Misspecified Crame-Rao Bound for AoA Estimation at a ULA under a Spoofing Attack

TL;DR

This paper analyzes how active spoofing attacks affect AoA-based authentication using the misspecified Cramér-Rao bound, revealing attack-induced penalties dependent on attacker and array parameters.

Contribution

It derives a closed-form MCRB expression for AoA authentication under spoofing, highlighting the impact of adversary location and array geometry.

Findings

Attack introduces a penalty term in MCRB independent of SNR

Penalty depends on adversary's location and array geometry

Closed-form expression for MCRB under spoofing attack

Abstract

A framework is presented for analyzing the impact of active attacks to location-based physical layer authentication (PLA) using the machinery of misspecified Cram\'er--Rao bound (MCRB). In this work, we focus on the MCRB in the angle-of-arrival (AoA) based authentication of a single antenna user when the verifier posseses an $M$ antenna element uniform linear array (ULA), assuming deterministic pilot signals; in our system model the presence of a spoofing adversary with an arbitrary number $L$ of antenna elements is assumed. We obtain a closed-form expression for the MCRB and demonstrate that the attack introduces in it a penalty term compared to the classic CRB, which does not depend on the signal-to-noise ratio (SNR) but on the adversary's location, the array geometry and the attacker precoding vector.