Secure authentication in MIMO systems: exploring physical limits

Multiple-input multiple-output (MIMO) technology is employed to improve the reliability and capacity of wireless communication systems. However, the wireless communication environment creates vulnerabilities to spoofing attacks. Furthermore, the authentication challenges posed by the heterogeneous characteristics of wireless applications increase as diverse technologies facilitate the growing number of Internet of Things (IoT) devices. To address these challenges, adaptive physical-layer authentication (PLA) leveraging the inherent antenna diversity in MIMO systems is examined, and an information-theoretic perspective on PLA in MIMO systems is given. The real and imaginary components of the received reference signals are used as attributes with a single-class classification support vector machine (SCC-SVM). It is shown that the authentication performance improves with the number of antennas, and the proposed scheme provides robust authentication.

1 Introduction

The number of wireless devices has increased significantly as a result of Internet of Things (IoT) development. However, the limited bandwidth for applications and limited device capabilities make it challenging to deliver reliable services in wireless networks. Multiple-input multiple-output (MIMO) technology can improve the effectiveness and capacity of wireless communication networks without increasing bandwidth resources (Zhang et al., 2020).

Information-theoretic security metrics for secrecy, privacy, authentication, stealth, and covertness have been developed and fundamental limits derived (Liang et al., 2008; Bloch et al., 2021). Shannon (1949) presented the first information-theoretic study of a cryptography model. Cryptography is the science of securing communications. It involves the transformation of plaintext into ciphertext, which can be intercepted by an attacker. A key K is a secret parameter used in conjunction with an algorithm to encrypt or decrypt data. The message M represents the data that need to be protected. For encryption, K is used to transform M into a ciphertext E. The goal is to maximize the secret information rate between legitimate users. Wyner (1975) presented information-theoretic security limits for a discrete memoryless wiretap channel. It was shown that security is possible if the capacity C_m between legitimate users is higher than the wiretap channel capacity C_w between the transmitter and attacker. Abdi et al. (2001) extended the model proposed by Wyner (1975) to a Gaussian wiretap channel. It was shown that secure communication can be achieved if C_s = C_m − C_w > 0. However, C_s is degraded by wireless channels due to factors such as fading (Zou et al., 2016).

The model proposed by Wyner (1975) was extended to MIMO systems (Khisti and Wornell, 2010a), and this was improved by Khisti and Wornell (2010b). It was shown that increasing the number of antennas can improve C_s. Bloch et al. (2008) considered quasi-static fading. The outage probability P_out was shown to depend on the user location and path loss, where P_out = P(C_s < R_s) and R_s is the secrecy rate. Information-theoretic security for MIMO systems was considered by Oggier and Hassibi (2011), but the channel state information (CSI) was assumed to be known. Security without knowledge about the attacker CSI was considered by He et al. (2011).

A MIMO scheme for practical physical-layer security was presented by Ishikawa et al. (2021). It employs chaos-based unitary matrices to eliminate the need for channel estimation. Unlike conventional approaches, an imperfect key agreement in high-mobility scenarios was considered, and an algorithm for reconciling chaotic sequences between legitimate parties was given. Simulation results were presented which show that the performance is superior to that with conventional chaos-based MIMO schemes assuming perfect CSI.

Downlink security in cell-free massive MIMO systems with imperfect channel estimation was investigated by Tubail et al. (2023). Two power allocation algorithms using artificial noise were introduced to combat passive eavesdropping. Imperfect channel estimation was considered as it leads to artificial noise leakage which impacts performance. The results show that the proposed algorithm improves the security through robust authentication.

In this paper, physical-layer authentication (PLA) for MIMO systems is examined from an information-theoretic perspective. The authentication boundary is determined using machine learning (ML). For training, a single-class classification support vector machine (SCC-SVM) is used with only legitimate user data. The real and imaginary components of the received reference signals are employed as attributes. These attributes vary slowly over time as a result of factors such as mobility (Hou et al., 2014; Ferrante et al., 2015; Wang et al., 2015; Wang et al., 2016; Fang et al., 2020). As a result, the SCC-SVM authentication boundary is updated to ensure reliable authentication. The authentication rate (AR) is shown to improve with antenna diversity. The contributions of this paper are as follows.

• PLA for MIMO systems is examined from an information-theoretic perspective.

• The real and imaginary components of the received signals are used as attributes to improve PLA performance.

• A practical approach is presented to extract attributes from cellular network reference signals.

• The effectiveness of the proposed PLA scheme is evaluated and validated in urban environments.

The remainder of this paper is organized as follows: the system model is presented in Section 2; Section 3 introduces SCC-SVM and the proposed PLA scheme; the performance evaluation metrics are given in Section 4; Section 5 provides the simulation results; and Section 6 provides some concluding remarks.

2 System model

The system model for the proposed authentication scheme is shown in Figure 1. In this scheme, Alice (A) represents a user requiring authentication from Bob (B), while the spoofer (S) is an attacker attempting to impersonate A. B must ascertain the legitimacy of A and also reject S. Consequently, B must decide between the two hypotheses

$\left\{\begin{array}{cc}{\mathcal{H}}_0:\hfill & A\text{\hspace{0.17em}is\hspace{0.17em}transmitting}\hfill \\ {\mathcal{H}}_1:\hfill & S\text{\hspace{0.17em}is\hspace{0.17em}transmitting}.\hfill \end{array}\right.$

Thus, ${\mathcal{H}}_0$ indicates that the signal originates from A, while ${\mathcal{H}}_1$ indicates that it is from S. Both A and S are assumed to be mobile, while B is stationary. A and S have either one or M transmit antennas, and B has N receive antennas.

Figure 1

Figure 1. System model.

Reference signals are transmitted in cellular networks to facilitate CSI estimation. In particular, sounding reference signals are repeated every 28 symbols or 56 symbols (GPP, version 15.2.0, 2018). The received signal at B can be expressed as

$\mathbf{Y}=\mathbf{H}\mathbf{x}+\mathbf{W},$

where x is the transmitted reference signals, H is the channel matrix, and W is independent additive white Gaussian noise (AWGN). The channel matrix for the M × N MIMO system can be partitioned according to the transmit and receive antennas as follows:

$\mathbf{H}=\left[\begin{array}{c}\hfill h_{11}{h}_{12}\dots h_{1M}\hfill \\ \hfill h_{21}{h}_{22}\dots h_{2M}\hfill \\ \hfill ⋮\hfill \\ \hfill h_{N1}{h}_{N2}\dots h_{NM},\hfill \end{array}\right]$

where h_nm represents the channel from the mth transmit antenna to the nth receive antenna. H can be estimated from Y corresponding to the known reference signals (Schindler and Mellein, 2011; Germain et al., 2020). Y is used to obtain the data for SCC-SVM training and testing.

The proposed scheme is implemented in the uplink and has an initial phase (T₁), followed by subsequent phases (T₂, T₃, … , T_n). During the initial phase, upper-layer authentication (ULA) is conducted, and SCC-SVM training is performed at B using the received reference signals from A. The real and imaginary components of these signals for each transmit–receive antenna pair are obtained to provide 2 × M attributes per antenna for a total of 2 × M × N attributes. In subsequent phases, SCC-SVM testing is conducted at B to validate the legitimacy of the received signals, which may originate from either A or a spoofer S. Hence, the received signals during these phases are treated as being from an unknown user U. If successful, the attributes are updated, and SCC-SVM training is repeated. Conversely, if testing fails, the connection is terminated.

SCC-SVM training is used in the initial phase to establish an authentication boundary. In subsequent phases, SCC-SVM testing is used to determine whether the received signal attributes fall within this boundary. In this case, the test is successful, and authentication continues. The received signal is rejected if the attributes fall outside the boundary. The proposed scheme leverages the spatial independence of A and S as the physical-layer attributes for authentication are independent. Furthermore, transmit and receive antenna diversity is exploited to generate a large number of attributes. These attributes vary slowly over time due to factors such as mobility (Hou et al., 2014; Ferrante et al., 2015; Wang et al., 2015; Wang et al., 2016; Fang et al., 2020). Consequently, the SCC-SVM authentication boundary is dynamically updated in each subsequent phase to ensure reliable authentication.

3 The proposed scheme

3.1 Single-class classification support vector machine

SCC is a machine learning technique that can be employed to distinguish between A and S using training data from A. The goal is to find the optimal authentication boundary that surrounds most of the training data from A (Tax and Duin, 2004). In this paper, the SCC-SVM algorithm proposed by Schölkopf et al. (2001) is employed. SCC-SVM computes a decision function f which encompasses the majority of the training data [Senigagliesi et al. (2020); Abdrabou and Gulliver (2022c); Abdrabou and Gulliver, 2022a; Abdrabou and Gulliver, 2023]. First, the following optimization problem is solved (Hoang et al., 2021); (Schölkopf et al., 2001):

$\begin{array}{cc}\hfill {\displaystyle \underset{\mathbf{w},\mathbf{s},\rho }{\min }}& \frac{1}{2}\Vert \mathbf{w}{\Vert }^2+\frac{1}{\eta \ell }{\displaystyle \sum _{i=1}^{\ell }}{s}_i-\rho ,\hfill \\ \hfill \text{subject\hspace{0.17em}to}& \mathbf{w}\cdot \mathrm{\Phi }\left({\mathbf{g}}_i\right)\ge \rho -s_i,s_i\ge 0,\hfill \end{array}(1)$

where w is the weight vector, ρ is the distance from the origin to the boundary, Φ is a feature mapping determined based on the kernel employed, g_i is the ith feature vector used for SCC-SVM training, s_i is the corresponding slack variable, ℓ is the number of training samples, and η is the percentage of data considered as outliers (Senigagliesi et al., 2020). SCC-SVM maps data to a feature space using kernels and then separates the features using a boundary. The optimization problem in Eq. 1 provides w and ρ which determine the boundary used in the decision function Eq. 3. Using Lagrange multipliers p_i, q_i ≥ 0 yields (Schölkopf et al., 2001)

$\begin{array}{cc}\hfill L\left(\mathbf{w},\mathbf{s},\mathbf{p},\mathbf{q},\rho \right)=& \frac{1}{2}\Vert \mathbf{w}{\Vert }^2+\frac{1}{\eta \ell }{\displaystyle \sum _{i=1}^{\ell }}{s}_i-\rho \hfill \\ \hfill & -{\displaystyle \sum _{i=1}^{\ell }}{p}_i\left(\mathbf{w}\cdot \mathrm{\Phi }\left({\mathbf{g}}_i\right)-\rho +s_i\right)-{\displaystyle \sum _{i=1}^{\ell }}{q}_i{s}_i.\hfill \end{array}$

Setting the derivatives with respect to w, s, and ρ as zero yields (Schölkopf et al. 2001)

$\mathbf{w}={\displaystyle \sum _{i=1}^{\ell }}{p}_i\mathrm{\Phi }\left({\mathbf{g}}_i\right),(2)$

$p_i=\frac{1}{\eta \ell }-q_i\le \frac{1}{\eta \ell },{\displaystyle \sum _{i=1}^{\ell }}{p}_i=1.$

The decision function used to test a new sample t is expressed as follows (Senigagliesi et al. 2020); (Hoang et al. 2021):

$f\left(\mathbf{t}\right)=\text{sgn}\left(\mathbf{w}\cdot \mathrm{\Phi }\left(\mathbf{t}\right)-\rho \right),(3)$

and substituting w from Eq. 2 yields

$f\left(\mathbf{t}\right)=\text{sgn}\left({\displaystyle \sum _i}{p}_i\mathrm{\Phi }\left({\mathbf{g}}_i\right)\cdot \mathrm{\Phi }\left(\mathbf{t}\right)-\rho \right).$

The kernel expansion is defined as (Schölkopf et al. 2001)

$k\left({\mathbf{g}}_i,\mathbf{t}\right)=\mathrm{\Phi }\left({\mathbf{g}}_i\right)\cdot \mathrm{\Phi }\left(\mathbf{t}\right),$

so the decision function is

$f\left(\mathbf{t}\right)=\text{sgn}\left({\displaystyle \sum _i}{p}_{i}k\left({\mathbf{g}}_i,\mathbf{t}\right)-\rho \right).(4)$

A test sample t is accepted if f(t) > 0, which indicates that it is within the authentication boundary (Senigagliesi et al., 2020).

3.2 Proposed scheme

The proposed scheme employs SCC-SVM with antenna diversity. The received signal at the nth receive antenna from the mth transmit antenna is

$y_{nm}=x_m{h}_{nm}+n_{nm},$

where x_m is the transmitted reference symbol and h_nm and n_nm are the corresponding channel coefficients and AWGN, respectively. The WINNER II channel model for non-line-of-sight (NLOS) urban environments (Kyösti et al., 2007) is considered here. The received MIMO signals can be expressed as

$\mathbf{Y}=\left[\begin{array}{c}\hfill y_{11}{y}_{12}\dots y_{1M}\hfill \\ \hfill y_{21}{y}_{22}\dots y_{2M}\hfill \\ \hfill ⋮\hfill \\ \hfill y_{N1}{y}_{N2}\dots y_{NM}\hfill \end{array}\right].$

This matrix is employed to obtain features for SCC-SVM training and testing. Binary phase-shift keying (BPSK) modulation is assumed, so the transmitted signal is (Chatzidiamantis et al., 2011)

$x\left(t\right)={\displaystyle \sum _k}g\left(t-k{T}_{\text{s}}\right)\cos \left(2\pi f_{\text{s}}t+{\phi }_k\right),$

where g(t) is the pulse shaping function, 0 ≤ t ≤ T_s, T_s is the symbol time, f_s is the carrier frequency, and φ_k ∈ [0, π] is the phase of the kth symbol. The real (R) and imaginary (I) components are used as attributes so that

$\mathbf{Y}=\left[\begin{array}{c}\hfill {\left[RI\right]}_{11}{\left[RI\right]}_{12}\dots {\left[RI\right]}_{1M}\hfill \\ \hfill {\left[RI\right]}_{21}{\left[RI\right]}_{22}\dots {\left[RI\right]}_{2M}\hfill \\ \hfill ⋮\hfill \\ \hfill {\left[RI\right]}_{N1}{\left[RI\right]}_{N2}\dots {\left[RI\right]}_{NM}\hfill \end{array}\right].$

Figure 2 illustrates the proposed scheme. In the initial phase T₁ following ULA authentication, data are obtained from the legitimate user (A) for SCC-SVM training. In subsequent phases, reference signal data from U are utilized by B for testing and training. If testing is successful in a given phase, the corresponding data are employed to update the attributes for training. A sliding window is used so the oldest data are discarded. Conversely, if testing fails, the connection is terminated.

Figure 2

Figure 2. Authentication scheme flowchart.

The initial authentication is performed in phase T₁ with A through ULA. Then, the reference signal data from A are used to construct the training sample vector d_i. The ith data sample is then

$\begin{array}{cc}\hfill {\mathbf{d}}_i=& \left[{\left[RI\right]}^{11},\dots ,{\left[RI\right]}^{1M},{\left[RI\right]}^{21},\dots ,\right.\hfill \\ \hfill & \left.{\left[RI\right]}^{N1},\dots ,{\left[RI\right]}^{NM}\right].\hfill \end{array}$

SCC-SVM training is performed using the vectors d_i, where i = 1, 2, … , ℓ, to obtain the authentication boundary. In subsequent phases, SCC-SVM is utilized to test new samples t, as shown in Eq. 4, originating from U, where U could be A or S. If testing is successful, U is accepted and the attributes are updated, followed by SCC-SVM training. Otherwise, the connection is terminated.

The ℓ training samples from A in the initial phase are

$\begin{array}{cc}\hfill {\mathbf{d}}_i=& \left[{\left[R_i{I}_i\right]}^{11},\dots ,{\left[R_i{I}_i\right]}^{1M},{\left[R_i{I}_i\right]}^{21},\dots ,\right.\hfill \\ \hfill & \left.{\left[R_i{I}_i\right]}^{N1},\dots ,{\left[R_i{I}_i\right]}^{NM}\right],i=\mathrm{1,2},\dots ,\ell ,\hfill \end{array}(5)$

and the testing sample from U is

$\begin{array}{cc}\hfill \mathbf{t}=& \left[{\left[RI\right]}_U^{11},\dots ,{\left[RI\right]}_U^{1M},{\left[RI\right]}_U^{21},\dots ,\right.\hfill \\ \hfill & \left.{\left[RI\right]}_U^{N1},\dots ,{\left[RI\right]}_U^{NM}\right],\hfill \end{array}(6)$

Figure 3 illustrates the sliding window update process for the attributes. In phase T₁, the training data from A consist of ℓ matrices Y, where each matrix is represented by a vector as shown in Eq. 5. Subsequently, in phase T₂ a new data vector t is tested (following scaling), and if accepted, the data matrix is updated by discarding the first row d₁ and adding the new data vector as row ℓ + 1. Consequently, if the first e new data vectors are accepted, the training data matrix is

${\mathbf{M}}_e=\left[\begin{array}{c}\hfill {\mathbf{d}}_{1+e}\hfill \\ \hfill {\mathbf{d}}_{2+e}\hfill \\ \hfill ⋮\hfill \\ \hfill {\mathbf{d}}_{\ell +e}\hfill \end{array}\right],$

so ℓ vectors are used for training.

Figure 3

Figure 3. Sliding window for attribute updates.

Each attribute undergoes separate minimum–maximum scaling

${\mathbf{m}}_r={\left[m_{1,r}{m}_{2,r}\dots m_{\ell ,r}\right]}^T,r=\mathrm{1,2},\dots ,2MN,$

to obtain

${\mathbf{g}}_r={\left[g_{1,r}{g}_{2,r}\dots g_{\ell ,r}\right]}^T,r=\mathrm{1,2},\dots ,2MN,$

where

$g_{i,r}=\frac{m_{i,r}-m_{\mathit{min,r}}}{m_{\mathit{max,r}}-m_{\mathit{min,r}}},$

and m_min,r is the minimum value in m_r and m_max,r is the maximum value in m_r. The feature matrix for training is then

$\mathbf{G}=\left[{\mathbf{g}}_1{\mathbf{g}}_2\dots {\mathbf{g}}_{3MN}\right],$

and the elements of t are scaled using m_min,r and m_max,r from the training data as follows:

$t_r=\frac{b_r-m_{\mathit{min,r}}}{m_{\mathit{max,r}}-m_{\mathit{min,r}}}$

to form the test vector t. The proposed scheme is summarized in Algorithm 1.

Algorithm 1.Proposed scheme.

 ULA for A.

 Obtain the received reference signals from each antenna.

 Extract the real (R) and imaginary (I) components from the received reference signals.

 Construct the training samples d_i using Eq. 5.

 Train SCC-SVM to establish the authentication boundary.

 Test SCC-SVM with the sample t as in Eq. 6.

 if (f(t) > 0) then

  Accept the user.

  Update the attributes.

  Retrain SCC-SVM.

 else if (f(t) ≤ 0) then

  Terminate the connection.

 end if

3.3 Information-theoretic PLA

The authentication performance can be improved with antenna diversity (Abdrabou and Gulliver, 2022b; 2024). This is indicated by the mutual information between the training and testing attributes from A I(Tr_A; Te_A), which is greater than the mutual information between the training attributes from A and testing attributes from S I(Tr_A; Te_S). The mutual information authentication rate I_AR can be defined as

$I_{AR}=I\left(T{r}_A;T{e}_A\right)-I\left(T{r}_A;T{e}_S\right).$

First, a single-input multiple-output system (SIMO) and independent channels based on user location and mobility are considered. The mutual information that characterizes the legitimacy of A at the receiver is a function of the wireless link at two consecutive time instances (training and testing). The mutual information between the transmit antenna and receive antennas is

$I_i^{\mathit{SIMO}}=\left[\begin{array}{c}\hfill I\left(Tx;R{x}_1\right)\hfill \\ \hfill I\left(Tx;R{x}_2\right)\hfill \\ \hfill ⋮\hfill \\ \hfill I\left(Tx;R{x}_N\right)\hfill \end{array}\right],i\in \left\{A,S\right\}.$

Each element of this matrix characterizes the received reference signal at times t − 1 (training) and t (testing), so it can be reformulated as

$\begin{array}{c}\hfill I_i^{\mathit{SIMO}}=\left[\begin{array}{c}\hfill I_1\left(y_1\left(t\right);y_1\left(t-1\right)\right)\hfill \\ \hfill I_2\left(y_2\left(t\right);y_2\left(t-1\right)\right)\hfill \\ \hfill ⋮\hfill \\ \hfill I_N\left(y_N\left(t\right);y_N\left(t-1\right)\right)\hfill \end{array}\right]\end{array},$

where y_i (t − 1) is the training data from A and y_i(t) is the testing data from U, so then,

$I_{AR}^{\mathit{SIMO}}=I_A^{\mathit{SIMO}}-I_S^{\mathit{SIMO}}.$

Now, a MIMO system is considered. The mutual information between the transmit antennas and receive antennas can be expressed as

$I_i^{\mathit{MIMO}}=\left[\begin{array}{c}\hfill I\left(T{x}_1;R{x}_1\right),\dots ,I\left(T{x}_M;R{x}_1\right)\hfill \\ \hfill I\left(T{x}_1;R{x}_2\right),\dots ,I\left(T{x}_M;R{x}_2\right)\hfill \\ \hfill I\left(T{x}_1;R{x}_3\right),\dots ,I\left(T{x}_M;R{x}_3\right)\hfill \\ \hfill ⋮\hfill \\ \hfill I\left(T{x}_1;R{x}_N\right),\dots ,I\left(T{x}_M;R{x}_N\right)\hfill \end{array}\right],i\in \left\{A,S\right\}.$

Each element of this matrix characterizes the received reference signal at times t − 1 and t, so

$\begin{array}{cc}\hfill & I_i^{\mathit{MIMO}}=\hfill \\ \hfill & \left[\begin{array}{c}\hfill I_{11}\left(y_{11}\left(t\right);y_{11}\left(t-1\right)\right),\dots ,I_{1M}\left(y_{1M}\left(t\right);y_{1M}\left(t-1\right)\right)\hfill \\ \hfill I_{21}\left(y_{21}\left(t\right);y_{21}\left(t-1\right)\right),\dots ,I_{2M}\left(y_{2M}\left(t\right);y_{2M}\left(t-1\right)\right)\hfill \\ \hfill I_{31}\left(y_{31}\left(t\right);y_{31}\left(t-1\right)\right),\dots ,I_{3M}\left(y_{3M}\left(t\right);y_{3M}\left(t-1\right)\right)\hfill \\ \hfill ⋮\hfill \\ \hfill I_{N1}\left(y_{N1}\left(t\right);y_{N1}\left(t-1\right)\right),\dots ,I_{NM}\left(y_{NM}\left(t\right);y_{NM}\left(t-1\right)\right)\hfill \end{array}\right],\hfill \end{array}$

where y*(t − 1) is the training data from A and y*(t) is the testing data from U, and therefore,

$I_{AR}^{\mathit{MIMO}}=I_A^{\mathit{MIMO}}-I_S^{\mathit{MIMO}}.$

Since mutual information is greater than or equal to zero [Cover and Thomas, 2006, (2.90)],

$I_i^j\ge 0,i\in \left\{A,S\right\},j\in \left\{SIMO,MIMO\right\}.$

The joint mutual information for independent channels in a SIMO system can be formulated as

$\begin{array}{cc}\hfill & I\left(T{x}_1;R{x}_{1}R{x}_2\right)=I\left(T{x}_1;R{x}_1\right)+I\left(T{x}_1;R{x}_2\right),\hfill \\ \hfill & ⋮\hfill \\ \hfill & I\left(T{x}_1;R{x}_1\dots R{x}_N\right)=I\left(T{x}_1;R{x}_1\right)+\dots +I\left(T{x}_1;R{x}_N\right),\hfill \end{array}$

so

$\begin{array}{cc}\hfill & I\left(T{x}_1;R{x}_1\right)\hfill \\ \hfill \le & I\left(T{x}_1;R{x}_{1}R{x}_2\right)\hfill \\ \hfill \le & I\left(T{x}_1;R{x}_{1}R{x}_{2}R{x}_3\right)\hfill \\ \hfill & ⋮\hfill \\ \hfill \le & I\left(T{x}_1;R{x}_1\dots R{x}_{N-1}\right)\hfill \\ \hfill \le & I\left(T{x}_1;R{x}_1\dots R{x}_N\right).\hfill \end{array}$

For a MIMO system, this is

$\begin{array}{cc}\hfill & I\left(T{x}_{1}T{x}_2;R{x}_{1}R{x}_1\right)=\hfill \\ \hfill & I\left(T{x}_1;R{x}_1\right)+I\left(T{x}_2;R{x}_1\right)+\hfill \\ \hfill & I\left(T{x}_1;R{x}_2\right)+I\left(T{x}_2;R{x}_2\right),\hfill \\ \hfill & ⋮\hfill \\ \hfill & I\left(T{x}_1\dots T{x}_M;R{x}_j\dots R{x}_N\right)=\hfill \\ \hfill & I\left(T{x}_1;R{x}_1\right)+\dots +I\left(T{x}_M;R{x}_1\right)+\hfill \\ \hfill & I\left(T{x}_1;R{x}_2\right)+\dots +I\left(T{x}_M;R{x}_2\right)\hfill \\ \hfill & ⋮\hfill \\ \hfill & I\left(T{x}_1;R{x}_N\right)+\dots +I\left(T{x}_M;R{x}_N\right),\hfill \end{array}$

so

$\begin{array}{cc}\hfill & I\left(T{x}_1;R{x}_1\dots R{x}_N\right)\hfill \\ \hfill \le & I\left(T{x}_{1}T{x}_2;R{x}_1\dots R{x}_N\right)\hfill \\ \hfill \le & I\left(T{x}_{1}T{x}_{2}T{x}_3;R{x}_1\dots R{x}_N\right)\hfill \\ \hfill & ⋮\hfill \\ \hfill \le & I\left(T{x}_{1}T{x}_{2}T{x}_3\dots T{x}_{M-1};R{x}_1\dots R{x}_N\right)\hfill \\ \hfill \le & I\left(T{x}_{1}T{x}_{2}T{x}_3\dots T{x}_M;R{x}_1\dots R{x}_N\right),\hfill \end{array}.$

These results show that the authentication performance improves with the number of receive and transmit antennas so that

$I_{AR}^{uv}\ge I_{AR}^{pq},u\ge p,v\ge q,$

where u and p are the number of receive antennas and v and q are the number of transmit antennas.

3.4 Channel capacity for PLA

The channel capacity C is defined as the maximum mutual information (Cover and Thomas, 2006),

$C=\underset{P\left(x_i\right)}{\max }I\left(X;Y\right).$

The capacity of a MIMO system depends on several factors such as the signal-to-noise ratio (SNR). It can be obtained using singular value decomposition (SVD) to decompose the channel matrix H and obtain the singular values and unitary matrices for the transmitter and receiver as (Golub and Van Loan, 2013)

$H=U\mathrm{\Sigma }{V}^H,$

where U is the unitary matrix corresponding to the transmitter, Σ is a diagonal matrix containing the singular values, and V^H is the conjugate transpose of the unitary matrix corresponding to the receiver. The singular values are

$\mathrm{\Lambda }=\left[{\lambda }_1,{\lambda }_2,\dots ,{\lambda }_n\right],$

and the corresponding channel capacity is (Tse and Viswanath, 2005)

$C={\displaystyle \sum _{i=1}^n}{\log }_2\left(1+SNR\cdot {\lambda }_i^2\right),$

where n is the number of singular values and λ_i is the ith singular value of the channel matrix.

4 Performance evaluation

The performance is evaluated using the confusion matrix which includes true positive (TP), the acceptance of A, true negative (TN), the rejection of S, false negative (FN), the erroneous rejection of A, and false positive (FP), the erroneous acceptance of S. The evaluation metrics are the missed detection rate (MDR), false alarm rate (FAR), precision or positive predictive value (PPV), false discovery rate (FDR), and authentication rate (AR) (Senigagliesi et al., 2020; Abdrabou and Gulliver, 2022b):

$MDR=\frac{FP}{FP+TN},$

$FAR=\frac{FN}{FN+TP},$

$PPV=\frac{TP}{TP+FP},$

$FDR=\frac{FP}{TP+FP},$

$AR=\frac{TP+\gamma \times TN}{\left(TP+FN\right)+\gamma \times \left(TN+FP\right)},$

where γ is used to balance between A and S and is given by

$\gamma =\frac{TP+FN}{TN+FP}.$

The AR improves with the number of antenna (Abdrabou and Gulliver, 2022b), and the corresponding PPV increases, so

$I_A\propto PPV,$

and the FDR decreases, so

$I_S\propto FDR,$

and therefore,

$I_{AR}\propto PPV-FDR.$

5 Simulation results

In this section, the performance of the proposed scheme is evaluated in multipath fading channels via Monte Carlo simulation. BPSK modulation is employed with the WINNER II channel model for NLOS urban environments (Kyösti et al., 2007). The single-user scenario has one Alice and three spoofers, while the multiple-user scenario has three Alice and three spoofers, as shown in Figures 4, 5, respectively. In these scenarios, Bob is stationary, while Alice and spoofers move arbitrarily and independently. SCC-SVM is implemented using the scikit-learn library in Python. For the single-user scenario, $\gamma =\frac{1}{3}$, and for the multiple-user scenario, γ = 1. The simulation parameters are given in Table 1.

Figure 4

Figure 4. Single-user scenario.

Figure 5

Figure 5. Multiple-user scenario.

Table 1

Table 1. Simulation parameters.

Figure 6 presents the MDR, FAR, and AR for the single-user scenario with an SNR of 8 dB, velocity of 0.4 km/h, and 1, 4, and 8 receive antennas. This shows that MDR, FAR, and AR improve with an increase in the number of antennas. For instance, with a single transmit antenna, the MDR decreases from 26.0% with 1 receive antenna to 17.8% with four receive antennas and 2.9% with eight receive antennas. Similarly, with four receive antennas, the MDR decreases from 17.8% with one transmit antenna to 4.0% with two transmit antennas and 1.7% with four transmit antennas. The FAR with a single transmit antenna decreases from 11.9% with one receive antenna to 1.9% with four receive antennas and 0.3% with eight receive antennas. In the case of four receive antennas, the FAR decreases from 1.9% with one transmit antenna to 0.2% with two transmit antennas and only 0.1% with four transmit antennas. The AR increases with an increase in the number of antennas. For example, with four receive antennas, the AR increases from 90.2% with one transmit antenna to 97.9% with two transmit antennas and 99.1% with four transmit antennas. These results illustrate the impact of antenna diversity on performance.

Figure 6

Figure 6. MDR, FAR, and AR versus the number of receive antennas for the single-user scenario with a signal-to-noise ratio (SNR) of 8 dB, velocity of 0.4 km/h, and 1, 4, and 8 receive antennas.

Figure 7 presents C, PPV, FDR, and PPV − FDR versus the number of receive antennas in the single-user scenario with an SNR of 8 dB, velocity of 0.4 km/h, and 1, 4, and 8 receive antennas. This shows that increasing the number of antennas improves C and thus, the information authentication rate I_AR. With a single transmit antenna, C increases from 1.15 bps with one receive antenna to 4.75 bps with four receive antennas and 5.95 bps with eight receive antennas. Furthermore, the PPV increases, FDR decreases, and PPV − FDR increases with an increase in the number of antennas. For instance, with one transmit antenna, the PPV increases from 77.2% with one receive antenna to 84.6% with four receive antennas and 97.2% with eight receive antennas, while with four receive antennas, the PPV increases from 84.6% with one transmit antenna to 96.2% with two transmit antennas and 98.3% with four transmit antennas. In addition, with four receive antennas, the FDR decreases from 15.4% with one transmit antenna to 3.8% with two transmit antennas and 1.7% with four transmit antennas. The PPV − FDR also improves with an increase in the number of antennas as with four receive antennas, it increases from 69.2% with one transmit antenna to 92.3% with two transmit antennas and 96.6% with four transmit antennas. These results further illustrate the impact of antenna diversity on performance.

Figure 7

Figure 7. C, PPV, FDR, and PPV − FDR versus the number of receive antennas for the single-user scenario with an SNR of 8 dB, velocity of 0.4 km/h, and 1, 4, and 8 receive antennas.

Figure 8 presents the MDR, FAR, and AR versus the number of receive antennas with an SNR of 8 dB, velocity of 0.4 km/h, and one transmit antenna for the single- and multiple-user scenarios. This shows that the MDR, FAR, and AR increase with the number of receive antennas in both scenarios. For instance, in the multiple-user scenario, the MDR decreases from 44.9% with one receive antenna to 40.1% with four receive antennas and 31.9% with eight receive antennas. The corresponding FAR decreases from 17.7% with 1 receive antenna to 3.7% with four receive antennas and 2.0% with eight receive antennas, while the AR increases from 68.7% with one receive antenna to 78.1% with four receive antennas and 83.1% with eight receive antennas. These results also indicate that the MDR, FAR, and AR are better in the single-user scenario than in the multiple-user scenario. For instance, with four receive antennas, the MDR for the single- and multiple-user scenarios is 17.8% and 40.1%, respectively, while the corresponding FAR and AR are 1.9% and 3.7%, and 90.2% and 78.1%, respectively.

Figure 8

Figure 8. MDR, FAR, and AR versus the number of receive antennas with an SNR of 8 dB, velocity of 0.4 km/h, and 1 transmit antenna for the single- and multiple-user scenarios.

Figure 9 presents the MDR, FAR, and AR versus the number of receive antennas with an SNR of 8 dB, velocity of 0.4 km/h, and one transmit antenna for the single-user scenario, and η = 0.2 and 0.8. An increase in η means that a higher percentage of the data is treated as outliers, which decreases the MDR, so the probability of accepting spoofers is reduced. For example, with two receive antennas, the MDR is 26.6% for η = 0.2 and decreases to 10.9% for η = 0.8. However, an increase in η also results in a higher FAR, which increases the likelihood of rejecting Alice. For instance, with one receive antenna, the FAR is 8.7% for η = 0.2 and increases to 22.5% for η = 0.8. These results indicate that an increase in η will increase the AR. For example, with four receive antennas, the AR is 87.3% for η = 0.2 and increases to 92.0% for η = 0.8. Thus, η has a significant impact on the authentication performance and, therefore, should be chosen appropriately.

Figure 9

Figure 9. MDR, FAR, and AR versus the number of receive antenna with an SNR of 8 dB, velocity of 0.4 km/h, and 1 transmit antenna for the single-user scenario and η = 0.2 and 0.8.

Figure 10 presents the AR versus the velocity with an SNR of 8 dB, 1 transmit antenna, and 4 receive antennas using the real and imaginary components of the received signals as features (proposed scheme) and using only the magnitude, as in Pei et al. (2014). This shows that the AR with the proposed scheme is higher for all velocities. For example, the AR at a velocity of 0.4 km/h using the real and imaginary components of the signals as features is 89.2%, but it is only 56.7% using only the magnitude.

Figure 10

Figure 10. AR versus velocity with an SNR of 8 dB, 1 transmit antenna, and 4 receive antennas using the real and imaginary components of the received signals as features (proposed scheme) and using only the magnitude, as in Pei et al. (2014).

6 Conclusion

An adaptive PLA scheme was proposed that leverages ML and the antenna diversity in MIMO communication systems. Authentication robustness is achieved via a sliding window to continually update the attributes. Furthermore, an information-theoretic perspective was given for PLA in MIMO systems. The results presented illustrate the relationship between authentication performance and the number of antennas; in particular, the mutual information authentication rate I_AR improves with the number of antennas.

Data availability statement

The original contributions presented in the study are included in the article; further inquiries can be directed to the corresponding author.

Author contributions

MA: writing–original draft and writing–review and editing. TAG: writing–original draft and writing–review and editing.

Funding

The author(s) declare that no financial support was received for the research, authorship, and/or publication of this article.

Conflict of interest

The authors declare that the research was conducted in the absence of any commercial or financial relationships that could be construed as a potential conflict of interest.

Publisher’s note

All claims expressed in this article are solely those of the authors and do not necessarily represent those of their affiliated organizations, or those of the publisher, the editors, and the reviewers. Any product that may be evaluated in this article, or claim that may be made by its manufacturer, is not guaranteed or endorsed by the publisher.

References

Abdi, A., Tepedelenlioglu, C., Kaveh, M., and Giannakis, G. (2001). On the estimation of the K parameter for the Rice fading distribution. IEEE Commun. Lett. 5, 92–94. doi:10.1109/4234.913150

CrossRef Full Text | Google Scholar

Abdrabou, M., and Gulliver, A. (2022a). Authentication for satellite communication systems using physical characteristics. IEEE Open J. Veh. Technol. 4, 48–60. doi:10.1109/ojvt.2022.3218609

CrossRef Full Text | Google Scholar

Abdrabou, M., and Gulliver, T. A. (2022b). Adaptive physical layer authentication using machine learning with antenna diversity. IEEE Trans. Commun. 70, 6604–6614. doi:10.1109/tcomm.2022.3196648

CrossRef Full Text | Google Scholar

Abdrabou, M., and Gulliver, T. A. (2022c). Physical layer authentication for satellite communication systems using machine learning. IEEE Open J. Commun. Soc. 3, 2380–2389. doi:10.1109/ojcoms.2022.3225846

CrossRef Full Text | Google Scholar

Abdrabou, M., and Gulliver, T. A. (2023). Adaptive physical layer authentication for IoT in MIMO communication systems using support vector machine. IEEE Internet Things J. 10, 19861–19873. doi:10.1109/jiot.2023.3282214

CrossRef Full Text | Google Scholar

Abdrabou, M., and Gulliver, T. A. (2024). Game theoretic spoofing detection for space information networks using physical attributes. IEEE Trans. Commun., 1. doi:10.1109/tcomm.2024.3370433

CrossRef Full Text | Google Scholar

Bloch, M., Barros, J., Rodrigues, M. R., and McLaughlin, S. W. (2008). Wireless information-theoretic security. IEEE Trans. Inf. Theory 54, 2515–2534. doi:10.1109/tit.2008.921908

CrossRef Full Text | Google Scholar

Bloch, M., Günlü, O., Yener, A., Oggier, F., Poor, H. V., Sankar, L., et al. (2021). An overview of information-theoretic security and privacy: metrics, limits and applications. IEEE J. Sel. Areas Inf. Theory 2, 5–22. doi:10.1109/jsait.2021.3062755

CrossRef Full Text | Google Scholar

Chatzidiamantis, N. D., Karagiannidis, G. K., Kriezis, E. E., and Matthaiou, M. (2011). “Diversity combining in hybrid RF/FSO systems with PSK modulation,” in IEEE international conference on communications (Japan: Kyoto).

CrossRef Full Text | Google Scholar

Cover, T. M., and Thomas, J. A. (2006). Elements of information theory. 2nd Ed. USA: John Wiley & Sons.

Google Scholar

Fang, H., Wang, X., and Xu, L. (2020). Fuzzy learning for multi-dimensional adaptive physical layer authentication: a compact and robust approach. IEEE Trans. Wirel. Commun. 19, 5420–5432. doi:10.1109/twc.2020.2993175

CrossRef Full Text | Google Scholar

Ferrante, A., Laurenti, N., Masiero, C., Pavon, M., and Tomasin, S. (2015). On the error region for channel estimation-based physical layer authentication over Rayleigh fading. IEEE Trans. Inf. Forensics Secur. 10, 941–952. doi:10.1109/tifs.2015.2392565

CrossRef Full Text | Google Scholar

Germain, K. S., and Kragh, F. (2020). “Physical-layer authentication using channel state information and machine learning,” in International Conference on Signal Processing and Communication Systems, Australia, 6 - 8 September 2023 (IEEE).

Google Scholar

Golub, G. H., and Van Loan, C. F. (2013). Matrix computations. China: The John Hopkins University Press.

Google Scholar

GPP version 15.2.0 (2018). NR; Physical channels and modulation. 3rd Gener. Partnersh. Proj. Tech. Specif. 38, 211.

Google Scholar

He, X., Khisti, A., and Yener, A. (2011). “MIMO broadcast channel with arbitrarily varying eavesdropper channel: secrecy degrees of freedom,” in IEEE Global Telecommunications Conference, Houston, TX, USA, 29 November 2004 (IEEE).

Google Scholar

Hoang, T. M., Duong, T. Q., Tuan, H. D., Lambotharan, S., and Hanzo, L. (2021). Physical layer security: detection of active eavesdropping attacks by support vector machines. IEEE Access 9, 31595–31607. doi:10.1109/access.2021.3059648

CrossRef Full Text | Google Scholar

Hou, W., Wang, X., Chouinard, J.-Y., and Refaey, A. (2014). Physical layer authentication for mobile systems with time-varying carrier frequency offsets. IEEE Trans. Commun. 62, 1658–1667. doi:10.1109/tcomm.2014.032914.120921

CrossRef Full Text | Google Scholar

Ishikawa, N., Hamamreh, J. M., Okamoto, E., Xu, C., and Xiao, L. (2021). Artificially time-varying differential MIMO for achieving practical physical layer security. IEEE Open J. Commun. Soc. 2, 2180–2194. doi:10.1109/ojcoms.2021.3112486

CrossRef Full Text | Google Scholar

Khisti, A., and Wornell, G. W. (2010a). Secure transmission with multiple antennas I: the MISOME wiretap channel. IEEE Trans. Inf. Theory 56, 3088–3104. doi:10.1109/tit.2010.2048445

CrossRef Full Text | Google Scholar

Khisti, A., and Wornell, G. W. (2010b). Secure transmission with multiple antennas—part II: the MIMOME wiretap channel. IEEE Trans. Inf. Theory 56, 5515–5532. doi:10.1109/tit.2010.2068852

CrossRef Full Text | Google Scholar

Kyösti, P., Meinilä, J., Jämsä, T., et al. (2007). WINNER II channel models. China: Information Society Technologies. Technical Report IST-4-027756 WINNER II D1.1.2 V1.2.

Google Scholar

Liang, Y., Poor, H. V., and Shamai (Shitz), S. (2008). Information theoretic security. Found. Trends® Commun. Inf. Theory 5, 355–580. doi:10.1561/0100000036

CrossRef Full Text | Google Scholar

Oggier, F., and Hassibi, B. (2011). The secrecy capacity of the MIMO wiretap channel. IEEE Trans. Inf. Theory 57, 4961–4972. doi:10.1109/tit.2011.2158487

CrossRef Full Text | Google Scholar

Pei, C., Zhang, N., Shen, X. S., and Mark, J. W. (2014). “Channel-based physical layer authentication,” in IEEE Global Communications Conference, Austin, TX, USA, 8–12 December 2024 (IEEE), 4114–4119.

CrossRef Full Text | Google Scholar

Schindler, S., and Mellein, H. (2011). Assessing a MIMO channel. Rohde and Schwarz: White Paper.

Google Scholar

Schölkopf, B., Platt, J. C., Shawe-Taylor, J., Smola, A. J., and Williamson, R. C. (2001). Estimating the support of a high-dimensional distribution. Neural Comput. 13, 1443–1471. doi:10.1162/089976601750264965

PubMed Abstract | CrossRef Full Text | Google Scholar

Senigagliesi, L., Baldi, M., and Gambi, E. (2020). Comparison of statistical and machine learning techniques for physical layer authentication. IEEE Trans. Inf. Forensics Secur. 16, 1506–1521. doi:10.1109/tifs.2020.3033454

CrossRef Full Text | Google Scholar

Shannon, C. E. (1949). Communication theory of secrecy systems. Bell Syst. Tech. J. 28, 656–715. doi:10.1002/j.1538-7305.1949.tb00928.x

CrossRef Full Text | Google Scholar

Tax, D. M., and Duin, R. P. (2004). Support vector data description. Mach. Learn. 54, 45–66. doi:10.1023/b:mach.0000008084.60811.49

CrossRef Full Text | Google Scholar

Tse, D., and Viswanath, P. (2005). Fundamentals of wireless communication. Cambridge: Cambridge University Press.

Google Scholar

Tubail, D. A., Alsmadi, M., and Ikki, S. (2023). Physical layer security in downlink of cell-free massive MIMO with imperfect CSI. IEEE Trans. Inf. Forensics Secur. 18, 2945–2960. doi:10.1109/tifs.2023.3272769

CrossRef Full Text | Google Scholar

Wang, W., Chen, Y., and Zhang, Q. (2015). Privacy-preserving location authentication in Wi-Fi networks using fine-grained physical layer signatures. IEEE Trans. Wirel. Commun. 15, 1218–1225. doi:10.1109/twc.2015.2487453

CrossRef Full Text | Google Scholar

Wang, W., Sun, Z., Piao, S., Zhu, B., and Ren, K. (2016). Wireless physical-layer identification: modeling and validation. IEEE Trans. Inf. Forensics Secur. 11, 2091–2106. doi:10.1109/tifs.2016.2552146

CrossRef Full Text | Google Scholar

Wyner, A. D. (1975). The wire-tap channel. Bell Syst. Tech. J. 54, 1355–1387. doi:10.1002/j.1538-7305.1975.tb02040.x

CrossRef Full Text | Google Scholar

Zhang, P., Shen, Y., Jiang, X., and Wu, B. (2020). Physical layer authentication jointly utilizing channel and phase noise in MIMO systems. IEEE Trans. Commun. 68, 2446–2458. doi:10.1109/tcomm.2020.2967393

CrossRef Full Text | Google Scholar

Zou, Y., Zhu, J., Wang, X., and Hanzo, L. (2016). A survey on wireless security: technical challenges, recent advances, and future trends. Proc. IEEE 104, 1727–1765. doi:10.1109/jproc.2016.2558521

CrossRef Full Text | Google Scholar