Xiaofeng Zhong，Chenchen Fan，Shidong Zhou

1 Tsinghua University Beijing National Research Center for Information Science and Technology

2 Department of Electronic Engineering，Tsinghua University，Beijing 100084，China

*The corresponding author，email: zhongxf@tsinghua.edu.cn

Abstract: Compared with wired communication，the wireless communication link is more vulnerable to be attacked or eavesdropped because of its broadcast nature.To prevent eavesdropping，many researches on transmission techniques or cryptographic methods are carried out.This paper proposes a new index parameter named as eavesdropping area，to evaluate the anti-eavesdropping performance of wireless system.Given the locations of legitimate transmitter and receiver，eavesdropping area index describes the total area of eavesdropping regions where messages can be wiretapped in the whole evaluating region.This paper gives detailed explanations about its concept and deduces mathematical formulas about performance curves based on region classification.Corresponding key system parameters are analyzed，including the characteristics of eavesdropping region，transmitted beam pattern，beam direction，receiver sensitivity，eavesdropping sensitivity，path loss exponent and so on.The proposed index can give an insight on the confirmation of high-risk eavesdropping region and formulating optimal transmitting scheme for the confidential communications to decrease the eavesdropping probability.

Keywords: eavesdropping area; wireless communication; anti-eavesdropping performance; transmitting scheme

I.INTRODUCTION

Security is one of the most important requirements of wireless communication system.Compared with wired communication system，the wireless one is more vulnerable to be attacked or eavesdropped.Firstly，its physical transmission media has the characteristic of openness and this broadcast nature makes it easily be attacked.Secondly，the mobility of wireless devices increases the difficulty of security management.Thirdly，the topologies of wireless communication networks are diverse，which affects the deployment of security scheme.Finally，the instability of wireless transmission should also be taken into account.In wireless communications，there are active attack and passive attack [1].Active attack aims at disturbing normal communications between legitimate devices.Passive attack intends to eavesdrop or tamper with the contents conveyed between transmitter and receiver secretively.In this paper，we mainly focus on the wireless wiretap belonging to passive attack.

Wireless wiretap studies can be classified into two categories.The first one is about the cryptographic methods.This type of techniques makes the illegal receiver unable to obtain the effective information，even if it can intercept the signal.Cryptographic methods are usually performed at layer 2 or above [2].The security and robustness of underlying algorithm AES(Advanced Encryption Standard) have been widely proven [3].The most common solution is to use a Pre-Shared Key(PSK)，which is installed in the legitimate devices beforehand.[4]，[5] and other related works use Elliptic Curve 79 Cryptography (ECC) to address the key management.Although ECC allows a more fine grained authentication of the devices and a more reasonable method to generate dynamic keys，there still exist some problems.As for the actual deployment of ECC systems，the consumption of energy and memory is relatively high.The certification authority infrastructure is also needed to be maintained.Besides，RSA is another common algorithm[6].Some encryption methods in physical layer are proposed，such as security coding techniques and so on.Above methods need to deal with the signal data and usually are based on complex mathematical computations.

Besides，there are also some physical techniques to improve security.The pioneering study about secrecy capacity is proposed by Shannon[7]，which introduces the concept of information theoretic secrecy.The secrecy capacity of wiretap channel is the foundation for physical layer security and acts as the guideline.Figure 1 gives a simplified schematic diagram.Traditionally，Alice is defined as the legitimate transmitter，Bob is the legitimate receiver and Eve is a hidden eavesdropper.The secrecy capacity is the maximum achievable secrecy rate，which is the difference between the channel capacity of legitimate link and wiretap link.It can be computed by

Figure 1. Schematic diagram of wiretap channel.

where [·]+= max(0，·)，gBandgEdenote channel gains of the legitimate link and wiretap link respectively.Prepresents the signal power andσ2zis the variance of Gaussian noise.Wyner hypothesizes a specific case，defined as wiretap channel [8].Under this circumstance，the channel between Alice and Eve is worse than that legitimate channel and then the effective information received by Eve is less than that of Bob，which makes perfect secrecy possible.[9] extends the wiretap channel to Gaussian wiretap channel.Afterwards，multi-user wiretap channel [10-12]，multi-antenna wiretap channel [13]，relay eavesdropper channel[14]，and cooperative eavesdropper channel [15] are proposed.Corresponding feasibilities of secrecy communication are also proven.There are two approaches that can be used to improve the secrecy capacity according to this computing formula.The first one is to increase the signal-to-noise ratio(SNR)of legitimate receiver and the another one is to decrease that of eavesdropper.[16]uses artificial noise to obstruct the wiretap link without affecting the normal communication.In a closed-loop scheme，noise is used as the carrier of the effective information.[17]and [18] take advantage of channel reciprocity to decrease the eavesdropping probability.Some other researchers study on cooperative methods.For example，the cooperation of surrounding friendly nodes can enhance security by soiling the eavesdropping channel.[19] proves that jamming the channel actively by legitimate user is an effective way and the jamming intensity is a key issue.Directional antenna techniques are also used to establish communication link and then avoid the interception of eavesdropper.

In this paper，we propose a new index parameter，named as eavesdropping area，to evaluate the antieavesdropping performance of wireless communication system.It can be used to guide transmitting optimization to decrease the eavesdropping probability.Given the locations of legitimate transmitter and receiver，evaluating region and system parameters，this metric can be computed and analyzed.It means the total area of regions where the eavesdropper is able to wiretap the signal in the whole evaluating region.When extended to 3D space，corresponding eavesdropping volume can be naturally derived.This metric can give us an insight on the formulation of communication scheme，based on the performance curves and analyses of key system parameters.The rest of this paper is organized as follows.Section II gives detailed definition of eavesdropping area index.Section III provides the mathematical derivations of performance curves based on region classification.Section IV studies on key system parameters and provides optimized transmitting schemes to improve anti-eavesdropping performance.Section V is conclusion.

II.EAVESDROPPING AREA

2.1 Background

As shown in Figure 2，legitimate transmitter and receiver intend to establish communication link and convey some confidential messages.Usually，we can determine one potential region where eavesdropper is possible to be.We focus on this predetermined area in subsequent research and name it as evaluating region.If the received signal of Eve satisfies certain conditions，such as the required receiver sensitivity，this position is considered as a eavesdropping point.Intuitively，the amount of eavesdropping points can be used to represent the security degree.That’s the physical meaning of eavesdropping area index.The eavesdropping requirements can be set flexibly according to diverse communication systems and then this metric is capable of providing performance evaluation for most systems.

Figure 2. Schematic diagram of target area.

2.2 Definition

The exact definition is the set of locations where eavesdropper can acquire the conveyed content in the whole eavesdropping region when legitimate communication task is performed.In one-dimensional space，it represents distance.In two-dimensional space，this metric equals the area，which is named as eavesdropping area.When extended to 3D space，it can also be naturally extended to eavesdropping volume.We denote the locations of Alice，Bob and Eve asLA，LBandLErespectively.θis the transmitted angle of Alice.The signal to interference plus noise ratio(SINR)of Bob should satisfy constraint，

wherePAis the transmitted power of Alice，GA(LA，LB，θ) is the gain of transmitted beam with directional antennas，f(LA，LB) is the channel gain，GBis the gain of receiver antenna.N0is background thermal noise andNBincludes the interference from other communication devices and man-made noise.We denote the required SINR threshold asSB.Legitimate communication should always be achieved successfully，so the transmitted powerPAneeds to be adapted dynamically.For eavesdropper Eve，the wiretap condition can be set according to practical scenario.For simplicity，we consider SINR as the only required condition and this has no effect on the definition of this metric.We denote the SINR threshold for Eve asSEand only when SINR is higher than this threshold，current position of Eve is seen as a eavesdropping point.Similarly，the SINR of Eve can be written as

For all the eavesdropping points，they should satisfy the following inequality:

This inequality gives the restriction about Eve’s location.We denote the right-hand side of it asfth.Therefore，the eavesdropping distanceEd，eavesdropping areaEaand eavesdropping volumeEvcan be obtained.They are the set of all the eavesdropping points in different dimensions and can be written as

Above three metrics represent the 1D case，2D case and 3D case respectively.In subsequent sections，we mainly focus on the 2D space and corresponding eavesdropping area.Moreover，if the small-scale fading channel is considered，the eavesdropping situation at each location is represented by a probability and then corresponding metrics can be written as the sum of weighted probabilities in the whole eavesdropping region.

According to above definition formulas，some important system parameters should be designed to minimize the eavesdropping area.From (4)，the beam mode of antenna and transmitted angle give directly impact on eavesdropping area，i.e.，GA，GB，GEandθ.The narrower beam brings about less leaky signal from side lobes，which can decrease its value.Secondly，the environmental conditions and locations of all the devices influence on the channel performance of legitimate communication link and the wiretap link，written asf(LA，LB)andf(LA，LE)in above formulas.Next，the background interferences from legal receiver and the eavesdropper expressed asNBandNE，also have effects on the security metric.Performance curve formulas are deduced and the relationships between anti-eavesdropping performance and these parameters are explored further.

III.PERFORMANCE CURVE FORMULAS

3.1 Scenario

Transmitter beam mode acts as an important physical factor and the default mode is shown in Figure 3.In this mode，the beam gain of main lobe is like a quadratic function and the largest value is obtained at its vertex，which is the direct transmitted direction.Out of the main lobe，the gain is set as a smaller and fixed value.To simplify the analysis，the background thermal noise and interferences from surrounding receivers are fixed，so the receive condition and eavesdropping condition are converted to the received signal strength(RSS)instead of SINR.Here，we useTBandTEto represent the RSS thresholds.When Alice transmits directly to Bob，we make the RSS of Bob equalTB.Based on that，the default quadratic functionPA ·GAatφdirection of main lobe can be written asym=2+TB+10αlog10dAB，wheredABis the distance between Alice and Bob，αis the path loss exponent，γis the angle interval of main lobe，θis the transmitted angle，δis the difference between the largest gain of main lobe and the gain of side lobe.In side lobe，PA · GAis set asys=-δ+TB+10αlog10dAB.One thing to note is that Bob should always be able to acquire the confidential message.In that case，PA ·GAneeds to be dynamically adjusted with differentθ.Figure 4 shows the gain adjusted value forPA·GAto make Bob meet the requirement ofTB.

Figure 3. Default beam mode.

Figure 4. Gain adjustment with different transmitted angle.

Figure 5. Region classification with default parameter setting.

(8) is the most common signal propagation model.dis the distance between transmitter and receiver，andβ0is the value of RSS at reference pointd= 1m.ξis a Gaussian random variable representing the shadowing effect，andξis modeled asN(0，σ2).When obstacles exist in target area，multi-class signal propagation model is adopted，which includes the line-of-sight(LOS)link and non-line-of-sight(NLOS)link.

For the evaluating region，annular sector is used to model it.The eavesdropping region can be confirmed by 4 parameters，i.e.，short radiusr1，long radiusr2，center anglesλ1andλ2.When evaluating region has different shape from annular sector，it can be divided into smaller regions and modeled separatively.The final performance curve is the linear weighted combination of curves in subregions.Note that in this paper，the polar coordinate system is defined as follows.Alice is set as the origin and the radial from Alice to Bob is set as the 0?benchmark.In the counterclockwise direction，the value of angle increases，while in the clockwise direction，this value decreases.The default parameter setting isγ=60?，TB=TE=-100 dBm，dAB= 81 m，δ= 30 dBm andα= 2.The transmitted angle of Alice is varied from -180?to 180?.The optimal transmitted angle can be confirmed to have the lowest eavesdropping area.

3.2 Region Classification and Performance Formula

The characteristics of eavesdropping region have direct effects on the performance curve，especially its location.Consider a circular region centered at Alice with the radius of 250m.With default parameter setting，the whole evaluating area is classified into different sub-regions with different colors.In each subregion，the performance curve has the same computation formula.When a new eavesdropping region is given，its 4 parameters are confirmed and performance curve can be provided based on its category label.For the general case，the target area is chosen as a circular region centered at Alice and with the radius of.Out of this region，eavesdropper could not satisfy the thresholdTE.To begin with，a specific location on the radial from Alice to Bob should be confirmed first，which the distance between it and Alice is.When transmitting directly to Bob，the RSS of Bob isTBand that of this location isTE.Therefore，a circle centered at Alice with the radius ofdRcan be obtained.IfdR ＜dM，the whole area can be classified into inner circular sectors，outer annular sectors and 0?line segments.Otherwise，there are only circular sectors and 0?line segments.The performance curves in subregions above 0?axis and those in subregions below 0?axis are symmetric with respect toθ=0?vertical line.With current coordinate system，corresponding category boundaries of these two parts are opposite numbers.In that case，following analyses mainly aim at the upper subregions and their mathematical expressions of eavesdropping areaEaare provided.Table 1 shows the region classification and corresponding description.The schematic diagrams given in Figure 6 are not accurate and only provide intuitive variation tendency and key turning points.Based onEa，the eavesdropping area ratio can be written as，which the denominator is the total area of eavesdropping region.Eavesdropping area ratio can eliminate the influences from region size in system analysis.

Table 1. Region classification and description.

Figure 6. Schematic diagrams of performance curves.

Figure 7. Eavesdropping regions with different locations.

Figure 8. Comparison results at different distances from transmitter.

The regions withindRand above 0?axis are classified into 3 parts:

·On the 0?line segment，rdrdλ，so the eavesdropping area ratio is always 1.

·In(0?，γ]，Eais written as

The computation formulas of variables are provided as follows:

·In(γ，180?]，Eais written as Besides mathematical formulas，it can be inferred from analysis that only whenθis in，the eavesdropping area ratio is lower than 1.The regions outsidedRand above 0?axis are also classified into 3 subregions:

·On two 0?line segments，Ea= 0，so the eavesdropping area ratio is always 0.

·In(γ，180?]，Eais expressed as

As shown below，there are corresponding computation formulas.

·In (0?，γ]，the expression ofEacan be obtained based on previous formulas.whenθis in[-180?，θ1]∪[θ′8，180?]，Eaequals 0.whenθis i n[θ4，θ5′]，Eaequals 1.For the range of(θ1，θ4)，corresponding formulas are the same as (9) and for the range of (θ5′，θ8′)，corresponding formulas are the same as(16).

Based on analysis，only whenθis greater than or equals to 0 degree，the eavesdropping area ratio is possible to be larger than 0.

IV.KEY SYSTEM PARAMETERS ANALYSIS

Eavesdropping region，beam mode of transmitter，angle range of main lobeγ，transmitted angleθ，receive sensitivityTB，eavesdropping sensitivityTE，path loss exponentαare the key system parameters.We will show the specific influences of these parameters on system performance by simulation.

4.1 Eavesdropping Region

In this part，the influences from locations of eavesdropping regions are discussed.One comparative experiment uses the red area，cyan area and green area in Figure 7.These three areas have different radius intervals，i.e.，[90m，120m]，[150m，180m]and [210m，240m].Their center angle range is[-41?，-16?]，so they belong to the same class.Figure 8a shows the average RSS of these eavesdropping regions and their differences are resulted from different distances from transmitter.Figure 8b depicts their performance curves based on above mentioned formulas.Another comparative experiment is based on the red area and the blue area in Figure 7.For the latter one，its center angle range is[-16?，9?]，so it can be divided into different classes.The simulated result in Figure 9 proves that the final performance curve is the linear weighted combination of curves in different categories and the weights are corresponding area ratio.Given an arbitrary eavesdropping region，its performance curve formula is capable of being obtained.This gives us an insight on the confirmation of high-risk regions where eavesdropper is more possible to wiretap.Then，corresponding security measures can be taken and much safer communication can be achieved.In subsequent parts，the red area is chosen as the default eavesdropping region and default parameter setting is used.All the mentioned key system parameters will be analyzed and then corresponding anti-eavesdropping transmitting scheme can be formulated.

4.2 Angle Range of Main Lobe

Based on the default eavesdropping region，cases with different angle range of main lobe are compared.For the default beam mode shown in Figure 3，γvaries from 60 degrees to 40 degrees and 30 degrees.Because this default region is below 0-degree axis，its performance curve is symmetric with that of class above 0-degree axis.According to computation formulas，whenγdecreases，the values of leftmost and rightmost turning points increase.The average eavesdropping area ratio diminishes correspondingly.The comparison results are shown in Figure 10.As this angle range decreases，less information is leaked and better anti-eavesdropping performance can be obtained.This proves the fact that narrower beam and more proper transmitted angle can improve information security.

Figure 9. Comparison results with different locations of eavesdropping regions.

4.3 Beam Mode

There are many types of beam patterns and they affect the system performance.In this part，the default beam mode and the classic beam mode in Figure 11 are compared.The classic mode has two side lobes with lower gain.The angle range of main lobe is 60 degrees and two side lobes are set as 20 degrees.These side lobes increase the probability of information leakage.From Figure 12，we can see that the influence on performance curve is very huge.The transmitted angle range with eavesdropping area ratio higher than 0 and the average eavesdropping area ratio are both enlarged.This leads to low anti-eavesdropping performance，which makes the formulation of confidential communication scheme more complex.

Figure 10. Comparison results with different angle range of main lobe.

Figure 11. Classsic beam mode.

Figure 12. Comparison results with different beam mode.

Figure 13. Comparison results with different sensitivity.

4.4 Receive Sensitivity and Eavesdropping Sensitivity

In above experiments，bothTBandTEare set as-100 dBm and the difference between themTB -TEis a quite important influencing factor.TEis changed to discuss its influence on performance curve.With differentTE，experimental results are shown in Figure 13a.From this figure，we can see that this factor directly affects the variation tendency of eavesdropping area ratio.AsTEdecreases to a relatively low value，the curve shape has an obvious change.This can be easily explained that whenTEvaries from -90 dBm to -120 dBm，correspondingdRincreases and inner circle gets larger.In that case，the eavesdropping region belongs to outer annular sector first and then is classified into inner circular sector.According to Figure 6，the change of performance curve is the same as our result.The decrease ofTEmeans the eavesdropping ability is improved and corresponding average eavesdropping area ratio is increased.Then，TBis changed and corresponding results are shown in Figure 13b.AsTBincreases，the variation tendency of performance curve and corresponding explanation are identical with above mentioned.In that case，if the receive capability of Bob can be enhanced，the antieavesdropping performance will be also improved.

4.5 Path Loss Exponent

Path loss exponent is a reflection of the wireless channel environment.As depicted in Figure 14，it is changed from 2 to 4，which is a empirical value range.Asαincreases，the degree of signal attenuation is enhanced and then all the received signal values decrease.From performance curve formulas，the angle range with eavesdropping area ratio larger than 0 is shrank asαincreases.Therefore，adding some noises or interferences to wiretap link can reduce its channel quality and then the anti-eavesdropping performance is able to be enhanced.

Figure 14. Comparison results with different path loss exponent.

Figure 15. Radio map with 20-degrees transmitted angle.

4.6 Obstacles Layout

In practical scenario，the existences of obstacles such as buildings，trees and so on，make a big difference on the received signal values.That’s because the signal propagation is possible to be blocked and then the signal attenuation increases.Corresponding performance curve can be acquired based on signal values of eavesdropping region.Compared with signal measuring，radio map construction can help compare the system performance with different transmitting scheme.We adopt the K-segmented channel model[20]to describe the signal propagation，written as

For an arbitrary transmitter and receiver location pair x，it should be classified into one ofKclasses and each class owns a specific model.Dkis thekth partition，in which the location pairs belong to classk.I{·}is the indicator function to confirm the class label.αkis the path loss exponent of thekth model andξk ～N(0，σ2k).We setKas 2，which represents LOS channel and NLOS channel separately.As shown in Figure 15，all the obstacles are represented by dark rectangles and randomly generated，which can block the signal propagation and result in signal fading.This figure depicts the radio map of the specific region when transmitted angle is 20 degrees.To obtain an accurate radio map，environmental reconstruction is essential and many researchers propose feasible and effective methods.[21]presents a 3D obstacle map and BS-user channel reconstruction method based on limited RSS measurements，which is used in this paper.Figure 16a shows the simulated obstacle map of the target area，which the locations and heights of obstacles are generated randomly.Although they are 3D models，our eavesdropping area only aims at the 2D ground level.The path loss exponentsα1andα2are set as 2.27 and 3.64 separately.Forσ21，it equals 1 andσ22is set as 3.The simulated results depicted in Figure 16b show very similar curves as those in Figure 13a.The obstacles just make these curves less smooth and appear some platforms because of signal blockage.

4.7 Transmitting Optimization Example

Consider a practical scenario with the obstacles layout shown in Figure 16a，TEis chosen as -120 dBm and other parameters are set as the default values.When transmitted angle varies from-180?to 180?，the curve of eavesdropping area ratio is the blue one in Figure 16b.Low eavesdropping area ratio means high antieavesdropping performance and more secure communication.To make this measure index as low as possible，specific communication scheme should be formulated.When transmitted angle is in [3?，22?]，the eavesdropping area ratio decreases to 0.From this result，it can be inferred that direct transmission from transmitter to receiver is not always the most secure option.Besides，improving receive capability of legal receiver and lowering the channel performance of wiretap link can improve anti-eavesdropping performance.By estimating the performance curves of different eavesdropping regions，the regions with relatively high eavesdropping area ratio should be paid more attention for necessary security checking.

V.CONCLUSION

This paper proposes a new metric，named as eavesdropping area.It represents the total area of regions which eavesdropper can wiretap the signal of wireless communicating.The mathematical formulas about performance curves are deduced based on region classification.Key system parameters，including eavesdropping region，beam mode，transmitted angle，receive sensitivity，eavesdropping sensitivity and environmental conditions，are explored further by comparative simulations.Besides the confirmation of highrisk eavesdropping region，this intuitive measure index can guide the formulation of specific communication scheme to make the whole system more secure.

ACKNOWLEDGEMENT

Thank all reviewers and editors for their efforts to this paper.