Physical Layer Security with Threshold-Based Multiuser Scheduling in Multi-antenna Wireless Networks

In this paper, we consider a multiuser downlink wiretap network consisting of one base station (BS) equipped with AA antennas, NB single-antenna legitimate users, and NE single-antenna eavesdroppers over Nakagami-m fading channels. In particular, we introduce a joint secure transmission scheme that adopts transmit antenna selection (TAS) at the BS and explores threshold-based selection diversity (tSD) scheduling over legitimate users to achieve a good secrecy performance while maintaining low implementation complexity. More specifically, in an effort to quantify the secrecy performance of the considered system, two practical scenarios are investigated, i.e., Scenario I: the eavesdropper’s channel state information (CSI) is unavailable at the BS, and Scenario II: the eavesdropper’s CSI is available at the BS. For Scenario I, novel exact closed-form expressions of the secrecy outage probability are derived, which are valid for general networks with an arbitrary number of legitimate users, antenna configurations, number of eavesdroppers, and the switched threshold. For Scenario II, we take into account the ergodic secrecy rate as the principle performance metric, and derive novel closed-form expressions of the exact ergodic secrecy rate. Additionally, we also provide simple and asymptotic expressions for secrecy outage probability and ergodic secrecy rate under two distinct cases, i.e., Case I: the legitimate user is located close to the BS, and Case II: both the legitimate user and eavesdropper are located close to the BS. Our important findings reveal that the secrecy diversity order is AAmA and the slope of secrecy rate is one under Case I, while the secrecy diversity order and the slope of secrecy rate collapse to zero under Case II, where the secrecy performance floor occurs. Finally, when the switched threshold is carefully selected, the considered scheduling scheme outperforms other well known existing schemes in terms of the secrecy performance and complexity tradeoff

STPA-SafeSec: Safety and Security Analysis for Cyber-Physical Systems

Cyber-physical systems tightly integrate physical processes and information and communication technologies. As today’s critical infrastructures, e.g., the power grid or water distribution networks, are complex cyber-physical systems, ensuring their safety and security becomes of paramount importance. Traditional safety analysis methods, such as HAZOP, are ill-suited to assess these systems. Furthermore, cybersecurity vulnerabilities are often not considered critical, because their effects on the physical processes are not fully understood. In this work, we present STPA-SafeSec, a novel analysis methodology for both safety and security. Its results show the dependencies between cybersecurity vulnerabilities and system safety. Using this information, the most effective mitigation strategies to ensure safety and security of the system can be readily identified. We apply STPA-SafeSec to a use case in the power grid domain, and highlight its benefits.

Effective network security monitoring: from attribution to target-centric monitoring

Network security monitoring remains a challenge. As global networks scale up, in terms of traffic, volume and speed, effective attribution of cyber attacks is increasingly difficult. The problem is compounded by a combination of other factors, including the architecture of the Internet, multi-stage attacks and increasing volumes of nonproductive traffic. This paper proposes to shift the focus of security monitoring from the source to the target. Simply put, resources devoted to detection and attribution should be redeployed to efficiently monitor for targeting and prevention of attacks. The effort of detection should aim to determine whether a node is under attack, and if so, effectively prevent the attack. This paper contributes by systematically reviewing the structural, operational and legal reasons underlying this argument, and presents empirical evidence to support a shift away from attribution to favour of a target-centric monitoring approach. A carefully deployed set of experiments are presented and a detailed analysis of the results is achieved.

Secure Full-Duplex Small-Cell Networks in a Spectrum Sharing Environment

In this paper, we propose three relay selection schemes for full-duplex heterogeneous networks in the presence of multiple cognitive radio eavesdroppers. In this setup, the cognitive small-cell nodes (secondary network) can share the spectrum licensed to the macro-cell system (primary network) on the condition that the quality-of-service of the primary network is always satisfied subjected to its outage probability constraint. The messages are delivered from one small-cell base station to the destination with the help of full-duplex small-cell base stations, which act as relay nodes. Based on the availability of the network’s channel state information at the secondary information source, three different selection criteria for full-duplex relays, namely: 1) partial relay selection; 2) optimal relay selection; and 3) minimal self-interference relay selection, are proposed. We derive the exact closed-form and asymptotic expressions of the secrecy outage probability for the three criteria under the attack of non-colluding/colluding eavesdroppers. We demonstrate that the optimal relay selection scheme outperforms the partial relay selection and minimal self-interference relay selection schemes at the expense of acquiring full channel state information knowledge. In addition, increasing the number of the full-duplex small-cell base stations can improve the security performance. At the illegitimate side, deploying colluding eavesdroppers and increasing the number of eavesdroppers put the confidential information at a greater risk. Besides, the transmit power and the desire outage probability of the primary network have great influences on the secrecy outage probability of the secondary network. 

Joint Information and Jamming Beamforming for Secrecy Rate Maximization in Cognitive Radio Networks

In this paper, we consider the secure beamforming design for an underlay cognitive radio multiple-input singleoutput broadcast channel in the presence of multiple passive eavesdroppers. Our goal is to design a jamming noise (JN) transmit strategy to maximize the secrecy rate of the secondary system. By utilizing the zero-forcing method to eliminate the interference caused by JN to the secondary user, we study the joint optimization of the information and JN beamforming for secrecy rate maximization of the secondary system while satisfying all the interference power constraints at the primary users, as well as the per-antenna power constraint at the secondary transmitter. For an optimal beamforming design, the original problem is a nonconvex program, which can be reformulated as a convex program by applying the rank relaxation method. To this end, we prove that the rank relaxation is tight and propose a barrier interior-point method to solve the resulting saddle point problem based on a duality result. To find the global optimal solution, we transform the considered problem into an unconstrained optimization problem. We then employ Broyden-Fletcher-Goldfarb-Shanno (BFGS) method to solve the resulting unconstrained problem which helps reduce the complexity significantly, compared to conventional methods. Simulation results show the fast convergence of the proposed algorithm and substantial performance improvements over existing approaches.

Optimal Power Allocation for Multiuser Secure Communication in Cooperative Relaying Networks

We consider a cooperative relaying network in which a source communicates with a group of users in the presence of one eavesdropper. We assume that there are no source-user links and the group of users receive only retransmitted signal from the relay. Whereas, the eavesdropper receives both the original and retransmitted signals. Under these assumptions, we exploit the user selection technique to enhance the secure performance. We first find the optimal power allocation strategy when the source has the full channel state information (CSI) of all links. We then evaluate the security level through: i) ergodic secrecy rate and ii) secrecy outage probability when having only the statistical knowledge of CSIs.