Pilot Spoofing Attack by Multiple Eavesdroppers
In this paper, we investigate the design of a pilot spoofing attack (PSA) carried out by multiple single-antenna eavesdroppers (Eves) in a downlink time-division duplex (TDD) system, where a multiple antenna base station (BS) transmits confidential information to a single-antenna legitimate user (LU). During the uplink channel training phase, multiple Eves collaboratively impair the channel acquisition of the legitimate link, aiming at maximizing the wiretapping signal-to-noise ratio (SNR) in the subsequent downlink data transmission phase. Two different scenarios are investigated: (1) the BS is unaware of the PSA, and (2) the BS attempts to detect the presence of the PSA. For both scenarios, we formulate wiretapping SNR maximization problems. For the second scenario, we also investigate the probability of successful detection and constrain it to remain below a pre-designed threshold. The two resulting optimization problems can be unified into a more general non-convex optimization problem, and we propose an efficient algorithm based on the minorization-maximization (MM) method and the alternating direction method of multipliers (ADMM) to solve it. The proposed MM-ADMM algorithm is shown to converge to a stationary point of the general problem. In addition, we propose a semidefinite relaxation (SDR) method as a benchmark to evaluate the efficiency of the MM-ADMM algorithm. Numerical results show that the MM-ADMM algorithm achieves near-optimal performance and is computationally more efficient than the SDRbased method.
READ FULL TEXT