Pilot contamination attacks in massive MIMO systems

We consider a single-cell massive multiple-input multiple-output (MIMO) system in which a base station (BS) with a large number of antennas simultaneously transmits to K single-antenna users in the presence of an attacker. Massive MIMO systems often operate in a time division duplexing (TDD) fashion. The BS estimates the channel state information (CSI) at receivers based on their uplink pilot transmissions. Downlink transmission rates are highly dependent on these estimates, as the BS utilizes the CSI to exploit the beamforming gain offered by massive MIMO. However, this CSI estimation phase is vulnerable to malicious attacks. Specifically, an attacker can contaminate the uplink pilot sequences by generating identical pilot signals to those of legitimate users. We formulate a denial of service (DoS) attack in which the attacker aims to minimize the sum-rate of downlink transmissions by contaminating the uplink pilots. We also consider another attack model where the attacker generates jamming signals in both the CSI estimation and data transmission phases by exploiting in-band full-duplex techniques. We study these attacks under two power allocation strategies for downlink transmissions. Our analysis is conducted when the attacker knows or does not know the locations of the BS and users. When the attacker does not have perfect location information, stochastic optimization techniques are utilized to assess the impact of the attack. The formulated problems are solved using interior-point, Lagrangian minimization, and game-theoretic methods. We obtain a closed-form solution for a special case of the problem. Our results indicate that even though the attacker does not have the perfect location information, proposed pilot contamination attacks degrade the throughput of a massive MIMO system by more than 50%, and reduce fairness among users significantly. In addition, we show that increasing the number of pilot symbols does not prevent the proposed attacks, if the BS uniformly allocates powers for downlink transmissions.

[1]  C. Emre Koksal,et al.  Physical Layer Security in Massive MIMO , 2015, 1505.00396.

[2]  Jitendra K. Tugnait,et al.  Self-Contamination for Detection of Pilot Contamination Attack in Multiple Antenna Systems , 2015, IEEE Wireless Communications Letters.

[3]  Sachin Katti,et al.  Full duplex radios , 2013, SIGCOMM.

[4]  V. S. Abhayawardhana,et al.  Comparison of empirical propagation path loss models for fixed wireless access systems , 2005, 2005 IEEE 61st Vehicular Technology Conference.

[5]  Sachin Katti,et al.  Full Duplex MIMO Radios , 2014, NSDI.

[6]  Francisco Facchinei,et al.  Modern Optimization Modelling Techniques , 2012, Advanced courses in mathematics : CRM Barcelona.

[7]  Thomas L. Marzetta,et al.  Noncooperative Cellular Wireless with Unlimited Numbers of Base Station Antennas , 2010, IEEE Transactions on Wireless Communications.

[8]  Thomas L. Marzetta,et al.  Inter-Cell Interference in Noncooperative TDD Large Scale Antenna Systems , 2013, IEEE Journal on Selected Areas in Communications.

[9]  Derrick Wing Kwan Ng,et al.  Secure Massive MIMO transmission in the presence of an active eavesdropper , 2015, 2015 IEEE International Conference on Communications (ICC).

[10]  Xiangyun Zhou,et al.  Pilot Contamination for Active Eavesdropping , 2012, IEEE Transactions on Wireless Communications.

[11]  A.H. Sayed,et al.  Network-based wireless location: challenges faced in developing techniques for accurate wireless location information , 2005, IEEE Signal Processing Magazine.

[12]  Emil Björnson,et al.  Massive MIMO: ten myths and one critical question , 2015, IEEE Communications Magazine.

[13]  David Tse,et al.  Fundamentals of Wireless Communication , 2005 .

[14]  Erik G. Larsson,et al.  Massive MIMO for next generation wireless systems , 2013, IEEE Communications Magazine.

[15]  Geoffrey Ye Li,et al.  An Overview of Massive MIMO: Benefits and Challenges , 2014, IEEE Journal of Selected Topics in Signal Processing.

[16]  Fredrik Rusek,et al.  Physical layer security for massive MIMO: An overview on passive eavesdropping and active attacks , 2015, IEEE Communications Magazine.

[17]  Tarek F. Abdelzaher,et al.  Range-free localization and its impact on large scale sensor networks , 2005, TECS.