Performance Guarantees for Physical Layer Authentication in Mission-Critical Communications
Time: Fri 2021-01-22 13.00
Location: zoom link for online defense (English)
Subject area: Electrical Engineering
Doctoral student: Henrik Forssell , Teknisk informationsvetenskap
Opponent: Associate Professor Stefano Tomasin,
Supervisor: Associate Professor Ragnar Thobaben, Teknisk informationsvetenskap
As the application areas for wireless communications are expanding, we also see new security vulnerabilities arise due to the open nature of the wire- less medium. One particularly challenging problem is how to guarantee the security of emerging mission-critical communications, e.g., realized by fifth generation (5G) mobile networks, that will enable use-cases like industrial automation, vehicular communications, and smart grids. As the room for security overhead is limited in mission-critical communications, mainly due to the associated strict requirements on latency and reliability, new lightweight security techniques are researched within the area of physical layer security. In particular, feature-based physical layer authentication (PLA), exploiting transmitter-specific features extracted from received signals for device au- thentication, is considered a promising solution for lightweight authentication and intrusion detection in mission-critical communications. In this thesis, we provide mathematical tools for analyzing channel-based PLA schemes, and in particular, for deriving worst-case performance guarantees appropriate for mission-critical contexts. We consider worst-case performance guarantees for feature-based PLA from two perspectives:
Firstly, we provide mathematical bounds on the delay-performance im- pacts that arise due to the unlikely but inevitable erroneous authentication decisions (i.e., false alarms and missed detections). We model the PLA scheme using queueing analysis, develop models for active impersonation attacks, and derive bounds on the queueing delay violation probability using tools from stochastic network calculus. We consider the performance for both single- and multiple-antenna receiver architectures, and furthermore, a distributed multiple-antenna system in which we analyze varying degrees of distributed processing. These results establish under which practical deployments and channel conditions feature-based PLA would constitute a viable option for mission-critical applications. For instance, we find that for low-mobility scenarios with line-of-sight conditions, as exemplified by an industrial automation scenario with fixed sensor deployment, PLA can be used for strongly enhanced security while simultaneously maintaining mission-critical latency deadlines with high reliability. Moreover, we discuss extensions that would allow analysis of scenarios without line-of-sight and with higher mobility.
From the second perspective, we provide tools for deriving the worst-case detection performance under optimal attackers that are aware of the PLA scheme. First, we consider a distributed PLA setting where authentication is based on the channel-states observed at multiple distributed radio-heads. We derive the optimal single-antenna attack strategy and corresponding missed detection probability, and provide a heuristic method for finding the optimal spatial attack position with respect to a given deployment. We then extend the results by considering a multiple-antenna attacker, the correspond- ing optimal pre-coding strategies, and the detection performance under the worst-case attacker. Furthermore, we analyze the impacts of limited channel state information (CSI) and power budgets at the attacker and provide a counter-strategy that can be used by the PLA receiver. With the single- antenna attacker, our results show significant detection performance benefits from a distributed antenna setting, which argues for practical relevance of PLA within modern 5G technologies like coordinated multi-point (CoMP) and distributed multiple-input multiple-output (MIMO) systems. For the multiple-antenna attacker, we observe significant impacts given perfect CSI knowledge and favorable channel conditions at the attacker. However, under realistic assumptions on power budget, CSI imperfections, and through the proposed counter-strategy, we find that strict detection performance guarantees can be maintained.