NL2025648B1 - A physical layer authentication method for edge device Combining threshold and machine learning - Google Patents

A physical layer authentication method for edge device Combining threshold and machine learning Download PDF

Info

Publication number
NL2025648B1
NL2025648B1 NL2025648A NL2025648A NL2025648B1 NL 2025648 B1 NL2025648 B1 NL 2025648B1 NL 2025648 A NL2025648 A NL 2025648A NL 2025648 A NL2025648 A NL 2025648A NL 2025648 B1 NL2025648 B1 NL 2025648B1
Authority
NL
Netherlands
Prior art keywords
authentication
physical layer
layer information
threshold
edge device
Prior art date
Application number
NL2025648A
Other languages
Dutch (nl)
Other versions
NL2025648A (en
Inventor
Tang Jie
Wen Hong
Chen Songlin
Song Huanhuan
Original Assignee
Sichuan Shaoze Electronic Equipment Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Shaoze Electronic Equipment Co Ltd filed Critical Sichuan Shaoze Electronic Equipment Co Ltd
Publication of NL2025648A publication Critical patent/NL2025648A/en
Application granted granted Critical
Publication of NL2025648B1 publication Critical patent/NL2025648B1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/214Generating training patterns; Bootstrap methods, e.g. bagging or boosting
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/21Design or setup of recognition systems or techniques; Extraction of features in feature space; Blind source separation
    • G06F18/217Validation; Performance evaluation; Active pattern learning techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F18/00Pattern recognition
    • G06F18/20Analysing
    • G06F18/24Classification techniques
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N20/00Machine learning
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/12Applying verification of the received information
    • H04L63/126Applying verification of the received information the source of the received data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/16Implementing security features at a particular protocol layer
    • H04L63/162Implementing security features at a particular protocol layer at the data link layer

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computing Systems (AREA)
  • Data Mining & Analysis (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Artificial Intelligence (AREA)
  • Computer Vision & Pattern Recognition (AREA)
  • Evolutionary Computation (AREA)
  • Software Systems (AREA)
  • Evolutionary Biology (AREA)
  • Bioinformatics & Cheminformatics (AREA)
  • Life Sciences & Earth Sciences (AREA)
  • Bioinformatics & Computational Biology (AREA)
  • Medical Informatics (AREA)
  • Mathematical Physics (AREA)
  • Data Exchanges In Wide-Area Networks (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

The invention discloses a physical layer authentication method based on edge devices, which takes the advantages of the threshold and the machine learning. Firstly, the maximum repetitive authentication number and the authentication threshold of physical layer information packet are set. Then several terminals perform authentication shaking hands with the edge device. After the identity of terminals is confirmed, they access the edge computing system. Every terminal continuously sends packets to the edge device. When the edge device receives the packet sent by the jth terminal at the ith time slot, it extracts the current channel information matrix as the basis of packet authentication. The edge device adopts the threshold method to perform the physical layer information package authentication, while it carries out the machine learning of the physical layer information package authentication at the same time. After the machine learning authentication method is completed, this machine learning method is used for authentication by the edge device. The novel method improves the authentication rate of physical layer information package and avoids long-term training.

Description

-1- A physical layer authentication method for edge device combining threshold and machine learning Technical field The invention relates to the security protection of the Internet of Things system, in particular to an edge device physical layer authentication method combining threshold and machine learning. Background technique In order to meet various low-latency application scenarios such as industrial control, unmanned driving, and virtual reality, a new network architecture has emerged--a system architecture based on edge computing, which introduces edges through cloud computing servers and terminal device network layers. Computing equipment. Compared with cloud computing, edge computing brings the nearest data processing, reduces the network transmission volume, response delay, and also makes the security improved. It is called "the last mile of artificial intelligence." At the same time, the security protection of the edge computing system itself has become the key to its application. The secure access of the terminal and the verification of the packet sent by the terminal to the edge device are important links for the security of the edge computing system. Since the terminal is a device with limited energy and computing power, The use of high-strength security measures based on passwords is limited, and the security authentication technology of physical characteristics can make full use of the computing resources of edge devices to achieve lightweight security access and data packet authentication of terminals, which has become a technology that has received widespread attention.
Summary of the invention The purpose of the present invention is to overcome the shortcomings of the prior art, and to provide a physical layer authentication method for edge devices that combines threshold and machine learning. Machine learning authentication. After completing machine learning authentication, machine learning methods are used for authentication, which improves the physical layer packet authentication rate and avoids long training.
-2-
The purpose of the present invention is achieved by the following technical solution: A method for authentication of the physical layer of an edge device combining threshold and machine learning, including the following steps:
S1.Set CF as the maximum number of repetitions of physical layer packet authentication, 771s the authentication threshold of physical layer packet;
S2. Several terminal L and the edge device R perform an authentication handshake, after the terminal identity is confirmed, access the edge computing system, and each terminal continuously sends information packets to the edge device;
S3. The edge device extracts the current channel information matrix H : : when receiving the information packet sent by the {&% terminal at the {& moment;
S4. Determine whether there is currently an authentication classifier trained using machine learning algorithms;
If yes, go to step S8;
If not, use the threshold authentication method to authenticate the extracted channel information matrix according to the set authentication threshold of the physical layer packet, and proceed to step S5;
S5. When the threshold authentication method succeeds in authentication, the information packet is considered legitimate and the information packet is received;
Threshold authentication method authentication is unsuccessful, the packet is considered illegal, and it is judged whether the maximum number of repetitions of authentication CF is reached:
Reach the maximum number of repetitions of authentication CF, negate and discard the packet;
If the maximum repetition number CF of authentication is not reached, return to step S3 for the next channel information extraction; S6. When the extracted channel information matrix H : : completes the packet authentication, the sample set is constructed as follows: TH = diff (RY, HE), i=2,0 Mj =1.2,-N, Among them, diff (Ht n SHE ) calculates the difference between H i and H i M is the maximum number of packets sent continuously, and N is the
-3- number of terminals; H a ; represents the channel information matrix extracted by the edge device when the information packet sent by the §& terminal at time { — 2; H i represents the channel information matrix extracted by the edge device when the information packet sent by the ;#% terminal at time ; According to the authentication result of the threshold authentication method, Tf, i=2,---,M,j=12,---N is combined into a binary classification data set T={(x.y)(x.)....(x,.¥,).-}, in the training data set7 : x, = T : LL {+1, Successful threshold owthemtiontion 0 fm = 4, Thrashold omissie folies PELE That is, when y, = +1, it means that the corresponding data packet is legal; when y, = —1,it means that the corresponding data packet is illegal; K items in the data setT with y =+1 constitute the test set 7,4, , and the rest constitute the training set 7, ; S7. Use the classification algorithm in the machine learning algorithm to train according to the binary classification training data set 7}, to generate a classifier, and use the test set 7; to test the generated classifier. When the error rate E is less than a specific value £, the training is completed Certification classifier; Duetoy, =+1 ine, all the data in the set are successful in threshold authentication. If the classifier determines that the data packet corresponding to a certain data is an illegal data packet, it represents a judgment error, and divides the number of misjudged data by the total number of data in test set 7-4 we can get the error rate E.
S8. Use the authentication classifier trained by the machine learning algorithm to authenticate the channel information matrix and determine whether the corresponding information packet is legal: If the packet is legal, receive the packet; If the information packet is illegal, it is determined whether the maximum number of repetitions of authentication CF is reached. When the maximum number of repetitions is reached, the information packet is rejected and discarded. If the maximum number of repetitions is not reached, the process returns to step S3 for the
-4- next channel information extraction.
The beneficial effects of the present invention are: (1) The present invention retains the results of the physical layer packet authentication by the edge device using the threshold method, and performs the machine learning authentication of the physical layer packet authentication, avoiding the long time offline that requires a large number of samples; (2) After completing machine learning authentication, the present invention adopts machine learning method for authentication, which improves the physical layer packet authentication rate; (3) The method proposed by the present invention has no restrictions on the terminal devices accessing the edge device and has good compatibility performance.
Instruction with figures Figure 1 1s a flowchart of the method of the present invention; Figure 2 is a schematic diagram of the principle of the threshold authentication method.
Specific implementation mode The technical solutions of the present invention are described in further detail below with reference to the drawings, but the protection scope of the present invention is not limited to the following.
As shown in Figure 1, a physical layer authentication method for edge devices that combines threshold and machine learning includes the following steps: S1.Set CF as the maximum number of repetitions of physical layer packet authentication, 77 is the authentication threshold of physical layer packet; S2. Several terminal L and the edge device R perform an authentication handshake, after the terminal identity is confirmed, access the edge computing system, and each terminal continuously sends information packets to the edge device; S3. The edge device extracts the current channel information matrix H : : when receiving the information packet sent by the J£& terminal at the £&& moment; S4. Determine whether there is currently an authentication classifier trained using machine learning algorithms; If yes, go to step S8;
-5-
If not, use the threshold authentication method to authenticate the extracted channel information matrix according to the set authentication threshold of the physical layer packet, and proceed to step S5;
S5. When the threshold authentication method succeeds in authentication, the information packet is considered legitimate and the information packet is received,
Threshold authentication method authentication is unsuccessful, the packet 1s considered illegal, and it is judged whether the maximum number of repetitions of authentication CF is reached:
Reach the maximum number of repetitions of authentication CF, negate and discard the packet;
If the maximum repetition number CF of authentication is not reached, return to step S3 for the next channel information extraction,
S6. When the extracted channel information matrix H i completes the packet authentication, the sample set is constructed as follows:
LR or YY LR TLR} , T,; =diff Hg, H),i=2-M,j=12,---N,
Among them, diff (Ri I.
SH) calculates the difference between H a ;and H : ? , M is the maximum number of packets sent continuously, and N is the number of terminals; H oi ; represents the channel information matrix extracted by the edge device when the information packet sent by the j&& terminal at time i — 2;
H i represents the channel information matrix extracted by the edge device when the information packet sent by the j&& terminal at time {;
According to the authentication result of the threshold authentication method, Tf, i=2,---,M,j=12,---N is combined into a binary classification data set T={(x.y)(x.)....(x,.¥,).-}, in the training data set7 :
x, =TH, {+1, Jucesssful threshold ontkennen mee xe ii, Thrashold omissie folies
That 1s, when y, =+1, it means that the corresponding data packet is legal;
when y, = —1,it means that the corresponding data packet is illegal; K items in the data
-6- setT with y =+1 constitute the test set 7, , and the rest constitute the training set 7, ; S7. Use the classification algorithm in the machine learning algorithm to train according to the binary classification training data set 7,, to generate a classifier, and use the test set 7; to test the generated classifier. When the error rate E is less than a specific value g, the training is completed Certification classifier; Due toy, =+1 inlc, all the data in the set are successful in threshold authentication. If the classifier determines that the data packet corresponding to a certain data is an illegal data packet, it represents a judgment error, and divides the number of misjudged data by the total number of data in test set 7, we can get the error rate E.
S8. Use the authentication classifier trained by the machine learning algorithm to authenticate the channel information matrix and determine whether the corresponding information packet is legal: If the packet is legal, receive the packet; If the information packet is illegal, it is determined whether the maximum number of repetitions of authentication CF is reached. When the maximum number of repetitions is reached, the information packet is rejected and discarded. If the maximum number of repetitions is not reached, the process returns to step S3 for the next channel information extraction.
In the embodiments of the present application, the extraction method of the channel information matrix may be an LS (Least Square) channel information estimation method, or a MMSE (Minimum Mean Square Error) channel information estimation method, or may be other channel information estimation methods; Classifiers trained through machine learning algorithms include but are not limited to AdaBoost classifier, bagging classifier and boosting classifier; The specific value ¢ is preset according to the working conditions of the system, and the value of £ satisfies: € <1%,; The value of Kin the step S6 satisfies the following condition: M-N/10<k<M-N/2.
As shown in FIG. 2, in the embodiment of the present application, the specific principle of the threshold authentication method is as follows: First, suppose that the edge device R and the legal access node L have "handshake", the edge device R has completed the storage of the first frame data packet, extract the channel estimation
-7- matrix H - on the legal path and line it in the time domain Averaging and extracting channel information (CSI, channel state information) H oe Hf (LL) L H(LN,) HI" (1) A HF (20) L Hf (2.N) | gee _| H5(2) (1) M M M =! M Hf (NI) L Hf(N,N,) HN) Then, after receiving the second data frame, R also obtains the second frame H oF from the unknown node U to be accessed according to equation (1), and compares H 3 and H - . Assuming that there is a strong correlation between consecutive data frames, the time interval between two frames is within the coherent time, if the two are close, it means that the sender is a legitimate access node L; If the two are not close to each other, it indicates that the node to be accessed is an illegal access node E, and an authentication is completed.
Suppose R has successfully authenticated that the ¥&& data frame is sent by L, and the error-free channel information is H,"; the identity of the sender of the & 3 ita data frame is unclear as U, and the error-free channel information is H on The following hypothesis can be made through the binary hypothesis test [55]: Lr UR _ LR H, : Ha - H, 2) + . IJ UR LR = H, : Hi, + H, The null hypothesis $£g: the error-free channel information in frame & + ft% and the error-free channel information in frame #&% are equal, and the node to be accessed is the legal access node L; Alternative hypothesis +; : The error-free channel information in frame & 2 1£& and the error-free channel information in frame &&% are not equal, and the node to be accessed is an illegal access node E. In formula (2), H A and H EE are error-free channel information, and the actual obtained channel information estimates Hand ZEE : B; = H* +W, (3)
UR UR Hia = Hea + Wa
-8- Among them, W, and¥. 4; are independent and identically distributed complex Gaussian noises, subject to &¥ (S, 2) distribution.
In order to reduce the complexity of authentication, the two equations in equation (3) are subtracted, the physical layer authentication based on channel characteristics is changed to the comparison of the "difference" of the channel information estimation value between consecutive frames, and the equation (3) becomes: H,: diff (Zi , ar) <7 © H,: diff (B.
A) > In the above formula, diff (4 UR IR ) represents the method used to calculate the "difference" between H," and ZJ, and 77 is the threshold.
Zero hypothesis H , : the difference between the channel information in frame & + 1¢&% and the channel information in frame &&% is less thanthreshold 77 , which is the legal access node L; Alternative hypothesis#H, : The difference between the channel information in frame & + 3&& and the channel information in frame &&% is greater than threshold 77 , which is an illegal access node E; If the channel information "difference" between consecutive frames is abbreviated as T , then equation (4) becomes: # 0 T=dijf (Bf HA) (5) H, In the general scheme of physical layer packet authentication, 77 is the threshold, which is generally determined by experiments or empirical methods.
The general scheme of physical layer packet authentication 1s also called the threshold method of physical layer packet authentication, but the accuracy rate of this authentication method is currently needs improvement.
Some scholars have proposed to use the machine learning method instead of the threshold decision method of formula (5), but it requires large label samples and long training time.
Therefore, this patent proposes a combination of a threshold and a machine
-9- learning edge device physical layer authentication method, which retains the results of the edge device using the threshold method for physical layer packet authentication, and performs machine learning authentication for physical layer packet authentication, which avoids It takes a long time for a large number of samples to be offline; after completing machine learning authentication, the machine learning method is used for authentication, which improves the physical layer packet authentication rate; at the same time, the method proposed by the present invention has no restrictions on terminal devices that access edge devices, and Compatibility.
The above is the preferred embodiment of the present invention, it should be understood that the present invention is not limited to the form disclosed herein, and should not be seen as an exclusion from other embodiments, but can be used in other combinations, modifications and environments, and can be Within the scope of the concept, the above teaching or related field of technology or knowledge can be modified.
Changes and changes made by those skilled in the art without departing from the spirit and scope of the present invention should fall within the scope of protection of the appended claims of the present invention.

Claims (5)

-10- Conclusies l.-10- Conclusions l. Fysiekelaagauthenticatiewerkwijze voor gebruik op een fysieke laag van een edge-inrichting (“edge device”), waarbij de werkwijze de volgende stappen omvat:Physical layer authentication method for use on a physical layer of an edge device, the method comprising the following steps: Sl. het instellen van CF als een maximum aantal herhalingen van fystekelaaginformatiepakketauthenticatie en het instellen 7 als een authenticatiedrempelwaarde van fysiekelaaginformatiepakketten;sl. setting CF as a maximum number of repetitions of physical layer information packet authentication and setting 7 as an authentication threshold of physical layer information packets; S2. het uitvoeren van een authenticatiehandshake (“authentication handshake™) op een veelvoud aan terminals L en de edge-inrichting R om een identiteit van elke terminal van de veelvoud aan terminals te bevestigen, het toegang verkrijgen tot een edgecomputersysteem en het ononderbroken verzenden door elke terminal van de veelvoud aan terminals waarvan de identiteit bevestigd is, van fysiekelaaginformatiepakketten naar de edge-inrichting; S3. het afleiden door de edge-inrichting van een huidigekanaalinformatiematrix H ;; indien de edge-inrichting de fysiekelaaginformatiepakketten die verzonden worden door een j-de terminal van de veelvoud aan terminals op een i-de tijdstip, ontvangt; S4. het bepalen of een authenticatieclassificator die geschikt is om de huidigekanaalinformatiematrix te authentiseren, momenteel getraind wordt met behulp van machinaallerenalgoritmen; waarbij het, indien wel, vervolgen met stap 8; het, indien niet, gebruiken van een drempelwaardeauthenticatiewerkwijze om de huidigekanaalinformatiematrix te authentiseren volgens de authenticatiedrempelwaarde 177 van de fysiekelaaginformatiepakketten en het vervolgen met stap S5; S5. het, indien de drempelwaardeauthenticatiewerkwijze in authenticatie slaagt, fysiekelaaginformatiepakket als geldig te beschouwen en het ontvangen van de fysiekelaaginformatiepakketten; het, indien de drempelwaardeauthenticatiewerkwijze niet in authenticatie slaagt, de fysiekelaaginformatiepakketten als ongeldig te beschouwen en het bepalen of het maximum aantal CF van de herhalingen van de tysiekelaaginformatiepakketauthenticatie bereikt is; het, indien het maximum aantal CF van de herhalingen van de fystekelaaginformatiepakketauthenticatie bereikt is, uitsluiten en verwijderen van deS2. performing an authentication handshake™ on a plurality of terminals L and the edge device R to confirm an identity of each terminal of the plurality of terminals, accessing an edge computing system and transmitting continuously by each terminal of the plurality of confirmed terminals of physical layer information packets to the edge device; S3. deriving by the edge device a current channel information matrix H i ; if the edge device receives the physical layer information packets sent by a jth terminal of the plurality of terminals at an ith time; S4. determining whether an authentication classifier capable of authenticating the current channel information matrix is currently being trained using machine learning algorithms; where, if so, continue with step 8; if not, using a threshold authentication method to authenticate the current channel information matrix according to the authentication threshold 177 of the physical layer information packets and proceeding to step S5; S5. if the threshold authentication method succeeds in authentication, consider physical layer information packet as valid and receive the physical layer information packets; if the threshold authentication method fails authentication, deeming the physical layer information packets invalid and determining whether the maximum number CF of the repetitions of the physical layer information packet authentication has been reached; if the maximum number CF of the repetitions of the phystic layer information packet authentication is reached, excluding and removing the _11- tysiekelaaginformatiepakketten; het, indien het maximum aantal CF van de herhalingen van de fysiekelaaginformatiepakketauthenticatie niet bereikt is, terugkeren naar stap S3 voor het afleiden van volgende kanaalinformatie;_11-typical layer information packets; if the maximum number CF of the repetitions of the physical layer information packet authentication is not reached, returning to step S3 to derive next channel information; S6. het, indien de huidigekanaalinformatiematrix H ij de fysiekelaagpakketauthenticatie voltooit, als volgt vervaardigen van een monstervoorbeeld:S6. if the current channel information matrix H ij completes the physical layer packet authentication, making a sample example as follows: Tij = diff (Bg; i =2. oo Mj=12N, £ AY waarbij dif f | HEH 2) een verschil tussen Hi en H ij berekent, M het \ $ maximum aantal is van de fysiekelaaginformatiepakketten die ononderbroken verzonden worden en N het aantal van de veelvoud aan terminals is; H ee ‚ de huidigekanaalinformatiematrix voorstelt die afgeleid is door de edge-inrichting op het moment dat de fysiekelaaginformatiepakketten verzonden werden door de j-de terminal op een (i-1)-de tijdstip; H i de huidigekanaalinformatiematrix voorstelt die afgeleid is door de edge-inrichting device op het moment dat de fysiekelaaginformatiepakketten verzonden werden door de |-de terminal op een i-de tijdstip; het, volgens een authenticatieresultaat van de drempelwaardeauthenticatiewerkwijze, combineren van Ti i=2,M,j=12,.N in een binaireclassificatietrainingsdataset 7’ = {(x,, 4) (4) (XP): 7}, waarbij: x, =T" Vn = ! + Geslaagde drempelwaardeauthenticatie mz. “Tie Mislukte drempelwaardeauthenticatie / waarbij, indien y, =+1 is, de fysiekelaaginformatiepakketten geldig zijn; indien vy, =~1 is, de fysiekelaaginformatiepakketten ongeldig zijn; K bestanddelen met y= +1 in de binaireclassificatietrainingsdataset 7" een testset 7,, vormen en de rest in de binaireclassificatiedataset T een trainingsset 7. vormen; S7. het uitvoeren van een training met behulp van een classificatiealgoritme in deTij = diff (Bg; i = 2. oo Mj=12N, £ AY where dif f | HEH 2) calculates a difference between Hi and H ij, M is the \ $ maximum number of the physical layer information packets that are transmitted continuously and N is the number of the plurality of terminals; H e represents the current channel information matrix derived by the edge device at the time the physical layer information packets were sent by the jth terminal at an (i-1)th time; H i represents the current channel information matrix derived by the edge device device at the time the physical layer information packets were sent by the |-th terminal at an i-th time; according to an authentication result of the threshold authentication method, combining Ti i=2,M,j=12,.N into a binary classification training data set 7' = {(x,, 4) (4) (XP): 7}, where: x , =T" Vn = ! + Successful Threshold Authentication mz. “Tie Failed Threshold Authentication / where, if y, is =+1, the physical layer information packets are valid; if vy, =~1, the physical layer information packets are invalid; K components with y= +1 in the binary classification training data set 7" forms a test set 7, and the remainder in the binary classification data set T forms a training set 7.; S7. performing a training using a classification algorithm in the -12- machinaallerenalgoritmen volgens de trainingsdataset 7, om een classificator te genereren en het gebruiken van de testset 7,7 om de classificator te testen, waarbij, indien de classificator bepaalt dat een datapakket in de testset 7, , die overeenkomt met een data een ongeldig datapakket is, een beoordelingsfout bepaald is op basis van de testset 7; die gevormd is uit bestanddelen met y = +1, en het aantal onjuist beoordeelde data gedeeld wordt door het totale aantal van de data in de testset 7,4 om een foutgraad E te verkrijgen; het, indien de foutgraad E kleiner is dan een waarde van g, voltooien van de training om de authethenticatieclassificator te verkrijgen; S8. het gebruiken van de authenticatieclassificator, die getraind is middels de machinaallerenalgoritmen om de huidigekanaalinformatiematrix te authentiseren en het bepalen of de overeenkomstige fysiekelaaginformatiepakketten geldig zijn: het, indien de fysiekelaaginformatiepakketten geldig zijn, ontvangen van de fysiekelaaginformatiepakketten; het, indien de fysiekelaaginformatiepakketten ongeldig zijn, bepalen of het maximale aantal CF van de herhalingen van de fysiekelaagpakketauthenticatie bereikt is; het, indien het maximale aantal van de herhalingen is bereikt, weigeren en verwijderen van de fysiekelaaginformatiepakketten; en het, indien het maximaal aantal van de herhalingen niet bereikt is, terugkeren naar stap S3 voor het afleiden van volgende kanaalinformatie.-12- machine learning algorithms according to the training data set 7, to generate a classifier and using the test set 7.7 to test the classifier, wherein, if the classifier determines that a data packet in the test set 7, corresponding to a data has a is invalid data packet, a judgment error has been determined based on the test set 7; which is formed of items with y = +1, and the number of incorrectly judged data is divided by the total number of the data in the test set 7.4 to obtain an error degree E; if the error rate E is less than a value of g, completing the training to obtain the authentication classifier; S8. using the authentication classifier trained by the machine learning algorithms to authenticate the current channel information matrix and determining whether the corresponding physical layer information packets are valid: if the physical layer information packets are valid, receiving the physical layer information packets; if the physical layer information packets are invalid, determining whether the maximum number CF of the repetitions of the physical layer packet authentication has been reached; if the maximum number of repetitions is reached, rejecting and removing the physical layer information packets; and if the maximum number of the repetitions is not reached, returning to step S3 to derive next channel information. 2. Fysiekelaagauthenticatiewerkwijze volgens conclusie 1, waarbij in stap S3 werkwijzen voor het afleiden van de huidigekanaalinformatiematrix een werkwijze voor het schatten van Kleinste-Kwadraten-kanaalinformatie en een werkwijze voor het schatten van een Minimum-Gemiddelde-Kwadratische-Fout-kanaalinformatie omvatten.The physical layer authentication method of claim 1, wherein in step S3, methods of deriving the current channel information matrix include a method of estimating Least Squares channel information and a method of estimating Minimum-Mean-Square-Error channel information. 3. Fysiekelaagauthenticatiewerkwijze volgens conclusie 1, waarbij in stap S4 de authenticatieclassificator die getraind wordt middels machinaallerenalgontmen, AdaBoost-classificators, Bagging-classificators en boosting-classificators omvat.The physical layer authentication method of claim 1, wherein in step S4, the authentication classifier trained by machine learning algorithms includes AdaBoost classifiers, Bagging classifiers, and boosting classifiers. 4. Fysiekelaagauthenticatiewerkwijze volgens conclusie 1, waarbij in stap S7 de waarde £ ingesteld wordt volgens bedrijfsvoorwaarden van het randcomputersysteem en de waarde van £ voldoet aan de volgende voorwaarde: e<1%.The physical layer authentication method according to claim 1, wherein in step S7 the value £ is set according to operating conditions of the peripheral computer system and the value of £ satisfies the following condition: e<1%. S13 -S13 - 5. Fysiekelaagauthenticatiewerkwijze volgens conclusie 1, waarbij een waarde van K in stap S6 voldoet aan de volgende voorwaarde: M.N /10<K: M-N/2.The physical layer authentication method according to claim 1, wherein a value of K in step S6 satisfies the following condition: M.N /10<K: M-N/2.
NL2025648A 2019-05-30 2020-05-22 A physical layer authentication method for edge device Combining threshold and machine learning NL2025648B1 (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201910463221.5A CN110149342B (en) 2019-05-30 2019-05-30 Edge device physical layer authentication method combining threshold and machine learning

Publications (2)

Publication Number Publication Date
NL2025648A NL2025648A (en) 2021-02-01
NL2025648B1 true NL2025648B1 (en) 2021-10-05

Family

ID=67593616

Family Applications (1)

Application Number Title Priority Date Filing Date
NL2025648A NL2025648B1 (en) 2019-05-30 2020-05-22 A physical layer authentication method for edge device Combining threshold and machine learning

Country Status (4)

Country Link
CN (1) CN110149342B (en)
AU (1) AU2020100826A4 (en)
LU (1) LU101814B1 (en)
NL (1) NL2025648B1 (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111917418B (en) * 2020-06-10 2023-09-15 北京市腾河智慧能源科技有限公司 Compression method, device, medium and equipment for working condition data
CN112866299B (en) * 2021-04-12 2022-03-18 南京大学 Encrypted data deduplication and sharing device and method for mobile edge computing network
CN114501446B (en) * 2022-01-17 2023-07-25 河北大学 Physical layer authentication method based on PU (polyurethane) bagging strategy in dynamic industrial scene
CN114598495B (en) * 2022-01-20 2023-02-07 北京邮电大学 Physical layer authentication method and device based on multi-time slot channel characteristics
CN114727286B (en) * 2022-02-28 2023-10-27 北京交通大学 Threshold-free multi-attribute physical layer authentication method and related equipment

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101848479B (en) * 2010-04-09 2012-08-08 西安电子科技大学 Simulation system and simulation method of wireless network security protocol
KR20160055718A (en) * 2014-11-10 2016-05-18 뉴라컴 인코포레이티드 Method for transmitting and receiving frame in wireless local area network
EP3226641B1 (en) * 2014-11-19 2023-08-09 Atlas Global Technologies LLC Method and apparatus for processing ppdu based on bbs identification information in high efficiency wireless lan
CN107046468B (en) * 2017-06-14 2020-10-02 电子科技大学 Physical layer authentication threshold determination method and system
CN108304877B (en) * 2018-02-02 2021-10-08 电子科技大学 Physical layer channel authentication method based on machine learning

Also Published As

Publication number Publication date
CN110149342A (en) 2019-08-20
LU101814B1 (en) 2020-09-23
CN110149342B (en) 2020-01-10
NL2025648A (en) 2021-02-01
AU2020100826A4 (en) 2020-07-16

Similar Documents

Publication Publication Date Title
NL2025648B1 (en) A physical layer authentication method for edge device Combining threshold and machine learning
Zhang et al. Blockchain-based distributed software-defined vehicular networks: a dueling deep ${Q} $-learning approach
CN108924836B (en) A kind of edge side physical layer channel authentication method based on deep neural network
CN110224990A (en) A kind of intruding detection system based on software definition security architecture
Tyagi et al. Attack and anomaly detection in IoT networks using supervised machine learning approaches.
US20100036783A1 (en) Method of and apparatus for combining artificial intelligence (AI) concepts with event-driven security architectures and ideas
CN113645197B (en) Decentralized federal learning method, device and system
Liu et al. LSTM-CGAN: Towards generating low-rate DDoS adversarial samples for blockchain-based wireless network detection models
CN110381509A (en) A kind of joint qualification method and server suitable for Dynamic link library scene
Wang et al. CSI-based physical layer authentication via deep learning
Acar et al. A privacy‐preserving multifactor authentication system
Wazzeh et al. Privacy-preserving continuous authentication for mobile and iot systems using warmup-based federated learning
WO2018057691A1 (en) Unsupervised classification of web traffic users
Palau et al. DNS tunneling: A deep learning based lexicographical detection approach
CN114050912A (en) Malicious domain name detection method and device based on deep reinforcement learning
US10965696B1 (en) Evaluation of anomaly detection algorithms using impersonation data derived from user data
Smahi et al. BV-ICVs: A privacy-preserving and verifiable federated learning framework for V2X environments using blockchain and zkSNARKs
US10805318B2 (en) Identification of a DNS packet as malicious based on a value
Akram et al. Blockchain-based privacy-preserving authentication protocol for UAV networks
CN107124327B (en) The method that JT808 car-mounted terminal simulator reverse-examination is surveyed
CN113704737A (en) Small sample physical layer equipment authentication method, system, terminal and storage medium
CN111865570B (en) Automatic remote certification method adaptive to heterogeneous equipment group in Internet of things
CN115766140A (en) Distributed denial of service (DDoS) attack detection method and device
CN112291188B (en) Registration verification method and system, registration verification server and cloud server
CN114760132B (en) Signal sender identity authentication method and device, storage medium and electronic equipment

Legal Events

Date Code Title Description
MM Lapsed because of non-payment of the annual fee

Effective date: 20230601