基于CIR波动幅相联合等效的物理层欺骗攻击  

作　　者：于洋 梁炜[1,2] 张嘉麟[1,2] 王琪 魏富友 YU Yang;LIANG Wei;ZHANG Jialin;WANG Qi;WEI Fuyou(State Key Laboratory of Robotics,Shenyang Institute of Automation,Chinese Academy of Sciences,Shenyang 110016,China;Key Laboratory of Networked Control Systems,Chinese Academy of Sciences,Shenyang 110016,China;University of Chinese Academy of Sciences,Beijing 100049,China)

机构地区：[1]中国科学院沈阳自动化研究所机器人学国家重点实验室,辽宁沈阳110016 [2]中国科学院网络化控制系统重点实验室,辽宁沈阳110016 [3]中国科学院大学,北京100049

出　　处：《信息与控制》2024年第6期750-760,773,共12页Information and Control

基　　金：国家重点研发计划(2021YFB3301000);辽宁省“兴辽英才计划”项目(XLYC1902110);辽宁省自然科学基金项目(2020JH2/10500002);中国科学院沈阳自动化研究所基础研究项目(2022JC1K08)

摘　　要：在介质开放的无线网络中,物理层安全是上层安全的有效补充。为有的放矢地研究防御机制,设计实时生效且不易检测的物理层欺骗攻击成为一项关键且具有挑战性的任务。本文提出一种基于信道脉冲响应(channel impulse response, CIR)波动幅值和相位联合等效的物理层欺骗攻击方法。首先,针对现有研究仅利用单一CIR幅值信息且细粒度波动特征模拟能力弱所导致的攻击易被检测问题,利用CIR幅值和相位信息对位置欺骗攻击进行建模,以提高攻击成功率;进一步,理论分析证明CIR构成的矩阵为病态矩阵,揭示了CIR的微小波动使得攻击者模拟的CIR与预期产生巨大偏差的根本原因;进而,针对由于幅值和相位差异性导致的联合解决矩阵病态时融合困难的问题,将CIR幅/相波动距离进行等效对齐,分析得到CIR相似度阈值,从而筛选最优攻击的CIR,避免微小波动导致的攻击偏差。在两种典型场景的数据集中,进行了大量实验,结果表明,相较于已有欺骗攻击,所提出的攻击策略在原本可能攻击失败的位置能够攻击成功,且针对幅相检测方法攻击成功率更高。In open wireless networks,physical layer security is a valuable addition to upper⁃layer securi⁃ty measures.Investigating targeted defense mechanisms involves the critical and challenging task of designing a physical layer spoofing attack that proves effective in real⁃time scenarios and elusive to detection.We present a spoofing attack method based on the joint equivalence of channel impulse response(CIR)fluctuation amplitude and phase.Moreover,to address the limitation of existing research,which relies only on single CIR amplitude information with limited simulation ability for fine⁃grained characteristics,we integrate both CIR amplitude and phase information to model posi⁃tion spoofing attacks,thereby improving the attack success rate.Additionally,theoretical analysis confirms that the matrix formed by CIR is ill⁃conditioned,elucidating the main factor responsible for significant deviations in the effectiveness of the attack caused by small fluctuations in CIR.Fur⁃thermore,to address the challenge of data fusion when the matrix is ill⁃conditioned due to differ⁃ences in amplitude and phase,the CIR amplitude/phase fluctuation distance is aligned equivalent⁃ly.Through analysis,a CIR similarity threshold is established to identify the optimal CIR for the attack,thereby mitigating attack biases resulting from minor fluctuations in the data.Numerous ex⁃periments have been performed using datasets from two typical scenarios.The results indicate that the proposed attack strategy can successfully launch attacks in locations where previous spoofing methods attack may have failed compared with the existing spoofing attacks.Additionally,the suc⁃cess rate of the attack against both amplitude and phase detection methods is higher.

关 键 词：物理层安全 信道脉冲响应 欺骗攻击 病态矩阵 

分 类 号：TN915.08[电子电信—通信与信息系统]