Biblio

Over the last few decades, and thanks to the advancement of embedded systems and wireless technologies, the wireless sensors network (WSN) are increasingly used in many fields. Many researches are being done on the use of WSN in Wireless body Area Network (WBAN) systems to facilitate and improve the quality of care and remote patient monitoring.The broadcast nature of wireless communications makes it difficult to hide transmitted signals from unauthorized users. To this end, Physical layer security is emerging as a promising paradigm to protect wireless communications against eavesdropping attacks. The primary contribution of this paper is achieving a minimum secrecy outage probability by using the jamming technique which can be used by the legitimate communication partner to increase the noise level of the eavesdropper and ensure higher secure communication rate. We also evaluate the effect of additional jammers on the security of the WBAN system.

Internet of Things (IoT) enable information transmission and sharing among massive IoT devices. However, the key establishment and management in IoT become more challenging due to the low latency requirements and resource constrained IoT devices. In this work, we propose a practical physical layer based secret key sharing scheme for MIMO (multiple-input-multiple-output) IoT devices to reduce the communication delay caused by key establishment of MIMO IoT devices. This is because the proposed scheme attachs secret key sharing with communication simultaneously. It is achieved by the proposed MIMO self-injection AN (SAN) tranmsission, which is designed to deliberately maximum the receive SNR (signal to noise ratio) at different antenna of the legitimate IoT device, based on the value of secret key sharing to him. The simulation results verified the validity and security of the proposed scheme.

Due to the reciprocity of wireless channels, the communication parties can directly extract the shared key from channel. This solution were verified through several schemes. However, in real situations, channel sampling of legitimate transceivers might be impacted by noises and other interferences, which makes the channel states obtained by initiator and responder might be obvious different. The efficiency and even availability of physical layer key generation are thus reduced. In this paper, we propose a lightweight and efficient physical layer key generation scheme, which extract shared secret keys from channel state information (CSI). To improve the key generation process, the discrete cosine transform (DCT) is employed to reduce differences of channel states of legitimate transceivers. Then, these outputs are quantified and encoded through multi-bit adaptive quantization(MAQ) quantizer and gray code to generate binary bit sequence, which can greatly reduce the bit error rate. Moreover, the low density parity check (LDPC) code and universal hashing functions are used to achieve information reconciliation and privacy amplifification. By adding preprocessing methods in the key generation process and using the rich information of CSI, the security of communications can be increased on the basis of improving the key generation rate. To evaluate this scheme, a number of experiments in various real environments are conducted. The experimental results show that the proposed scheme can effificiently generate shared secret keys for nodes and protect their communication.

Physical layer authentication scheme for node authentication using the time-reversal (TR) process and the location-specific key feature of the channel impulse response (CIR) in an underwater time-varying multipath environment is proposed. TR is a well-known signal focusing technique in signal processing; this focusing effect is used by the database maintaining node to authenticate the sensor node by convolving the estimated CIR from a probe signal with its database of CIRs. Maximum time-reversal resonating strength (MTRRS) is calculated to make an authentication decision. This work considers a static underwater acoustic sensor network (UASN) under the “Alice- Bob-Eve” scenario. The performance of the proposed scheme is expressed by the Probability of Detection (PD) and the Probability of False Alarm (PFA).

False data injection (FDI) attacks could happen in decode-and-forward (DF) wireless cooperative relay networks. Although physical integrity check (PIC) can combat that by applying physical layer detection, the detector depends on the decoding results and low signal-to-noise ratio (SNR) further deteriorates the detecting results. In this paper, a physical layer detect-before-decode (DbD) method is proposed, which has low computational complexity with no sacrifice of false alarm and miss detection rates. One significant advantage of this method is the detector does not depend on the decoding results. In order to implement the proposed DbD method, a unified error sufficient statistic (UESS) containing the full information of FDI attacks is constructed. The proposed UESS simplifies the detector because it is applicable to all link conditions, which means there is no need to deal each link condition with a specialized sufficient statistic. Moreover, the source to destination outage probability (S2Dop) of the DF cooperative relay network utilizing the proposed DbD method is studied. Finally, numerical simulations verify the good performance of this DbD method.

The significant development of Internet of Things (IoT) paradigm for monitoring the real-time applications using the wireless communication technologies leads to various challenges. The secure data transmission and privacy is one of the key challenges of IoT enabled Wireless Sensor Networks (WSNs) communications. Due to heterogeneity of attackers like Man-in-Middle Attack (MIMA), the present single layered security solutions are not sufficient. In this paper, the robust cross-layer trust computation algorithm for MIMA attacker detection proposed for IoT enabled WSNs called IoT enabled Cross-Layer Man-in-Middle Attack Detection System (IC-MADS). In IC-MADS, first robust clustering method proposed to form the clusters and cluster head (CH) preference. After clustering, for every sensor node, its trust value computed using the parameters of three layers such as MAC, Physical, and Network layers to protect the network communications in presence of security threats. The simulation results prove that IC-MADS achieves better protection against MIMA attacks with minimum overhead and energy consumption.

The information-theoretic approach to security entails harnessing the correlated randomness available in nature to establish security. It uses tools from information theory and coding and yields provable security, even against an adversary with unbounded computational power. However, the feasibility of this approach in practice depends on the development of efficiently implementable schemes. In this paper, we review a special class of practical schemes for information-theoretic security that are based on 2-universal hash families. Specific cases of secret key agreement and wiretap coding are considered, and general themes are identified. The scheme presented for wiretap coding is modular and can be implemented easily by including an extra preprocessing layer over the existing transmission codes.

Infrastructural systems such as the electricity grid, healthcare, and transportation networks today rely increasingly on the joint functioning of networked information systems and physical components, in short, on cyber-physical architectures. Despite tremendous advances in cryptography, physical-layer security and authentication, information attacks, both passive such as eavesdropping, and active such as unauthorized data injection, continue to thwart the reliable functioning of networked systems. In systems with joint cyber-physical functionality, the ability of an adversary to monitor transmitted information or introduce false information can lead to sensitive user data being leaked or result in critical damages to the underlying physical system. This paper investigates two broad challenges in information security in cyber-physical systems (CPSs): preventing retrieval of internal physical system information through monitored external cyber flows, and limiting the modification of physical system functioning through compromised cyber flows. A rigorous analytical framework grounded on information-theoretic security is developed to study these challenges in a general stochastic control system abstraction-a theoretical building block for CPSs-with the objectives of quantifying the fundamental tradeoffs between information security and physical system performance, and through the process, designing provably secure controller policies. Recent results are presented that establish the theoretical basis for the framework, in addition to practical applications in timing analysis of anonymous systems, and demand response systems in a smart electricity grid.

This paper studies Wireless Information-Theoretic Security for low-speed mobility in autonomic networks. More specifically, the impact of user movement on the Probability of Non-Zero Secrecy Capacity and Outage Secrecy Capacity for different channel conditions has been investigated. This is accomplished by establishing a link between different user locations and the boundaries of information-theoretic secure communication. Human mobility scenarios are considered, and its impact on physical layer security is examined, considering quasi-static Rayleigh channels for the fading phenomena. Simulation results have shown that the Secrecy Capacity depends on the relative distance of legitimate and illegitimate (eavesdropper) users in reference to the given transmitter.

In the past, two main approaches for the purpose of authentication, including information-theoretic authentication codes and complexity-theoretic message authentication codes (MACs), were almost independently developed. In this paper, we consider to construct new MACs, which are both computationally secure and information-theoretically secure. Essentially, we propose a new cryptographic primitive, namely, artificial-noise-aided MACs (ANA-MACs), where artificial noise is used to interfere with the complexity-theoretic MACs and quantization is further employed to facilitate packet-based transmission. With a channel coding formulation of key recovery in the MACs, the generation of standard authentication tags can be seen as an encoding process for the ensemble of codes, where the shared key between Alice and Bob is considered as the input and the message is used to specify a code from the ensemble of codes. Then, we show that artificial noise in ANA-MACs can be well employed to resist the key recovery attack even if the opponent has an unlimited computing power. Finally, a pragmatic approach for the analysis of ANA-MACs is provided, and we show how to balance the three performance metrics, including the completeness error, the false acceptance probability, and the conditional equivocation about the key. The analysis can be well applied to a class of ANA-MACs, where MACs with Rijndael cipher are employed.

Physical fingerprinting is a trending domain in wireless security. Those methods aim at identifying transmitters based on the subtle variations existing in their handling of a communication protocol. They can provide an additional authentication layer, hard to emulate, to improve the security of systems. Software Defined Radios (SDR) are a tool of choice for the fingerprinting, as they virtually enable the analysis of any wireless communication scheme. However, they require expensive computations, and are still complex to handle by newcomers. In this paper, we use low cost SDR to propose a physical-layer fingerprinting approach, that allows recognition of the model of a device performing a Bluetooth scan, with more than 99.8% accuracy in a set of ten devices.

A Robot Operating System (ROS) plays a significant role in organizing industrial robots for manufacturing. With an increasing number of the robots, the operators integrate a ROS with networked communication to share the data. This cyber-physical nature exposes the ROS to cyber attacks. To this end, this paper proposes a cross-layer approach to achieve secure and resilient control of a ROS. In the physical layer, due to the delay caused by the security mechanism, we design a time-delay controller for the ROS agent. In the cyber layer, we define cyber states and use Markov Decision Process to evaluate the tradeoffs between physical and security performance. Due to the uncertainty of the cyber state, we extend the MDP to a Partially Observed Markov Decision Process (POMDP). We propose a threshold solution based on our theoretical results. Finally, we present numerical examples to evaluate the performance of the secure and resilient mechanism.

Given a selected complex orthogonal space-time block code (STBC), transformation algorithms are provided to build a set, S, of unique orthogonal STBCs with cardinality equal to \textbackslashtextbarS\textbackslashtextbar = 2r+c+k-1·r!·c!, where r, c, and k are the number of rows, columns, and data symbols in the STBC matrix, respectively. A communications link is discussed that encodes data symbols with a chosen STBC from the set known only to the transmitter and intended receiver as a means of providing physical layer security (PLS). Expected bit error rate (BER) and informationtheoretic results for an eavesdropper with a priori knowledge of the communications link parameters with the exception of the chosen STBC are presented. Monte Carlo simulations are provided to confirm the possible BER results expected when decoding the communications link with alternative STBCs from the set. Application of the transformation algorithms provided herein are shown to significantly increase the brute force decoding complexity of an eavesdropper compared to a related work in the literature.

In this work, communication secrecy in the physical layer for various radio frequencies is examined. Frequencies with the highest level of secrecy in 1-1000 GHz range and their level of communication secrecy are derived. The concept of ultimate secrecy in wireless communications is proposed. Attenuation lines and ranges of both detection and ultimate secrecy are calculated for transmitter powers from 1 W to 1000 W. From results, frequencies with the highest potential to apply bandwidth saving method known as frequency reuse are devised. Commonly used secrecy benchmarks for the given conditions are calculated. Frequencies with the highest attenuation are devised and their ranges of both detection and ultimate secrecy are calculated.

Internet of Vehicles are the important part of Intelligence Traffic Systems (ITS), which are essential for the national security and economy development. The impact assessment for cyberattacks in the IoV protection is of great theoretical and practical significance. Most of the researchers in this field pay attention on the attack impact on a vehicle, and the seldom investigate the impact on the whole system which combines all the vehicles as a whole integration. To tackle this problem, a cyber-physical interaction model based impact assessment of cyberattacks is presented. In this approach, the operation of IoV is modeled from the cyberphysical interaction perspective, and then the propagating process from cyber layer to physical layer is investigated. Based on above model, the impact assessment of cyberattacks on IoV is realized quantitatively. Finally, a simulation on an IoV is conducted to verify the effectiveness of this approach.

In this paper, we establish a cryptographic primitive for wireless communications. An asymmetric physical layer encryption (PLE) scheme based on elliptic curve cryptography is proposed. Compared with the conventional symmetric PLE, asymmetric PLE avoids the need of key distribution on a private channel, and it has more tools available for processing complex-domain signals to confuse possible eavesdroppers when compared with upper-layer public key encryption. We use quantized information entropy to measure the constellation confusion degree. The numerical results show that the proposed scheme provides greater confusion to eavesdroppers and yet does not affect the bit error rate (BER) of the intended receiver (the information entropy of the constellation increases to 17.5 for 9-bit quantization length). The scheme also has low latency and complexity [O(N2.37), where N is a fixed block size], which is particularly attractive for implementation.

Covert communications, where a transmitter Alice wishes to hide the presence of her transmitted signal from a watchful adversary Willie, has been considered extensively in recent years. Those investigations have generally considered physical-layer models, where the adversary has access to a sophisticated (often optimal) receiver to determine whether a transmission has taken place, and have addressed the question of what rate can information be communicated covertly. More recent investigations have begun to consider the change in covert rate when Willie has uncertainty about the physical layer environment. Here, we move up the protocol stack to consider the covert rate when Willie is watching the medium-access control (MAC) layer in a network employing a random access MAC such as slotted ALOHA. Based on the rate of collisions and potentially the number of users involved in those collisions, Willie attempts to determine whether unauthorized (covert) users are accessing the channel. In particular, we assume different levels of sophistication in Willie's receiver, ranging from a receiver that only can detect whether there was a collision or not, to one that can always tell exactly how many packets were on the channel in the random access system. In each case, we derive closed-form expressions for the achievable covert rates in the system. The achievable rates exhibit significantly different behavior than that observed in the study of covert systems at the physical layer.

This paper proposes an intelligent functional architecture for an advanced launch site system that is composed of five parts: the intelligent technical area, the intelligent launching region, the intelligent flight and landing area, the intelligent command and control system, and the intelligent analysis assessment system. The five parts consist of the infrastructure, facilities, equipment, hardware and software and thus include the whole mission processes of ground and launch systems from flight articles' entry to launch. The architectural framework is designed for the intelligent elements of the parts. The framework is also defined as the interrelationship and the interface of the elements, including the launch vehicle and flight payloads. Based on the Internet of Things (IoT), the framework is integrated on four levels: the physical layer, the perception layer, the network layer, and the application layer. The physical layer includes the physical objects and actuators of the launch site. The perception layer consists of the sensors and data processing system. The network layer supplies the access gateways and backbone network. The application layer serves application systems through the middleware platform. The core of the intelligent system is the controller of the automatic control system crossing the four layers. This study builds the models of the IoT, cloud platform, middleware, integrated access gateway, and automatic control system for actual ground and launch systems. A formal approach describes and defines the architecture, models and autonomous control flows in the paper. The defined models describe the physical objects, intelligent elements, interface relations, status transformation functions, etc. The test operation and launch processes are connected with the intelligent system model. This study has been applied to an individual mission project and achieved good results. The architecture and the models of this study regulate the relationship between the elements of the intelligent system. The study lays a foundation for the architectural construction, the simulation and the verification of the intelligent systems at the launch site.

Fully connected autonomous vehicles are more vulnerable than ever to hacking and data theft. The controller area network (CAN) protocol is used for communication between in-vehicle control networks (IVN). The absence of basic security features of this protocol, like message authentication, makes it quite vulnerable to a wide range of attacks including spoofing attacks. As traditional cybersecurity methods impose limitations in ensuring confidentiality and integrity of transmitted messages via CAN, a new technique has emerged among others to approve its reliability in fully authenticating the CAN messages. At the physical layer of the communication system, the method of fingerprinting the messages is implemented to link the received signal to the transmitting electronic control unit (ECU). This paper introduces a new method to implement the security of modern electric vehicles. The lumped element model is used to characterize the channel-specific step response. ECU and channel imperfections lead to a unique transfer function for each transmitter. Due to the unique transfer function, the step response for each transmitter is unique. In this paper, we use control system parameters as a feature-set, afterward, a neural network is used transmitting node identification for message authentication. A dataset collected from a CAN network with eight-channel lengths and eight ECUs to evaluate the performance of the suggested method. Detection results show that the proposed method achieves an accuracy of 97.4% of transmitter detection.

Optical CDMA (OCMDA) technology directly encrypts optical transmission links at the physical layer, which can improve the security of communication system against fibre-optic eavesdropping attacks. System parameters will affect the performances of OCDMA systems, based on the wiretap channel model of OCDMA systems, "secrecy capacity" is employed as an indicator to estimate the effects of system parameters (the type of code words, the length of code words) on the security of the systems. Simulation results demonstrate that system parameters play an important role and choosing the code words with better cross-correlation characteristics can improve the security of OCDMA systems.

We propose a crypto-aided Bayesian detection framework for detecting false data in short messages with low overhead. The proposed approach employs the Bayesian detection at the physical layer in parallel with a lightweight cryptographic detection, followed by combining the two detection outcomes. We develop the maximum a posteriori probability (MAP) rule for combining the cryptographic and Bayesian detection outcome, which minimizes the average probability of detection error. We derive the probability of false alarm and missed detection and discuss the improvement of detection accuracy provided by the proposed method.

A physical layer network coding (PLNC) is a highly efficient scheme for exchanging information between two nodes. Since the relay receives the interfered signal between two signals sent by two nodes, it hardly decodes any information from received signal. Therefore, the secure wireless communication link to the untrusted relay is constructed. The two nodes optimize the transmit power control for maximizing the secure capacity but these depend on the channel state information informed by the relay station. Therefore, the untrusted relay disguises the informed CSI for exploiting the information from two nodes. This paper constructs the game of two optimizations between the legitimate two nodes and the untrusted relay for clarifying the security of PLNC with untrusted relay.

With the improvement in technology and with the increase in the use of wireless devices there is deficiency of radio spectrum. Cognitive radio is considered as the solution for this problem. Cognitive radio is capable to detect which communication channels are in use and which are free, and immediately move into free channels while avoiding the used ones. This increases the usage of radio frequency spectrum. Any wireless system is prone to attack. Likewise, the main two attacks in the physical layer of cognitive radio are Primary User Emulation Attack (PUEA) and replay attack. This paper focusses on mitigating these two attacks with the aid of authentication tag and distance calculation. Mitigation of these attacks results in error free transmission which in turn fallouts in efficient dynamic spectrum access.

The number of sensors and embedded devices in an urban area can be on the order of thousands. New low-power wide area (LPWA) wireless network technologies have been proposed to support this large number of asynchronous, low-bandwidth devices. Among them, the Cooperative UltraNarrowband (C-UNB) is a clean-slate cellular network technology to connect these devices to a remote site or data collection server. C-UNB employs small bandwidth channels, and a lightweight random access protocol. In this paper, a new application is investigated - the use of C-UNB wireless networks to support the Advanced Metering Infrastructure (AMI), in order to facilitate the communication between smart meters and utilities. To this end, we adapted a mathematical model for C-UNB, and implemented a network simulation module in NS-3 to represent C-UNB's physical and medium access control layer. For the application layer, we implemented the DLMS-COSEM protocol, or Device Language Message Specification - Companion Specification for Energy Metering. Details of the simulation module are presented and we conclude that it supports the results of the mathematical model.

Secure network coding realizes the secrecy of the message when the message is transmitted via noiseless network and a part of edges or a part of intermediate nodes are eavesdropped. In this framework, if the channels of the network has noise, we apply the error correction to noisy channel before applying the secure network coding. In contrast, secure physical layer network coding is a method to securely transmit a message by a combination of coding operation on nodes when the network is given as a set of noisy channels. In this paper, we give several examples of network, in which, secure physical layer network coding realizes a performance that cannot be realized by secure network coding.