6G Networks Physical Layer Security using RGB Visible Light Communications

Visible Light Communication (VLC) is a key technology for the sixth-generation (6G) wireless communication thanks to the possibility of using artiﬁcial environmental lights as a data transfer channel. Although VLC systems are more resistant against interference and less susceptible to security vulnerabilities like most wireless networks, VLC is even inherently susceptible to eavesdropping attacks. Moreover, since VLC is considered an enabling technology for 6G, speciﬁc mechanisms are needed to enforce data security. This paper considers improving the security of the next generation of wireless communications by using the Watermark Blind Physical Layer Security (WBPLSec) in VLCs. The main intuition is that RGB LEDs offer the possibility for Wavelength Division Multiplexing (WDM) as a useful support for the Spread-Spectrum (SS) watermarking. In this paper, we propose an approach that aims at obtaining VLC Physical Layer Security (PLS) by combining watermarking with an RGB LED jamming. We provide a performance analysis of the proposed security architecture based on the secrecy capacity in terms of its existence and outage probability. We prove that WBPLSec can be used to signiﬁcantly improve conﬁdentiality in the next generation of wireless communications. The results offer the possibility of creating a secure region around the legitimate receiver by leveraging the jamming optical power.


I. INTRODUCTION
The sixth-generation (6G) mobile communication technology is one of the emerging research areas which will change our society. Its launch is expected around 2030 when our society it is expected to be data-driven and unlimited wireless connectivity [1], [2]. The next-generation communications system aims to achieve high spectral and energy efficiency, low latency, and massive connectivity because of the extensive growth of telecommunications systems. We live in a hyper-connected society where sensors can exchange data even without human intervention. Internet of Things (IoT) systems generate a massive amount of data transmitted via a networking infrastructure connecting plenty of communicating computing devices. In such a scenario, the risk of cyberattacks is very high.
Many contributors outline the 6G vision and illustrate its benefits while providing arguments on how it will accelerate the digitization process in our society [3], [4].
6G wireless networks are expected to achieve data rates up to 10 Tbps with the aid of TeraHertz (THz) and optical frequency bands. This performance will be achieved with multiple technology enablers such as Artificial Intelligence (AI), new physical-layers, semantic communications, quantum computing, intelligent networks, and Visible Light Communication (VLC) [5]. Performance Indicators (KPI), and it specifically considers at VLC applications. Thus, Physical Layer Security (PLS), network security, and AI security will be fundamental for the evolution of the security landscape of next-generation telecommunication networks [6].

A. BACKGROUND
Traditional Radio Frequency (RF) solutions cannot meet the traffic capacity growing demand. Still, due to the scarcity of frequencies, there is a need to develop new technologies to support the next generation of wireless communications requirements. While optical spectrum is already a key enabler for the global Internet, Optical Wireless Communication (OWC) is a promising candidate for high-speed wireless communications [7]. The optical spectrum can be used to provide next-generation communication systems that are fast, secure, robust, and efficient. As seen in Fig. 2 and Table 2, the optical bandwidth is several orders of magnitude larger than the spectrum resources available in the RF bands. Due to the opportunity offered by the license-free operation over a significantly wider spectrum, many technological solutions have proliferated in OWCs. OWCs utilize three different regions of the electromagnetic spectrum: Ultraviolet (UV), visible light, and Infrared (IR). As shown in Fig. 2, VLCs are a branch of OWCs that involve electromagnetic waves in the visible spectrum for communications [8]- [10]. IEEE 802.15.7 standard [11] issued in 2011 by the Visible Light Communication Task Group has been a significant step towards the commercialization and widespread VLC networks. VLC links benefit from the license-free light spectrum, the immunity to Radio Frequency (RF) interference, and the use of inexpensive LEDs and Photo-Diodes (PDs) for transmission and reception, respectively. VLCs require Electrical-to-Optical (EO) conversion in transmission through LEDs and Optical-to-Electrical (OE) conversion in reception through PDs. If we consider that many light bulbs already use LEDs, it is easy to see that the implementation of VLCs is not such a remote possibility. Besides, VLCs exploit existing illumination infrastructure for wireless communications. If light changes fast enough, human eyes will not perceive the flickering effect and a LED scan receive data.
However, 6G technology do not guarantee satisfactory security and privacy [7]. In the coming years, researchers shall face many challenges in building a trustworthy and secure 6G. In this scenario, PLS techniques could represent an efficient solution to secure Wireless Sensor Networks (WSNs) [4]. Indeed, PLS aims at securing communications by exploiting the physical properties of the communication channel. They relay on processing the signal sent over a channel to guarantee some security properties without resorting to protocols or algorithms at layers higher than the physical one. The next generation of low-power sensors networks is where PLS can reduce energy consumption by guarantee faster computations than cryptography, extending the battery life of portable devices.
Since confidentiality is one of the major concerns of wireless communication, researchers proposed many innovative solutions to improve it. Confidentiality through PLS was first considered in 1949 by Shannon, who presented the first application of information-theoretic secrecy [12]. This paper proposes an alternative to cryptography by using watermarking as a covert-channel to transfer information between two devices. Such covert-channel is an essential part of the PLS solution that we propose here. The remaining part of the proposed architecture over VLC consists of jamming intended as a luminous signal capable of destroying a specific part of the communication between the two devices.
This paper focuses on a particular architecture that uses watermarking and jamming to improve communications security by operating at the physical-layer and then creating a secure region around the legitimate receiver.

B. CONTRIBUTION
The Watermarked Blind Physical Layer Security (WBPLSec) protocol utilizes a jamming receiver in conjunction with a Spread-Spectrum (SS) watermarking technique [13]. This technique has received considerable interest in the last few years as it is as a standalone security solution for sensor networks. In a paper presented in 6G Wireless Summit 2020 [14], we provided a first proposal on how to apply a watermark-based physical layer security solution to VLCs. The current paper significantly extends that proposal with a deeper analysis about the existence of the Secrecy Capacity (C s ) and the probability of outage (P out ). In particular, the conference paper [14] proposed the intuition of using the two primitives of watermarking and jamming on VLC to improve communication security. That work presented preliminary results that used a channel model for VLCs that only predicted line of sight (LOS), and in numerical simulations, the channel coefficients were deterministic. In this paper, we consider a complete channel model that includes non-lineof-sight (NLOS) reflections due to obstacles or people in the room, which leads us to evaluate the coefficients according to a Rayleigh-type distribution. In the conference paper, the secrecy rate is computed by estimating the differential entropy using assumptions on the transmitted signal distributions, while during the simulations, the deterministic channel coefficients were estimated in numerical form. This work proposes calculating the existence of the secrecy capacity in closed form by evaluating the Signal-to-Interference-plus-Noise Ratio (SINR) as random variables whose probability density functions are derived below. It also calculates the probability of outage the secrecy capacity, which is very useful for understanding where a secure communication can or cannot occur.
The actual contributions fall within the following categories: • WBPLSec in 6G networks. The proposed technique examines in-depth how the combination of watermarking and jamming can be successfully employed on VLC-based 6G networks. A novel RGB VLC transceiver architecture is defined in which the new PLS protocol implements watermark-based communication with an intentionally jamming receiver. • Security region. With the application of WBPLSec we can build a security region around the legitimate receiver where 6G communication can take place securely. • Evaluation of SINR distribution. Based on the proposed architecture where the receiver contains a jammer and considering a full reflection channel model, this paper calculates the distribution of SINR at the legitimate receiver and attacker levels. These distributions are an essential step to support the final part of the paper. • Analysis and evaluation. The performance evaluation of a blind PLS protocol for 6G is based on the secrecy capacity in terms of its existence and outage probability.

C. ORGANISATION
The rest of the paper is organized as follows: Section II describes the main motivation and the innovation introduced for 6G secure communications. Section III briefly discusses alternative approaches. Section IV describes the VLC channel, whereas Section V introduces our model for the physical layer security over VLC networks. Section VI thoroughly discusses the secrecy capacity expression of a watermarkbased VLC and the probability of outage of the secrecy capacity. Section VII presents the numerical results. Section VIII concludes the paper. A list of important acronyms is given in Table 1.

II. MOTIVATION
This section discusses the motivation behind the interest in VLCs as a technology for secure communications in the 6G domain. This motivation is twofold: (i) the advantages that  VLC offers over traditional wireless communications and (ii) the ability to use RGB LEDs to combine watermarking and jamming in order to have communications that are resilient to eavesdropping attacks.

A. OPPORTUNITY WITH OPTICAL FREQUENCY BANDS
To realize the performance and application scenarios of 6G, we expect four new paradigm shifts for current wireless communication networks: global coverage, utilization of all spectrums, smart applications with the aid of AI, and network security by design.
For to this paper, it is essential to note that the study of usable frequencies will examine sub-6 GHz, mmWave, THz, and optical frequency bands [15]. VLC is a wireless communication technology that uses visible light for data transmission. It is the most common form of wireless communication technology today and one of the fastest and most efficient. Compared with RF, VLC has an unlicensed and free of charge optical bandwidth. Table 2 shows how the spec-VOLUME XX, 2021 trum of visible light is potentially larger than the available bandwidth of RF. This makes very high data rate communication possible and virtually fulfills the 1 − 10 Gb/s/m 3 KPI associated with 6G [16]. Furthermore, since the optical band does not overlap with RF bands, there is no electromagnetic interference [17].
The extremely high demand for data-rate in 6G poses major challenges in terms of security and privacy. Due to the high computational demand, existing security schemes are not appealing [16]. The 6G Flagship Program (6GFP) [18] is advising to consider security at each layer, but the security protection at physical layer is of fundamental importance [19]. To secure 6G wireless networks, we need to provide efficient PLS schemes with existing authentication and cryptographic protocols [1]. For example, low-power sensor networks are where PLS can provide significant advantages over cryptography in computational demand.

B. SECURITY INNOVATION IN 6G
The core characteristics of VLC, such as directional propagation, human visibility, and spatial confinement, guarantee inherent security in specific scenarios. For instance, the VLC signal isolation enhances communication security by preventing eavesdropping of in-room or in-building communications [9]. This paper proposes WBPLSec, an architecture to enhance 6G communications security by combining watermarking with a jamming receiver over VLC networks. This standalone security solution has been already investigated with success for other mediums such as RF and acoustic communications [13], [20].
WBPLSec has been proposed as a way to achieve confidentiality in 6G communications.
There are two common approaches to implement VLCs; the first uses white LEDs, the second RGB LEDs. The second solution guarantees a higher bandwidth, since it uses the three different independent channels to increase the data throughput [21], [22]; see Table 2.
Let us consider an example of the architecture of we would like to propose. Considering the case that Alice wants to send a secret message (x) to Bob. Alice transmits the watermarked signal using an RGB LED. Bob receives the message through a single RGB color-tuned PD but while receiving it, he jams Alice's VLC using an RGB LED. Eve, the eavesdropper, may use multiple PDs to violet secrecy. The system model is depicted in Fig. 3. The scheme proposed exploits three RGB independent channels and uses a Wavelength Division Multiplexing (WDM) to watermark the VLC. It relies on four main actions (see Fig. 3): • Spread-Spectrum watermarking: part of the secret message is first modulated with a spreading sequence and then transmitted by using only the red light; • Jamming Receiver: Bob jams Alice's message using RGB LED; • Selective jamming: Bob jams only part of the on the way message, and knowing the jammed part, he can rebuild the clean message. The jamming has not affect on the Spread-Spectrum (SS) watermark; • Communication hiding: the proposed method transmits information through two independent paths using blue light and red light. The first one is a narrowband Amplitude Shift Keying (ASK) signal transmitted through the blue light. At the same time, the SS watermark signal uses the red light and create in this way a covert channel. The actual steps of WBPLSec are described in Algorithm 1.
Application scenario. WBPLSec on the VLC network can be successfully applied in those scenarios where RGB LEDs are used for lighting. In this paper, the discussion is done by considering the case of indoor VLCs; this is because it is necessary to define a channel model to calculate the secrecy capacity of the proposed model. Intuitively, this architecture, which uses watermarking and jamming on RGB VLC, can be also applied on outdoor VLC and underwater communications where optical signals are already success-fully used. Each use case will have to use the corresponding channel model.

C. LIMITATIONS OF RELATED WORKS
Although many methods propose PLS solutions on VLC that include jamming, in almost all cases, these algorithms must involve other nodes in the network in order to coordinate and degrade the attacker's channel. Other solutions instead rely on architectures that use OFDM, signal reflections, or RIS, and this requires a more complex receiver in terms of modulation and demodulation. On the contrary, our solution aims at providing a mechanism that by combining for the first time watermarking and jamming is resilient to manin-the-middle attacks. Our methodology is compatible with traditional VLCs watermarking and is a kind of covertchannel that can be used or ignored if a receiver does not implement our algorithm there will be no jamming. Currently, no work combines jamming at the receiver side with a covert-channel mechanism in VLC networks. Moreover, if we consider communications inside a room we could spread the jamming within the walls of the room so that the created security region coincides with the room. In this way, the communication will always be secure, whether the attacker is in the room and subjected to jamming or outside the room where he will not receive any signal.

III. RELATED WORK
This paper proposes the application of WBPLSec to VLCs. Although some contributions [4], [7], [23] suggest using VLCs as a means to achieve secure communications. our proposal to combine watermarking and jamming in VLCs is new. We use watermarking as a covert channel to re-compose the information disrupted by the legitimate receiver, who uses jamming as a security tool. In this section we briefly discuss some of the works by other researchers concerned with OWC technology, jamming, and covert channel communications.

A. OWC AND VLC TECHNOLOGIES
Over the years, researchers have published many papers on OWC and VLC, proposing new modulation schemes and comparing the performance with classical RF communications [24]. More recently, there have been contributions selecting VLCs as an enabling technology for next-generation wireless communications. Indeed, VLCs can offer low latency communications and a spectrum of several orders of magnitude greater than traditional communications [25]. The continued study by academia and the wireless device industry have identified new opportunities using optical frequency bands. Following this trend, in recent years, Haas et al. have developed Light-Fidelity (LiFi) that extends the concept of VLC to achieve high-speed, secure, two-way wireless communications. LiFi uses frequencies above 10 GHz, which results in more complex network infrastructure with smaller cells [26], [27]. In some situations, the VLC channel consists mainly of only the LOS; in that case, the optical signals will not be subject to fading. Thus, the absence of fading, combined with the fact that in VLC systems the wavelength of the optical signals is much smaller than the receiving PDs allows these systems to provide precise and reliable positioning services with centimeter-level accuracy [28], [29]. The possibility of determining the position of the receiver with a certain accuracy is a feature that makes VLC/OWC very interesting from a cybersecurity point of view and gives an advantage to legitimate receivers over attackers. The high performance provided by VLC may, in some cases, degrade rapidly if the receiver rotates or moves; then there would be a loss of signal. A solution to this problem can be offered by reconfigurable intelligent surfaces (RIS). Surfaces made of metal or liquid crystal could be dynamically configured to direct the transmitted light signal to the moving receiver [30], [31].

B. JAMMING AS A SECURITY TOOL
Secrecy capacity is defined as the maximum transmission rate achievable whenever the eavesdropper's channel observations are noisier than the legitimate user's channel [32]. Theoretical results have shown that secrecy can be improved by exploiting channel variations [33]- [35]. Other contributions use jamming to interfere with wireless communications [36], exploit jamming as a tool for improving security in cooperative networks [37], use friendly jamming as a powerful tool to increase secrecy of wireless systems [38]. Since these schemes are mainly applicable in a mobile environment, a channel-independent protocol called iJAM was introduced [39]. With this protocol, the sender transmits two times each symbol, and the receiver randomly jams complimentary samples over the two symbols. This technique has some weaknesses in terms of communication throughput because it cuts the data rate by half. In addition, it has security weaknesses because an adversary that observes two consecutive transmissions could rebuild the message by comparing and removing the jammed bits. WBPLSec overcomes these problems.

C. COVERT CHANNEL COMMUNICATIONS
Cryptographic protocols are the classical means for protecting data from unauthorized access. Unfortunately, there are cases in which encryption is inappropriate; in these cases the use of unconventional communication channels can be of help. In 1973, Lampson defined the covert channel as a communication channel that is not intended for information transfer [40]. We could say that covert channels are alternative tools to guarantee privacy of digital communications through information hiding [41]. We can use them for different legitimate and non-legitimate purposes. In some cases, we can use covert channels to improve network security, while in other cases, to breach it. Government and companies can use these channels to protect their communications, cyber-criminals can exploit this technology in the same way. For instance, Hanspach et al. proposed using covert channels to circumvent network security policies by establishing new communication paths [42]. Authors recently VOLUME XX, 2021 considered using covert channel for authentication [43]. The strength of this approach is the encapsulation of information in an existing medium, to avoid any modification of standard protocols. Any system that uses TCP/IP can benefit of hidden communications that transmit information through networks without triggering Intrusion Detection Systems (IDS) [44].

D. VLC SECURITY
VLC has gained significant interest due high data-rate, robustness against interference, and low cost of LEDs and PDs. By their nature, indoor VLCs are confined, for example, by the room's walls where the communication is taking place [8]. On the one hand, this can limit communication by making it necessary to install other light sources to propagate communication between different hotspots [45]. On the other hand, it offers a considerable advantage in terms of security and privacy. In practice, VLCs offer better PLS and privacy than RF systems because light waves cannot pass through walls, making it nearly impossible to intrude into sensitive structures by picking up the wireless signal.
Over the past few years, many papers investigated security of VLCs; we refer to [46] for a survey. Many contributions in the literature propose VLC-based PLS solutions to enhance security of wireless communication systems [47]. An example is given by SecLight [48]; there light intensity and reflections are combined with the channel estimation to enhance security of VLC in IoT. An interesting set of contributions investigated solutions using jamming to improve security of VLCs [49], [50]. For instance, Mostafa et al. [51] proposed friendly jamming to prevent eavesdropping. Some authors have proposed other jamming schemes to improve the performance of PLS in VLC systems. In such an indoor VLC scheme, they assumed to have many LEDs mounted on the room's ceiling. The LED closest to the legitimate receiver will transmit the information while the others will create a light interference towards the attacker to reduce its SINR [52]. From another perspective, depending on the receiver technology, camera-based VLC uses a camera as a receiver instead of PDs to secure mobile communications [53].
In addition, other contributions show how using VLCs can have a high directional gain that makes interception of information transmission very unlikely, making the links more secure than we would have with traditional RF communications [54]. Among the research contributions in PLS for VLCs, it is also worth mentioning those that use multipleinput multiple-output transceiver-based beamforming techniques to create secure communication zones [55]. Other researchers have posited a physical layer encryption method based on optical OFDM to strengthen the confidentiality of VLC systems. This method performs a complex encryption operation on OFDM signals that make it resistant to statistical and brute force attacks [56]. The use of RIS is considered a new area of research to improve VLC security. These reconfigurable surfaces can be used in at least three ways: dynamic multipath tuning, producing jamming, and beam steering to the legitimate receiver [57].

IV. VLC CHANNEL MODEL
In this section we introduce the VLC channel model presented that will be instrumental for evaluating the secrecy capacity of the model we propose.
VLCs, in general, utilize the Intensity Modulation (IM) scheme along with Direct-Detection (DD). In particular, with IM/DD technique, the transmitted signal x i (t) is the optical power generated when the modulated current signal passes through the LED. However, the dynamic range of the LED is inherently limited. Therefore, the modulating signal must satisfy certain amplitude constraints to avoid clipping distortion [58]. On the other side, the received signal y(t) is proportional to the optical power that arrives at the Photo-Diodes (PD) [8]. On the transmitter side, the desired illumination level is maintained by setting the appropriate Direct-Current (DC) bias of the overall signal fed into the LED [9]. The DD technique supports only the modulation variation to transmit the information through light intensity alteration. The phase of the signal can not be considered because the transmitted light is incoherent.
The received signal y(t), after the PD, in a VLC is conventionally modeled as follows where h ∈ R + is the channel gain and n(t) is the background light noise, which is modeled as a signal-independent Additive White Gaussian Noise (AWGN) [8].
An indoor VLC channel consist of two main components: the Line-Of-Sight (LOS) channel and the diffuse channel. The first is composed of the light that directly hits the PD without bouncing on other objects. The second, also known as Non-Line-Of-Sight (NLOS), includes all light rays that bounce the objects in the room. Thus, this paper considers the LOS component (see Fig. 4) and the first reflection as NLOS (see Fig. 5).
Modeling a VLC channel should define the transmitter as the light source and consider the amount of light received by the PD. There are various models of VLC channels that differ in terms of source and reflection surfaces [59]. This paper uses the Lambertian emission law that says that the intensity of light emitted by an ideal diffuse source detected by an observer is directly proportional to the cosine of the angle between the normal to the surface and the observer's direction. In this model, the observer (i.e., receiver) can be considered a new light source with an intensity equal to the previously received power, while the observer will be elsewhere. In our opinion, this model works well in the presence of obstacles such as a room with objects can be. Thus, assuming to have Lambertian light source, the LOS component of the channel DC gain, i.e. H(0) = ∞ −∞ h(t)dt, between one LED and one PD is given by [8] where A r is the receiver collection area, R is the PD responsivity, m = − ln(2) /ln(cos(φ 1 2 )) is the order of the Lambertian emission with half irradiance at φ 1 2 , φ is the angle of irradiance, D(ψ) = n 2 /sin 2 (ψ F OV ) is the gain of the optical concentrator with n refractive index, d is the LOS distance between the LED and the PD, ψ is the angle of incidence, and ψ F OV is the receiver's angle Field-Of-View (FOV).
The channel DC gain of the first reflection is shown as where A r is the receiver collection area, R is the PD responsivity, m = − ln(2) /ln(cos(φ 1 2 )) is the order of the Lambertian emission with half irradiance at φ 1 2 , φ is the angle of irradiance, D(ψ) = n 2 /sin 2 (ψ F OV ) is the gain of the optical concentrator with n refractive index, d 1B is the distance between the transmitter, i.e. Alice, and a reflection point, d 2B is the distance between the reflection point and the receiver, i.e. Bob, ρ denotes the reflection coefficient, dA w represents the emission area of a micro surface, α expresses the incidence angle of a reflection point and β is the radiation angle of the receiver, ψ is the angle of incidence, R is the PD responsivity, and ψ F OV is the receiver's angle FOV.
Under the assumption that Alice has one RGB LED, for a given transmission power (P t ), the total received power is given by the DC channel on the directed path, i.e. H d (0), and reflected path diffused path through the walls, i.e. H ref (0) [60].
In the indoor VLC channel the LOS and diffuse components are separated from each other in the time domain [61]. Therefore, the channel transfer function is expressed as where H d represent the LOS link and H ref is the contribution given by the diffuse reflections [61], [62]. To consider people's movement between transmitter and receiver, the fluctuation in channel gain H can be described by Rayleigh distribution where σ p is the scale parameter accounting for people density in the room. Considering both direct and reflected paths, when d 2 A r , the received optical power (P r ) can be computed by taking into account walls' reflections as follows where P t is the transmitted optical power from the RGB LED. In a VLC system, the Signal-to-Noise Ratio (SNR), i.e. γ v , is proportional to the square of the received optical power: where P t is the transmitted optical power, H(0) is the channel DC gain and σ 2 is the spectral density of the background noise.

V. WBPLSEC SYSTEM MODEL
In this section we present a modified version of the nondegraded wiretap channel model [63] that takes into account the jamming channel utilized to jam the received signal and also the eavesdropper. Fig. 6 shows the model used to analyze the physical layer security in VLC. The source message (x S ) N of length N is encoded into code-word (x S ) N with the same length. In particular, the encoder embeds the watermark (x W ) N W of length N W into the host signal (x S ) N . The legitimate user, Alice, transmits (x S ) N to Bob through the main channel. Eve receives this VOLUME XX, 2021 where h M , k J , h E , g J are the channel's gains. x S is the data signal, x J is the jamming signal, n M and n E are the complex zero-mean Gaussian noise with variance σ 2 .
In 1997, Cox et al. [64] defined the methodology for the digital watermarking. They introduced three different ways (equations) to watermark a signal. We exploit the first of their equations. It states that the watermarked signal v can be expressed by where v(i) is the i-th sample of the signal, µ is the scaling parameter and w(i) is the watermark. In our scenario, equation (10) becomes where x S (i) is the i-th sample of the continuous ASK transmitted signal [65], µ is the scaling parameter and w(i) is the SS watermark. The host ASK modulated signal x S can be expressed as where A a is the amplitude, T hs is the symbol time and f hs is the frequency of the modulated signal.
We use the Direct Sequence Spread Spectrum (DSSS) technique for signal watermarking that can be expressed as where (x W (i)) k is the k-th data bit of the watermark signal, (c W (i)) j represents the j-th chip of the orthogonal pseudonoise (PN) sequence, g(i) is the pulse waveform, T c is the chip length, and T b = T hs = N c T c is the bit length. Pass-band blue light filter hR; Pass-band red light filter xJ = Jamming(NW ); Algorithm 2 x = Demod.ASK(hB * yM ); Demodulation ASK xW = Demod.DSSS(hR * yM ); Extract watermark Signal watermarking is performed relying on the traditional spread spectrum [66]. The secret x that Alice and Bob want to exchange is ASK modulated to create the host signal while a part of x, x W , is used to create the SS watermark. The main idea behind the watermark embedding phase is that the transmitter marks, utilizing SS, the host signal x S selecting the last N W of x. Then x W is given by Let us now consider the VLC application of the WBPLSec. The model is shown in Fig. 6, in which the jamming receiver, together with the watermarking, provides secrecy. Please notice that Bob rebuilds the original message by using the information contained in the watermark. Indeed, he replaces the destroyed bits with those in the watermark [13], [20]. To simplify the derivation of the secrecy capacity expression, we assumes that x S , x J and w are uniformly distributed over the interval [−A, A].

A. JAMMING STRATEGY
A key feature of WBPLSec architecture is the jamming receiver. As shown in Fig. 3, we assumed to transmit the ASK signal through the blue light and the SS watermark through the red light. The VLC channel composes the signal consistently. Bob jams to interfere with the ASK received signal. With this technique, Bob destroys a specific part of  Clearly, jamming effectiveness depends on Alice and Eve's distance from Bob, and this determines the region where we can have a secure communication. Later on in this paper, we will define it a secure region. Jamming is obtained by increasing blue light intensity and altering the dynamic of the PD while weakening part of Alice's signal. Table 3 contains the description of the main parameters used for jamming. The legitimate receiver, Bob, can efficiently implement the jamming strategy through the procedure sketched in Algorithm 2. It is worth noticing that, Algorithm 2 assumed to jam the last N W bits of the message x because we used the last N W bits to build the watermark. However, it is not mandatory to use the latest N W ; everything would continue to work if we use N W bits chosen at random in the x message.
The choice of assigning the SS watermark signal to the red light and the ASK signal to the blue light was dictated by the desire to guarantee a greater bandwidth to the SS watermark. Intuitively, we can say that the proposed architecture would be effective also if the role of blue and red light is reverse.

VI. SECRECY CAPACITY OF THE WBPLSEC IN VLC
In this section, we address the general problem of physical layer security by investigating the secrecy capacity of a Rayleigh VLC channel. We assumed that IM/DD channels are modeled with amplitude constraints [58].
First, we need to introduce some preliminaries. Since WBPLSec algorithm relies on an intentional interference it is necessary to take into account the Signal-to-Interferenceplus-Noise Ratio (SINR).
The SINR at the legitimate receiver, γ M , is given by where P t is the transmitted optical power, H M (0) is the channel DC gain between Alice and Bob, P j is the jamming optical power, and σ 2 is the background noise spectral density. It is assumed that Alice and Bob experience the same background noise. The jammer is installed close to the receiver's photo-detector and generates an artificial selective interference that destroys part of the information received. Please notice that with this architecture, the jamming channel k J cannot be described using equation (4) that is valid only in the far-field condition, i.e., when d 2 A r . This is not the case for Bob's jammer. We imposed K(0) = K without loss in generality, considering that the P j undergoes an average attenuation in the near-field region at the legitimate receiver. Channels are power limited, and it is assumed that P t = E S/N ) is the average transmitted power, P j = M · P t is the average jamming power when Bob jams M samples over N with M < N .
The SINR at the eavesdropper, γ E , is given by where H E (0) is the channel DC gain between Alice and Eve, G J (0) is the channel DC gain between Bob and Eve, and σ 2 is the background noise spectral density. It is assumed that Bob and Eve experience the same σ 2 . As in Fig. 3, it is also assumed that the channel fluctuations are described by a Rayleigh probability density function, which means that H M (0), H E (0) and G J (0) are Rayleigh distributed. Hence, the distribution of the SINR at the legitimate receiver can be written as follows where γ M is the SINR at Bob's receiver, P j is the jamming optical power and σ 2 is the background noise spectral density, P t is the transmitted optical power and σ p is the scale parameter based on the people density in the room. Similarly, the distribution of γ E is given by where γ E is the SINR at Eve's receiver, and σ 2 is the background noise spectral density, σ p and σ f are the scale parameters based on the people density in the room for the main and jamming channel (see Fig. 6), respectively.

VOLUME XX, 2021
When Bob has a better channel realization than Eve, i.e. γ M > γ E , the secrecy capacity (C s ) of the legitimate link is defined for the non-degraded Gaussian wiretap channel [63], [67] as follows where p(f x S ) is the statistical distribution of the input signal x S and I(.; .) stands for the mutual information over the main and wiretap channels, C M is the channel capacity from Alice to Bob, i.e. the main channel, and C E is the channel capacity from Alice to Eve, i.e. the wiretap channel exploited by the eavesdropper.

A. EXISTENCE OF SECRECY CAPACITY
The existence of non-zero secrecy capacity is an important metric because it indicates the feasibility of secure communication. As shown in Fig. 3, the main channel and the eavesdropper's channel are independent. In addition, by knowing the probability density function of SINRs given by (17) and (18), the probability of existence of a strictly positive C s is where Ci(z) = z 0 ( cosh(t) /t)dt is the hyperbolic cosine integral function, Si(z) = z 0 ( sinh(t) /t)dt is the hyperbolic sine integral function. We assumed that any VLC receiver experiences the same people density in the room, i.e., Remark 1. It is interesting to observe that the probability of existence is independent of Alice's transmitted power. Moreover, it is useful to evaluate (20) by varying the jamming intensity, i.e., P j . From (20) it follows that when P j → ∞ we have that and when P j → 0 we have that

B. OUTAGE PROBABILITY OF SECRECY CAPACITY
We can also characterize the secrecy capacity of a VLC channel in terms of outage probability, P out , i.e., the probability that the instantaneous secrecy capacity is less than a target secrecy rate R s > 0. In this section, we derive a closed-form of the P out , but first, we must understand its significance. P out provides a security metric when Alice and Bob do not have information about the eavesdropper's channel. In this case, Alice can only set the secrecy rate to a target R s and knowing that C s = C M − C E , Alice can assume that the Eve's capacity is C E = C M −R s . If R s < C s , Eve's channel will be worst than Alice's one, i.e., C E < C E , ensuring perfect secrecy. Otherwise, if R s > C s , then C E > C E and the communication security is compromised.
For computing P out it is useful to consider the probability density function of γ M and γ E (equations (17) and (18)). It can be shown that the P out is given by Proof.

VII. NUMERICAL RESULTS
We now present the numerical results confirming the existence and the outage probability of the secrecy capacity, modeled in the previous section. The performance of the WBPLSec method to secure VLCs are investigated by considering the scenario depicted in Fig. 7 with VLCs inside a standard room size of 5 m × 5 m × 4 m. The reference coordinate system origins being positioned in the center of the room for the simulations.
Currently, there are no devices that allow the implementation of the proposed model efficiently. Indeed in the coming years, RGB and PD LEDs will arrive to support this type of VLC. Therefore, since we could not perform actual experiments, in this section we provide some numerical evaluations. In particular, we focus on the parametric analysis of the developed model and then show the trend of the secrecy capacity and the existence of the secure communication region around Bob. Table 4 lists all the parameters used for the parametric analysis, including the transmitted power, the jamming intensity, and the orientations of the transmitter and receivers. Alice, Bob, and Eve utilize LEDs with the same characteristics. During simulations, we assumed that Alice was installed on the room's roof, whereas Bob and Eve could freely move inside the room. Without loss in generality, we considered the first reflection from each room's wall. Instead, higher-order reflections were neglected.
The room contains some obstacles such as furnitures and other people that randomly obstruct the line of sight between Alice and any VLC receiver. The channel variations induced by these obstacles were modeled with a Rayleigh distribution. The author assumed to have the same people density on both the main and the eavesdropper channels; this results in having the same parameter for both channels, i.e., σ p = σ f = σ f p . Fig. 8 presents the normalized received optical power with LOS and NLOS contributions with Alice had coordinates (0, 0, 2) m. As shown in Fig. 3, Alice consists of one RGB LED that radiates 10 mW optical power. The WBPLSec  architecture includes a second transmitter, i.e., the jammer; thus, Fig. 9 presents the normalized jamming power emitted by Bob when he is placed in the corner of the room (Bob's coordinates are (−1, −1, −1) m). It is essential to understand the jamming power pattern around the legitimate receiver to understand its effectiveness. Fig. 10 shows the secure region that Bob can create around him by using a jammer. The problem is to tune the optimal jamming intensity to have γ M > γ E , meaning that Bob can significantly degrade Eve's reception. This condition guarantees existence of the secrecy capacity or, in short, a confidential VLC between Alice and Bob when Eve is inside such region.
The Fig. 11 shows what happens when the attacker moves close to the transmitter. In fact, with Alice positioned on the roof and Bob on the floor when Eve moves on the plane (X, Y, 1), i.e., at about 1 meter from the ceiling, Bob's VOLUME XX, 2021  jamming is less effective, and γ E is always greater than γ M , and therefore we have no secure region. In this situation, Alice may decide not to transmit at all. Fig. 10 and Fig. 11 considered a jamming intensity of 2048 bits out of 16384 total and φ 1 2 = 70°. The parametric analysis also evaluated the impact of varying the half power angle (φ 1 2 ), as shown in Fig. 12. It was observed that an angle of 30°, that therefore concentrates the light more highly, makes jamming more effective and increases the size of the safe communication region compared to the region obtained with φ 1 2 = 70°. It is important to note that the choice of φ 1 2 will still need to be weighted so that people do not see a bright spot on the floor due to a narrowangle. Fig. 13 presents the existence of the C s as a function of the jamming optical power emitted by the legitimate receiver. It can be seen that the probability of the existence of the secrecy capability increases rapidly as the intensity of jamming increases.  In Fig. 14 we plot the probability of outage (P out ) of the secrecy capacity for different Rayleigh channels conditions and secrecy rate (R s ) values. In all scenarios, we have that P out rapidly decreases when jamming optical power increases.

VIII. CONCLUDING REMARKS
VLC is considered a key enabler technology for fast wireless communications. Such a kind of communication exploits the paradigm transmitting while illuminating. The availability of this free spectrum creates an opportunity for lowcost broadband communication that could alleviate spectrum congestion. This study shows that WBPLSec, a watermarkbased VLC with a jamming receiver, can enhance devices'  cybersecurity by implementing a physical layer standalone security solution. We computed closed-form expressions for the existence of the secrecy capacity and of its outage probability for a modified wiretap channel. Our approach offers legitimate receivers the possibility to create a secure region that guarantees confidential communication between them and the transmitters. Thus, exploiting this blind full-rate protocol, a legitimate receiver can, for example, exchange a secret shared key with a neighboring device in the same room by exploiting VLCs. Moreover, if the attacker was outside the security region created by Bob, the communication could be eavesdropped; in this case, Alice could still figure out if she is in a jamming coverage area and decide not to transmit at all. We evaluated the robustness of our approach by considering attackers with continuous access to wireless networks and with the possibility of moving freely within rooms. We also considered that attackers' capabilities might change depending on their position relatively to the security region of interest.
In such a scenario, we expect attacks like the followings: • Eavesdropping: This attack aims at passively sniffing the communication to analyze it in a second moment to compromise future communication. • Message Injection Attack: The goal of this attack is to send a customized and malicious message to Bob to compromise the communication between Alice and Bob. • Replay Attack: This attack aims to reuse a previously transmitted and sniffed message in successive communication to replicate the legitimate transmission. • Message Modification: In this case, the goal is to modify the message during transmission. WBPLSec can indeed mitigate these attacks.
Confidentiality of messages is obtained thanks to the jamming phase, which allows only Bob to know the jamming points and consequently to reconstruct the message. This property allows preventing eavesdropping.
Replay protection is assured because Bob has randomly chosen and destroyed a part of the message, and with each subsequent communication, it will have different information and the distorted bits will also be different. This property will prevent any attempt by Eve to reuse an old message and thus avoid message injection and replay attacks.
Integrity of sent messages is guaranteed because a unique watermark for each transmission is added and in case the attacker tries to modify the watermarked message, Bob would notice an abnormal increase in the number of errors during the extraction of the watermark itself. This property prevents message modification attacks.
Finally, it is essential to note that the proposed algorithm is backward compatible with the technology used by VLCs. Alice can insert the watermark used only by a receiver that VOLUME XX, 2021 implements WBPLSec; otherwise, if the receiver does not implement this algorithm, the watermark will not be used, and the jamming will not be transmitted. Bob, for his part, does not assume to know Eve's position, and so when Bob jams, this interference is radiated identically in different directions creating precisely a secure region where Bob can communicate with Alice when Eve is within this area. Possible developments of this work may involve methods of targeting the light beam such that jamming is concentrated in areas of the room where the attacker is most likely to be located.