Physical Layer Authentication Enhancement Using Maximum SNR Ratio Based Cooperative AF Relaying

Physical layer authentication techniques developed in conventional macrocell wireless networks face challenges when applied in the future fifth-generation (5G) wireless communications, due to the deployment of dense small cells in a hierarchical network architecture. In this paper, we propose a novel physical layer authentication scheme by exploiting the advantages of amplify-andforward (AF) cooperative relaying, which can increase the coverage and convergence of the heterogeneous networks. The essence of the proposed scheme is to select the best relay among multiple AF relays for cooperation between legitimate transmitter and intended receiver in the presence of a spoofer. To achieve this goal, two best relay selection schemes are developed by maximizing the signal-to-noise ratio (SNR) of the legitimate link to the spoofing link at the destination and relays, respectively. In the sequel, we derive closed-form expressions for the outage probabilities of the effective SNR ratios at the destination. With the help of the best relay, a new test statistic is developed for making an authentication decision, based on normalized channel difference between adjacent end-to-end channel estimates at the destination. The performance of the proposed authentication scheme is compared with that in a direct transmission in terms of outage and spoofing detection.


Introduction
During the recent past, wireless networks have experienced a rapid growth in data traffic which is spurred by an explosive increase in the number of diverse devices.To accommodate such increases in devices in future fifth generation (5G) wireless communications, heterogeneity is expected as an important feature that characterizes the future 5G networks by deploying dense small cells underlaid in macrocell cellular networks with coexistence of device-todevice (D2D) communications [1][2][3][4].This enables enhanced radio coverage and different levels of coordination between different types of devices.Due to the enormous interconnected devices and the complexity of the heterogeneous network architecture, the risk of exposure of private and confidential information is dramatically increasing.If the security challenges cannot be first addressed, the development of the 5G networks will be largely restricted.Therefore, protecting information and systems from various malicious attacks should be prioritized in the design and implementation of the future 5G cellular networks [5,6].
Among various malicious attacks, spoofing [7] is a serious security threat to the 5G wireless communications due to the decentralized nature of the heterogeneous networks.To prevent against the spoofing attack, authentication provides users with the ability to verify the identity of transmitters.Traditionally, authentication is accomplished by using cryptographic algorithms based on the computational hardness of mathematical functions.However, the computational complexity leads to practical issues associated with key distribution and management in the 5G network.Moreover, conventional authentication approaches have been developed mainly based on the higher layers of protocol stack, which are vulnerable against adversaries due to the lack of physical layer protection.Due to these shortcomings of cryptographic techniques, physical layer authentication has emerged as a promising paradigm by exploiting the inherent characteristics of wireless channels for additional security protection [8][9][10][11][12][13][14].

Wireless Communications and Mobile Computing
Due to the deployment of dense small cells under the conventional cellular networks in the 5G communications, direct signaling connection between two users placed in different cells is challenging.Cooperative relaying offers a feasible way via user cooperation at the physical layer, through which signals are allowed to be transmitted between source and destination with the help of other nodes.Moreover, since a large number of devices are supported in the 5G and D2D communications allow surrounding devices to directly interconnect with each other, a neighboring device can act as a relay to establish a link between two communication devices without new infrastructure.Securing wireless transmissions through cooperative relays at the physical layer has been proposed in the literature [15][16][17][18][19][20][21][22].These approaches considered various design problems under different assumptions of channel state information (CSI).Exploiting the advantages of cooperative relaying, researchers have shown improvements in physical layer security in terms of preventing eavesdropping attacks.However, the benefits of cooperative communications have not yet been fully utilized for physical layer protection against spoofing attacks to the best of our knowledge.Inspired by previous work that adopted user cooperation in physical layer security and its promised advantages, we develop a novel channel-based physical layer authentication scheme using cooperative relays in this paper.
Among those aforementioned relay-assisted physical layer security schemes, three cooperative transmission protocols are primarily considered, which are amplify-andforward (AF), decode-and-forward (DF), and cooperative jamming (CJ).Specifically, the AF scheme is designed in which relays simply amplify source signals and then retransmit them to destination.In the DF scheme, relays first decode the source signals and then encode and forward them to the destination.As for the CJ scheme, the source transmits the data signal while all relays transmit jamming signals to interfere with eavesdroppers.Note that physical layer authentication is achieved by exploiting the characteristics of CSI.Therefore, the AF relay scheme is more preferable for channel-based physical layer authentication due to its lowcomplexity processing at the relay nodes and destination as well.In this paper, we focus on the AF scheme.
Additionally, in order to obtain an efficient and practical physical layer authentication scheme through cooperative relays, relay selection is of significant importance.It refers to the process of choosing only one or more than one relay to help to transmit messages between the source and destination.Accordingly, relay selection strategies can be generally classified into two categories, that is, multiplerelay selection and single-relay selection.Compared to the multiple-relay selection, the single-relay selection is preferable in various scenarios [23][24][25].Based on the selection of only one relay out of multiple available ones, single-relay selection schemes provide the best path between the source and destination.Although only one relay participates in the cooperative transmission, full order diversity can be achieved and the overhead is minimized due to orthogonal channels.Among existing best relay selection strategies for AF relaying systems, the instantaneous end-to-end SNR, which is seen as a well-defined system parameter, was widely utilized as a relay selection criterion [24].However, in resource-constrained systems such as ad hoc and sensor networks, only partial knowledge of the channel links is available to nodes.In [25], Krikidis et al. proposed a relay selection algorithm based only on the instantaneous SNR of the channel link between the source and relays.
In this paper, a novel channel-based physical layer authentication scheme is proposed based on an AF cooperative relaying system.Only one relay out of multiple AF relays is chosen to provide the best end-to-end path between two legitimate end nodes in the presence of a spoofer.An outage probability is developed for the best relay selection from a security perspective, and the authentication performance is analyzed based on a binary hypothesis testing.The major contributions of this paper are summarized as follows: (1) We propose two best relay selection schemes based on the notion of maximizing the instantaneous SNR ratios of the legitimate link to the spoofing link at the destination and relays, respectively.In the first scheme, the best relay node is selected based on the maximum end-to-end SNR ratio.In order to reduce the computational complexity and resource consumption, the second scheme is developed based only on the first-hop instantaneous SNR ratio.This is different from the previous work [23][24][25] that exploited the instantaneous SNR of the channel links for relay selection.(2) We develop an outage probability to evaluate the proposed best relay selection schemes, which is defined as the probability of the effective end-to-end SNR ratio below a threshold.The closed-form expressions for the outage probabilities of the proposed relay selection schemes are derived, and our analytical and simulation results indicate that the second scheme can achieve an acceptable performance with lower complexity and resource consumption.(3) In order to evaluate the authentication performance of the proposed relay-assisted physical layer authentication scheme, a test statistic is developed based on the end-to-end channel characteristics via the selected best relay.False alarm rate (FAR) and probability of detection (PD) are then defined and calculated using the Monte-Carlo method.(4) We conduct extensive simulations to validate the performance of the proposed physical layer authentication scheme under different transmit powers, spoofer's locations, numbers of available relays, and values of FAR.Moreover, the performance of the proposed scheme is compared with that of a direct transmission (DT) scheme in terms of outage and spoofing detection.
The rest of this paper is organized as follows.In Section 2, the system model based on an AF cooperative relaying is described, and the benchmark scheme is explained as well.Section 3 illustrates the proposed best relay selection schemes.The closed-form expressions for the two outage probabilities are derived in Section 4, and the performance  of spoofing detection is analyzed as well.In order to verify the statistical analysis, we illustrate the numerical results in Section 5 and summarize this paper in Section 6.

System Model Based on AF Cooperative Relaying
The proposed physical layer authentication using AF cooperative relays is shown in Figure 1, which consists of one legitimate transmitter (Alice), one destination (Bob), and  trusted available relay nodes in the presence of one spoofer (Eve).All nodes are located in spatially different positions and equipped with single antenna.From Figure 1, Alice delivers data through the selected best relay to the intended receiver Bob.However, Eve serves as a spoofer attempting to impersonate the transmission from Alice and sends spoofing signals to Bob via the best relay over different time slot.In order to study the performance of physical layer authentication through cooperative relays, we assume severe channel conditions between Alice and Bob.Also, we assume that Eve has the knowledge of the transmission protocol between Alice and Bob.Additionally, relays and destination have no knowledge of Eve's instantaneous channel; however, the statistics of the Eve's channel are assumed to be known at the relays and destination.
It is noteworthy to mention that traditional channelbased physical layer authentication is achieved based on channel temporal correlation in the legitimate link and spatial decorrelation between the legitimate and spoofing channels.In our scenario, we assume that the spacing between any nodes is larger enough; thereby the wireless links between different nodes are independent of each other.Also, the channel coefficient of each single-hop link is highly correlated over time and the temporal correlation can be described by an autoregressive model of order 1 (AR-1) [12].Based on these two facts, Eve can be discriminated from Alice at Bob by comparing current channel estimate with the previous one.Mathematically, traditional channel-based physical layer authentication scheme can be formulated as a binary hypothesis testing problem.That is,  0 : ĥ () = ĥ ( − 1) ,  1 : ĥ () ̸ = ĥ ( − 1) , where  0 , the null hypothesis, stands for Alice as the source, while the alternative hypothesis,  1 , means the source is the spoofer Eve.Moreover, ĥ( − 1) and ĥ() are both channel coefficient estimates at Bob, which are achieved from the previous and current symbols, respectively.Next, a benchmark scheme is first described, and then our AF cooperative relaying scheme is explained.Particularly, the direct transmission scheme is employed as the benchmark scheme, in which the source transmits signals directly to the destination without the help of relays.Additionally, the designs of AF schemes can be found in [15,20,26]; however, our system model and problem description are different from these existing schemes.

Direct Transmission (DT).
In this subsection, the direct transmission scheme is described as the benchmark scheme.Specifically, transmitted signal  with unit power (i.e., {|| 2 } = 1, where {⋅} denotes the expectation operator) is received directly by Bob, and the received signals at Bob from Alice/Eve can be written, respectively, by where   and   are the received signals at Bob from Alice and Eve, respectively.Correspondingly, ℎ  and ℎ  are actual channel coefficients of the legitimate and spoofing links, respectively, which are modeled as complex Gaussian random variables with zero mean and different variances  2  and  2  .Also,   and   are zero-mean complex Gaussian noises with equal variance σ2  .Additionally, for a fair comparison between DT and relay-assisted scheme illustrated in the next subsection, the transmit power of the source in DT is expressed as a sum of the transmit powers of Alice/Eve and relay.In (2) and (3),   ,   , and   are the transmit powers of Alice, Eve, and relays, respectively.
Based on the expressions of the received signals at Bob, the instantaneous SNRs of the legitimate and spoofing links can be expressed, respectively, by

Amplify-and-Forward (AF).
As it can be seen from Figure 1, the proposed AF-based cooperative transmission is conducted in two stages.In stage one, the source (Alice or Eve) broadcasts the signal  to  relays at the first transmission slot.From different sources Alice/Eve, the received signals at the th relay   can be expressed, respectively, by where Herein, the instantaneous SNRs    and    are also exponentially distributed with different parameters.Accordingly, the average values of    and    are derived as In stage two, the relay   forwards the received signal to Bob at the second transmission slot.We assume that relays forward their signals over orthogonal channels, and forwarded signal from each relay to the destination is the multiplication of the received signal with an amplification factor . Considering different sources Alice or Eve,  is defined as or where    and    are the amplification factors applied on the received signals at the relay   from Alice/Eve.
By using the expressions of the received signals at the relay   in ( 6) and ( 7), the received signals at the destination Bob from Alice/Eve can be written, respectively, as where     and     are the received signals at Bob from different sources Alice/Eve through the relay   .Correspondingly, ℎ    is the actual channel coefficient of the link between the relay   and Bob, which is modeled as a complex Gaussian random variable with zero mean and variance  2    .Also,     is a zero-mean complex Gaussian noise with variance  2  .In addition,   is the effective noise.
Consequently, based on the expressions of the received signals at Bob, the instantaneous end-to-end SNRs of the legitimate and spoofing links through the relay   can be derived, respectively, by The essence of our proposed authentication scheme using AF cooperative relays is to select the best relay such that Alice would experience better channel conditions than Eve.Towards this goal, we propose two best relay selection schemes in the next section.

Best Relay Selection
In this section, two best relay selection schemes are developed.The best relay node is chosen based on the notion of maximizing the instantaneous SNR ratios of the legitimate link to the spoofing link at the destination and relays, respectively.The instantaneous SNR ratios are derived based on the defined system model in the previous section.
More specifically, our first relay selection scheme is developed based on the instantaneous end-to-end SNR ratio of the legitimate link to the spoofing link at the destination through the th relay node.By using the instantaneous endto-end SNRs given in ( 14) and ( 15), the instantaneous end-toend SNR ratio Γ  is expressed by However, taking into account all end-to-end links for the best relay selection increases the operational complexity and leads to a high resource consumption as well.Thus, the second relay selection scheme is developed based only on the knowledge of the first-hop link between the relays and different sources Alice/Eve.In our second relay selection scheme, the instantaneous first-hop SNR ratio   is derived by using the instantaneous SNRs given in ( 8) and (9).That is, Since the instantaneous SNRs    and    are exponentially distributed and they are independent of each other, the probability density function (PDF) and cumulative distribution function (CDF) of the instantaneous first-hop SNR ratio   can be derived, respectively, by It is interesting to note that the instantaneous end-to-end SNR ratio through the th relay, that is, Γ  ,  = 1, . . ., , is related to the instantaneous first-hop SNR ratio at the th relay, that is,   ,  = 1, . . ., , through the following equation: where   is defined by In order to analyze the performance of the proposed relay selection schemes, we define an effective end-to-end SNR ratio as our performance metrics.Particularly, in the first relay selection scheme, the best relay is the one for which the end-to-end SNR ratio is maximum.Mathematically, the effective end-to-end SNR ratio of the first relay selection scheme is expressed by On the other hand, the best relay in the second scheme is the one for which the first-hop SNR ratio is maximum.Accordingly, the effective end-to-end SNR ratio of the second relay selection scheme is formulated by In the next section, the performance of the proposed authentication scheme based on developed relay selection approaches is analyzed in terms of outage and spoofing detection, respectively.

Performance Analysis
In this section, the outage probability and the probability of spoofing detection are analyzed.More specifically, the outage of the effective end-to-end SNR ratio is defined as a probability of the effective end-to-end SNR ratio (that are given in (22) or ( 23)) below a threshold.The closed-form expressions for the outage probabilities under two developed relay selection schemes are derived accordingly.Additionally, the authentication performance in terms of false alarm rate (FAR) and probability of detection (PD) is discussed as well.

Outage Analysis of First Relay Selection Scheme.
In our scenario, the outage probability is denoted as a probability of the effective end-to-end SNR ratio below a threshold .Mathematically, the outage probability of the first relay selection scheme is formulated as where  EF is the effective end-to-end SNR ratio defined in (22).As it can be seen from ( 24), the outage probability can be derived based on the CDF of the random variable Γ  .Thus, we first find the CDF of Γ  .Particularly, the CDF of Γ  can be further expressed by using the definition of Γ  in (16).That is, where   as well as   are defined for notation simplicity, respectively, as Since the power of absolute value of the channel coefficient ℎ    is exponentially distributed, ( 26) can be further simplified as The integral term inside (29) can be expressed in terms of exponential integral function (i.e., Ei() = − ∫ ∞ − (1/) − ) as follows; that is, ) . (30) Consequently, the CDF of Γ  can be expressed in closed form by using the expression of the integral term in (30).That is, By substituting the CDF of Γ  in ( 24), the closed-form expression for the outage probability of the first relay selection scheme can be expressed as (32)

Outage Analysis of Second Relay Selection Scheme.
In this subsection, we derive the outage probability of the second relay selection scheme.In the second scheme, the relay with the largest end-to-end SNR ratio is not always chosen due to the lack of CSI of the links between relays and Bob.Using the law of total probability, the outage probability in this case can be expressed as Wireless Communications and Mobile Computing 7 where  EF is the effective end-to-end SNR ratio defined in (23).Replacing Γ  with     according to (20), the outage probability above can be equivalently expressed as The last line in the chain of (34) resulted from fixing the random variable   in the th summand of the second line and then finding statistical expectation with respect to   in the th summand.Due to the fact that all the random variables   ,  = 1, . . ., , and   ,  = 1, . . ., , are statistically independent, the outage probability in (34) can be simplified as Let S denote the subset of  relays for which the average channel power between Alice and relay is better than that between Eve and the relay (i.e., where V  is defined for notation simplicity as There are two integrals on the right side of the last equal sign in (36) which are further defined as  1, in Appendix B and  2, in Appendix D. By using (B.6) and (D.7) derived in Appendices B and D, respectively, the closed-form expression for the outage probability of the second relay selection scheme in (36) can be obtained as where  , ,   , and   are defined in Appendices in (B.4), (D.3), and (D.4), respectively.Figure 2 illustrates the outage probabilities of two proposed relay selection schemes versus the transmit power ratio  of Alice to Eve (i.e.,   /  ) under the comparison of the closed-form expressions and Monte-Carlo experiments.In this Figure, "AF1" and "AF2" represent the proposed first and second relay selection schemes, respectively.As expected, the closed-form expressions of two outage probabilities given in (32) and (38) are overlapping with the corresponding Monte-Carlo results.Moreover, the performance of AF1 is slightly better than that of AF2 when   /  is larger than 2 dB.Although AF1 performs slightly better than AF2 in terms of outage probability, AF2 provides great performance with lower complexity and resource consumption.

Authentication Analysis.
In this subsection, the authentication performance in terms of FAR and PD is defined and analyzed.Note that channel-based physical layer authentication is achieved by exploiting adjacent channel estimates at the intended receiver.Initially, a training phase between the legitimate users is established based on a higher-layer authentication scheme, which enables the receiver to estimate the CSI of the legitimate channel link.After this initial transmission, the receiver can continuously authenticate the transmission at the physical layer.
In the DT scheme, a test statistic is developed based on the normalized channel difference between adjacent channel coefficient estimates, in order to discriminate Alice from Eve under the binary hypothesis testing defined in (1).Mathematically, the test statistic  DT is expressed by where ĥ () = { ĥ (), ĥ ()}.Herein, ĥ and ĥ are the estimated channel coefficients of the legitimate and spoofing links, respectively.
In order to study the effects of additive noise on the authentication performance, we model the channel coefficient estimates ĥ and ĥ as a sum of their actual value and a noise component.That is, where   and   are the estimation errors, which are independent of each other.Based on least-square (LS) channel estimation [27], the variances of   and   can be expressed, respectively, by Similar to the DT scheme, a test statistic is developed in the proposed AF relay-assisted authentication scheme, which is defined as the normalized channel difference between two adjacent end-to-end channel estimates at the destination.Thus, the test statistic  AF is mathematically written as where ĥ () = { ĥ   (), ĥ   ()} is defined as current endto-end channel coefficient estimate of the link between an unknown transmitter (Alice or Eve) and Bob through relay   .Herein, the subscript   represents the selected best relay which is determined and updated based on our proposed relay selection schemes.Moreover, ĥ   ( − 1) is previous end-to-end channel coefficient estimate of the legitimate link via the best relay   .Similarly, we model the end-to-end channel coefficient estimates ĥ   and ĥ   as a sum of their actual value and a noise component.That is, where     and     are the estimation errors.Based on the LS channel estimation, the variances of     and     are derived, respectively, by where  2    is the variance of the channel link between the selected best relay and Bob.
Based on the developed test statistics  DT in (39) and  AF in (43), FAR and PD are defined, respectively, by where  = { AF ,  DT }.Herein,  au is the decision-making threshold for authentication.Generally, FAR is normally set below 0.1 for secure wireless communications.From (47), the threshold  au can be calculated by using Monte-Carlo method under a given value of FAR.Inserting the achieved threshold value into (48), PD can be calculated based on the Monte-Carlo simulations as well.

Simulation Results
In this section, the performance of the proposed authentication scheme based on a cooperative AF relay system is evaluated by using the numerical results.In our scenario, one legitimate transmitter (Alice) communicates with the intended receiver (Bob) through  trusted relay nodes in the presence of one spoofer (Eve).A two-dimensional coordinate system is considered in the simulations, and for simplicity, Alice, Eve, Bob, and relays are located at different intervals along a horizontal line.The Alice-relay distances are assumed to be smaller than the Eve-relay distances.In order to study the effects of distances, the channel gain |ℎ  | 2 between any two nodes is distributed with mean  −]  , where   is the Euclidean distance between nodes  and , and ] is the path loss exponent assumed to be a constant throughout the simulations.In our simulations, we fix Alice and Bob locations at (0, 0) and (10, 0), respectively.Moreover, the transmit powers of the relays and Eve are fixed to one.Additionally, noise variance  2   is assumed to be equal to −40 dB, and the path loss is ] = 3.For Monte-Carlo experiments, 10 6 independent trails are used to obtain the average results.
In order to compare the performance between the proposed scheme and the direct transmission scheme, two examples are considered by studying the effects of Alice-Eve distance and the number of available relays, respectively.In the simulations, "AF1" and "AF2" represent the proposed authentication schemes based on the first and second relay selection methods, while "DT" is corresponding to the direct transmission scheme.

Example 1: Effect of Alice-Eve Distance.
In this example, we will study the effect of distances between Alice and Eve on the performances of outage and spoofing detection.Particularly, four available relays are considered and fixed at the locations (5, 0), (5, 1), (5,2), and (5, 3), respectively.The position of Eve is moved from (−1, 0) to (−10, 0). Figure 3 illustrates the outage probabilities of the effective SNR ratios versus various Alice-Eve distances under different values of transmit power ratio.It shows that the outage probabilities under three schemes decrease dramatically when Eve is moving away from Alice.As expected, the outage performance of the proposed schemes AF1 and AF2 is significantly    better than that of DT under different transmit power ratios.Moreover, in the case of the transmit power ratio of −5 dB, AF2 performs slightly worse compared to AF1 when Eve is at a farther position to Alice.With a higher transmit power ratio (  /  = 5 dB), the scheme AF1 performs much better than AF2.However, the proposed scheme AF2 can provide an acceptable outage probability that is lower than −30 dB under different Alice-Eve distances.
Figure 4 shows the probability of spoofing detection versus the distances between Alice and Eve under different values of transmit power ratio.As expected, the probability of spoofing detection under three schemes increases when the position of Eve is moving away from Alice.Moreover, the performance of the proposed two schemes is significantly better than that in the direct transmission.Although AF1 performs best among three schemes, AF2 can also achieve a high probability of spoofing detection that is larger than 0.8 at different Alice-Eve distances.In Figure 5, we fix the value of transmit power ratio to be 5 dB and study the performance of spoofing detection for different Alice-Eve distances under two values of FAR.As expected, the PD for three schemes becomes higher correspondingly under larger value of FAR.In the two proposed schemes, the probabilities of spoofing detection are larger than 0.7 under different Alice-Eve distances.In contrast, the PD of DT is approximately 0.6 when the Alice-Eve distance equals 10.

Example 2: Effect of the Number of Available Relays.
In this example, we will study the effect of the number of available relays on the analyses of the outage probability and probability of spoofing detection.To achieve this, we consider six available relay nodes in our scenario which are placed in order at (5, 0), (5, 1), (5, 2), (5, 3), (5,4), and (5, 5), respectively.Moreover, the position of Eve is fixed at (−5, 0).The performance of the outage for the effective SNR ratios is depicted in Figure 6 versus the number of available relays.It is important to note that the number of  available relays in this case is set based on the first  relays, where  = 1, 2, . . ., 6.
Figure 6 shows the outage probabilities for the number of available relays under different values of transmit power ratio.As expected, the outage probability of DT is independent of the number of relays, which is no smaller than 10 −2 even under the transmit power ratio of 5 dB.Moreover, the outage probabilities for the proposed schemes AF1 and AF2 dramatically decrease with an increasing number of available relays.For instance, the outage probability of AF1 decreases to 10 −4 when the number of available relays is  = 6, which is 21 dB lower than that of DT and also 10 dB lower than that    of AF2.Additionally, when the number of available relays is larger than 2, AF1 and AF2 perform better than DT with the transmit power ratio of −5 dB.At higher transmit power ratio (  /  = 5 dB), the performance of AF1 and AF2 becomes better than that of DT when the number of available relays is larger than 3.
In Figure 7, the transmit power ratio is fixed at 5 dB.This figure illustrates the PD for the number of available relays under two different values of FAR.As expected, the probability of spoofing detection for DT is independent of the number of available relays, and the values are approximately 0.38 at   = 0.08 and 0.42 at   = 0.1, respectively.As for the two proposed schemes AF1 and AF2, the PD increases when the number of available relays becomes larger.For instance, when the number of relays is  = 6 and the FAR is   = 0.1, the PD can reach 0.98 and 0.89 in AF1 and AF2, respectively.Even under lower FAR value (  = 0.08), the PD of the proposed schemes is still larger than 0.7 where  is no smaller than 3.
As seen from Figures 3-7, the two proposed schemes AF1 and AF2 perform significantly better than the direct transmission DT in terms of outage and spoofing detection, and AF1 achieves the best performance among the three schemes as expected.The reasons behind these phenomena are as follows: (1) compared with the DT, both AF1 and AF2 exploited the advantages of cooperative AF relaying to establish a better end-to-end path between the legitimate end users; (2) the knowledge of the end-to-end SNR ratio is utilized in AF1, while only the first-hop SNR ratio is considered in AF2; (3) although AF2 performs worse than AF1, it requires less computational complexity and resource consumption to provide an acceptable performance in terms of outage and spoofing detection.

Conclusion
In this paper, we have proposed a novel channel-based physical layer authentication scheme based on an AF cooperative relaying system.To achieve our goal, the best relay was chosen to provide the best end-to-end path between two legitimate communication ends in the presence of a spoofer.Specifically, two relay selection schemes have been proposed by maximizing the SNR ratios of the legitimate link to the spoofing link at the destination and relays, respectively.For statistical analysis, we defined our performance metrics in terms of the outage of effective SNR ratios and probability of spoofing detection.One of the main contributions was that the closedform expressions for the two outage probabilities have been derived.Under a binary hypothesis testing, a new test statistic has been developed to analyze the performance of spoofing detection.By using Monte-Carlo method, the performance of the proposed schemes was evaluated and compared with that of the direct transmission scheme.Numerical results have shown the effectiveness on the improvement in performance of the proposed schemes.

B. Closed Form for Integral 𝐼 1,𝑘
In this Appendix, we find a closed-form expression for an integral  1, , which is defined by First of all, we find the fractional decomposition of the following function; that is, Since the degree of the polynomial in the denominator of the multiplicative term in the last line of (B.2) is less than that of the polynomial in the numerator of the same term, using partial fraction decompositions, it can be easily decomposed as

C. Closed Form for Function 𝐹(𝑡)
We define a definite integral function (), which is calculated in this Appendix.Specifically, the function () is denoted by By using change of variables  = 1/, the integral in (C.1) can be further expressed as and using change of variables  = 1 +  1 , the integral () can be calculated based on [28, eq.(3.351.4)],

Figure 1 :
Figure 1: Our cooperative system with multiple relays under the "Alice-Bob-Eve" scenario.The best relay is selected based on the developed relay selection schemes.

Figure 2 :
Figure 2: Comparison of outage probabilities between closed-form expressions and Monte-Carlo simulations.

Figure 3 :
Figure 3: Outage probabilities versus Alice-Eve distances under different values of transmit power ratio.
AF1, P A /P E = 5 dB AF2, P A /P E = 5 dB = 5 dB DT, P A /P E AF1, P A /P E = 15 dB AF2, P A /P E = 15 dB DT, P A /P E = 15 dB

Figure 4 :
Figure 4: PD versus Alice-Eve distances under different values of transmit power ratio.

1 Figure 5 :
Figure 5: PD versus Alice-Eve distances under different values of FAR.

Figure 6 :
Figure 6: Outage probabilities versus the number of available relays under different values of transmit power ratio.

Figure 7 :
Figure 7: PD versus the number of available relays under different FAR values.
Since the channel coefficients ℎ  and ℎ  are both zeromean complex Gaussian random variables with different variances, the corresponding SNRs   and   are exponentially distributed with different values of parameter .Herein,  is Wireless Communications and Mobile Computing denoted as the reciprocal of the average SNR.The average values of   and   can be calculated and expressed by   = (  +   ) 2  /σ 2  and   = (  +   ) 2 and    are the received signals at relay   from Alice and Eve, respectively.Correspondingly, ℎ   and ℎ   are the actual channel coefficients of the links between the relay   and Alice/Eve.The channel coefficients ℎ   and ℎ   follow zero-mean complex Gaussian distributions with different variances  2   and  2   .Additionally,    and    represent zero-mean complex Gaussian noises with equal variance  2  .Consequently, the instantaneous SNRs of the links between the relay   and different sources Alice/Eve can be expressed, respectively, by (25)sing the derived CDF of the SNR ratio   given in(19),  Γ  () in(25)can be further written as  Γ  () =  ℎ          ℎ         2 + (   2   +  2  )) / (       ℎ         2 + (   2   +  2  ))) ℎ         2 + (   2   +  2  )        ℎ         2 + (   2   +  2  ) ≤ ) =  (  ≤         ℎ         2 + (   2   +  2  )        ℎ         2 + (   2   +  2  )) .