Professional Documents
Culture Documents
PAPER
ABSTRACT | The Internet of Things (IoT) will feature pervasive KEYWORDS | Internet of Things (IoT); low complexity; physical-
sensing and control capabilities via a massive deployment of layer security; resource constraints; secure sensing
machine-type communication (MTC) devices. The limited hard-
ware, low-complexity, and severe energy constraints of MTC
devices present unique communication and security chal- No me nc la tu re
lenges. As a result, robust physical-layer security methods 3G Third generation (cellular).
that can supplement or even replace lightweight cryptographic 3GPP Third Generation Partnership Project.
protocols are appealing solutions. In this paper, we present an 5G Fifth generation (cellular).
overview of low-complexity physical-layer security schemes AN Artificial noise.
that are suitable for the IoT. A local IoT deployment is modeled BER Bit error rate.
as a composition of multiple sensor and data subnetworks, with CAE Channel-aware encryption.
uplink communications from sensors to controllers, and CS Compressive sensing.
downlink communications from controllers to actuators. The CSI Channel state information.
state of the art in physical-layer security for sensor networks is CSIT Channel state information at the transmitter.
reviewed, followed by an overview of communication network D2D Device-to-device.
security techniques. We then pinpoint the most energy-efficient EFC Eavesdropping fusion center.
and low-complexity security techniques that are best suited for GEVD Generalized eigenvalue decomposition.
IoT sensing applications. This is followed by a discussion of GSVD Generalized singular value decomposition.
candidate low-complexity schemes for communication secu- HSPA High speed packet access (cellular).
rity, such as ON–OFF switching and space-time block codes. The IoT Internet of Things.
paper concludes by discussing open research issues and LFC Legitimate fusion center.
avenues for further work, especially the need for a theoretically LLR Log-likelihood ratio.
well-founded and holistic approach for incorporating com- LRT Likelihood ratio test.
plexity constraints in physical-layer security designs. LTE-A Long-term evolution-advanced.
MIMO Multiple-input–multiple-output.
MISO Multiple-input–single-output.
ML Maximum likelihood.
Manuscript received January 27, 2015; revised June 23, 2015; accepted August 2, 2015. MSE Mean squared error.
Date of publication September 11, 2015; date of current version September 16, 2015.
The author is with the Radio Access Technologies Group, Ericsson Research, MTC Machine-type communication.
San Jose, CA 95134 USA (e-mail: amitav.mukherjee@ericsson.com). NFC Near-field communication.
Digital Object Identifier: 10.1109/JPROC.2015.2466548 OFDMA Orthogonal frequency-division multiple access.
0018-9219 2015 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
Vol. 103, No. 10, October 2015 | Proceedings of the IEEE 1747
Mukherjee: Physical-Layer Security in the Internet of Things
RAT Radio access technology. security methods that can supplement lightweight crypto-
RFID Radio-frequency identification. graphic protocols [15]–[17] are appealing solutions for the
RSSI Received signal strength indicator. IoT. Roughly speaking, these methods exploit differences
SINR Signal-to-interference-plus-noise ratio. in channel conditions and interference environments to
SISO Single-input–single-output. boost signal reception at intended recipients while degrad-
TBMA Type-based multiple access. ing the reception of unauthorized users. Physical-layer se-
VLC Visible light communications. curity methods are generally agnostic to the RAT, and offer
‘‘built-in’’ security that is information-theoretically un-
breakable [18], [19].
I. INTRODUCTION However, not all existing physical-layer security tech-
The notion of an IoT is an inevitable offshoot of the ongo- niques are suitable for IoT applications. This is because
ing advances in communication technology and network- MTC devices have some unique characteristics compared
ing services. The IoT is expected to provide ubiquitous to smartphones and tablets that are powered by 3G and
connectivity and information-gathering capabilities span- LTE-A broadband networks today. They generally have low
ning home, vehicular, and industrial environments. It is data rate requirements, periodic data traffic arrivals, li-
envisioned that billions of physical devices will be outfitted mited hardware and signal processing capabilities, limited
with different kinds of sensors and actuators and con- storage memory, compact form factors, and significant
nected to the Internet via heterogeneous access networks energy constraints [20]. As an example, a battery life of ten
[1]. Thus, the main driver behind IoT will be the large- years at a quarter of the cost of wideband LTE-A devices is
scale deployment of MTC devices or machine-to-machine one of the objectives of the Release 13 LTE-A MTC stan-
links that perform sensing and actuation tasks with mini- dardization effort [21]. Thus, the complexity, energy effi-
mal human intervention [2]–[4]. ciency, and CSI requirements of the chosen security
IoT is synonymous with the notion of a cyber–physical methods are critical aspects that determine their feasibility
system, or a ‘‘network of networks’’ [5]. The scope of the in the IoT [23]. These aspects have received relatively li-
IoT extends far beyond autonomously adapting air condi- mited attention in the literature on physical-layer security.
tioning and heating levels in a smart home or reporting The remainder of this work is organized as follows.
smart meter readings. Assistive technologies for the elderly Section II introduces simple mathematical models for up-
and disabled, in vivo and in situ biological monitoring, link and downlink communications in an IoT environment.
adaptive irrigation for agriculture, self-driving vehicles, The state of the art in physical-layer security for sensor
emergency and disaster response, and many other such networks and data communications is reviewed in succes-
applications will be enabled and facilitated by the IoT. Such sion in Section III, along with the challenges unique to IoT
pervasive sensing and control capabilities will lead to a security. Secure transmission methods tailored for resource-
transformative change in daily life. The IoT is expected to constrained IoT sensors and actuators are analyzed in detail
be a centerpiece of upcoming 5G communication tech- in Sections IV and V, respectively. Finally, conclusions and
nologies that will be commercially deployed from 2020 future directions are discussed in Section VI.
onwards [6], [7]. Furthermore, the notation used hereafter signifies the
An IoT infrastructure is rendered operational by a following. Lowercase boldface letters denote vectors, up-
communication network that collects and exchanges useful percase boldface letters represent matrices, and C is the
information to fully leverage the advantages of IoT. The air complex domain. We will use N ð0; ZÞ to denote a circular
interface used for wireless connectivity may range from symmetric complex multivariate Gaussian distribution
NFC, Bluetooth, GSM, HSPA, IEEE 802.15.4 (e.g., with zero mean and covariance matrix Z. We also use E
ZigBee), IEEE 802.11ah, 3GPP LTE-A, or a proprietary to denote expectation, HðÞ for entropy, ðÞT for the trans-
system (e.g., Weightless, SigFox, On-Ramp). It is possible pose, ðÞH for the complex conjugate (Hermitian) trans-
that multiple such RATs are present within the same local pose, k k for the vector norm, detðÞ to denote the matrix
IoT deployment. As the IoT evolves, future connectivity determinant, and I represents an identity matrix of ap-
solutions may encompass VLC [8], acoustic [9], and mole- propriate dimension.
cular communications [10].
Communication security is clearly a requirement for
IoT applications, given their wide scope encompassing I I. IoT T AXONOMY AND MODEL
commercial, industrial, governmental, and military appli- We consider an abstraction of an IoT system with four
cations [11], [12]. Traditional cryptographic protocols [13], categories of components.
[14] that require key distribution or certificate manage- • Sensors: They monitor some phenomenon and
ment can be challenging to implement in IoT systems with report their observations to a data collection point.
a very large number of MTC devices, coupled with hetero- The data collection is performed by a controller.
geneous RATs and different subsystems being controlled The majority of the traffic flow is from the sensors
by distinct operators. As a result, robust physical-layer to the collection point (uplink).
1748 Proceedings of the IEEE | Vol. 103, No. 10, October 2015
Mukherjee: Physical-Layer Security in the Internet of Things
Fig. 1. Conceptual visualization of an IoT realization with heterogeneous wireless communication links. Each subsystem has an associated
controller that controls transmission modes and scheduling.
• Actuators: They receive directions from a control- spectively. Thus, n~k > 1 would represent a multiple access
ler and perform corresponding actions, either phy- channel with multiple sensors transmitting on the same
sical or electronic. The majority of the traffic flow time–frequency resources to the controller, while n~k ¼ 1 if
is from the controller to the actuators (downlink). orthogonal resources (in time or frequency) are available
• Controllers: They perform scheduling of a subset to form parallel access channels. Similarly, a~k ¼ 1 models a
of IoT devices (sensors and actuators), and trans- downlink system where separate time or frequency re-
mit or receive data to them. sources are allocated to different actuators, for, e.g., an
• Eavesdroppers: They are unauthorized receivers OFDMA system with one actuator served on a particular
that seek to passively intercept communications set of frequency tones. An example is depicted in Fig. 2.
between controllers and sensors or actuators. For purposes of illustration, assume all sensors are
Eavesdroppers are modeled as being passive, i.e., they do equipped with a single antenna. The sensors observe their
not inject false data or jamming signals into the system. environment and compute a digitally modulated informa-
Similar to worst case assumptions in the literature, eaves- tion signal to be sent to the LFC. The baseband signals
droppers are assumed to have unbounded computational received from the sensors at their controller for an arbi-
power, which implies that they are not a compromised trary channel use can be represented as
sensor and are external to the IoT network. We also as-
sume that communications are hierarchical. In the hierar-
chical IoT model, only controllers can communicate with X
n~k
controllers of adjacent subsystems and the external wide yc;k ¼ hi;k xi;k þ wk (1)
i¼1
area network. A subsystem is a localized group of nodes
tasked with a common objective, such as video surveillance
or factory automation, as shown in Fig. 1. Thus, components
of a subsystem cannot directly communicate with those of
another subsystem, due to the likely usage of different RATs
or frequency channels. For this reason, we focus on
infrastructure-based communication architectures in this
work, and do not explicitly consider security challenges in
D2D communication scenarios [24]. However, many of the
challenges and potential solutions described herein also
apply to D2D communications [25]–[28].
Consider an arbitrary IoT subsystem k comprising nk
sensors and ak actuators, with the corresponding controller
equipped with mk antennas. The parameters nk and ak are
the number of active nodes at a particular instant. While
the number of deployed devices may be much larger, many
of them are likely to be in sleep mode for energy conserva-
tion [20]. Furthermore, let n~k and a~k denote the number of
sensors and actuators that transmit or receive data at a Fig. 2. IoT sensor network with SISO sensors and multiantenna EFC
particular instant, with 1 n~k nk and 1 a~k ak , re- and LFC.
Vol. 103, No. 10, October 2015 | Proceedings of the IEEE 1749
Mukherjee: Physical-Layer Security in the Internet of Things
1750 Proceedings of the IEEE | Vol. 103, No. 10, October 2015
Mukherjee: Physical-Layer Security in the Internet of Things
relative detection probabilities [40], or relative error processing speed, storage capacity, and energy resources in
probabilities [49] at the EFC and LFC. In one definition, sensor networks [22], asymmetric cryptography such as
information-theoretic perfect secrecy is said to be achieved if the Rivest–Shamir–Adleman algorithm or the Diffie–
the conditional entropy at the EFC after its observations is Hellman key agreement protocol is often considered too
the same as the a priori entropy demanding in terms of processing power [23]. In recogni-
tion of this, Kundur et al. examined cross-layer security
methodologies based on lightweight symmetric key cryp-
~ e;k Þ ¼ HðÞ
HðjY (5) tography for multimedia sensor networks [37]. However,
their approach requires that each network node have an
~ e;k are the random variable counterparts of individual key that is shared with the LFC and that pair-
where and Y
wise keys be available between adjacent sensors in a sub-
state and EFC signal y ~ e;k , respectively. Satisfying the
system. In addition, every network entity has two
above condition is also known as maximizing the equivo-
predeployed network-wide keys. The burden of secure
cation of the EFC.
key exchange and management are not negligible even in
The physical-layer security of data communication in a
lightweight key-based systems when the number of nodes
wiretap channel with a single legitimate link and one or
can be very large as in the IoT. This motivates the use of
more eavesdroppers is usually quantified by the secrecy
physical-layer security methods that are reviewed next.
rate. Other metrics for communication security include
the relative SINRs, relative BER, and relative MSE of the
1) Censoring: Marano et al. [36] examined optimal sensor
authorized and eavesdropping receivers.
censoring strategies in an energy-constrained sensor net-
In the wiretap channel, the secrecy rate is a transmis-
work where the EFC has a degraded channel that can only
sion rate that can be reliably supported on the primary
distinguish if sensor transmissions are present or absent.
channel, but which is undecodable on the eavesdropper’s
Censoring entails comparing a sensor’s local LLR to a pair
channel.2 For Gaussian channels, it is calculated as the
of thresholds, and transmitting to the LFC only if the ratio
difference between the mutual information on the primary
is either very high or very low. The EFC therefore does not
and eavesdropper’s channels. For example, the secrecy rate
have access to the sensors’ transmitted data, but can moni-
obtained from (3) and (4) with a single actuator ðak ¼ 1Þ
tor the transmission activity of the channel and exploit the
and fixed channel states is
busy-idle state of the channel for detecting the hypothesis.
h 2) Channel-Based Bit Flipping: Now consider the case
~ jh
Rs ¼ log2 1 þ Pc;k h ~H
j where the EFC is able to directly overhear the actual sensor
iþ n~k
~ e;k t1;k tH G~H transmissions fxi;k gi¼1 . In [38], channel fading gains are
log2 det I þ Pc;k G 1;k e;k (6)
used in a secure TBMA scheme where the sensors follow
different reporting rules depending on the strength of their
channel gains to the LFC. The LFC announces two thresh-
where ½xþ ¼ maxf0; xg. Secrecy capacity is achieved
olds s and w to the sensors, which then compare their
when the secrecy rate is maximized with respect to input
channel amplitudes against these thresholds and autono-
distribution and power allocation.
mously classify themselves into strong and weak sets. Sen-
In fast fading channels, the secrecy outage probability
sors from each set then randomly decide to transmit their
is another metric of interest that represents the probability
quantized measurements; the activation probabilities are
that a certain target secrecy rate is not achieved for a given
provided by the LFC. Active sensors with a weak channel to
communication link. When multiple communication links
the LFC flip their local decisions in order to confuse the
are present, for example, as in broadcast or interference
EFC, while the LFC discards the flipped reports. Active
channels, then one is typically interested in defining the
sensors are allowed to transmit simultaneously ð~ nk > 1Þ by
achievable secrecy rate region or secrecy capacity region,
transmitting on orthogonal waveforms. The sensors must
or the aggregate secrecy sum rate/capacity. Metrics other
however obtain precise CSI of their links to the LFC,
than secrecy rate or secrecy outage probability, such as
including both phase and amplitude information, so as to
relative SINR or BER, do not provide any information-
perform channel phase precompensation and enable
theoretic guarantees of security, but are often more trac-
coherent demodulation at the LFC.
table for purposes of system design.
As an improvement over [38], Jeon et al. [39] and
Choi et al. [40] proposed a CAE scheme where at each
B. Security in Sensor Networks instant a sensor has three possible actions: stay dormant,
Radio communications between sensors and the LFC report a ‘‘flipped’’ decision, or report its unaltered local
are inherently vulnerable to eavesdropping. Due to limited decision. The choice of action depends on where its in-
2
More rigorous definitions and examples can be found in [79]–[81] stantaneous channel fading gain to the LFC falls between a
and the extensive references within. set of publicly known thresholds f1 ; 2 ; 3 g, with
Vol. 103, No. 10, October 2015 | Proceedings of the IEEE 1751
Mukherjee: Physical-Layer Security in the Internet of Things
1 > 1 2 3 . That is, sensor i reports its unaltered optimal at the sensors if the network is designed to minimize
local decision if khi;k k2 > 1 , reports a bit-flipped decision the expected detection cost at the LFC such that the mini-
if 3 khi;k k2 2 , and stays dormant otherwise. The mum average cost at the EFC is no greater than a prescribed
channel fading gains, which depend on the location of the nonnegative value . It turns out that the sensor that is
sensors and LFC, are known to the LFC (assuming channel being intercepted manipulates its feedback so that the EFC
reciprocity) but are unknown to the EFC due to the sta- gains practically no information about the true hypothesis,
tistical independence of the sensor-to-LFC and sensor-to- while the LFC still extracts some useful information. The
EFC channels, and thus the EFC cannot identify which same network scenario was studied assuming Neyman–
sensors are flipping their decisions. The optimal thresholds Pearson detectors in [45], where security was modeled using
are computed such that the numbers of flipping and non- a constraint placed on the EFC detection probability. Here,
flipping sensors are equal, which turns out to satisfy the it was shown that the optimal local quantizer is a determi-
perfect secrecy condition in (5). nistic LRT, while the fusion rule may still be a randomiza-
The LFC performs square law combining and an LLR tion between two or more LRTs.
decision fusion rule, since only statistical CSI of the sensor- A more general scenario with multiple eavesdropped
to-LFC channel gains is assumed to be known for additional sensors was considered in [46], where an optimal 1-bit sen-
robustness. At high SNR, the LFC decision is quite simple: sor quantization rule was designed to maximize the
the sensor-to-LFC channel gains are first approximated to difference between the Kullback–Leibler divergences of
be the received signal magnitude. Then, the LFC compares the LFC and EFC. Denoting the sensor quantization rule for
the approximate channel gains with the thresholds f1 ; sensor i’s observation by i ðÞ, the output of the quantizer is a
2 ; 3 g to determine whether the sensor report was flipped single bit: xi;k ¼ 1 if the local hypothesis test decision is 1 ,
via a hard decision rule. Once flipped bits have been re- and xi;k ¼ 0 if the local decision is 0 . Alternatively, in [46]
aligned, the ensuing high-SNR LLR decision rule has a and [47], the quantizer seeks to maximize the divergence at
closed-form expression. The system efficiency is improved the LFC while constraining the EFC’s divergence, under the
compared to [38] in two ways: by allowing the LFC to also assumption of binary symmetric channels between sensors
exploit the flipped sensor reports for its LLR-based global and LFC/EFC. Numerical algorithms are then presented to
decision, and by using noncoherent digital modulation determine the optimal sensor quantization thresholds for
which does not require exact CSI estimation. However, or- identical and nonidentical channel statistics. While security
thogonal reporting channels are required ð~ nk ¼ 1Þ, in order is directly integrated into the sensor likelihood ratio test
for the LFC to estimate individual sensor channel gains. procedure, these algorithms require knowledge of the EFC
channel statistics which is hard to obtain.
3) Probabilistic Ciphering: Another related category of
techniques is based upon probabilistic ciphering. In [41], 5) Compressive Sensing: In [48] and [49], the CS signal
the sensor observations are randomly mapped to a set of processing technique is utilized for physical-layer security.
discrete quantization levels, with the corresponding map- In CS, a linear transformation is applied to compress sparse
ping probabilities known only to the LFC and not the EFC. vectors by multiplying with a measurement matrix [50].
The suboptimal mapping probabilities and LFC decision rule Reconstruction of the sparse vectors is possible in polyno-
that jointly minimize its error probability subject to a con- mial time from fewer samples than suggested by the
straint on the EFC error probability are then derived. This Nyquist sampling theorem, using an optimization or algo-
approach is made more rigorous in [42], where the optimal rithmic framework. A single sensor ð~ nk ¼ 1Þ, LFC, and EFC
cipher matrices are obtained based on a divergence metric, system is considered in [48], where both the sensor and
again assuming that they remain unknown to the EFC. Aysal LFC extract secret bits from RSSI values of packets ex-
and Barner [43] investigated the problem of secure distri- changed between them. These bits are used as seeds to feed
buted estimation by incorporating a stochastic cipher as an a shift register to generate an m-sequence. The output
additional block to the existing sensor networks to improve m-sequences are later reorganized to form an ðM NÞ CS
secrecy. They showed a significant deterioration in the EFC’s measurement matrix %i;k by the sensor and LFC without
performance (in terms of bias and MSE) at the cost of a coordination. The EFC cannot compute the same measure-
marginal increase in the estimation variance at the LFC. ment matrix since its channels and RSSI values are
uncorrelated with the legitimate nodes. Then, the sensor’s
4) Optimal Quantization: It is also possible to optimize the M-dimensional transmit signal is constructed as
feedback reports emanating from the sensors. As an exam-
ple, Li et al. [44] investigated the problem of Bayesian dis-
tributed detection for the special case of nk ¼ 2 sensors in xi;k ¼ %i;k di;k
the network, where the EFC has access to only one of the
sensor’s transmissions. The authors proved that LRT-based
tests (declaring an output of 1 or 0 depending upon whether where di;k is the N-dimensional sparse vector of sensor
the received LLR is above or below some threshold) were observations. The LFC recovers di;k by numerically
1752 Proceedings of the IEEE | Vol. 103, No. 10, October 2015
Mukherjee: Physical-Layer Security in the Internet of Things
Vol. 103, No. 10, October 2015 | Proceedings of the IEEE 1753
Mukherjee: Physical-Layer Security in the Internet of Things
1754 Proceedings of the IEEE | Vol. 103, No. 10, October 2015
Mukherjee: Physical-Layer Security in the Internet of Things
Vol. 103, No. 10, October 2015 | Proceedings of the IEEE 1755
Mukherjee: Physical-Layer Security in the Internet of Things
generated by the PKG still need to be sent to the sensors in A natural question is if the CAE scheme designed for
a secure manner. Furthermore, Li and Xiong [56] propose sensor networks can also be used for controller-to-actuator
a two-stage signcryption generation method that involves downlink communications. Extending CAE to the general
both offline and online computations and the offline results broadcast channel in (3) with separate messages for the
need to be stored at the sensors, which increases the com- actuators is not straightforward. However, we observe that
putational complexity. This suggests that physical-layer the CAE principle of selective message flipping is applica-
security techniques can at least further augment crypto- ble to downlink multicast, when a common message is
graphic protocols (e.g., IBC secret-key exchange phase), sent to all actuators. This new application of CAE to low-
and alleviate computational complexity since fewer offline complexity secure multicasting at the physical layer is
computations are required, if any. proposed next. The remainder of this section then reviews
candidate low-complexity solutions for point-to-point data
transmission scenarios case, namely, on–off switching,
V. IoT COMMUNICATIONS S ECURITY noncoherent communication, and space-time codes. All of
It is evident that low complexity, high energy efficiency, these candidates have various pros and cons as summa-
and scalability are also desirable attributes of security rized in Table 2, and it would be premature at this stage to
schemes for IoT data communications. For this reason, choose one of them as a definitive solution perfect for IoT
transmission schemes that are predicated upon instanta- applications. Furthermore, note that it is prohibitively
neous eavesdropper CSIT, such as the GEVD- and GSVD- difficult to design secure broadcast schemes without
based methods, are not deemed to be viable in the IoT. In precise instantaneous CSIT, since interuser interference
addition, AN-based methods are also not justifiable due to cannot be mitigated otherwise.
their higher energy expenditure and increased cochannel
interference to any adjacent user. Instead, in this section, A. Secure Multicast Based on CAE
we examine possible alternative solutions for physical-layer Physical-layer multicasting requires that a common
security that avoid these pitfalls, namely: information symbol be sent to multiple downlink recei-
• they require minimal or no eavesdropper CSIT; vers. Consider the simple case of a binary digital
• they need coarse legitimate CSIT; modulation scheme employed at the transmitter
• they have simple CSI estimation requirements at (controller) to send one multicast bit to a~k actuators.
the receivers; Based on CAE, the controller first estimates the channel
• they have low-complexity encoding and decoding; magnitudes khi;k k2 to the actuators, by observing uplink
• they do not employ AN. signals for example. The actuators also possess knowledge
It is understood that information-theoretic perfect secrecy of their channel magnitudes from the controller, assuming
may not be achieved if such constraints are imposed on the channel reciprocity. The controller then announces three
transmission methods. However, achieving an eavesdrop- thresholds f1 ; 2 ; 3 g, after which the actuators infer in
per error probability of 0.5 is sufficient as a proxy for per- which region between these thresholds does their channel
fect secrecy in practical scenarios such as fading channels. magnitude belong.
1756 Proceedings of the IEEE | Vol. 103, No. 10, October 2015
Mukherjee: Physical-Layer Security in the Internet of Things
The actual multicast of the data symbol, say ‘k , is div- (statistical CSI is known to both). Thus, channel estima-
ided into two phases. In the first phase, the controller tion and tracking do not need to be performed continu-
transmits the modulation symbol corresponding to the bi- ously at the receiver, which theoretically leads to a simpler
nary input ‘‘1’’ as tk . In the second phase, the controller implementation. However, not knowing the instantaneous
sends the ‘‘flipped’’ symbol corresponding to the binary CSIT of the legitimate channel leads to a zero secrecy rate
input ‘‘0.’’ Assume the true message bit is ‘‘0.’’ Then, the since the transmission rate cannot be set accurately.
thresholds are designed such that in the first phase, a~k =2 Therefore, no prior work exists on keyless secrecy for
actuators have channel magnitudes satisfying 3 noncoherent systems, though secret-key agreement for
khi;k k2 2 and flip their demodulation decision to the this scenario was studied in [82]. On the other hand, it
correct bit value of ‘‘0.’’ In the second phase, the remaining may be possible to design noncoherent security schemes if
a~k =2 actuators have channel magnitudes larger than 1 and a metric less stringent than secrecy rate is adopted to
do not flip their detected bit. The EFC’s equivocation after quantify security, such as BER. Interestingly, there is no
the two phases is then maximized since it cannot infer in prior work in this direction to our best knowledge, which
which phase the bit flipping is performed. Of course, a makes it a fruitful area for further research.
bandwidth penalty is incurred due to the use of two channel
uses to send one bit, but this scheme preserves the advan- D. Secure Space-Time Coding
tages of CAE such as low complexity and coarse CSI Space-time block codes (STBCs) gained prominence in
requirements. the 1990s as multiantenna transmission schemes that
could offer spatial diversity together with low encoding/
B. Optimized ON–OFF Switching decoding complexity, without the need for CSIT [83]. The
A downlink analog to the censoring strategy for sensors most famous example of a STBC is the Alamouti code,
would be an on–off switching strategy, where a threshold which is a rate-1 full diversity scheme for the case of two
is used by the controller to determine whether to transmit transmit antennas. The fact that STBCs were designed to
to a particular receiver at a given time instance. Nguyen operate without CSIT and have low complexity raises the
and Shin presented an on–off strategy [65] for scenarios question if they can also be applied to secrecy scenarios.
with a~k ¼ 1 in (3), i.e., a downlink with orthogonal The limited work in this area includes [84]–[86], for
resource allocation based on OFDMA or time-division MIMO scenarios with multiple transmit and receive
multiple access. The scheme requires knowledge of the antennas. Fakoorian et al. [84] proposed a rate-one secure
legitimate SINRs and legitimate channel vector h ~ j , as well STBC that allows for separable, low complexity (symbol-
as the eavesdropper SINR and the statistical distribution of wise) decoding at the intended receiver but not at the EFC
eavesdropper channel matrix ~Ge;k . The optimal on–off (which must perform ML detection). This is achieved by
switching that maximizes the average secrecy rate is then ensuring that the effective STBC precoding matrix over
given by [65, eq. 9] two time slots has orthogonal columns when seen at the
intended receiver, however, this scheme assumes com-
plete CSIT of the main channel.
1; ~ j k2
if kh A transmit antenna selection scheme combined with
? ¼ (7)
0; otherwise Alamouti coding was presented in [85] with reduced
legitimate CSIT requirements: only the indices of the two
strongest antennas and the average SINR of the main
where the transmit signal when active is beamformed in channel. The decoding performance of the intended re-
the direction of h ~ j , such that tj;k ¼ pffiffiffiffiffiffi
Pc;j h ~ H x~j and x~j is the
j ceiver and the EFC will be different, since with high pro-
unit-power confidential information symbol intended for bability the two strongest transmit antennas on the main
actuator j. The switching threshold is a function of the channel will not be the two strongest antennas to the EFC.
eavesdropper SINR and the number of antennas mk and re , However, unlike [84] which used BER to characterize EFC
and needs to be computed once. However, the transmit performance, the average SINR to the EFC is also assumed
beamformer must be recomputed every time the legitimate to be known at the transmitter so as to achieve a nonzero
channel changes, which incurs additional complexity. A secrecy rate.
solution to further reduce complexity would be to compute Finally, Ferdinand et al. [86] analyzed an orthogonal
the transmit beamformer based on the spatial correlation STBC on spatially correlated MIMO channels, with the
matrix of h~ j , which can be estimated over time and would
assumption that no instantaneous CSIT of the main or EFC
not require beamformer recomputations. channels is available. A general, closed-form expression for
the secrecy outage probability was derived, and it was
C. Noncoherent Communication observed numerically that increasing antenna correlation
Noncoherent communication in the classical sense raised the secrecy outage probability. In summary, while
refers to the instantaneous CSI not being known to either secure STBC schemes have several merits, the lack of
the transmitter or the receiver in a point-to-point link designs for single-antenna receivers and the enhanced
Vol. 103, No. 10, October 2015 | Proceedings of the IEEE 1757
Mukherjee: Physical-Layer Security in the Internet of Things
CSIT requirements compared to classical STBCs make led to different results. As a simple example, for a large
them less appealing for IoT applications. number of users, the classical capacity/user/channel use
tends toward zero, even though the total amount of trans-
mitted information can be arbitrarily large. In the explo-
VI . CONCLUDING REMARKS ratory work of [91] and [92], initial results such as the
Thus far we have reviewed several security techniques for array of achievable message lengths that can be reliably
distributed detection and communication scenarios in an decoded in the large-user regime (as opposed to channel
IoT context. Most of these techniques, particularly those in coding rate) have been presented. Extending these ideas to
Section V, were generally developed for sophisticated secret message lengths in the many-user regime would be a
devices in networks of limited scale. Clearly this would no worthwhile first step toward a sound theory of physical-
longer be true in a dense IoT deployment for the various layer security in large MTC networks.
reasons discussed until now. The ad hoc way in which
energy and complexity constraints are usually factored into B. New Applications
security studies at present also invites further scrutiny. In The application of physical-layer security to a system
this concluding section, we offer our views on how to with multiple practical constraints, such as the IoT, is seen
progress toward a more general understanding of physical- to be a challenge. The IoT will employ a wide array of
layer security aspects, followed by a discussion of potential conventional RATs and new access methods to achieve
new research topics. connectivity. Nontraditional communication channels can
have very different propagation characteristics as opposed
A. Need for a New Framework to the canonical Rayleigh and Rician multipath channel
At a fundamental level, we perceive a need for a models for broadband microwave systems. A step in this
theoretically well-founded and holistic approach for direction was taken in [93], which studied the physical-
incorporating complexity and energy constraints into layer security of RFID systems and proposed an AN-based
physical-layer security designs. For example, there is no security scheme for such backscatter communication
universal, commonly understood metric that precisely systems. Nonetheless, low-complexity secrecy schemes
characterizes the computational complexity of a chosen tailored for VLC [94], acoustic, and molecular communi-
encoding and decoding scheme. Most analyses resort to cation channels remain largely open problems, as well as
counting floating point operations required at the trans- studies on how to jointly manage and allocate resources
mitter for one channel use, but that does not provide a securely among such multi-RAT systems.
meaningful measure of complexity since processing capa- Moving from a link layer to a network perspective, the
bilities and clock rates are not taken into account. In [87], application of stochastic geometry to study security in
measures of the complexity of decoding were analyzed by large-scale communication networks has been remarked
considering the number of logic elements and clock cycles upon in Section III-C. The typical approach is to assume
needed to decode one codeblock, but it is unclear how to that legitimate users, eavesdropping nodes, and possibly in-
apply these measures to general communication systems. terfering transmitters are all spatially distributed according
Regarding energy constraints in communication security, to independent 2-D point processes. Interestingly, a similar
these are commonly incorporated using a secure bit-per- analysis of security in distributed detection systems has yet
Joule formulation (secure communication rate normalized to be performed. A basic analytical model in this case would
by the energy consumption) [88]. The energy–secrecy be a sensor network with locations drawn from an isotropic
tradeoff has been explored partially for single-user net- 2-D point process, a single LFC and EFC, Gaussian-noise
works [89], [90], but multiuser networks remain largely channel links with only path loss, and the metric of interest
unexplored in this context. being one of those described in Section III.
Additionally, the realization that the IoT is inherently a Finally, relaxing the hierarchical communication con-
massive network of MTC devices should spur new, funda- straint assumed in this work opens the door for a much
mental definitions of secrecy metrics for point-to-multi- richer set of security case studies that include D2D and
point systems with a very large number of downlink ad hoc communication models. For example, the interplay
receivers. The same need arises for a multipoint-to-point between distributed in-network signal processing algorithms
system with a very large number of uplink transmitters. such as gossiping [95] and information security is a fertile
The information-theoretic concepts of [91] and [92] can be avenue for further study. Gossip algorithms feature repeated
a starting point in this direction. In their work, a new localized message exchanges between neighboring sensor
paradigm in multiuser information theory models is con- nodes in order to arrive at a global consensus regarding a
sidered where the number of users can grow arbitrarily parameter of interest, potentially without the assistance of a
large together with the coding blocklength, which is re- fusion center. The additional consideration of secrecy is
ferred to as the many-user regime. This is distinct from expected to impact both the structure of messages
prior work where the number of users was taken to infinity exchanged in the network, as well as the decision fusion
after the blocklength was taken to infinity, and generally rules used to reach a consensus. h
1758 Proceedings of the IEEE | Vol. 103, No. 10, October 2015
Mukherjee: Physical-Layer Security in the Internet of Things
REFERENCES [18] A. D. Wyner, ‘‘The wire-tap channel,’’ IEEE Commun. Mag., vol. 40, no. 8,
Bell Syst. Tech. J., vol. 54, pp. 1355–1387, pp. 102–114, Aug. 2002.
[1] Ericsson, ‘‘Ericsson mobility report 1975.
on the pulse of the networked society,’’ [34] D. Estrin, L. Girod, G. Pottie, and
Jun. 2015. [Online]. Available: www. [19] S. L. Y. Cheong and M. E. Hellman, ‘‘The M. Srivastava, ‘‘Instrumenting the world
ericsson.com. Gaussian wire-tap channel,’’ IEEE Trans. with wireless sensor networks,’’ in Proc.
Inf. Theory, vol. IT-24, no. 4, pp. 451–456, IEEE Int. Conf. Acoust. Speech Signal
[2] I. Stojmenovic, ‘‘Machine-to-machine Jul. 1978. Process., Salt Lake City, UT, USA,
communications with in-network data May 2001, pp. 2033–2036.
aggregation, processing and actuation for [20] J.-M. Liang, J.-J. Chen, H.-H. Cheng, and
large scale cyber-physical systems,’’ IEEE Y.-C. Tseng, ‘‘An energy-efficient sleep [35] B. Kailkhura, V. S. S. Nadendla, and
Internet Things J., vol. 1, no. 2, pp. 122–128, scheduling with QoS consideration in P. K. Varshney, ‘‘Distributed inference
Apr. 2014. 3GPP LTE-Advanced networks for Internet in the presence of eavesdroppers: A survey.’’
of Things,’’ IEEE J. Emerg. Sel. Top. [Online]. Available: http://arxiv.org/abs/
[3] R. Lu, X. Li, X. Liang, X. Shen, and Circuits Syst., vol. 3, no. 1, pp. 13–22, 1502.05448 .
X. Lin, ‘‘GRS: The green, reliability, Mar. 2013.
security of emerging machine to machine [36] S. Marano, V. Matta, and P. K. Willett,
communications,’’ IEEE Commun. Mag., [21] Ericsson, ‘‘LTE release 13,’’ White Paper, ‘‘Distributed detection with censoring
vol. 49, no. 4, pp. 28–35, Apr. 2011. Apr. 2015. [Online]. Available: www.ericsson. sensors under physical layer secrecy,’’
com/res/docs/whitepapers/150417-wp-lte- IEEE Trans. Signal Process., vol. 57, no. 5,
[4] M. Weyrich, J.-P. Schmidt, and C. Ebert, release-13.pdf. pp. 1976–1986, May 2009.
‘‘Machine-to-machine communication,’’
IEEE Software, vol. 31, no. 4, pp. 19–23, [22] D. Dardari, A. Conti, C. Buratti, and [37] D. Kundur, W. Luh, U. N. Okorafor, and
Jul./Aug. 2014. R. Verdone, ‘‘Mathematical evaluation T. Zourntos, ‘‘Security and privacy for
of environmental monitoring estimation distributed multimedia sensor networks,’’
[5] A. Manzalini, R. Minerva, and C. Moiso, error through energy-efficient wireless Proc. IEEE, vol. 96, no. 1, pp. 112–130,
‘‘Towards resource-aware network of sensor networks,’’ IEEE Trans. Mobile Jan. 2008.
networks,’’ in Proc. 5th IEEE Int. Symp. Comput., vol. 6, no. 7, pp. 790–802,
Wireless Perv. Comput., May 2010, [38] H. Jeon, D. Hwang, J. Choi, H. Lee, and
Jul. 2007. J. Ha, ‘‘Secure type-based multiple access,’’
pp. 221–225.
[23] K. Piotrowski, P. Langendoerfer, and IEEE Trans. Inf. Forensics Security, vol. 6,
[6] S. Talwar et al., ‘‘Enabling technologies S. Peter, ‘‘How public key cryptography no. 3, pp. 763–774, Sep. 2011.
and architectures for 5G wireless,’’ in Proc. influences wireless sensor node lifetime,’’
IEEE Int. Microw. Symp., Tampa, FL, USA, [39] H. Jeon, J. Choi, S. McLaughlin, and
in Proc. 4th ACM Workshop Security Ad Hoc J. Ha, ‘‘Channel aware encryption
Jun. 2014, DOI: 10.1109/MWSYM.2014. Sensor Netw., Alexandria, VA, USA, 2006,
6848639. and decision fusion for wireless sensor
pp. 169–176. networks,’’ IEEE Trans. Inf. Forensics
[7] Huawei, ‘‘5G: A technology vision,’’ 2013. [24] J. Liu, N. Kato, J. Ma, and N. Kadowaki, Security, vol. 8, no. 4, pp. 619–625,
[Online]. Available: http://www.huawei.com/ ‘‘Device-to-device communication in Apr. 2013.
5gwhitepaper/. LTE-Advanced networks: A survey,’’ IEEE [40] J. Choi, J. Ha, and H. Jeon, ‘‘Physical layer
[8] S. Wu, H. Wang, and C.-H. Youn, ‘‘Visible Commun. Survey Tuts., , 2014, DOI: 10.1109/ security for wireless sensor networks,’’ in
light communications for 5G wireless COMST.2014.2375934. Proc. IEEE Int. Symp. Pers. Indoor Mobile
networking systems: From fixed to mobile [25] D. Zhu, A. L. Swindlehurst, A. Fakoorian, Radio Commun., 2013, DOI: 10.1109/PIMRC.
communications,’’ IEEE Network, vol. 28, W. Xu, and C. Zhao, ‘‘Device-to-device 2013.6666094.
no. 6, pp. 41–45, Nov./Dec. 2014. communications: The physical layer security [41] R. Soosahabi and M. Naraghi-Pour,
[9] B. Zhang et al., ‘‘PriWhisper: Enabling advantage,’’ in Proc. IEEE Int. Conf. Acoust. ‘‘Scalable PHY-layer security for distributed
keyless secure acoustic communication for Speech Signal Process., Florence, Italy, detection in wireless sensor networks,’’ IEEE
smartphones,’’ IEEE Internet Things J., vol. 1, May 2014, DOI: 10.1109/ICASSP.2014. Trans. Inf. Forensics Security, vol. 7, no. 4,
no. 1, pp. 33–45, Feb. 2014. 6853869. pp. 1118–1126, Aug. 2012.
[10] T. Nakano et al., ‘‘Externally controllable [26] J. Yue, C. Ma, H. Yu, and W. Zhou, [42] R. Soosahabi, M. Naraghi-Pour, D. Perkins,
molecular communication,’’ IEEE J. Sel. Areas ‘‘Secrecy-based access control for and M. Bayoumi, ‘‘Optimal probabilistic
Commun., vol. 32, no. 12, pp. 2417–2431, device-to-device communication encryption for secure detection in wireless
Dec. 2014. underlaying cellular networks,’’ IEEE sensor networks,’’ IEEE Trans. Inf. Forensics
[11] L. Zhou and H. Chao, ‘‘Multimedia traffic Commun. Lett., vol. 17, no. 11, pp. 2068–2071, Security, vol. 9, no. 3, pp. 375–385,
security architecture for the Internet of Nov. 2013. Mar. 2014.
Things,’’ IEEE Network, vol. 25, no. 3, [27] H. Zhang, T. Wang, L. Song, and [43] T. C. Aysal and K. E. Barner, ‘‘Sensor
pp. 35–40, May 2011. Z. Han, ‘‘Radio resource allocation for data cryptography in wireless sensor
[12] J. Granjal, E. Monteiro, and J. S. Silva, physical-layer security in D2D underlay networks,’’ IEEE Trans. Inf. Forensics
‘‘Security for the Internet of Things: communications,’’ in Proc. IEEE Int. Security, vol. 3, no. 2, pp. 273–289,
A survey of existing protocols and open Conf. Commun., Sydney, Australia, 2014, Jun. 2008.
research issues,’’ IEEE Commun. Survey pp. 2319–2324.
[44] Z. Li, T. Oechtering, and K. Kittichokechai,
Tuts., vol. 17, no. 3, pp. 1294–1312, [28] C. Ma et al., ‘‘Interference exploitation ‘‘Parallel distributed Bayesian detection
3rd Quart., 2015. in D2D-enabled cellular networks: with privacy constraints,’’ in Proc. IEEE
[13] C. E. Shannon, ‘‘Communication theory A secrecy perspective,’’ IEEE Trans. Int. Conf. Commun., Sydney, Australia,
of secrecy systems,’’ Bell Syst. Tech. J., Commun., vol. 63, no. 1, pp. 229–242, Jun. 2014, pp. 2178–2183.
vol. 28, pp. 656–715, 1949. Jan. 2015.
[45] Z. Li, T. Oechtering, and J. Jalden, ‘‘Parallel
[14] W. Diffie and M. E. Hellman, ‘‘New [29] U. Maurer, ‘‘Secret key agreement by public distributed Neyman-Pearson detection
directions in cryptography,’’ IEEE Trans. discussion from common information,’’ with privacy constraints,’’ in Proc. IEEE
Inf. Theory, vol. IT-22, no. 6, pp. 644–654, IEEE Trans. Inf. Theory, vol. 39, no. 3, Int. Conf. Commun., Sydney, Australia,
Nov. 1976. pp. 733–742, May 1993. Jun. 2014, pp. 765–770.
[15] A. F. Skarmeta, J. L. Hernandez-Ramos, and [30] R. Ahlswede and I. Csiszár, ‘‘Common [46] V. S. S. Nadendla, H. Chen, and
M. V. Moreno, ‘‘A decentralized approach randomness in information theory and P. K. Varshney, ‘‘Secure distributed
for security and privacy challenges in cryptographyVPart I: Secret sharing,’’ detection in the presence of
the Internet of Things,’’ in Proc. IEEE IEEE Trans. Inf. Theory, vol. 39, no. 4, eavesdroppers,’’ in Proc. 44th Asilomar
World Forum Internet Things, Mar. 2014, pp. 1121–1132, Jul. 1993. Conf. Signals Syst. Comput., Nov. 2010,
pp. 67–72. [31] L. Lai, Y. Liang, and H. V. Poor, ‘‘A pp. 1437–1441.
[16] K. Zhang, X. Liang, R. Lu, and X. Shen, unified framework for key agreement [47] V. S. S. Nadendla and P. K. Varshney,
‘‘Sybil attacks and their defenses in over wireless fading channels,’’ IEEE ‘‘Design of binary quantizers for distributed
the Internet of Things,’’ IEEE Internet Trans. Inf. Forensics Security, vol. 7, no. 2, detection under secrecy constraints,’’ 2014.
Things J., vol. 1, no. 5, pp. 372–383, pp. 480–490, Apr. 2012. [Online]. Available: http://arxiv.org/abs/
Oct. 2014. [32] Y. Shen and M. Z. Win, ‘‘Intrinsic information 1410.8100v1.
[17] M. Abomhara and G. M. Koien, ‘‘Security of wideband channels,’’ IEEE J. Sel. Areas [48] R. Dautov and G. R. Tsouri, ‘‘Securing while
and privacy in the Internet of Things: Current Commun., vol. 31, no. 9, pp. 1875–1888, sampling in wireless body area networks
status and open issues,’’ in Proc. IEEE Int. Sep. 2013. with application to electrocardiography,’’
Conf. Privacy Security Mobile Syst., May 2014, [33] I. F. Akyildiz, W. Su, Y. Sankarasubramaniam, IEEE J. Biomed. Health Inf., 2014,
DOI: 10.1109/PRISMS.2014.6970594. and E. Cayirci, ‘‘A survey on sensor networks,’’ DOI: 10.1109/JBHI.2014.2366125.
Vol. 103, No. 10, October 2015 | Proceedings of the IEEE 1759
Mukherjee: Physical-Layer Security in the Internet of Things
[49] J. E. Barceló-Lladó, A. Morell, and Security, vol. 7, no. 2, pp. 704–716, [80] M. Bloch and J. Barros, Physical-Layer
G. Seco-Granados, ‘‘Amplify-and-forward Apr. 2012. Security: From Information Theory to Security
compressed sensing as a physical-layer [65] T. V. Nguyen and H. Shin, ‘‘Power Engineering. Cambridge, U.K.: Cambridge
secrecy solution in wireless sensor allocation and achievable secrecy Univ. Press, 2011.
networks,’’ IEEE Trans. Inf. Forensics rates in MISOME wiretap channels,’’ [81] X. Zhou, L. Song, and Y. Zhang, Eds.,
Security, vol. 9, no. 5, pp. 839–850, IEEE Commun. Lett., vol. 15, no. 11, Physical Layer Security in Wireless
Apr. 2014. pp. 1196–1198, Nov. 2011. Communications. Boca Raton, FL,
[50] D. Donoho, ‘‘Compressed sensing,’’ [66] A. Mukherjee and A. L. Swindlehurst, USA: CRC Press, 2013.
IEEE Trans. Inf. Theory, vol. 52, no. 4, ‘‘Robust beamforming for secrecy in [82] A. Agrawal, Z. Rezki, A. Khisti, and
pp. 1289–1306, Apr. 2006. MIMO wiretap channels with imperfect M.-S. Alouini, ‘‘Noncoherent capacity of
[51] M. Anand, Z. Ives, and I. Lee, CSI,’’ IEEE Trans. Signal Process., vol. 59, secret-key agreement with public discussion,’’
‘‘Quantifying eavesdropping vulnerability no. 1, pp. 351–361, Jan. 2011. IEEE Trans. Inf. Forensics Security, vol. 6,
in sensor networks,’’ in Proc. 2nd Int. [67] R. Liu, T. Liu, H. V. Poor, and S. Shamai, no. 3, pp. 565–574, Sep. 2011.
Workshop Data Manage. Sensor Netw., ‘‘Multiple-input multiple-output Gaussian [83] V. Tarokh, N. Seshadri, and A. R. Calderbank,
Aug. 2005, pp. 3–9. broadcast channels with confidential ‘‘Space-time codes for high data rate
[52] A. Araujo, J. Blesa, E. Romero, and messages,’’ IEEE Trans. Inf. Theory, vol. 56, wireless communication: Performance
O. Nieto-Taladriz, ‘‘Artificial noise no. 9, pp. 4215–4227, Sep. 2010. criterion and code construction,’’
scheme to ensure secure communications [68] V. R. Cadambe and S. A. Jafar, ‘‘Interference IEEE Trans. Inf. Theory, vol. 44, no. 2,
in CWSN,’’ in Proc. 8th Int. Wireless alignment on the degrees of freedom of the K pp. 744–765, Mar. 1998.
Commun. Mobile Comput. Conf., Aug. 2012, user interference channel,’’ IEEE Trans. Inf. [84] A. Fakoorian, H. Jafarkhani, and
pp. 1023–1027. Theory, vol. 54, no. 8, pp. 3425–3441, A. L. Swindlehurst, ‘‘Secure space-time
[53] V. M. Rohokale, N. R. Prasad, and Aug. 2008. block coding via artificial noise alignment,’’
R. Prasad, ‘‘Cooperative jamming for [69] R. Bassily and S. Ulukus, ‘‘Ergodic in Proc. 45th Asilomar Conf. Signals Syst.
physical layer security in wireless sensor secret alignment,’’ IEEE Trans. Inf. Comput., Pacific Grove, CA, USA, Nov. 2011,
networks,’’ in Proc. IEEE Int. Symp. Wireless Theory, vol. 58, no. 3, pp. 1594–1611, pp. 651–655.
Pers. Multimedia Commun., Taipei, Taiwan, Mar. 2012. [85] S. Yan, N. Yang, R. Malaney, and
Sep. 2012, pp. 458–462. J. Yuan, ‘‘Transmit antenna selection
[70] A. Mukherjee and A. L. Swindlehurst,
[54] B. Kailkhura, T. Wimalajeewa, and ‘‘Utility of beamforming strategies with Alamouti coding and power allocation
P. K. Varshney, ‘‘On physical layer secrecy for secrecy in multiuser MIMO wiretap in MIMO wiretap channels,’’ IEEE
of collaborative compressive detection,’’ in channels,’’ in Proc. 47th Annu. Allerton Trans. Wireless Commun., vol. 13, no. 3,
Proc. 48th Asilomar Conf. Signals Syst. Comput., Conf. Commun. Control Comput., pp. 1656–1667, Mar. 2014.
Nov. 2014, pp. 51–55. Oct. 2009, pp. 1134–1141. [86] N. S. Ferdinand, D. Benevides da Costa, and
[55] B. Kailkhura, S. Liu, T. Wimalajeewa, and [71] X. Zhou, R. Ganti, J. Andrews, and M. Latva-aho, ‘‘Physical layer security in
P. K. Varshney, ‘‘Measurement matrix design A. Hjørungnes, ‘‘On the throughput MIMO OSTBC line-of-sight wiretap channels
for compressive detection with secrecy cost of physical layer security in decentralized with arbitrary transmit/receive antenna
guarantees,’’ 2015. [Online]. Available: wireless networks,’’ IEEE Trans. Wireless correlation,’’ IEEE Wireless Commun. Lett.,
http://arxiv.org/abs/1506.00238. Commun., vol. 10, no. 8, pp. 2764–2775, vol. 2, no. 5, pp. 467–470, Oct. 2013.
[56] F. Li and P. Xiong, ‘‘Practical secure Aug. 2011. [87] J. E. Savage, ‘‘The complexity of
communication for integrating wireless [72] H. Wang, X. Zhou, and M. C. Reed, decodersVPart II: Computational
sensor networks into the Internet of ‘‘Physical layer security in cellular work and decoding time,’’ IEEE Trans.
Things,’’ IEEE Sensors J., vol. 13, no. 10, networks: A stochastic geometry Inf. Theory, vol. 17, no. 1, pp. 77–85,
pp. 3677–3683, Oct. 2013. approach,’’ IEEE Trans. Wireless Commun., Jan. 1971.
[57] P. K. Gopala, L. Lai, and H. El-Gamal, vol. 12, no. 6, pp. 2776–2787, Jun. 2013. [88] D. Ng, E. S. Lo, and R. Schober,
‘‘On the secrecy capacity of fading channels,’’ [73] P. Pinto, J. Barros, and M. Z. Win, ‘‘Energy-efficient resource allocation
IEEE Trans. Inf. Theory, vol. 54, no. 10, ‘‘Secure communication in stochastic for secure OFDMA systems,’’ IEEE Trans.
pp. 4687–4698, Oct. 2008. wireless networksVPart I: Connectivity,’’ Veh. Technol., vol. 61, no. 6, pp. 2572–2584,
[58] A. Sheikholeslami, D. Goeckel, and IEEE Trans. Inf. Forensics Security, Jul. 2012.
H. Pishro-Nik, ‘‘Everlasting secrecy vol. 7, no. 1, pp. 125–138, Feb. 2012. [89] M. C. Gursoy, ‘‘Secure communication
by exploiting non-idealities of the [74] P. Pinto, J. Barros, and M. Z. Win, in the low-SNR regime,’’ IEEE Trans.
eavesdropper’s receiver,’’ IEEE J. Sel. Areas ‘‘Secure communication in stochastic Commun., vol. 60, no. 4, pp. 1114–1123,
Commun., vol. 31, no. 9, pp. 1828–1839, wireless networksVPart II: Maximum Apr. 2012.
Sep. 2013. rate and collusion,’’ IEEE Trans. [90] C. Comaniciu and H. V. Poor, ‘‘On
[59] A. Khisti and G. W. Wornell, ‘‘Secure Inf. Forensics Security, vol. 7, no. 1, energy-secrecy tradeoffs for Gaussian
transmission with multiple antennas I: pp. 139–147, Feb. 2012. wire-tap channels,’’ IEEE Trans.
The MISOME wiretap channel,’’ IEEE Trans. [75] M. Z. Win, A. Rabbachin, J. Lee, and Inf. Forensics Security, vol. 8, no. 2,
Inf. Theory, vol. 56, no. 7, pp. 3088–3104, A. Conti, ‘‘Cognitive network secrecy pp. 314–323, Feb. 2013.
Jul. 2010. with interference engineering,’’ [91] T.-Y. Chen, X. Chen, and D. Guo,
[60] X. Li, M. Chen, and E. P. Ratazzi, IEEE Netw., vol. 28, no. 5, pp. 86–90, ‘‘Many-broadcast channels: Definition
‘‘Array-transmission based physical-layer Sep./Oct. 2014. and capacity in the degraded case,’’ in
security techniques for wireless sensor [76] P. Pinto and M. Z. Win, ‘‘Percolation and Proc. IEEE Int. Symp. Inf. Theory,
networks,’’ in Proc. IEEE Int. Conf. connectivity in the intrinsically secure 2014, pp. 2569–2573.
Mechatron. Autom., 2005, pp. 1618–1623. communications graph,’’ IEEE Trans. Inf. [92] X. Chen and D. Guo, ‘‘Gaussian many-access
[61] A. Khisti and G. W. Wornell, ‘‘Secure Theory, vol. 58, no. 3, pp. 1716–1730, channels with random transmitter activities,’’
transmission with multiple antennas II: Mar. 2012. in Proc. IEEE Int. Symp. Inf. Theory, 2014,
The MIMOME wiretap channel,’’ [77] A. Rabbachin, A. Conti, and M. Z. Win, pp. 3127–3131.
IEEE. Trans. Inf. Theory, vol. 56, no. 11, ‘‘Wireless network intrinsic secrecy,’’ [93] W. Saad, X. Zhou, Z. Han, and H. V. Poor,
pp. 5515–5532, Nov. 2010. IEEE/ACM Trans. Netw., vol. 23, no. 1, ‘‘On the physical layer security of backscatter
[62] Z. Li, R. Yates, and W. Trappe, pp. 56–69, Feb. 2015. wireless systems,’’ IEEE Trans. Wireless
‘‘Secret communication with a fading [78] J. Lee, A. Conti, A. Rabbachin, and Commun., vol. 13, no. 6, pp. 3442–3451,
eavesdropper channel,’’ in Proc. IEEE M. Z. Win, ‘‘Distributed network Jun. 2014.
Int. Symp. Inf. Theory, Nice, France, secrecy,’’ IEEE J. Sel. Areas Commun., [94] A. Mostafa and L. Lampe, ‘‘Physical-layer
Jul. 2007, pp. 1296–1300. vol. 31, no. 9, pp. 1889–1900, security for MISO visible light
[63] S. Goel and R. Negi, ‘‘Guaranteeing secrecy Sep. 2013. communication channels,’’ IEEE J. Sel.
using artificial noise,’’ IEEE Trans. Wireless [79] A. Mukherjee, S. A. A. Fakoorian, J. Huang, Areas Commun., vol. 33, no. 9, pp. 1806–1818,
Commun., vol. 7, no. 6, pp. 2180–2189, and A. L. Swindlehurst, ‘‘Principles of Sep. 2015.
Jun. 2008. physical-layer security in multiuser wireless [95] V. Saligrama, M. Alanyali, and O. Savas,
[64] S. Gerbracht, C. Scheunert, and networks: A survey,’’ IEEE Commun. ‘‘Distributed detection in sensor networks
E. A. Jorswieck, ‘‘Secrecy outage in Surv. Tuts., vol. 16, no. 3, pp. 1550–1573, with packet losses and finite capacity links,’’
MISO systems with partial channel 3rd Quart., 2014. IEEE Trans. Signal Process., vol. 54, no. 11,
information,’’ IEEE Trans. Inf. Forensics pp. 4118–4132, Nov. 2006.
1760 Proceedings of the IEEE | Vol. 103, No. 10, October 2015
Mukherjee: Physical-Layer Security in the Internet of Things
Vol. 103, No. 10, October 2015 | Proceedings of the IEEE 1761