Stefano Tomasin

Chandan Kumar Sheemar, Giovanni Iacovelli, Wali Ullah Khan et al.

This paper develops a physically consistent signal model with hardware constraints for a simultaneous transmitting and reflecting beyond-diagonal RIS (STAR BD-RIS) endowed with per-element amplification and lossless power splitting. We explicitly decouple (i) amplification via a diagonal gain matrix, (ii) element-wise reflection/transmission splitting, and (iii) passive beyond-diagonal coupling on each branch, while enforcing practical feasibility through per-element emission caps and an aggregate RIS power budget under the operating covariance. Building on this model, we cast downlink sum-rate maximization as an equivalent weighted minimum mean-square error (WMMSE) problem and propose an alternating optimization framework with provable monotonic descent. The method admits closed-form updates for MMSE combiners and weights, waterfilling-like beamformer updates via a single dual variable, a per-element amplification update that satisfies emission constraints, and a STAR power-splitting update based on cyclic coordinate descent with a global acceptance test. For the beyond-diagonal coupling matrices, we derive Riemannian gradient steps on the complex Stiefel manifold with QR/polar retraction method, preserving passivity at every iterate. Furthermore, the proposed approach decouples the optimization of the reflective and transmissive responses of the BD-RIS, enabling efficient distributed implementation. Numerical results demonstrate substantial sum-rate gains compared to the conventional passive BD-RIS.

Onur Günlü, Stefano Tomasin, João P. Vilela et al.

Integrated sensing and communication (ISAC) is a promising feature of future communication networks. While spatial sensing can improve network performance and enable external services, it also creates privacy challenges that go beyond the confidentiality of communication content. Future networks using millimeter-wave (mmWave) and sub-terahertz (THz) frequencies may collect or infer detailed information about people, devices, bystanders, passive objects, and environments in a sixth-generation (6G) deployment area. Such sensing can reveal location and environment data, support behavioral profiling such as movement or activity recognition, and, in advanced cases, expose physiological information such as breathing frequency or heart-rate-related data. Thus, the capabilities of spatial sensing must be controlled to satisfy privacy requirements. In this work, we organize privacy-sensitive ISAC data into three sensing levels: location and environment data, behavioral data, and physiological data, and use this classification as the organizing principle throughout the paper. Based on this classification, we discuss internal and external ISAC applications, identify privacy challenges related to consent, transparency, data ownership, profiling, bystander exposure, and sensitive sensing data, review representative solution directions, and outline future research directions for privacy-preserving ISAC.

Francesco Ardizzon, Stefano Tomasin

In physical layer authentication (PLA) mechanisms, a verifier decides whether a received message has been transmitted by a legitimate user or an intruder, according to some features of the physical channel over which the message traveled. To design the authentication check implemented at the verifier, typically either the statistics or a dataset of features are available for the channel from the legitimate user, while no information is available when under attack. When the statistics are known, a well-known good solution is the likelihood test (LT). When a dataset is available, the decision problem is one-class classification (OCC) and a good understanding of the machine learning (ML) techniques used for its solution is important to ensure security. Thus, in this paper, we aim at obtaining ML PLA verifiers that operate as the LT. We show how to do it with the neural network (NN) and the one-class least-squares support vector machine (OCLSSVM) models, trained as two-class classifiers on the single-class dataset and an artificial dataset. The artificial dataset for the negative class is obtained by generating channel feature (CF) vectors uniformly distributed over the domain of the legitimate class dataset. We also derive a modified stochastic gradient descent (SGD) algorithm that trains a PLA verifier operating as LT without the need for the artificial dataset. Furthermore, we show that the one-class least-squares support vector machine with suitable kernels operates as the LT at convergence. Lastly, we show that the widely used autoencoder classifier generally does not provide the LT. Numerical results are provided considering PLA on both wireless and underwater acoustic channels.

Yijia Guo, Junqing Zhang, Yao-Win Peter Hong et al.

The rise of wireless technologies has made the Internet of Things (IoT) ubiquitous, but the broadcast nature of wireless communications exposes IoT to authentication risks. Physical layer authentication (PLA) offers a promising solution by leveraging unique characteristics of wireless channels. As a common approach in PLA, hypothesis testing yields a theoretically optimal Neyman-Pearson (NP) detector, but its reliance on channel statistics limits its practicality in real-world scenarios. In contrast, deep learning-based PLA approaches are practical but tend to be not optimal. To address these challenges, we proposed a learning-based PLA scheme driven by hypothesis testing and conducted extensive simulations and experimental evaluations using Wi-Fi. Specifically, we incorporated conditional statistical models into the hypothesis testing framework to derive a theoretically optimal NP detector. Building on this, we developed LiteNP-Net, a lightweight neural network driven by the NP detector. Simulation results demonstrated that LiteNP-Net could approach the performance of the NP detector even without prior knowledge of the channel statistics. To further assess its effectiveness in practical environments, we deployed an experimental testbed using Wi-Fi IoT development kits in various real-world scenarios. Experimental results demonstrated that the LiteNP-Net outperformed the conventional correlation-based method as well as state-of-the-art Siamese-based methods.

Ali Hossary, Laura Crosara, Stefano Tomasin

Jamming attacks pose a critical threat to wireless networks, particularly in cell-free massive MIMO systems, where distributed access points and user equipment (UE) create complex, time-varying topologies. This paper proposes a novel jamming detection framework leveraging dynamic graphs and graph convolutional neural networks (GCN) to address this challenge. By modeling the network as a dynamic graph, we capture evolving communication links and detect jamming attacks as anomalies in the graph evolution. A GCN-Transformer-based model, trained with supervised learning, learns graph embeddings to identify malicious interference. Performance evaluation in simulated scenarios with moving UEs, varying jamming conditions and channel fadings, demonstrates the method's effectiveness, which is assessed through accuracy and F1 score metrics, achieving promising results for effective jamming detection.

Matteo Varotto, Florian Heinrichs, Timo Schuerg et al.

5G cellular networks are particularly vulnerable against narrowband jammers that target specific control sub-channels in the radio signal. One mitigation approach is to detect such jamming attacks with an online observation system, based on machine learning. We propose to detect jamming at the physical layer with a pre-trained machine learning model that performs binary classification. Based on data from an experimental 5G network, we study the performance of different classification models. A convolutional neural network will be compared to support vector machines and k-nearest neighbors, where the last two methods are combined with principal component analysis. The obtained results show substantial differences in terms of classification accuracy and computation time.

Matteo Varotto, Stefan Valentin, Francesco Ardizzon et al.

5G mobile networks are vulnerable to jamming attacks that may jeopardize valuable applications such as industry automation. In this paper, we propose to analyze radio signals with a dedicated device to detect jamming attacks. We pursue a learning approach, with the detector being a CNN implementing a GLRT. To this end, the CNN is trained as a two-class classifier using two datasets: one of real legitimate signals and another generated artificially so that the resulting classifier implements the GLRT. The artificial dataset is generated mimicking different types of jamming signals. We evaluate the performance of this detector using experimental data obtained from a private 5G network and several jamming signals, showing the technique's effectiveness in detecting the attacks.

Stefano Tomasin, Javier German Luzon Hidalgo

In a beyond-5G (B5G) scenario, we consider a virtual private mobile network (VPMN), i.e., a set of user equipments (UEs) directly communicating in a device-to-device (D2D) fashion, and connected to the cellular network by multiple gateways. The purpose of the VPMN is to hide the position of the VPMN UEs to the mobile network operator (MNO). We investigate the design and performance of packet routing inside the VPMN. First, we note that the routing that maximizes the rate between the VPMN and the cellular network leads to an unbalanced use of the gateways by each UE. In turn, this reveals information on the location of the VPMN UEs. Therefore, we derive a routing algorithm that maximizes the VPMN rate, while imposing for each UE the same data rate at each gateway, thus hiding the location of the UE. We compare the performance of the resulting solution, assessing the location privacy achieved by the VPMN, and considering both the case of single hop and multihop in the transmissions from the UEs to the gateways.

Alberto Rech, Stefano Tomasin

We propose a coordinated random access scheme for industrial internet-of-things (IIoT) scenarios, with machine-type devices (MTDs) generating sporadic correlated traffic. This occurs, e.g., when external events trigger data generation at multiple MTDs simultaneously. Time is divided into frames, each split into slots and each MTD randomly selects one slot for (re)transmission, with probability density functions (PDFs) specific of both the MTD and the number of the current retransmission. PDFs are locally optimized to minimize the probability of packet collision. The optimization problem is modeled as a repeated Markov game with incomplete information, and the linear reward-inaction algorithm is used at each MTD, which provably converges to a deterministic (suboptimal) slot assignment. We compare our solution with both the slotted ALOHA and the min-max pairwise correlation random access schemes, showing that our approach achieves a higher network throughput with moderate traffic intensity.

Stefan Roth, Stefano Tomasin, Marco Maso et al.

In fifth-generation (5G) cellular networks, users feed back to the base station the index of the precoder (from a codebook) to be used for downlink transmission. The precoder is strongly related to the user channel and in turn to the user position within the cell. We propose a method by which an external attacker determines the user position by passively overhearing this unencrypted layer-2 feedback signal. The attacker first builds a map of fed back precoder indices in the cell. Then, by overhearing the precoder index fed back by the victim user, the attacker finds its position on the map. We focus on the type-I single-panel codebook, which today is the only mandatory solution in the 3GPP standard. We analyze the attack and assess the obtained localization accuracy against various parameters. We analyze the localization error of a simplified precoder feedback model and describe its asymptotic localization precision. We also propose a mitigation against our attack, wherein the user randomly selects the precoder among those providing the highest rate. Simulations confirm that the attack can achieve a high localization accuracy, which is significantly reduced when the mitigation solution is adopted, at the cost of a negligible rate degradation.

He Fang, Xianbin Wang, Stefano Tomasin

The fifth generation (5G) and beyond wireless networks are critical to support diverse vertical applications by connecting heterogeneous devices and machines, which directly increase vulnerability for various spoofing attacks. Conventional cryptographic and physical layer authentication techniques are facing some challenges in complex dynamic wireless environments, including significant security overhead, low reliability, as well as difficulty in pre-designing authentication model, providing continuous protections, and learning time-varying attributes. In this article, we envision new authentication approaches based on machine learning techniques by opportunistically leveraging physical layer attributes, and introduce intelligence to authentication for more efficient security provisioning. Machine learning paradigms for intelligent authentication design are presented, namely for parametric/non-parametric and supervised/unsupervised/reinforcement learning algorithms. In a nutshell, the machine learning-based intelligent authentication approaches utilize specific features in the multi-dimensional domain for achieving cost-effective, more reliable, model-free, continuous and situation-aware device validation under unknown network conditions and unpredictable dynamics.

Linda Senigagliesi, Marco Baldi, Stefano Tomasin

We investigate the transmission of a secret message from Alice to Bob in the presence of an eavesdropper (Eve) and many of decode-and-forward relay nodes. Each link comprises a set of parallel channels, modeling for example an orthogonal frequency division multiplexing transmission. We consider the impact of discrete constellations and finite-length coding, defining an achievable secrecy rate under a constraint on the equivocation rate at Eve. Then we propose a power and channel allocation algorithm that maximizes the achievable secrecy rate by resorting to two coupled Gale-Shapley algorithms for stable matching problem. We consider the scenarios of both full and partial channel state information at Alice. In the latter case, we only guarantee an outage secrecy rate, i.e., the rate of a message that remains secret with a given probability. Numerical results are provided for Rayleigh fading channels in terms of average outage secrecy rate, showing that practical schemes achieve a performance quite close to that of ideal ones.

Riccardo Bonetto, Michele Rossi, Stefano Tomasin et al.

In electrical distribution grids, the constantly increasing number of power generation devices based on renewables demands a transition from a centralized to a distributed generation paradigm. In fact, power injection from Distributed Energy Resources (DERs) can be selectively controlled to achieve other objectives beyond supporting loads, such as the minimization of the power losses along the distribution lines and the subsequent increase of the grid hosting capacity. However, these technical achievements are only possible if alongside electrical optimization schemes, a suitable market model is set up to promote cooperation from the end users. In contrast with the existing literature, where energy trading and electrical optimization of the grid are often treated separately or the trading strategy is tailored to a specific electrical optimization objective, in this work we consider their joint optimization. Specifically, we present a multi-objective optimization problem accounting for energy trading, where: 1) DERs try to maximize their profit, resulting from selling their surplus energy, 2) the loads try to minimize their expense, and 3) the main power supplier aims at maximizing the electrical grid efficiency through a suitable discount policy. This optimization problem is proved to be non convex, and an equivalent convex formulation is derived. Centralized solutions are discussed first, and are subsequently distributed. Numerical results to demonstrate the effectiveness of the so obtained optimal policies are then presented.

Stefano Tomasin, Nicola Laurenti

Secure transmission between two agents, Alice and Bob, over block fading channels can be achieved similarly to conventional hybrid automatic repeat request (HARQ) by letting Alice transmit multiple blocks, each containing an encoded version of the secret message, until Bob informs Alice about successful decoding by a public error-free return channel. In existing literature each block is a differently punctured version of a single codeword generated with a Wyner code that uses a common randomness for all blocks. In this paper instead we propose a more general approach where multiple codewords are generated from independent randomnesses. The class of channels for which decodability and secrecy is ensured is characterized, with derivations for the existence of secret codes. We show in particular that the classes are not a trivial subset (or superset) of those of existing schemes, thus highlighting the novelty of the proposed solution. The result is further confirmed by deriving the average achievable secrecy throughput, thus taking into account both decoding and secrecy outage.

Augusto Ferrante, Nicola Laurenti, Chiara Masiero et al.

For a physical layer message authentication procedure based on the comparison of channel estimates obtained from the received messages, we focus on an outer bound on the type I/II error probability region. Channel estimates are modelled as multivariate Gaussian vectors, and we assume that the attacker has only some side information on the channel estimate, which he does not know directly. We derive the attacking strategy that provides the tightest bound on the error region, given the statistics of the side information. This turns out to be a zero mean, circularly symmetric Gaussian density whose correlation matrices may be obtained by solving a constrained optimization problem. We propose an iterative algorithm for its solution: Starting from the closed form solution of a relaxed problem, we obtain, by projection, an initial feasible solution; then, by an iterative procedure, we look for the fixed point solution of the problem. Numerical results show that for cases of interest the iterative approach converges, and perturbation analysis shows that the found solution is a local minimum.

Francesco Renna, Nicola Laurenti, Stefano Tomasin et al.

Information-theoretic secret-key agreement is perhaps the most practically feasible mechanism that provides unconditional security at the physical layer to date. In this paper, we consider the problem of secret-key agreement by sharing randomness at low power over an orthogonal frequency division multiplexing (OFDM) link, in the presence of an eavesdropper. The low power assumption greatly simplifies the design of the randomness sharing scheme, even in a fading channel scenario. We assess the performance of the proposed system in terms of secrecy key rate and show that a practical approach to key sharing is obtained by using low-density parity check (LDPC) codes for information reconciliation. Numerical results confirm the merits of the proposed approach as a feasible and practical solution. Moreover, the outage formulation allows to implement secret-key agreement even when only statistical knowledge of the eavesdropper channel is available.