Secure Transmission for Buffer-Aided Relay Networks in the Internet of Things

Abstract

This paper investigates the secure transmission for buffer-aided relay networks in the Internet of Things (IoT) in the presence of multiple passive eavesdroppers. For security enhancement, we adopt the max-link relay selection policy and propose three secure transmission schemes: (1) non-jamming (NJ); (2) source cooperative jamming (SCJ); and (3) source cooperative jamming with optimal power allocation (SCJ-OPA). Moreover, to analyze the secrecy performance comprehensively, two eavesdropping scenarios, i.e., non-colluding eavesdroppers (NCE) and colluding eavesdroppers (CE) are considered. Based on this, by modeling the dynamic buffer state transition as a Markov chain, we derive the exact closed-form expressions of the secrecy outage probability, the average secrecy throughput, and the end-to-end delay for each schemes. The analytical analysis and simulation shows that the SCJ-OPA scheme achieves similar performance as the NJ scheme when the total transmit power is small. On the other hand, when the transmit power is high, the performance achieved by SCJ-OPA is similar to that of SCJ. Thereby, the SCJ-OPA scheme can achieve better performance across the entire total transmit power, which makes up the defects of NJ and SCJ exactly.

1. Introduction

The Internet of things (IoT) serves a crucial architecture in future wireless communication systems, which can connect all things (e.g., mobile devices, sensors, and vehicles) to the Internet and enable these physical devices with sensorial and computing capabilities to cooperate with each other and achieve common goals [1,2,3]. Numerous fields such as industry, medical and transportation are expected to deploy IoT applications widely [4]. Moreover, due to the resource constraints of IoT devices (e.g., energy and computing capability), relay transmission is seen as a promising solution to solve the problem above in IoT networks, which has attracted great research interest [5,6,7]. Specifically, in [6], the unmanned aerial vehicle (UAV) was considered as the relay node firstly, and then the outage probability and throughput was investigated in the UAV relay assisted IoT networks enhanced with energy harvesting. In [7], G. Chen et al. considered both half-duplex (HD) and full-duplex (FD) decode-and-forward (DF) relaying schemes in multi-hop IoT networks, whose operating mode was similar to the one in [8], and studied the outage probability of the system with randomly located interferers.

However, since the best link may be not available, the relay has to follow the fixed transmission strategy to transmit the data packet [9]. That is to say, the selected relay receives the data packets from the source node in the first hop and then forwards it to the destination node immediately in the second hop. Recently, equipping data buffer at the relays has drawn considerable attentions due to its ability of offering high performance gains and extra degrees of freedom, which is called “buffer-aided relay” [10,11,12,13]. In [12], A. Ikhlef et al. proposed the max-max relay selection (MMRS) scheme for DF relay networks. In [13], the max-link relay selection scheme was proposed, which could achieve better performance than MMRS by selecting the best link among all the available links. Nowadays, several works have considered applying the buffer-aided relay to IoT for increasing the reliability of communication networks [14,15,16]. The buffer-aided successive relay selection scheme for energy harvesting IoT networks based on DF and amplify-and-forward (AF) relay is investigated in [15]. In [16], a novel prioritization-based buffer-aided relay selection scheme was proposed, which can seamlessly combine both non-orthogonal multiple access (NOMA) and orthogonal multiple access (OMA) transmission in the IoT.

On the other hand, the broadcast characteristics of the wireless channels makes the wireless networks vulnerable to malicious attacks by illegitimate nodes, which presents a new challenge for the security of data transmission [17,18]. The encryption technique employed at the upper layer is a traditional method against eavesdropping [19]. However, this traditional technique not only imposes extra computational complexity resulted from the secret key management but can also be easily decrypted with the rapid improvement of the calculation level and thus being inappropriate to provide security services for IoT networks especially. Alternatively, physical layer security has been proposed as an effective approach to prevent the eavesdroppers from intercepting the information transmission by exploiting the randomness nature of the wireless channels [20,21,22]. Inspired by this, lots of research efforts have focused on the security of IoT networks from a physical layer security perspective [23,24,25,26]. In [23], the secrecy outage performance was studied for the wireless communication in IoT under eavesdropper collusion. In [24], three different scheduling schemes were designed to perform secure communication in an untrusted-relay-aided IoT uplink transmission. An on-off based multiuser secure transmission scheme was proposed for the heterogeneous IoT downlink networks in [25]. Then, the authors optimized several parameters to maximize the network secrecy throughput. Additionally, P. Huang et al. further examined the maximization of the secrecy sum rate for the downlink IoT systems with a novel relay-aided secure transmission scheme [26]. In recent years, some works have studied the physical layer security of buffer-aided relay networks [27,28,29]. In [27], G. Chen et al. proposed a novel max-ratio relay selection scheme to enhance the physical layer security for buffer-aided DF networks. For multi-relay multiple-input multiple-output (MIMO) cooperative networks, a buffer-aided joint transmit antenna and relay selection (JTARS) scheme was proposed in [28], and then the expression of the secrecy outage probability in closed-form was derived to assess the impact of different parameters on the secrecy performance. The closed-form expression of the secrecy outage probability was also derived in [29] to understand the secrecy performance of a buffer-aided underlay cognitive relay network. However, the secure transmission of buffer-aided relay network in IoT is an open issue to study. To the best of our knowledge, the design of secure transmission schemes for buffer-aided relay IoT networks has not been examined.

Inspired by these observations above, we investigate the secure transmission for buffer-aided relay IoT networks. To enhance the secrecy performance of the considered system, we adopt the max-link relay selection policy and propose three secure transmission schemes. The main contributions of this paper are summarized as follows:

• We propose three secure transmission schemes, i.e., non-jamming (NJ), source cooperative jamming (SCJ) and source cooperative jamming with optimal power allocation (SCJ-OPA), to enhance the secrecy performance for buffer-aided relay networks in IoT scenarios.
• By modeling the dynamic buffer state transition as a Markov chain, we derive the closed-form expressions of the secrecy outage probability, the average secrecy throughput and the end-to-end delay under the non-colluding eavesdroppers (NCE) and colluding eavesdroppers (CE) scenarios, respectively. Based on these expressions, the impacts of different parameters on the secrecy performance can be evaluated effectively.
• Our findings highlight that although the NJ and the SCJ schemes can achieve good secrecy performance when the total transmit power is small or large, respectively, the SCJ-OPA scheme outperforms the other two schemes across the whole transmit power range of interest, which can make up the defects of the other two schemes.

Table 1 provides a list of the fundamental symbols throughout this paper. The remainder of the paper is organized as follows. In Section 2, we introduce the considered system model and the relay selection policy. Section 3 presents three transmission schemes. In Section 4, we investigate the several key performance metrics of the system, respectively. Section 5 provides simulation results. Finally, the conclusion is given in Section 6.

Table 1. List of the main notations and parameters.

Symbol	Description	Symbol	Description
M	Number of relay sensors	${\left(·\right)}^T$	The transpose operation
$R_m$	The m-th relay sensor	$M_{1,n}$	The number of available links in the first hop
K	Number of eavesdroppers	$M_{2,n}$	The number of available links in the second hop
$E_k$	The k-th eavesdropper	$\alpha$	The power allocation factor
L	Buffer size	$P_{out}$	The overall secrecy outage probability
$h_{ab}$	The channel coefficient of link $a\to b$	$P_{out,n}$	The secrecy outage probability at state $s_n$
${\mathbf{h}}_{ab}$	The channel vector of link $a\to b$	$\mathbf{\pi }$	The stationary probability vector
$E[·]$	The expectation operation	${\mathbf{\pi }}_{\mathit{n}}$	The stationary probability vector at state $s_n$
$d_{ab}$	The distance between a and b	$R_s$	The predefined secrecy rate
$\kappa$	The path loss factor	${\gamma }_{th}$	The secrecy outage threshold
$C_{ab}$	The achievable secrecy rate of link $a\to b$	N	The number of all the buffer states
${\sigma }^2$	The variance of AWGN	$\mathbf{A}$	The state transition matrix
$P_S$	The maximum transmit power of S	${\mathbf{A}}_{v,n}$	The (v,n)th entry of A
$P_R$	The maximum transmit power of relay sensor	$\mathbf{I}$	The identity matrix
$P_{Total}$	The total power	$\mathbf{Q}$	The all-ones matrix
$s_n$	The n-th buffer state	$\overline{T}$	The average secrecy throughput
${\phi }_n\left(m\right)$	The number of data packets in $B_m$ at state $s_n$	${\overline{D}}_{total}$	The average end-to-end delay
$∥·∥$	The Euclidean or $L_2$ vector norm	${\overline{Q}}_m$	The average queuing length at $R_m$

2. System Model and Relay Selection Policy

2.1. System Model

Let us consider the uplink transmission for the buffer-aided relay network in IoT application, as illustrated in Figure 1, which consists of a source sensor S, a controller D, M half-duplex intermediate relay sensors ${\left\{R_m\right\}}_{m=1}^M$ and K passive eavesdroppers ${\left\{E_k\right\}}_{k=1}^K$. In the network, all nodes are equipped with a single antenna and each relay is also equipped with a data buffer $B_m$ of finite size L. Note that the data packets in the buffer obey the “first-in-first-out” rule. Therefore, the time that a data packet is transmitted from the relay sensor to the controller depends on the length of the queue. On the other hand, it takes only one time slot to transmit a packet from the source sensor to the relay sensor. Furthermore, the $S\to R$ and $R\to D$ links are referred to as the main channel, and the $S\to E$ and $R\to E$ links are referred to as the wiretap channels. All channels are modeled as the quasi-static flat Rayleigh fading, hence the channel coefficients keep unchanged in the coherent time of the channels [30]. Since the impact of significant path loss, the direct link between S and D is assumed unavailable. That is to say, the source sensor S has to communicate with the controller D via the assistance of multiple intermediate relay sensors [27,31,32].

Figure 1. System Model.

In this paper, we denote the complex Gaussian random variable $h_{ab}$ as the channel coefficient of link $a\to b$. According to this, the channel gain ${\left|h_{ab}\right|}^2$ can be regarded as an exponentially distributed random variable, which mean it is equal to $E\left[{\left|h_{ab}\right|}^2\right]=1/{\lambda }_{ab}=d_{ab}^{-\kappa }$, where $E[·]$ denotes the expectation operation, and $d_{ab}$ and $\kappa$ represent the distance of the link and the path loss factor, respectively. Specifically, the main channels are assumed independent and identically distributed (i.i.d), i.e., ${\lambda }_{SR}={\lambda }_{RD}$. Besides, due to the energy limitation of the sensors nodes in IoT networks, we consider the total power constraint $P_S+P_R=P_{Total}$, where $P_S$ and $P_R$ represent the maximum transmit power of the source and the relay sensor, and $P_{Total}$ denotes the total power.

2.2. Relay Selection Policy

In this subsection, we investigate the max-link relay selection considering the secrecy constraints [13]. To further probe into this relay selection policy mentioned above, the number of the data packets in each buffer is modeled as a state firstly. We define $s_n={\left[{\phi }_n\left(1\right),{\phi }_n\left(2\right),\cdots ,{\phi }_n\left(M\right)\right]}^T$ as a certain buffer state, where ${\phi }_n\left(m\right)\in \left\{0,1,\cdots ,L\right\}$$\left(1\le m\le M\right)$ denotes the number of data packets in buffer $B_m$ at state $s_n$.

For the buffer-aided relay $R_m$, when its buffer is full or empty, it means that the relay cannot receive or transmit data packet, i.e., ${\phi }_n\left(m\right)=L$ or ${\phi }_n\left(m\right)=0$. According to this, ${\varphi }_{1,n}\left(m\right)=1$ and ${\varphi }_{2,n}\left(m\right)=1$ denote that the relay $R_m$ can be chosen to receive and transmit data packet at state $s_n$. In other words, the corresponding link is available. On the contrary, ${\varphi }_{1,n}\left(m\right)=0$ and ${\varphi }_{2,n}\left(m\right)=0$ represent the link in the first and second hops corresponding to the relay $R_m$ is not available, respectively. Hence, we have ${\varphi }_{1,n}\left(m\right)=\left\{\begin{array}{ccc}1& ,& {\phi }_n\left(m\right)\ne L\\ 0& ,& {\phi }_n\left(m\right)=L\end{array}\right.$ and ${\varphi }_{2,n}\left(m\right)=\left\{\begin{array}{ccc}1& ,& {\phi }_n\left(m\right)\ne 0\\ 0& ,& {\phi }_n\left(m\right)=0\end{array}\right.$.

Then, the number of available links at state $s_n$ in the first or the second hops are, respectively, given by

$$M_{1,n}=\sum _{m=1}^M{\varphi }_{1,n}\left(m\right),$$

(1)

$$M_{2,n}=\sum _{m=1}^M{\varphi }_{2,n}\left(m\right).$$

(2)

Based on [13], the relay selection policy can be mathematically expressed as

$$R^{*}=argmax\left\{{\left|h_{S{R}_{M_{1,n}}^{\prime }}\right|}^2,{\left|h_{R_{M_{2,n}}^{{}^{″}}D}\right|}^2\right\},$$

(3)

where ${\left|h_{S{R}_{M_{1,n}}^{\prime }}\right|}^2=\underset{{\phi }_n\left(i\right)\ne L}{max}\left\{{\left|h_{S{R}_i}\right|}^2\right\}$ denotes the largest channel gain among $M_{1,n}$ available links in the first hop. Similarly, ${\left|h_{R_{M_{2,n}}^{{}^{″}}D}\right|}^2=\underset{{\phi }_n\left(j\right)\ne 0}{max}\left\{{\left|h_{R_{j}D}\right|}^2\right\}$ is the largest channel gain among $M_{2,n}$ available links in the second hop.

From the above expression, we find that the relay with the strongest channel gain is always selected for data transmission. Specifically, when $R^{*}$ is selected for reception, it receives and decodes the data packet and the packet can be stored in the buffer $B^{*}$. Hence, the number of packets in the buffer $B^{*}$ increases by one. Similarly, when $R^{*}$ is chosen for transmission, the controller D receives and decodes the data packet, and the buffer $B^{*}$ discards the packet. Thereby, the number of the packets correspondingly decreases by one. Furthermore, if the whole communication between the source sensor S and the controller D is not successful, the buffer state will remain unchanged.

3. Transmission Schemes

In this section, a conventional non-jamming scheme and two source cooperative jamming schemes are presented for the considered buffer-aided relay IoT networks.

3.1. NJ Scheme

The total transmission is divided into two hops. In the first hop, the source sensor S sends the signal to the relay sensor while intercepted by K eavesdroppers ${\left\{E_k\right\}}_{k=1}^K$. Hence, the received SNR at $R_i$ and $E_k$ can be, respectively, expressed as

$${\gamma }_{S{R}_i}^{NJ}=\frac{P_{S_1}{\left|h_{S{R}_i}\right|}^2}{{\sigma }^2},$$

(4)

$${\gamma }_{S{E}_k}^{NJ}=\frac{P_{S_1}{\left|h_{S{E}_k}\right|}^2}{{\sigma }^2},$$

(5)

where $P_{S_1}=P_{Total}/2$ denotes the transmit power of the source sensor, which obeys the uniform power allocation for ease of analysis. ${\left|h_{S{R}_i}\right|}^2$ and ${\left|h_{S{E}_k}\right|}^2$ represent the channel gains of link $S\to R_i$ and $S\to E_k$, ${\sigma }^2$ is the variance of the additive white Gaussian noise (AWGN).

Similar to the first hop, the received SNR at D and $E_k$ can be, respectively, given by

$${\gamma }_{R_{j}D}^{NJ}=\frac{P_{R_1}{\left|h_{R_{j}D}\right|}^2}{{\sigma }^2},$$

(6)

$${\gamma }_{R_j{E}_k}^{NJ}=\frac{P_{R_1}{\left|h_{R_j{E}_k}\right|}^2}{{\sigma }^2},$$

(7)

where $P_{R_1}=P_{Total}/2$ is the transmit power of the selected relay sensor, and ${\left|h_{R_{j}D}\right|}^2$ and ${\left|h_{R_j{E}_k}\right|}^2$ denote the channel gains of link $R_j\to D$ and $R_j\to E_k$, respectively.

Due to the presence of multiple eavesdroppers, we take both NCE and CE scenarios into account.

In the NCE scenario, the eavesdroppers decode information individually without interactions [33]. Hence, the received signal-to-noise ratio (SNR) at the eavesdroppers of the first and second hops can be, respectively, given by

$${\gamma }_{1,NCE}^{NJ}=\underset{1\le k\le K}{max}{\gamma }_{S{E}_k}^{NJ}=\frac{P_{S_1}\underset{1\le k\le K}{max}\left({\left|h_{S{E}_k}\right|}^2\right)}{{\sigma }^2},$$

(8)

$${\gamma }_{2,NCE}^{NJ}=\underset{1\le k\le K}{max}{\gamma }_{R_j{E}_k}^{NJ}=\frac{P_{R_1}\underset{1\le k\le K}{max}\left({\left|h_{R_j{E}_k}\right|}^2\right)}{{\sigma }^2}.$$

(9)

In the CE scenario, all eavesdroppers can exchange the information with each other and adopt the maximal ratio combining (MRC) for enhancing the intercept ability [34,35]. Thus, the instantaneous SNR of the eavesdroppers’ channels for the first and second hops are expressed as

$${\gamma }_{1,CE}^{NJ}=\sum _{1\le k\le K}{\gamma }_{S{E}_k}^{NJ}=\frac{P_{S_1}{∥{\mathbf{h}}_{SE}∥}^2}{{\sigma }^2},$$

(10)

$${\gamma }_{2,CE}^{NJ}=\sum _{1\le k\le K}{\gamma }_{R_j{E}_k}^{NJ}=\frac{P_{R_1}{∥{\mathbf{h}}_{R_{j}E}∥}^2}{{\sigma }^2},$$

(11)

where ${\mathbf{h}}_{SE}$ denotes the $K\times 1$ channel vector between the source sensor and the eavesdroppers. Similarly, ${\mathbf{h}}_{R_{j}E}$ represents the channel vector between the selected relay sensor and the eavesdroppers.

The NJ scheme is a benchmark invoked for the purpose of comparison, which can also be applicable for the practical application scenario due to it lower complexity.

3.2. SCJ Scheme

In this case, when the second hop is selected, the source sensor can send jamming signals to the eavesdroppers with the transmit power $P_{J_2}$, which degrades the quality of eavesdroppers’ channels effectively without interfering other nodes. Furthermore, due to the total power constraint, we have $P_{S_2}+P_{J_2}+P_{R_2}=P_{Total}$, where $P_{S_2}$ denotes the transmit power of the source sensor when transmitting useful information. Similar to the NJ scheme, the power allocation follows the uniform allocation rule, i.e., $P_{R_2}=P_{Total}/2$, $P_{S_2}=P_{J_2}=P_{Total}/4$.

The first hop of the SCJ scheme is the same as the NJ scheme, hence we have ${\gamma }_{S{R}_i}^{SCJ}=P_{S_2}{\left|h_{S{R}_i}\right|}^2/{\sigma }^2$ and ${\gamma }_{S{E}_k}^{SCJ}=P_{S_2}{\left|h_{S{E}_k}\right|}^2/{\sigma }^2$. In the second hop, the received signal-to-interference-plus-noise-ratio (SINR) at $E_k$ is given by

$${\gamma }_{R_j{E}_k}^{SCJ}=\frac{P_{R_2}{\left|h_{R_j{E}_k}\right|}^2}{{\sigma }^2+P_{J_2}{\left|h_{J{E}_k}\right|}^2},$$

(12)

where ${\left|h_{J{E}_k}\right|}^2$ denotes the link of $S\to E_k$ when S acts as a jamming node.

Thus, for the NCE scenario, the received SNR and SINR at the eavesdroppers of the first and second hops can be written as

$${\gamma }_{1,NCE}^{SCJ}=\frac{P_{S_2}\underset{1\le k\le K}{max}\left({\left|h_{S{E}_k}\right|}^2\right)}{{\sigma }^2},$$

(13)

$${\gamma }_{2,NCE}^{SCJ}=\underset{1\le k\le K}{max}\left(\frac{P_{R_2}{\left|h_{R_j{E}_k}\right|}^2}{{\sigma }^2+P_{J_2}{\left|h_{J{E}_k}\right|}^2}\right).$$

(14)

For the CE mode, the received SNR and SINR of the eavesdroppers’ channel for the first and second hops are given by

$${\gamma }_{1,CE}^{SCJ}=\frac{P_{S_2}{∥{\mathbf{h}}_{SE}∥}^2}{{\sigma }^2},$$

(15)

$${\gamma }_{2,CE}^{SCJ}=\frac{P_{R_2}{∥{\mathbf{h}}_{R_{j}E}∥}^2}{{\sigma }^2+P_{J_2}{∥{\mathbf{h}}_{JE}∥}^2},$$

(16)

where ${\mathbf{h}}_{JE}$ represents the $K\times 1$ channel vector between the source sensor and the eavesdroppers when the source acts as a jamming node.

3.3. SCJ-OPA Scheme

To further enhance the physical layer security for the SCJ scheme, the optimal power allocation operation is employed at the source sensor node under the SCJ-OPA scheme. Similar to the section above, we still assume that $P_{R_3}=P_{Total}/2$. Then, we have $P_{S_3}+P_{J_3}=P_{Total}/2$. Given $P_{S_3}=\alpha P_{Total}/2$ and $P_{J_3}=\left(1-\alpha \right)P_{Total}/2$ where $0<\alpha <1$ denotes the power allocation factor. We aim to find the optimal power allocation factor to minimize the secrecy outage probability of the considered system. Therefore, the optimization problem can be written as

$$\underset{\mathrm{s}.\mathrm{t}.0<\alpha <1}{\underset{\alpha }{min}{P}_{out}},$$

(17)

where $P_{out}$ represents the overall secrecy outage probability of the system. We derive the expression of the secrecy outage probability and solve the optimization in the following section. Moreover, making an appropriate substitution of the parameters, i.e., $P_{S_2}\to P_{S_3}$ and $P_{J_2}\to P_{J_3}$, the received SNR or SINR at the corresponding node under the SCJ-OPA scheme can be obtained easily, hence is omitted.

Now, according to the authors of [36,37], the achievable secrecy rate of the first and second hops can be, respectively, expressed as

$$C_{SRE}^{☆}={\left[{log}_2\left(1+{\gamma }_{S{R}_i}^{☆}\right)-{log}_2\left(1+{\gamma }_{1,E}^{☆}\right)\right]}^{+},$$

(18)

$$C_{RDE}^{☆}={\left[{log}_2\left(1+{\gamma }_{R_{j}D}^{☆}\right)-{log}_2\left(1+{\gamma }_{2,E}^{☆}\right)\right]}^{+},$$

(19)

where $☆\in \left\{NJ,SCJ,SCJ-OPA\right\}$, ${\gamma }_{1,E}^{☆}\in \left\{{\gamma }_{1,NCE}^{☆},{\gamma }_{1,CE}^{☆}\right\}$, ${\gamma }_{2,E}^{☆}\in \left\{{\gamma }_{2,NCE}^{☆},{\gamma }_{2,CE}^{☆}\right\}$, ${\left[x\right]}^{+}=max\left\{0,x\right\}$.

4. Performance Analysis

4.1. Secrecy Outage Analysis

In this subsection, we investigate the secrecy outage performance of the considered system. According to [13], considering all of the possible states, the secrecy outage probability of the system is given by

$$P_{out}^{☆}\left({\gamma }_{th}\right)=\sum _{n=1}^N{\mathbf{\pi }}_n^{☆}{P}_{out,n}^{☆}\left({\gamma }_{th}\right),$$

(20)

where $N={\left(L+1\right)}^M$ denotes the total number of states, ${\mathbf{\pi }}_n^{☆}$ and $P_{out,n}^{☆}\left({\gamma }_{th}\right)$ denote that when the state is $s_n$, the corresponding stationary probability and the secrecy outage probability. ${\gamma }_{th}\stackrel{\Delta }{=}{2}^{2R_s}$ represents the secrecy outage threshold. Besides, to make the following analysis traceable, we define ${\gamma }_{E1}^{☆}=\left(1+{\gamma }_{S{R}_{M_{1,n}}^{\prime }}^{☆}\right)/\left(1+{\gamma }_{1,E}^{☆}\right)$, ${\gamma }_{E2}^{☆}=\left(1+{\gamma }_{R_{M_{2,n}}^{{}^{″}}D}^{☆}\right)/\left(1+{\gamma }_{2,E}^{☆}\right)$ and the noise variance is ${\sigma }^2=1$.

4.1.1. NJ Scheme

According to [28], the secrecy outage probability at state $s_n$ under the NJ scheme is given by

$$P_{out,n}^{NJ}\left({\gamma }_{th}\right)=F_{{\gamma }_{E1}^{NJ}}\left({\gamma }_{th}\right)·F_{{\gamma }_{E2}^{NJ}}\left({\gamma }_{th}\right).$$

(21)

Theorem 1.

The CDF of ${\gamma }_{E1}^{NJ}$ under the NCE scenario is given by

$$F_{{\gamma }_{E1}^{NJ}}\left(x\right)=\sum _{s=0}^{M_{1,n}}\sum _{t=0}^{K-1}\left(\begin{array}{c}{M}_{1,n}\\ s\end{array}\right)\left(\begin{array}{c}K-1\\ t\end{array}\right)\frac{{\left(-1\right)}^{s+t}K{\lambda }_{SE}}{{\lambda }_{SE}\left(t+1\right)+{\lambda }_{SR}sx}{e}^{-\frac{{\lambda }_{SR}s\left(x-1\right)}{P_{S_1}}}.$$

(22)

Proof of Theorem 1.

See Appendix A. □

Theorem 2.

The CDF of ${\gamma }_{E1}^{NJ}$ under the CE scenario can be written as

$$F_{{\gamma }_{E1}^{NJ}}\left(x\right)=\sum _{s=0}^{M_{1,n}}\left(\begin{array}{c}{M}_{1,n}\\ s\end{array}\right){\left(-1\right)}^s{\left(\frac{{\lambda }_{SE}}{{\lambda }_{SE}+{\lambda }_{SR}sx}\right)}^K{e}^{-\frac{{\lambda }_{SR}s\left(x-1\right)}{P_{S_1}}}.$$

(23)

Proof of Theorem 2.

See Appendix B. □

It is worth noting that, if we replace some parameters, i.e., $M_{1,n}\to M_{2,n}$, $P_{S_1}\to P_{R_1}$, ${\lambda }_{SR}\to {\lambda }_{RD}$ and ${\lambda }_{SE}\to {\lambda }_{RE}$, we can derive the CDF of ${\gamma }_{E2}^{NJ}$ due to the symmetry of the first and second hops.

Next, we proceed with the stationary probability under the NJ scheme ${\mathbf{\pi }}^{NJ}$. Firstly, we denote ${\Omega }_n$ as the set whose states can be transferred from state $s_n$ successfully within one step. Then, according to the authors of [13,38,39], we denote ${\mathbf{A}}^{NJ}\in {\mathbb{R}}^{N\times N}$ as the state transition matrix of the Markov chain under the NJ scheme, where the entry ${\mathbf{A}}_{v,n}^{NJ}=Pr\left[T\left(t+1\right)=s_v\left|T\left(t\right)=s_n\right.\right]$ denotes the transition probability of moving from state $s_n$ to the state $s_v$, where $s_v$ is an element in set ${\Omega }_n$.

As can be seen from the relay selection policy, if the packet is not successfully transmitted to the corresponding node, the buffer state keeps unchanged. In other words, the secrecy outage event occurs. On the other hand, when the current state transforms to another state $s_v$ within one step, i.e., $s_v\in {\Omega }_n$, then the corresponding transmission is successful. From these observations, the entry of ${\mathbf{A}}^{NJ}$ is given by

$${\mathbf{A}}_{v,n}^{NJ}=\left\{\begin{array}{cc}{P}_{out,n}^{NJ}\left({\gamma }_{th}\right),& s_v=s_n\\ \frac{1-P_{out,n}^{NJ}\left({\gamma }_{th}\right)}{M_{1,n}+M_{2,n}},& s_v\in {\Omega }_n\\ 0,& else\end{array}\right..$$

(24)

Based on this, we can obtain the stationary probability vector in the following.

Theorem 3.

The stationary probability vector of the NJ scheme is given by

$${\mathbf{\pi }}^{NJ}={\left({\mathbf{A}}^{NJ}-\mathbf{I}+\mathbf{Q}\right)}^{-1}\mathbf{b},$$

(25)

where ${\mathbf{\pi }}^{NJ}={\left[{\pi }_1^{NJ},{\pi }_2^{NJ}\cdots ,{\pi }_N^{NJ}\right]}^T$, $\mathbf{b}={\left(1,1,\cdots ,1\right)}^T$, $\mathbf{I}$ is the identity matrix and $\mathbf{Q}$ is the all-ones matrix.

Proof of Theorem 3.

The proof can be found in [13]. □

Now, by substituting Equations (21) and (25) into Equation (20), the closed-form expression of the secrecy outage probability for the NCE and CE scenarios under the NJ scheme can be easily derived, respectively.

4.1.2. SCJ Scheme

The secrecy outage probability at state $s_n$ under the SCJ scheme can be represented as

$$P_{out,n}^{SCJ}\left({\gamma }_{th}\right)=F_{{\gamma }_{E1}^{SCJ}}\left({\gamma }_{th}\right)·F_{{\gamma }_{E2}^{SCJ}}\left({\gamma }_{th}\right).$$

(26)

Theorem 4.

The CDF of ${\gamma }_{E2}^{SCJ}$ under the NCE scenario is given by

$$F_{{\gamma }_{E2}^{SCJ}}\left(x\right)=K\sum _{s=0}^{M_{2,n}}\sum _{t=0}^{K-1}\left(\begin{array}{c}{M}_{2,n}\\ s\end{array}\right)\left(\begin{array}{c}K-1\\ t\end{array}\right){\left(-1\right)}^{s+t}{\beta }^t\left[\frac{{\lambda }_{JE}}{P_{J_2}}{I}_1\left(t\right)+\beta I_2\left(t\right)\right]e^{-\frac{{\lambda }_{RD}s\left(x-1\right)}{P_{R_2}}},$$

(27)

where $\beta =\frac{{\lambda }_{JE}{P}_{R_2}}{{\lambda }_{RE}{P}_{J_2}}$, $\mu \left(t\right)=\frac{{\lambda }_{RD}sx+{\lambda }_{RE}\left(t+1\right)}{P_{R_2}}$, $I_1\left(t\right)$ and $I_2\left(t\right)$ are given by

$$I_1\left(t\right)=\left\{\begin{array}{cc}-e^{\beta \mu \left(t\right)}Ei\left(-\beta \mu \left(t\right)\right),& t=0\\ \sum _{l=1}^t\frac{\left(l-1\right)!{\left(-\mu \left(t\right)\right)}^{t-l}}{t!{\beta }^l}-\frac{{\left(-\mu \left(t\right)\right)}^t{e}^{\beta \mu \left(t\right)}Ei\left(-\beta \mu \left(t\right)\right)}{t!}& t>0\end{array}\right.,$$

(28)

$$I_2\left(t\right)=\sum _{l=1}^{t+1}\frac{\left(l-1\right)!{\left(-\mu \left(t\right)\right)}^{t-l+1}}{\left(t+1\right)!{\beta }^l}-\frac{{\left(-\mu \left(t\right)\right)}^{t+1}}{\left(t+1\right)!}{e}^{\beta \mu \left(t\right)}Ei\left(-\beta \mu \left(t\right)\right).$$

(29)

Proof of Theorem 4.

See Appendix C. □

Theorem 5.

The CDF of ${\gamma }_{E2}^{SCJ}$ under the CE scenario can be presented as

$$F_{{\gamma }_{E2}^{SCJ}}\left(x\right)=\sum _{s=0}^{M_{2,n}}\left(\begin{array}{c}{M}_{2,n}\\ s\end{array}\right){\left(-1\right)}^s{e}^{-\frac{{\lambda }_{RD}s\left(x-1\right)}{P_{R_2}}}\Phi ,$$

(30)

where Φ is given by

$$\Phi =1+\frac{{\lambda }_{JE}^K}{\left(K-1\right)!}{e}^{\omega {\lambda }_{JE}}\sum _{t=1}^K\sum _{l=0}^{K-1}\left(\begin{array}{c}K\\ t\end{array}\right)\left(\begin{array}{c}K-1\\ l\end{array}\right){\left(-\theta \right)}^t{\left(-\omega \right)}^{K-1-l}{\Phi }_1,$$

(31)

with $\theta =\frac{{\lambda }_{RD}sx}{P_{J_2}{\lambda }_{RE}}$, $\omega =\theta +\frac{1}{P_{J_2}}$ and ${\Phi }_1$ can be expressed as

$${\Phi }_1=\left\{\begin{array}{cc}\frac{\Gamma \left(\begin{array}{cc}l-t+1,& \omega {\lambda }_{JE}\end{array}\right)}{{\lambda }_{JE}^{l-t+1}},& l-t\ge 0\\ -Ei\left(-\omega {\lambda }_{JE}\right),& l-t=-1\\ e^{-\omega {\lambda }_{JE}}{\displaystyle \sum _{v=1}^{t-l-1}}\frac{\left(v-1\right)!{\left(-{\lambda }_{JE}\right)}^{t-l-1-v}}{\left(t-l-1\right)!{\omega }^v}-\frac{{\left(-{\lambda }_{JE}\right)}^{t-l-1}}{\left(t-l-1\right)!}Ei\left(-\omega {\lambda }_{JE}\right),& l-t\le -2\end{array}\right.,$$

(32)

where $\Gamma \left(·,·\right)$ is the upper incomplete Gamma function [40] (eq. (8.350.2)), and $Ei\left(·\right)$ is the exponential integral function [40] (eq. (8.211.1)).

Proof of Theorem 5.

See Appendix D. □

Recalling the first hop of the SCJ scheme is the same as the NJ scheme, we can derive $F_{{\gamma }_{E1}^{SCJ}}$ by making a substitution of some parameters. Furthermore, the stationary probability vector of the SCJ scheme ${\mathbf{\pi }}^{SCJ}={\left({\mathbf{A}}^{SCJ}-\mathbf{I}+\mathbf{B}\right)}^{-1}\mathbf{b}$ can also be obtained following the similar analysis as in Theorem 3. Hence, the secrecy outage probability for the NCE and CE scenarios under the SCJ scheme in closed-form can be derived by substituting Equation (26) and ${\mathbf{\pi }}^{SCJ}$ into Equation (20).

4.1.3. SCJ-OPA Scheme

Since the difference between the SCJ and the SCJ-OPA scheme is that the latter operates the optimal power allocation at the source sensor, making a substitution of the parameters $P_{S_2}\to P_{S_3}$, $P_{R_2}\to P_{R_3}$ and $P_{J_2}\to P_{J_3}$, we can obtain the secrecy outage probability for the NCE and CE scenarios under the SCJ-OPA scheme easily.

However, recalling the closed-form expression and the optimization problem mentioned above, we find that an explicit expression for $\alpha$ is intractable. Instead, considering that the value space of $\alpha$ is limited, thus the optimal result can be obtained by numerical calculations, i.e., the grid-search solution or the straightforward search solution, and the computer complexity is also acceptable.

4.2. Average Secrecy Throughput and End to End Delay

The average secrecy throughput can measure the average rate of the transmitted information which is kept confidential to the eavesdropper. Resorting to the work in [24,41], the average secrecy throughput can be expressed as

$${\overline{T}}^{☆}=\frac{R_s}{2}\left(1-P_{out}^{☆}\left({\gamma }_{th}\right)\right),$$

(33)

where the factor $1/2$ is because every packet reaches the controller takes two time slots.

Recalling the definition of the secrecy outage probability, the value of $P_{out}^{☆}$ is increased with the increase of $R_s$. Thus, from Equation (33), we observe that the function of the average secrecy throughput with respect to $R_s$ is a unimodal function. When $R_s$ is small or large, only the lower average secrecy throughput can be obtained. That is to say, there exists an optimal secrecy rate which can maximum the average secrecy throughput of the considered system. The optimization problem can be given by

$$\underset{R_s}{max{\overline{T}}^{☆}}.$$

(34)

Following a similar approach, we find the optimal $R_s$ by utilizing the grid-search or the straightforward search techniques.

In the buffer-aided relay IoT network, the end-to-end delay is the time slots it takes for a data packet to arrive at the controller from the source sensor, which is given by

$${\overline{D}}_{total}^{☆}=1+{\overline{D}}_R^{☆},$$

(35)

where the term “1” represents the delay at the source sensor. This is because each packet takes only one time slot when it is sent from the source sensor to the relay sensor. ${\overline{D}}_R^{☆}$ denotes the average delay at the intermediate relay sensors. On the other hand, considering the probability of selecting a relay sensor $R_m$ among all M relays is the same, we can obtain ${\overline{D}}_{R_m}^{☆}={\overline{D}}_R^{☆}$ and ${\overline{T}}_m^{☆}={\overline{T}}^{☆}/M$, where ${\overline{D}}_{R_m}^{☆}$ denotes the delay at relay $R_m$, and ${\overline{T}}_m^{☆}$ represents the average secrecy throughput at relay $R_m$.

Then, we denote ${\phi }_n\left(m\right)$ as the queuing length in the buffer of relay $R_m$ at state $s_n$. Therefore, considering all of the possible states, the average queuing length at $R_m$ can be written as

$${\overline{Q}}_m^{☆}=\sum _{n=1}^N{\pi }_n^{☆}{\phi }_n\left(m\right).$$

(36)

With the help of the Little’s law [42], the average delay at relay $R_m$ is given by

$${\overline{D}}_{R_m}^{☆}=\frac{{\overline{Q}}_m^{☆}}{{\overline{T}}_m^{☆}}.$$

(37)

Finally, based on the analysis above, the average end-to-end delay can be expressed as

$${\overline{D}}_{total}^{☆}=1+\frac{2M{\displaystyle \sum _{n=1}^N}{\pi }_n^{☆}{\phi }_n\left(m\right)}{R_s\left(1-P_{out}^{☆}\left({\gamma }_{th}\right)\right)}.$$

(38)

5. Simulation Analysis

In this section, Monte-Carlo simulation results are presented to validate the theoretical analysis derived in the previous sections for the three transmission schemes. Without loss of generality, the normalized distance is set as follows: $d_{SR}=d_{RD}=1$, $d_{SE}=d_{RE}=2$. The path loss factor $\kappa$ is set to be 3. From the figures, the theoretical curves are in exact agreement with the simulation results, which verifies the accuracy of our theoretical analysis.

Figure 2 illustrates the secrecy outage probability versus the total transmit power budget $P_{Total}$ for the three proposed transmission schemes. As shown in Figure 2, the secrecy outage probability decreases with the increase of $P_{Total}$ until a secrecy outage performance floor occurs at high transmit power. This is intuitive since both capacities of the main and wiretap channels improve with the increase of the transmit power. Furthermore, we observe that, in both the NCE and CE scenarios, the NJ scheme outperforms the SCJ scheme at the low total transmit power, while the opposite holds in the high total transmit power. For the SCJ-OPA scheme, almost the same performance as the NJ scheme can be obtained at the low transmit power, and, when $P_{Total}$ is large, a similar performance as the SCJ scheme can also be achieved, which indicates that the SCJ-OPA scheme covers the shortages of the NJ and SCJ schemes exactly. In addition, it is worth noting that the secrecy performance of the CE scenario is worse than that of the NCE scenario under the same conditions, which is because that the MRC scheme utilized by the CE mode can enhance the ability of eavesdropping.

Figure 2. Secrecy outage probability vs. the total transmit power budget $P_{Total}$ for the three proposed transmission schemes when $R_s=$ 0.6 (bit/s/Hz), $M=$ 3, $L=$ 2, $K=2$.

Figure 3 plots the average secrecy throughput of the three proposed transmission schemes versus the total transmit power budget $P_{Total}$. It is observed that the average secrecy throughput increases until it converges to a fixed value with the increase of the total transmit power. In addition, we further observe that the NJ and SCJ-OPA schemes outperforms the SCJ scheme in terms of the average secrecy throughput when $P_{Total}$ is not large. At the high $P_{Total}$, the SCJ and SCJ-OPA schemes achieve better performance than the NJ scheme. In other words, utilizing the SCJ-OPA scheme can improve the secrecy performance of the considered system, especially when the total power is small or large.

Figure 3. Average Secrecy throughput vs. the total transmit power budget $P_{Total}$ for the three proposed transmission schemes when $R_s=$ 1 (bit/s/Hz), $M=L=$ 2, $K=2$.

Figure 4 investigates the impact of the secrecy rate $R_s$ on the average secrecy throughput for the NCE and CE scenarios, respectively. From these figures, we find that, for both NCE and CE scenarios, the average secrecy throughput first increases with the increase of $R_s$ and then decreases when $R_s$ increases beyond a certain value, which demonstrates the accuracy of the analysis in Section 4.2. Besides, it can be observed that when the total transmit power is small, i.e., $P_{Total}=$ 10 dB, the SCJ-OPA scheme obtains a similar average secrecy throughput as the NJ scheme, which are both better than the SCJ scheme. On the other hand, when the total transmit power is large, i.e., $P_{Total}=$ 20 dB, the SCJ-OPA and SCJ schemes are superior to the NJ scheme, which is consistent with the previous analysis and simulation.

Figure 4. Average Secrecy throughput vs. the secrecy rate $R_s$ for the three proposed transmission schemes under the NCE (a) and CE (b) scenarios when $M=$ 2, $L=$ 3, $K=2$, $P_{Total}=$ 10, 20 dB.

Figure 5 presents the end-to-end delay for the three proposed transmission schemes versus the total transmit power budget $P_{Total}$. As shown in Figure 5, the end-to-end delay is significantly decreased as the $P_{Total}$ increases in both the NCE and CE scenarios. Similarly, when the $P_{Total}$ increases beyond a certain value, the end-to-end delay remains unchanged. That is to say, a performance floor occurs. This is because the secrecy outage probability tends to a fixed value at this moment. Furthermore, we can also observe that the SCJ-OPA scheme achieves better performance in terms of the end-to-end delay than the other two schemes across the entire transmit power range of interest, which indicates the advantage of the SCJ-OPA scheme.

Figure 5. End to end delay vs. the total transmit power budget $P_{Total}$ for the three proposed transmission schemes when $R_s=$ 0.6 (bit/s/Hz), $M=L=$ 2, $K=$ 3.

Figure 6 plots the secrecy outage probability versus the buffer size L for the three proposed transmission schemes under the NCE and CE scenarios, respectively. As can be readily observed, as the buffer size increases, the achieved performance approaches the performance floor. Specifically, for both NCE and CE scenarios, the NJ and SCJ-OPA schemes outperform the SCJ scheme when $P_{Total}$ is small. On the contrary, the SCJ and SCJ-OPA schemes are superior to the NJ scheme at the condition of the high transmit power, which matches the simulation above.

Figure 6. Secrecy outage probability vs. the buffer size L for the three proposed transmission schemes under the NCE (a) and CE (b) scenarios when $R_s=$ 0.5 (bit/s/Hz), $M=$ 2, $K=$ 3, $P_{Total}=$ 5, 15 dB.

Figure 7 shows the impact of the power allocation factor $\alpha$ on the secrecy outage probability for the SCJ-OPA scheme. The curves shown in Figure 7 are calculated by using the grid-search or the straightforward search methods. It is clearly seen that the optimal power allocation factor is decreased with the increase of $P_{Total}$. That is to say, more power is allocated to transmit the useful information at the source sensor when $P_{Total}$ is not large. This is because, when $\alpha$ is too small, only few packets can be sent from the source sensor to relay sensors in the first hop. Thereby, not enough data packets can be forwarded to the controller. Even if the jamming power is large in the second hop, it cannot improve the secrecy performance of the whole network. On the other hand, with the increase of $P_{Total}$, the dominant factor that affects the secrecy performance of the considered system changes from the information transmit power to the jamming transmit power at the source sensor, which is the exact reason the optimal power allocation factor becomes smaller gradually.

Figure 7. Secrecy outage probability vs. the power allocation factor $\alpha$ for the SCJ-OPA scheme under the NCE and CE scenarios when $R_s=$ 0.5 (bit/s/Hz), $M=L=$ 2, $K=$ 2, and $P_{Total}=$ 12, 20, 30 dB.

6. Conclusions

In this paper, we propose three secure transmission schemes for buffer-aided relay networks in IoT. To take full advantage of buffer-aided relay, the max-link relay selection policy is adopted to enhance the secrecy performance by selecting the main link with the best rate. Furthermore, for each schemes, we also derive the exact expressions of the secrecy outage probability, the average secrecy throughput and the end-to-end delay in closed-form by utilizing the Markov chain theory under both the NCE and CE scenarios, respectively, which provides an effective way to evaluate the secrecy performance of each proposed scheme. Our numerical results indicate that, when the total power $P_{Total}$ is small, the performance achieved by the SCJ-OPA scheme is similar to that of the NJ scheme. On the other hand, the SCJ-OPA scheme can also achieve almost identical performance as the SCJ scheme when $P_{Total}$ is high. In other words, the SCJ-OPA scheme achieves better performance across the whole transmit power range of interest than the other two schemes, which is because the factor $\alpha$ can be dynamically allocated under different total transmit power. These results could be useful in the design of buffer-aided relay IoT networks under multiple eavesdroppers scenarios.