Editorial: Special Issue on Secure Physical Layer Communications

In wireless networks, the broadcast nature of the propagation medium makes the communication process vulnerable to malicious nodes (e.g. eavesdroppers) which are in the coverage area of the transmission. Thus, security issues play a vital role in wireless systems. Traditionally, information security has been addressed in the upper layers (e.g. the network layer) through the design of cryptographic protocols. Cryptography-based security aims to design a protocol such that it is computationally prohibitive for the eavesdropper to decode the information. The idea behind this approach relies on the limited computational power of the eavesdroppers. However, with advances in emerging hardware technologies, achieving secure communications relying on protocol-based mechanisms alone become insufficient. Owing to this fact, a new paradigm of secure communications has been shifted to implement the security at the physical layer. The key principle behind this strategy is to exploit the spatial-temporal characteristics of the wireless channel to guarantee secure data transmission without the need of cryptographic protocols.

Improved Physical Layer Secure Wireless Communications using a Directional Modulation Enhanced Retrodirective Array

Unlike the mathematical encryption and decryption adopted in the classical cryptographic technology at the higher protocol layers, it is shown that characteristics intrinsic to the physical layer, such as wireless channel propagation, can be exploited to lock useful information. This information then can be automatically unlocked using real time analog RF means. In this paper retrodirective array, RDA, technology for spatial encryption in the multipath environment is for the first time combined with the directional modulation, DM, method normally associated with free space secure physical layer communications. We show that the RDA can be made to operate more securely by borrowing DM concepts and that the DM enhanced RDA arrangement is suitable for use in a multipath environment.

Creating secure wireless regions using configurable beamforming

We present a novel approach to network security against passive eavesdroppers by employing a configurable beam-forming technique to create tightly defined regions of coverage for targeted users. In contrast to conventional encryption methods, our security scheme is developed at the physical layer by configuring antenna array beam patterns to transmit the data to specific regions. It is shown that this technique can effectively reduce vulnerability of the physical regions to eavesdropping by adapting the antenna configuration according to the intended user's channel state information. In this paper we present the application of our concept to 802.11n networks where an antenna array is employed at the access point, and consider the issue of minimizing the coverage area of the region surrounding the targeted user. A metric termed the exposure region is formally defined and used to evaluate the level of security offered by this technique. A range of antenna array configurations are examined through analysis and simulation, and these are subsequently used to obtain the optimum array configuration for a user traversing a coverage area.

Secure Multiuser Communications in Multiple Amplify-and-Forward Relay Networks

This paper proposes relay selection in order to increase the physical layer security in multiuser cooperative relay networks with multiple amplify-and-forward (AF) relays, in the presence of multiple eavesdroppers. To strengthen the network security against eavesdropping attack, we present three criteria to select the best relay and user pair. Specifically, criterion I and II study the received signal-to-noise ratio (SNR) at the receivers, and perform the selection by maximizing the SNR ratio of the user to the eavesdroppers. To this end, criterion I relies on both the main and eavesdropper links, while criterion II relies on the main links only. Criterion III is the standard max-min selection criterion,
which maximizes the minimum of the dual-hop channel gains of main links. For the three selection criteria, we examine the system secrecy performance by deriving the analytical expressions for the secrecy outage probability. We also derive the asymptotic analysis for the secrecy outage probability with high main-to eavesdropper ratio (MER). From the asymptotic analysis, an interesting observation is reached: for each criterion, the system diversity order is equivalent to the number of relays regardless of the number of users and eavesdroppers.

Secure Virtualised Environment

Cloud computing is a technological advancementthat provide resources through internet on pay-as-you-go basis.Cloud computing uses virtualisation technology to enhance theefficiency and effectiveness of its advantages. Virtualisation isthe key to consolidate the computing resources to run multiple instances on each hardware, increasing the utilization rate of every resource, thus reduces the number of resources needed to buy, rack, power, cool, and manage. Cloud computing has very appealing features, however, lots of enterprises and users are still reluctant to move into cloud due to serious security concerns related to virtualisation layer. Thus, it is foremost important to secure the virtual environment.In this paper, we present an elastic framework to secure virtualised environment for trusted cloud computing called Server Virtualisation Security System (SVSS). SVSS provide security solutions located on hyper visor for Virtual Machines by deploying malicious activity detection techniques, network traffic analysis techniques, and system resource utilization analysis techniques.SVSS consists of four modules: Anti-Virus Control Module,Traffic Behavior Monitoring Module, Malicious Activity Detection Module and Virtualisation Security Management Module.A SVSS prototype has been deployed to validate its feasibility,efficiency and accuracy on Xen virtualised environment.

Frequency Diverse Array OFDM Transmitter for Secure Wireless Communication

In this reported work, the frequency diverse array concept is employed to construct an orthogonal frequency-division multiplexing (OFDM) transmitter that has the capability of securing wireless communication in free space directly in the physical-layer without the need for mathematical encryption. The characteristics of the proposed scheme in terms of its secrecy performance are validated via bit error rate simulation under both high and low signal to noise ratio scenarios using the IEEE 802.11 OFDM physical-layer specification.

Exploiting Direct Links for Physical Layer Security in Multi-User Multi-Relay Networks

We present two physical layer secure transmission schemes for multi-user multi-relay networks, where the communication from M users to the base station is assisted by direct links and by N decode-and-forward relays. In this network, we consider that a passive eavesdropper exists to overhear the transmitted information, which entails exploiting the advantages of both direct and relay links for physical layer security enhancement. To fulfill this requirement, we investigate two criteria for user and relay selection and examine the achievable secrecy performance. Criterion I performs a joint user and relay selection, while Criterion II performs separate user and relay selections, with a lower implementation complexity. We derive a tight lower bound on the secrecy outage probability for Criterion I and an accurate analytical expression for the secrecy outage probability for Criterion II. We further derive the asymptotic secrecy outage probabilities at high transmit signal-to-noise ratios and high main-to-eavesdropper ratios for both criteria. We demonstrate that the secrecy diversity order is min (MN, M + N) for Criterion I, and N for Criterion II. Finally, we present numerical and simulation results to validate the proposed analysis, and show the occurrence condition of the secrecy outage probability floor

Design of an OFDM Physical Layer Encryption Scheme

This paper presents a new encryption scheme implemented at the physical layer of wireless networks employing orthogonal frequency-division multiplexing (OFDM). The new scheme obfuscates the subcarriers by randomly reserving several subcarriers for dummy data and resequences the training symbol by a new secure sequence. Subcarrier obfuscation renders the OFDM transmission more secure and random, while training symbol resequencing protects the entire physical layer packet, but does not affect the normal functions of synchronization and channel estimation of legitimate users while preventing eavesdroppers from performing these functions. The security analysis shows the system is robust to various attacks by analyzing the search space using an exhaustive key search. Our scheme is shown to have a better performance in terms of search space, key rate and complexity in comparison with other OFDM physical layer encryption schemes. The scheme offers options for users to customize the security level and key rate according to the hardware resource. Its low complexity nature also makes the scheme suitable for resource limited devices. Details of practical design considerations are highlighted by applying the approach to an IEEE 802.11 OFDM system case study.

Secure Wireless Key Establishment Using Retrodirective Array

In this paper a new method of establishing secret keys for wireless communications is proposed. A retrodirective array (RDA) that is configured to receive and re-transmit at different frequencies is utilized as a relay node. Specifically the analogue RDA is able to respond in ‘real-time’, reducing the required number of time slots for key establishment to two, compared with at least three in previous relay key generation schemes. More importantly, in the proposed architecture equivalent reciprocal wireless channels between legitimate keying nodes can be randomly updated within one channel coherence time period, leading to greatly increased key generation rates (KGRs) in slow fading environment. The secrecy performance of this RDA assisted key generation system is evaluated and it is shown that it outperforms previous relay key generation systems.

Experimental Study on Key Generation for Physical Layer Security in Wireless Communications

This paper presents a thorough experimental study on key generation principles, i.e. temporal variation, channel reciprocity, and spatial decorrelation, via a testbed constructed by using wireless open-access research platform (WARP). It is the first comprehensive study through (i) carrying out a number of experiments in different multipath environments, including an anechoic chamber, a reverberation chamber and an indoor office environment, which represents little, rich, and moderate multipath, respectively; (ii) considering static, object moving, and mobile scenarios in these environments, which represents different levels of channel dynamicity; (iii) studying two most popular channel parameters, i.e., channel state information and received signal strength. Through results collected from over a hundred tests, this paper offers insights to the design of a secure and efficient key generation system. We show that multipath is essential and beneficial for key generation as it increases the channel randomness. We also find that the movement of users/objects can help introduce temporal variation/randomness and help users reach an agreement on the keys. This paper complements existing research by experiments constructed by a new hardware platform.

Physical Layer Security with Threshold-Based Multiuser Scheduling in Multi-antenna Wireless Networks

In this paper, we consider a multiuser downlink wiretap network consisting of one base station (BS) equipped with AA antennas, NB single-antenna legitimate users, and NE single-antenna eavesdroppers over Nakagami-m fading channels. In particular, we introduce a joint secure transmission scheme that adopts transmit antenna selection (TAS) at the BS and explores threshold-based selection diversity (tSD) scheduling over legitimate users to achieve a good secrecy performance while maintaining low implementation complexity. More specifically, in an effort to quantify the secrecy performance of the considered system, two practical scenarios are investigated, i.e., Scenario I: the eavesdropper’s channel state information (CSI) is unavailable at the BS, and Scenario II: the eavesdropper’s CSI is available at the BS. For Scenario I, novel exact closed-form expressions of the secrecy outage probability are derived, which are valid for general networks with an arbitrary number of legitimate users, antenna configurations, number of eavesdroppers, and the switched threshold. For Scenario II, we take into account the ergodic secrecy rate as the principle performance metric, and derive novel closed-form expressions of the exact ergodic secrecy rate. Additionally, we also provide simple and asymptotic expressions for secrecy outage probability and ergodic secrecy rate under two distinct cases, i.e., Case I: the legitimate user is located close to the BS, and Case II: both the legitimate user and eavesdropper are located close to the BS. Our important findings reveal that the secrecy diversity order is AAmA and the slope of secrecy rate is one under Case I, while the secrecy diversity order and the slope of secrecy rate collapse to zero under Case II, where the secrecy performance floor occurs. Finally, when the switched threshold is carefully selected, the considered scheduling scheme outperforms other well known existing schemes in terms of the secrecy performance and complexity tradeoff