Our work studies a special covert communication setting where the adversary can manipulate the pilot estimation process of the legitimate transmitter-user pair. We consider the following setting (Fig 1) where a legitimate transmitter, Alice, communicates with a legitimate receiver, Willie. Tom, a hardware trojan (the adversary) embedded in Alice, tries to simultaneously (and silently) communicate with its intended rogue receiver, Eve. Tom’s adversarial strategy unfolds in two stages. First, Tom tries a pilot scaling attack in the channel estimation phase to corrupt Willie’s channel estimation. Subsequently, if Willie fails to detect this initial attack, Tom exploits the imperfect channel estimates to covertly communicate with Eve.
We conduct separate hypothesis tests on the channel estimation and communication phase, and our main result shows that a pilot-scaling attack allows the Trojan adversary to communicate in the “linear-regime,” thereby allowing transmission at a positive rate to the rogue receiver, Eve.. Using a heatmap (Fig 2), we present a relation between the pilot scaling parameter, Tom’s transmit power, and the corresponding cover communication rate achieved between Tom and Eve.
Related publications:
S. Bakirtas, M. R. Bloch, and Elza Erkip. “Pilot-Attacks Can Enable Positive-Rate Covert Communications of Wireless Hardware Trojans.” arXiv preprint arXiv:2404.09922, 2024.