Data-Aided Secure Massive MIMO Transmission under the Pilot Contamination Attack
Yongpeng Wu, Chao-Kai Wen, Wen Chen, Shi Jin, Robert Schober, and, Giuseppe Caire

TL;DR
This paper proposes a data-aided secure transmission scheme for massive MIMO systems under active pilot contamination attacks, revealing that reducing user signal power can enhance security and achieving logarithmic secrecy rate scaling with antennas.
Contribution
It introduces a novel data-aided secure downlink transmission method that exploits eigenspace separation to combat active eavesdropping in massive MIMO systems.
Findings
Separation of user and eavesdropper signals in eigenspaces when antennas grow large.
Reducing user signal power can improve security against strong active attacks.
Secrecy rate scales logarithmically with the number of antennas in single-user scenarios.
Abstract
In this paper, we study the design of secure communication for time division duplex multi-cell multi-user massive multiple-input multiple-output (MIMO) systems with active eavesdropping. We assume that the eavesdropper actively attacks the uplink pilot transmission and the uplink data transmission before eavesdropping the downlink data transmission of the users. We exploit both the received pilots and the received data signals for uplink channel estimation. We show analytically that when the number of transmit antennas and the length of the data vector both tend to infinity, the signals of the desired user and the eavesdropper lie in different eigenspaces of the received signal matrix at the base station provided that their signal powers are different. This finding reveals that decreasing (instead of increasing) the desired user's signal power might be an effective approach to combat a…
Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
Taxonomy
TopicsWireless Communication Security Techniques · Advanced MIMO Systems Optimization · Cooperative Communication and Network Coding
Data-Aided Secure Massive MIMO Transmission under the Pilot
Contamination Attack
Yongpeng Wu, Chao-Kai Wen, Wen Chen, Shi Jin, Robert Schober, and Giuseppe Caire This paper was presented in part at IEEE ICC 2018.The work of Y. Wu is supported in part by the National Science Foundation (NSFC) under Grant 61701301, Young Elite Scientist Sponsorship Program by CAST, and the open research project of State Key Laboratory of Integrated Services Networks (Xidian University) under Grant ISN20-03. The work of C.-K. Wen was supported in part by the Ministry of Science and Technology of Taiwan under grants MOST 107-2221-E-110-026. The work of W. Chen is supported in part by NSFC under Grant 61671294, STCSM Project under Grant 16JC1402900 and 17510740700, National Science and Technology Major Project under Grant 2018ZX03001009–002. The work of S. Jin was supported in part by the National Science Foundation (NSFC) for Distinguished Young Scholars of China with Grant 61625106.Y. Wu is with the Department of Electronic Engineering, Shanghai Jiao Tong University, Minhang 200240, China (e-mail: [email protected]). Y. Wu is also with State Key Laboratory of Integrated Services Networks, Xidian University, Xi’an, China.C. K. Wen is with the Institute of Communications Engineering, National Sun Yat-sen University, Kaohsiung 804, Taiwan (Email: [email protected]).W. Chen is with Shanghai Institute of Advanced Communications and Data Sciences, the Department of Electronic Engineering, Shanghai Jiao Tong University, Minhang 200240, China (E-mail: [email protected]).S. Jin is with the National Mobile Communications Research Laboratory, Southeast University, Nanjing, 210096, P. R. China. (Emails: [email protected]).R. Schober is with Institute for Digital Communications, Universität Erlangen-Nürnberg, Cauerstrasse 7, D-91058 Erlangen, Germany (Email: [email protected]).G. Caire is with Institute for Telecommunication Systems, Technical University Berlin, Einsteinufer 25, 10587 Berlin, Germany (Email: [email protected]).
Abstract
In this paper, we study the design of secure communication for time division duplex multi-cell multi-user massive multiple-input multiple-output (MIMO) systems with active eavesdropping. We assume that the eavesdropper actively attacks the uplink pilot transmission and the uplink data transmission before eavesdropping the downlink data transmission of the users. We exploit both the received pilots and the received data signals for uplink channel estimation. We show analytically that when the number of transmit antennas and the length of the data vector both tend to infinity, the signals of the desired user and the eavesdropper lie in different eigenspaces of the received signal matrix at the base station provided that their signal powers are different. This finding reveals that decreasing (instead of increasing) the desired user’s signal power might be an effective approach to combat a strong active attack from an eavesdropper. Inspired by this observation, we propose a data-aided secure downlink transmission scheme and derive an asymptotic achievable secrecy sum-rate expression for the proposed design. For the special case of a single-cell single-user system with independent and identically distributed fading, the obtained expression reveals that the secrecy rate scales logarithmically with the number of transmit antennas. This is the same scaling law as for the achievable rate of a single-user massive MIMO system in the absence of eavesdroppers. Numerical results indicate that the proposed scheme achieves significant secrecy rate gains compared to alternative approaches based on matched filter precoding with artificial noise generation and null space transmission.
I Introduction
Wireless networks are widely used in civilian and military applications and have become an indispensable part of our daily lifes. Therefore, secure communication is a critical issue for future wireless networks. As a complement to the conventional cryptographic techniques, new approaches to secure communication based on information theoretical concepts, such as the secrecy capacity of the propagation channel, have been developed and are collectively referred to as physical layer security [1, 2, 3, 4, 5, 6].
Multiple-input multiple-output (MIMO) technology has been shown to be a promising means for providing multiplexing gains and diversity gains, leading to improved performance [7, 8, 9, 10, 11, 12]. In particular, massive MIMO technology, which utilizes a very large number of antennas at the BS and simple signal processing to provide services for a comparatively small (compared to the number of antennas) number of active mobile users, is a promising approach for efficient transmission of massive amounts of information and is regarded as a key technology in 5G [13]. Pilot contamination is a major impairment in massive MIMO systems [14] and many approaches have been proposed to solve this problem [15, 16, 17, 18]. For example, the authors of [18] proposed an approach based on Chu sequences, which efficiently reduces the effect of pilot contamination.
Most studies on physical layer security in massive MIMO systems assume that the eavesdropper is passive and does not attack the communication process of the system [19, 20, 21, 22, 23]. However, a smart eavesdropper can perform a pilot contamination attack to impair the channel estimation process at the base station [24]. Due to the channel hardening effect caused by large antenna arrays, it is difficult to exploit the statistical fluctuations of fading channels to safeguard the transmission. Then, the beamforming direction misled by the pilot contamination attack can significantly enhance the performance of the eavesdropper. This results in a serious secrecy threat in time division duplex (TDD)-based massive MIMO systems [24].
Prior works on the pilot contamination attack have studied mechanisms for enhancing the eavesdropper’s performance [25, 26, 27, 28]. Other works propose various approaches for detecting the pilot contamination attack [29, 30, 31, 32, 33]. Although these schemes can detect a pilot contamination attack with high probability, [29, 30, 31, 32, 33] do not provide an effective transmission scheme in the presence of a pilot contamination attack. For secure communication under a pilot contamination attack, the authors of [34] propose a secret key agreement protocol for single-cell multi-user massive MIMO systems. An estimator for the base station (BS) is designed to evaluate the resulting information leakage. Then, the BS and the desired users perform secure communication by adjusting the length of the secret key based on the estimated information leakage. Other works have studied how to combat the pilot contamination attack. The authors of [35] investigate the pilot contamination attack problem for single-cell multi-user massive MIMO systems over independent and identically distributed (i.i.d.) fading channels. The eavesdropper is assumed to only know the pilot signal set whose size scales polynomially with the number of transmit antennas. For each transmission, the desired users randomly select certain pilot signals from this set, which are unknown to the eavesdropper. In this case, it is proved that the impact of the pilot contamination attack can be eliminated as the number of transmit antennas goes to infinity. Under the same pilot allocation protocol, the authors of [36] and [37] respectively propose a random channel training scheme and a jamming-resistant scheme employing an unused pilot sequence to combat the pilot contamination attack and to maintain secure communication. Moreover, by exploiting an additional random sequence, which is transmitted by the legitimate users but is unknown to the eavesdropper, an effective blind channel estimation method and a secure beamforming scheme are developed to realize reliable transmission in [38].
However, all the above-mentioned methods rely on a key assumption: some form of an additional pilot signal protocol which is unknown to the eavesdropper is needed to combat the pilot contamination attack. For the more pessimistic case where the eavesdropper knows the desired users’ exact pilot signal structure for each transmission111We note that this case constitutes a worst-case scenario. Hence, if secure communication can be achieved for this worst case, then secure communication can also be achieved for more optimistic settings as considered in [36, 37, 38]., the secrecy threat caused by the pilot contamination attack in multi-cell multi-user massive MIMO systems over correlated fading channels is analyzed in [24]. Based on this analysis, three transmission strategies for combating the pilot contamination attack are proposed. Nevertheless, the designs in [24] are not able to guarantee a high (or not even a non-zero) secrecy rate for weakly correlated or i.i.d. fading channels when the power of the eavesdropper pilot signal is much larger than that of the users’ pilot signals.
In this paper, we investigate secure transmission for TDD multi-cell multi-user massive MIMO systems impaired by general correlated fading and a pilot contamination attack. We assume the considered system performs first uplink training followed by uplink and downlink data transmission phases. The eavesdropper jams the uplink training phase and the uplink data transmission phase and then eavesdrops the downlink data transmission222We note that the pilot contamination attack presents a security threat only for the downlink. In fact, in the uplink, if an eavesdropper transmits a strong pilot signal in the uplink together with the legitimate users, it can at most jam the reception of some users, and therefore disrupt coherent detection, but it will not be able to improve its ability to eavesdrop the uplink traffic. Since this paper studies the pilot contamination attack, we focus on downlink data transmission. Secure uplink transmission is also relevant and is an interesting topic for future work (not dedicated to the pilot contamination attack) but is outside the scope of the present paper. We utilize the data transmitted in the uplink to aid the channel estimation at the BS. Then, based on the estimated channels, the BS designs precoders for downlink transmission.
This paper makes the following key contributions:
We prove that when the number of transmit antennas and the amount of transmitted data both approach infinity, the desired users’ and the eavesdropper’s signals lie in different eigenspaces of the uplink received signal matrix provided that their pilot signal powers are different. Our results reveal that increasing the power gap between the desired users’ and the eavesdropper’s signals is beneficial for separating the desired users and the eavesdropper. This implies that when facing an active attack, decreasing (instead of increasing) the desired users’ signal power could be an effective approach for enabling secrete communication. 2. 2.
Inspired by this observation, we propose a joint uplink and downlink data-aided transmission scheme to combat strong333We refer to a pilot contamination attack as a strong pilot contamination attack if the pilot signal power of the eavesdropper is much larger than that of the users. active attacks from an eavesdropper. Then, we derive an asymptotic expression for the corresponding achievable secrecy sum-rate. The derived expression indicates that the impact of an active attack on uplink transmission can be effectively eliminated by the proposed design. 3. 3.
We specialize the asymptotic achievable secrecy sum-rate expression to the case of i.i.d. fading channels. Particularly, for the classical MIMO eavesdropper wiretap model, the derived expression indicates that the secrecy rate exhibits a logarithmic growth with the number of transmit antennas. This is the same growth rate as that of the achievable rate of a typical point-to-point massive MIMO system without eavesdropping.
The remainder of this paper is organized as follows. In Section II, the basic system model is introduced and the uplink channel estimation is investigated. In Section III, the proposed secure downlink transmission scheme is presented and an asymptotic expression for the secrecy rate of the proposed design is derived. Section IV discusses the special case of i.i.d. fading in detail. Numerical results are provided in Section V, and conclusions are drawn in Section VI.
Notation: Vectors are denoted by lower-case bold-face letters; matrices are denoted by upper-case bold-face letters. Superscripts , , and stand for the matrix transpose, conjugate, and conjugate-transpose operations, respectively. We use and to denote the trace and the inverse of matrix , respectively. denotes a diagonal matrix with the elements of vector on its main diagonal. denotes a diagonal matrix containing the diagonal elements of matrix on the main diagonal. The identity matrix is denoted by , and the all-zero matrix and the all-zero vector are denoted by . The fields of complex and real numbers are denoted by and , respectively. denotes statistical expectation. denotes the element in the th row and th column of matrix . denotes the th entry of vector . denotes the Kronecker product. denotes a circularly symmetric complex vector with zero mean and covariance matrix . denotes the variance of random variable . stands for . means that is much larger than . means that .
II Uplink Transmission
Throughout the paper, we adopt the following transmission protocol. We assume the uplink transmission phase, comprising uplink training and uplink data transmission, is followed by a downlink data transmission phase.
We assume the main objective of the eavesdropper is to eavesdrop the downlink data. Nevertheless, the eavesdropper also attacks the uplink transmission phase to impair the channel estimation at the BS. The resulting mismatched channel estimation will increase the information leakage in the subsequent downlink transmission. In the downlink transmission phase, the eavesdropper does not attack but focuses on eavesdropping the data.
We study a multi-cell multi-user MIMO system with cells, cf. Figure 1. We assume an -antenna BS and single-antenna users are present in each cell. The cells are index by , where cell is the cell of interest. We assume an -antenna active eavesdropper444An -antenna eavesdropper is equivalent to cooperating single-antenna eavesdroppers. is located in the cell of interest and attempts to eavesdrop the data intended for all users in the cell. The eavesdropper sends pilot signals and artificial noise to interfere channel estimation and uplink data transmission555We note that if the eavesdropper only attacks the channel estimation phase and remains silent during the uplink data transmission, then the impact of this attack can be easily eliminated with the joint channel estimation and data detection scheme in [15]. Therefore, a smart eavesdropper will attack the entire uplink transmission., respectively. Let and denote the coherence time of the channel and the length of the pilot signal, respectively. Then, for uplink transmission, the received pilot signal matrix and the received data signal matrix at the BS in cell are given by
[TABLE]
[TABLE]
where , , and denote the average transmit power, the pilot sequence, and the uplink transmission data of the th user in the cell of interest, respectively. For simplicity of notation, we assume that all users in a given cell use the same transmit power [19]. Using similar techniques as presented in this paper, our results can be easily extended to the case where the users in a cell have different transmit powers. We assume that the users in different cells have different powers. It is assumed that the same orthogonal pilot sequences are used in each cell where and , . is the pilot attack signal of the eavesdropper. and denote the average transmit power and the uplink transmission data of the th user in the th cell, respectively. denotes the channel between the th user in the th cell and the BS in the th cell, where is the corresponding correlation matrix. and denote the channel between the eavesdropper and the BS in the th cell and the average transmit power of the eavesdropper, respectively. represents the channel between the eavesdropper and the BS in the th cell, where and are the corresponding transmit and receive correlation matrices of the eavesdropper. and are noise matrices whose columns are i.i.d. Gaussian distributed with .
During the training phase, the eavesdropper attacks all users in the cell of interest. In this paper, we adopt the worst-case assumption that for each transmission, the eavesdropper knows the exact pilot sequence of each user. Therefore, it uses pilot attack sequences666If the eavesdropper is only interested in a particular user, then he can perform a pilot contamination attack specifically for this user as in [24]. However, this pilot contamination precoding will not influence the proposed joint uplink and downlink transmission scheme and the corresponding asymptotic performance analysis. [35], where . In the uplink data transmission phase, the eavesdropper generates an artificial noise matrix , whose elements follows an i.i.d. standard Gaussian distribution.
We define and the eigenvalue decomposition
, where the eigenvalues on the main diagonal of matrix are organized in ascending order. For the following, we make the important assumption that due to the difference in power777When the eavesdropper increases the pilot contamination attack power , the users in the cell of interest can intentionally decrease their pilot signal power to achieve a significant power gap between and based on a power control mechanism. According to Appendix A, this is essential to eliminate the impact of the active eavesdropper. If the eavesdropper does not eavesdrop the signals in the cell in which it is located but the signals in one of the other cells, then a power control mechanism for and is required to combat the pilot contamination attack. between the eavesdroppers’ pilots and the users’ pilots in the cell of interest and the large path loss difference between the users in the cell of interest and the users in the other cells [16], , , and have the relationship . Define and the eigenvalue decomposition , where . Let and vector has the same elements as vector
but with the elements organized in ascending order such that index satisfies , . Define , , and . Then, we have the following theorem.
Theorem 1**.**
Let and . Then, when and , the received signal and the minimum mean square error (MMSE) estimate of based on are given by
[TABLE]
where
[TABLE]
and in (8) is the th column of . and .
Proof.
Please refer to Appendix A. ∎
Remark 1: The basic intuition behind Theorem 1 is that when and , each channel tends to be an eigenvector of the received signal matrix. As a result, we project the received signal matrix along the eigenspace which corresponds to the desired users’ channel. In this case, the impact of the strong active attack can be effectively eliminated, cf. (4).
Remark 2: It should be noted that when , is enough to distinguish the eavesdropper, the users in the cell of interest, and the users in the other cells as shown in Appendix A. However, when is large but not infinite, we require to achieve a good secrecy performance under the pilot contamination attack.
Remark 3: In Theorem 1, we assume that the coherence time of the channel is significantly larger than the symbol duration [16]. This assumption can be justified based on the expression for the coherence time in [16, Eq. (1)]. For typical speeds of mobile users and typical symbol durations, the coherence time spans several hundred symbol durations.
Remark 4: The simulation results in Section V indicate that a sufficient power gap between and can guarantee a good secrecy performance when the number of transmit antennas and the coherence time of the channel are large but finite. We note that allocating a high power to the desired users to combat a strong active attack is not necessary. In contrast, a large gap between and is essential to approach the channel estimation result in Theorem 1. This implies that decreasing the transmit power of the desired users can be an effective strategy to ensure secure transmission under a strong active attack. As shown in Figure 5 and Figure 6 in Section V, as long as is larger than [math] dB, the proposed design is able to achieve a good secrecy performance in all considered scenarios.
Based on Theorem 1, in the next section, we can design the precoders for downlink transmission.
III Downlink Transmission
In this section, we consider the downlink transmission phase. We assume that the BSs in all cells perform channel estimation according to Theorem 1 by replacing , , , and by , , , and , respectively. Then, the th BS designs the transmit signal as follows
[TABLE]
where is the downlink transmission power, , and is the downlink transmitted signal for the th user in the th cell.
We note that unlike for the scheme in [24], for the proposed precoder design, the base station does not need to know the full statistical channel state information of the eavesdropper. As long as holds, the base station can identify the relevant columns in for computation of . For the legitimate users in the cell of interest, the BS needs to know their covariance matrices to perform channel estimation, see Theorem 1.
Because each user in the cell of interest has the risk of being eavesdropped, based on [39] and [24], the achievable ergodic (the codewords are sent over a large number of fading blocks) secrecy sum-rate can be expressed as
[TABLE]
where and denote an achievable ergodic rate between the BS and the th user and the ergodic capacity between the BS and the eavesdropper seeking to decode the information of the th user, respectively.
The received signal at the th user in the cell of interest is given by
[TABLE]
where is the noise affecting the received downlink signal.
The achievable ergodic rate is given by
[TABLE]
where
[TABLE]
and .
The ergodic capacity of the eavesdropper for decoding the information intended for user , , is given by888It should be noted that here we consider the practical scenario where the eavesdropper is not able to decode and cancel the signals of the intra-cell and inter-cell users from the received signal. For a more pessimistic setting, where the eavesdropper has access to the data of all intra-cell and inter-cell interfering users, we can also obtain a lower bound on the ergodic secrecy rate as in [24]. However, the two expressions exhibit no difference as far as the subsequent analysis is concerned since the eavesdropper’s rate will be suppressed to zero based on the proposed data-aided transmission scheme.
[TABLE]
where
[TABLE]
Based on (10), (12), and (14), we obtain the following theorem.
Theorem 2**.**
For the considered multi-cell multi-user massive MIMO system, an asymptotic achievable secrecy sum-rate for the transmit signal design in (9) is given by
[TABLE]
where
[TABLE]
[TABLE]
Proof.
Please refer to Appendix B. ∎
Remark 5: Theorem 2 is a unified expression which is valid for arbitrary and and general correlated channels. Also, Theorem 2 indicates that when tends to infinity, the impact of the active attack from the eavesdropper vanishes if the proposed joint uplink and downlink transmission approach is adopted.
Remark 6: Although the rigorous theoretical analysis in Theorem 2 requires that both and tend to infinity, our simulation results in Section V indicate that even for short packet communication (e.g., ) and a finite number of transmit antennas (e.g., ), the proposed joint uplink and downlink transmission approach is still able to provide a good secrecy performance under a strong pilot contamination attack.
Remark 7: It is important to note that the proposed scheme does not require joint channel estimation and data detection or an additional pilot sequence hopping mechanism. In fact, the uplink data only has to be exploited to generate matrix . Then, simply projecting the transmit signal along the eigenspace, , is enough to effectively combat the strong pilot contamination attack without any further computational operations or extra resources.
IV The I.I.D. Fading Case
In order to obtain more insightful results, in this section, we analyze the asymptotic achievable secrecy rate of massive MIMO systems for the i.i.d. fading case. For general multi-cell multi-user massive MIMO systems, we have the following theorem.
Theorem 3**.**
For multi-cell multi-user massive MIMO systems with i.i.d. fading where 999It should be noted that here we do not require the channels of the eavesdropper to be i.i.d., i.e., and can be arbitrary matrices., the asymptotic achievable secrecy sum-rate for the transmit signal design in (9) is given by
[TABLE]
where
[TABLE]
Proof.
The theorem can be proved by substituting into (16) and performing some simplifications. ∎
Remark 8: Theorem 3 indicates that the secrecy rate is a monotonically increasing function of the signal-to-noise ratio (SNR) even in the presence of an active eavesdropper. This behaviour is in sharp contrast with the scheme proposed in [24, Theorem 3], for which the secrecy rate decreases for increasing SNR in the high SNR regime if all the available power at the BS is allocated to the information-carrying signals. For the proposed data-aided secure massive MIMO transmission, naturally forms an asymptotic orthogonal space to the eavesdropper’s channel. As a result, the null space of the transmit correlation matrix of the eavesdropper’s channel [24] is not essential anymore to combat the strong pilot contamination attack. The proposed joint uplink and downlink transmission scheme can guarantee reliable secure communication even for i.i.d. fading channels.
To provide more insights into the impact of the proposed scheme on secure communication in massive MIMO systems, we simplify the system model further to the single-cell single-user case. Based on Theorem 3 and [40, Corollary 1], we have the following corollary.
Corollary 1**.**
For a single-cell single-user system () with i.i.d. fading, the asymptotic achievable secrecy rate for the transmit signal design in (9) is given by
[TABLE]
Proof.
By setting , in (26) and considering the asymptotic case, we obtain (31). ∎
Remark 9: The asymptotic secrecy rate in (31) grows logarithmically with the number of transmit antennas. This is identical to the growth rate of the asymptotic rate for single-user massive MIMO systems without eavesdropper. This is in sharp contrast to the conclusions in [24, Theorem 9], where secure communication is unachievable for the single-cell single-user i.i.d. fading case for high pilot contamination attack powers. Corollary 1 reveals that by exploiting the uplink transmission data, we can find a promising solution that facilitates secure communication for i.i.d. fading massive MIMO systems with active eavesdropper.
V Numerical Results
In this section, we present numerical results to evaluate the proposed scheme and the obtained analytical results. To the best of our knowledge, although there has been a large amount of research on active eavesdropping in the past few years [35, 36, 37, 38], most of these schemes require some additional pilot signal protocol which is unknown to the eavesdropper to combat the pilot contamination attack. These schemes are not compatible with the assumptions in our paper, where the eavesdropper perfectly knows the desired users’ exact pilot signal structure for each transmission. Hence, we compare the proposed scheme with matched filter precoding and AN generation (we refer to this design as MF-AN scheme) and the null space scheme in [24], which both also do not require a modified pilot protocol.
We define and set . Also, we define101010It should be noted that the eavesdropper attacks the users simultaneously. For each user, the pilot contamination attack power is . Hence, we define .. We consider both correlated fading channels and i.i.d. fading channels. For correlated fading channels, a uniform linear array is used at the BS with half a wavelength antenna spacing. The angle of arrival (AoA) interval is . The channel power angle spectrum is modeled as a truncated Laplacian distribution [41]
[TABLE]
where and are the angular spread and the mean AoA of the channel, respectively. The angular spread in (32) is assumed to be identical for the channels of all users and the eavesdropper and is set to be . The mean channel AoAs, , of all users and the eavesdropper in (32) are generated at random. Based on [41, Eq. (3.14)], we generate the channel transmit correlation matrices of all users, , and the eavesdropper, . Moreover, we impose a channel power normalization such that the trace of the channel transmit correlation matrix between a user and the BS in its own cell and between a user and the BSs in the other cells are equal to and , respectively. We set . The receive correlation matrices of the eavesdropper, , are generated using the exponential correlation model , where is generated at random. For i.i.d. fading channels, we set , , , and . Here, we set and , , , . Also, we set and , . Throughout this section, we assume . Table I summarizes the values of main parameters used in the simulations in each figure.
Figure 2 shows the normalized mean squared error (MSE) versus (vs.) for the MMSE estimation scheme in Theorem 1 for , , , dB, , , correlated fading with , and different . We observe from Figure 2 that the MSE is below for all considered and . This demonstrates that the proposed data-aided estimation method is an effective approach to distinguish the actual channel of each user from the eavesdropper’s channel under the pilot contamination attack.
Figure 3 shows the secrecy rate performance vs. SNR for the proposed scheme for , , , , = 20 dB, , , correlated fading with , and different . We observe from Figure 3 that the asymptotic secrecy rates in Theorem 2 provide a good approximation for the exact secrecy rates. The accuracy of the approximation increases with the number of transmit antennas as expected. Also, we observe from Figure 3 that the secrecy rate is a monotonically increasing function of the SNR even under a strong pilot contamination attack.
Figure 4 shows the secrecy rate performance of the proposed scheme vs. for , , = 20 dB, , , i.i.d. fading, and different SNRs. We set and . We observe from Figure 4 that the secrecy rates scale logarithmically with the number of transmit antennas, as predicted by Corollary 1. Figure 4 also shows that the theoretical secrecy rates provide good approximations for the exact secrecy rates for the i.i.d. fading case.
Figure 5 shows the exact secrecy rate performance vs. for the proposed scheme and the null space (NS) scheme [24] for , , , dB, , , dB, correlated fading with , and different . We observe from Figure 5 that even for short packet communication when , the proposed scheme can achieve an obvious secrecy performance gain compared to the null space scheme. Also, we observe from Figure 5 that when the power of the active attack is strong, the null space scheme maintains an almost constant secrecy rate. However, as increases, the gap between and increases. Therefore, the secrecy rates of the proposed scheme increase with . Moreover, Figure 5 reveals that increasing is beneficial for the secrecy performance of the proposed scheme.
Figure 6 shows the exact secrecy rate performance vs. for the proposed scheme and the MF-AN scheme [24] for , , , dB, , , dB, i.i.d. fading, and different . We observe from Figure 6 that when the power of the active attack is strong, the MF-AN scheme cannot provide a non-zero secrecy rate. However, our proposed scheme performs well in the entire considered range of . When the power of the active attack is close to the power of the desired user’s pilot signal where is small, the asymptotic estimation error in Theorem 1 increases. As a result, our proposed scheme suffers a slight performance loss comparing to the MF-AN scheme.
Figure 7 shows the exact secrecy rate performance vs. for the proposed scheme, the null space scheme, and the MF-AN scheme for , , , , , dB, , , dB, and correlated fading. It should be noted that the rank of the correlation matrix generated by (32) decreases as decreases. This means when is small, the channel is highly correlated. We observe from Figure 7 that the proposed scheme provides the best secrecy performance throughout the entire considered range of . Also, we observe from Figure 7 that a small value of is beneficial for the null space scheme since the rank of the eavesdropper’s transmit correlation matrix is low.
VI Conclusions
In this paper, we have proposed a data-aided secure transmission scheme for general correlated fading channels and multi-cell multi-user massive MIMO systems which are under a strong active attack. We exploit the received uplink data signal for joint uplink channel estimation and secure downlink data transmission. We show analytically that when the number of transmit antennas and the length of the data vector both approach infinity, decreasing (instead of increasing) the desired user’s pilot signal power to generate an obvious gap to the eavesdropper’s pilot signal power could be an effective approach for distinguishing the desired user’s and the eavesdropper’s channels. Based on this, we propose an effective approach to eliminate the impact of an active pilot contamination attack. For the proposed data-aided secure downlink transmission scheme, we obtain a general asymptotic achievable secrecy sum-rate expression. Interestingly, we reveal that for the special case of the classical MIMO wiretap channel, the obtained expression exhibits the same scaling law as the achievable rate of a single-user massive MIMO system without eavesdropping. Numerical results validate our theoretical analysis and demonstrate the effectiveness of the proposed scheme to mitigate strong active attacks compared to matched filter precoding with artificial noise generation and a null space based scheme.
Appendix A Proof of Theorem 1
We define , , ,
, , , .
Based on (II) and (II), the received signal can be re-expressed as
[TABLE]
where .
For massive MIMO with correlated fading, when , we have
[TABLE]
Based on [40, Corollary 1], we obtain
[TABLE]
Similarly, we have
[TABLE]
Also, based on [42, Eq. (102)], we have
[TABLE]
where denotes the th column of matrix , , and is a vector with the th element being one and the other elements being zero.
As a result, we have
[TABLE]
When , based on [40, Corollary 1], we have
[TABLE]
Then, we obtain (65) given at the top of the next page.
Based on [40, Corollary 1], we obtain (76) given at the top of next page from (65).
Now, we re-write (76) as (87) given at the top of the next page.
We define
[TABLE]
where has orthogonal columns.
[TABLE]
From (65)–(90), we know that for , , is the right singular matrix of . Therefore, we obtain
[TABLE]
Define , where is defined in Theorem 1. From (A), we can re-express the equivalent received signal during the pilot transmission phase as follows
[TABLE]
where
[TABLE]
and in (96) is the th column of .
Based on (92), the MMSE estimate of is given by
[TABLE]
For the noise term in (97), we have
[TABLE]
where is the th element of .
Combining (97) and (98) completes the proof.
Appendix B Proof of Theorem 2
From (76), we know
[TABLE]
First, we consider
[TABLE]
Based on (4), we have
[TABLE]
Based on (99) and [40, Corollary 1], we have
[TABLE]
By substituting (104) into (102) and simplifying, we have
[TABLE]
where is defined in (20).
For the first term on the right hand side of (105), we obtain
[TABLE]
where is defined in (20).
Based on [40, Corollary 1], we obtain
[TABLE]
For the second term on the right hand side of (105), we have
[TABLE]
[TABLE]
where is defined in (18).
For the numerator in (101), we have (112) given at the top of the next page, where and are defined in (21) and (20), respectively.
According to the definition of in (99), we obtain
[TABLE]
We can further simplify (113) as follows:
[TABLE]
Then, we have
[TABLE]
Also, we have
[TABLE]
Substituting (115) and (116) into (112), we obtain
[TABLE]
Substituting (115) and (118) into (111), we obtain
[TABLE]
For , we obtain
[TABLE]
Following a similar approach as in (102)–(111), the denominator of (126) is given by
[TABLE]
For the numerator of (126), we have (122) given at the top of the next page.
Substituting the expression for in (99) into (122), we obtain (123) given at the top of the next page.
By applying [40, Corollary 1] to , we have
[TABLE]
which can be simplified further as
[TABLE]
By combining (119), (121), and (125), we obtain
[TABLE]
Then, we consider , which leads to
[TABLE]
Following a similar approach as in (102)–(111), the denominator of (127) is obtained as
[TABLE]
For the numerator of (127), we have (129) given at the top of the next page.
Based on (100), we can re-express (129) as (130) given at the top of the next page.
For the first term on the right hand side of (130), we have (131) given at the top of the next page.
For the second term on the right hand side of (130), we have (132) given at the top of the next page.
Substituting (131) and (132) into (130), we obtain
[TABLE]
By combining (127), (128), and (133), we obtain
[TABLE]
For in (14), we know from (90) that when , . Therefore, we have
[TABLE]
Substituting (119), (126), (127), and (135) into (10) completes the proof.
The reference list from the paper itself. Each links out to its DOI / PubMed record.
- 1[1] A. D. Wyner, “The wiretap channel,” Bell Syst. Tech. J. , vol. 54, pp. 1355–1387, Oct. 1975.
- 2[2] F. Oggier and B. Hassibi, “The secrecy capacity of the MIMO wiretap channel,” IEEE Trans. Inf. Theory , vol. 57, pp. 4961–4972, Aug. 2011.
- 3[3] Y. Wu, C. Xiao, Z. Ding, X. Gao, and S. Jin, “Linear precoding for finite-alphabet signaling over MIMOME wiretap channels,” IEEE Trans. Veh. Technol. , vol. 61, pp. 2599–2612, Jul. 2012.
- 4[4] Y. Wu, J.-B. Wang, J. Wang, R. Schober, and C. Xiao, “Secure transmission with large numbers of antennas and finite alphabet inputs,” IEEE Trans. Commun. , vol. 65, pp. 3614–3628, Aug. 2017.
- 5[5] Y. Wu, A. Khisti, C. Xiao, G. Caire, K.-K. Wong, and X. Gao, “A survey of physical layer security techniques for 5G wireless networks and challenges ahead, ” IEEE J. Sel. Area Commun. , vol. 36, pp. 679-695, Apr. 2018.
- 6[6] Z. Li, L. Guan, C. Li, and A. Radwan, “A secure intelligent spectrum control strategy for future THZ mobile heterogeneous networks,” IEEE Commun. Mag. , vol. 56, pp. 116–123, Jun. 2018.
- 7[7] Y. Wu, M. Wang, C. Xiao, Z. Ding, and X. Gao, “Linear precoding for MIMO broadcast channels with finite-alphabet constraints,” IEEE Trans. Wireless Commun. , vol. 11, pp. 2906–2920, Aug. 2012.
- 8[8] Y. Wu, C. Xiao, X. Gao, J. D. Matyjas, and Z. Ding, “Linear precoder design for MIMO interference channels with finite-alphabet signaling,” IEEE Trans. Commun. , vol. 61, pp. 3766–3780, Sep. 2013.
