n wireless networks, transmission between legitimateusers can easily be overheard by an eavesdropper forinterception due to the broadcast nature of the wirelessmedium, making wireless transmission highly vulnerableto eavesdropping attacks. In order to achieve confidentialtransmission, existing communications systems typically adoptthe cryptographic techniques to prevent an eavesdropper fromtapping data transmission between legitimate users [1, 2]. Byconsidering symmetric key encryption as an example, the originaldata (called plaintext) is first encrypted at the sourcenode by using an encryption algorithm along with a secret keythat is shared only with the destination node. Then theencrypted plaintext (also known as ciphertext) is transmittedto the destination, which will decrypt its received ciphertextwith the preshared secret key. In this way, even if an eavesdropperoverhears the ciphertext transmission, it is still difficultfor the eavesdropper to interpret the plaintext from itsintercepted ciphertext without the secret key. It is pointed outthat ciphertext transmission is not perfectly secure, since theciphertext can still be decrypted by an eavesdropper throughan exhaustive key search, which is also known as a brute-forceattack. To this end, physical-layer security is emerging as analternative paradigm to protect wireless communicationsagainst eavesdropping attacks, including brute-force attacks.Physical-layer security work was pioneered by Wyner in [3],where a discrete memoryless wiretap channel was examinedfor secure communications in the presence of an eavesdropper.It was proved in [3] that perfectly secure data transmissioncan be achieved if the channel capacity of the main link(from source to destination) is higher than that of the wiretaplink (from source to eavesdropper). Later on, in [4], Wyner’sresults were extended from the discrete memoryless wiretapchannel to the Gaussian wiretap channel, where a so-calledsecrecy capacity was developed, and shown as the differencebetween the channel capacity of the main link and that of thewiretap link. If the secrecy capacity falls below zero, the transmissionfrom source to destination becomes insecure, and theeavesdropper can succeed in intercepting the source transmission(i.e., an intercept event occurs). In order to improvetransmission security against eavesdropping attacks, it is ofimportance to reduce the probability of occurrence of anintercept event (called intercept probability) through enlargingsecrecy capacity. However, in wireless communications, secrecycapacity is severely degraded due to the fading effect.42 IEEE Network • January/February 2015AbstractDue to the broadcast nature of radio propagation, wireless transmission can bereadily overheard by unauthorized users for interception purposes and is thus highlyvulnerable to eavesdropping attacks. To this end, physical-layer security isemerging as a promising paradigm to protect the wireless communications againsteavesdropping attacks by exploiting the physical characteristics of wireless channels.This article is focused on the investigation of diversity techniques to improvephysical-layer security differently from the conventional artificial noise generationand beamforming techniques, which typically consume additional power for generatingartificial noise and exhibit high implementation complexity for beamformerdesign. We present several diversity approaches to improve wireless physical-layersecurity, including multiple-input multiple-output (MIMO), multiuser diversity, andcooperative diversity. To illustrate the security improvement through diversity, wepropose a case study of exploiting cooperative relays to assist the signal transmissionfrom source to destination while defending against eavesdropping attacks.We evaluate the security performance of cooperative relay transmission in Rayleighfading environments in terms of secrecy capacity and intercept probability. It isshown that as the number of relays increases, both the secrecy capacity and interceptprobability of cooperative relay transmission improve significantly, implyingthere is an advantage in exploiting cooperative diversity to improve physical-layersecurity against eavesdropping attacks.Improving Physical-Layer Security inWireless CommunicationsUsing Diversity TechniquesYulong Zou, Jia Zhu, Xianbin Wang, and Victor C.M. LeungI0890-8044/15/$25.00 © 2015 IEEEYulong Zou and Jia Zhu are with the Nanjing University of Posts andTelecommunications.Xianbin Wang is with the University of Western Ontario.Victor C.M. Leung is with the University of British Columbia.As a consequence, there are extensive works aimed atincreasing the secrecy capacity of wireless communications byexploiting multiple antennas [5] and cooperative relays [6].Specifically, the multiple-input multiple-output (MIMO) wiretapchannel was studied in [7] to enhance the wireless secrecycapacity in fading environments. In [8], cooperative relayswere examined for improving the physical-layer security interms of the secrecy rate performance. A hybrid cooperativebeamforming and jamming approach was investigated in [9] toenhance the wireless secrecy capacity, where partial relaynodes are allowed to assist the source transmission to thelegitimate destination with the aid of distributed beamforming,while the remaining relay nodes are used to transmit artificialnoise to confuse the eavesdropper. More recently, ajoint physical-application layer security framework was proposedin [10] for improving the security of wireless multimediadelivery by simultaneously exploiting physical-layer signalprocessing techniques as well as upper-layer authenticationand watermarking methods. In [11], error control coding forsecrecy was discussed for achieving the physical-layer security.Additionally, in [12, 13], physical-layer security was furtherinvestigated in emerging cognitive radio networks.At the time of writing, most research efforts are devoted toexamining the artificial noise and beamforming techniques tocombat eavesdropping attacks, but they consume additionalpower resources to generating artificial noise and increase thecomputational complexity in performing beamformer design.Therefore, this article is motivated to enhance the physicallayersecurity through diversity techniques without additionalpower costs, including MIMO, multiuser diversity, and cooperativediversity, aimed at increasing the capacity of the mainchannel while degrading the wiretap channel. For illustrationpurposes, we present a case study of exploiting cooperativerelays to improve the physical-layer security against eavesdroppingattacks, where the best relay is selected and used toparticipate in forwarding the signal transmission from sourceto destination. We evaluate the secrecy capacity and interceptprobability of the proposed cooperative relay transmission inRayleigh fading environments. It is shown that with anincreasing number of relays, the security performance ofcooperative relay transmission significantly improves in termsof secrecy capacity and intercept probability. This confirmsthe advantage of using cooperative relays to protect wirelesscommunications against eavesdropping attacks.The remainder of this article is organized as follows. Thenext section presents the system model of physical-layer securityin wireless communications. After that, we focus on thephysical-layer security enhancement through diversity techniques,including MIMO, multiuser diversity, and cooperativediversity. For the purpose of illustrating the security improvementthrough diversity, we present a case study of exploitingcooperative relays to assist signal transmission from source todestination against eavesdropping attacks. Finally, we providesome concluding remarks.Physical-Layer Security in WirelessCommunicationsFigure 1 shows a wireless communications scenario with onesource and one destination in the presence of an eavesdropper,where the solid and dashed lines represent the mainchannel (from source to destination) and the wiretap channel(from source to eavesdropper), respectively. When the sourcenode transmits its signal to the destination, an eavesdroppermay overhear such transmission due to the broadcast natureof the wireless medium. Considering the fact that today’swireless systems are highly standardized, the eavesdropper canreadily obtain the transmission parameters, including the signalwaveform, coding and modulation scheme, encryptionalgorithm, and so on. Also, the secret key may be figured outat the eavesdropper (e.g., through an exhaustive search).Thus, the source signal could be interpreted at the eavesdropperby decoding its overheard signal, leading to insecurity ofthe legitimate transmission.As a result, physical-layer security emerges as an alternativemeans to achieve perfect transmission secrecy from source todestination. In the physical-layer security literature [3, 4], aso-called secrecy capacity is developed and shown as the differencebetween the capacities of the main link and the wiretaplink. It has been proven that perfect secrecy is achieved if thesecrecy capacity is positive, meaning that when the main channelcapacity is larger than the wiretap channel capacity, thetransmission from source to destination can be perfectlysecure. This can be explained by using the Shannon codingtheorem from which it is impossible for a receiver to recoverthe source signal if the channel capacity (from source toreceiver) is smaller than the data rate. Thus, given a positivesecrecy capacity, the data rate can be adjusted between thecapacities of the main and wiretap channels so that the destinationnode successfully decodes the source signal and theeavesdropper fails to decode it. However, if the secrecy capacityis negative (i.e., the main channel capacity falls below thewiretap channel capacity), the eavesdropper is more likelythan the destination to succeed in decoding the source signal.In an information-theoretic sense, when the main channelcapacity becomes smaller than the wiretap channel capacity, itis impossible to guarantee that the destination succeeds andthe eavesdropper fails to decode the source signal. Therefore,an intercept event is seen to occur when the secrecy capacityfalls below zero, and the probability of occurrence of an interceptevent is called intercept probability throughout this article.At present, most existing work is focused on improvingphysical-layer security by generating artificial noise to confusean eavesdropping attack, where the artificial noise is sophisticatedlyproduced such that only the eavesdropper experiencesinterference, and the desired destination can easily cancel outsuch noise without performance degradation. More specifically,given a main channel matrix Hm, the artificial noise (denot-IEEE Network • January/February 2015 43Figure 1. A wireless communications scenario consisting ofone source and one destination in the presence of an eavesdroppingattack.Main linkWiretap linkDestinationDEavesdropperESourceSed by wn) is designed in the null space of matrix Hm such thatHmwn = 0, making the desired destination unaffected by thenoise. Since the wiretap channel is independent of the mainchannel, the null space of the wiretap channel is in generaldifferent from that of the main channel; thus, the eavesdroppercannot null out the artificial noise, which results in theperformance degradation at the eavesdropper. Notice that theabove-mentioned null space based noise generation approachneeds the knowledge of main channel Hm only, which can befurther optimized if the wiretap channel information is alsoknown. It needs to be pointed out that additional powerresources are required for generating artificial noise to confusethe eavesdropper. For a fair comparison, the total transmitpower of artificial noise and desired signal should beconstrained. Also, the power allocation between the artificialnoise and desired signal is important, and should be adaptedto the main and wiretap channels to optimize the physicallayersecurity performance, for example, in terms of secrecycapacity. Different from the artificial noise generationapproach, this article is mainly focused on the investigation ofdiversity techniques for enhancing physical-layer security.Diversity for Physical-Layer SecurityIn this section, we present several diversity techniques toimprove physical-layer security against eavesdropping attacks.Traditionally, diversity techniques are exploited to increasetransmission reliability, which also have great potential toenhance wireless security. In the following, we discuss thephysical-layer security improvement through the use ofMIMO, multiuser diversity, and cooperative diversity, respectively.Notice that the MIMO and multiuser diversity mechanismsare generally applicable to various cellular and WiFinetworks, since the cellular and WiFi networks typically consistof multiple users, and, moreover, today’s cellular andWiFi devices are equipped with multiple antennas. In contrast,the cooperative diversity mechanism is only applicableto some advanced cellular and WiFi networks that haveadopted the relay architecture, such as the Long Term Evolution(LTE)-Advanced system and IEEE 802.16j/m, whererelay stations are introduced to assist wireless data transmission.MIMO DiversityThis subsection presents MIMO diversity for physical-layersecurity of wireless transmission against eavesdroppingattacks. As shown in Fig. 2, all the network nodes areequipped with multiple antennas, where M, Nd, and Ne representthe number of antennas at the source, destination, andeavesdropper, respectively. As is known, MIMO has beenshown as an effective means to combat wireless fading andincrease the capacity of the wireless channel. However, theeavesdropper can also exploit the MIMO structure to enlargethe capacity of a wiretap channel from the source to theeavesdropper. Thus, without proper design, increasing thesecrecy capacity of wireless transmission with MIMO may fail.For example, if conventional open-loop space-time block codingis considered, the destination should first estimate themain channel matrix Hm and then perform the space-timedecoding process with an estimated H^m, leading diversity gainto be achieved for the main channel. Similarly, the eavesdroppercan also estimate the wiretap channel matrix Hw and thenconduct the corresponding space-time decoding algorithm toobtain diversity gain for the wiretap channel. Hence, the conventionalspace-time block coding is not effective to improvephysical-layer security against eavesdropping attacks.Generally speaking, if the source node transmits its signalto the desired destination with M antennas, the eavesdropperalso receives M signal copies for interception purposes. Inorder to defend against eavesdropping attacks, the sourcenode should adopt a preprocess that needs to be adapted tothe main and wiretap channels Hm and Hw such that diversitygain can be achieved only at the destination, whereas theeavesdropper benefits nothing from the multiple transmitantennas at the source. This means that an adaptive transmitprocess should be included at the source node to increase themain channel capacity while decreasing the wiretap channelcapacity. Ideally, the objective of such an adaptive transmitprocess is to maximize the secrecy capacity of MIMO transmission,which, however, requires the channel state information(CSI) of both the main and wiretap links (i.e., Hm andHw). In practice, the wiretap channel information Hw may beunavailable, since the eavesdropper is usually passive andstays silent. If only the main channel information Hm isknown, the adaptive transmit process can be designed to maximizethe main channel capacity, which does not requireknowledge of wiretap channel Hw. Since the adaptive transmitprocess is optimized based on the main channel informationHm, and the wiretap channel is typically independent of themain channel, the main channel capacity is significantlyincreased with MIMO, and no improvement is achieved forthe wiretap channel capacity.As for the aforementioned adaptive transmit process, wehere present three main concrete approaches: transmit beamforming,power allocation, and transmit antenna selection.Transmit beamforming is a signal processing technique com-44 IEEE Network • January/February 2015Figure 2. A MIMO wireless system consisting of one sourceand one destination in the presence of an eavesdroppingattack.D(Nd)…DestinationE(Ne)…EavesdropperS(M)…SourceDesired linkWiretap linkbining multiple transmit antennas at the source node in such away that desired signals transmit in a particular direction tothe destination. Considering that the eavesdropper and destinationgenerally lie in different directions relative to thesource node, the desired signals (with transmit beamforming)received at the eavesdropper experience destructive interferenceand become very weak. Thus, transmit beamforming iseffective in defending against eavesdropping attacks when thedestination and eavesdropper are spatially separated. Thepower allocation maximizes the main channel capacity (orsecrecy capacity if both Hm and Hw are known) by allocatingthe transmit power among M antennas at the source. In thisway, the secrecy capacity of MIMO transmission is significantlyincreased, showing the security benefits of using power allocationagainst eavesdropping attacks. In addition, the transmitantenna selection is also able to improve the physical-layersecurity of MIMO wireless systems. Depending on whetherthe global CSI of the main and wiretap channels (i.e., Hm andHw) is available, an optimal transmit antenna at the sourcenode is selected and used to transmit source signals. Morespecifically, if both Hm and Hw are available, the transmitantenna with the highest secrecy capacity is chosen. Studyingthe case of the global available CSI provides a theoreticalupper bound on the security performance of wireless systems.Notice that the CSI of wiretap channels may be estimated andobtained by monitoring the eavesdroppers’ transmissions asdiscussed in [8] and [14]. If only Hm is known, the transmitantenna selection is to maximize the main channel capacity.One can observe that the above-mentioned three approaches(i.e., transmit beamforming, power allocation, and transmitantenna selection) all have great potential to improve thephysical-layer security of MIMO wireless systems againsteavesdropping attacks.Multiuser DiversityThis subsection discusses the multiuser diversity for improvingphysical-layer security. Figure 3 shows that a base station (BS)serves multiple users where M users are denoted by U = {Ui|i= 1, 2, ···, M}. In cellular networks, M users typically communicatewith a BS through an orthogonal multiple access mechanismsuch as orthogonal frequency-division multiple access(OFDMA) and time-division multiple access (TDMA). TakingOFDMA as an example, orthogonal frequency-divisionmultiplexing (OFDM) subcarriers are allocated to differentusers. In other words, given an OFDM subcarrier, we need todetermine which user should be assigned to access and usethe subcarrier for data transmission. Traditionally, the userwith the highest throughput is selected to access the givenOFDM subcarrier, aiming to maximize the transmissioncapacity. This relies on knowledge of main channel informationHm only and can provide significant multiuser diversitygain for performance improvement. However, if a user is faraway from a BS and experiences severe propagation loss anddeep fading, it may have no chance of being selected as the“best” user for channel access. To this end, user fairnessshould be further considered in multiuser scheduling, wheretwo competing interests need to be balanced: maximizing themain channel capacity while at the same time guaranteeingeach user with certain opportunities to access the channel.With multiuser scheduling, a user is first selected to accessa channel (i.e., an OFDM subcarrier in OFDMA or a timeslot in TDMA) and then starts transmitting its signal to a BS.Meanwhile, due to the broadcast nature of wireless transmission,an eavesdropper overhears such transmission andattempts to interpret the source signal. In order to effectivelydefend against the eavesdropping attack, multiuser schedulingshould be performed to minimize the wiretap channel capacitywhile maximizing the main channel capacity, which requiresthe CSI of both the main and wiretap links. If only the mainchannel information Hm is available, we may consider the useof conventional multiuser scheduling where the wiretap channelinformation Hw is not taken into account. It needs to bepointed out that conventional multiuser scheduling still hasgreat potential to enhance physical-layer security, since themain channel capacity is significantly improved with conventionalmultiuser scheduling while the wiretap channel capacityremains the same.Cooperative DiversityIn this subsection, we focus mainly on cooperative diversityfor wireless security against eavesdropping attacks. Figure 4shows a cooperative wireless network including one source, Mrelays, and one destination in the presence of an eavesdropper,where M relays are exploited to assist the signal transmissionfrom source to destination. To be specific, the sourcenode first transmits its signal to M relays, which then forwardtheir received source signals to the destination. At present,there are two basic relay protocols: amplify-and-forward (AF)and decode-and-forward (DF). In the AF protocol, a relaynode simply amplifies and retransmits its received noisy versionof the source signal to the destination. In contrast, theDF protocol requires the relay node to decode its receivedsignal and forward its decoded outcome to the destinationnode. It is concluded that multiple-relay-assisted source signaltransmission consists of two steps:1. The source node broadcasts its signal.2. Relay nodes retransmit their received signals.Each of the two transmission steps is vulnerable to eavesdroppingattack and needs to be carefully designed to prevent aneavesdropper from intercepting the source signal.Typically, the main channel capacity with multiple relayscan be significantly increased by using cooperative beamforming.More specifically, multiple relays can form a virtualantenna array and cooperate with each other to performtransmit beamforming such that the signals received at theintended destination experience constructive interference,while the others (received at the eavesdropper) experiencedestructive interference. One can observe that with cooperativebeamforming, the received signal strength of the destina-IEEE Network • January/February 2015 45Figure 3. A multiuser wireless communications system consistingof one base station (BS) and multiple users in the presenceof an eavesdropper….EBSU1U2UMDesired linkWiretap linktion is much higher than that of the eavesdropper, implyingphysical-layer security improvement. In addition to the aforementionedcooperative beamforming, the best relay selectionis another approach to improve wireless transmission securityagainst eavesdropping attacks. In the best relay selection, arelay node with the highest secrecy capacity (or highest mainchannel capacity if only the main channel information is available)is chosen to participate in assisting the signal transmissionfrom source to destination. In this way, cooperativediversity gain is achieved for physical-layer security enhancement.Case Study: Security Evaluation ofCooperative Relay TransmissionIn this section, we present a case study to show the physicallayersecurity improvement by exploiting cooperative relays,where only a single best relay is selected to assist the signaltransmission from source to destination. This differs fromexisting research efforts in [8], where multiple cooperativerelays participate in forwarding the source signal to the destination.For comparison purposes, we first consider conventionaldirect transmission as a benchmark scheme, where thesource node directly transmits its signal to the destinationwithout relay. Meanwhile, an eavesdropper is present andattempts to intercept the signal transmission from source todestination. As discussed in [3, 4], the secrecy capacity of conventionaldirect transmission is shown as the differencebetween the capacities of the main channel (from source todestination) and the wiretap channel (from source to eavesdropper),which is written as(1)where P is the transmit power at the source, N0 is the varianceof additive white Gaussian noise (AWGN), gs = P/N0 isregarded as the signal-to-noise ratio (SNR), and hsd and hserepresent fading coefficients of the channel from source todestination and from source to eavesdropper, respectively.Presently, there are three commonly used fading models (i.e.,Rayleigh, Rician, and Nakagami), and we consider the use oftheRayleigh fading model to characterize the main and wiretapchannels. Thus, |hsd|2 and |hse|2 are independent andexponentially distributed random variables with means ssd2and sse2 , respectively. Also, an ergodic secrecy capacity of thedirect transmission can be obtained by averaging the instantaneoussecrecy capacity Cs+ over the fading coefficients hsd andhse, where Cs+ = max (Cs,0). In addition, if the secrecy capacityCs falls below zero, the source transmission becomes insecure,and the eavesdropper will succeed in intercepting thesource signal. Thus, using Eq. 1 and denoting x = |hsd|2 and y= |hse|2, an intercept probability of the direct transmissioncan be given by(2)where the third equation arises from the fact that randomvariables |hsd|2 and |hse|2 are independent exponentially distributed,and ssd2 and sse2 are the expected values of |hsd|2and |hse|2, respectively. As can be observed from Eq. 2, theintercept probability of conventional direct transmission isindependent of the transmit power P, meaning that increasingthe transmit power cannot improve physical-layer security interms of intercept probability. This motivates us to explorethe use of cooperative relays to decrease the intercept probability.For notational convenience, let lme represent the ratioof average main channel gain ssd2 to an eavesdropper’s averagechannel gain sse2 , that is, lme = ssd2 /sse2 , which is referredto as the main-to-eavesdropper ratio (MER) throughout thisarticle. In the following, we present the cooperative relaytransmission scheme where multiple relays are used to assistthe signal transmission from source to destination. Here, theAF relaying protocol is considered, and only the best relaywill be selected to participate in forwarding the source signalto the destination. To be specific, the source node first broadcastsits signal to M relays. Then the best relay node is chosento forward a scaled version of its received signal to the destination[15]. Note that during the above mentioned cooperativerelay transmission process, the total amount of transmitpower at source and relay should be constrained to P to makea fair comparison with the conventional direct transmissionscheme. We here consider the equal power allocation; thus,the transmit power at the source and relay is given by P/2.Now, given M relays, it is crucial to determine which relayshould be selected as the best one to assist the source signaltransmission. Ideally, the best relay selection should aim tomaximize the secrecy capacity, which, however, requires theCSI of both the main and wiretap channels. Since the eavesdropperis passive, and the wiretap channel information is difficultto obtain in practice, we consider the main channelcapacity as the objective of best relay selection, which relieson knowledge of the main channel only. Accordingly, the bestrelay selection criterion with AF protocol is expressed as(3)∫∫( )= <<ó ó ó ó⎛⎝ ⎜⎞⎠ ⎟óó + ó<P Ch hx ydx dyPr ( 0)= Pr=1exp – –= ,ssd sex y sd se sd sesesd seintercept2 22 2 2 222 2= +⎛⎝ ⎜⎜⎞⎠ ⎟⎟+⎛⎝ ⎜⎜⎞⎠ ⎟⎟CP hNP hNs log 1 – log 1 ,sd se220220R=∈ +h hh hBest Relay argmax ,isi idsi id2 22 246 IEEE Network • January/February 2015Figure 4. A cooperative diversity system consisting of onesource, M relays, and one destination in the presence of aneavesdropper….RelaysEEavesdropperR1R2RMDDestinationSSourcewhere R denotes a set of M relays, and |hsi|2 and |hid|2 representfading coefficients of the channel from source to relayRi and that from relay Ri to destination, respectively. One cansee from Eq. 3 that the proposed best relay selection criteriononly requires the main channel information, |hsi|2 and |hid|2,with which the main channel capacity is maximized. Since themain and wiretap channels are independent of each other, thewiretap channel capacity will benefit nothing from the proposedbest relay selection. Similar to Eq. 1, the secrecy capacityof best relay selection can be obtained through subtractingthe main channel capacity from the corresponding wiretapchannel capacity. Also, the intercept probability of best relayselection is easily determined by computing the probabilitythat the secrecy capacity becomes less than zero.In Fig. 5, we provide the ergodic secrecy capacity comparisonbetween the conventional direct transmission and proposedbest relay selection schemes for different numbers ofrelays M with gs = 12 dB, ssd2 = 0.5, and ssr2 = srd2 = 2. It isshown in Fig. 5 that for the cases of M = 2, M = 4, and M =8, the ergodic secrecy capacity of the best relay selectionscheme is always higher than that of direct transmission,showing the wireless security benefits of using cooperativerelays. Also, as the number of relays M increases from M = 2to M = 8, the ergodic secrecy capacity of best relay selectionsignificantly increases. This means that increasing the numberof cooperative relays can improve the physical-layer securityof wireless transmission against eavesdropping attacks.Figure 6 shows the intercept probability vs. MER of theconventional direct transmission and proposed best relayselection schemes for different numbers of relays M with gs =12 dB, ssd2 = 0.5, and ssr2 = srd2 = 2. Note that the interceptprobability is obtained by calculating the rate of occurrence ofan intercept event when the capacity of the main channel fallsbelow that of the wiretap channel. Observe from Fig. 6 thatthe best relay selection scheme outperforms conventionaldirect transmission in terms of intercept probability. Moreover,as the number of cooperative relays M increases from M= 2 to M = 8, the intercept probability improvement of bestrelay selection over direct transmission becomes much moresignificant. It is also shown from Fig. 6 that the slope of theintercept probability curve of the best relay selection schemein high MER regions becomes steeper with an increasingnumber of relays. In other words, as the number of relaysincreases, the intercept probability of best relay selectiondecreases at a much higher speed with an increasing MER.This further confirms that the diversity gain is achieved by theproposed relay selection scheme for physical-layer securityimprovement.ConclusionThis article studies physical-layer security of wireless communicationsand presents several diversity techniques for improvingwireless security against eavesdroping attacks. We discussthe use of MIMO, multiuser diversity, and cooperative diversityfor the sake of increasing the secrecy capacity of wirelesstransmission. To illustrate the security benefits through diversity,we propose a case study of physical-layer security incooperative wireless networks with multiple relays, where thebest relay is selected to participate in forwarding the signaltransmission from source to destination. The secrecy capacityand intercept probability of the conventional direct transmissionand proposed best relay selection schemes are evaluatedin Rayleigh fading environments. It is shown that the bestrelay selection scheme outperforms direct transmission interms of both secrecy capacity and intercept probability.Moreover, as the number of cooperative relays increases, thesecurity improvement of the best relay selection scheme overdirect transmission becomes much more significant.Although extensive research efforts have been devoted towireless physical-layer security, many challenging but interestingissues remain open for future work. Specifically, most ofthe existing works in this subject are focused on enhancing thewireless secrecy capacity against the eavesdropping attackonly, but have neglected the joint consideration of differenttypes of wireless physical-layer attacks, including both eavesdroppingand denial of service (DoS) attacks. It is of greatimportance to explore new techniques of jointly defendingagainst multiple different wireless attacks. Furthermore, security,reliability, and throughput are the main driving factorsfor the research and development of next-generation wirelessnetworks, which are typically coupled and affect each other.For example, the security of the wireless physical layer may beimproved by generating artificial noise to confuse an eavesdroppingattack, which, however, comes at the expense ofdegrading wireless reliability and throughput performance,since artificial noise generation consumes some powerIEEE Network • January/February 2015 47Figure 5. Ergodic secrecy capacity vs. MER of the direct transmissionand best relay selection schemes with gs = 12 dB,ssd2 = 0.5, and ssr2 = srd2 = 2.Main-to-eavesdropper ratio (dB)-5 00.50Ergodic secrecy capacity (b/s/Hz)11.522.533.545 10 15 20Relay selection w/M = 8Relay selection w/M = 4Relay selection w/M = 2Direct transmissionFigure 6. Intercept probability vs. MER of the direct transmissionand best relay selection schemes with gs=12 dB, ssd2 =0.5, and ssr2 = srd2 = 2.Main-to-eavesdropper ratio (dB)-5 010-310-4Intercept probability10-210-11005 10 15Direct transmissionRelay selection w/M = 2Relay selection w/M = 4Relay selection w/M = 8resources, and less transmit power becomes available for thedesired information transmission. Thus, it is of interest toinvestigate the joint optimization of security, reliability, andthroughput for the wireless physical layer, which is a challengingissue to be solved in the future.AcknowledgmentThis work was supported by the “1000 Young Talents Program”of China, the National Natural Science Foundation ofChina (Grant No. 61302104), and the Scientific ResearchFoundation of Nanjing University of Posts and Telecommunications(Grant No. NY213014).