In our first and second years of research we investigated the outage probability for a practical distributed threshold-based multi-user scheduling with ZF detection in the presence of a large number of users, when there is no coordination between them. We studied both the case in which users experience homogeneous channel conditions and the more realistic case when users experience different channel gain statistics due to diverse ranges, terrain, landscape, etc. In this previous year, we demonstrated a new security vulnerability of elevation angles in the LoS scenario, added mathematical formulation for SNR scaling, and examined the threat of a multi-antenna Eve. We also explored the problem of covert communication via multi-antenna jamming.
This project targeted to study the potential passive eavesdropping vulnerabilities of massive MIMO systems in the line-of-sight (LoS) scenario. Specifically, we examine how the BS array geometry and Bob and Eve geometry affect eavesdropping resilience.
We consider a downlink scenario in which the BS (Alice) transmits to a user (Bob) with a rectangular array with nR rows and nC columns. Specifically, we consider Bob has a direct LoS path from the BS. In addition, an eavesdropper (Eve), whose goal is to intercept the Alice-Bob link, also has a direct LoS path from the BS. Given the array geometry (number of rows and columns, antenna spacing) and Bob and Eve geometry (Bob and Eve’s azimuth elevation angles), the LoS channel from the BS to Bob and to Eve can be determined.
In the extreme case in which Bob and Eve share the same path (the same angle-of-departure from Alice) in a strong LoS environment, Bob’s channel and Eve’s channel is highly correlated, resulting a huge eavesdropping advantage for Eve. Indeed, prior works have shown that Bob’s channel and Eve’s channel remain correlated when they share a same path, and the average secrecy capacity does not increase with BS antenna size when Bob and Eve locate at the same angle.
While prior works demonstrated Eve’s advantage when she shares the same paths with Bob, we consider a more general strategy set that Eve only shares the elevation angle or azimuth angle with Bob. Since 2D antenna array at the BS enhances link directionality in azimuth and elevation angles respectively, we hypothesized that Eve could also benefit from sharing only azimuth or elevation angle, not only when she shares the exact same path with Bob. If such vulnerability can be demonstrated, it reveals an escalating eavesdropping threat in the massive MIMO system as Eve can purposely position herself in a much larger predictable location set than constraining herself to the exact same angle as Bob as prior works suggested.
Our goal is to investigate whether sharing only the elevation angle or azimuth angle is a beneficial strategy for Eve in the LoS scenario. Also, we study the subsequent questions such as how the effectiveness of this relaxed location strategy compared to the stricter exact angle sharing strategy, and how the threat scales with the strength of the LoS path.
In contrast to physical layer secrecy, that exploits the inherent randomness in the communication channel to ensure that no information is leaked to unintended receivers, covert communication tries to conceal entirely the communication between the sender and its addressee, i.e., to conceal a message’s transmission between sender (Alice) and receiver (Bob) from an adversary (Willie), who only tries to determine whether a transmission took place or not. In this part of the project, our goal is to investigate whether a jammer equipped with multiple antennas can help conceal from Willie the communication between Alice and Bob, i.e., allow Alice to transmit more bits such that Bob will be able to decode them yet not be detected by Willie, and determine the best strategy for such a jammer.
Results from previous years showed that Eve has advantage when sharing only the elevation angle in the LoS scenario, this advantage, however, is not at the same level as the advantage Eve would get if she shared the exact same LoS angle as Bob.
This year’s work demonstrates a new security vulnerability of elevation angle sharing in the LoS scenario, adds mathematical formulation for Bob and Eve’s SNR scaling, and examines the threat of a multi-antenna Eve. Based on channel measurements using a 96- antenna ArgosV2 BS, we have the following findings: (i) We find that Eve obtains a modest advantage due to channel correlation, and the gap between the measured channels and Rayleigh channels increases with the number of BS antennas. (ii) We identify the “MCS saturation regime” which happens when the high SNR saturates the predefined MCS levels and prevents the BS from utilizing potentially a better channel at Bob compared to Eve, suggesting the importance of transmit power adaptation. Yet, considering Eve’s SNR advantage due to channel correlation, a more stringent power adaptation is required. (iii) We find that having a low angular spread to Bob does not help Eve. However, Eve can take advantage of the wide spread among different locations and search for the most favorable position. Also, Eve can move closer to the BS to improve her channel gain, which may force the BS to increase hundreds of antennas to counter. (iv) We demonstrate that Eve gains an advantage by simply sharing the elevation angle with Bob in the LoS scenario considering a rectangular antenna array at the BS. Moreover, this security vulnerability increases with stronger LoS. (v) We show that the SNR advantage obtained by a single-antenna Eve can be accumulated when she increases her antennas by applying MRC.
On the covert communication via multi-antenna jamming side, we considered the covert communication problem in the presence of a jammer who is equipped with multiple antennas and is helping Alice and Bob to conceal from Willie the communication between them. The jammer’s assistance comes in the form of transmitting Artificial Noise (AN) utilizing all its multiple antennas, which creates uncertainty at Willie’s detector and enables Alice and Bob to communicate with a positive rate. We consider both the case where the channel knowledge of Willie is known as well as the case where it is unknown. Specifically, we analyze Bob’s received SNR as a function of the jammer’s transmission strategy, defined by his covariance matrix Σ. The transmission strategies which affect the covert rate were examined and analyzed in the form of optimization problems for the cases of full CSI and partial CSI at the jammer. We examined and analyzed the jammer’s transmission strategies by formulating optimization problems, both for the case of full CSI and for the case of partial CSI at the jammer.
We have started with a model in which Alice, Bob and Willie are equipped with a single antenna, while the jammer is equipped with multiple antennas. We showed that when Willie’s channel information is known to the jammer, its optimal strategy that attains covertness is to beamform the AN with all available power to a specific direction, which is close to the direction of Willie, and orthogonal to Bob as much as possible. Note that this direction reflects a tradeoff between maximizing the interference at Willie’s and minimizing the interference at Bob’s. In the case of partial CSI, i.e., when the jammer does not know the channel toward Willie, we showed that the optimal strategy of the jammer is either to transmit isotropically in all directions or to the null-space of Bob, where this choice depends on certain channel conditions. We extend the optimization problems to the case where Bob is also equipped with multiple antennas, and provide insightful results, shown to be asymptotically optimal, accompanied by simulations.
Publications
C.-Y Yeh and E. Knightly, “Eavesdropping in Massive MIMO: New Vulnerabilities and Countermeasures,” IEEE Transactions on Wireless Communications (in press).