. This paper proposes a novel channel estimation scheme for such a system in Rician fading channels. First, the possible angle of arrivals (AOAs) of users served by a base station (BS) are derived by exploiting the channel statistical information, assuming a traditional pilot structure, where the pilots for the same-cell users are orthogonal but are identical for the same-indexed users from different cells. Although, with this pilot structure, the channel state information (CSI) derived contains CSI from other-cell users caused by PC, the line-of-sight (LOS) component of the desired user is PC-free when the number of antennas equipped at the BS is large. Then, based on the AOAs and the contaminated CSI, the LOS component of each user served by a BS is estimated, and data are detected by using the derived LOS components. Finally, the decoded data are used to update the CSI estimate via an iterative process. The achievable spectral efficiency of the proposed scheme is analyzed in detail, and simulation results are presented to compare the performance of the proposed scheme with that of three existing schemes.

Weiyang Xu,Ruiguang Wang,Yuan Zhang,Hien Quoc Ngo,Wei Xiang

DOI: https://doi.org/10.1109/tifs.2024.3402973

IF: 7.231

2024-05-29

IEEE Transactions on Information Forensics and Security

Abstract:The channel hardening effect is less pronounced in the cell-free massive multiple-input multiple-output (mMIMO) system compared to its cellular counterpart, making it necessary to estimate the downlink effective channel gains to ensure decent performance. However, the downlink training inadvertently creates an opportunity for adversarial nodes to launch pilot spoofing attacks (PSAs). First, we demonstrate that adversarial distributed access points (APs) can severely degrade the achievable downlink rate. They achieve this by estimating their channels to users in the uplink training phase and then precoding and sending the same pilot sequences as those used by legitimate APs during the downlink training phase. Then, the impact of the downlink PSA is investigated by rigorously deriving a closed-form expression of the per-user achievable downlink rate. By employing the min-max criterion to optimize the power allocation coefficients, the maximum per-user achievable rate of downlink transmission is minimized from the perspective of adversarial APs. As an alternative to the downlink PSA, adversarial APs may opt to precode random interference during the downlink data transmission phase in order to disrupt legitimate communications. In this scenario, the achievable downlink rate is derived, and then power optimization algorithms are also developed. We present numerical results to showcase the detrimental impact of the downlink PSA and compare the effects of these two types of attacks.

computer science, theory & methods,engineering, electrical & electronic

Yong Chen,Xianyu Zhang,Fuqiang Yao,Kang An,Gan Zheng,Symeon Chatzinotas

DOI: https://doi.org/10.1109/jiot.2023.3296736

IF: 10.6

2023-01-01

IEEE Internet of Things Journal

Abstract:This paper investigates the pilot assignment and power control problems for secure UAV communications in cell-free massive MIMO network with the user-centric scheme, where numerous distributed access points (APs) simultaneously serve multiple UAVs and terminal users. Meanwhile, there exists one UAV acting as an eavesdropper which can perform pilot spoofing attack. Considering a mixture of Rayleigh and Ricean fading channels, the APs respectively perform MMSE estimation and distributed conjugate beamforming for uplink training and downlink data transmission. Using random matrix theory, the closed-form expression for a tight lower bound on the achievable secrecy rate is derived, which enables the impact analysis of key parameters, such as power, antenna configuration, UAV height, etc. Taking into account both performance and complexity, a novel pilot assignment scheme is proposed by combining weighted graphic framework and genetic algorithm, which can actualize global search with limited iterations. The max-min power control with security constraints is then studied in parallel, which can not only enhance the network fairness but also ensure the security. Accordingly, successive convex approximation and fractional optimization are jointly utilized to solve this non-convex problem. Simulation results numerically verify the analytical results and indicate the superiority of the proposed pilot assignment and power control schemes.

computer science, information systems,telecommunications,engineering, electrical & electronic

Xudong Zhu,Zhaocheng Wang,Linglong Dai,Chen Qian

DOI: https://doi.org/10.1109/lcomm.2015.2409176

IF: 3.5529

2015-01-01

IEEE Communications Letters

Abstract:A massive multiple-input multiple-output (MIMO) system, which utilizes a large number of antennas at the base station (BS) to serve multiple users, suffers from pilot contamination due to inter-cell interference. A smart pilot assignment (SPA) scheme is proposed in this letter to improve the performance of users with severe pilot contamination. Specifically, by exploiting the large-scale characteristics of fading channels, the BS first measures the inter-cell interference of each pilot sequence caused by the users with the same pilot sequence in other adjacent cells. Then, in contrast to the conventional schemes which assign the pilot sequences to the users randomly, the proposed SPA method assigns the pilot sequence with the smallest inter-cell interference to the user having the worst channel quality in a sequential way to improve its performance. Simulation results verify the performance gain of the proposed scheme in typical massive MIMO systems.

Zhaocheng Wang,Peiyao Zhao,Chen Qian,Sheng Chen

DOI: https://doi.org/10.1109/access.2016.2625306

IF: 3.9

2016-01-01

IEEE Access

Abstract:Pilot contamination (PC) is a stumbling block in the way of realizing massive multi-input multi-output (MIMO) systems. This contribution proposes a location-aware channel estimation-enhanced massive MIMO system employing time-division duplexing protocol, which is capable of significantly reducing the inter-cell interference caused by PC and, therefore, improving the achievable system performance. Specifically, we present a novel location-aware channel estimation algorithm, which utilizes the property of the steering vector to carry out a fast Fourier transform-based post-processing after the conventional pilot-aided channel estimation for mitigating PC. Our asymptotic analysis proves that this post-processing is capable of removing PC from the interfering users with different angle-of-arrivals (AOAs). Since in practice the AOAs of some users may be similar, we further present a location-aware pilot assignment method to ensure that users utilizing the same pilot have distinguishable AOAs, in order to fully benefit from the location-aware channel estimation. Simulation results demonstrate that the proposed scheme can dramatically reduce the inter-cell interference caused by the re-use of the pilot sequence and improve the overall system performance significantly, while only imposing a modest extra computational cost, in comparison with the conventional pilot-aided channel estimation.

Xinxin Liu,Yunzhou Li,Xueru Li,Limin Xiao,Jing Wang

DOI: https://doi.org/10.1109/tvt.2016.2592939

2016-01-01

Abstract:In uplink device-to-device (D2D) underlay cellular systems, massive multiple-input multiple-output (MIMO) seems promising as the large antenna array at the base station (BS) can nearly null the D2D-to-cellular interference. However, the channel-state information (CSI) from all users is required to obtain this advantage. For the orthogonal training scheme, the pilot overhead increases with the number of D2D users, leading to a loss of the achievable spectral efficiency. In this paper, we propose a pilot scheduling scheme for D2D underlay massive MIMO systems, which allows D2D users to reuse the pilots of cellular users so that the pilot overhead can be reduced. Moreover, a novel interference-aided minimum mean square error (MMSE) detector is proposed to suppress the D2D-to-cellular interference, utilizing the estimated CSI from not only cellular users but D2D users as well. Furthermore, we derive the large-scale approximations of the signal-to-interference-plus-noise ratios (SINRs), which are asymptotically tight and accurate, even for a small number of BS antennas. Based on these SINR approximations, performance analyses are given to provide more insights. Simulation results show that the proposed pilot reuse scheme and detector significantly increase the achievable sum spectral efficiency, as compared with the conventional massive MIMO and other baseline schemes.

Guowu Shang,Hui Li

DOI: https://doi.org/10.1109/wcsp.2015.7341177

2015-01-01

Abstract:This paper deals with the pilot contamination problem for multi-cell massive multiple-input and multiple-output (MIMO) mobile communication systems. The pilot contamination effect constitutes a major bottleneck for overall performance. Most of researches on pilot decontamination ignore the fact that different users can be distinguished by the direction of arrivals (DoA), even the users in different cells use the same pilots. We propose a spatial domain method based on two dimensions DoA (2D-DoA) which can distinguish the target user in 3D space. To obtain the desire signal's DoA, two type of 2D-DoA estimation methods are proposed. Utilizing the estimations to preprocess the received signals the interference can be suppressed effectively. Simulation results show the pilot contamination can be reduced obviously and the system performance can be improved significantly by the proposed method.

L. Srikar Muppirisetty,Themistoklis Charalambous,Johnny Karout,Gabor Fodor,Henk Wymeersch

DOI: https://doi.org/10.1109/TWC.2018.2800038

2018-06-04

Abstract:Pilot contamination, defined as the interference during the channel estimation process due to reusing the same pilot sequences in neighboring cells, can severely degrade the performance of massive multiple-input multiple-output systems. In this paper, we propose a location-based approach to mitigating the pilot contamination problem for uplink multiple-input multiple-output systems. Our approach makes use of the approximate locations of mobile devices to provide good estimates of the channel statistics between the mobile devices and their corresponding base stations. Specifically, we aim at avoiding pilot contamination even when the number of base station antennas is not very large, and when multiple users from different cells, or even in the same cell, are assigned the same pilot sequence. First, we characterize a desired angular region of the target user at the serving base station based on the number of base station antennas and the location of the target user, and make the observation that in this region the interference is close to zero due to the spatial separability. Second, based on this observation, we propose pilot coordination methods for multi-user multi-cell scenarios to avoid pilot contamination. The numerical results indicate that the proposed pilot contamination avoidance schemes enhance the quality of the channel estimation and thereby improve the per-cell sum rate offered by target base stations.

Information Theory