Impact of Heterogeneity and Secrecy on theCapacity of Wireless Sensor Networks

This paper investigates the achievable secrecy throughput of an inhomogeneous wireless sensor network. We consider the impact of topology heterogeneity and the secrecy constraint on the throughput. For the topology heterogeneity, by virtue of percolation theory, a set of connected highways and information pipelines is established; while for the secrecy constraint, the concept of secrecy zone is adopted to ensure secrecy transmission. The secrecy zone means there is no eavesdropper around the legitimate node. The results demonstrate that, if the eavesdropper’s intensity is λe=ologn-3δ-4δ-2, a per-node secrecy rate of Ω1n1-v(1-v)logn can be achieved on the highways, where δ is the exponent of heterogeneity, n and nv represent the number of nodes and clusters in the network, respectively. It is also shown that, with the density of the eavesdropper λe=olognΦ̲-2, the per-node secrecy rate of ΩΦ̲n can be obtained in the information pipelines, where Φ̲ denotes the minimum node density in the network.


Introduction
Wireless sensor networks are an emerging networking technology, which is widely used in environmental monitoring, emergency and rescue communication, military applications, etc. The unique feature of such networks is formed by the huge number of sensor nodes. Each node communicates over a wireless channel without any centralized control [1]. One of the problems in wireless sensor network is efficient data transmission and lifetime. The low-energy adaptive clustering hierarchy (LEACH) protocol presented by Heinzelman et al. [2] was a widely known and effective one to reduce and balance the total energy consumption. Later, Tan et al. [3] proposed an energy-efficient hybrid cluster-based protocol (HCEP) to prolong the lifetime of the network. To reduce the consumption of energy, Wu et al. [4] developed a structure fidelity data collection (SFDC) framework to reduce the number of active sensor nodes, which can not only save energy, but also reserve the data fidelity. Another problem is the throughput capacity, meaning how much traffic the wireless networks can carry. In their groundbreaking work, Gupta and Kumar [5] had shown that, for a static wireless networks consisting of n nodes randomly and uniformly distributed, each node can achieve a rate of order Ω 1 √ n log n . Given two functions f (n) and g(n): f (n) = o(g(n)) means lim n→∞ f (n)/g(n) = 0; f (n) = O(g(n)) means lim n→∞ f (n)/g(n) = c < ∞; if g(n) = O( f (n)), f (n) = Ω(g(n)) w.h.p.; if both f (n) = Ω(g(n)) and f (n) = O(g(n)), f (n) = Θ(g(n)); f (n) = Θ(g(n)) means f (n) = Θ(g(n)) when logarithmic terms are ignored. They also derived an upper bound on the capacity that scaled on the order O 1 √ n . This capacity gap was closed by Franceschetti et al. [6]. Inspired by percolation theory, they constructed a series of paths spanning the network both horizontally and vertically. Then, by exploiting the time division multiple access (TDMA) strategy, each node transmitted its information to the nearest horizontal highway. After that, the information was transported in a multi-hop manner toward the vertical paths, which was near the receiver. Finally, the information was sent to the receiver from the existing node on the vertical highway. Based on the "highways scheme", a rate of Θ 1 √ n was achieved for each node. Since then, capacity scaling has drawn considerable attention. Hu et al. [7] investigated the impact of geometry on the capacity of a wireless network. They constructed highways in a strip network, triangle network and three-dimensional network. Since the infrastructure was an effective way to ease hop-by-hop transmission, Liu et al. [8] allocated some infrastructure into the network and proved that the capacity could increase linearly with the number of infrastructures. Tan et al. [9] proposed a framework to maximize the total utility of bandwidth allocation for the three traffic types in infrastructure-based wireless networks. Multicast was often used in realistic networks; Li [10] derived the multicast capacity of large-scale wireless networks using a tree-based routing scheme. Later on, Alfano et al. [11,12] firstly investigated the capacity of topology inhomogeneous wireless networks. Liu et al. [13] constructed a "highway system" in inhomogeneous Poisson networks. Based on the highway system, the lower bound of capacity was obtained, and they found that the bottleneckof the rate was caused by the place of the lowest node density. After that, the scenario of traffic heterogeneity was studied. Kim et al. [14] proposed a differentiated channel access scheme to resolve the throughput fairness problem in heterogeneous wireless networks. Recently, Lu and Shen [15] gave a comprehensive overview of the development of capacity and delay in ad hoc networks. They also presented the fundamental tradeoffs between capacity and delay under a variety of mobility models.
However, due to the wireless channel being broadcast, it is easily attacked by eavesdroppers and malicious nodes. This motivates considering the secrecy constraint in capacity analysis. With some exceptions, the secrecy capacity under the protection of an RSApublic key cryptosystem was used in [16,17].
They got a pessimistic result that, for a network consisting of n legitimate nodes, a rate of Ω p f n log n was obtained, where p f was the probability that a node shared a primary secure association (SA) with any other node. To avoid the capacity degradation caused by p f decreasing, an information theoretic security was proposed, which was achieved by using the channel difference between legitimate nodes and eavesdroppers, which required the intended receiver to have a stronger channel than eavesdroppers. To degrade the signal of eavesdropper, Vasudevan et al. [18] used other nodes around the transmitters to generate artificial noise. They found that, when a per-node throughput of Ω 1 √ n log n was desired, the network can tolerate up to Ω ((log n) c ) independent eavesdroppers or a single eavesdropper with Ω (log log n) 1− antennas, where c and were constants. After that, Capar et al. [19] investigated the impact of network dimension on the secrecy capacity. They found that the per-node secure throughput was Ω 1 n in one-dimensional and Ω 1 √ n log n in two-dimensional networks, respectively. More recently, Zhang et al. [20] considered a homogeneous network with an independent eavesdropper and colluding eavesdroppers. Each node was installed with three antennas, where two of them were used for transmitting and receiving, and the other one was employed to generate artificial noise to degrade the signal of the eavesdropper. By constructing a set of highways in the networks, they derived that the secrecy capacity was Θ 1 √ n for the scenario of an independent and colluding eavesdropper. Later on, Cao et al. [21] investigated the tradeoff between secrecy capacity and delay in large-scale mobile ad hoc networks. They found that, for a given delay constraint D, the optimal secrecy throughput capacity was Θ D n 2 3 . In addition to the method of generating artificial noise to suppress the eavesdroppers' receiving signal, an alternative idea of the secrecy zone was proposed in [22,23], which required neither the channel state information of eavesdroppers, nor extra power to generate artificial noise. Under the protection of the secrecy zone, Koyluoglu et al. [22] obtained that, as long as the density of the eavesdropper was o 1 (log n) 2 , each node can achieve a secure rate of Ω 1 √ n . Besides the information security issue in wireless networks, privacy security is also concerned. To avoid disclosing the users' interest to others, Luan and Lu et al. [24] employed a privacy-preserving mechanism to protect sensitive user information during social communications. Although there existed many works on security issues, all of them focused on homogeneous networks. Therefore, a fundamental question arises: what is the impact of the capacity if both the security constraint and heterogeneity topology are taken into consideration?
In this paper, we focus on static cluster sparse networks. Our main purpose is solving the secrecy transmission in heterogeneity networks. The transmission is divided into intra-cluster and inter-cluster traffic. For the former transmission, we propose a heterogeneous percolation model. Based on the heterogeneous percolation, we construct a series of "paths" in the radial direction and around the cluster. The information is transported in a multi-hop manner on the paths. While for the latter traffic, some information pipelines have been built among clusters. On the basis of the "highway system" and information pipelines, we employ the secrecy zone to protect the transmission. This is different from the artificial noise generation fashion, where their strategy needs additional power to generate noise.
The main contributions can be concluded as follows: • We prove the existence of highways in heterogeneous networks. More importantly, it is shown that the networks still percolate in the secrecy constraint model, and many secrecy highway paths can be constructed.

•
We first exploit the secrecy zone to protect the transmission in heterogeneous networks. The relationship between the secrecy capacity and the tolerable density of the eavesdropper was established.

•
Due to the impact of heterogeneity, we observe that the secrecy throughput of intra-cluster transmission is higher than that in a homogeneous one, and the bottleneck of secrecy throughput is located at the area with the minimum node density.
The rest of this paper is organized as follows. In Section 2, we give the network model. We give the transmission model in Section 3. The construction of the circular percolation model is described in Section 4. Section 5 derives the secrecy throughput in intra-cluster transmission. In Section 6, we investigate the secrecy throughput of inter-cluster transmission. We present the conclusion of this paper in Section 7.

Network Model
We consider an extended network A = [0, √ n] × [0, √ n] with n legitimate nodes randomly distributed, where the distribution of legitimate nodes follows the shot noise Cox process (SNCP) [25]. The main process of SNCP is described as follows: M clusters scattered in A randomly. The expected value of M is E(M) = m. We denote the center of the clusters as C = {c j } M j=1 . For each c j , using the center point c j as a mother point, a point process centered by c j with an intensity of q j k(c j , ξ) at place ξ is generated. k(c j , ξ) is a function of density; q j is the number of nodes of cluster c j . Let each cluster consist of an equal number of legitimate nodes, i.e., q j = n/m. In addition, according to the distribution, the function of density F at place ξ can be expressed as: where k c j , ξ = k(||ξ − c j ||) is related to the distance between ξ and c j , and the sum A k c j , ξ dξ on the whole network is finite. For simplicity, we use function s(ρ) to substitute the density function k c j , ξ , where ρ = ||ξ − c j ||. To gain finite summation over the whole area, the function s(ρ) is stated as follows: In addition, let m scale as Θ(n v ); let δ be a degradation factor; and v ∈ (0, 1). Then, each cluster has a number of nodes Θ n 1−v , i.e., q j = Θ n 1−v for j = 1, 2, . . . , M, since A k(c j , ξ)dξ is finite.
According to the node's distribution, we can obtain the average distance between each cluster center d c as: From Equation (3), we know, when v < 1, d c → ∞ as n → ∞, and the clusters are distributed sparsely. In this work, we only consider the cluster-sparse network, where the s(ρ) is heterogeneous. Let Φ denote the largest density and Φ vice versa. Figure 1 is an example of this kind of network topology. Different from the legitimate nodes, the eavesdroppers are uniformly and independently distributed in the network with density λ e . Let ε denote the set of eavesdroppers. Since eavesdroppers can be easily detected if they are active, the eavesdroppers are assumed to keep silent. To get insight into the secrecy throughput, the eavesdroppers is also assumed to have a super ability for computing. This means that the traditional method cannot be used here. In addition, let the transmitters know the location of the eavesdropper. Although the assumption seems idealistic, it allows one to gain valuable insight into the problem.
To get the worst case of secrecy throughput, the interference caused by simultaneous transmission is assumed as noise, whereas the eavesdroppers do not have this assumption.

Transmission Model
For random chosen S-Dpairs, the transmitter i wants to send the information W i,j to a receiver j securely. During time slot t, let signals observed at eavesdropper e be Y e Y e (t), ∀t. In the multi-hop routing, each session in one hop has N channels. Let R be the achievable secrecy rate for the S-D pairs (i, j), if:

•
The error decoding the probability of the transmission information at the receiver can be treated arbitrarily low as N → ∞.

•
The leakage rate information associated with the transporting information over the whole path, i.e., , goes to arbitrarily small ∀e ∈ ε as N → ∞.
For almost all (i, j), if the message W i,j is transmitted within H hops, we only need to observe the channel of the eavesdropper when considering the security. Hence, the second condition can be satisfied if can be made arbitrarily small if the block length is sufficiently large, where Y e (h) denotes the output vector of length N at eavesdropper e ∈ ε during hop h.
We consider the Gaussian wiretap channel capacity [26]. Let SI NR ij be the signal-to-interference and noise ratio (SINR) from legitimate transmission node i to legitimate destination node j over a channel of unit bandwidth, which is given as: where l(i, j) = min{1, 1/d α ij } with α > 2 representing the path loss of the channel between node i and node j. P i is the power of transmitting node i. N 0 denotes the noise power at the receiving node j, and ζ represents the set of nodes that can transmit simultaneously with node i.
Similarly, the SI NR received at eavesdropper e is as follows: According to the secrecy throughput defined in [26,27], the secure rate of any legitimate node can be denoted as: where SI NR ie = max e∈ε SI NR ie . Due to the impact of heterogeneity, we use different powers for different nodes. The secrecy rate is defined as R s (n), which is also the maximum achievable secrecy capacity.

Circular Percolation
We first construct a percolation model for the heterogeneous topology. Since the legitimate nodes are distributed heterogeneously, the traffic is divided into two parts: intra-cluster traffic and inter-cluster traffic. For each part of the traffic, we resort to the tools of percolation theory to construct the routing scheme. For the intra-cluster traffic, we establish a circle percolation model, which is different from the previous percolation model; while for the inter-cluster case, we construct a series of information pipelines to link the clusters.
In our model, by virtue of percolation theory, we present a circular percolation model and construct a set of connected highways for legitimate nodes. Different from the the work in [6], the circular highways are from internal to external or encircling the cluster.

Lemma 1.
Assume ρ min is a minimum positive constant that separates the c j and other nodes. Then, each cluster can build a crossing path within ρ max for δ > 2.
Proof. Each cluster is tessellated into x × n/m x circular squares, where x is the number of sectors and n/m x is the number of annuli. Note that the arc of each sector is equal, i.e., 2π x . Due to the heterogeneous node distribution, the distance between every two annuli is not the same, as shown in Figure 2. Due to the impact of heterogeneity, the node density at different annulus areas varies. In order to guarantee that each square contains at least one node, the external annuli need to be wider than the inner ones. Correspondingly, we set the radius of the i-th annulus to be: Thus, according to the circular square tessellation above, we can conclude that each cell can be treated as a square when n → ∞.

Lemma 2.
According to the heterogeneous tessellation, we can get that the number of the parameter x is: Proof. From Lemma 1, we know that the radius of one cluster is: Combining Equation (3) and (8), we have: Finally, we obtain x = Θ Lemma 3. For a square s i on the i-th annulus, let X s i be the number of nodes distributed in s i ; then, we can get P(X s i ≥ 1) > P(X s j ≥ 1) for i < j.
Proof. According to percolation theory, a square s i is open if there exists at least one node located in s i , or closed otherwise. From the Appendix A in [12], the open probability of a square is: From Equation (10), we can observe that p i decreases as increasing values of i for δ > 2.
Since the probability p i decreases with i, we can calculate the critical value ρ max , within which the probability p i can satisfy the condition of p i > p c , where p c is the critical probability in percolation theory. Proof. From percolation theory, there is a critical probability p c , when p > p c , that there exists many disjoint paths traversing the network, which is going to be one. Thus, we can get the following equation by Lemma 3: where p o is the probability representing that the square s i is open, and p c < p o < 1. Following Equation (11), we can obtain that: where (12), we can achieve that Combining Lemma 4 and Equation (7), the critical value i max = Θ log(log n) δ−2 n 1−v log n is achieved. In particular, we can construct Θ log(log n) δ−2 n 1−v log n annuli within the radius ρ max . The percolation model for the intra-cluster traffic has been constructed. Each cluster is partitioned into c 1  [6], we can get that there are µ log ω(n) disjoint paths through an area of ω(n) × (κ log ω(n) − ). Hence, within area of less than ρ max , we can build Ω n 1−v (1−v) log n disjoint paths from the internal to external cluster and Ω log(log n) δ−2 n 1−v log n disjoint paths around each cluster. By the connection of these two paths, the highway system for the legitimate nodes is constructed. Although our model is a heterogeneous lattice, it can be treated similarly as a c 1

The Secrecy Rate of Intra-Cluster Traffic
In this section, as illustrated in Figure 3, we introduce a scheme that ensures the security over the whole path, from the source to a destination. The routing scheme of intra-cluster transmission can be partitioned into four separate phases.
Phase 1 (draining phase): Source node S drains packets to an access node on the radial highway directly. Note that the highway may not be fully contained in its corresponding sector, whereas it may deviate from it. However, according to percolation theory, a highway is never farther than κ log n/m x − from its corresponding sector.  Different nodes are allocated with different power, so that we can transform the heterogeneous circular lattice into a homogenous regular square lattice. In addition, the time division multiple access (TDMA) schedule is employed, and the information is transported hop by hop, then a constant rate on the highway is obtained. However, there are still some differences between our model and the previous one; for example, not all of the highways serve identical nodes, and the power of each node is not equal.

Lemma 5.
For a given square, to cancel the interference caused by simultaneous transmission, the power of legitimate nodes in square s i is: where P 0 is the unit power for a legitimate transmitter.
Proof. For a square s i , let I 1 be the interference from the outside square and I 2 for that from the inside square. If the distance between two nodes is d, which is not the Euclidean distance, but the number of d squares away, then we can get the interference from different directions as follows: We can also get that: Next, we exploit the idea of the secrecy zone to guarantee the secrecy of the communication over a single hop.
By Lemma 5, for a given square, the interference caused at d squares is equal. Thus, we can make the cluster network as a square network. As shown in Figure 4, we group several squares into a group with edge k t d squares. Each group contains (k t d) 2 squares. Using the TDMA to schedule the transmission, that is each square takes a turn on the transmission over (k t d) 2 slots, in each slot, a transmitter can send packets to a receiver located at most d squares away. In Figure 4, the larger square around a transmitting square is the secrecy zone, which consists of squares that are at most k e d squares away. We firstly establish an achievable secure rate on a single hop. Theorem 6. In each square, the secrecy rate that a legitimate source-destination pair can obtain is where c * is a constant and d is the transmission range.

Proof.
Assuming that transmitter i in square s i transmits toward destination j located in square s j at a distance of d squares away, we obtain the SI NR of the legitimate receiver as follows: where d ij is the distance between source node i and destination node j, and d ζ j is the distance between interferer ζ ∈ T and the receiver.
For the case of eavesdropper e ∈ ε, the upper bound SI NR at the eavesdropper is: where d ie is the distance between the transmitter and eavesdropper e, where the upper bound of SI NR e is obtained by getting rid of the interference at the eavesdropper. Note that the distance between the i and j is at most 2πr i x (d + 1), i.e., and: Let I(d) denote the upper bound of the interference caused by simultaneous transmitter nodes. Then, (22) notice that this sum will converge to a constant c * , if α > 2, and the proof is shown in Appendix A. Substitute Equations (20)- (22) in Equations (18) and (19); we obtain that: and: SI NR e ≤ SI NR e * P i k e d 2πr i x −α N 0 (24) Hence, SI NR ij > SI NR e for every eavesdropper e, if we choose k e such that: According to the Gaussian wiretap channel capacity [27], the secrecy rate R s (d) in each square is: where 1 (k t d) 2 is the time utilization factor. Now, similar to Lemma 2 in [22], we adopt the multi-hop randomization strategy, which guarantees the security over the entire path, from source to destination, at each eavesdropper listening to all transmissions. In [22], the authors assumed that each legitimate node used identical power for transmission, while we assign different powers for different nodes, as shown in Lemma 5. Despite the difference in the power, the proof goes along the same line as [22]. For conciseness, we omit details.

Lemma 7.
(Lemma 2 in [22]) If we can secure each hop from an eavesdropper, then we can ensure secure for all hops from any eavesdropper located on the edge of the secrecy zone.
In Section 4, we have described the circular percolation model and constructed highways without the constraint of security. If taking the secrecy constraint into consideration, a square is open if the square contains at least one legitimate node and there is no eavesdropper within the secrecy zone of the square. The following result gives the existence of a sufficient number of secure highways in intra-cluster transmission. Proof. For a given square, let q i be the probability of s i contained in a secrecy zone without eavesdroppers. According to a Poisson random distribution, the average number of eavesdroppers located in a secrecy zone is λ e (2k e d + 1) 2 2π x r i 2 , and q i can be denoted as: Note that the status of edges in squares is not statistically independent due to the intersection of the associated secrecy zone. If both secrecy zones did not cross, the states of two squares would be independent. This occurs when the squares are at a distance of at least 2k e d squares away. Thus, we can conclude that the dependent model is related to a finite dependence model, as k e and d are constants. According to Theorem 7.65 in [28], this dependent model stochastically dominates an independent model. Let p i be the probability that squares are independently open. If p i q i can be made arbitrarily high, p i will be close to one. Therefore, under the assumption of the finite dependence model and some desirable properties, we can prove that the network will still percolate with the same properties, since both p i and q i can be set sufficiently large.
Under the independent square model, by Theorem 5 in [6], with a square openness probability of p i , we can obtain that there are Θ Till now, we have established the existence of a sufficient number of secure highways using the circular percolation model. Since there are four phases for packet transmission, we will derive the secrecy rate in each phase to find the rate bottleneck.

Lemma 9.
If a cluster is divided into w sectors with an arc of 2π/w, then for each sector SR i , there are no more than 2n/m w legitimate nodes located.
Proof. Let |SR i | represent the number of legitimate nodes located in SR i and P w be the probability that there exists a sector containing more than 2n/m w nodes. For each sector, the number of nodes follows a Poisson distribution of 2n/m w . According to the Chernoff bound, when n → ∞, then: Therefore, we can get that there is no sector existing with more than 2n/m w nodes. Proof. According to Theorem 5 in [6], if we choose and κ appropriately, there exist at least Ω(log( n/m x )) radial highways within a sector of arc 2π From percolation theory, we know that each highway may not be fully contained in its corresponding sector, and it may deviate from it. However, it never deviate by an arc of 2π x [κ log( n/m x ) − ] from its corresponding sector, i.e., it will not be father than κ log n/m x − squares.
By Theorem 6, let d = κ log n/m x − ; we can get that the secrecy rate between a legitimate node and an access node is: Since there is an amount of nodes in a square, they need to share the bandwidth. From Lemma 9, we have that, if the associated secrecy zone contains no eavesdropper, the secrecy rate Next, we elaborate that this will happen if as n goes to infinity.
For the i-th annulus, the area of the guard zone is A i = (2k e d + 1) 2 2π x r i 2 , which is the area to eliminate the eavesdroppers. Let |ε| be the number of eavesdroppers in a cluster (Poisson with parameter λ e n m ) and |L| as the total amount of legitimate nodes in a cluster. In addition, we denote the total area that the eavesdroppers make it impossible for a legitimate user to arrive at a highway as A ε . Clearly, A ε ≤ A max |ε|, where A max = (2k e d + 1) 2 2π x ρ max 2 . For each A i , let the amount of legitimate nodes in this region be L i . According to the heterogeneity of node distribution, we have L i ≤ n m r −δ i A i . Thus, for each cluster, by the Chebyshev inequality, we have: for any ∈ (0, 1) with high probability as n → ∞. Let be the fraction of legitimate nodes that cannot transmit to highways due to the eavesdropper, and we can obtain the upper bound of as: with the probability going to one as n → ∞. The first inequality is deduced from the intersecting secrecy zones caused by eavesdroppers, and the second inequality derives from Equation (30), while the limit holds as . Under this condition, we can conclude that almost all of the legitimate nodes are securely connected to the highways as n → ∞.
Phase 4 is the opposite process of Phase 1. Therefore, a similar conclusion can be made for this phase. , then a legitimate node can receive information securely from the highway at a rate of R 4 = Ω((log( (1 − v)n 1−v log n)) −3−α ).
In the highway phase, the information is transmitted hop by hop. Let d = 1 in Theorem 6; we obtain the secrecy rate in Phase 2.

Lemma 12.
In Phase 2, if the density of eavesdropper λ e = o (log n) − δ δ−2 , then a legitimate node on the radial highway can achieve a secrecy rate Proof. According to the highway system, the transmission is occurring from one square to a neighboring square, where within the secrecy zone, there are no eavesdroppers. Thus, using Theorem 6 and letting d = 1, the secrecy rate in Phase 2 is Ω(1). Since x >> log n mx , there are Ω(x) radial paths extended from internal to external. By Lemma 9, we have that there are at most 2n mx users w.h.p. in the sector of 2π x . That is, each node can enjoy a rate of order Ω in the radial highway.
In this way, the following lemma gives the secrecy rate of Phase 3.

Lemma 13.
The legitimate nodes on the annulus highway can enjoy a per-node secrecy rate is a "heterogeneous factor", which is only decided by δ.
Proof. Compared to the radial highways, it is more complicated for data delivered around the cluster, since the number of nodes served by the annulus paths is not identical. Assume each annulus highway is identical, similar to Lemma 12; the secrecy rate of order Ω Nevertheless, due to the impact of heterogeneity, we denote the achievable secrecy rate as is a function of heterogeneous factor δ, which will be discussed in detail in Appendix B.
Comparing the secrecy rate and the tolerable density of eavesdroppers in each phase, the secrecy rate of intra-cluster transmission can be concluded as follows. , then each legitimate node located within ρ max can achieve a secrecy rate of R intra Proof. Comparing the achievable secrecy rate in each phase, the rate bottleneck occurs in Phase 2. Since the information is transmitted hop by hop, we need to guarantee security in each phase. Thus, comparing the density of eavesdroppers in each phase, we can get that, if the density of eavesdroppers λ e = o (log n) − 3δ−4 δ−2 , the secrecy rate of intra-cluster transmission is (the proof is in Appendix B).

The Secrecy Transmission of Inter-Cluster Traffic
Since we focus on the cluster-sparse network, the node density outside the circular square is much lower. Thus, we cannot use the highway system constructed in Section 5. However, according to the distribution of PPP, we can extract part of nodes with a density of φ to build "information pipelines", where φ is smaller than Φ and is selected randomly and uniformly. As shown in Figure 5, we use these "information pipelines" to connect the clusters.
Similarly, by virtue of percolation theory, we can divide the area into regular squares with a side length of √ c 0 /Φ, where c 0 is a constant. For some special large value c 0 , we can extract part of nodes to form "information pipelines", which is similar to the highways constructed in the homogeneous network. However, due to the heterogeneity, each square contains difference nodes.
In the previous section, we have already achieved the secrecy rate in the cluster area through a highway system. Within the dense areas, information is transmitted by the routes formed by the highway system. Only if the destination is located in different clusters, the information will be delivered through the "information pipelines". Similar to the derivation of intra-cluster transmission, the achievable secrecy rate of inter-cluster traffic can be obtained easily.
Borrowing the tools from percolation theory in [6], we can construct Ω( √ AΦ) pipelines among clusters. All of these pipelines need to serve Θ(m) clusters. Similar to Lemma 1 in [22], a secrecy zone is employed to protect the secrecy transmission over a single hop, where the edge of the secrecy zone is not c, but c 0 Φ . Correspondingly, we can build Ω = Ω Φ n , if the density of the eavesdropper λ e = o (log (nΦ)) −2 . Figure 6 compares the throughput under homogeneous networks and heterogeneous networks. By observing the secrecy rate of intra-cluster and inter-cluster transmission, we find that the secrecy rate of intra-cluster transmission is higher than that of homogeneous networks; therefore, the bottleneck occurs in the inter-cluster transmission. This is due to the reduction of the number of highways caused by the lower density and, thereby, the amount of relaying traffic increasing. Particularly, when the network is transferred to a homogeneous network, i.e., Φ = Θ(Φ) = Θ(1), the secrecy rate is R inter s = Ω( 1 √ n ), and the tolerable density of the eavesdropper is λ e = o (log n) −2 , which is the same result as that in homogeneous wireless networks [22].  Figure 6. An illustration of secrecy throughput. We also give a comparison with that in a homogeneous networks [22].

Conclusions
In this work, we study the impact of heterogeneity and the secrecy constraint on the capacity of wireless networks. Borrowing the tools from percolation theory, we first constructed a secrecy highway system for intra-cluster and inter-cluster transmission, respectively. With the protection of the secrecy zone, the relationship between secrecy capacity and the tolerable density of the eavesdropper is studied. It is shown that the intra-cluster transmission not only can achieve a higher secrecy capacity, but also can tolerate more eavesdroppers. Moreover, the highway system we constructed is suitable for non-uniform traffic networks, typically, such as social networks. Thus, this work provides an insight model to analyze social networks. Finally, we do not consider the case of eavesdroppers collaborating with each other. Thus, it is a valuable future work to study the scenario of colluding eavesdroppers, where the distribution of legitimate nodes and eavesdroppers will influence the secrecy throughput greatly. (1−v) log n ) and n → ∞. Then, (1 + 2π/x) k t ζdα = e 2π n 1−v (1−v) log n ·k t ζdα → Θ(1). Since α > 2, the summation Equation (22) converges to a constant.

B. The Proof of Theorem 2
Proof: The achievable rate of the annulus highway in the intra-cluster phase is derived as follows: According to four phases of the routing scheme, we give a comparison of the secrecy rate on the radial highway and the annulus highway. The secrecy rate on the radial highway can be obtained easily (Lemma 12). Hence, We only need to derive the secrecy rate of the annulus highway. Due to the number of nodes on different annuli not being identical, the derivation of the annulus highway is more complicated than the case of the radial highway. According to the distribution of legitimate nodes, let E(N i ) be the average number of nodes in annulus i. Then, the expectation of E(N i ) is: Using Equation (7) to substitute r i , we can get: Since δ > 2, E(N i ) is decreased with the increasing of i. Therefore, the annulus highway near the center will service the most nodes. As a consequence, the achievable secrecy rate on the annulus highway is: By comparing the rate R 2 and R 3 , we can find that R 2 < R 3 , for δ > 2, i.e., the secrecy rate bottleneck is in the phase of the radial highway.