CN114727286B - Threshold-free multi-attribute physical layer authentication method and related equipment - Google Patents
Threshold-free multi-attribute physical layer authentication method and related equipment Download PDFInfo
- Publication number
- CN114727286B CN114727286B CN202210190506.8A CN202210190506A CN114727286B CN 114727286 B CN114727286 B CN 114727286B CN 202210190506 A CN202210190506 A CN 202210190506A CN 114727286 B CN114727286 B CN 114727286B
- Authority
- CN
- China
- Prior art keywords
- value
- physical layer
- authentication
- signal data
- attribute value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 47
- 230000004044 response Effects 0.000 claims abstract description 90
- 230000005540 biological transmission Effects 0.000 claims abstract description 20
- 239000011159 matrix material Substances 0.000 claims description 51
- 230000006870 function Effects 0.000 claims description 50
- 238000004422 calculation algorithm Methods 0.000 claims description 29
- 238000012545 processing Methods 0.000 claims description 11
- 238000007477 logistic regression Methods 0.000 claims description 6
- 238000004590 computer program Methods 0.000 claims description 3
- 238000004891 communication Methods 0.000 abstract description 21
- 238000005516 engineering process Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 8
- 238000010801 machine learning Methods 0.000 description 7
- 230000007423 decrease Effects 0.000 description 6
- 230000008569 process Effects 0.000 description 5
- 230000006872 improvement Effects 0.000 description 4
- 230000005653 Brownian motion process Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 3
- 238000002474 experimental method Methods 0.000 description 3
- 238000012986 modification Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 3
- 238000005457 optimization Methods 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 238000007619 statistical method Methods 0.000 description 2
- 238000013459 approach Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000010276 construction Methods 0.000 description 1
- 230000003247 decreasing effect Effects 0.000 description 1
- 230000001419 dependent effect Effects 0.000 description 1
- 238000001514 detection method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 230000002708 enhancing effect Effects 0.000 description 1
- 230000007613 environmental effect Effects 0.000 description 1
- 238000005562 fading Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000704 physical effect Effects 0.000 description 1
- 238000005070 sampling Methods 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
- 238000012549 training Methods 0.000 description 1
- 238000012546 transfer Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/06—Authentication
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/44—Program or device authentication
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04W—WIRELESS COMMUNICATION NETWORKS
- H04W12/00—Security arrangements; Authentication; Protecting privacy or anonymity
- H04W12/12—Detection or prevention of fraud
- H04W12/121—Wireless intrusion detection systems [WIDS]; Wireless intrusion prevention systems [WIPS]
- H04W12/122—Counter-measures against attacks; Protection against rogue devices
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/70—Reducing energy consumption in communication networks in wireless communication networks
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Theoretical Computer Science (AREA)
- Computer Hardware Design (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
Abstract
The application provides a threshold-free multi-attribute physical layer authentication method and related equipment. The method comprises the following steps: receiving signal data; acquiring an attribute value of a physical layer authentication fingerprint corresponding to a signal data transmission channel; constructing a physical layer authentication model, and performing classification authentication on the signal data through the trained physical layer authentication model based on the attribute value of the physical layer authentication fingerprint to obtain a classification authentication predicted value; in response to determining that the classified authentication predictor is a preset first value, classifying the source of the signal data as a legitimate transmitter and marking a physical layer authentication fingerprint of the legitimate transmitter as valid; and in response to determining that the classification authentication predicted value is a preset second value, classifying the signal data source as an illegal attacker, marking the physical layer authentication fingerprint of the illegal attacker as illegal, and rejecting the signal data sent by the illegal attacker. And multi-dimensional physical layer protection is provided for wireless communication, and threshold-free intelligent classified authentication is realized.
Description
Technical Field
The present application relates to the field of wireless communications technologies, and in particular, to a thresholdless multi-attribute physical layer authentication method and related devices.
Background
Compared with the traditional wired transmission, the wireless channel environment is more freely opened, so that the information data of the wireless transmission is more easily interfered by the transmission environment. The openness of wireless channels of the industrial Internet, which is accessed by a large number of devices, makes the information carried in the wireless channels more vulnerable to eavesdropping, tampering, counterfeiting and the like of illegal devices. These problems present a degree of security risk to wireless communications of the industrial internet, which presents a significant challenge to security technologies. Compared with the high-level encryption authentication technology with high complexity and high transmission cost, the authentication technology based on the wireless channel fingerprint is more suitable for enhancing the security of equipment with limited computing capacity in the industrial Internet. Authentication schemes based on wireless channel fingerprints utilize the physical characteristics of the device and the physical properties of the channel to which the device is connected to distinguish the source of the information.
Based on the above situation, in the physical layer authentication technology in the prior art, a statistical method is mainly adopted, and it is assumed that the attribute of the wireless channel obeys a certain statistical distribution, and an authentication threshold is set according to the statistical distribution, and the setting of the threshold often needs manual participation and is not intelligent enough. And the physical layer attribute of the signal transmitter is classified by using a machine learning method, and the authentication accuracy obtained by simply applying a machine learning model is not high.
Disclosure of Invention
Accordingly, the present application is directed to a thresholdless multi-attribute physical layer authentication method and related devices, which are used for solving the above technical problems.
Based on the above object, a first aspect of the present application provides a thresholdless multi-attribute physical layer authentication method, comprising:
receiving signal data;
acquiring an attribute value of a physical layer authentication fingerprint corresponding to the signal data transmission channel;
constructing a physical layer authentication model, and carrying out classified authentication on the signal data through the trained physical layer authentication model based on the attribute value of the physical layer authentication fingerprint to obtain a classified authentication predicted value;
in response to determining that the classification authentication predictor is a preset first value, classifying the source of signal data as a legitimate transmitter and marking the physical layer authentication fingerprint of the legitimate transmitter as valid;
and in response to determining that the classification authentication predicted value is a preset second value, classifying the signal data source as an illegal attacker, marking the physical layer authentication fingerprint of the illegal attacker as illegal, and rejecting the signal data sent by the illegal attacker.
A second aspect of the present application provides a thresholdless multi-attribute physical layer authentication device, comprising:
a signal data receiving module configured to receive signal data;
the attribute value acquisition module is configured to acquire an attribute value of a physical layer authentication fingerprint corresponding to the signal data transmission channel;
the classification authentication module is configured to construct a physical layer authentication model, and based on the attribute value of the physical layer authentication fingerprint, the signal data is subjected to classification authentication through the trained physical layer authentication model to obtain a classification authentication predicted value;
a classification processing module configured to classify the source of signal data as a legitimate transmitter and mark the physical layer authentication fingerprint of the legitimate transmitter as valid in response to determining that the classification authentication prediction value is a preset first value;
and in response to determining that the classification authentication predicted value is a preset second value, classifying the signal data source as an illegal attacker, marking the physical layer authentication fingerprint of the illegal attacker as illegal, and rejecting the signal data sent by the illegal attacker.
A third aspect of the application provides an electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, the processor implementing the method of the first aspect when executing the program.
A fourth aspect of the application provides a non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of the first aspect.
According to the threshold-free multi-attribute physical layer authentication method and the related equipment, the multi-antenna legal receiver is provided for receiving signal data, accuracy of estimation of attribute values of subsequent physical layer authentication fingerprints can be improved when the signal quality is poor according to the multi-antenna technology, authentication performance is improved under the condition that the channel condition is poor, then the attribute values of physical layer authentication fingerprints of a transmission channel are obtained according to the received signal data, the attribute values of the physical layer authentication fingerprints of the transmission channel are obtained through the received signal data, multi-attribute combination of the physical layer authentication fingerprints is used as the physical layer authentication fingerprints to provide multi-dimensional protection for a wireless communication system, risks that certain attributes are invalid due to being imitated by an attacker can be effectively resisted, authentication error probability is reduced, the signal data is classified and authenticated through a trained physical layer authentication model based on the attribute values of the physical layer authentication fingerprints, if the classification authentication predicted values are preset first numerical values, sources of the signal data are classified as legal transmitters, and if the classification authentication predicted values are preset second numerical values, the second numerical values of the signal data are not authenticated as the second numerical values, and the signal data are not attacked by the intelligent layer authentication data, and the threshold value is not attacked by the intelligent layer data is not achieved at the same time.
Drawings
In order to more clearly illustrate the technical solutions of the present application or related art, the drawings that are required to be used in the description of the embodiments or related art will be briefly described below, and it is apparent that the drawings in the following description are only embodiments of the present application, and other drawings may be obtained according to the drawings without inventive effort to those of ordinary skill in the art.
FIG. 1 is a flow chart of a threshold-free multi-attribute physical layer authentication method according to an embodiment of the present application;
fig. 2 is a schematic diagram of an application scenario according to an embodiment of the present application;
FIG. 3 is a schematic diagram of an attribute value error of carrier frequency offset and an attribute information error of channel impulse response under different SNR conditions according to an embodiment of the present application;
FIG. 4-a is a schematic diagram of the leak detection rate according to an embodiment of the present application;
FIG. 4-b is a diagram illustrating a false alarm rate according to an embodiment of the present application;
fig. 5 is a schematic structural diagram of a thresholdless multi-attribute physical layer authentication device according to an embodiment of the present application;
fig. 6 is a schematic diagram of an electronic device according to an embodiment of the application.
Detailed Description
The present application will be further described in detail below with reference to specific embodiments and with reference to the accompanying drawings, in order to make the objects, technical solutions and advantages of the present application more apparent.
It should be noted that unless otherwise defined, technical or scientific terms used in the embodiments of the present application should be given the ordinary meaning as understood by one of ordinary skill in the art to which the present application belongs. The terms "first," "second," and the like, as used in embodiments of the present application, do not denote any order, quantity, or importance, but rather are used to distinguish one element from another. The word "comprising" or "comprises", and the like, means that elements or items preceding the word are included in the element or item listed after the word and equivalents thereof, but does not exclude other elements or items. The terms "connected" or "connected," and the like, are not limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. "upper", "lower", "left", "right", etc. are used merely to indicate relative positional relationships, which may also be changed when the absolute position of the object to be described is changed.
The physical layer authentication technology in the related technology mainly adopts a statistical method, and supposes that the attribute of a wireless channel obeys a certain statistical distribution, and an authentication threshold is set according to the statistical distribution, so that the authentication threshold is often not intelligent enough due to manual participation.
In addition, in the related art, the physical layer attribute of the signal transmitter is classified by using a machine learning method, however, the authentication accuracy obtained by simply applying a machine learning model is not high.
The embodiment of the application provides a thresholdless multi-attribute physical layer authentication method, which utilizes an expectation function maximization algorithm to realize semi-blind estimation considering algorithm complexity and frequency band utilization rate, so as to acquire attribute values of physical layer authentication fingerprints, combines the multi-attribute of the physical layer authentication fingerprints as physical layer authentication fingerprints to provide multi-dimensional protection for a wireless communication system, and then realizes intelligent thresholdless authentication through a physical layer authentication model.
As shown in fig. 1, the method of the present embodiment includes:
step 101, signal data is received.
In the step, the legal receiver receives the signal data, the legal receiver is provided with a plurality of receiving antennas, the signal data is transmitted in the form of data packets, and the multi-antenna technology can improve the accuracy of estimating the attribute value of the subsequent physical layer authentication fingerprint when the signal quality is poor, so that the authentication performance is improved when the channel condition is poor.
Step 102, obtaining an attribute value of the physical layer authentication fingerprint corresponding to the signal data transmission channel.
In this step, the signal data will bear and memorize many physical layer characteristics from the device and the wireless transmission channel in the process of sending to the receiving, the commonly used signal strength indication (received signal strength indicator, RSSI), carrier frequency offset (carrier frequency offset, CFO) and channel impulse response (channel impulse response, CIR) are used as authenticated physical layer authentication fingerprints, the multi-attribute combination of the physical layer authentication fingerprints is used as physical layer authenticated fingerprints to provide multi-dimensional protection for the wireless communication system, so that the risk that certain attributes fail due to being imitated by an attacker can be effectively resisted, and the authentication error probability is reduced.
And 103, constructing a physical layer authentication model, and carrying out classified authentication on the signal data through the trained physical layer authentication model based on the attribute value of the physical layer authentication fingerprint to obtain a classified authentication predicted value.
In the step, the physical layer authentication model is a binary classifier, the binary classifier realizes threshold-free authentication on signal data by using a machine learning method based on a logistic regression model, and the physical layer authentication model optimizes parameters of the logistic regression model of the binary classifier through a Frank-Wolf algorithm and a gradient descent algorithm in the training process, so that the convergence speed of the physical layer authentication model is high, and the authentication error rate is low.
Step 104, in response to determining that the classification authentication predictor is a preset first value, classifying the signal data source as a legitimate transmitter and marking the physical layer authentication fingerprint of the legitimate transmitter as valid.
In this step, the first value is a value set by the user according to the actual situation (for example, the first value is 1), the attribute value of the physical layer authentication fingerprint is input into the physical layer authentication model, the classification authentication predicted value is output, that is, when the classification authentication predicted value is 1, the signal data source is classified as a legal transmitter, and the physical layer authentication fingerprint of the legal transmitter is marked as valid.
Step 105, in response to determining that the classification authentication predicted value is a preset second value, classifying the signal data source as an illegal attacker, marking the physical layer authentication fingerprint of the illegal attacker as illegal, and rejecting the signal data sent by the illegal attacker.
In this step, the second value is a value (for example, the second value is 0) set by the user according to the actual situation, the attribute value of the physical layer authentication fingerprint is input into the physical layer authentication model, the classification authentication predicted value is output, that is, when the classification authentication predicted value is 0, the signal data source is classified as an illegal attacker, the physical layer authentication fingerprint of the illegal attacker is marked as illegal, the signal data sent by the illegal attacker is refused, and the spoofing alarm is sent.
As shown in fig. 2, when the classification authentication predicted value is a preset first value, the signal data received by the legal receiver (Bob) is from the legal transmitter (Alice), and the physical layer authentication fingerprint of the legal transmitter is marked as valid, and when the classification authentication predicted value is a preset second value, the signal data received by the legal receiver is marked as illegal by an illegal attacker (EVE), and meanwhile, a deception alarm is sent, and the signal data sent by the illegal attacker is refused, so that the signal data transmitted by a deception link is refused.
By means of the scheme, the legal receiver receives signal data transmitted in the form of the data packet through the plurality of receiving antennas, accuracy of attribute value estimation of the subsequent physical layer authentication fingerprint can be improved when signal quality is poor, authentication performance is further improved under the condition that channel conditions are poor, the attribute value of the physical layer authentication fingerprint is obtained through the signal data, multi-attribute combination of the physical layer authentication fingerprint is used as the physical layer authentication fingerprint to provide multi-dimensional protection for a wireless communication system, risks that certain attributes fail due to being imitated by an attacker can be effectively resisted, authentication error probability is reduced, and intelligent threshold-free authentication of the signal data is achieved through a machine learning method based on the attribute value of the physical layer authentication fingerprint through the physical layer authentication model.
In some embodiments, the physical layer authentication fingerprint includes a signal strength indication, a carrier frequency offset, and a channel impulse response.
In the scheme, the physical layer authentication fingerprint comprises the signal strength indication, the carrier frequency offset and the channel impulse response, and the combination of various attributes of the physical layer authentication fingerprint can effectively resist the risk that certain attributes are invalid due to being imitated by an attacker, reduce the authentication error probability and provide multidimensional physical layer protection for wireless communication.
In some embodiments, step 102 specifically includes:
and 1021, acquiring the receiving power of the signal data transmission channel bandwidth based on the signal data, and obtaining an attribute value of the signal strength indication according to the receiving power.
Step 1022, obtaining an expected function of the attribute value of the preset initial carrier frequency offset and the attribute value of the preset initial channel impulse response according to the signal data.
Step 1023, performing maximization processing on the expected function to obtain a final attribute value of carrier frequency offset and a final attribute value of channel impulse response.
In the above scheme, the attribute value of the signal strength indication can be directly obtained by receiving the receiving power of the signal data transmission channel bandwidth. The carrier frequency offset and the channel impulse response need to obtain the effective attribute value of the fingerprint by a channel semi-blind estimation method.
The semi-blind estimation utilizes a small amount of preset pilot frequency to assist in reducing the computational complexity, the frequency band utilization rate is considered, and the attribute value of the final carrier frequency offset and the attribute value of the final channel impulse response are obtained by utilizing the semi-blind estimation of a maximization algorithm (EM algorithm, expectation Maximization Algorithm) based on an expected function.
In one embodiment, the desired function is expressed as:
wherein y is r Represented as the signal data;a diagonal matrix represented as attribute values containing the initial carrier frequency offset between a legitimate receiver and the legitimate receiver or the illegitimate attacker; r denotes the r antenna of the legal receiver;/>represented as normalized initial carrier frequency offset; x is X P Represented as preset pilot signal data; f is represented as N-point discrete Fourier transform matrix [ p, q ]]The individual elements are->H is denoted as matrix transpose; w is represented as part of the F matrix; />An attribute value expressed as the initial carrier frequency offset; i is denoted as the i-th iteration; />An attribute value representing an iterative carrier frequency offset for an r-th antenna of the legitimate receiver; />Property value denoted as the initial channel impulse response,/- >The expression is as follows:
step 1023 specifically includes:
obtaining an attribute value of an updated channel impulse response by a least square algorithm based on the pilot signal data and the attribute value of the initial carrier frequency offset;
obtaining an updating function of carrier frequency offset according to the attribute value of the initial channel impulse response and the expected function;
substituting the attribute value of the impulse response of the update channel into the update function to obtain an attribute value of the frequency offset of the update carrier;
performing a difference processing on the attribute value of the updated carrier frequency offset and the attribute value of the initial carrier frequency offset to obtain difference information;
and obtaining the attribute value of the final carrier frequency offset and the attribute value of the final channel impulse response in response to determining that the difference information is smaller than a preset threshold or reaches a preset iteration number threshold.
In the above scheme, the channel estimation is a process of estimating the channel model parameters in the received data, which is a key for implementing the wireless communication system, so as to obtain detailed channel information to correctly demodulate the transmitted signal at the receiving end, which is an important indicator for measuring the performance of a wireless communication system, therefore, the channel estimation algorithm is crucial, and the attribute value of the final channel impulse response and the attribute value of the final carrier frequency offset are obtained based on the semi-blind estimation of the expectation function maximization algorithm, so that the estimation speed is high while the calculation complexity is reduced.
In some embodiments, the trained physical layer authentication model is obtained by:
obtaining a loss function of the physical layer authentication model based on the attribute value of the signal strength indication, the attribute value of the final carrier frequency offset, and the attribute value of the final channel impulse response;
and minimizing the loss function to obtain the trained physical layer authentication model, wherein the loss function is expressed as:
wherein θ 0 Represented as offset terms; θ is represented as a weight matrix; r is (r) m The classification authentication prediction value representing the signal data received by the legitimate receiver at time m; d (D) m A matrix comprising the signal strength indication, the carrier frequency offset and the channel impulse response, denoted as time m, of the signal data received by the legitimate receiver.
In the above scheme, before the physical layer authentication model makes an authentication classification decision, parameters of the offset term and the weight matrix need to be optimized continuously according to the loss function, and as the loss function decreases, the prediction result (classification authentication prediction value) gets closer to the actual class.
In some embodiments, step 103 specifically includes:
Step 1031, inputting the attribute value of the physical layer authentication fingerprint into the trained physical layer authentication model.
Step 1032, calculating probabilities that the classification predicted value is the first value and the classification predicted value is the second value through the physical layer authentication model by a logistic regression algorithm, so as to obtain a first probability value and a second probability value.
Step 1033, in response to determining that the first probability value is greater than or equal to the second probability value, outputting the classification authentication prediction value by the physical layer authentication model as the preset first numerical value.
Step 1034, in response to determining that the second probability value is greater than or equal to the first probability value, the classified authentication prediction value output by the physical layer authentication model is the preset second value,
wherein the first probability value and the second probability value are expressed as:
the theta is as follows 0 Represented as the offset term; θ is represented as the weight matrix; d (D) j A matrix represented as comprising attribute values of the signal strength indication, attribute values of the final carrier frequency offset, and attribute values of the final channel impulse response; r is (r) j Representing the classification authentication predictor, r, of the signal data received by the legitimate receiver at time j for the physical layer authentication model j ∈{0,1}。
In the scheme, through normalizing the index function tableReaching the first probability value and the second probability value, when P (r j =1|D j )≥P(r j =0|D j ) When the physical layer authentication model outputs the classified authentication predicted value as a first value, the sender of the signal data is a legal transmitter, otherwise, the physical layer authentication model outputs the classified authentication predicted value as a second value, and the sender is an illegal attacker.
In some embodiments, the minimizing the loss function specifically includes:
optimizing parameters of the weight matrix through a Frank-Wolf algorithm to obtain parameters of an optimal weight matrix;
optimizing the offset item based on a gradient descent algorithm to obtain an optimal offset item;
and obtaining the classification authentication predicted value based on the parameters of the optimal weight matrix and the optimal deviation term.
In the above scheme, the process of adjusting the parameters and the offset term of the weight matrix to minimize the loss function can be described by a convex optimization problem,
wherein Z is a constant, limits the search range of the weight matrix theta, thereby limiting the complexity of the algorithm, and the offset term theta is obtained through the Frank-Wolf algorithm 0 Considered as a constant, and updates the weight matrix θ to obtain optimized weight matrix parameters The solving of the nonlinear optimization problem is converted into solving a series of linear programming problems.
The weight matrix theta is regarded as a constant by a gradient descent algorithm, and the offset term theta is updated 0 To obtain an optimized offset termAnd the parameters of the physical layer authentication model are optimized by using the Frank-Wolf algorithm and the gradient descent algorithm, so that the convergence rate of the physical layer authentication model is high, and the authentication error rate is low.
In some embodiments, with respect to physical layer properties of a given legitimate transmitter and illegitimate attacker, authentication performance under different environmental conditions:
the wireless signal passes through a multipath fading channel and is interfered by noise to reach a receiving end, the access protocol is OFDM (Orthogonal Frequency Division Multiplexing, orthogonal frequency division multiplexing technology), the modulation mode is QAM (Quadrature Amplitude Modulation ), and the sampling frequency is 20MHz. The carrier frequency offset between the legitimate transmitter and the illegitimate attacker was modeled in the experiment as a wiener process with an initial value of 2.54 kHz. Assuming an illegal attacker exists within the communication range, its carrier frequency offset is also modeled as a wiener process, with an initial value of 2.3kHz. It can be seen that the property values of the carrier frequency offset of an illegal attacker and a legitimate transmitter are very close, which is often very demanding for hardware devices, which means that it is assumed that the illegal attacker has very strong imitation capabilities. To fool the receiver, an illegitimate attacker deliberately approaches the legitimate transmitter, making its own path loss very similar to that of the legitimate transmitter. The distance from the legitimate transmitter to the illegitimate attacker is 5 meters and the distance from the illegitimate attacker to the legitimate transmitter is 6 meters. But an illegal attacker can initiate the attack under the condition of concealment after all, and the surrounding environment can be complex, the multipath delay can be greatly expanded. The monotonic rate scheduling delay spread of a legitimate transmitter is assumed to be 25 nanoseconds, while the monotonic rate scheduling delay spread of an illegitimate attacker is assumed to be 100 nanoseconds. The channel modeling in the experiment is an indoor channel of 2.4GHz under IEEE 802.11a specification, and the power delay distribution obeys an exponential model.
The mean square error of the estimation algorithm of the physical layer properties indicates that the estimation error of the carrier frequency offset decreases with increasing signal to noise ratio, which means that the accuracy of the hardware device properties estimated by the receiver from the received signal increases with decreasing noise in the environment. When the signal-to-noise ratio is less than 5dB, the estimation error of the channel impulse response drastically decreases with an increase in the signal-to-noise ratio. However, when the signal-to-noise ratio is greater than 5dB, the authentication error rate is not significantly reduced with the increase of the signal quality, which means that the estimation accuracy of the channel impulse response is greatly affected by the signal-to-noise ratio when the signal quality is poor, while the channel impulse response is hardly affected by the decrease of the signal-to-noise ratio when the signal quality is good. As shown in fig. 3, in the case of poor signal quality, the physical layer property estimation error of the 8-antenna system is lower than that of the single-antenna system, where CFO represents a signal carrier frequency offset (carrier frequency offset), CIR represents a channel impulse response (channel impulse response), nr=1 represents the single-antenna system, and nr=8 represents the 8-antenna system.
Error rate of multi-attribute authentication: in order to compare the accuracy of multi-attribute authentication, authentication experiments were performed using each physical layer attribute and its combination, respectively. As shown in fig. 4-a, fig. 4-b, the authentication error rates under different signal-to-noise ratio conditions for authentication based on single-attribute and multi-attribute physical layers are shown. As the signal-to-noise ratio increases, the rate of missing samples and false positive decreases, where fig. 4-a shows the rate of missing samples and fig. 4-b shows the rate of false positive, and RSSI shows a signal strength indication (received signal strength indicator).
The authentication omission ratio based on the single physical layer attribute of the signal strength indication is kept at a higher level of 20% -30%, and the false alarm rate is between 30% -40%, which indicates that the authentication performance of the signal strength indication as the physical layer authentication fingerprint is not improved along with the improvement of the quality of the received signal. This is because an illegal attacker is very close to a legitimate transmitter, and the path loss between them is an order of magnitude. An illegal attacker can imitate the signal strength indication attribute of a legal transmitter, and cannot obtain good authentication effect by only distinguishing legal equipment from illegal equipment through signal strength indication.
When the signal-to-noise ratio is less than 10dB, the omission ratio and the false positive rate of the authentication based on the channel impulse response and the increase in the signal-to-noise ratio are significantly reduced, indicating that the signal improvement contributes to the authentication performance based on the channel impulse response. When the signal-to-noise ratio is greater than 10dB, the slope of the drop in the false alarm rate and the false alarm rate decreases because the improvement in signal quality does not significantly reduce the estimation error of the channel impulse response. When the signal-to-noise ratio is equal to 10dB, it is any of the above cases when the signal-to-noise ratio is less than 10dB or when the signal-to-noise ratio is greater than 10 dB. As the signal-to-noise ratio increases, the authentication error rate of single-attribute physical layer authentication based on carrier frequency offset is continuously reduced, which has better performance than single-attribute authentication based on channel impulse response. This is because the carrier frequency offset is modeled as a wiener process, the variation of the carrier frequency offset is continuous rather than abrupt, and each channel tap of the channel impulse response is modeled as an independent complex gaussian random variable, i.e. the channel impulse response is more random than the carrier frequency offset.
Physical layer authentication based on carrier frequency offset and channel impulse response properties performs better than authentication using a single property alone as a fingerprint. By jointly using the three attributes as fingerprint authentication, the best performance can be obtained. When a certain attribute in the prior authentication fails, namely the attribute of the illegal attacker and the legal transmitter is very similar, the legal transmitter (legal transmitter) and the illegal transmitter (illegal attacker) cannot be distinguished by the attribute, and other attributes can be used as authentication fingerprints to distinguish. An attacker may imitate some of the attributes of a legitimate transmitter, but an illegitimate attacker is almost impossible to imitate all of the attributes of a legitimate transmitter. Combining multiple attributes as authenticated fingerprints increases the security of the system. Under the condition of signal-to-noise ratio=20 dB, the omission ratio of the multi-antenna three-attribute physical layer authentication is reduced to 0.3466%, and the false alarm rate is less than 0.0263%.
When the receiving end authenticates the identity of the sender, an authentication error is unavoidable, and an index needs to be set to measure the size of the error. In authentication techniques, the probability of false failure and the probability of false failure are commonly used to evaluate the feasibility of the authentication technique. Wherein, the omission means that the legal receiver regards an illegal attacker as a legal transmitter and receives a message forged by the illegal attacker. False alarms mean that a legitimate receiver regards a legitimate transmitter as an illegitimate attacker and rejects the legitimate transmitter's message. Using ML method Machine Learning) generated false positive and false negative probabilities may be described by confusion matrices. False Positives (FP) indicate that a legitimate receiver has accepted a sample of a message from an illegitimate attacker; the true negative number (TN) indicates that the legitimate receiver has rejected the message sample from an illegitimate attacker. Omission ratio (P) m ) It can be expressed as that,
false Negative (FN) indicates that the legitimate receiver refuses a message sample from the legitimate transmitter, and True Positive (TP) indicates that the legitimate receiver accepts a message sample from the legitimate transmitter. False alarm rate (P) f ) It can be described that,
it should be noted that, the method of the embodiment of the present application may be performed by a single device, for example, a computer or a server. The method of the embodiment can also be applied to a distributed scene, and is completed by mutually matching a plurality of devices. In the case of such a distributed scenario, one of the devices may perform only one or more steps of the method of an embodiment of the present application, the devices interacting with each other to accomplish the method.
It should be noted that the foregoing describes some embodiments of the present application. Other embodiments are within the scope of the following claims. In some cases, the actions or steps recited in the claims may be performed in a different order than in the embodiments described above and still achieve desirable results. In addition, the processes depicted in the accompanying figures do not necessarily require the particular order shown, or sequential order, to achieve desirable results. In some embodiments, multitasking and parallel processing are also possible or may be advantageous.
Based on the same inventive concept, the application also provides a threshold-free multi-attribute physical layer authentication device corresponding to the method of any embodiment.
Referring to fig. 5, the thresholdless multi-attribute physical layer authentication device includes:
a signal data receiving module configured to receive signal data;
an attribute value obtaining module 501 configured to obtain an attribute value of a physical layer authentication fingerprint corresponding to the signal data transmission channel;
the classification authentication module 502 is configured to construct a physical layer authentication model, and perform classification authentication on the signal data through the trained physical layer authentication model based on the attribute value of the physical layer authentication fingerprint to obtain a classification authentication predicted value;
a classification processing module 503 configured to classify the signal data source as a legitimate transmitter and mark the physical layer authentication fingerprint of the legitimate transmitter as valid in response to determining that the classification authentication prediction value is a preset first value;
and in response to determining that the classification authentication predicted value is a preset second value, classifying the signal data source as an illegal attacker, marking the physical layer authentication fingerprint of the illegal attacker as illegal, and rejecting the signal data sent by the illegal attacker.
In some embodiments, the physical layer authentication fingerprint includes a signal strength indication, a carrier frequency offset, and a channel impulse response.
In some embodiments, attribute value acquisition module 502 includes:
a first obtaining unit configured to obtain a received power of the signal data transmission channel bandwidth based on the signal data, and obtain an attribute value of a signal strength indication according to the received power;
a function construction unit configured to obtain an expected function of an attribute value of a preset initial carrier frequency offset and an attribute value of a preset initial channel impulse response from the signal data;
and the second acquisition unit is configured to perform maximization processing on the expected function to obtain a final attribute value of carrier frequency offset and a final attribute value of channel impulse response.
In some embodiments, the expectation function is expressed as:
wherein y is r Represented as the signal data;a diagonal matrix represented as attribute values containing the initial carrier frequency offset between a legitimate receiver and the legitimate receiver or the illegitimate attacker; r denotes the r antenna of the legal receiver; />Represented as normalized initial carrier frequency offset; x is X P Represented as preset pilot signal data; f is represented as N-point discrete Fourier transform matrix [ p, q ]]The individual elements are->H is denoted as matrix transpose; w is represented as part of the F matrix; />An attribute value expressed as the initial carrier frequency offset; i is denoted as the i-th iteration; />An attribute value representing an iterative carrier frequency offset for an r-th antenna of the legitimate receiver; />Property value denoted as the initial channel impulse response,/->The expression is as follows:
the second acquisition unit is specifically configured to:
obtaining an attribute value of an updated channel impulse response by a least square algorithm based on the pilot signal data and the attribute value of the initial carrier frequency offset;
obtaining an updating function of carrier frequency offset according to the attribute value of the initial channel impulse response and the expected function;
substituting the attribute value of the impulse response of the update channel into the update function to obtain an attribute value of the frequency offset of the update carrier;
performing a difference processing on the attribute value of the updated carrier frequency offset and the attribute value of the initial carrier frequency offset to obtain difference information;
and obtaining the attribute value of the final carrier frequency offset and the attribute value of the final channel impulse response in response to determining that the difference information is smaller than a preset threshold or reaches a preset iteration number threshold.
In still other embodiments, the physical layer authentication model that is trained is obtained by:
obtaining a loss function of the physical layer authentication model based on the attribute value of the signal strength indication, the attribute value of the final carrier frequency offset, and the attribute value of the final channel impulse response;
and minimizing the loss function to obtain the trained physical layer authentication model, wherein the loss function is expressed as:
wherein θ 0 Represented as offset terms; θ is represented as a weight matrix; r is (r) m The classification authentication prediction value representing the signal data received by the legitimate receiver at time m; d (D) m Said legal receiver receives said signal data containing said signal strength indication, expressed as time mA matrix of carrier frequency offset and said channel impulse response.
In some embodiments, the class authentication module 502 is specifically configured to:
inputting the attribute value of the physical layer authentication fingerprint into the trained physical layer authentication model;
calculating the probability that the classification predicted value is the first numerical value and the probability that the classification predicted value is the second numerical value respectively through a logistic regression algorithm by the physical layer authentication model to obtain a first probability value and a second probability value;
In response to determining that the first probability value is greater than or equal to the second probability value, the classification authentication predicted value output by the physical layer authentication model is the preset first numerical value;
in response to determining that the second probability value is greater than or equal to the first probability value, the classification authentication prediction value output by the physical layer authentication model is the preset second numerical value,
wherein the first probability value and the second probability value are expressed as:
the theta is as follows 0 Represented as the offset term; θ is represented as the weight matrix; d (D) j A matrix represented as comprising attribute values of the signal strength indication, attribute values of the final carrier frequency offset, and attribute values of the final channel impulse response; r is (r) j Representing the classification authentication predictor, r, of the signal data received by the legitimate receiver at time j for the physical layer authentication model j ∈{0,1}。
In some embodiments, the minimizing the loss function specifically includes:
optimizing parameters of the weight matrix through a Frank-Wolf algorithm to obtain parameters of an optimal weight matrix;
optimizing the offset item based on a gradient descent algorithm to obtain an optimal offset item;
And obtaining the classification authentication predicted value based on the parameters of the optimal weight matrix and the optimal deviation term.
For convenience of description, the above devices are described as being functionally divided into various modules, respectively. Of course, the functions of each module may be implemented in the same piece or pieces of software and/or hardware when implementing the present application.
The device of the foregoing embodiment is configured to implement the corresponding threshold-free multi-attribute physical layer authentication method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.
Based on the same inventive concept, the application also provides an electronic device corresponding to the method of any embodiment, which comprises a memory, a processor and a computer program stored on the memory and capable of running on the processor, wherein the processor realizes the threshold-free multi-attribute physical layer authentication method of any embodiment when executing the program.
Fig. 6 shows a more specific hardware architecture of an electronic device according to this embodiment, where the device may include: a processor 601, a memory 602, an input/output interface 603, a communication interface 604, and a bus 605. Wherein the processor 601, the memory 602, the input/output interface 603 and the communication interface 604 are communicatively coupled to each other within the device via a bus 605.
The processor 601 may be implemented by a general-purpose CPU (Central Processing Unit ), a microprocessor, an application specific integrated circuit (Application Specific Integrated Circuit, ASIC), or one or more integrated circuits, etc. for executing relevant programs to implement the technical solutions provided in the embodiments of the present disclosure.
The Memory 602 may be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory ), static storage device, dynamic storage device, or the like. The memory 602 may store an operating system and other application programs, and when the technical solutions provided in the embodiments of the present specification are implemented by software or firmware, relevant program codes are stored in the memory 602 and invoked by the processor 601 to be executed.
The input/output interface 603 is used for connecting with an input/output module to realize information input and output. The input/output module may be configured as a component in a device (not shown) or may be external to the device to provide corresponding functionality. Wherein the input devices may include a keyboard, mouse, touch screen, microphone, various types of sensors, etc., and the output devices may include a display, speaker, vibrator, indicator lights, etc.
The communication interface 604 is used to connect a communication module (not shown in the figure) to enable the present device to interact with other devices for communication. The communication module may implement communication through a wired manner (such as USB, network cable, etc.), or may implement communication through a wireless manner (such as mobile network, WIFI, bluetooth, etc.).
The bus 605 includes a path to transfer information between the various components of the device, such as the processor 601, memory 602, input/output interfaces 603, and communication interfaces 604.
It should be noted that although the above device only shows the processor 601, the memory 602, the input/output interface 603, the communication interface 604, and the bus 605, in the implementation, the device may further include other components necessary for realizing normal operation. Furthermore, it will be understood by those skilled in the art that the above-described apparatus may include only the components necessary to implement the embodiments of the present description, and not all the components shown in the drawings.
The electronic device of the foregoing embodiment is configured to implement the corresponding threshold-free multi-attribute physical layer authentication method in any of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiment, which is not described herein.
Based on the same inventive concept, the present application also provides a non-transitory computer readable storage medium storing computer instructions for causing the computer to perform the thresholdless multi-attribute physical layer authentication method according to any of the above embodiments, corresponding to any of the above embodiments.
The computer readable media of the present embodiments, including both permanent and non-permanent, removable and non-removable media, may be used to implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of storage media for a computer include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device.
The storage medium of the foregoing embodiment stores computer instructions for causing the computer to execute the thresholdless multi-attribute physical layer authentication method according to any one of the foregoing embodiments, and has the beneficial effects of the corresponding method embodiments, which are not described herein.
Those of ordinary skill in the art will appreciate that: the discussion of any of the embodiments above is merely exemplary and is not intended to suggest that the scope of the application (including the claims) is limited to these examples; the technical features of the above embodiments or in the different embodiments may also be combined within the idea of the application, the steps may be implemented in any order, and there are many other variations of the different aspects of the embodiments of the application as described above, which are not provided in detail for the sake of brevity.
Additionally, well-known power/ground connections to Integrated Circuit (IC) chips and other components may or may not be shown within the provided figures, in order to simplify the illustration and discussion, and so as not to obscure the embodiments of the present application. Furthermore, the devices may be shown in block diagram form in order to avoid obscuring the embodiments of the present application, and also in view of the fact that specifics with respect to implementation of such block diagram devices are highly dependent upon the platform within which the embodiments of the present application are to be implemented (i.e., such specifics should be well within purview of one skilled in the art). Where specific details (e.g., circuits) are set forth in order to describe example embodiments of the application, it should be apparent to one skilled in the art that embodiments of the application can be practiced without, or with variation of, these specific details. Accordingly, the description is to be regarded as illustrative in nature and not as restrictive.
While the application has been described in conjunction with specific embodiments thereof, many alternatives, modifications, and variations of those embodiments will be apparent to those skilled in the art in light of the foregoing description. For example, other memory architectures (e.g., dynamic RAM (DRAM)) may use the embodiments discussed.
The present embodiments are intended to embrace all such alternatives, modifications and variances which fall within the broad scope of the appended claims. Therefore, any omissions, modifications, equivalent substitutions, improvements, and the like, which are within the spirit and principles of the embodiments of the application, are intended to be included within the scope of the application.
Claims (6)
1. A thresholdless multi-attribute physical layer authentication method, the method comprising:
receiving signal data;
the obtaining the attribute value of the physical layer authentication fingerprint corresponding to the signal data transmission channel specifically includes:
acquiring the receiving power of the signal data transmission channel bandwidth based on the signal data, and acquiring an attribute value of a signal strength indication according to the receiving power;
Obtaining an expected function of the attribute value of the preset initial carrier frequency offset and the attribute value of the preset initial channel impulse response according to the signal data;
maximizing the expected function to obtain a final attribute value of carrier frequency offset and a final attribute value of channel impulse response;
the desired function is expressed as:
wherein y is r Represented as the signal data;a diagonal matrix represented as a diagonal matrix containing attribute values of the initial carrier frequency offset between a legitimate receiver and the legitimate receiver, and a diagonal matrix of attribute values of the initial carrier frequency offset between a legitimate receiver and an illegitimate attacker; r denotes the r antenna of the legal receiver; />Represented as normalized initial carrier frequency offset; x is X P Represented as preset pilot signal data; f is represented as N-point discrete Fourier transform matrix [ p, q ]]The individual elements are->H is denoted as matrix transpose; w is represented as part of the F matrix;an attribute value expressed as the initial carrier frequency offset; i is denoted as the i-th iteration; />An attribute value representing an iterative carrier frequency offset for an r-th antenna of the legitimate receiver; / >Property value denoted as the initial channel impulse response,/->The expression is as follows:
the maximizing the desired function to obtain the final attribute value of the carrier frequency offset and the final attribute value of the channel impulse response specifically includes:
obtaining an attribute value of an updated channel impulse response by a least square algorithm based on the pilot signal data and the attribute value of the initial carrier frequency offset;
obtaining an updating function of carrier frequency offset according to the attribute value of the initial channel impulse response and the expected function;
substituting the attribute value of the impulse response of the update channel into the update function to obtain an attribute value of the frequency offset of the update carrier;
performing a difference processing on the attribute value of the updated carrier frequency offset and the attribute value of the initial carrier frequency offset to obtain difference information;
obtaining the attribute value of the final carrier frequency offset and the attribute value of the final channel impulse response in response to determining that the difference information is smaller than a preset threshold or reaches a preset iteration number threshold;
constructing a physical layer authentication model, carrying out classification authentication on the signal data through the trained physical layer authentication model based on the attribute value of the physical layer authentication fingerprint to obtain a classification authentication predicted value, wherein the trained physical layer authentication model is obtained through the following method:
Obtaining a loss function of the physical layer authentication model based on the attribute value of the signal strength indication, the attribute value of the final carrier frequency offset, and the attribute value of the final channel impulse response;
and minimizing the loss function to obtain the trained physical layer authentication model, wherein the loss function is expressed as:
wherein θ 0 Represented as offset terms; θ is represented as a weight matrix; r is (r) m The classification authentication prediction value representing the signal data received by the legitimate receiver at time m; d (D) m The matrix, which is expressed as time m and contains the signal strength indication, the carrier frequency offset and the channel impulse response, of the signal data received by the legal receiver, wherein the signal data is classified and authenticated by the trained physical layer authentication model based on the attribute value of the physical layer authentication fingerprint to obtain a classified authentication predicted value, and the method specifically comprises the following steps:
inputting the attribute value of the physical layer authentication fingerprint into the trained physical layer authentication model;
calculating the probability that the classification authentication predicted value is a first numerical value and the probability that the classification authentication predicted value is a second numerical value respectively through a logistic regression algorithm by the physical layer authentication model to obtain a first probability value and a second probability value;
In response to determining that the first probability value is greater than or equal to the second probability value, the classification authentication predicted value output by the physical layer authentication model is the preset first numerical value;
in response to determining that the second probability value is greater than or equal to the first probability value, the classification authentication prediction value output by the physical layer authentication model is the preset second numerical value,
wherein the first probability value and the second probability value are expressed as:
the theta is as follows 0 Represented as the offset term; theta is expressed asThe weight matrix; d (D) j A matrix represented as comprising attribute values of the signal strength indication, attribute values of the final carrier frequency offset, and attribute values of the final channel impulse response; r is (r) j Representing the classification authentication predictor, r, of the signal data received by the legitimate receiver at time j for the physical layer authentication model j ∈{0,1};
In response to determining that the classification authentication predictor is a preset first value, classifying the source of signal data as a legitimate transmitter and marking the physical layer authentication fingerprint of the legitimate transmitter as valid;
and in response to determining that the classification authentication predicted value is a preset second value, classifying the signal data source as an illegal attacker, marking the physical layer authentication fingerprint of the illegal attacker as illegal, and rejecting the signal data sent by the illegal attacker.
2. The method of claim 1, wherein the physical layer authentication fingerprint comprises a signal strength indication, a carrier frequency offset, and a channel impulse response.
3. The method according to claim 1, wherein said minimizing said loss function comprises:
optimizing parameters of the weight matrix through a Frank-Wolf algorithm to obtain parameters of an optimal weight matrix;
optimizing the offset item based on a gradient descent algorithm to obtain an optimal offset item;
and obtaining the classification authentication predicted value based on the parameters of the optimal weight matrix and the optimal deviation term.
4. A thresholdless multi-attribute physical layer authentication device, comprising:
a signal data receiving module configured to receive signal data;
the attribute value acquisition module is configured to acquire an attribute value of a physical layer authentication fingerprint corresponding to the signal data transmission channel, and is specifically configured to acquire the receiving power of the signal data transmission channel bandwidth based on the signal data, and acquire an attribute value of a signal strength indication according to the receiving power; obtaining an expected function of the attribute value of the preset initial carrier frequency offset and the attribute value of the preset initial channel impulse response according to the signal data; maximizing the expected function to obtain a final attribute value of carrier frequency offset and a final attribute value of channel impulse response;
The desired function is expressed as:
wherein y is r Represented as the signal data;a diagonal matrix represented as a diagonal matrix containing attribute values of the initial carrier frequency offset between a legitimate receiver and the legitimate receiver, and a diagonal matrix of attribute values of the initial carrier frequency offset between a legitimate receiver and an illegitimate attacker; r denotes the r antenna of the legal receiver; />Represented as normalized initial carrier frequency offset; x is X P Represented as preset pilot signal data; f is represented as N-point discrete Fourier transform matrix [ p, q ]]The individual elements are->H is denoted as matrix transpose; w is represented as part of the F matrix;an attribute value expressed as the initial carrier frequency offset; i is represented asThe ith iteration; />An attribute value representing an iterative carrier frequency offset for an r-th antenna of the legitimate receiver; />Property value denoted as the initial channel impulse response,/->The expression is as follows:
the expected function is maximized to obtain a final attribute value of carrier frequency offset and a final attribute value of channel impulse response, and the method is specifically used for obtaining an attribute value of updated channel impulse response through a least square algorithm based on the pilot signal data and the attribute value of initial carrier frequency offset; obtaining an updating function of carrier frequency offset according to the attribute value of the initial channel impulse response and the expected function; substituting the attribute value of the impulse response of the update channel into the update function to obtain an attribute value of the frequency offset of the update carrier; performing a difference processing on the attribute value of the updated carrier frequency offset and the attribute value of the initial carrier frequency offset to obtain difference information; obtaining the attribute value of the final carrier frequency offset and the attribute value of the final channel impulse response in response to determining that the difference information is smaller than a preset threshold or reaches a preset iteration number threshold;
The classification authentication module is configured to construct a physical layer authentication model, perform classification authentication on the signal data through the trained physical layer authentication model based on the attribute value of the physical layer authentication fingerprint to obtain a classification authentication predicted value, and the trained physical layer authentication model is obtained through the following method: obtaining a loss function of the physical layer authentication model based on the attribute value of the signal strength indication, the attribute value of the final carrier frequency offset, and the attribute value of the final channel impulse response; and minimizing the loss function to obtain the trained physical layer authentication model, wherein the loss function is expressed as:
wherein θ 0 Represented as offset terms; θ is represented as a weight matrix; r is (r) m The classification authentication prediction value representing the signal data received by the legitimate receiver at time m; d (D) m A matrix comprising the signal strength indication, the carrier frequency offset, and the channel impulse response, represented as time m, of the signal data received by the legitimate receiver; the attribute value based on the physical layer authentication fingerprint carries out classification authentication on the signal data through the trained physical layer authentication model to obtain a classification authentication predicted value, and the classification authentication predicted value is specifically used for inputting the attribute value of the physical layer authentication fingerprint into the trained physical layer authentication model; calculating the probability that the classification authentication predicted value is a first numerical value and the probability that the classification authentication predicted value is a second numerical value respectively through a logistic regression algorithm by the physical layer authentication model to obtain a first probability value and a second probability value; in response to determining that the first probability value is greater than or equal to the second probability value, the classification authentication predicted value output by the physical layer authentication model is the preset first numerical value; in response to determining that the second probability value is greater than or equal to the first probability value, the classification authentication prediction value output by the physical layer authentication model is the preset second numerical value,
Wherein the first probability value and the second probability value are expressed as:
the theta is as follows 0 Represented as the offset term; θ is represented as the weight matrix; d (D) j A matrix represented as comprising attribute values of the signal strength indication, attribute values of the final carrier frequency offset, and attribute values of the final channel impulse response; r is (r) j Representing the classification authentication predictor, r, of the signal data received by the legitimate receiver at time j for the physical layer authentication model j ∈{0,1};
A classification processing module configured to classify the source of signal data as a legitimate transmitter and mark the physical layer authentication fingerprint of the legitimate transmitter as valid in response to determining that the classification authentication prediction value is a preset first value;
and in response to determining that the classification authentication predicted value is a preset second value, classifying the signal data source as an illegal attacker, marking the physical layer authentication fingerprint of the illegal attacker as illegal, and rejecting the signal data sent by the illegal attacker.
5. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor implements the method of any one of claims 1 to 3 when the program is executed by the processor.
6. A non-transitory computer readable storage medium storing computer instructions for causing a computer to perform the method of any one of claims 1 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210190506.8A CN114727286B (en) | 2022-02-28 | 2022-02-28 | Threshold-free multi-attribute physical layer authentication method and related equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210190506.8A CN114727286B (en) | 2022-02-28 | 2022-02-28 | Threshold-free multi-attribute physical layer authentication method and related equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN114727286A CN114727286A (en) | 2022-07-08 |
| CN114727286B true CN114727286B (en) | 2023-10-27 |
Family
ID=82236250
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210190506.8A Active CN114727286B (en) | 2022-02-28 | 2022-02-28 | Threshold-free multi-attribute physical layer authentication method and related equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN114727286B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117081867B (en) * | 2023-10-17 | 2024-01-23 | 北京交通大学 | Cooperative physical layer authentication method based on impression weighting and electronic equipment |
| CN117857225A (en) * | 2024-03-07 | 2024-04-09 | 国网江西省电力有限公司电力科学研究院 | Identity authentication system and method for new energy power station acquisition terminal |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104918249A (en) * | 2015-05-04 | 2015-09-16 | 厦门大学 | Wireless channel fingerprint method based on reinforcement learning |
| CN106792685A (en) * | 2016-12-13 | 2017-05-31 | 北京北邮信息网络产业研究院有限公司 | A kind of joint qualification method based on carrier frequency and received signal strength |
| CN107046468A (en) * | 2017-06-14 | 2017-08-15 | 电子科技大学 | A kind of physical layer certification thresholding determines method and system |
| CN109829477A (en) * | 2018-12-29 | 2019-05-31 | 北京邮电大学深圳研究院 | More attribute physical layer authentication methods, device and server based on heuristic cluster |
| CN110149342A (en) * | 2019-05-30 | 2019-08-20 | 四川少泽电子设备有限公司 | A kind of edge device physical layer authentication method for combining thresholding and machine learning |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CA2799974C (en) * | 2011-12-29 | 2018-05-22 | The University Of Western Ontario | Method and apparatus for wireless security enhancement using multiple attributes monitoring, continuous and interleaved authentication, and system adaption |
| US11622270B2 (en) * | 2020-05-20 | 2023-04-04 | The Government Of The United States Of America, As Represented By The Secretary Of The Navy | Method and apparatus for millimeter-wave physical layer authentication |
-
2022
- 2022-02-28 CN CN202210190506.8A patent/CN114727286B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104918249A (en) * | 2015-05-04 | 2015-09-16 | 厦门大学 | Wireless channel fingerprint method based on reinforcement learning |
| CN106792685A (en) * | 2016-12-13 | 2017-05-31 | 北京北邮信息网络产业研究院有限公司 | A kind of joint qualification method based on carrier frequency and received signal strength |
| CN107046468A (en) * | 2017-06-14 | 2017-08-15 | 电子科技大学 | A kind of physical layer certification thresholding determines method and system |
| CN109829477A (en) * | 2018-12-29 | 2019-05-31 | 北京邮电大学深圳研究院 | More attribute physical layer authentication methods, device and server based on heuristic cluster |
| CN110149342A (en) * | 2019-05-30 | 2019-08-20 | 四川少泽电子设备有限公司 | A kind of edge device physical layer authentication method for combining thresholding and machine learning |
Non-Patent Citations (6)
| Title |
|---|
| AKA-PLA: Enhanced AKA Based on Physical Layer Authentication;Jing Yang 等;《KSII TRANSACTIONS ON INTERNET AND INFORMATION SYSTEMS》;第11卷(第7期);第3747-3765页 * |
| Online Learning Aided Adaptive Multiple Attribute-Based Physical Layer Authentication in Dynamic Environments;Xinyu Yin 等;《IEEE Transactions on Network Science and Engineering》;第1106-1116页 * |
| Threshold-Free Physical Layer Authentication Based on Machine Learning for Industrial Wireless CPS;Fei Pan 等;《IEEE Transactions on Industrial Informatics》;第6481-6491页 * |
| 一种基于Adaboost的物理层信道认证模型;陈洁;陈松林;文红;陈宜;刘文洁;;通信技术(第04期);第891-894页 * |
| 车联网中基于自适应阈值的物理层安全身份认证方法;王宇鹏 等;《沈阳航空航天大学学报》;第37卷(第4期);第61-69页 * |
| 面向认知物联网的高能效协作干扰策略研究;高青鹤;《中国博士学位论文全文数据库 (信息科技辑)》;第3章 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN114727286A (en) | 2022-07-08 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Pan et al. | Threshold-free physical layer authentication based on machine learning for industrial wireless CPS | |
| Jagannath et al. | A comprehensive survey on radio frequency (rf) fingerprinting: Traditional approaches, deep learning, and open challenges | |
| Liao et al. | Security enhancement for mobile edge computing through physical layer authentication | |
| CN114727286B (en) | Threshold-free multi-attribute physical layer authentication method and related equipment | |
| Zhou et al. | A robust radio-frequency fingerprint extraction scheme for practical device recognition | |
| Candore et al. | Robust stable radiometric fingerprinting for wireless devices | |
| Zhou et al. | Design of a robust RF fingerprint generation and classification scheme for practical device identification | |
| Chen et al. | Identification of wireless transceiver devices using radio frequency (RF) fingerprinting based on STFT analysis to enhance authentication security | |
| Germain et al. | Physical-layer authentication using channel state information and machine learning | |
| Wu et al. | DSLN: Securing Internet of Things through RF fingerprint recognition in low-SNR settings | |
| Wang et al. | Collaborative physical layer authentication in Internet of Things based on federated learning | |
| Quintero et al. | A new method for the detection and identification of the replay attack on cars using SDR technology and classification algorithms | |
| Weinand et al. | Supervised learning for physical layer based message authentication in URLLC scenarios | |
| Wang et al. | Specific emitter identification based on deep adversarial domain adaptation | |
| Germain et al. | Channel prediction and transmitter authentication with adversarially-trained recurrent neural networks | |
| CN104392161B (en) | The device authentication based on audio physical fingerprint under the conditions of displacement | |
| CN109348477A (en) | Wireless internet of things physical layer authentication method based on service network | |
| Aygül et al. | Deep learning-assisted detection of PUE and jamming attacks in cognitive radio systems | |
| Yoo et al. | Secure region detection using Wi-Fi CSI and one-class classification | |
| Chen et al. | On physical-layer authentication via triple pool convolutional neural network | |
| Luo et al. | A RFF access authentication technology based on K-nearest neighbor method | |
| Huang et al. | Radio frequency fingerprint identification method based on ensemble learning | |
| Zhou et al. | Enhanced Collaborative Physical Layer Authentication Through An Impression-Weighted Decision Aggregation Scheme | |
| Nair et al. | IoT Device Authentication Using Self-Organizing Feature Map Data Sets | |
| Wen et al. | RF Transmitter Identification and Classification Based on Deep Residual Shrinkage Network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |