🤖 AI Summary
To address pilot contamination attacks (PCAs) in massive MIMO systems—where malicious users reuse legitimate pilot sequences—this paper proposes a lightweight, decision-tree-based detection method. The approach requires no prior knowledge of noise power or attack strength; instead, it constructs a training dataset solely from uplink channel estimation features and automatically learns an optimal classification threshold for efficient PCA identification. Its key innovation lies in employing a single-layer decision tree, achieving both model lightweightness and high robustness. Notably, it significantly outperforms the classical generalized likelihood ratio test (GLRT) under low signal-to-noise ratio (SNR) and low attack power conditions, yielding a substantial improvement in detection probability. Experimental results confirm its superior performance in challenging scenarios characterized by strong noise and weak attacks. This work establishes a deployable, parameter-free security detection paradigm for base stations.
📝 Abstract
Massive multiple-input multiple-output (MMIMO) is essential to modern wireless communication systems, like 5G and 6G, but it is vulnerable to active eavesdropping attacks. One type of such attack is the pilot contamination attack (PCA), where a malicious user copies pilot signals from an authentic user during uplink, intentionally interfering with the base station's (BS) channel estimation accuracy. In this work, we propose to use a Decision Tree (DT) algorithm for PCA detection at the BS in a multi-user system. We present a methodology to generate training data for the DT classifier and select the best DT according to their depth. Then, we simulate different scenarios that could be encountered in practice and compare the DT to a classical technique based on likelihood ratio testing (LRT) submitted to the same scenarios. The results revealed that a DT with only one level of depth is sufficient to outperform the LRT. The DT shows a good performance regarding the probability of detection in noisy scenarios and when the malicious user transmits with low power, in which case the LRT fails to detect the PCA. We also show that the reason for the good performance of the DT is its ability to compute a threshold that separates PCA data from non-PCA data better than the LRT's threshold. Moreover, the DT does not necessitate prior knowledge of noise power or assumptions regarding the signal power of malicious users, prerequisites typically essential for LRT and other hypothesis testing methodologies.