# DL-Based Physical Tamper Attack Detection in OFDM Systems with Multiple Receiver Antennas: A Performance–Complexity Trade-Off

^{1}

^{2}

^{*}

## Abstract

**:**

## 1. Introduction

- Extending the framework for physical tamper attack detection presented in [6] for the case that multiple CSI estimates at the receiver (s) are available: We suggest two distinct approaches, i.e., centralized and decentralized processing. We show that centralized processing has better detection performance and requires lower database space, while having higher time complexity.
- Proposing the Deep SVDD framework to overcome complexity and latency limitations: We apply Deep SVDD to the physical tamper attack detection problem and show that it has significantly lower complexity compared to the DCAE approach, while having only slightly decreased detection performance.
- Complexity analysis: We characterize the algorithmic complexity by the number of mathematical operations and required database space to compare all investigated methods. We show that there is a trade-off between detection performance and complexity in the proposed methods.
- We evaluate all methods on experimental data from a measurement campaign in a university building.

## 2. Tamper Attack Detection Framework

#### 2.1. Problem Statement

#### 2.2. Detection Framework

## 3. Tamper Attack Detection Methods

#### 3.1. Conventional Threshold Detection

**Threshold Detection**.

#### 3.2. Mixed Deep Approaches: DCAE with PDF Estimator

_{r}(see Figure 3) learns a low-dimensional representation of the tamper-free CSI, $|{\mathbf{H}}_{\mathrm{Off},\mathrm{r}}^{i}|$, for $i=1,\cdots ,{N}_{\mathrm{Off}}^{\u2729}$ and $r=1,\cdots ,R$. From this representation, the CSI is reconstructed (referred to as $|{\widehat{\mathbf{H}}}_{\mathrm{r}}^{i}{|}_{\mathrm{rec}}$) and the reconstruction error ${\mathbf{e}}_{\mathrm{r}}^{i}$ is computed. After training the network, the Euclidean norm of the reconstruction error is used as the anomaly score ${\mathbf{a}}_{\mathrm{r}}$ as:

_{r}(denoted as ${\mathrm{DCAE}}_{\mathrm{r}}^{*}$ (the asterisk superscripts indicate the trained versions of DCAE)) is used for calculating the anomaly score ${\mathbf{a}}_{\mathrm{r}}$ of the r-th receiver.

#### 3.2.1. Decentralized Processing with Multiple DCAEs

**DCAE-D**(

**D**for decentralized). (ii) Using DCAE with the pdf estimator unit: The approach is depicted in Figure 3 and Figure 4, which is referred to as

**DCAE-DP**(

**DP**for decentralized and postprocessing).

#### 3.2.2. Centralized Processing with a Single Multi-Channel DCAE

^{*}and its pdf estimation of the anomaly scores are stored in the database.

^{*}is used to calculate the anomaly score of newly received CSI estimates. Afterward, its pdf approximation is compared with the pdf stored in the database (see Figure 6). The overlapping index distance measure for this approach, $\eta :\phantom{\rule{3.33333pt}{0ex}}{\mathbb{R}}^{n}\phantom{\rule{3.33333pt}{0ex}}\times \phantom{\rule{3.33333pt}{0ex}}{\mathbb{R}}^{n}\to \phantom{\rule{3.33333pt}{0ex}}[0,1]$, is defined as:

**DCAE-C**(

**C**for centralized) and the one with a pdf estimator is regarded as

**DCAE-CP**(

**CP**for centralized and postprocessing).

#### 3.3. A Fully Deep Approach: Deep SVDD

#### 3.3.1. Multiple Neural Networks in Decentralized Mode

#### 3.3.2. Multi-Channel Single Neural Network

**SVDD-D**(

**D**for decentralized) and

**SVDD-C**(

**C**for centralized), respectively.

## 4. Experimental Results

#### 4.1. OFDM System

#### 4.2. Environment

#### 4.3. Parameters of the DL-Based Methods

#### 4.3.1. DCAE

#### 4.3.2. Deep SVDD

#### 4.4. How to Train the Networks

^{−5}and then 10

^{−6}, we used a two-phase learning rate schedule (searching and fine-tuning). We trained 20 epochs with the learning rate for searching and 5 epochs with the learning rate for fine-tuning. This was repeated 300 times to obtain precise results. The networks were implemented on TensorFlow with Linux (ubuntu 18.04) running on an 8-core ARM v8.2 64-bit CPU and a 512-core NVIDIA Volta GPU. Table 4 summarizes the parameters used to train the neural networks.

**DCAE-DP**and

**DCAE-CP**use the same neural networks as

**DCAE-D**and

**DCAE-C**, respectively. Hence, their learning curves are the same as the learning curves of

**DCAE-D**and

**DCAE-C**, respectively, and they are not plotted in Figure 11. Moreover, in

**DCAE-D**and

**SVDD-D**, there are R (i.e., two in this work) neural networks. Therefore, there are two learning curves for these methods in Figure 11.

#### 4.5. Evaluation Criteria

#### 4.5.1. AUC-ROC

#### 4.5.2. Complexity

#### 4.5.3. Detection Performance Alongside Complexity

#### 4.6. Tamper Attack Detection Performance

#### 4.6.1. ROC Evaluation

**DCAE-C**and

**DCAE-CP**have the best tamper attack detection rates. The Deep SVDD approaches have a better tamper attack detection rate compared to the threshold detection approach, although they have lower space complexity.

#### 4.6.2. Time and Space Complexities

**SVDD-D**and

**SVDD-C**is significantly shortened compared to

**DCAE-D**(31.5%),

**DCAE-DP**(72.6%),

**DCAE-C**(39.0%), and

**DCAE-CP**(62.8%), respectively. Note that there is a slight difference in the training duration between the hall and office environment due to the different sizes of their datasets (cf. Table 3).

#### 4.6.3. Environmental Dependency

#### 4.6.4. Detection Performance vs. Complexity

**DCAE-CP**not only has superior detection performance compared to the other methods, but shows also relatively fast training and testing phases. In general, there is a trade-off among time complexity, space complexity, and detection performance. As shown in Table 5 and Table 7,

**SVDD-D**and

**SVDD-C**show the smallest time and space complexity, but as expected, their detection performance is not as high as the others. In contrast,

**DCAE-D**and

**DCAE-DP**have a larger space complexity than

**DCAE-CP**, but achieve a lower detection performance. All in all, the aforementioned factors have to be considered simultaneously to select the optimal method.

**SVDD-D**and

**SVDD-C**are acceptable, but not as high as the performances of the other DL methods, their time and space complexities are very low and, thus, might be suitable for certain applications.

**DCAE-DP**, the detection performance will be enhanced. Therefore, we investigated the impact of the online batch size on the detection performance. Figure 13 plots the AUC-ROC over different values of ${N}_{\mathrm{On}}$. Since ${N}_{\mathrm{On}}$ significantly influences the performance of the pdf estimators, only the detection performances of

**DCAE-DP**and

**DCAE-CP**change over different values of ${N}_{\mathrm{On}}$. As expected, by increasing ${N}_{\mathrm{On}}$, the AUC-ROC improves. Note that the value of ${N}_{\mathrm{On}}$ in the depicted range does not affect the performance of

**DCAE-CP**in the office environment because the method can learn environmental variation very well. Obviously, the detection performances of the DCAE-based methods with postprocessing will be affected if the value of ${N}_{\mathrm{On}}$ is chosen too small. According to Figure 13 and the relation between ${N}_{\mathrm{On}}$ and time complexity, the optimal value of ${N}_{\mathrm{On}}$ for

**DCAE-CP**in the hall environment is 200.

#### 4.7. Further Discussion

**DCAE-C**and

**DCAE-CP**are similar to those of

**DCAE-D**and

**DCAE-DP**, respectively. Instead of using R neural networks in

**DCAE-D**and

**DCAE-DP**, a single multi-channel input neural network is utilized in

**DCAE-C**and

**DCAE-CP**. According to Table 7, the space complexity of each centralized method is almost R-times less than the corresponding decentralized method. In general, the centralized methods outperform the decentralized method in terms of the AUC and space complexity. This is because the centralized methods consider the CSI from all receivers together in the offline phase. However, this is not the case for the SVDD-based method in the hall environment. The reason is the low complexity of the method and the high variation of its signal due to the environment structure. We expect that, with a more complex neural network in the structure of the SVDD-based method, the tamper attack detection performance can achieve similar values as in the office environment.

**Threshold Detection**performs much faster than the other methods; however, its tamper attack detection performance is rather low. It is worth mentioning that there is a linear relation between the number of collected packets in the offline phase (${N}_{\mathrm{Off}}^{\u2729}$) and the time complexity for

**Threshold Detection**(see Table 5). However, ${N}_{\mathrm{Off}}^{\u2729}$ does not affect the time complexity for the DL methods. This is a significant advantage of DL methods over non-DL methods.

## 5. Conclusions

## Author Contributions

## Funding

## Data Availability Statement

## Conflicts of Interest

## References

- Bagci, I.E.; Roedig, U.; Martinovic, I.; Schulz, M.; Hollick, M. Using Channel State Information for Tamper Detection in the Internet of Things. In Proceedings of the 31st Annual Computer Security Applications Conference, Los Angeles, CA, USA, 7–11 December 2015; Association for Computer Machinery: New York, NY, USA, 2015; pp. 131–140. [Google Scholar] [CrossRef]
- Kaemarungsi, K.; Krishnamurthy, P. Properties of Indoor Received Signal Strength for WLAN Location Fingerprinting. In Proceedings of the First Annual International Conference on Mobile and Ubiquitous Systems: Networking and Services, Boston, MA, USA, 26 August 2004; pp. 14–23. [Google Scholar] [CrossRef]
- Patwari, N.; Kasera, S.K. Robust Location Distinction Using Temporal Link Signatures. In Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking, Montreal, QC, Canada, 9–14 September 2007; Association for Computer Machinery: New York, NY, USA, 2007; pp. 111–122. [Google Scholar] [CrossRef]
- Wu, K.; Xiao, J.; Yi, Y.; Chen, D.; Luo, X.; Ni, L.M. CSI-Based Indoor Localization. IEEE Trans. Parallel Distrib. Syst.
**2013**, 24, 1300–1309. [Google Scholar] [CrossRef] - Maia, E.; Praça, I.; Mantzana, V.; Gkotsis, I.; Petrucci, P.; Biasin, E.; Kamenjasevic, E.; Lammari, N. Security Challenges for the Critical Infrastructures of the Healthcare Sector. In Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures; Now Publishers: Boston, MA, USA, 2020; pp. 142–165. [Google Scholar]
- Dehmollaian, E.; Etzlinger, B.; Torres, N.B.; Springer, A. Using Channel State Information for Physical Tamper Attack Detection in OFDM Systems: A Deep Learning Approach. IEEE Wireless Commun. Lett.
**2021**, 10, 1503–1507. [Google Scholar] [CrossRef] - Chan, P.Y.; Lai, A.I.C.; Wu, P.Y.; Wu, R.B. Physical Tampering Detection Using Single COTS Wi-Fi Endpoint. Sensors
**2021**, 21, 5665. [Google Scholar] [CrossRef] - Elngar, A. IoT-based Efficient Tamper Detection Mechanism for Healthcare Application. Int. J. Netw. Secur.
**2018**, 20, 489–495. [Google Scholar] [CrossRef] - Pathak, A.K.; Saguna, S.; Mitra, K.; Åhlund, C. Anomaly Detection using Machine Learning to Discover Sensor Tampering in IoT Systems. In Proceedings of the IEEE International Conference on Communications, Montreal, QC, Canada, 14–23 June 2021; pp. 1–6. [Google Scholar] [CrossRef]
- Prasad, R. OFDM for Wireless Communications Systems; Artech House: New York, NY, USA, 2004. [Google Scholar]
- Bergman, L.; Cohen, N.; Hoshen, Y. Deep nearest neighbor anomaly detection. arXiv
**2020**, arXiv:2002.10445. [Google Scholar] - Tax, D.M.; Duin, R.P. Support vector data description. Mach. Learn.
**2004**, 54, 45–66. [Google Scholar] [CrossRef] - Ruff, L.; Vandermeulen, R.; Goernitz, N.; Deecke, L.; Siddiqui, S.A.; Binder, A.; Müller, E.; Kloft, M. Deep One-Class Classification. In Proceedings of the 35th International Conference on Machine Learning, Stockholm, Sweden, 10–15 July 2018; PMLR: Stockholm, Sweden, 2018; Volume 80, pp. 4393–4402. [Google Scholar]
- Sobehy, A.; Renault, É.; Mühlethaler, P. CSI-MIMO: K-nearest Neighbor applied to Indoor Localization. In Proceedings of the 2020 IEEE International Conference on Communications (ICC), Dublin, Ireland, 7–11 June 2020; pp. 1–6. [Google Scholar] [CrossRef]
- Chandola, V.; Banerjee, A.; Kumar, V. Anomaly Detection: A Survey. ACM Comput. Surv.
**2009**, 41, 1–58. [Google Scholar] [CrossRef] - Rudemo, M. Empirical Choice of Histograms and Kernel Density Estimators. Scand. J. Stat.
**1982**, 9, 65–78. [Google Scholar] - Silverman, B. Density Estimation for Statistics and Data Analysis Estimation Density; Monographs on Statistics and Applied Probability; Chapman and Hall: London, UK, 1986; pp. 45–47. [Google Scholar]
- Pastore, M.; Calcagnì, A. Measuring Distribution Similarities Between Samples: A Distribution-Free Overlapping Index. Front. Psychol.
**2019**, 10, 1089–1096. [Google Scholar] [CrossRef] [Green Version] - Zivkovic, M.; Mathar, R. Design Issues and Performance Evaluation of a SDR-based Reconfigurable Framework for Adaptive OFDM Transmission. In Proceedings of the 6th ACM International Workshop on Wireless Network Testbeds, Experimental Evaluation and Characterization, Las Vegas, NV, USA, 19 September 2011; pp. 75–82. [Google Scholar]
- Huber+Suhner. SENCITY Spot-S Indoor Antenna 1324.19.0002. Available online: https://ecatalog.hubersuhner.com/product/E-Catalog/Radio-frequency/Antennas-accessories/Antennas/22649580/1324.19.0002?gv_refer=catsearch (accessed on 20 July 2022).
- Kingma, D.P.; Ba, J. Adam: A Method for Stochastic Optimization. arXiv
**2017**, arXiv:1412.6980. [Google Scholar] - Chollet, F. Keras: The Python Deep Learning library. Available online: https://keras.io/#support (accessed on 25 July 2022).
- Paszke, A.; Gross, S.; Chintala, S.; Chanan, G.; Yang, E.; DeVito, Z.; Lin, Z.; Desmaison, A.; Antiga, L.; Lerer, A. Automatic Differentiation in PyTorch. In Proceedings of the NIPS 2017 Autodiff Workshop, Long Beach, CA, USA, 9 December 2017; pp. 1–4. [Google Scholar]

**Figure 3.**Schematic view of the offline phase of decentralized processing: In the offline phase of the r-th receiver, DCAE

_{r}is trained. Then, the pdf approximation of the anomaly score (${\widehat{f}}_{{Y}_{\mathrm{r},\mathrm{Off}}}\left[a\right]$) and the weights of the trained network (${\mathrm{DCAE}}_{\mathrm{r}}^{*}$) are stored in the database.

**Figure 4.**Schematic view of the online phase of decentralized processing: In the online phase of the r-th receiver, ${\mathrm{DCAE}}_{\mathrm{r}}^{*}$ is used to calculate the anomaly score and the pdf approximation of the anomaly score (${\widehat{f}}_{{Y}_{\mathrm{r},\mathrm{On}}}\left[a\right]$).

**Figure 5.**Schematic view of the offline phase of centralized processing: In the offline phase, DCAE is trained. Then, the pdf approximation of the anomaly score (${\widehat{f}}_{{Y}_{\mathrm{Off}}}\left[a\right]$) and the weights of the trained network (DCAE

^{*}) are stored in the database.

**Figure 6.**Schematic view of the online phase of centralized processing: In the online phase, DCAE

^{*}is used to calculate its anomaly score and the pdf approximation of the anomaly score (${\widehat{f}}_{{Y}_{\mathrm{On}}}\left[a\right]$).

**Figure 7.**Deep SVDD maps most of the input data into a hypersphere specified by center $\mathbf{c}$ and radius $\mathrm{R}$ of a minimum volume using a neural network $\varphi (.;\mathcal{W})$ with weights $\mathcal{W}$.

**Figure 8.**Measurement environments: (top) office (4 m × 6 m) and (bottom) hall (7 m × 12 m), depicted with photos and the layout. The transmitter (indicated by TX) and two receivers (indicated by RX1 and RX2) are denoted. Orientations r1, r2, …, r7 are considered as physical tamper attacks.

**Figure 9.**Structure of DCAE. The size of each tensor is depicted in the figure. This structure is used for the proposed decentralized approaches. In the case of centralized approaches, only the size of the input is changed (in the second dimension, 1 is replaced by R).

**Figure 10.**Structure of Deep SVDD. The size of each tensor is depicted in the figure. This structure is used for the proposed decentralized approaches. In the case of centralized approaches, only the size of the input is changed (in the second dimension, 1 is replaced by R).

**Figure 11.**Learning curves of the DCAE used in

**DCAE-D**,

**DCAE-DP**,

**DCAE-C**, and

**DCAE-CP**and the Deep SVDD used in

**SVDD-D**and

**SVDD-C**. The learning curves for the training dataset (denoted as Train), the validation dataset (denoted as Val.), and two receivers, in the case of decentralized approaches (denoted as R1 and R2), are depicted.

**Figure 12.**ROC curve of the methods with ${N}_{\mathrm{On}}$ = 300 in the two environments on average.

Reference-Year | System | Data | Environment | Remark |
---|---|---|---|---|

[3]-2007 | DSSS | CIR | few dynamic elements | high misdetection rate in dynamic environments |

[1]-2015 | 802.11n Wi-Fi | CSI | dynamic | using multiple receivers |

[8]-2018 | IoT | sensor data | dynamic | supervised ML algorithm |

[6]-2021 | OFDM-based | CSI | dynamic | semi-supervised DL algorithm |

[7]-2021 | COTS Wi-Fi | CSI | static | using a COTS Wi-Fi device as a detector |

[9]-2021 | IoT | packet length | dynamic | unsupervised ML algorithm |

Scenario | Description |
---|---|

A | a person sits in chair 1 |

B | same as A one hour later |

C | a person walks in the area randomly |

D | same as C one hour later |

E | two persons walk in the area randomly |

F | same as E one hour later |

G | three persons walk in the area randomly |

H | same as G one hour later |

Data Set | Office | Hall |
---|---|---|

Training | 96,000 | 101,800 |

Validation | 23,600 | 24,800 |

Testing | 214,400 | 263,800 |

Description | Value |
---|---|

Optimizer | Adam |

${N}_{\mathrm{Off}}$ | 200 |

Weight Decay | 10^{−1} |

Number of Epochs | 20 + 5 |

Activation Function | ELU |

Learning Rate | 10^{−5} → 10^{−6} |

**Table 5.**Time complexity of the methods for each sample in the online phase. ${N}_{\mathrm{Off}}$ and S are the training batch size and number of subcarriers, respectively.

Method | No. of Multiplications | No. of Additions |
---|---|---|

Threshold Detection | ≈$2S{N}_{\mathrm{Off}}^{\u2729}$ | ≈$4S{N}_{\mathrm{Off}}^{\u2729}$ |

DCAE-D | ≈1978.75${N}_{\mathrm{Off}}S$ | ≈1987.95${N}_{\mathrm{Off}}S$ |

DCAE-DP | ≈(1978.75 + $\frac{{N}_{\mathrm{On}}-1}{S}$)${N}_{\mathrm{Off}}S$ | ≈1987.95${N}_{\mathrm{Off}}S$ |

DCAE-C | ≈1189.38${N}_{\mathrm{Off}}S$ | ≈1193.94${N}_{\mathrm{Off}}S$ |

DCAE-CP | ≈(1189.38 + $\frac{{N}_{\mathrm{On}}-1}{S}$)${N}_{\mathrm{Off}}S$ | ≈1193.94${N}_{\mathrm{Off}}S$ |

SVDD-D | ≈702.00${N}_{\mathrm{Off}}S$ | ≈702.95${N}_{\mathrm{Off}}S$ |

SVDD-C | ≈351.00${N}_{\mathrm{Off}}S$ | ≈352.44${N}_{\mathrm{Off}}S$ |

Dataset | Method | AUC | Training Dur. | Test Dur. |
---|---|---|---|---|

Office | Threshold Detection | 85.66% | - | 3.92 s |

Hall | Threshold Detection | 83.53% | - | 4.76 s |

Office | DCAE-D | 92.49% | 329.50 s | 16.99 s |

Hall | DCAE-D | 92.46% | 334.40 s | 17.14 s |

Office | DCAE-DP | 94.56% | 337.34 s | 42.08 s |

Hall | DCAE-DP | 94.53% | 342.25 s | 42.46 s |

Office | DCAE-C | 99.93% | 237.65 s | 12.95 s |

Hall | DCAE-C | 91.30% | 247.54 s | 16.08 s |

Office | DCAE-CP | 99.99% | 244.54 s | 21.33 s |

Hall | DCAE-CP | 94.91% | 261.24 s | 26.24 s |

Office | SVDD-D | 85.87% | 242.63 s | 11.59 s |

Hall | SVDD-D | 85.64% | 246.99 s | 11.79 s |

Office | SVDD-C | 93.00% | 177.63 s | 7.95 s |

Hall | SVDD-C | 82.03% | 185.22 s | 9.76 s |

Method | No. of Floating Point Elements |
---|---|

Threshold Detection | S${N}_{\mathrm{Off}}^{\u2729}$R |

DCAE-D | 2901R |

DCAE-DP | (2901 + ${N}_{\mathrm{On}}$)R |

DCAE-C | 3301 |

DCAE-CP | 3301 + ${N}_{\mathrm{On}}$R |

SVDD-D | 1776R |

SVDD-C | 1976 |

Publisher’s Note: MDPI stays neutral with regard to jurisdictional claims in published maps and institutional affiliations. |

© 2022 by the authors. Licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution (CC BY) license (https://creativecommons.org/licenses/by/4.0/).

## Share and Cite

**MDPI and ACS Style**

Dehmollaian, E.; Etzlinger, B.; Torres, N.B.; Springer, A.
DL-Based Physical Tamper Attack Detection in OFDM Systems with Multiple Receiver Antennas: A Performance–Complexity Trade-Off. *Sensors* **2022**, *22*, 6547.
https://doi.org/10.3390/s22176547

**AMA Style**

Dehmollaian E, Etzlinger B, Torres NB, Springer A.
DL-Based Physical Tamper Attack Detection in OFDM Systems with Multiple Receiver Antennas: A Performance–Complexity Trade-Off. *Sensors*. 2022; 22(17):6547.
https://doi.org/10.3390/s22176547

**Chicago/Turabian Style**

Dehmollaian, Eshagh, Bernhard Etzlinger, Núria Ballber Torres, and Andreas Springer.
2022. "DL-Based Physical Tamper Attack Detection in OFDM Systems with Multiple Receiver Antennas: A Performance–Complexity Trade-Off" *Sensors* 22, no. 17: 6547.
https://doi.org/10.3390/s22176547