Authentication And Malicious Node Detection Based On Physical Characteristics

Wireless communication technology is widely used in various communication fields due to its flexible topology.At the same time,it has caused security problems which are not existing in wired systems,due to its broadcast nature.How to enhance the security of wireless communications and provide them with at least equal security as wired communications,while increasing computational burden or cost as little as possible,has become a hot issue in communication security research field.Most of the wireless communication systems still extend the modern cryptography mechanisms from wired communication systems.However,the security mechanisms based on modern cryptography not only bring huge computational burden to communication terminals,but also show some drawbacks in wireless communications.For example,once a key is compromised,the entire security system will crash.In addition,if an attacker captures a legitimate communication node,he will be able to obtain all secret information from the legitimate communication node,and masquerade to be multiple legitimate nodes,scattering throughout the network to eavesdrop or tamper with legitimate packets,like clone attacks and Sybil attacks.Because the attacker knows the secret information,as the secret key,cryptographic security mechanisms can barely detect such attacks.In recent years,physical layer security is increasingly popular,and its theoretical basis is the space-time uniqueness of wireless channels.The physical layer authentication judges the legitimacy of a packet by observing the physical characteristics of its channel which is extracted from the received signal.Physical layer authentication is mainly applied to packet authentication.Taking the advantage of the space-time uniqueness of wireless channels,malicious nodes,for example,clone nodes or Sybil nodes,can easily be detected.The principle of clone detection is that the same ID corresponds to different channel information,and the principle of Sybil detection is that different IDs correspond to the same channel information.This paper first expounds the background and existing researches about physical layer authentication and malicious node detection.Then,the characteristics of wireless channel and its spatial resolution that affect CSI(Channel State Information)and physical layer authentication are discussed.Following that,The models of the CSI-based physical layer authentication and malicious node detection are established by adopting binary hypothesis.The indicators for measuring authentication performance and the communication platform used in this paper are also introduced.After that,two kinds of CSI-based authentication algorithms and four malicious node detection algorithms are described in detail.Firstly,according to the requirements of the next-generation wireless communication,this paper proposes a three-layer security authentication architecture and a cross-layer mutual authentication scheme in D2D(Device to Device)communications.Adopting channel information derived from four different communication scenarios,the feasibility of the proposed authentication scheme is verified.The simulation results show that the authentication performance is able to reach ideal under stationary communication scenarios.However,in dynamic communication scenarios,the authentication performance is poor.In order to improve the performance of physical layer authentication in dynamic scenarios,this paper proposes a physical layer authentication scheme based on TFML(Threshold-Free and Machine Learning).This scheme is threshold-free,i.e.,the authentication result is not derived from threshold based decision,but directly from machine learning classification.In detail,machine learning algorithms are adopted to classify channel differences or channel matrices directly to obtain authentication results.The proposed scheme is firstly simulated by the channel data from a dynamic communication scenario to prove the feasibility and tune parameters.The optimal solution is obtained,which is the BT(Bagging Trees)based authentication adopting 128-dimensional channel matrix as input.Finally,through the USRP(Universal Software Radio Peripheral)platform,the superiority of the optimal solution is further verified in real industrial environment,and it is proved that MIMO(Multiple-Input Multiple-Output)can further enhance the performance of the proposed authentication scheme.With ProSe(Proximity Service),this paper proposes four improved CSI-based malicious node detection schemes,including malicious node detection scheme based on PHYR(Physical Layer Reputation),malicious node detection scheme based on greedy algorithm,single malicious node detection based on BPNN(Back Propagation Neural Network)and multiple malicious nodes detection based on BPNN.The malicious node detection scheme based on PHYR acquires a physical layer reputation of a node ID by accumulating channel information from multiple successive messages claiming the same ID.The reputation is later adopted to investigate if the node is malicious or not.This scheme can effectively reduce the influence of random noise from channel on detection performance and improve detection accuracy.The malicious node detection scheme based on greedy algorithm aims at selecting authentication threshold according to user's profit under awful channel conditions when detection rate cannot reach ideal.Thereby,the purpose of this scheme is to maximize user's profit instead of maximizing detection accuracy.The malicious node detection scheme based on BPNN includes two different kinds according to input.The single malicious node detection scheme takes one or more kinds of node reputation as the input to BPNN.The multiple malicious node detection scheme takes a group of reputations,which are the same kind of reputation but corresponding to different nodes,as the input to BPNN.BPNN gives a detection result according the input.Adequate experiments have been carried out to prove the feasibility and investigate the performances for the four proposed malicious node detection schemes.