Model-Driven Learning-Based Physical Layer Authentication for Mobile Wi-Fi Devices

The rise of wireless technologies has made the Internet of Things (IoT) ubiquitous, but the broadcast nature of wireless communications exposes IoT to authentication risks. Physical layer authentication (PLA) offers a promising solution by leveraging unique characteristics of wireless channels. As a common approach in PLA, hypothesis testing yields a theoretically optimal Neyman-Pearson (NP) detector, but its reliance on channel statistics limits its practicality in real-world scenarios. In contrast, deep learning-based PLA approaches are practical but tend to be not optimal. To address these challenges, we proposed a learning-based PLA scheme driven by hypothesis testing and conducted extensive simulations and experimental evaluations using Wi-Fi. Specifically, we incorporated conditional statistical models into the hypothesis testing framework to derive a theoretically optimal NP detector. Building on this, we developed LiteNP-Net, a lightweight neural network driven by the NP detector. Simulation results demonstrated that LiteNP-Net could approach the performance of the NP detector even without prior knowledge of the channel statistics. To further assess its effectiveness in practical environments, we deployed an experimental testbed using Wi-Fi IoT development kits in various real-world scenarios. Experimental results demonstrated that the LiteNP-Net outperformed the conventional correlation-based method as well as state-of-the-art Siamese-based methods.

Digital Twin-Based Beamforming for Interference Mitigation in AF Relay MIMO Systems

Beamforming in multiple-input multiple-output (MIMO) systems should take interference mitigation into account. However, for beamform design, accurate channel state information (CSI) is needed, which is often difficult to obtain due to channel variability, feedback overhead, or hardware constraints. For example, amplify-and-forward (AF) relays passively forward signals without measurement, precluding full CSI acquisition to and from the relay. To address these issues, this paper introduces a novel prediction-assisted optimization (PAO) framework for beamform design in AF relay-assisted multiuser MIMO systems. The proposed solution in the AF relay aims at maximizing the signal-plus-interference-to-noise ratio (SINR). Unlike other methods, PAO relies solely on received power measurements, making it suitable for scenarios where CSI is unreliable or unavailable. PAO consists of two stages: a supervised-learning-based neural network (NN) that predicts the positions of transmitters using signal observations, and an optimization algorithm, guided by a digital twin (DT), that iteratively refines the beam direction of the relay in a simulated radio environment. As a key contribution, we validate the proposed framework using realistic measurements collected on a custom-built experimental millimeter wave (mmWave) platform, which enables training of the NN model under practical wireless conditions. The estimated information is then used to update the digital twin with knowledge of the surrounding environment, enabling online optimization. Numerical results show the trade-off between localization accuracy and beamforming performance and confirm that PAO maintains robustness even in the presence of localization errors while reducing the need for real-world measurements.

BRISC: A Dataset of Channel Measurements at 5 GHz With a Reflective Intelligent Surface

We introduce the broadband reconfigurable intelligent surface (RIS) channel (BRISC) dataset. The dataset comprises measurements of channel state information (CSI) collected at 5.53 GHz using a 256-element RIS with binary states. In the measurement campaign, the transmitter and receiver are two software defined radios (SDRs), phase-synchronized via an OctoClock, where the transmitter (receiver) is equipped with one (two) antenna(s). To manage complexity, the RIS elements are grouped into blocks of different sizes, where all elements within a block share the same state. CSIs have been captured for multiple a) transmitter positions (and fixed receiver location), b) pilot block sizes, and c) state configurations. Furthermore, we calibrated the parameters of state-of-the-art RIS channel models to fit the measured CSI. With approximately 10000 configurations explored per transmitting position, BRISC serves as a robust benchmark in communication applications. We also show here an example of its use for physical-layer authentication.

Lightweight Pilot Estimation on LEO Satellite Signals for Enhanced SOP Navigation

The computation of positioning, navigation and timing (PNT) via signal of opportunity (SOP), where signals originally transmitted for communication, such as 5G, Wi-Fi, or DVB-S, are exploited due to their ubiquity and spectral characteristics, is an emerging research field. However, relying on these signals presents challenges, including limited knowledge of the signal modulation and the need to identify recurring sequences for correlation. We offer a guide to implement a receiver capable of capturing broadband downlink Ku-band signals from low Earth orbit (LEO) satellites (e.g., Starlink and OneWeb) and estimating the recurring symbols for SOP measurements. The methodology integrates recent approaches in the literature, highlighting the most effective aspects while guiding the replication of experiments even under limitations on the front-end gain and bandwidth. Using the proposed model, we can identify recurring symbols transmitted by Starlink satellites, which are then used to collect Doppler shift measurements over a 600 s interval. A position, velocity, and time (PVT) solution is also computed via least squares (LS), which achieves a positioning error of approximately 268 m after a post-fit refinement.

Physical Layer-Based Device Fingerprinting for Wireless Security: From Theory to Practice

The identification of the devices from which a message is received is part of security mechanisms to ensure authentication in wireless communications. Conventional authentication approaches are cryptography-based, which, however, are usually computationally expensive and not adequate in the Internet of Things (IoT), where devices tend to be low-cost and with limited resources. This paper provides a comprehensive survey of physical layer-based device fingerprinting, which is an emerging device authentication for wireless security. In particular, this article focuses on hardware impairment-based identity authentication and channel features-based authentication. They are passive techniques that are readily applicable to legacy IoT devices. Their intrinsic hardware and channel features, algorithm design methodologies, application scenarios, and key research questions are extensively reviewed here. The remaining research challenges are discussed, and future work is suggested that can further enhance the physical layer-based device fingerprinting.

Physical Layer Authentication With Colored RIS in Visible Light Communications

We study a visible light communication (VLC) system that employs a colored reconfigurable intelligent surface (CRIS) based on dichroic mirrors that reflect light at tunable frequencies. A verifier can use the CRIS to authenticate transmissions by comparing received multicolor power profiles with expected patterns. Four CRIS configuration strategies are evaluated: a deterministic cyclic pattern, static random reflectance, dynamic random reflectance, and dynamic random permutation of fixed profiles. Randomized configurations, especially dynamic ones, achieve superior authentication, enabling a novel challenge-response physical-layer authentication scheme over CRIS.

Hybrid Channel- and Coding-Based Challenge-Response Physical-Layer Authentication

This letter proposes a new physical layer authentication mechanism operating at the physical layer of a communication system where the receiver has partial control of the channel conditions (e.g., using an intelligent reflecting surface). We aim to exploit both instantaneous channel state information (CSI) and a secret shared key for authentication. This is achieved by both transmitting an identifying key by wiretap coding (to conceal the key from the attacker) and checking that the instantaneous CSI corresponds to the channel configuration randomly selected by the receiver. We investigate the trade-off between the pilot signals used for CSI estimation and the coding rate (or key length) to improve the overall security of the authentication procedure.

Authentication by Location Tracking in Underwater Acoustic Networks

Physical layer message authentication in underwater acoustic networks (UWANs) leverages the characteristics of the underwater acoustic channel (UWAC) as a fingerprint of the transmitting device. However, as the device moves its UWAC changes, and the authentication mechanism must track such variations. In this paper, we propose a context-based authentication mechanism operating in two steps: first, we estimate the position of the underwater device, then we predict its future position based on the previously estimated ones. To check the authenticity of the transmission, we compare the estimated and the predicted position. The location is estimated using a convolutional neural network taking as input the sample covariance matrix of the estimated UWACs. The prediction uses either a Kalman filter or a recurrent neural network (RNN). The authentication check is performed on the squared error between the predicted and estimated positions. The solution based on the Kalman filter outperforms that built on the RNN when the device moves according to a correlated Gauss-Markov mobility model, which reproduces a typical underwater motion.

Challenge-Response to Authenticate Drone Communications: A Game Theoretic Approach

In this paper, we propose a novel strategy for physical layer authentications based on the challenge-response concept for a transmitting drone (Alice). In a preliminary training phase, Alice moves over several positions, and Bob (either a drone or a ground device) estimates the Alice-Bob channel gains. Then Alice transmits its message from different random positions (challenge) and Bob, upon receiving the messages, authenticates the sender via a log-likelihood test on the estimated channel gains (response). In turn, the intruder Trudy selects random positions on which she transmits messages on behalf of Alice to Bob. In this paper, we design the probability mass distribution of Alice's challenge positions and the Trudy response positions by modeling the problem as a zero-sum game between Bob and Trudy, where the payoff of Trudy is the missed detection probability. Moreover, we propose three different approaches that minimize the energy spent by Alice without sacrificing security, which differ in computational complexity and resulting energy consumption. Finally, we test the proposed technique via numerical simulations, which include a realistic model of both Alice-Bob and Trudy-Bob fading channels, affected by shadowing.

Performance Limits for Signals of Opportunity-Based Navigation

This paper investigates the potential of non-terrestrial and terrestrial signals of opportunity (SOOP) for navigation applications. Non-terrestrial SOOP analysis employs modified Cram\`er-Rao lower bound (MCRLB) to establish a relationship between SOOP characteristics and the accuracy of ranging information. This approach evaluates hybrid navigation module performance without direct signal simulation. The MCRLB is computed for ranging accuracy, considering factors like propagation delay, frequency offset, phase offset, and angle-of-arrival (AOA), across diverse non-terrestrial SOOP candidates. Additionally, Geometric Dilution of Precision (GDOP) and low earth orbit (LEO) SOOP availability are assessed. Validation involves comparing MCRLB predictions with actual ranging measurements obtained in a realistic simulated scenario. Furthermore, a qualitative evaluation examines terrestrial SOOP, considering signal availability, accuracy attainability, and infrastructure demands.