Peng Jiang,Hongyi Wu,Cong Wang,Chunsheng Xin

DOI: https://doi.org/10.1109/ICC.2018.8422830

2018-01-01

Abstract:Identity-based attacks such as MAC spoofing are common in wireless networks. The recently developed virtualization technologies bring a new type of MAC spoofing attack, virtual MAC spoofing. This makes it even more challenging to detect such attacks, especially in a tight environment with spatial similarities. In this paper, we design, implement and evaluate a system to effectively detect virtual MAC spoofing attacks via deep learning. A deep convolutional neural network is constructed to extract physical features from CSI obtained from packet transmissions, to detect virtual MAC spoofing attacks. An important merit of the proposed detection system is that this system can distinguish two devices even at the same location, which was not well addressed by previous approaches. Our extensive experimental results demonstrate the effectiveness of the system with an average detection accuracy of 95%, even when devices are co-located.

Songlin Chen,Hong Wen,Jinsong Wu,Jie Chen,Wenjie Lin,Lin Hu,Yi Chen

DOI: https://doi.org/10.1155/2018/6039878

2018-01-01

Wireless Communications and Mobile Computing

Abstract:By utilizing the radio channel information to detect spoofing attacks, channel based physical layer (PHY-layer) enhanced authentication can be exploited in light-weight securing 5G wireless communications. One major obstacle in the application of the PHY-layer authentication is its detection rate. In this paper, a novel authentication method is developed to detect spoofing attacks without a special test threshold while a trained model is used to determine whether the user is legal or illegal. Unlike the threshold test PHY-layer authentication method, the proposed AdaBoost based PHY-layer authentication algorithm increases the authentication rate with one-dimensional test statistic feature. In addition, a two-dimensional test statistic features authentication model is presented for further improvement of detection rate. To evaluate the feasibility of our algorithm, we implement the PHY-layer spoofing detectors in multiple-input multiple-output (MIMO) system over universal software radio peripherals (USRP). Extensive experiences show that the proposed methods yield the high performance without compromising the computing complexity.

Xiaoying Qiu,Ting Jiang,Sheng Wu,Chunxiao Jiang,Haipeng Yao,Monson H. Hayes,Abderrahim Benslimane

DOI: https://doi.org/10.1109/wcnc.2019.8885922

2019-01-01

Abstract:Physical (PHY)-layer security has received considerable interest as a way to safeguard data confidentiality and achieve security and privacy in wireless networks. Authentication between two devices is a challenging problem. In this paper, a machine learning algorithm is proposed to detect and identify rogue transmitters relying on a low-dimensional channel feature vector that is obtained by the Karhunen-Loeve transform (KLT). Specifically, a Linde-Buzo-Gray algorithm is designed for improving the reliability and robustness of the proposed scheme, where a Gaussian Mixture Model (GMM) is employed to learn and track the changes of physical layer properties. Simulation results demonstrate that the proposed authentication scheme achieves a higher spoofing detection rate compared to other existing methods.

Yangyang Liu,Pinchang Zhang,Yulong Shen,Limei Peng,Xiaohong Jiang

DOI: https://doi.org/10.1016/j.adhoc.2022.102864

IF: 4.816

2022-06-01

Ad Hoc Networks

Abstract:Transmitter authentication is significantly critical to secure millimeter wave (mmWave) multiple-input multiple-output (MIMO) systems. By utilizing the mmWave MIMO channel and carrier frequency offset (CFO), this paper proposes a novel online machine learning-based physical layer authentication scheme to validate transmitter identities. In particular, with the help of the Gaussian kernel method and representer theorem, we formulate the physical layer authentication model as a binary classification model. Based on the developed classification model and a constructed convex objective function, we then design an online algorithm to achieve updating authentication parameters, and thus establish a novel online machine learning-based physical layer authentication scheme. Based on the developed authentication model and theories of statistical hypothesis testing, we statistically derive the analytical expressions for false alarm and detection rates for the proposed authentication scheme. Finally, we carry out extensive experiments to verify the authentication performance in terms of the false alarm and detection rates. In addition, we investigate the related authentication efficiency issues (e.g., convergence process) and the capability of resisting against spoofing attacks in mmWave MIMO systems.

computer science, information systems,telecommunications

Songlin Chen,Zhibo Pang,Hong Wen,Kan Yu,Tengyue Zhang,Yueming Lu

DOI: https://doi.org/10.1109/tii.2020.2963962

IF: 12.3

2020-01-01

IEEE Transactions on Industrial Informatics

Abstract:In this article, a scheme to detect both clone and Sybil attacks by using channel-based machine learning is proposed. To identify malicious attacks, channel responses between sensor peers have been explored as a form of fingerprints with spatial and temporal uniqueness. Moreover, the machine-learning-based method is applied to provide a more accurate authentication rate. Specifically, by combining with edge devices, we apply a threshold detection method based on channel differences to provide offline training sample sets with labels for the machine learning algorithm, which avoids manually generating labels. Therefore, our proposed scheme is lightweight for resource constrained industrial wireless devices, since only an online-decision making is required. Extensive simulations and experiments were conducted in real industrial environments. Both results show that the authentication accuracy rate of our strategy with an appropriate threshold can achieve 84% without manual labeling.

Fei Pan,Hong Wen,Runfa Liao,Yixin Jiang,Aidong Xu,Kai Ouyang,Xiping Zhu

DOI: https://doi.org/10.1109/CNS.2017.8228660

2017-01-01

Abstract:Most of the physical-layer authentication methods are based on the pre-knowledge of the channel information and the threshold is fixed before the communication process. In this paper, we propose a physical layer authentication method based on channel information and machine learning with a dynamic threshold in wireless communication environment. In this method, the threshold of the channel differences is determined by the latest system state according to the epsilon-greedy strategy. The simulation results illustrate the efficiency of this method.

Dongming Li,Xuan Yang,Fuhui Zhou,Dawei Wang,Naofal Al-Dhahir

DOI: https://doi.org/10.1109/tcomm.2022.3200599

IF: 6.166

2022-01-01

IEEE Transactions on Communications

Abstract:The promising physical-layer authentication (PLA) scheme enjoys low computational complexity and provides a lightweight solution for the wireless transmission security problem. However, the ideal but impractical assumptions are made on the priori knowledge in the traditional PLA schemes, which fail because the priori knowledge can be interfered by the impersonation attacks. Hence, a blind PLA scheme featured by the composite radio sample characteristics, active monitoring slots, and blind hypotheses tests is proposed in this paper. In particular, the intrinsic location-specific channel response integrated with the transmitter-specific signal knowledge is sampled during the active monitoring slots and is used to conduct minimum error (ME) and Neyman-Pearson (NP) hypothesis tests. The authentication reliability is enhanced significantly by jointly using the ME and NP criteria. For both the stationary and the non-stationary signal cases, our theoretical analysis shows that the temporal channel variations, the spatial channel correlations and the spectral bandwidth contribute to improve the authentication reliability. Our simulation results not only demonstrate the effectiveness of the proposed PLA scheme, but also indicate the possible scenarios in which ME outperforms NP, and NP outperforms ME.

Yangyang Liu,Pinchang Zhang,Jun Liu,Yulong Shen,Xiaohong Jiang

DOI: https://doi.org/10.1109/tifs.2023.3290750

IF: 7.231

2023-01-01

IEEE Transactions on Information Forensics and Security

Abstract:The communication channels in millimeter wave (mmWave) multiple-input multiple-output (MIMO) systems possess some unique fine-grained angle domain features such as channel gain, azimuth angle of arrival (AAoA), and elevation angle of arrival (EAoA). This paper combines AAoA, EAoA, channel gain as well as phase noise features to propose a novel physical layer authentication scheme for mmWave MIMO communication systems. Based on the limit posterior Bayesian Cramér-Rao bound (LPBCRB) and maximum-likelihood (ML) estimation theories, we first develop an efficient approach for the evaluation of hardware phase noise and mmWave channel features. To depict the authentication performance of the new scheme, we then apply the statistical signal processing and hypothesis testing theories to derive the closed-form expressions for false alarm and detection probabilities under the scheme. Finally, extensive numerical results are provided to validate our theoretical models and to demonstrate the capability of the proposed authentication scheme against impersonation attacks.

computer science, theory & methods,engineering, electrical & electronic

Yulin Teng,Pinchang Zhang,Xiao Chen,Xiaohong Jiang,Fu Xiao

DOI: https://doi.org/10.1109/tifs.2024.3384112

IF: 7.231

2024-05-10

IEEE Transactions on Information Forensics and Security

Abstract:This paper exploits the efficient channel modeling and channel sparsity to propose a novel Physical (PHY)-layer authentication framework for a Millimeter Wave (mmWave) Multiple-Input Multiple-Output (MIMO) Unmanned Aerial Vehicle (UAV)-ground system. Inspired by the Image Processing theory, we first explore a new Laplace prior approach for the efficient modeling of angular-domain mmWave MIMO channels. With the help of the new channel model, we then reveal the channel sparsity in the concerned system exhibiting a nice spatial correlation property. By a joint use of channel sparsity correlation, efficient sparsity feature extraction with Expectation Maximization (EM)/Generalized Approximate Message Passing (GAMP) algorithms and hypothesis testing, we thus devise a new authentication framework for the concerned system. Theoretical performance analysis is also carried out by deriving the closed-form expressions for false alarm and detection probabilities. Finally, extensive numerical results are provided to validate the feasibility of the proposed channel model and the theoretical analysis, as well as to demonstrate the efficiency of the new authentication framework under various scenarios.

computer science, theory & methods,engineering, electrical & electronic

Weiwei Li,Ning Wang,Long Jiao,Kai Zeng

DOI: https://doi.org/10.1109/access.2021.3073115

IF: 3.9

2021-01-01

IEEE Access

Abstract:Identity spoofing attacks pose one of the most serious threats to wireless networks, where the attacker can masquerade as legitimate users by modifying its own identity. Channel-based physical-layer security is a promising technology to counter identity spoofing attacks. Although various channel-based security technologies have been proposed, the study of channel-based spoofing attack detection in 5G networks is largely open. This paper introduces a new channel-based spoofing attack detection scheme based on channel virtual (or called beamspace) representation in millimeter wave (mmWave) massive multiple-input and multiple-output (MIMO) 5G networks. The principal components of channel virtual representation (PC-CVR) are extracted as a new channel feature. Compared with traditional channel features, the proposed features can be more sensitive to the location of transmitters and more suitable to mmWave 5G networks. Based on PC-CVR, we offer two detection strategies to achieve the spoofing attack detection tackling static and dynamic radio environments, respectively. For the static radio environment where the channel correlation is stable, Neyman-Pearson (NP) testing-based spoofing attack detection is provided depending on the ${ell _{2}}$ -norm of PC-CVR. For the dynamic radio environment where the channel correlation is changing, the problem of spoofing attack detection is transformed into a one-class classification problem. To efficiently handle this problem, an online detection framework based on a feedforward neural network with a single hidden layer is presented. Simulation results evaluate and confirm the effectiveness of the proposed detection schemes. For the static radio environment, the detection rate can be improved around 25% with the help of PC-CVR under the NP testing-based detection, and the detection accuracy can reach 99% with the machine le-rning-based scheme under the dynamic radio environment.

computer science, information systems,telecommunications,engineering, electrical & electronic

Rui Meng,Bingxuan Xu,Xiaodong Xu,Mengying Sun,Bizhu Wanga,Shujun Han,Suyu Lv,Ping Zhang

2024-11-15

Abstract:To ensure secure and reliable communication in wireless systems, authenticating the identities of numerous nodes is imperative. Traditional cryptography-based authentication methods suffer from issues such as low compatibility, reliability, and high complexity. Physical-Layer Authentication (PLA) is emerging as a promising complement due to its exploitation of unique properties in wireless environments. Recently, Machine Learning (ML)-based PLA has gained attention for its intelligence, adaptability, universality, and scalability compared to non-ML approaches. However, a comprehensive overview of state-of-the-art ML-based PLA and its foundational aspects is lacking. This paper presents a comprehensive survey of characteristics and technologies that can be used in the ML-based PLA. We categorize existing ML-based PLA schemes into two main types: multi-device identification and attack detection schemes. In deep learning-based multi-device identification schemes, Deep Neural Networks are employed to train models, avoiding complex processing and expert feature transformation. Deep learning-based multi-device identification schemes are further subdivided, with schemes based on Convolutional Neural Networks being extensively researched. In ML-based attack detection schemes, receivers utilize intelligent ML techniques to set detection thresholds automatically, eliminating the need for manual calculation or knowledge of channel models. ML-based attack detection schemes are categorized into three sub-types: Supervised Learning, Unsupervised Learning, and Reinforcement Learning. Additionally, we summarize open-source datasets used for PLA, encompassing Radio Frequency fingerprints and channel fingerprints. Finally, this paper outlines future research directions to guide researchers in related fields.

Cryptography and Security,Systems and Control

Xinyu Yin,Xiaojie Fang,Ning Zhang,Peng Yang,Xuejun Sha,Jinghui Qiu

DOI: https://doi.org/10.1109/tnse.2020.3013232

IF: 6.6

2021-01-01

IEEE Transactions on Network Science and Engineering

Abstract:Exploiting physical (PHY)-layer characteristics for authentication has great potential to provision underlying trust for low-ended Internet of things (IoT) devices with limited computation resources. In this paper, we propose an online learning aided adaptive PHY-layer authentication framework for enhanced authenticity provisioning. Instead of relying on some preset PHYlayer signatures with scenario-sensitive "thresholds," multiple PHY-layer attributes are jointly considered by the proposed scheme to improve the reliability and robustness of PHY-layer authentication. Such a dimension extension on PHY-layer signatures can effectively deteriorate the spoofing capability of malicious attackers. However, it also complicates the predicting and authenticating procedure of the legitimate receiver. Therefore, artificial intelligence aided search algorithms are formulated to facilitate adaptive selection of the Most Effective PHY-layer Attributes (MEA) through learning their historical authenticity performance. To be specific, the attributes which are predicted to be effective in maximizing the authentication capability, in terms of low false alarm rate and low miss detection rate, will be dynamically selected by the authenticator in an autonomous manner. Theoretical analysis shows that the proposed learning algorithm achieves asymptotically diminishing regret. Moreover, extensive experiments are conducted using Universal Software Radio Peripherals (USRPs) in a laboratory environment, which further validates the efficiency of the proposed scheme.

Jie Tang,Aidong Xu,Yixin Jiang,Yunan Zhang,Hong Wen,Tengyue Zhang

DOI: https://doi.org/10.1109/icaiis49377.2020.9194916

2020-01-01

Abstract:MmWave MIMO communication is an emerging technique to enable the gigabit-per-second data communication rates for Internet of Things (IoT) networks. However, mmWave IoT networks face serious security spoofing attack threats. The lightweight channel-based physical layer authentication can detect spoofing attacks in IoT networks, which has attracted great attentions. However, current schemes are mainly focused on sub-6 GHz microwave communication systems. In this work, we study an efficient physical layer channel based authentication by using sparse propriety of mmWave MIMO channel. By extracting the low-rank and sparse peak of virtual angle of arrival (AoA) and departure (AoD) information of mmWave MIMO virtual channel in the beamspace domain, we shows its validity and effectiveness to improve the authentication performance. The simulation results verified the validity and effectiveness of the proposed scheme.

Alireza Nooraiepour,Waheed U. Bajwa,Narayan B. Mandayam

DOI: https://doi.org/10.1109/TCCN.2020.2990657

2020-07-05

Abstract:Internet-of-Things (IoT) devices that are limited in power and processing are susceptible to physical layer (PHY) spoofing (signal exploitation) attacks owing to their inability to implement a full-blown protocol stack for security. The overwhelming adoption of multicarrier techniques such as orthogonal frequency division multiplexing (OFDM) for the PHY layer makes IoT devices further vulnerable to PHY spoofing attacks. These attacks which aim at injecting bogus/spurious data into the receiver, involve inferring transmission parameters and finding PHY characteristics of the transmitted signals so as to spoof the received signal. Non-contiguous (NC) OFDM systems have been argued to have low probability of exploitation (LPE) characteristics against classic attacks based on cyclostationary analysis, and the corresponding PHY has been deemed to be secure. However, with the advent of machine learning (ML) algorithms, adversaries can devise data-driven attacks to compromise such systems. It is in this vein that PHY spoofing performance of adversaries equipped with supervised and unsupervised ML tools are investigated in this paper. The supervised ML approach is based on deep neural networks (DNN) while the unsupervised one employs variational autoencoders (VAEs). In particular, VAEs are shown to be capable of learning representations from NC-OFDM signals related to their PHY characteristics such as frequency pattern and modulation scheme, which are useful for PHY spoofing. In addition, a new metric based on the disentanglement principle is proposed to measure the quality of such learned representations. Simulation results demonstrate that the performance of the spoofing adversaries highly depends on the subcarriers' allocation patterns. Particularly, it is shown that utilizing a random subcarrier occupancy pattern secures NC-OFDM systems against ML-based attacks.

Machine Learning,Cryptography and Security,Signal Processing

Yongchao Dang,Yin Chen,Huihui Wu,Yulong Shen,Xiaohong Jiang

DOI: https://doi.org/10.1109/nana.2017.38

2017-01-01

Abstract:Physical layer security is expected to address the security issue in wireless networks by taking advantage of the unique attributes of fading channels. In this paper, we propose a novel physical layer authentication scheme by measuring the locations of surrounding noise sources between communication participants. Typically, the transmitting power of surrounding noise is unknown, so a maximum likelihood (ML) method is adopted to estimate the locations of noise sources, based on the received signal strength (RSS) and angle of arrival (AoA). We analyze the security of the proposed scheme under both passive and active attacks, and show that the proposed scheme can work under highly dynamical scenarios.

Hongbo Liu,Yan Wang,Jian Liu,Jie Yang,Yingying Chen,H. Vincent Poor

DOI: https://doi.org/10.1109/tmc.2017.2718540

IF: 6.075

2018-01-01

IEEE Transactions on Mobile Computing

Abstract:User authentication is the critical first step in detecting identity-based attacks and preventing subsequent malicious attacks. However, the increasingly dynamic mobile environments make it harder to always apply cryptographic-based methods for user authentication due to their infrastructural and key management overhead. Exploiting non-cryptographic based techniques grounded on physical layer properties to performuser authentication appears promising. In this work, the use of channel state information (CSI), which is available from off-the-shelf WiFi devices, to performfine-grained user authentication is explored. Particularly, a user-authentication framework that can work with both stationary and mobile users is proposed. When the user is stationary, the proposed framework builds a user profile for user authentication that is resilient to the presence of a spoofer. The proposed machine learning based user-authentication techniques can distinguish between two users even when they possess similar signal fingerprints and detect the existence of a spoofer. When the user is mobile, it is proposed to detect the presence of a spoofer by examining the temporal correlation of CSI measurements. Both office building and apartment environments show that the proposed framework can filter out signal outliers and achieve higher authentication accuracy compared with existing approaches using received signal strength (RSS).

Swethambri Mohan,Atchaya Annadurai,K. Gunaseelan

DOI: https://doi.org/10.14429/dsj.74.19468

IF: 0.667

2024-04-26

Defence Science Journal

Abstract:Spoofing attack detection plays a crucial role in the defence field, involving critical and highly secured data processing. The accurate attack detection mechanism prevents unauthorised access to sensitive information, thereby protecting National security. Physical Layer Security (PLS) is a promising emerging technique that uses the wireless channel’s randomness to secure the communication network. The spoofing attack is one of the severe threats to the wireless network, where the attacker imitates the legitimate user to launch an attack against the network. This paper investigates the channel characteristics-based physical layer technique to detect spoofing attacks. For static radio environments, the two-sample independent hypothesis testing is used to identify the spoofing attack, showing an improvement in detection accuracy of 97 %. The attack detection problem is considered a Reinforcement Learning (RL) based classification problem for a challenging dynamic radio environment. It is simulated using the actor-critic-based Deep Reinforcement Learning (DRL) technique with the help of the Reformed Deep Deterministic Policy Gradient (Re-DDPG) algorithm. The simulated results show that the proposed method performs better than the existing strategies and achieves a Receiver Operating Characteristics (ROC) value of 0.96. The detection accuracy of the proposed method can reach up to 98 %, with precision and recall of about 98 % and 99 %, respectively.

multidisciplinary sciences

Tiep M. Hoang,Alireza Vahid,Hoang Duong Tuan,Lajos Hanzo

2023-05-17

Abstract:Security at the physical layer (PHY) is a salient research topic in wireless systems, and machine learning (ML) is emerging as a powerful tool for providing new data-driven security solutions. Therefore, the application of ML techniques to the PHY security is of crucial importance in the landscape of more and more data-driven wireless services. In this context, we first summarize the family of bespoke ML algorithms that are eminently suitable for wireless security. Then, we review the recent progress in ML-aided PHY security, where the term "PHY security" is classified into two different types: i) PHY authentication and ii) secure PHY transmission. Moreover, we treat neural networks as special types of ML and present how to deal with PHY security optimization problems using neural networks. Finally, we identify some major challenges and opportunities in tackling PHY security challenges by applying carefully tailored ML tools.

Cryptography and Security,Information Theory

Fei Pan,Zhibo Pang,Hong Wen,Michele Luvisotto,Ming Xiao,Run-fa Liao,Jie Chen

DOI: https://doi.org/10.1109/TII.2019.2925418

IF: 12.3

2019-01-01

IEEE Transactions on Industrial Informatics

Abstract:Wireless industrial cyber-physical systems are increasingly popular in critical manufacturing processes. These kinds of systems, besides high performance, require strong security and are constrained by low computational capabilities. Physical layer authentication (PHY-AUC) is a promising solution to meet these requirements. However, the existing threshold-based PHY-AUC methods only perform ideally...