Encyclopedia of Wireless Networks

Living Edition
| Editors: Xuemin (Sherman) Shen, Xiaodong Lin, Kuan Zhang

Pilot Spoofing Attack

  • Wei WangEmail author
Living reference work entry
DOI: https://doi.org/10.1007/978-3-319-32903-1_319-1



Pilot spoofing attack refers to an active attack in wireless networks, where active eavesdroppers (Eves) manipulate the channel estimation to increase the eavesdropping rate. In time division duplex (TDD) systems with channel reciprocity, the downlink channel state information (CSI) can be acquired through uplink channel training. A smart active Eve may hack such channel estimation process by sending an identical pilot sequence to the base station (BS), causing an erroneous channel estimation at the BS and more information leak to the Eve.


By exploiting the randomness of wireless medium, physical layer security can provide lightweight security solution for low-cost Internet of Things (IoT) devices and has been regarded as a promising solution to enhance security in emerging large-scale heterogeneous networks (HetNets) (Mukherjee 2015; Poor and Schaefer 2017). The information-theoretical security was...
This is a preview of subscription content, log in to check access.


  1. Bai T, Heath RW (2016) Analyzing uplink SINR and rate in massive MIMO systems using stochastic geometry. IEEE Trans Commun 64(11):4592–4606CrossRefGoogle Scholar
  2. Basciftci YO, Koksal CE, Ashikhmin A (2015) Physical layer security in massive MIMO. arXiv preprint arXiv:150500396Google Scholar
  3. Björnson E, Sanguinetti L, Kountouris M (2016) Deploying dense networks for maximal energy efficiency: small cells meet massive MIMO. IEEE J Sel Areas Commun 34(4):832–847CrossRefGoogle Scholar
  4. Leung-Yan-Cheong SK, Hellman ME (1978) The Gaussian wire-tap channel. IEEE Trans Inf Theory 24(4):451–456MathSciNetCrossRefGoogle Scholar
  5. Mukherjee A (2015) Physical-layer security in the internet of things: sensing and communication confidentiality under resource constraints. Proc IEEE 103(10):1747–1761CrossRefGoogle Scholar
  6. Poor HV, Schaefer RF (2017) Wireless physical layer security. Proc Natl Acad Sci 114(1):19–26CrossRefGoogle Scholar
  7. Tugnait JK (2015) Self-contamination for detection of pilot contamination attack in multiple antenna systems. IEEE Wirel Commun Lett 4(5):525–528CrossRefGoogle Scholar
  8. Wang HM, Huang KW, Tsiftsis TA (2018a) Multiple antennas secure transmission under pilot spoofing and jamming attack. IEEE J Sel Areas Commun 36(4):860–876CrossRefGoogle Scholar
  9. Wang W, Teh KC, Luo S, Li KH (2018b) Physical layer security in heterogeneous networks with pilot attack: a stochastic geometry approach. IEEE Trans Commun, to appear. https://doi.org/10.1109/TCOMM.2018.2859954CrossRefGoogle Scholar
  10. Wu Y, Schober R, Ng DWK, Xiao C, Caire G (2016) Secure massive MIMO transmission with an active eavesdropper. IEEE Trans Inf Theory 62(7):3880–3900MathSciNetCrossRefGoogle Scholar
  11. Wyner AD (1975) The wire-tap channel. Bell Syst Tech J 54(8):1355–1387MathSciNetCrossRefGoogle Scholar
  12. Xiong Q, Liang YC, Li KH, Gong Y (2015) An energy-ratio-based approach for detecting pilot spoofing attack in multiple-antenna systems. IEEE Trans Inf Forensic Secur 10(5):932–940CrossRefGoogle Scholar
  13. Zhou X, Maham B, Hjorungnes A (2012) Pilot contamination for active eavesdropping. IEEE Trans Wirel Commun 11(3):903–907CrossRefGoogle Scholar
  14. Zhu J, Schober R, Bhargava VK (2014) Secure transmission in multicell massive MIMO systems. IEEE Trans Wirel Commun 13(9):4766–4781CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2019

Authors and Affiliations

  1. 1.ECE DepartmentUniversity of WaterlooWaterlooCanada

Section editors and affiliations

  • Haojin Zhu
    • 1
  • Jian Shen
    • 2
  1. 1.Shanghai Jiaotong University, ChinaShanghaiChina
  2. 2.Nanjing University of Information Science & Technology, ChinaNanjingChina