To understand the potential of MIMO processing for jammer mitigation, let us first briefly consider how regular communication in MIMO systems works, i.e., communication in the absence of jamming. For illustration, we consider the so-called multiuser MIMO uplink, where \(U\) user equipments (UEs), each equipped with single antenna, simultaneously transmit data to a \(B\)-antenna basestation. The signal that the basestation receives and samples at time \(k\) can be modeled using the language of linear algebra, as $$ \mathbf{y}_k = \mathbf{Hs}_k+\mathbf{n}_k.$$ Here, \(\mathbf{y}_k=[y_1,\dots,y_B]^T\in\mathbb{C}^B\) is a \(B\)-dimensional complex vector, where the different entries correspond to the signals that are received at the different basestation antennas; \(\mathbf{H}\in\mathbb{C}^{B\times U}\) is a complex matrix whose entry in the \(u\)th column of the \(b\)th row represents the wireless channel from the \(u\)th UE to the \(b\)th antenna of the basestation; \(\mathbf{s}_k=[s_1,\dots,s_U]^T\in\mathcal{S}^U\) is a \(U\)-dimensional vector, where the \(u\)th entry \(s_u\in\mathcal{S}\) is the data symbol that the \(u\)th UE transmits at time \(k\); and \(\mathbf{n}_k\) is any noise which corrupts the channel (typically, this would be thermal noise at the receiver) and usually modelled as white Gaussian noise, \(\mathbf{n}_k\stackrel{\text{i.i.d.}}{\sim}\mathcal{CN}(0,N_0)\). The transmit symbols \(s_u\) correspond directly to the bits that the UEs wish to convey to the basestation. E.g., the so-called transmit constellation \(\mathcal{S}\) could be BPSK, \(\mathcal{S}=\{+1,-1\}\), where transmitting the symbol \(+1\) would corresond to sending the bit zero, and transmitting the symbol \(-1\) would correspond to sending the bit one. The basestation's goal is therefore to recover, based on \(\mathbf{y}_k\), the transmit symbols contained in \(\mathbf{s}_k\). How can it do so? Assuming that the basestation knows the channel \(\mathbf{H}\), it can invert the effects of the channel by multiplying the receive signal \(\mathbf{y}_k\) with the so-called pseudoinverse \(\mathbf{H}^\dagger\) of \(\mathbf{H}\), which (with some fineprint) has the property that \(\mathbf{H}^\dagger \mathbf{H} \mathbf{s}_k = \mathbf{s}_k\). So if the basestation multiplies \(\mathbf{y}_k\) with \(\mathbf{H}^\dagger\), it obtains $$ \mathbf{H}^\dagger \mathbf{y}_k = \mathbf{H}^\dagger ( \mathbf{Hs}_k+\mathbf{n}_k ) = \mathbf{s}_k + \mathbf{H}^\dagger\mathbf{n}_k, $$ i.e., it obtains the transmit vector \(\mathbf{s}_k\), but corrupted by the noise term \(\mathbf{H}^\dagger\mathbf{n}_k\). Since the noise \(\mathbf{n}_k\) is random (and therefore unknown to the basestation), there is not much that we can do at this point. A reasonable, and in fact common, thing to do is to simply round the entries of the vector \(\mathbf{H}^\dagger \mathbf{y}_k\) to the nearest possible constellation symbol in \(\mathcal{S}\). If we use BSPK, \(\mathcal{S}=\{+1,-1\}\), this is particularly easy: If the \(u\)th enry of \(\mathbf{H}^\dagger \mathbf{y}_k\) is positive, we round to \(+1\) (i.e., we reckon that the \(u\)th UE wanted to transmit the bit zero at time \(k\)); if it is negative, we round to \(-1\) (i.e., we reckon that the \(u\)th UE wanted to transmit the bit one). How often our bit estimates will be wrong when applying this scheme depends primarily on the strength of the signal \(\mathbf{Hs}_k\) compared to the noise \(\mathbf{n}_k\), or signal-to-noise ratio (SNR).
To get a feeling for the matter, let's simulate a small system where \(U=2\) UEs transmit BSPK data to a basestation with \(B=4\) antennas,
which estimates the transmitted bits as described above.
For the wireless channel \(\mathbf{H}\), we use the simplistic but popular i.i.d. Rayleigh fading model,
meaning that the entries of \(\mathbf{H}\) are drawn independently from a complex Gaussian distribution \(\mathcal{CN}(0,1)\).
Consider the following plot of the bit error rate (BER) versus the SNR, measured in decibels (dB):
As claimed above, the BER depends heavily on the SNR. If the noise is much (\(=20\,\)dB) stronger than the signal,
the BER is almost 50%, meaning that we are completely clueless about the transmitted bits and might as well take a guess by flipping a coin.
On the other hand, if the signal is much (\(\geq10\,\)dB) stronger than the noise, then bit errors are a rare exception and
happen in less than \(0.01\)% of the cases.
The upshot is that as long as we can ensure that the signal strength exceeds the strength of the channel noise, reliable transmission of information is possible.
Let us now consider how the impact of a malicious changes the behavior of our communication system.
We now assume that, in addition to the \(U\) legitimate UEs, there is a single-antenna jammer that emits strong Gaussian interference \(w_k\)
to make it impossible for the basestation to recover the transmit signal \(\mathbf{s}_k\).
The wireless channel between the jammer and the basestation is then a \(B\)-dimensional vector, which we denote by \(\mathbf{j}\).
With the jammer, the signal that the basestation receives at time \(k\) is
$$ \mathbf{y}_k = \mathbf{Hs}_k+\mathbf{j}w_k+\mathbf{n}_k.$$
Let's first see how the basestation fares against the jammer when it does business as usual, i.e., when it simply computes
\(\mathbf{H}^\dagger \mathbf{y}_k\) and rounds the entries of the result to the nearest constellation symbol to estimate the transmitted bits.
Note that now
$$\begin{align}
\mathbf{H}^\dagger \mathbf{y}_k &= \mathbf{H}^\dagger ( \mathbf{Hs}_k+\mathbf{j}w_k+\mathbf{n}_k ) \\
&= \mathbf{s}_k + \mathbf{H}^\dagger\mathbf{j}w_k + \mathbf{H}^\dagger\mathbf{n}_k,
\end{align}$$
i.e., besides the noise term which corrupts the transmit signal \(\mathbf{s}_k\), there is now also the jammer-interference term \(\mathbf{H}^\dagger\mathbf{j}w_k\).
Since the jammer is actively hostile and presumably transmits with high power, this term can potentially be very large.
To assess the impact on system performance, we consider the same basic system parameters as before.
The jammer channel \(\mathbf{j}\) is also assumed to be i.i.d. Rayleigh fading, and we assume that the
jammer transmits at \(25\,\)dB higher power than the UEs. Let's again plot the BER as a function of the SNR:
Uh, oh. This is bad. The BER is pretty much independent of the SNR and stays around the \(40\)% to \(50\)% range.
What this means is that the thermal noise \(\mathbf{n}_k\) becomes more or less irrelevant, as the performance is limited by the strong jammer interference.
Clearly, we need to do something if we still want to accurately recover the transmitted bits. But what?
This is where the magic of MIMO processing comes into play—spatial filtering.
Note that in our model, the basestation has \(4\) antennas, and the jammer has only one.
In the parlance of linear algebra, this means that the basestation receives a \(4\)-dimensional signal,
and that the jammer interference lives on a one-dimensional subspace of the receive signal.
So the basestation can filter out the jammer by filtering out that subspace.
Mathematically, we say that the basestation can project the receive signal \(\mathbf{y}_k\) onto the orthogonal
complement of the jammmer subspace span\((\mathbf{j})\). How does it do this?
By multiplying \(\mathbf{y}_k\) with a specific matrix \(\mathbf{P}\) which is called the orthogonal projection onto span\((\mathbf{j})^\perp\).
Clearly, this matrix \(\mathbf{P}\) has to depend on the jammer channel \(\mathbf{j}\). One way to write it is
$$ \mathbf{P} = \mathbf{I}_B - \mathbf{jj^\dagger},$$
where \(\mathbf{I}_B\) is the identity matrix of size \(B\), and where
where \(\mathbf{j^\dagger}\) is the pseudo-inverse of \(\mathbf{j}\). Remember that we have already seen the pseudo-inverse before and noted that it has the
property that \(\mathbf{j^\dagger j}w_k = w_k\). The identity matrix has the property that \(\mathbf{I}_B\,\mathbf{j}w_k = \mathbf{j}w_k\).
Let's see then what happens when the basestation multiplies \(\mathbf{y}_k\) with this \(\mathbf{P}\):
$$ \begin{align}\mathbf{P} \mathbf{y}_k &= (\mathbf{I}_B - \mathbf{jj^\dagger})(\mathbf{Hs}_k+\mathbf{j}w_k+\mathbf{n}_k) \\
&= (\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{Hs}_k+(\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{j}w_k + (\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{n}_k \\
&= (\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{Hs}_k+ \mathbf{I}_B\,\mathbf{j}w_k - \mathbf{jj^\dagger}\mathbf{j}w_k + (\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{n}_k \\
&= (\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{Hs}_k+ \mathbf{j}w_k - \mathbf{j}w_k + (\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{n}_k \\
&= (\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{Hs}_k+ (\mathbf{I}_B - \mathbf{jj^\dagger})\mathbf{n}_k \\
&= \mathbf{P} \mathbf{Hs}_k + \mathbf{P}\mathbf{n}_k.
\end{align}$$
The jammer signal has disappeared! What remains looks like a jammerless system, except that the wireless channel is now not
\(\mathbf{H}\) anymore, but \(\mathbf{PH}\), and that the noise is now not \(\mathbf{n}_k\) anymore but \(\mathbf{Pn}_k\).
The basestation can now treat it as such and multiply the signal \(\mathbf{Py}_k\) with the pseudo-inverse of \(\mathbf{PH}\).
We obtain
$$ (\mathbf{PH})^\dagger\mathbf{Py}_k = \mathbf{s}_k + \mathbf{H}^\dagger\mathbf{Pn}_k, $$
where the only term that corrupts the transmit signal is noise-related.
Let us therefore see how the BER vs. SNR dependence looks:
Much better. As the SNR increases, the BER again goes down to \(0.1\)% and beyond.
But it is not quite as good as the jammerless system: To reach a BER of \(0.1\)%, we need roughly \(5\,\)dB higher SNR. Why?
When we applied the projection \(\mathbf{P}\) to the receive signal \(\mathbf{y}_k\), we rejected a part of the receive signal,
and with it a part of the received information—namely the part of the signal that comes from the same direction (or subspace) as the jammer interference.
So a part of the useful information ends up as collateral when we null the jammer. There is no such thing as a free lunch.
Where is the rub? In our exposition, we have taken a lot for granted. For instance, we have assumed that the basestation knows the UE channels \(\mathbf{H}\) as well as the jammer channel \(\mathbf{j}\). In reality, this knowledge is not simply a given but has to somehow be obtained. The UE channels are less critical here, as the UEs would presumably be cooperative when it comes to estimating their channels (even if the presence of the jammer of course also complicates the UE channel estimation process). Potentially more problematic is the estimation of the jammer's channel: the jammer will almost certainly not be cooperative in this task, and may in fact actively try to prevent it. Of course, a jammer could also have more than one transmit antenna, which complicates things even further. Much of my recent work has turned around the question how the basestation can estimate the jammer's channel also in those cases. To this end, we have proposed a new paradigm which we call joint jammer mitigation and data detection. You can read more about it in the following two papers:
Wireless systems must be resilient to jamming attacks. Existing mitigation methods based on multi-antenna processing require knowledge of the jammer's transmit characteristics that may be difficult to acquire, especially for smart jammers that evade mitigation by transmitting only at specific instants. We propose a novel method to mitigate smart jamming attacks on the massive multi-user multiple-input multiple-output (MU-MIMO) uplink which does not require the jammer to be active at any specific instant. By formulating an optimization problem that unifies jammer estimation and mitigation, channel estimation, and data detection, we exploit that a jammer cannot change its subspace within a coherence interval. Theoretical results for our problem formulation show that its solution is guaranteed to recover the users' data symbols under certain conditions. We develop two efficient iterative algorithms for approximately solving the proposed problem formulation: MAED, a parameter-free algorithm which uses forward-backward splitting with a box symbol prior, and SO-MAED, which replaces the prior of MAED with soft-output symbol estimates that exploit the discrete transmit constellation and which uses deep unfolding to optimize algorithm parameters. We use simulations to demonstrate that the proposed algorithms effectively mitigate a wide range of smart jammers without a priori knowledge about the attack type.
Multi-antenna (MIMO) processing is a promising solution to the problem of jammer mitigation. Existing methods mitigate the jammer based on an estimate of its subspace (or receive statistics) acquired through a dedicated training phase. This strategy has two main drawbacks: (i) it reduces the communication rate since no data can be transmitted during the training phase and (ii) it can be evaded by smart or multi-antenna jammers that are quiet during the training phase or that dynamically change their subspace through time-varying beamforming. To address these drawbacks, we propose Joint jammer Mitigation and data Detection (JMD), a novel paradigm for MIMO jammer mitigation. The core idea is to estimate and remove the jammer interference subspace jointly with detecting the transmit data over multiple time slots. Doing so removes the need for a dedicated and rate-reducing training period while mitigating smart and dynamic multi-antenna jammers. We instantiate our paradigm with SANDMAN, a simple and practical algorithm for multi-user MIMO uplink JMD. Extensive simulations demonstrate the efficacy of JMD, and of SANDMAN in particular, for jammer mitigation.
Another aspect that we have ignored is the one of hardware: Wireless receivers have to triangulate between a number of requirements including cost, power consumption, and sheer technical feasibility. One of the consequences of such triangulations is we want modern basestations to be equipped with low-resolution analog-to-digital converters (ADCs). Even though this would be desirable for a multitude of reasons, it leads to problems of its own. One of these concerns jammer-resilience: In receivers with low-resolution ADCs, it is no longer appropriate to simply model the received signals using linear algebra, as we have done here. In particular, a strong jammer can drown the legitimate communication signals in non-linear quantization noise, which can not be removed by means of spatial filtering. To enable the mitigation of jamming attacks also in basestations with low-resolution ADCs, we have proposed hybrid architectures that combine certain analog prefilters with a subsequent digital filter. You can read more about it in the following two papers:
Low-resolution analog-to-digital converters (ADCs) simplify the design of millimeter-wave (mmWave) massive multi-user multiple-input multiple-output (MU-MIMO) basestations, but increase vulnerability to jamming attacks. As a remedy, we propose HERMIT (short for Hybrid jammER MITigation), a method that combines a hardware-friendly adaptive analog transform with a corresponding digital equalizer: The analog transform removes most of the jammer’s energy prior to data conversion; the digital equalizer suppresses jammer residues while detecting the legitimate transmit data. We provide theoretical results that establish the optimal analog transform as a function of the user equipments’ and the jammer’s channels. Using simulations with mmWave channel models, we demonstrate the superiority of HERMIT compared both to purely digital jammer mitigation as well as to a recent hybrid method that mitigates jammer interference with a nonadaptive analog transform.
Millimeter-wave (mmWave) massive multi-user multiple-input multiple-output (MU-MIMO) promises unprecedented data rates for next-generation wireless systems. To be practically viable, mmWave massive MU-MIMO basestations (BSs) must rely on low-resolution data converters which leaves them vulnerable to jammer interference. This paper proposes beam-slicing, a method that mitigates the impact of a permanently transmitting jammer during uplink transmission for BSs equipped with low-resolution analog-to-digital converters (ADCs). Beam-slicing is a localized analog spatial transform that focuses the jammer energy onto few ADCs, so that the transmitted data can be recovered based on the outputs of the interference-free ADCs. We demonstrate the efficacy of beam-slicing in combination with two digital jammer-mitigating data detectors: SNIPS and CHOPS. Soft-Nulling of Interferers with Partitions in Space (SNIPS) combines beam-slicing with a soft-nulling data detector that exploits knowledge of the ADC contamination; projeCtion onto ortHOgonal complement with Partitions in Space (CHOPS) combines beam-slicing with a linear projection that removes all signal components co-linear to an estimate of the jammer channel. Our results show that beam-slicing enables SNIPS and CHOPS to successfully serve 65% of the user equipments (UEs) for scenarios in which their antenna-domain counterparts that lack beam-slicing are only able to serve 2% of the UEs.
Besides these two, there are also numerous other challenges. On some of these, I am actively working. So please stay tuned!