1. Introduction
A wireless multi-hops network is a decentralized network which is contained by a set of nodes. The message is transmitted over the wireless channel with multi-hops mode. Since the wireless channel is a broadcast channel, it is easy to eavesdrop on the data transmission. Therefore, when designing a network, in addition to considering the quality of service (QoS) constraint, the data transmission security should also be involved. In 1975, Wyner [
1] studied a wire-tapped noisy channel and encoded the data to confuse the eavesdropper. After ground-breaking work in [
1], many works have tackled the secrecy transmission of wireless networks. Liang et al. [
2] considered a cellular network where the base station needed to transmit data to multiuser confidentially, they designed a dynamic control algorithm to maximize the network utility by employing infinite secrecy encoding block. Since secrecy outage was inevitable, Wang et al. [
3] investigated the secrecy outage and and secrecy rate in a multiuser wireless systems. Jointly considering the reliability, security and stability, they designed an optimal online control algorithm by exploiting stochastic network optimization method. Later, in [
4], the authors also considered a multi-user wireless scenario with imperfectly known channels. They aimed to maximize the worst case of secrecy throughput and developed a low complexity and rapid convergence algorithm for the optimal power allocation. In [
5], Koksal et al. investigated a cross-layer security in wireless network and proposed a dynamic control algorithm to maximize the network utility. After that, in [
6], aiming to minimize the secrecy outage probability, the authors extended the dynamic control algorithm to a cognitive radio network and developed a bandwidth and resource allocation algorithm.
Recently, on the basis of the works mentioned above, the secrecy control problem in wireless networks has been extensively studied, such as the OFDMA-based wireless network and cognitive wireless network. In [
7,
8], the authors formulated an analytical framework for secure resource allocation in a downlink OFDMA-based broadband network. Jointly considering the power and subcarrier allocation, they proposed an optimal algorithm to maximize the average aggregate rate of all users for a base station. In [
9], the authors extended the cellular network to cognitive network and proposed a scheduling policy to maximize the secrecy rate of second users. In [
10,
11], they designed a scheduling policy in cognitive radio networks to analyze the ergodic capacity on the impact of fading channel and distributed eavesdroppers. In [
12], Maged et al. considered the cognitive wiretap channel and proposed multiple antennas to secure the transmission at the physical layer. They revealed the impact of the primary network on the secondary network in the presence of a multi-antenna wiretap channel.
Although these security control algorithms improved the network performance, most of them focused on the cellular networks. In contrast, for the multi-hop wireless networks, there were few works involved. In [
13,
14], the authors considered a multi-hop wireless network and proposed an optimal control to maximize the network throughput. However, they did not consider the data transmission security. In [
15,
16], the authors investigate the confidential message secure transmission in a large scale wireless networks. By using infinite secure encoding blocklength, they derived the secrecy throughput with ideal control policies. After that, Zheng et al. [
17] extended the infinite secure encoding blocklength to the finite case and revealed the relation of secrecy outage probability to the length of codewords. As for the mobile ad hoc networks, Li et al. [
18] jointly exploited cooperative jamming and secrecy guard zone scheme and derived the exact secrecy throughput based on the physical layer security technology. To enhance security, Zhu et al. [
19] employed directional antennas and evaluated the secure secrecy performance in millimeter wave ad hoc networks. While for the wireless multi-hop networks, He [
20] proposed a dynamic control algorithm in multi-hop wireless network with untrusted relays. While in [
21], Sarikaya et al. considered a multi-hop network with random and independent node distribution. To guarantee the secrecy transmission, they developed a strategy to encode the confidential message with multi-path transmission and infinite coding block length. By using stochastic network optimization [
22], they developed a control policy to stable the network and maximize the network utility, which combines end-to-end secrecy encoding, routing scheme and the resource allocation algorithm. However, most of the works mentioned above only focused on cellular networks security or multi-hop wireless networks with multi-path transmission strategy to guarantee the security.
In this paper, we consider the secrecy control problem in multi-hop wireless network, which is extended work of our previous work [
23]. In [
23], we have developed a secrecy control algorithm to maximize the network utility, while the blocklength of secrecy encoding is infinite. For the case of finite blocklength, it would be much more complicated since perfect secrecy is not possible. To deal with this scenario, We exploit an independent randomization encoding strategy to guarantee the security and define a secrecy outage probability. Given a constraint on the probability of secrecy outage, we develop an improved control algorithm, which is decomposed into end-to-end secrecy encoding, flow control and routing scheduling such that the network stability and secrecy outage constraint are satisfied. Finally, we prove that the performance of proposed control policies can close to the optimal utility result asymptotically.
The rest of the paper is organized as follows. In
Section 2, we introduce the network model and problem formulation.
Section 3 proposes an improve control policy with finite secrecy codewords.
Section 4 evaluates the proposed policy with various network conditions. Finally, the paper is concluded in
Section 5.
3. Control with Finite Secrecy Codewords
Similar to the control algorithm proposed in [
23], we exploit the Lyapunov penalty and drift to solve this problem. However, due to the secrecy codeword finite and secrecy outage occurrence, the queue model needs to be improved. In particular, as shown in
Figure 2, source node is equipped with two separate queues which are operated at two different time scales. The first queue stores the message admitted into the network and
denotes the queue length in slot
t. Let
be the admitted confidential message in slot
t, which is transmitted from source node
n to destination node
c.
represents the long-term average admitted confidential message. The departure of the first queue occurs only when a new secrecy codeword is generated in slot
t. Let
be the number of secrecy codewords generated in slot
t, and
denote the confidential message encoded in
-th secrecy codeword. Since there are
N channels, where
, the actual transmitted confidential message is
and the length of secrecy codeword is
, the second queue is a partial queue and let
denote the queue length. In this queue, the data departures or not is depended the scheduling and routing policy. Only when the queue is empty, i.e.,
, a new secrecy codeword is allowed to admit into the queue. Thus, we have, if
,
. According to the queue models defined above, the evolution of queues can be expressed as:
For each intermediate node, there exists a queue to store the packet from source node
n to destination node
c. Let
be the queue length. Then we have
To evaluate the state of secrecy outage, we assume source node
n can perceive the accumulated of confidential message at each eavesdropper, since it can check if some eavesdropper has intercepted the transmission. If it is impossible to know the information precisely, we will discuss in
Section 4. Let
denote the number of bits that must be accumulated by eavesdropper
e in slot
t to decode the
-th confidential message. Note that, for any eavesdroppers
e, if
, then secrecy outage of the
-th confidential message is occurred. Let
be the maximum rate that eavesdropper can be achieved, then the evolution of queue
can be denoted as
For the constraint (
6), a virtual queue
is constructed, which is employed to record the state of secrecy outage. Thus, if the
k-th confidential message is secrecy outage, then the arrival rate of queue
is
, else it is 0. The evolution of queue
is:
The arrival and departure of virtual queue
is the number of confidential message bits undergoing secrecy outage, and the number of confidential message bits allowed to be outage, which is constrained by parameter
. The value of
indicates the amount that we have exceeded the allowable secrecy outage constraint. Hence, the larger the value of
, the more conservative our control algorithm needs to be to meet these constraints. That is, a less confidential message
is encoded into the
-th codeword.
It is necessary to introduce the concept of strong stability. As a discrete time process,
is strongly stable if:
In particular, a multi-queue network is stable when all queues of the network are strongly stable. According to Strong Stability Theorem in [
13], for finite variable
and
, strong stability implies a rate stability of
. The definition of rate stability can be found in [
13] and omitted here.
3.1. Control Algorithm
For the secrecy transmission strategy with finite secrecy codewords, the control algorithm is:
Multi-hop Secrecy Control Algorithm with Finite Block (MSCAFB):
Note that, the long-term average secrecy outage
is increasing with variable
r. Once
r increases, secrecy codeword is encoded with less randomization bits, such that eavesdropper can intercept the confidential message with a higher probability. Hence, as the queue length
increases, the confidential message
is increased. Moreover, it decreases with the increasing of the virtual queue length
, such that the constraints of problem (
3) are satisfied.
3.2. Algorithm Performance
Using the Theorem of Lyapunov penalty and drift [
22], we can also prove that the proposed control algorithm can close to the optimal arbitrarily. Let
denote the queue vector of the first queue in
Figure 2,
be the queue vector of the second queue in
Figure 2,
represent the queue vector of intermediate nodes for flow
c,
be the queue vector of leaked confidential message accumulated by eavesdropper and
be the queue vector of secrecy outage. All the queue vectors can be denoted as
. Define a Lyapunov function as
Observing the state of all queues, we have the conditional expectation of on-step queuing evolutions, i.e., Lyapunov drift is:
Substituting the evolution expressions of all queues, we obtain the upper bound of Lyapunov drift is:
Since the maximum transmission power is finite, all the rates of the network would be bounded. Additionally, the arrival rate
is also bounded. Hence, the parameter
B is a nonnegative constant. Let the Lyapunov drift minus
, where
V is a weight parameter, we obtain the Lyapunov drift and penalty equation:
According to the Lyapunov optimization theorem [
22] and substituting (
18) to (
19), the upper bound of
can be expressed as:
Rearranging and observing the
of (
20), we find that the MSCAFB algorithm indeed minimizes the right hand side of (
20).
If the arrival rates of each node are in the feasible region, based on the work in [
22], there must exist a stationary scheduling, flow control and end-to-end encoding policy, which select the users and link rates independent of queue length and only relate to the channel statistics. This indicates that, if the channel statistics can be known a priori, the optimal control policy can be found as the solution of a deterministic policy. Let
be the optimal value of problem (
3),
and
denote the feasible and optimal arrival rate and transmission rate, respectively. Then, for all queues and any constants
,
and
, there must exists a network control policy that is independent of all queue lengths and satisfies the following inequalities:
Since the MSCAFB indeed minimizes the RSH of (
20), such that any stationary control policies (including the optimal policy) need to satisfy (
20). Inserting (
21)–(
23) into (
20), we get the following upper bound of our control algorithm:
Rearrange (
24), we obtain the performance of MSCAFB algorithm.
4. Numerical Results and Discussions
For the network model presented in
Figure 1, we consider i.i.d Rayleigh fading channels between nodes. The ratio of transmit power and noise has been normalized to 1. Let
be the power gain between node
i and
j, which follows exponential distribution and the mean of each link is presented in
Table 2. The achievable rate between node
i and
j is
and the rate of eavesdropper
. The utility function is a logarithmic utility function, i.e.,
, where
and
is the confidential rate selected by node
n in slot
t. We assume the confidential data arrival process for each user follows an i.i.d Bernoulli process with rate
.
Firstly, we analyze the performance of MSCAFB algorithm. In the simulation, the maximum average confidential data arrival rate is 2 bit/s, since the bandwidth is assumed to be one. Choosing the parameter
, we get the results in
Figure 3 and
Figure 4, where each value is collected by running 5000 times.
Figure 3 shows the impact of increasing the average confidential data arrival rate on the utility function and
Figure 4 depicts the average queue backlog in the network. From the simulation results, we find: (1) For a fixed
V, when the arrival rate is low,
Figure 3 indicates that the utility function linearly increases with the average admission confidential rate. The reason for this is that, if the arrival confidential rate is low, almost all the arrival confidential data can be admitted. (2) When the arrival confidential rate is larger than the secrecy channel capacity, the average admitted confidential rate turns into saturation. Not surprisingly, as the parameter
V increases, we observe that the utility function grows closer to the optimal value. (3) While in
Figure 4, the average queue backlog is increased with
V dramatically. It indicates that the transmission delay is increased with
V. Thus, the choice of
V is indeed a tradeoff between average utility and short-term system performance. To achieve both large utility and low delay, we will discuss the selection of parameter
V.
According to [
22], the long-term average utility is proportion to
, such that we can rewrite the utility function as
, where
denotes the optimal value and is a constant. Hence, the utility function is an increasing hyperbolic function of parameter
V and a good operating point would be to pick a
V value where an unit increases in
V yields a very small reduction in utility. At this point, the utility gains may not be worth the delay increase resulting from increasing
V (since delay is proportional to
V). Let
be the slope of utility function
. Differentiating to
V, i.e.,
, we have the good operating point of
, where
M is the number of nodes, and
. Based on the setting of simulation, i.e.,
,
and
, we can obtain the good operating point
.
Next, we analyze the performance of MSCAFB algorithm and compare with MSCA algorithm in [
23].
Figure 5 reflects the influence of secrecy codeword length on the network utility, as well as comparing with infinite secrecy codeword. The average arrival of confidential message is 2 bit/s and the parameter
V is 80. The maximum allowable portion of confidential message
is chosen from
, and the secrecy codeword length varies from
bits. From
Figure 5, we find: (1) When the secrecy codeword length is 50 bits, the network utility is only 30% of the optimal value. (2) With the increasing of secrecy codeword length, the network utility is increased. When secrecy codeword length is up to 1000 bits, the network utility trends to be gentle, but closes to the value with infinite secrecy codeword. The reason for this is that, when the secrecy codeword length is small, subject to the constraint of
, the confidential message inserted to the codeword is decreased. Such that the network utility is low, and vice versa. (3) The network utility is increased with the value of
. The reason is that, with
increasing, more confidential message can be inserted into a secrecy codeword. Particularly, when
and secrecy codeword length is 1000 bits, the network utility is larger than that of infinite secrecy codeword. In order to depict the influence of
on the network utility, we have
Figure 6.
In
Figure 6, assuming the secrecy codeword length is
bits, we vary
from
to
. The results show that: (1) With
increasing, we have the similar results with
Figure 5. (2) With the increasing of secrecy codeword length, the threshold of
at which network utility is larger than that of infinite secrecy codeword is decreased. The reason is that larger secrecy codeword length means more confidential message can be inserted into a secrecy codeword. Particularly, when the secrecy codeword length is small, even
is large, the network utility can not exceed the optimal value. (3) Although both
and secrecy codeword length are large, the network utility can exceed the optimal value, it can not exceed the network capacity without secrecy constraint.
Each node needs the information of queue length from eavesdroppers to decide the control algorithm, considers a situation that queue length information is shared among all the nodes, but in some environment it is impossible to know this information precisely. Compared with getting perfect information about
, it is more realistic to know the time-average packet arrival rate of eavesdroppers. Considering this, we propose an imperfect estimation of
. The estimated queue length in legitimate node is:
where
is an over-estimated slack variable to queue stability. As to the control algorithm, we use
to substitute
in resource allocation algorithm.