ROBUST SYBIL ATTACK DETECTION SCHEMES EXPLOITING PHYSICAL-LAYER ATTRIBUTES

Abstract

The rapid development of wireless communication technologies and large-scale Internet of Things (IoT) networks has been faced by increasing security challenges, such as eavesdropping and spoofing, particularly in resource-constrained environments. Traditional cryptographic techniques, though effective, impose significant computational overhead and scalability limitations, making them impractical for many IoT applications. As an alternative, physical layer security (PLS) has emerged as a lightweight approach, leveraging inherent wireless channel characteristics for data confidentiality, authentication, and malicious node detection. Among identity-based threats, Sybil attacks pose a significant risk by allowing a single adversary to forge multiple identities with the objective of compromising network integrity. This thesis proposes and analyzes two PLS schemes for Sybil attack detection: (i) a statistical hypothesis testing (HT)-based scheme utilizing Doppler shift and received signal strength (RSS), and (ii) a machine learning (ML)-based method incorporating Doppler shift, RSS, and channel state information (CSI). Comprehensive evaluations demonstrate that the dual-feature HT-based scheme outperforms its single-attribute-based counterparts by harnessing the joint benefit of the RSS and Doppler shift attributes. Specifically, the dual-attribute mechanism achieves 32% and 255% improvement in true positive rate (TPR) at a fixed false positive rate (FPR) of 8% compared to single-attribute Doppler shift- and RSS-based approaches, respectively. In contrast, the ML-based scheme's performance surpasses the baseline single- and dual-feature as well as the initially proposed HT-based one, particularly for mobility scenarios with a dominant line of sight. The ML-based approach demonstrates a 12.5% improvement in TPR compared to the dual-feature RSS-Doppler shift-based counterpart, while enhancing the Doppler shift-, RSS-, and CSI-based single-attribute schemes by 216%, 137%, and 36%, respectively, in terms of TPR. The findings highlight the potential of integrating networks' channel- and mobility-dependent features, as well as statistical and data-driven techniques, for scalable and power-efficient Sybil attack detection in power-limited wireless networks.

Date of Award	2025
Original language	American English
Awarding Institution	HBKU College of Science and Engineering