# On robustness of physical layer network coding to pollution attack

- Mojtaba Razfar
^{1}Email author, - Joel Castro
^{1}and - Ali Abedi
^{1}

**2017**:6

https://doi.org/10.1186/s13638-016-0788-9

© The Author(s) 2017

**Received: **6 December 2015

**Accepted: **7 December 2016

**Published: **3 January 2017

## Abstract

Link layer network coding (LLNC) promises to provide high throughput in relay networks through combining packets at the relays and trading communication for computation. The emerging area of physical layer network coding (PLNC) exploits the electromagnetic nature of signals and eliminates the need for addition at the packet level, while making signal design and coding schemes adaptable to the channel conditions. Although network coding has been extensively studied recently, physical layer network coding has not received the attention it deserves. Several recent works introduced the pollution attack at the network layer; however, the network performance at the physical layer with pollution attacks has not been evaluated before. The main challenge with the pollution attack involves propagation of the corrupted packets in an epidemic manner, which degrades performance of the network. As PLNC schemes boost up the network throughput, a thorough study evaluating this superiority to the LLNC scheme in presence of an intruder is necessary. The robustness of both schemes towards an attack have been studied in this article.

## Keywords

## 1 Introduction

The main difference between a wireless and a wired network is the fact that the signals can be broadcasted to multiple users simultaneously. In order to improve the four-stage traditional routing [1, 2], network coding has been introduced to attain the maximum possible information flow and to increase the network throughput [3–7]. Inspired by traditional network coding, physical layer network coding (PLNC) has been proposed to improve network throughput, reduce network congestion, and improve network robustness [8, 9]. In wireless networks with limited bandwidth and power resources, PLNC has potential for significant performance improvements. This is done by taking advantage of the inherent additive nature of electromagnetic waves, demonstrating a better performance with respect to the throughput of the network. However, the additive nature of PLNC makes the network susceptible to pollution attacks. Network coding (LLNC) also allows corrupted packets to propagate widely and significantly affect the data recovery procedure. Previous works in network coding security emphasized on the protection of data propagation procedures and the detection of pollution attacks [10–15]. Although these schemes are elegant from the theoretical point of view, they are not efficient with respect to cost and network throughput when used in practice. When detection and elimination methods are used at the network layer, the added complexity and overhead make these higher layer methods inefficient [16]. This calls for a robust coding method that can tolerate intruder attacks without adding too much control overhead to the network. In this paper, the overall network performance from a physical layer perspective has been evaluated for the first time. The goal of this work is to show that the PLNC schemes outperform the LLNC schemes when it comes to an attack. Two cases where the attack power remains low or high are studied.

The pollution attack concept at the network layer has been introduced in [11]. With the advent of the PLNC schemes, pollution attacks may be managed at lower layers. It has been shown that the injected packets can be detected at the physical layer using maximum likelihood (ML) detection [16]. Whenever a relay becomes an intruder with a probability of *P*, the packet can be restored by removing the faulty information using the method presented in [16, 17]. However, this work has been done at the packet level, while PLNC deals with the data at the physical layer. PLNC is used in [18] to localize the Sybil nodes in wireless networks. Nonetheless, the full effect of the intruder on the network has yet to be investigated. Network coding based on DeNoise-and-Forward (DNF) was introduced in [9] to enhance the conventional wireless network design and to bring real gains in a communication-theoretic sense. Based on this scheme, optimized constellation for a two-way relaying channel has been proposed in which a higher throughput compared to LLNC scheme is promised [19]. Similar results have been reported in [20, 21], where the authors confirm the results of [19], analytically. This method is referred to as Adaptive-DeNoise-and-Forward (ADNF hereafter). For comparison purposes, the Amplify-and-Forward (AF) and ADNF PLNC schemes with a lower and higher complexity at the relay node are selected. More sophisticated schemes such as Compute-and-Forward [22, 23] are not considered in this paper. However, the material introduced in this paper can help the researchers study these schemes as well. To the best of the authors’ knowledge, a comprehensive study investigating the effect of the pollution attack on the PLNC scheme has not been carried out before. The goal of this paper is to investigate the effects of the pollution attack on the PLNC schemes (ADNF and AF), compared to the LLNC scheme, and present a fair comparison among them. What motivates the authors is to find out which of the ADNF, AF, or LLNC schemes performs better in the presence of an intruder. This work focuses on the case where the intruder’s presence is not known to the network. The comparison is carried out for different attack scenarios. In this work, a detailed analysis of the error probability for the PLNC schemes with an intruder is provided. The three schemes are being thoroughly analyzed and compared. The closed-form error probability approximation of the AF and LLNC schemes with and without an intruder for the case where the users experience a Rician fading and the intruder experiences a Rayleigh fading is derived. This is based on the assumption that the users operate in line of sight, while the intruder attempts to hide and only relies on scattered and non-line-of-sight operation. Note that the derivations for this type of network (Rician-Rayleigh attack) are novel and have not been evaluated before. The channel realization impact has also been studied. That is, the simulation results for the case where the users experience a Rayleigh fading (where there is no LOS present) have been illustrated. To understand the channel realization impact, simulation results for the two cases where the users experience a Rayleigh fading or a Rician fading with high Rician K-factor is presented as well. A lower bound for the ADNF scheme with an intruder is also presented.

The organization of the rest of the paper is as follows. The network model for the LLNC, AF, and ADNF schemes with pollution attack scenario is presented in Section 2. Performance of these three schemes is analyzed in Section 3. Section 4 provides the numerical and simulation results demonstrating the robustness of the PLNC scheme in the presence of pollution attacks. Section 5 presents the discussions and conclusions.

## 2 Network model

Throughout the paper, certain assumptions and notations are applied. The users transmit their data using a general M-PSK (M =2^{
k
}) modulation with gray mapping regardless of the scheme. It is assumed that the M-PSK constellation has unity energy. \(\mathcal M\) denotes the constellation mapper, and for QPSK, it is denoted as \(\mathcal {M}_{\text {QPSK}}(S_{k})=\left \{\frac {1+j}{\sqrt {2}},\frac {-1+j}{\sqrt {2}},\frac {1-j}{\sqrt {2}},\frac {-1-j}{\sqrt {2}}\right \}\). Noise is assumed to be circularly symmetric complex Gaussian random with zero mean and variance of *σ*
^{2}. *S*
_{1}, *S*
_{2}, *S*
_{
I
}, and *S* are the digital source data per symbol from users 1, 2, intruder, and relay, respectively. That is, k-bit binary tuples (*M*=2^{
k
}) in \(\mathbb {Z}_{M} = \{0,1,\ldots,M-1\}\). \(\mathcal C\) is the denoising mapper. A quasi-static slow fading with a certain Rician K-factor for users, and Rayleigh fading for the intruder, is assumed. The symbol *I* resembles the intruder. The transmission power of the users and the relay is assumed to be the same and is denoted as *P*
_{
S
}. An identical noise variance at the users and the relay is also assumed, i.e., \({\sigma ^{2}_{1}}={\sigma ^{2}_{2}}={\sigma ^{2}_{R}}= \sigma ^{2}\). In the proposed model, the users communicate with the relay with LOS similar to [19], while the intruder is assumed to communicate without LOS. The most appropriate wireless channel model for these two cases are therefore Rician and Rayleigh fading. This is justified noting the fact that intruders often try to keep their locations and channel state information (CSI) hidden to avoid being detected by legitimate network users. Moreover, investigation of this scenario is important, since it is highly probable that we face heterogeneous networks. For simplicity, a reciprocal channel for both stages is assumed.

In a two-way relay channel (TWRC) [24] with physical layer network coding, the throughput of the system is increased dramatically when compared to the traditional network coding method. However, when a third unexpected user (intruder) enters the network, one may wonder how the network is going to handle the situation if corrupted packets are injected into the network. In this work, a TWRC network model with an intruder inside the network is analyzed. The intruder may attack the relay and/or the users. It should be emphasized that the “intruder” effect here differs from the conventional interference effect in wireless networks. The difference is that the intruder attacks the network in such a way that its locations and channel status is unknown to the relay [25]. Hence, the performance analysis should be treated differently from the networks with conventional interference. In general, one or multiple intruders may enter the network. They inject data into the network to degrade the performance. For simplicity, we evaluate the case with one intruder. There are three main scenarios for an attack by the intruder.

The attack model is simple. It is assumed that the intruder uses the same type of device as the users [30]. This allows the intruder to avoid being detected. The attack can occur with different attack-to-signal ratios (ASRs) defined as the ratio of the average received attack signal power to the user signal power. Note that the ASR may vary randomly in a wireless transmission scenario. To keep the comparison fair, this scenario is not illustrated. The intruder modifies the received messages and thus influences the demodulation/denoising of the received data. Digital wireless attacks for signals such as Bluetooth and Wi-Fi are possible with very low power. For the transmission power of the intruder (*P*
_{
I
}), the example of reactive (or responsive) attacker can be used where the intruder looks for ongoing transmissions in order to compose their attack signal (the intruder applies power management to identify the appropriate direction of transmission, power, and timing for its attack) [28]. Through the transmission of a high power signal on the same frequency of a user, the intruder can create a competing signal that collides with and, in effect, cancels out the users’ signal. Cell phones (users), which are designed to increase power in the case of low levels of interference, react to this interference. Consequently, the intruder must be aware of any increases in power by the users and match that power level accordingly. A type of reactive intruder called intelligent intruder uses this knowledge to disrupt the communications. In fact, intelligent intruders could be considered as a type of reactive intruders. By using intelligent attack techniques, the attacker decreases its probability of detection and consumption of energy than basic reactive one.

The details of LLNC, AF, and ADNF schemes are discussed next. Section 2.1 discusses the LLNC network model, Section 2.2 discusses the AF network model, and Section 2.2 describes the ADNF network model.

### 2.1 LLNC System Model

*S*

_{1}, and

*S*

_{2}.

*S*back to the users. The users will then be able to recover the information from the other user by adding their own symbol to the symbol received from the relay.

*X*

_{1}and

*X*

_{2}be the modulated transmitted symbols of the two transmitting nodes. From Fig. 1, at two consecutive time slots, node

*k*∈{1,2} transmits its data to the relay. The two received signals at the relay for the first time slot, where the intruder is present, and for the second time slot where there is no intruder presence, are written as

*P*

_{ I }is the transmission power,

*H*

_{ I }is the channel coefficient with Rayleigh distribution, all for intruder, and

*N*

_{ R }is the noise at the relay. The relay detects the symbols in a similar manner as shown in [31]:

*Y*

_{ B }

_{ k }from the relay as

PLNC, on the other hand, makes the process even faster by combining the first two stages of the process. The users are allowed to send the symbols during the same time slot. At the second time slot, after processing, the relay broadcasts the processed data back to the users. The two PLNC network models are described next.

### 2.2 AF system model

The AF model has two stages of operation. The first stage is referred to as the *MA stage*, where the two users transmit their data to the relay, simultaneously. The second stage is the *relaying stage*, where the relay performs a combining operation on the received data (this can be as simple as XOR in LLNC or more complicated as discussed later) and broadcasts the signal back to the users. The main difference between the AF scheme and the ADNF scheme is that during the MA stage, the relay only amplifies the signal and broadcasts it back to the users. Unlike the ADNF scheme, the AF scheme does not take a more realistic wireless channel model (i.e., fading) into account. As it can be seen later, due to this reason, the AF idea falls behind the ADNF scheme in terms of performance. However, when it comes to an attack, it is unknown whether ADNF outperforms the AF scheme or not. Hence, this work analyzes the performance of the AF scheme in presence of an intruder as well.

*X*

_{ B }=

*β*

*R*

_{AF}to the two users. Perfect channel estimation at the users is assumed here. The users receive the signal as follows

*Z*

_{ i }=

*β*

*H*

_{ i }

*N*

_{ R }+

*N*

_{ i }and

*i*∈{1,2}. After self-interference cancelation [32], the signals at the two users can be written as

For the case with no intruder attack, the term *P*
_{
I
}
*β*
^{2}|*H*
_{
i
}|^{2}|*H*
_{
I
}|^{2},*i*∈1,2, will not be present.

### 2.3 ADNF system model

The DNF was originally introduced in [9]. The goal of DNF is to increase the throughput of the system when compared to AF [29, 33] and Decode-and-Forwarding (DF) [24, 34]. In the DF relaying, the relay combines the data using XOR operation as shown in (1), while the AF relaying allows the addition of the data provided by the multiple access (MA) channel. In the AF method, for high signal-to-noise ratios (SNR), the throughput is twice as much as the traditional four-stage routing. The problem with this method appears at low SNRs. This results in erroneous received data and degrading network throughput. DNF addresses this problem by not decoding the data from the two users. Nonetheless, it can make an estimate of the sum of the two signals coming from the two users with the help of a decision process that decreases the noise impact. This improvement makes the DNF stand out among the two other methods. The modulation schemes optimized for the two-way relay channel for ADNF has been investigated in [19]. Similar to AF scheme, this scheme also has a two stage process. The two stages are briefly explained next.

#### 2.3.1 MA stage

#### 2.3.2 Relaying stage

*R*

_{ADNF}.

The relay maps the received signal *R*
_{ADNF}, using a denoising function, into a quantized signal, *X*
_{
R
}. Note that here, the relay is not aware of the third-party intruder and only assumes that there are two users sending out their data. Therefore, for the case where the users transmit QPSK modulation, it uses the same code-maps and table used in Fig. 4 and Table I of [19]. Moreover, the relay performs the ML based on the information from the two users and not the intruder. As mentioned in [19], for higher order modulation schemes, a simplified code-map is proposed that reduces the number of network codes and limits or eliminates the usage of irregular modulations at the BC stage. However, there are still many singular fade states that can degrade the performance. The authors in [37, 38] have shown that by utilizing convolutional or LDPC codes, the performance of the network can be improved.

*M*=4), depending on the selected code-map, where either

*M*−PSK or (

*M*+

*N*)−QAM, (

*N*≥1) will be broadcasted. For simplicity, a reciprocal channel for both stages is assumed. Note that the denoising maps are designed by minimizing the pairwise error probability between the codewords at the MA stage and to maximize the minimum square distance between the constellation points. In other words, the best denoising maps are designed in favor of increasing the minimum Euclidean distance. The squared Euclidean distance between the data transmitted from the senders and its candidates, i.e., \((S_{1}, S_{2})\rightarrow (\hat S_{1}, \hat S_{2}),\) is as shown in [19]

*Q*is the complementary Gaussian cumulative distribution function defined in [39], and \(d^{2}_{\text {min}}\) is the minimum squared distance of the numerator of (18). That is,

*H*(

*H*

_{1}and

*H*

_{2}), the overall error probability at the relay is a weighted sum of all the possible erroneous data pairs \(\mathcal C(\hat S_{1},\hat S_{2})\not = \mathcal C(S_{1},S_{2})\) where the most dominant factor in calculating the overall error is the minimum Euclidean distance between the data transmitted from the users and its candidates [19]. This is shown in (21). It should be noted that since the closed-form expression for the decision regions are too complex to derive, the exact error probability calculation is a complicated task. Hence, the PEP, which is a tight bound for exact error probability is being used [39].

## 3 Performance analysis

Performance of LLNC, AF, and ADNF schemes are studied and compared in this section. Since the relay dominates the network and is the most susceptible node in the network [19], for the analysis purposes, the performance of the network with an intruder attack on the relay is illustrated. The attack on the nodes (broadcast stage attack) can be derived and illustrated in a similar manner and is left as a future work.

### 3.1 LLNC performance evaluation

As previously shown in Fig. 2 a and Eq. (1), the linear network coding scheme is a three-stage relaying process that boosts the throughput when compared to the traditional four-stage relaying. The performance of the network with and without the intruder is investigated.

#### 3.1.1 Performance with no intruder

First case is when the probability of attack of the intruder is zero (*P*
_{
a
}=0). The symbol error probability (SER) at the relay *P*
_{
s→r
}, at the users *P*
_{
r→s
}, and at the end-to-end error probability *P*
_{ete} is derived next.

*j*∈{1,2}, and

*d*

_{ j }is the Euclidean distance between two M-PSK signal points. Here,

*Q*(

*u*) is denoted as

*a,b*)>0 are modulation-specific constants. For example, for high SNRs, and for QPSK modulation over AWGN, (i) can be approximated as \(2Q\left (\sqrt {\gamma }\right)\). The probability density function (PDF) of the Rician fading is written as

*γ*≥0), \(\bar {\gamma }\) is the average SNR,

*γ*is defined as the instantaneous SNR per symbol, i.e., \(\gamma =H^{2}\frac {P_{S}}{\sigma ^{2}}\), and

*I*

_{0}(.) is the zero-order modified Bessel function of the first kind [40].

*K*is the Rician

*K*-factor defined as the ratio of the powers of the LOS component to the scattered components. Substituting (25) into (24), and using the alternative version of the Q function \(Q_{\text {alt}}(u)=\frac {1}{\pi }\times \int _{0}^{\frac {\pi }{2}}e^{-\frac {u^{2}}{2\sin ^{2}{\theta }}}d\theta \) [40], (24) can be simplified as

*M*×

*M*possible pair combinations. Excluding the correct pair, the XOR-ed error probability at the relay can be calculated. For example, for a QPSK modulation, without loss of generality, if the two users transmit the pair (0,1), the possible erroneous decoded pairs at the relay that will result in correct XOR operation are {(1,0), (3,2), (2,3)}. The possible erroneous decoded pairs at the relay that will result in wrong XOR operation are {(2,2), (3,3), (1,2), (1,3), (3,0), (2,0)}. Furthermore, as mentioned in (22), the error probability of decoding each individual pair with one symbol per time slot depends on the Euclidean distance between the two QPSK signal points. Hence, \(P_{\text {xor}}=1-\frac {3}{9}=\frac {2}{3}\). For the transmitted pair (0,1), Table 1 shows all the possible nine pair combinations with their associated probabilities.

Probability of error for transmitted symbol pair (0,1) with the wrong estimated symbol pairs (*σ*
^{2}=1)

Type | \((\hat S_{1},\hat S_{2})\) | \(P_{1}=Q(2/\sqrt {2})\) | \(P_{2}=Q(\sqrt {2/2})\) |
| Correct/erroneous XOR Decoding |
---|---|---|---|---|---|

Desired incorrect pairs | (1, 0) | 0.0786 | 0.1587 |
| Correct |

(2, 3) | 0.0786 | 0.1587 |
| Correct | |

(3, 2) | 0.0786 | 0.1587 |
| Correct | |

Undesired incorrect Pairs | (2, 2) | 0.0786 | 0.1587 |
| Erroneous |

(3, 3) | 0.0786 | 0.1587 |
| Erroneous | |

(1, 2) | 0.0786 | 0.1587 |
| Erroneous | |

(1, 3) | 0.0786 | 0.1587 |
| Erroneous | |

(3, 0) | 0.0786 | 0.1587 |
| Erroneous | |

(2, 0) | 0.0786 | 0.1587 |
| Erroneous |

#### 3.1.2 Performance with an intruder

*P*

_{a}=1) is discussed here (“a” denotes attack). At the first time slot, along with the transmission of the first node, the intruder attacks the network. Same assumption has been made in [41], where the eavesdropper starts overhearing from the beginning of the time slot. The scenario is considered as the worst case scenario. It is assumed that the relay is not aware of the attack inside the network. Assuming that the intruder attack during the first time slot, the error probability of the incorrectly estimated symbols at the relay can be written as [39]

*d*

_{1I }is the squared Euclidean distance between the two M-PSK signal points [39] and is expressed as

*S*

_{1}based on (4). The receiver, which is not aware of the intruder, assumes a 4-point signal constellation for detection and demodulation. However, if the intruder is somehow detected by the receiver, the constellation map goes beyond 4 points (16 points). Obviously the error probability would be improved and would be calculated in a different manner. The average error probability at the relay is

*γ*

_{1}falls below an acceptable SNR threshold

*γ*

_{th}and can be written as

*P*

_{ r }(.) denotes the probability. Recall that the users’ channels are subject to a Rician fading. In order to derive the outage probability of

*γ*

_{1}conditioned on

*Z*, the complementary CDF of

*X*is used. Now, (34) can be written as

*C*

_{ X }(.)=1−

*F*

_{ X }(.). Substituting the PDFs of the intruder’s channel, which is Rayleigh distributed, as well as the users channel into (35), and by using the infinite-series representation of

*I*

_{0}(.) in [43], Eq. (8.447.1), and with the help of Eq. (3.351.2) in [43], the integral can be simplified to

*Γ*(.,.) is the complementary incomplete gamma function defined in [43], Eq. (8.350.2). The approximation comes from using the infinite series representation of the gamma function. The average SER can be calculated using the widely used CDF-based approach [32]. For a general modulation type, the average error probability can be written as

*ψ*(.,.,.) is the Tricomi confluent hypergeometric function as defined in [43], Eq. (9.211.4), and \(D=\bar \gamma _{z}\Delta _{1}\). The closed-form expression does converge and can easily be plotted in Matlab or other simulation software. For different values of \(\bar \gamma _{z}\), it can be seen that the SER varies. The average end-to-end error probability from node 1 to node 2 is

### 3.2 AF performance evaluation

The performance without an intruder with *P*
_{a}=0 is evaluated next.

#### 3.2.1 Performance with no intruder

*γ*

_{1}>

*γ*

_{2}if

*Y*>

*X*and

*γ*

_{2}>

*γ*

_{1}if

*X*>

*Y*. Therefore, the outage probability is expressed as

*P*

_{1}can be written as

*f*

_{ X }(

*x*) and

*f*

_{ Y }(

*y*) are the PDFs of the Rician-distributed random variables (RV)

*X*and

*Y*, respectively.

*P*

_{2}can be calculated in a similar manner. The limits on the integral comes from the conditions in (47). Since evaluating (50) is a cumbersome task, for high SNRs, the integration region of the variable

*x*can be reduced to (

*y*,

*∞*). It can be shown that the average SER of the network can be expressed as (51). Here, \(\Delta _{1}=\left (\frac {1+K}{\bar \gamma _{x}}\right)\); \(\Delta _{2}=\left (\frac {1+K}{\bar \gamma _{y}}\right)\);

*Δ*

_{3}=

*Δ*

_{1}+

*Δ*

_{2};

*γ*

_{ x }, \(\bar \gamma _{y}\) and \(\bar \gamma _{z}\) are the average SNRs for user 1, user 2, and intruder, respectively; and

*n*!! is expressed as

#### 3.2.2 Performance with an intruder

*P*

_{1}can be written as

*f*

_{ X }(

*x*) and

*f*

_{ Y }(

*y*) are the PDFs of the Rician-distributed RV

*X*and

*Y*, respectively, \(V_{1}=\frac {\gamma _{\text {th}}(1+Y)}{Y-2\gamma _{\text {th}}-Z\gamma _{\text {th}}}\),

*V*

_{2}=2

*γ*

_{th}+

*Z*

*γ*

_{th}, \(\text {PSY}=\psi \left (l+\frac {1}{2},m+\frac {1}{2},\frac {b+2\Delta _{3})}{N}\right)\), and

*E*

_{ Z }is the expected value over complex value,

*Z*. The limits on the integral comes from the conditions in (52). The expected value is to evaluate the effect of the intruder on the network. Since evaluating the integral above is a cumbersome task, for high SNRs, the integral region of the variable

*x*can be reduced to (

*y*,

*∞*). Similar assumption has been applied in [32, 44]. Appendix proves that for high SNRs, the average SER of the network can be expressed as (54). The closed-form expression in (54) shows the impact of the intruder on the network. It can be seen that as the power of the intruder increases, the SER decreases. This equation does converge and can numerically evaluated for different values of \(\bar \gamma _{z}\).

### 3.3 ADNF performance evaluation

For the ADNF scheme, the performance of the network is studied next. Similar to the previous sections, for a network with an intruder, the focus of this paper is on the MA stage as it dominates the overall system performance.

#### 3.3.1 Performance with no intruder

*P*

_{a}=0). The average error probability at the relay is due to three kinds of errors: first, the average probability that user 2 has its data decoded correctly at the relay and user 1 has not; second, the average error probability that user 1 has its data decoded correctly by the relay and user 2 has not; and third, the average cluster error probability \((\bar P_{\text {CEP}})\) that the relay incorrectly decodes to \((\hat S_{1},\hat S_{2})\) ([21] equation 11). The average SER at the relay is upper bounded as shown in [21]

*P*

_{ r→s }, is a function of the modulation scheme and transmitted code. For the method where the irregular modulation schemes is deployed to enhance the overall network performance, a special case for the QPSK modulation scheme is presented. If no irregular modulation scheme is used, the performance analysis becomes straightforward. In the BC stage, following the channel conditions [19], either QPSK or 5QAM is selected. Let \(\mathcal C(S_{2},S_{1})=\mathbb C\) and \(\mathcal C(\hat S_{2},\hat S_{1})=\mathbb {\hat C}\). The error probability at the users can be written as

*α*≤1 is the QPSK occurrence factor, \(P_{\text {qpsk}}(\mathbb {\hat C}\not = \mathbb {C})=Q\left (\frac {d_{j}|h_{j}|}{\sqrt {2\sigma ^{2}}}\right)\),

*j*∈{1,2}, which can be calculated using (58), and,

*d*

_{ j }is the Euclidean distance of two QPSK signal points based on \(\mathbb { C}\) and \(\mathbb {\hat C}\) of the corresponding node. Our simulation results show that both the cardinalities (4 and 5) are equally likely to be used; hence,

*α*=\(\frac {1}{2}\) is used hereafter. The error probability of 5QAM can be found using Fig. 3. Since the exact error probability is difficult to obtain due to asymmetrical shape of the 5QAM, we approximated the error probability in the following manner. The asymptomatic optimized 5QAM has been designed using sphere packing approach in [19]. To obtain a unity average power per symbol, the radius

*R*has been calculated. Since the minimum Euclidean distance between all the constellation points are the same (

*d*

_{min}=2∗

*R*=1.2456), the error probability of 5QAM can be calculated following [39]. Let \(Q\left (\frac {d_{\text {min}}}{\sqrt {2\sigma ^{2}}}\right)=Q(Z)\) denote the probability of decoding a wrong symbol from a different region. The total SER of 5QAM is calculated as

The above equation shows that the overall error probability is directly proportional to the error happening at both the MA and BC stages, where the MA stage is the dominant factor due to the addition of the two signals (MA interference).

#### 3.3.2 Performance with an intruder

The effect of the intruder on the network is studied next (*P*
_{a}=1). Note that the estimates of the transmitted signals are based on (11). The relay, without any knowledge of the intruder, considers a 16-point constellation point at the receiver. If the relay was aware of the intruder and its channel state information, other steps could be applied to avoid the high error probability that is being caused by the attack. In this case, the constellation map at the receiver becomes 64 points rather than 16. Therefore, the code-maps in Fig. 4 of [19] have to be changed and applied accordingly.

In other words, *P*
_{CEP} is the probability that the relay incorrectly decodes to \((S^{\prime }_{1},S^{\prime }_{2})\), with the two pairs, \(\{(S^{\prime }_{1},S^{\prime }_{2}), (S_{1},S_{2})\}\), not being present in the same cluster. This probability is written at the top of the next page.

With the help of the line of proof in [21] that did not consider an intruder, for a network with an intruder, the average CEP can be written as (62). Substituting SANR into ([21] equation 11), the average CEP can be written as (63). The following definitions from [21] are necessary to understand (63). \(\Delta _{S_{i}}=S_{i}-S^{\prime }_{i}, i\in \{1,2\}\), and *δ*
_{
s
} represents the largest radius of the enclosed circle in the region associated with a specified singular fade state in which it can be removed by the clustering. For the ADNF scheme, SANR is defined as signal power to attack and noise power ratio and is written as \(\text {SANR}=\frac {P_{S}}{P_{I}+\sigma ^{2}}\). Note that the relay does not factor in the intruder in its estimates [21]. As we see later, the results shown in (63) explains the severity of intruder effect on this scheme.

## 4 Numerical and simulation results

### 4.1 Network coding-SER analysis

*γ*

_{th}=2-dB. Table 2 describes the simulation setup.

Simulation parameters

Attribute | Value |
---|---|

Number of symbols | 1536×10 |

Attack to signal ratio (ASR) | 0.1−1 |

Modulation scheme (users) | QPSK |

Modulation scheme (intruder) | QPSK |

Modulation scheme (relay) | QPSK/5QAM |

| 2 dB |

It is observed that the LLNC scheme outperforms the other three schemes. This superiority is small when compared to the ADNF scheme but is noticeable when compared to the AF scheme. The inferiority is due to the effect of MA interference, where users send their signal at the same time during the MA stage. This effect is the highest for the AF scheme, where the amplification of noise degrades the performance. For the ADNF scheme, at high SNRs, the CEP can be removed by removing the singular points, which results in a better performance than the NADNF scheme. Note that the two singular points 0 and *∞* are inevitable. This explains the effect of fading on the MA schemes. For the AWGN channel, however, PLNC outperforms the LLNC scheme [8]. Having said that, the time efficiency of the two time slot schemes makes the two PLNC schemes superior to the LLNC scheme in terms of end-to-end throughput.

*K*=1) and the intruder experiences a Rayleigh fading (

*K*=0). The performance comparison of the three schemes LLNC, ADNF, and AF with an intruder is illustrated in Fig. 5. The ASR varies between 0.1 and 1. The intruder attacks the relay in the first time slot for all the schemes. It can be seen that ASR directly affects the performance. Noting the fact that MA stage dominates the network performance, it can be seen that the relay is the most susceptible node inside the network. It can also be seen that as ASR increases, the performance of AF and LLNC schemes get closer towards each other. The ADNF scheme has the worst performance amongst all the other schemes. The reason behind this is the fact that the ADNF scheme uses denoising maps that are used for a network with two users and one relay. Since the relay is not aware of the intruder, it makes the estimates only based on the two users. Hence, the effect of intruder becomes much more visible. This is less severe for the AF and LLNC schemes, where the complexity of relay’s operation is much less resulting in a less destructive attack. It can be inferred from the figure that for lower ASRs (ASRs <0.1), the situation becomes different where the ADNF scheme performs better than AF. This is because the intruder becomes less destructive (lower power) and its effect on MA stage will be negligible. It should be noted that for a network with fading channels (mainly for wireless applications), regardless of an attack, the LLNC scheme performs better than all other schemes in terms of end-to-end SER.

### 4.2 Network coding-throughput analysis

*Θ*is chosen to be 2 dB and SANR is defined as the average received signal to attack plus noise ratio as

### 4.3 Channel realization impact

*K*=0). As it can be seen from Fig. 9, the overall throughput of the network degrades for the ADNF, AF, and LLNC schemes when compared to the case where the users experience a Rician fading. This performance degradation is more visible for the ADNF scheme. This is due to the fact that the performance improvement by 5-ary denoising becomes minimal at a low or zero Rician

*K*-factor. That is, the optimized constellation mapping loses its efficiency in choosing the best network map to increase the minimum distance profile as

*K*decreases. As the Rician

*K*-factor increases (

*K*=10), the performance of the ADNF scheme improves significantly with a higher Rician

*K*-factor (where there is a LOS) when compared to the AF scheme as explained in [19]. This can be observed in Fig. 10. However, due to the destructive nature of the attack and the design of the relay node, in the ADNF scheme, the performance falls below the AF scheme at high SNRs. In summary, the performance of the network does get impacted by the channel model and does degrade if the LOS disappears. However, the attack power is the dominant factor in the performance degradation.

## 5 Conclusions

In this work, the effects of pollution attack on the performance of the three schemes ADNF, AF, and LLNC at the physical layer are investigated. The analytical approximation results for the SER performance of the three schemes with and without an intruder have been illustrated as well. From an end-to-end SER perspective, it has been shown that LLNC scheme outperforms the ADNF and AF schemes regardless of the presence of the intruder. With the end-to-end throughput perspective, it has been shown that with an intruder in the network, and with reasonably high ASRs, the AF outperforms ADNF and LLNC schemes at high SNRs. It has also been observed that ADNF scheme does outperform the other schemes if the ASRs are kept low (for a realistic wireless environment). In order for the ADNF scheme to perform better, complexity of the system has to be increased, where the denoising maps need to be redesigned for a larger network. A future direction is to evaluate the network performance with a channel that experiences large-scale fading, where the distance between nodes (or the intruder) becomes an important factor in network behavior. One can evaluate other types of attacks. For instance, the intruder may use other modulation schemes to attack the network. Appropriate counterattack schemes for this model are also left as a future work. One important future work that can lead us to an unsolved problem is when the relay is aware of the presence of an intruder. So far, the relay has only assumed that there are only two users in the network; therefore, the code-maps are designed accordingly. Although the intruder can not be considered a valid node, it gives us a good way of dealing with multiple nodes in the network and scaling up PLNC to multiple nodes.

## 6 Appendix

By inserting the PDFs of the two users in (53), (67) is derived, where \(\bar \gamma _{x}\) and \(\bar \gamma _{y}\) are the average received SNRs, and *I*
_{0}(.) is the zero-order modified Bessel function of the first kind [40].

*I*

_{0}(.) in [43], Eq. (8.447.1), (67) can be further simplified. By letting \(\Delta _{1}=\left (\frac {1+K}{\bar \gamma _{x}}\right)\) and \(\Delta _{2}=\left (\frac {1+K}{\bar \gamma _{y}}\right)\), and after some algebraic manipulations, this integral is shown in (68). Using Eq. (3.351.2) in [43], (68) is further simplified to (69). Recall that \(Z=\frac {P_{I}|H_{I}|^{2}}{\sigma ^{2}}\), and the intruder experienced a Rayleigh fading, which is exponentially distributed [39] and is expressed as

After inserting (74) into (69), and using Eq. (3.382.4) in [43], and after some algebraic manipulations, the integration with respect to *z* results in (71), where *Δ*
_{3}=*Δ*
_{1}+*Δ*
_{2}, \(\Delta _{4}=\frac {\gamma _{\text {th}}\bar \gamma _{z}\Delta _{3}+1}{\bar \gamma _{z}}\), and *Γ*(.,.) is the complementary incomplete gamma function defined in [43], Eq. (8.350.2). The outage probability can be written as (71). By inserting (72) into (42), applying Eq. (3.383.5) in [43], and applying rigorous algebraic manipulation, the average SER of the network can be expressed as (73). Here, *ψ*(.,.,.) is the Tricomi confluent hypergeometric function as defined in [43], Eq. (9.211.4), and \(N=\bar \gamma _{z}\Delta _{3}\). This completes the proof.

## Declarations

### Competing interests

The authors declare that they have no competing interests.

**Open Access** This article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.

## Authors’ Affiliations

## References

- MO Hasna, M-S Alouini, End-to-end performance of transmission systems with relays over rayleigh-fading channels. IEEE Trans. Wirel. Commun.
**2**(6), 1126–1131 (2003).View ArticleGoogle Scholar - GK Karagiannidis, TA Tsiftsis, RK Mallik, Bounds for multihop relayed communications in Nakagami-m fading. IEEE Trans. Commun.
**54**(1), 18–22 (2006).View ArticleGoogle Scholar - R Ahlswede, N Cai, S Li, R Yeung, Network information flow. IEEE Trans. Inf. Theory.
**46**(4), 1204–1216 (2000).MathSciNetView ArticleMATHGoogle Scholar - S-YR Li, RW Yeung, N Cai, Linear network coding. IEEE Trans. Inf. Theory.
**49**(2), 1204–1216 (2003).MathSciNetView ArticleGoogle Scholar - A Khreishah, IM Khalil, P Ostovari, J Wu, Flow-based XOR network coding for lossy wireless networks. IEEE Trans. Wirel. Commun.
**11**(6), 2321–2329 (2012).View ArticleGoogle Scholar - MH Amerimehr, F Ashtiani, Delay and throughput analysis of a two-way opportunistic network coding-based relay network. IEEE Trans. Wirel. Commun.
**13**(5), 2863–2873 (2014).View ArticleGoogle Scholar - S Katti, H Rahul, W Hu, D Katabi, M Medard, J Crowcroft, XORs in the air: practical wireless network coding. IEEE/ACM Trans. Netw.
**16**(3), 497–510 (2008).View ArticleGoogle Scholar - S Zhang, S-C Liew, P Lam, Physical-layer network coding. ACM MobiCom, 358–365 (2006).Google Scholar
- P Popovski, H Yomo, in
*2006 IEEE International Conference on Communications (ICC)*. The anti-packets can increase the achievable throughput of a wireless multi-hop network (IEEE, 2008), pp. 3885–3890, doi:10.1109/ICC.2006.255688. - J Dong, R Curtmola, R Sethi, C Nita-Rotaru, in
*2008 Workshop on Secure Network Protocols 2008 (NPSecE)*. Toward secure network coding in wireless networks: Threats and challenges (IEEE, 2008), pp. 33–38, doi:10.1109/NPSEC.2008.4664878. - J Dong, R Curtmola, C Nita-Rotaru, in
*2009 Proceedings of the Second ACM Conference on Wireless Network Security*. Practical defenses against pollution attacks in intra-flow network coding for wireless mesh networks (ACM, 2009), pp. 111–122, doi:10.1145/1952982.1952989. - M Krohn, M Freedman, D Mazieres, in
*2004 IEEE Security and Privacy*. On-the-fly verification of rateless erasure codes for efficient content distribution (IEEE, 2004), pp. 226–240, doi:10.1109/SECPRI.2004.1301326. - D Charles, K Jain, K Lauter, in
*40th Annual Conference on Information Sciences and Systems*. Signatures for network coding (IEEE, 2006), pp. 857–863, doi:10.1109/CISS.2006.286587. - Z Yu, Y Wei, B Ramkumar, Y Guanr, in
*Proceedings of INFOCOM 08*. An efficient signature-based scheme for securing network coding against pollution attacks (IEEE, 2008), pp. 1409–1417, doi:10.1109/INFOCOM.2008.199. - F Zhao, T Kalker, M Medard, K Han, in
*Proc. of ISIT*. Signatures for content distribution with network coding (IEEE, 2007), pp. 556–560, doi:10.1109/ISIT.2007.4557283. - SW Kim, in
*Communcation Society Conference of Sensor, Mesh and Ad Hoc Communications and Networks. IEEE*. Integrated detection and mitigation of pollution attack in wireless network coding: physical layer approach (IEEE, 2012), pp. 97–99, doi:10.1109/SECON.2012.6276359. - S Kim, SW Kim, Recycling polluted packet at the physical layer in wireless network coding. IEEE Commun. Lett.
**17**(5), 856–859 (2013).View ArticleGoogle Scholar - Z Li, D Pu, W Wang, A Wyglinski, in
*2010 IEEE GLOBECOM*. Node localization in wireless networks through physical layer network coding (IEEE, 2010), pp. 1–5, doi:10.1109/GLOCOM.2010.5684085. - T Koike-Akino, P Popovski, V Tarokh, Optimized constellations for two-way wireless relaying with physical network coding. IEEE J. Sel. Areas. Commun.
**27**(5), 773–787 (2009).View ArticleGoogle Scholar - V Namboodiri, VT Muralidharan, BS Rajan, in
*Proc. IEEE WCNC*. Wireless bidirectional relaying and latin squares (IEEE, 2012), pp. 1404–1409, doi:10.1109/WCNC.2012.6214000. - VT Muralidharan, BS Rajan, Performance analysis of adaptive physical layer network coding for wireless two-way relaying. IEEE Trans Wirel Commun.
**12**(3), 1328–1339 (2013).View ArticleGoogle Scholar - B Nazer, M Gastpar, Compute-and-forward: harnessing interference through structured codes. IEEE Trans Inf Theory.
**57**(10), 6463–6486 (2011).MathSciNetView ArticleGoogle Scholar - W Nam, SY Chung, YH Lee, Capacity of the Gaussian two-way relay channel to within 1/2 bit. IEEE Trans Inf Theory.
**56**(11), 5488–5494 (2010).View ArticleGoogle Scholar - B Rankov, A Wittneben, in
*2006 Proc Int Symp Inf Theory*. Achievable rate regions for the two-way relay channel. (IEEE), pp. 1668–1672. doi:10.1109/ISIT.2006.261638. - M Ghogho, A Swami, in
*2011 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP)*. Characterizing physical-layer secrecy with unknown eavesdropper locations and channels (IEEE, 2011), pp. 3432–3435, doi:10.1109/ICASSP.2011.5947123. - MC Valenti, D Torrieri, T Ferrett, Noncoherent physical-layer network coding with FSK modulation: Relay receiver design issues. IEEE Trans. Commun.
**59**(9), 2595–2604 (2011).View ArticleGoogle Scholar - L Lu, S-C Liew, Asynchronous physical-layer network coding. IEEE Trans. Wirel. Commun.
**11**(2), 819–831 (2012).View ArticleGoogle Scholar - C Popper, NO Tippenhauer, B Danev, S Capkun, in
*2011 16th European Symposium on Research in Computer Security (ESORICS)*. Investigation of signal and message manipulations on the wireless channel (Springer ESORICS, 2011), pp. 40–59, doi:10.1007/978-3-642-23822-2_3. - S Katti, S Gollakota, D Katabi, in
*2007 Proc. ACM SIGCOMM*. Embracing wireless interference: analog network coding (ACM SIGCOMM, 2007), pp. 397–408, doi:10.1145/1282427.1282425. - W Xu, in
*2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking Services (MobiQuitous)*. On adjusting power to defend wireless networks from jamming (IEEE, 2007), pp. 1–6, doi:10.1109/MOBIQ.2007.4451072. - RM Legnain, RHM Hafez, ID Marsland, BER analysis of three-phase XOR-and-forward relaying using Alamouti STBC. IEEE Commun. Letters.
**16**(9), 1458–1461 (2012).View ArticleGoogle Scholar - L Yang, K Qaraqe, E Serpedin, M-S Alouini, Performance analysis of amplify-and-forward two-way relaying with co-channel interference and channel estimation error. IEEE Trans. Commun.
**61**(6), 2221–2231 (2013).View ArticleGoogle Scholar - P Popovski, H Yomo, in
*2006 IEEE 63rd Vehicular Technology Conference*. Bi-directional amplification of throughput in a wireless multi-hop network (IEEE, 2006), pp. 588–593, doi:10.1109/VETECS.2006.1682892. - P Popovski, H Yomo, in
*2007 IEEE International Conference on Communications*. Physical network coding in two-way wireless relay channels (IEEE, 2007), pp. 707–712, doi:10.1109/ICC.2007.121. - K Yasami, A Razi, A Abedi, Analysis of channel estimation error in physical layer network coding. IEEE Commun. Let.
**15**(10), 1029–1031 (2011).View ArticleGoogle Scholar - K Yasami, A Abedi, in
*2011 Proc. IEEE CCNC*. Effect of channel estimation error on performance of physical layer network coding. (IEEE), pp. 751–752. doi:10.1109/CCNC.2011.5766656. - T Koike-Akino, P Popovski, V Tarokh, in
*2009 IEEE International Conference on Communications (ICC)*. Denoising strategy for convolutionally-coded bidirectional relaying (IEEE, 2009), pp. 1–5, doi:10.1109/ICC.2009.5198893. - J Liu, M Tao, Y Xu, Pairwise check decoding for LDPC coded two-way relay block fading channels. IEEE Trans. Commun.
**60**(8), 2065–2076 (2012).View ArticleGoogle Scholar - JG Proakis,
*Digital Communication*(McGraw-Hill, NewYork, 2001). Fourth Edition.Google Scholar - MK Simon, M-S Alouini,
*Digital Communication over Fading Channels*(Wiley, New Jersey, 2004). Second Edition.View ArticleGoogle Scholar - K Lu, S Fu, Y Qian, T Zhang, in
*IEEE International Conference on Communications, 2009. ICC’09*. On the security performance of physical-layer network coding (IEEE, 2009), pp. 1–5, doi:10.1109/ICC.2009.5199266. - HA Suraweera, HK Garg, A Nallanathan, Performance analysis of two hop amplify-and-forward systems with interference at the relay. IEEE Commun. Let.
**14**(8), 692–694 (2010).View ArticleGoogle Scholar - IS Gradshteyn, IM Ryzhik,
*Table of Integrals, Series, and Products*(Academics, San Diego, 2000). Sixth edition.MATHGoogle Scholar - X Xu, Y Cai, C Cai, W Yang, in
*2011 Proc. IEEE WCSP*. Overall outage probability of two-way amplify-and-forward relaying in Nakagami-m fading channels (IEEE, 2011), pp. 1–4, doi:10.1109/WCSP.2011.6096817.