On the Security Analysis of a Cooperative Incremental Relaying Protocol in the Presence of an Active Eavesdropper

Physical layer security offers an efficient means to decrease the risk of confidential information leakage through wiretap links. In this paper, we address the physical-layer security in a cooperative wireless subnetwork that includes a source-destination pair and multiple relays, exchanging information in the presence of a malevolent eavesdropper. Specifically, the eavesdropper is active in the network and transmits artificial noise (AN) with a multiple-antenna transmitter to confound both the relays and the destination. We first analyse the secrecy capacity of the direct source-to-destination transmission in terms of intercept probability (IP) and secrecy outage probability (SOP). A decode-and-forward incremental relaying (IR) protocol is then introduced to improve security of communications in the presence of the active eavesdropper. Within this context, and depending on the availability of channel state information, three different schemes (one optimal and two sub-optimal) are proposed to select a trusted relay and improve the achievable secrecy rate. For each one of these schemes, and for both selection and maximum ratio combining at the destination and eavesdropper, we derive new and exact closed-form expressions for the IP and SOP. Our analysis and simulation results demonstrate the superior performance of the proposed IR-based selection schemes for secure communication. They also confirm the existence of a floor phenomenon for the SOP in the absence of AN.


I. INTRODUCTION
Wireless communication is naturally susceptible to eavesdropping due to the openness of the wireless medium and its broadcast nature.Therefore, confidential information exchanged between legitimate wireless nodes may easily be intercepted by unauthorized users.Due to increasing demand for private communication over wireless channels, security issues in wireless networks have gained considerable interest in recent years.Traditionally, security is implemented via cryptographic protocols using public or private keys at upper layers of the network stack.However, due to vulnerability in secret key distribution and management in dense wireless networks, information could be decrypted readily if the eavesdropper obtains the encryption key.

A. Background
Using an information-theoretic approach, Shannon [1] and Wyner [2], and shortly afterwards Csiszár and Körner [3], have argued that it is possible to achieve perfectly secure communications without the use of cryptographic schemes if the channel of the wiretap link is inferior in quality to the legitimate channel.In that case, a confidential message can be encoded such that it can be reliably decoded at its intended destination while revealing almost no information to the eavesdropper.On this basis, physical (PHY) layer security derived from the information-theoretic perspective has attracted much attention recently as a promising approach for protecting against eavesdropping, without significantly increasing computational complexity [4][5][6][7][8].The basic idea is to exploit the S. Vahidian is with the Department of Electrical and Computer Engineering, University of California San Diego (UCSD), CA, USA (e-mail: saeed@ucsd.edu).S. Hatamnia is with the Faculty of Electrical and Computer Engineering, K. N. Toosi University of Technology, Tehran, Iran (email: sajad.hatamnia@gmail.com).B. Champagne is with the Department of Electrical and Computer Engineering, McGill University, Montreal, QC H3A 0E9, Canada (e-mail: benoit.champagne@mcgill.ca).
PHY characteristics of the wireless channels in order to mitigate eavesdropping attacks.This line of work was extended in [9], where the impact of feedback on a wiretap channel was examined in terms of secrecy capacity, revealing that secure communication is still feasible, even when the wiretap link is superior to the legitimate channel by exploiting feedback information.
Taking advantage of multi-antenna systems to combat wireless fading as well as increasing link reliability and secrecy capacity, there has been a growing interest in extending the basic Gaussian wiretap channel to multiple-input multiple-output (MIMO) terminals [10].The authors in [11] focused on the achievable secrecy capacity of a multi-input single-output (MISO) configuration, while in [12] the PHY layer security in MIMO relay networks was studied, revealing a significant improvement in terms of secrecy rate through the use of MIMO relays.The secrecy capacity of a broadcast MIMO wiretap channel for an arbitrary number of transmit/receive antennas was studied in [13], which showed that the perfect secrecy capacity is equal to the difference in mutual information between the wiretap and legitimate links.However, considering the hardware cost and size limitations of multiple-antenna systems, cooperative relaying offers a compelling alternative that enables single-antenna nodes to enjoy the benefits of multiple-antenna systems while enhancing end-to-end security and reliability of communications [14][15][16].
Depending on the role played by the relay in cooperative schemes, three different generic scenarios can be identified.In the first scenario, the relay nodes aim to assist the eavesdropper by decreasing the secrecy rate [17].In the second scenario, the relay acts as both a collaborator and an eavesdropper [18].In the third scenario, which is the focus of this work, the relay collaborates with the source to enhance security of the legitimate link [19].Most of the existing works on user cooperation for PHY layer security focus on developing the secrecy rate from an information-theoretic viewpoint.In [15], three different types of cooperative schemes are investigated, namely: amplify-and-forward (AF), decode-and-forward (DF) and cooperative-jamming (CJ).In particular, optimal relay weight selection and power allocation strategies are proposed to enhance the achievable secrecy rate for the second hop.The authors in [20] study the four-node (i.e., source, destination, relay and eavesdropper) secure communication system for different relay strategies, including DF and noise-forwarding (NF).In [21], the four-node system is further examined in the context of multi-carrier transmissions, where the aim is to maximize the sum secrecy rate under a total system power constraint.A novel relay selection strategy with jamming is investigated in [22], where the aim is to improve security at the destination under the assumption that the eavesdropper only overhears the second hop.
Reference [23] analyzes secure relay and jammer selection for the PHY-layer security improvement of a wireless network including multiple intermediate nodes and eavesdroppers.In [4], the authors propose a new multi-hop strategy where the relays add independent randomization in each hop, which leads to significant secrecy improvement for the end-to-end transmission.The PHY layer security is further explored in [24] for the two-way relay channels, where multiple two-way relays are employed to enhance the secrecy rate against eavesdropping attacks.Other related works addressing the problem of PHY layer security in the presence of multiple intermediate nodes or eavesdroppers include [25][26][27][28][29][30][31].
The aforementioned works are limited to cases where the eavesdropper node can only overhear the source's message or that of the relay but not both.The sub-network models invoked in these and other studies are often afflicted by further restrictions, which may limit their realm of application in practice.This includes the following: consideration of a single eavesdropper equipped with single antenna, as opposed to multiple antennas; legitimate network sending artificial noise to degrade the wiretap link but not the converse; and adoption of conventional cooperation protocols which are not spectrally efficient.

B. Technical Contributions
Motivated by these observations, in this paper, we investigate the effects of different relay selection schemes as well as different combining techniques (under the Rayleigh fading model) on the PHY layer security when the eavesdropper has access to both the source and relay messages.Three relay selection schemes are employed based on the availability of the channel state information (CSI), namely: conventional selection, minimum selection, and optimal selection.In conventional selection, the selected relay is the one that results in the highest SNR at the destination.In minimum selection, the selected relay is the one that results in the lowest SNR at the eavesdropper.Finally, in optimal selection, the selected relay is the one that maximizes the secrecy capacity.
For each one of these schemes, we study the performance of a DFincremental relaying (IR) protocol in the presence of eavesdropper generated AN at both the relays and the destination.Cooperative schemes based on IR outperforms those based on the traditional retransmission of the source message [32].In effect, they are amongst the best performing schemes, as they preserve the channel resources i.e., bandwidth and energy, while maintaining reliable communication.
By employing IR and due to the presence of direct links, the destination and the eavesdropper each receive two different versions of the source message.Consequently, diversity signal combining techniques can be employed by these nodes, including: selection combining (SC), which only selects the best signal out of all replicas for further processing; and maximal ratio combining (MRC), which coherently adds the signal replicas together for detection.For convenience, henceforth, we shall use the nomenclature in Table 1 to refer to the various combinations of relay selection and signal combining schemes.In this table each scheme is identified by a threeletter label where the first letter stands for the DF strategy, the second letter represents the type of the signal combining technique and the third letter denotes the adopted relay selection scheme.In addition, the scheme labeled "DT" denotes the conventional direct transmission and finally, "All relays" means that all successful relays in decoding cooperate simultaneously in the next phase without employing any relay selection scheme.
While the literature on PHY layer security is abundant, the study of security issue for cooperative IR networks affected by eavesdropper generated AN has not been previously addressed.Specifically, our work differs from the aforementioned studies in many aspects, its main contributions being summarized as follows: • We consider a cooperative wireless network with multiple relays in the presence of an active eavesdropper and investigate communication security from the perspective of information theory.Unlike previous works, i.e. [33][34][35][36][37][38] where the source or relays transmit AN together with information signals to deliberately interfere with the eavesdropper's received signal, both the relays and the destination node in our model are confounded by AN In contrast to [39] which assumes conventional relay selection and therefore only considers the relay-destination links, we herein depending on the availability of CSI examine alternative selection schemes which take into account the quality of both source-relay and relay-destination channels.• We derive closed-form expressions for the intercept probability (IP) and the secrecy outage probability (SOP) of all the proposed schemes for cooperative IR networks, thereby fully characterizing the associated security-reliability trade-off [40].
To provide further insight into system behavior, we also derive corresponding asymptotic expressions for the SOP of each scheme in the high SNR regime.These expressions facilitate system design and help better understand the role played by various internal parameters and their interaction.

C. Key Findings
Based on the analysis provided in this paper for the cooperative IR wireless network in the presence of an active eavesdropper, our key results include: • When perfect CSI is available, the optimal relay selection scheme provides the best security performance as compared to the others.This follows because the optimal scheme takes into account the quality of both the source-destination and relaydestination links in its decision metric.In addition, the conventional selection scheme always outperforms minimum selection, which can be justified by invoking the concept of diversity order.Indeed conventional selection provides a diversity gain for the legitimate links when compared to minimum selection.• The performance of SC is worse than that of MRC, typically exhibiting a few dBs of power penalty.This is the price paid for reduced complexity with SC, which allows a trade-off between complexity and performance.SC has its own merits, which explains its wide application in wireless communication in general, as well as in works dealing with security (see e.g., [39]).However, there is not a significant performance gap between the two combining techniques when the minimum selection scheme is employed.• Only marginal performance improvements can be obtained by increasing the number of relays for the DMM and DSM schemes.• In the high SNR regime, all the proposed schemes achieve the same diversity gain, while the difference in their performance can be characterized by their achieved coding gain.Mathematical Notations: The notation o (x) means an higher order term in x, (i.e.lim x→0 o(x)/x = 0); f (x) and F (x) respectively denote the probability distribution function (PDF) and cumulative distribution function (CDF) of random variable (RV) X; Γ (a, x) is the upper incomplete gamma function while Φ (a, b; x) is the confluent hypergeometric function of the second kind.
The rest of the paper is organized as follows.The adopted system and channel models for cooperative relaying with active eavesdropper are discussed in Section II.Sections III and IV present the proposed IR-based schemes and their secrecy performance analysis, respectively.Section V analyzes diversity order in the high SNR regime.Section VI presents selected numerical simulation results to support the theoretical study.Finally, Section VII contains concluding remarks.

II. SYSTEM MODEL
Consider the generic topology shown in Fig. 1 for secure communication in a cooperative wireless sub-network consisting of a source S, a destination D, and a cluster of M DF relays Rm, m ∈ {1, ..., M }.The purpose of the relays is to assist the data transmission between the source and the destination, in order to protect against the overhearing attack of a malicious eavesdropper E. The source, destination and relay nodes are characterized by the half-duplex constraint and therefore cannot transmit and receive simultaneously, while the eavesdropper node works in full duplex mode.Specifically, the eavesdropper is active and utilizes a hybrid overhearing and AN generating mechanism.Herein, "hybrid" means that during the data exchange, the eavesdropper not only overhears to extract confidential information but also propagates AN to degrade the PHY layer security of the legitimate sub-network.To this end, the eavesdropper can use multiple-antennas or collude with other attackers concealed nearby to generate AN and confound the target receivers 1 .
Unlike traditional cooperation [41,42], in the considered topology only a subset of the M relays will be activated.Specifically, we consider IR as a cooperation protocol which exploits an onebit feedback from the destination to the source in the form of Acknowledgement/Negative-Acknowledgement (ACK/NACK) signaling as shown in Fig. 1.In the proposed model, in the first phase, S broadcasts its signal and all the relays Rm, m ∈ {1, ..., M }, attempt to decode it.Let F denote the random subset of relays that can successfully decode the source message, referred to as the wellinformed relay subset (WIRS).Accordingly, the sample space of all the possible WIRS outcomes is the power set P({R1, ..., RM }) with cardinality 2 M .In the sequel, it is convenient to individually represent these subsets by Fn where the index n ∈ {1, 2, 3, ..., 2 M }.Next, let R be a pre-determined rate which is contingent on the quality of service (QoS) of the source-destination link.On the basis of the rate R, the destination decides whether another copy of the data signal is required or not.As previously mentioned, the retransmission process is based on an ACK/NACK mechanism, in which shortlength error-free packets are broadcasted by the destination D over a separate narrow-band channel, in order to inform the source and the relay nodes of that reception QoS status.In the second time slot, if necessary, i.e., if the rate of the source-destination channel falls below R, the best relay processes the received signal using the DF protocol [43,44], whereby a copy of the original source message is generated and transmitted again to the destination.
It is assumed that all wireless links in Fig. 1, including the E's channels, exhibit frequency flat Rayleigh block fading.This means that the fading channel coefficients remain (approximately) static for one coherence interval, but change independently in different coherence intervals according to a zero-mean circularly symmetric complex Gaussian distribution.We let hi,j denote the complex valued channel coefficient characterizing the transmission from node i to node j, where i, j ∈ {s, d, e, r1, ..., rM }.The receivers at nodes S, D, E, and Rm are impaired by additive white Gaussian noise (AWGN).Hence, the signal-to-noise ratio (SNR) with respect to (w.r.t.) link i-j follows an exponential distribution with mean denoted as σij .

A. Direct transmission
In the following and for later reference, we proceed by presenting the security analysis in the special case of direct transmission (i.e., without using relay cooperation) as a benchmark.Subsequently, in Section III, we will propose the DF-based IR protocol to improve the PHY layer security against eavesdropping attack, and extend our analysis to this latter case.
In the direct transmission case (Fig. 2), source S transmits a sequence of complex valued digital symbols to destination D, at the rate R in units of bits per channel use.Here, we assume that quadrature phase-shift keying (QPSK) is employed as the modulation technique, and we let A with cardinality Q = |A| denote the normalized symbol constellation.At a given time instant (i.e., channel use), S transmits a scaled random symbol √ Pss, where s ∈ A with E{|s| 2 } = 1 and Ps is the source transmit power.Due the broadcast nature of electromagnetic waves, the radio signal transmitted by S to D will also reach some unintended areas, resulting in information leakage.Consequently, eavesdropper E may overhear the transmission of S and reproduce the original confidential signal.
Meanwhile, the AN vector expressed by [ √ P1x1, . . ., √ PN xN ] is emitted by node E, where N is the number of available transmit antennas, xi for i ∈ {1, 2, ..., N } are random variables taken from a complex circular Gaussian distribution with zero mean and variance E{|xi| 2 } = 1, and Pi is the corresponding transmit power allocated to the i th antenna.Ideally, the AN is generated to be in the null space of node E's receiving channel, and thus, does not affect E but degrades the receivers' channels [45].Hence, the received signals at D and E are respectively given by rs,e = √ Pshs,es + ns,e, where c i,d is the complex channel gain between the i th antenna of E and the destination D, while n s,d ∼ CN 0, σ 2 n and ns,e ∼ CN 0, σ 2 n are the additive noise terms at the destination and the eavesdropper terminal respectively 2 .Then, the channel capacity of the direct S−D link and the achievable rate of the wiretap S−E link are given by According to [46], when the capacity of the wiretap S−E link is lower than the data rate R, E will fail to decode the message from S, while the legitimate S−D link remains secure.However, if the capacity of the wiretap link becomes higher than the data rate R, E may succeed in decoding S's message and hence, an intercept event occurs.Within this context, the intercept probability (IP) defined below is a key metric in evaluating the performance of PHY layer security: where δ = 2 R − 1 and the superscript DT stands for direct transmission.As expected, the IP is contingent on the transmit power of source S and the quality of the wiretap S−E link, through the parameter σse, as well as the data rate R. Note that increasing the data rate or decreasing the transmit power of the source, causes the IP to decrease, which in turn improves the security of the network.However, this comes at the cost of a deterioration in transmission reliability, since the SOP of the legitimate link increases (see below) when a higher data rate or lower transmit power is adopted at S.
Let us next investigate the achievable secrecy rate of direct transmission, which is defined as the difference between the information rate of the S−D link and that of the S−E link: where Under the security constraint, the legitimate network is in outage whenever a transmitted message cannot be received reliably.Specifically, for a given secure rate R, a secrecy outage event occurs when the secrecy rate falls below the thresholding R. In this regard, the secrecy outage probability (SOP) provides another key metric in evaluating the performance of PHY layer security.For the traditional direct transmission mode, the SOP can be formulated as The CDF of RV Ψ sd and pdf of RV Ψse at hand can be expressed 2 For simplicity, we assume that these noise terms have the same power but the analysis can be extended to the case of different noise powers. 3When the secrecy capacity is negative, a SOP event occurs.
as [19] FΨ where κ sd = σsd σid 4 and π sd = N i=1 j =i σid σid −σ jd .Using these expressions, the SOP of the conventional direct transmission is obtained as

III. PROPOSED DF INCREMENTAL RELAYING SCHEME
In this section, the proposed relay selection scheme is exposed and its secrecy performance analyzed.We here make use of the DF scheme along with an IR protocol to augment the spectral efficiency over fixed relaying systems.Based on the model description provided in Section II, the received signal at Rm and subsequently received signal at D and E from the selected relay, are respectively given by rs,m = √ Pshs,ms rm,e = √ Pmhm,es + nm,e, where Ps = P ′ /2 and Pm = P ′ /2 are the transmitted power at S and R respectively and P ′ is the total power budget of the network.In addition, c ℓ,m is the complex channel gain between the ℓth antenna of E and the mth relay while ns,m ∼ CN 0, σ 2 n , n m,d ∼ CN 0, σ 2 n and nm,e ∼ CN 0, σ 2 n are additive noise terms.There are two possible cases for the data transmission depending on whether the WIRS F is empty or not.For simplicity, let F = ∅ represents the former case and F = Fn the latter.
• Case F = ∅: This case corresponds to a situation where all the candidate relays fail in perfectly decoding the source signal.
From an information theoretic perspective, this condition can be expressed based on (11) in the following form, where Ψsm = Ps|hs,m| . Based on ( 14), the occurrence probability of case F = ∅ is given by where q =ℓ σℓm σℓm −σmq and κs = σsm σℓm .
• Case F = Fn: This case corresponds to all the relays in the WIRS Fn being able to decode the source signal successfully, i.e., the event F = Fn is formulated as From ( 16), the occurrence probability of case F = Fn can be formulated as During the cooperative phase and according to the assumed security protocol, when Fn is non-empty, the best relay is chosen from Fn to forward its decoded signal toward the destination, allowing the eavesdropper to intercept the transmission.

IV. SECURITY-RELIABILITY ANALYSIS OF IR SCHEMES
Based on the available knowledge of CSI for the different links and system complexity, different relay selection schemes are presented and analyzed for the following three cases.For Case I, corresponding to the situation when the CSI of the legitimate channels (i.e. S − Rm, Rm − D) is available but not that of the Rm − E channel, the conventional relay selection scheme is implemented.The latter scheme does only take into account the capacity of the legitimate channels, without considering the secrecy rate.In Case II, i.e. when the CSI of the Rm − E link is known, minimum relay selection scheme is applied.We note that for Cases I and II, suboptimal relay selection is performed.Finally, in Case III, while the same CSI assumption as in Case II are made, an optimal relay selection scheme is implemented, whereby the relay that achieves the maximum secrecy rate is chosen for retransmission.Compared to conventional relay selection approaches [47][48][49][50][51] where only the CSI of the legitimate S − Rm and Rm − D links are required, in the optimal IR scheme, knowledge of the channel gain magnitudes of eavesdroppers channels is also needed for maximizing the secrecy rate through the use of an error-free feedback channel between E and D [14,16,52,53]).The assumption of known eavesdropper CSI can be justified when the eavesdropper is seen as another legitimate user waiting to be served by the source while the latter is serving the destination securely.Thus, the eavesdropper has to report its CSI to the source to be considered for future service.This is applicable particularly in networks combining multicast and unicast transmissions.
Without loss of generality, assuming that event F = Fn occurs and relay "m" is selected as the "best one", the corresponding Rm − D and Rm − E channel capacities are where and the superscript DF refers to decode-and-forward.For the case of unsuccessful direct transmission, two time slots are required to transmit the data, justifying the factor of 1/2 in ( 18)- (19).To boost the effective channel gain and thereby enhance communication reliability, the destination then employs either MRC or SC of all signals received in both phases, and generates an estimation of the original signal after maximum likelihood decoding (MLD).As such, two categories of combining solutions do exist for both destination and eavesdropper nodes, leading to various cases in our analysis as detailed below (see also Table 1).

A. Suboptimal Selection Case I: DMC
Let us investigate the security and reliability performance of the DF IR scheme where a combination of the conventional relay mode and the MRC technique are applied.In this approach, the relay selection scheme does not take into account the eavesdropper's channels and the relay node is selected based on the instantaneous quality of the combined S − Rm and Rm − D link, with the aim to maximize the achievable rate at the destination node.Specifically, the index of the relay chosen to forward the legitimate signal from D to E is given by where we define C DM sd = 1 2 log 2 (1 + Ψ md + Ψ sd ).Notice that for the MRC technique, the instantaneous SNR is given by the sum of two SNRs, i.e., Ψ md and Ψ sd .Then, the secrecy rate is expressed as where 2 log 2 (1 + Ψme + Ψse).We now derive an analytical expression for the IP for conventional relaying with MRC.To this end, we first present the following general expression for the IP, based on the law of total probability, that is applicable to various combinations of signal combining and relay selection schemes, where superscript Q ∈ {DSC, DSM, DMC, DMM, DMA, DSA} refers to the applicable scheme and In the particular case of interest here, i.e.Q = DMC, the following closedform expression for the IP can be obtained, where r = [1, −ρ, ρ, λ, −λ], t = 0, 0, 1 σme , 0, 1 σse , ρ = σme (σme−σse) and λ = σse (σme−σse) .Next, we focus on the derivation of the SOP expression.For a DF IR network using M relays, and based on the law of total probability, the following general expression can be obtained for the SOP, where Q ∈ {DSC, DSM, DSO, DMC, DMM, DMO, DMA, DSA} and P Q out = Pr C Q sd < R .Note that P DT out was derived in (10); hence, we next proceed to obtain P DMC out .The following lemma and theorem provide key results towards this end.

B. Suboptimal Selection Case I: DSC
In this subsection, we analyze the DF-based IR scheme in which the destination and the eavesdropper node employ SC in order to maximize their respective achievable rate.In this case, the relay that gives the maximum capacity at the destination node is selected, i.e., where C DF md is defined in (18).Then, the secrecy rate for DSC is given by C DSC wherer = [1, 1, −1] and b = 1 σme , 1 σse , 1 σse + 1 σme .Theorem 2: The SOP for the DSC scheme is given by where . Proof: The proof follows the same steps as that of Theorem 1.

C. Suboptimal Selection Case II: DMM
We now investigate the use of MRC with the minimum selection scheme (DMM) under Case II, where additional CSI information about the Rm−E links is available.The objective is to select the relay in Fn to minimize the achievable rate at the eavesdropper node.This relay selection scheme considers only the Rm−E link and furthermore, both the destination and eavesdropper nodes employ MRC.In this case, the relay that yields the lowest instantaneous rate at the eavesdropper will be selected, i.e., Consequently, the secrecy rate becomes C DMM .The IP expression for this case can be obtained as where g (l) = To proceed with the derivation of the SOP, we first need to obtain a closed-form expression for the CDF of the RV Ỹ = Ψ m * d + Ψ sd , which is presented in the following lemma.
Lemma 2: The CDF of Ỹ is given by Proof: The proof of this lemma is analogous to that of Lemma 1.
We are now in a position to derive the desired SOP expression, which is provided in the following theorem.
Theorem 3: The SOP for the DMM scheme is given by where Proof: See Appendix III.

D. Suboptimal Selection Case II: DSM
For this case, the relay is chosen according to the following rule, while the secrecy rate is given by C DSM , in terms of which the intercept probability for the DSM case can be expressed as where b = |Fn| σme , 1 σse , 1 σse + |Fn| σme .Besides, the SOP can be obtained in closed-form as given in the following theorem.
Theorem 4: The SOP for the DSM scheme is given by where Jσ md = σmd exp Proof: The proof is similar to that of Theorem 3.

E. Optimal Selection Case III: DSO
The two previously considered relay selection schemes do not simultaneously involve the relay to destination and relay to eavesdropper channels.In contrast, the optimal relay selection scheme takes into account CSI information for both the mentioned links.This subsection presents the DSO scheme where the relay selected for forwarding the source signal to the destination is the one achieving the maximum secrecy capacity, which by definition takes into account the quality of both links.Specifically, the desired relay is chosen as where 1+Ψme .The secrecy rate for this case is given by [39] C where 1+Ψse .We notice that the derivation of the SOP in this case is quite challenging and it does not seem possible to obtain a closed-form expression.Therefore, we rely on the approximation of the SOP at high SNR in our study, as further developed in Section V.

F. Optimal Selection Case III: DMO
In the case of DMO, the proposed selection technique selects the optimal relay as in (38), and the secrecy rate will be Likewise the DSO case, obtaining a closed-form expression for the SOP in the DMO case is intractable.However, a closed form expression for the SOP in the high SNR regime will be obtained in Section V. Nevertheless, numerical SOP results for the DSO and DMO cases can be obtained through computer simulations.

G. Suboptimal Selection: DSA
Thus far, emphasis has been placed on the cases in which only the best relay was employed in the cooperation phase.The DSA scheme considers the case where several relays (i.e. more than 1) can assist in forwarding confidential information from S to D. To be specific, all the relays in the WIRS re-encode the information and forward this re-encoded message to the destination (and eavesdropper).This subsection assumes that both the destination and the eavesdropper use SC technique.Hence, the secrecy rate is defined as where With the assumption that both the destination and the eavesdropper node employ SC, the IP of the DSA scheme can be formulated as where ω = 1 σse − m σme .We next develop a closed-form expression of the secrecy outage performance for the DSA scheme.To begin, we first introduce the following key result.
Lemma 3: Let the denominator of the log function in (41) be 1+γ1.Then, the pdf of γ1 is derived as where .Then, by taking the derivative of we obtain (43).
Lemma 3 allows us to obtain a closed-form expression for the secrecy rate of the DSA scheme as stated in the following theorem.
Theorem 5: The SOP for the DSA scheme is given by where and η = 1 σid + ̺ σsd .Proof: Let the numerator of the log function in (41) be 1 + γ2.Using the PDF of RV γ1 as in (43) as well as the CDF of RV Y in (25), we express the secrecy rate of the DSA scheme as The desired result is obtained by substituting ( 43) into (47) and evaluating the resulting integral.

H. Suboptimal Selection: DMA
This scheme is analogous to the DSA one except that the destination and the eavesdropper both employ the MRC technique.In this case, the secrecy rate is where In the following, we analyze the IP of the DMA case in which all relays that can successfully decode the source's message simultaneously forward its replicated image to the destination.For this DMA case, the IP is defined as The latter can be expressed in closed form as where Next, we proceed to obtain the SOP of the DMA scheme which can be expressed as In order to proceed with the evaluation of (51), we first need to obtain a closed-from expression for the CDF of Ψ DMA md , which is provided in the following lemma.
Lemma 4: The CDF of Ψ DMA md is derived as Proof: See Appendix IV Now, with the help of Lemma 4, the final SOP expression for the DMA case can be obtained, as stated in the following theorem.
Theorem 6: The SOP for the DMA scheme is given by (53) shown on the top of the next page, where q ′ = 1 σse σ|Fn| In this section, to characterize the impact of key parameters on the secrecy outage performance, the asymptotic SOP in the high SNR regime is investigated.To simplify the developments, we let σsd = εσ md and σsm = εσ md , where ε and ε are positive numbers close to 1, which means that the channel quality of the legitimate links is comparable (of the same order).We also let σse = εσme with ε close to 1, meaning that the channel quality of the wiretap links is similar.We first consider the case σsd → ∞, which corresponds to a scenario where S is located much closer to D than E. Subsequently, we also consider the limiting case where σse → ∞, for which the intercept probability goes to 1. Below, we first derive SOP expressions in the asymptotic regime for each one of the following relay selection schemes: DSA, DSM, DSC, DMA, DMC, DMM, DSO and DMO.Using these formulas, we then derive corresponding expressions of the coding gain and diversity.
In turn, making use the above CDF, the following expression is obtained for the SOP in the asymptotic regime, DMC: We first note that in the asymptotic regime of high SNR, the probability of a WIRS event simplifies as follows, where π sℓm ε (σ ℓm + 1) ̺.Then, making use of ( 54) and (56) along with appropriate power series expansion, the asymptotic SOP of the DMC scheme is obtained as By proceeding in a similar manner, we can obtain the SOP expressions of the other schemes, which are presented below DSC:

B. Diversity Order and Coding Gain
In the high SNR regime for the legitimate links, the coding gain and diversity order are defined through the obtained asymptotic expression for the SOP, that is: , where C and D respectively denote the coding gain and the diversity order of the scheme Q under consideration.For example, in the case of DT , we immediately obtain from (55) that Proceeding in this manner, we can obtain the coding gain and diversity order for each one of the schemes considered in Subsection A. For reference, the diversity orders of these schemes are listed in Table II, while the coding gain can easily be computed as with the corresponding expression for P ∞,Q out calculated previously.Based on the above results, the diversity order of the schemes are summarized in Table II.

C. Remarks
• The maximum diversity order of M + 1 is achieved for the DMC, DSC, DMA, DSA, DMO and DSO schemes.In contrast, the DMM and DSM scheme achieve a (conditional) diversity order of M − |Fn| + 2, which decreases with the cardinality of the WIRS.Finally, the worst performing scheme is DT with a diversity order of = 1.• Since the diversity orders of DMC, DSC, DMA, DSA, DMO, and DSO are identical, the tradeoff among these schemes is solely characterized by their respective coding gains.Hence, their relative performance can be quantified in terms of the simple ratio of their coding gains, which can be interpreted as an SNR gap.For example, the SNR gap between the DMC and DSC schemes is given by Here CDMC > CDSC and so ∆C > 1, indicating that DMC outperforms DSC by 20 log 10 ∆C for the same SOP.We can show that the relative performance of the above schemes can be ordered as CDMO > CDSO > CDMC > CDSC > CDMA > CDSA.• It is observed that when Fn = ∅, i.e., no relay can decode the source symbol successfully, the exact SOP for all scenarios is reduced to In the special case when both σ sd and σse → ∞ at the same rate, the above expression results in a constant SOP; in turn, this floor phenomenon leads to a zero diversity gain.

VI. NUMERICAL RESULTS AND DISCUSSIONS
In this section, we present numerical results to validate the derived theoretical expressions of the SOP for the proposed methods.In the simulations, the noise variances are all normalized to unity, the data rate R = 0.5 bits per channel use.The simulation results are obtained by averaging over 10 5 independent runs, and the number of transmitted bits is set to 10 4 for each run.The relative SNRs of the various links are characterized by the following parameter values: ε = 1.01, ε = 0.9 and ε = 1.03.The default values of the parameters M and N , i.e. number of relays and eavesdropper antennas, are set to 4 and 5, respectively, unless otherwise specified.Fig. 3, shows the SOP comparison among the DT, DMC, DSM, DMM, DMA, DSO, DMO, DSC and DSA, by plotting Eqs. ( 10), ( 26), (30), (34), (37), (39), (40), (44) and (53), respectively, as function of SNR.From the various curves in Fig. 3, it is seen that the DMC, DSM, DMM, DMA, DSO, DMO, DSC and DSA schemes (in the low to medium SNR range) all perform better than DT in terms of secrecy performance, demonstrating the security benefits of exploiting cooperative relays to defend against eavesdropping attack.One can also see from Fig. 3 that the SOP performance of the DMO and DSO schemes is better than that of the other schemes, thereby showing the advantage of the optimal relay selection over the other selection schemes and multiple relay selection, as well as the traditional DT.The figure also includes a special curve for the case where the number of transmit antennas of the eavesdropper node N = 0 corresponding to the case where E does not send any AN to the legitimate network.From the simulation results, we see that the error floor phenomenon occurs in the absence of AN.This observation confirms that the presence of AN can highly affect the secrecy outage performance of the legitimate network.As can be observed, the analytical results are in perfect agreement with the simulation results, which demonstrates the validity of the derived analytical expressions.We also find that the high SNR approximations are quite accurate (although the asymptotic result is only plotted for DMA in order not to cause confusion in the figure).Fig. 4 shows numerical SOP results versus IP for both the conventional DT and the proposed single and multi-relay selection schemes, where the legitimate-to-eavesdropper channel gain ratio is around 11 dB.One can see from Fig. 4 that for a specific IP value, the SOP of the proposed relay selection schemes is strictly lower than that of DT, thereby confirming that the former outperform the conventional DT.It can be observed that the DSC and DMC schemes outperform the DSA approach ( i.e., when all successful relays in the WIRS are involved in transmission).This can be explained by noting that in the DSA case, the eavesdropper receives multiple copies of the  source signal when multiple relays transmit, which in turn degrades the secrecy performance.Fig. 5 shows the SOP as a function of the number for relays M of the DMC, DSM, DSA, DMM, DMA, and DSC schemes.It is observed from Fig. 5 that the DMC scheme performs better than the other single and multi-relay selection schemes in terms of SOP, except the DSO and DMO.Again the proposed optimal relay selection schemes, DSO and DMO, outperform the other schemes.Since even with a small increase in M the SOP of DMO and DSO rapidly tends to zero, the corresponding curves are not sketched here.One can also see from Fig. 5 that as the number of relays M increases, the SOP of the various schemes rapidly decreases, except for the DSA, DSM and DMM schemes.In the case of DSA, this can be explained by noting that for a fair comparison, the total amount of transmit power at the source and relay shall be limited to P ′ = 2Pm = 2Ps.However, using the equal-power allocation for simplicity, the transmit power at the source and relay is given by Pm = Ps.Thus, in DSA where all the relays in the WIRS cooperate in the next phase, the power of each relay is reduced to P ′ / (|Fn| + 1) which negatively affects the secrecy performance.The same line of thoughts can be applied for DMA; however, in this case with an increasing number of relays, the secrecy performance improves.In addition, as shown in Fig. 5, the SOP improvement of DSC and DMC becomes more significant as M increases.Fig. 6 examines the impact of the number N of eavesdropper's transmit antennas on the secrecy outage performance when M = 4, SNR = 30dB and the legitimate-to-eavesdropper channel gain ratio is around −3 dB.The results clearly demonstrate that wireless security degrade with an increase in the number N of antennas.Furthermore, for both MRC and SC combining solutions, the proposed optimal relay selection outperforms the other relay selection schemes as well as the DT in terms of SOP.In other words, the DMO and DSO schemes achieves the best SOP performance, further confirming the advantage of the proposed optimal relay selection.That is, no matter which combining solution (i.e., MRC and SC) is considered, the proposed optimal relay selection always performs better than the traditional relay selection and multiple relay combining approaches in terms of secrecy performance.We see that at the low SNRs, both MRC and SC combining solutions achieve similar results, while at the high SNRs, the MRC scheme outperforms the SC scheme.

VII. CONCLUDING REMARKS
We have studied the PHY-layer security in a cooperative wireless subnetwork that includes a source-destination pair, multiple relays, and a malevolent active eavesdropper, which can transmits AN with a multiple-antenna transmitter to degrade the achievable secrecy rate of the legitimate channels.Depending on the availability of the CSI, we considered different relay selection schemes, i.e. conventional, minimum and optimal selection, along with different combining methods at the destination and eavesdropper, i.e.MRC and SC.We first analyzed the secrecy capacity of the direct transmission in terms of IP and SOP.A DF incremental relaying (IR) protocol was then introduced to improve reliability and security of communications in the presence of the eavesdropper.For each one of the proposed relay selection schemes, and for both MRC and SC, we derived new and exact closed-form expressions for the IP and SOP under the Rayleigh channel assumption.We also characterized the secrecy performance of the various relay schemes in the asymptotic high SNR regime, which enabled us to obtain the associated coding gains and diversity orders.For both signal combining solutions, the proposed IR schemes (except DMM and DSC) achieve the maximum diversity order of M +1, where M is the number of relays.Our analysis and simulation results have revealed that the IR-based relaying with optimal selection outperforms the conventional selection, which in turns outperforms Then, with the help of ( 2), ( 70) and (71), and using properties of conditional expectations [54], we finally arrive at the expression of FY (γ) in (25).

APPENDIX II PROOF OF THEOREM 1
Introducing Z = Ψme + Ψse and according to the definition of SOP, we have Then, according to (74), (75) and conjuring the identity [55, Eq.

Fig. 1 .
Fig. 1.A wireless relay network consisting of one source (S), one destination (D), and M relay nodes Rm, exchanging information in the presence of an eavesdropper (E).The continuous and dashed black lines correspond to the legitimate forward and backward links of the legitimate network, respectively, while the dashed blue line illustrates the AN propagated by E.

Fig. 2 .
Fig. 2. A wireless relay network consisting of one source (S), one destination (D), and exchanging information in the presence of an eavesdropper (E).The continuous and dashed black lines correspond to the forward and backward links of the legitimate network, while the dashed blue line shows the AN propagated by E.

2
log 2 (1 + Ψ md ) , 1 2 log 2 (1 + Ψ sd ) .Notice that for the SC technique, the instantaneous SNR is given by the maximum of the two SNRs as in C DS e and C DS sd .In the following, we proceed to derive P DSC int , starting withP DSC int = Pr (max {Ψse, Ψm * e} > ̺) = 1 − FΨ m * e (̺)FΨ se (̺).(28) Making use of the CDFs of the RVs Ψse and Ψme, we obtain

Fig. 3 .
Fig. 3.The secrecy outage performance of proposed relay selection schemes and direct transmission versus SNR ( M = 4 and N = 5).

Fig. 4 .
Fig. 4. The secrecy outage performance of proposed relay selection schemes and direct transmission as a function of intercept probability ( M = 4 and N = 5).

Fig. 5 .Fig. 6 .
Fig. 5.The secrecy outage performance of proposed relay selection schemes and direct transmission as a function of the number of relays M (SNR = 10dB, N = 5).