Physical Layer Security: Detection of Active Eavesdropping Attacks by Support Vector Machines

This paper presents a framework for converting wireless signals into structured datasets, which can be fed into machine learning algorithms for the detection of active eavesdropping attacks at the physical layer. More specifically, a wireless communication system, which consists of K legal users, one access point (AP) and one active eavesdropper, is considered. To cope with the eavesdropper who breaks into the system during the uplink phase, we first build structured datasets based on several different features. We then apply support vector machine (SVM) classifiers and one-class SVM classifiers to those structured datasets for detecting the presence of eavesdropper. Regarding the data, we first process received signals at the AP and then define three different features (i.e., MEAN, RATIO and SUM) based on the post-processing signals. Noticeably, our three defined features are formulated such that they have relevant statistical properties. Enabling the AP to simulate the entire process of transmission, we form the so-called artificial training data (ATD) that is used for training SVM (or one-class SVM) models. While SVM is preferred in the case of having perfect channel state information (CSI) of all channels, one-class SVM is preferred in the case of having only the CSI of legal users. We also evaluate the accuracy of the trained models in relation to the choice of kernel functions, the choice of features, and the change of eavesdropper's power. Numerical results show that the accuracy is relatively sensitive to adjusting parameters. Under some settings, SVM classifiers (or even one-class SVM) can bring about the accuracy of over 90%.