ArticlePDF Available

Metasurface Manipulation Attacks: Potential Security Threats of RIS-Aided 6G Communications



The physical layer security (PLS) of reconfigurable intelligent surfaces (RIS) is critical for providing secure and reliable communications in the 6th-generation (6G) wireless systems. This paper contributes to a debate on many aspects of unique vulnerabilities that can arise in the PLS of RIS with malicious attacks on signal processing (SP) in 6G networks. We address and categorize future security threats in RIS-aided networks considering PLS aspects. Metasurface manipulation attacks (MSMA) are based on manipulating metasurface behavior for malicious purposes. In this study, we present the potential hostile activities of MSMA considering the impact of electromagnetic and time-frequency deterioration. In addition, we evaluate various interference-based MSMA and eavesdropping booster-based MSMA (EaB-MSMA), which are novel potential PLS attacks that involve manipulating phase shifting activity with SP on malicious RIS. We also compare performance degradation in the presence of hostile interference-based MSMA through the manipulation of maliciously configured RIS. Additionally, in the EaB-MSMA case, the loss of secrecy capacity is shown to be considerably greater in passive eavesdropping scenarios.
Metasurface Manipulation Attacks: Potential
Security Threats of RIS-Aided 6G Communications
Hakan Alakoca, Graduate Student Member, IEEE, Mustafa Namdar, Member, IEEE,
Sultan Aldirmaz-Colak, Senior Member, IEEE, Mehmet Basaran, Member, IEEE, Arif Basgumus, Member, IEEE,
Lutfiye Durak-Ata, Senior Member, IEEE, and Halim Yanikomeroglu, Fellow, IEEE
Abstract—The physical layer security (PLS) of reconfigurable
intelligent surfaces (RIS) is critical for providing secure and
reliable communications in the 6th-generation (6G) wireless
systems. This paper contributes to a debate on many aspects
of unique vulnerabilities that can arise in the PLS of RIS with
malicious attacks on signal processing (SP) in 6G networks.
We address and categorize future security threats in RIS-aided
networks considering PLS aspects. Metasurface manipulation
attacks (MSMA) are based on manipulating metasurface be-
havior for malicious purposes. In this study, we present the
potential hostile activities of MSMA considering the impact of
electromagnetic and time-frequency deterioration. In addition, we
evaluate various interference-based MSMA and eavesdropping
booster-based MSMA (EaB-MSMA), which are novel potential
PLS attacks that involve manipulating phase shifting activity with
SP on malicious RIS. We also compare performance degradation
in the presence of hostile interference-based MSMA through the
manipulation of maliciously configured RIS. Additionally, in the
EaB-MSMA case, the loss of secrecy capacity is shown to be
considerably greater in passive eavesdropping scenarios.
Index Terms—6G communications, metasurface manipulation
attacks, physical layer security, reconfigurable intelligent sur-
faces, wireless security.
Future developments in digital society are anticipated to
be dramatically altered by 6G wireless communication net-
works. Massive connectivity, extremely low latency, reduced
power consumption, higher data speeds, broader coverage,
and improved reliability are all made possible by connec-
tivity. Reconfigurable and programmable metasurfaces have
emerged as a potential technology and are currently draw-
ing more attention in 6G wireless networks as a result of
noteworthy advancements in technologies like radio-frequency
micro-electro-mechanical systems. Reconfigurable intelligent
surfaces (RIS) often consist of a large number of passive
devices controlled by software that has been modified. Re-
cently, a detailed overview of RIS hardware and modeling
H. Alakoca and L. Durak-Ata are with the Information and Communications
Research Group, Informatics Institute, Istanbul Technical University, 34469,
Istanbul, Turkey (e-mail: {alakoca, durakata}
M. Namdar is with Kutahya Dumlupinar University, 43100, Kutahya,
Turkey (e-mail:
S. Aldirmaz-Colak is with Kocaeli University, 41001, Kocaeli, Turkey (e-
M. Basaran is with both Kartal R&D Center, Siemens San. Tic. A.S., 34870,
Istanbul, Turkey (e-mail:
A. Basgumus is with Bursa Uludag University, 16059, Bursa, Turkey (e-
H. Yanikomeroglu is with the Department of Systems and Computer
Engineering, Carleton University, Ottawa, ON K1S 5B6, Canada (e-mail:
This work has been supported by The Scientific and Technological Research
Council of Turkey (TUBITAK) under Project 120E307.
with operational considerations has been published in [1].
Furthermore, within the scope of this study, the RIS hardware
interface designs are examined in detail with a variety of
operating modes.
The potential of RIS still requires specific security solutions
due to the vulnerability of physical layer security (PLS) attacks
[2]. PLS has been widely considered as a potential paradigm
for improving transmission privacy and secrecy against ma-
licious attacks on wireless communication networks using
signal processing (SP) algorithms. The study of RIS-aided PLS
systems, in particular, has been advanced by several research
articles that have studied the structure of RIS considering SP
algorithms [3], [4]. Motivated by this, several improvements
and optimization algorithms have been proposed in the liter-
ature to enhance PLS, notably for the passive eavesdropping
(PE) scenarios described in [5], [6]. An RIS-based jamming
attack [7], a joint jamming and eavesdropping attack [8], a
pilot spoofing attack [9], and a pilot contamination attack
[10] have also been discussed in the literature. In addition,
an RIS-aided robust hybrid beamforming-based secure com-
munication system has been studied in [11] in the presence
of eavesdropping and jamming nodes. The performance of
the secure communication system for an RIS-aided multiple
input and multiple output communications in the presence of
a malicious eavesdropping RIS module and an eavesdropper
has been investigated in [12]. A systematic and comprehensive
overview of deep reinforcement learning techniques in order
to optimize multi-RIS-aided communication environment with
multiple users is provided in [13]. In [14], the authors point
out the issue of illegal use of an RIS with severe impacts on
both signal leakage and interference attack scenarios. However,
these attack scenarios are not further diversified or classified.
Various modulation schemes are proposed in the literature to
increase system performance, such as [15] for an RIS-aided
In this study, potential threats to RIS-aided networks are
discussed, classified, and analyzed to address challenging
steps in building secure next-generation networks. We address
potential threats to PLS in communications to illuminate future
research directions. The main contributions of this study are
summarized in the following.
Feasibility of the vulnerable configurations: We provide a
basic overview of the feasibility of malicious RIS-aided com-
munications considering the attacker’s perspective, followed
by a discussion on why the malicious RIS is preferable to
generic relay nodes.
Potential RIS-specialized attack models: We introduce and
classify metasurface manipulation attack (MSMA) types for an
RIS-aided environment in next-generation wireless networks
Base Station
Microcontroller Plane
Units RFE
Circuit Board
Copper Backplane
RIS Panel
Meta-Surface Plane
Any security vulnerability?
Backhaul Communication
Granted Access for Vulnerable Conguration
Operating System
Network Function
Silicon Level
Enable vulnerable
or EM congurations
Jamming or
Fig. 1: Feasibility of vulnerable configuration of an RIS-aided communication.
to combat possible communication risks. We also categorize
these risk elements from the point of the characteristics of
electromagnetic and time-frequency deterioration.
Case studies: We extensively examine conventional vul-
nerability cases for information exploitation and information
gathering attacks, considering performance evaluation in terms
of bit error rate (BER) and positive secrecy capacity (PSC).
This article aims to provide a detailed investigation of poten-
tial security threats in an RIS-aided wireless communication
network in 6G. The analysis for the PLS perspective is pre-
sented in detail considering two special cases for information
gathering and information exploitation with respect to the
system performance results.
RIS-aided communication systems are promising solutions
to be included in next-generation networks and are expected
to be widely used. Various applications that utilize RIS-aided
systems have the potential to be used in technologies such
as industrial communications, space communications, body
area networks, and interconnected vehicular communications.
However, the foreseen use cases of 6G networks can be
detrimental to any vulnerable access to an RIS-aided com-
munication environment. Here, we detail the feasibility of the
vulnerable configuration of RIS-aided networks, as illustrated
in Fig. 1 step by step.
Backhaul access: If attackers find any security vulner-
ability of a microcontroller in hardware or software-based
systems, it will be accessed in backhaul links in RIS-aided
communication networks. Chip security vulnerabilities have
long been acknowledged, but wireless communication security
will undoubtedly depend on them. Software-only security is
no longer adequate, as cyber attacks penetrate the system
stack. An RIS-aided infrastructure should be constructed on
top of a trusted root established in the system’s silicon layer.
Security of the software side as network function, operating
system, and firmware are also critical. Every level of security
is only as secure as the layer beneath it. The vulnerable access
mechanism is illustrated in Fig. 1. Eventually, vulnerable
configuration access will be granted to utilize an RIS in a
hostile manner.
Feedback of vulnerable configuration: The optimal
reflection coefficients of the RIS are analyzed in the base
station (BS) and sent to the RIS controller through a specific
feedback link in the typical scenario predicted for its operation
[3]. This feedback is connected via a backhaul communication
link as shown in Fig. 1 and is responsible for designing the
reflection/refraction coefficients with the aid of the channel
state information (CSI). After vulnerable access is granted,
the hostile configuration can be attainable using the CSI of
connected users to the RIS node.
Software controlled SP: The main components of the
microcontroller plane are depicted in Fig. 1. Microcontrollers
are capable of processing baseband signals from BS with the
aid of field-programmable gate arrays (FPGA) [3]. RF front-
end (RFE) units are also used for signal transmission and
reception for surface elements. Any unauthorized access to
microcontroller hardware and/or backhaul communication link
can modify and maintain the microcontroller to alter baseband
operations. Through software-defined radio transceiver nodes,
an RIS-aided multichannel transmission is practicably imple-
mentable, but it is still prone to vulnerable configurations.
Metamaterials: Metasurface plane which is consists of
the circuit board, copper backplane, RIS panels and meta-
atoms, is presented in Fig. 1. Alongside phase-shift circuits
for reflecting and transmitted signals, there is also power
amplifying units for active metasurfaces in the circuit-level
implementation. Metamaterial technology plays a crucial role
in RIS-aided communications through 6G networks. Recent
developments and investigations of the physical architecture
of metasurfaces are presented in a comprehensive way in [1].
Vulnerable access impacts surface-level hardware elements,
including the circuit board, copper backplane, and meta-atom
elements with the aid of FPGA units. Incident signals are
modified by maliciously configured phase shift circuits.
Vulnerable beamforming and wave propagation: It is
possible to adjust electromagnetic propagation functionality,
such as reflection, refraction, absorption, focusing, and po-
larization properties of incident signals, etc., through meta-
surfaces. We also note that these electromagnetic propagation
functionalities can be regulated for malicious purposes which
are indicated in Fig. 1. Maliciously configured phase shift
circuits can modify the behavior of incident, reflected, and
refracted electromagnetic waves. Increasing the SP capability
of RIS can present unique security risks and potential threats
to wireless networks.
RIS-based communication systems depend mainly on the
configuration of their metasurfaces, which are used to maxi-
mize or optimize the signal-to-noise ratio (SNR) between the
transmitter and receiver nodes. What if an RIS, which has full
configuration capability of the electromagnetic environment is
operated as a malicious relay node? RIS-aided communication
systems have simpler transmitter and receiver structures than
conventional relay networks. Changing the electromagnetic
property of an RIS architecture for reflected and refracted
signals increases the inventory of hostile attacks. In the event
of hostile access to a microcontroller device capable of SP
functions, an RIS can be easily adjusted for adversary pur-
poses. However, malicious manipulation could be performed
in the time and frequency domain to degenerate or obtain the
frame structure of legitimate users.
RIS is specialized in reshaping electromagnetic waves in a
specified manner, and regular RIS units are capable of forming
reflections of incident signals in desired forms with the aid of
CSI of the nodes. In addition to reflecting capability, thanks to
metamaterial developments in recent years, it is also possible
to refract signals in desirable directions. Due to these unique
electromagnetic capabilities, it is inevitable to encounter that
attackers will gain additional unique abilities. In this section,
we introduce possible attack types according to RIS’ abilities.
A. Reflection
Reflection, which is the most widely used characteristic
electromagnetic mechanism of metasurfaces, could be em-
ployed in an eavesdropping or jamming manner. First, the
applicability of reflection-based electromagnetic deterioration
depends on the modification of the phase shift matrix of the
RIS units.
A conventional MSMA (C-MSMA) is inspired by a
conventional jamming attack that depends on the modification
of all elements of the surface. The primary method of altering
the attacking behavior of the phase shift matrix elements is
the injecting of Gaussian distributed phase shift elements. In
the C-MSMA case, complex Gaussian distributed phase shifts
should be obtained. The average SNR of the legitimate user
pair is reduced as a result of manipulated reflections.
A partial MSMA (P-MSMA) is an applicable partial
selection of metasurfaces generated by C-MSMA. In this
case, lower surfaces and power consumption are enough to
manipulate the target signal than for a C-MSMA. Similar to
C-MSMA, a phase shift matrix should be acquired to make
an effective reflection deterioration.
An orthogonal MSMA (O-MSMA) another jamming-
based scenario that constitutes a phase shift matrix orthogonal
to the actual one. This impact significantly degrades the cas-
caded channel gain, since the norm of the individual channels
will be minorized according to the Gram-Schmidt process.
Thus, instead of benefiting, RIS harms the user. It can be
applicable when obtaining the CSI of each individual channel.
Setting the nullspace of the ideal phase shift matrix using
both QR decomposition and singular value decomposition
(SVD) could be possible to degradation of the performance
of legitimate users.
An eavesdropper booster MSMA (EaB-MSMA) is an
information gathering-based scenario through SP operations
of metasurfaces, which are coordinated by malicious access.
After obtaining the CSI of the BS and Eve alongside a
legitimate phase shift matrix, it could be applicable to generate
a phase shift matrix to maximize eavesdropper SNR instead
of UE. Therefore, the system performance of eavesdroppers
improves significantly, while the signal quality of legitimate
users degrades due to this attack.
B. Refraction
Simultaneously reflecting and transmitting RIS or the intel-
ligent omni-surface concept has recently gained importance in
the literature [1]. Energy splitting, time splitting, and mode
switching modes are the main behaviors of the omni-surface
RIS units. These abilities of omni-surface elements can be
used by attackers for jamming and eavesdropping activities.
A refracted time shifter MSMA (RfTS-MSMA) is
an activity vulnerable to deterioration of the time-switching
mechanism in elements of the omni-surface. It is required to
obtain and modify the time-switching activity mechanism in
this scenario. It can be applied via vulnerable time-shift mod-
ification of the communication time of the RIS to constitute
an interference signal.
A refracted energy shifter MSMA (RfES-MSMA) is a
harmful alteration of the energy sharing behavior between the
transmission and reflection operations of the proper system.
In RfES-MSMA, after acquiring the phase shift matrix and
energy sharing parameters of the omni-surface elements, can
be modified to maintain the jamming behavior of RIS.
A refracted mode shifter MSMA (RfModS-MSMA)
is another adversarial attack that modifies the transmit or
reflecting behavior of each individual metasurface element.
In RfModS-MSMA, the attacker reselects transmitting and
reflecting elements in the RIS based on mode switching on
omni-surface. It could be applicable by setting receiving to
transmitter mode or transmitting to receiving mode to generate
interference signals.
A refraction eavesdropper MSMA (RfE-MSMA) is
an eavesdropping type scenario to capture BS data by ma-
nipulating RIS with characteristics of the omni-surface. Ba-
sically, similar to EaB-MSMA, omni-surface behavior could
be modified by time, mode or energy switching mechanism in
onmi-surface elements. The attacker could select the proper
modifications of these parameters to increase eavesdropping
activity with the aid of phase shift matrix and CSI of the BS
and Eve.
TABLE I: Vulnerable activities of malicious RIS-aided networks considering electromagnetic deterioration capability. (Φ: Phase
shift matrix)
C-MSMA Jamming ΦGaussian distributed artificial phase injection to
whole metasurfaces
P-MSMA Jamming ΦGaussian distributed artificial phase injection to
selected metasurfaces
O-MSMA Jamming Φ, CSI of the BS and UE Setting SVD or QR decomposition of the Φ
EaB-MSMA Eavesdropping Φ, CSI of the BS and Eve Generating and utilizing Φto maximize
eavesdropper SNR
RfTS-MSMA Jamming Φ, time switching activity Adjusting vulnerable time-shift modification to
RfES-MSMA Jamming Φ, energy splitting behavior Vulnerable modification of energy coefficient for
RfMod-MSMA Jamming Φ, mode switching activity Adversarial mode shifting for omni-surfaces
RfE-MSMA Eavesdropping Φwith time, mode, or energy
switching mechanism
Operating hostile modifications for suitable
omni-surface operations to increase eavesdropping
InAbs-MSMA Jamming ΦTurning off metasurface behavior or setting the
whole phase-shift as zero
InSpl-MSMA Jamming Φ, access multi-user ordering
and power allocations
Manipulating user ordering or manipulating power
allocations via optimization algorithms
Ain-MSMA Jamming Φ, CSI of the victim UEs and
Generating interference signals for victim links via
beamforming optimization
BeamFrag-MSMA Eavesdropping Φ, CSI of the BS, UE, and Eve Utilizing optimization tools to minimize secrecy
AmpAlt-MSMA Jamming ΦVulnerable alteration of the amplitude of the Φfor
active metasurfaces
Type Behavior Prerequisites Feasibility
Absorption and
Focusing and
C. Absorption and Splitting
Despite the fact that a fully programmable smart radio
environment could adjust metasurface materials to absorb
incident signals for specific purposes, the amplitude of the
reflected signals, which come from legitimate users, could
be severely degraded. The splitting of incident signals is an-
other electromagnetic method of RIS-aided communications.
Metasurfaces can be adjusted to split signals for transmitting
multiple UEs with the aid of CSI.
An information absorption MSMA (InAbs-MSMA)
is based on the absorbing of electromagnetic signals by the
elements of the metasurface in a vulnerable manner. In InAbs-
MSMA which is required to obtain phase shift matrix, can
be applied by turning off metasurface behavior or setting the
whole phase shift as zero.
An information splitting MSMA (InSpl-MSMA) is
effective in degenerating user ordering methods and optimizing
power allocation. After obtaining phase shift matrix behavior,
multi-access network allocations, and user ordering, it is
possible to manipulate user ordering or power allocation mech-
anisms in the communication environment. It can be viable by
using optimization algorithms for malicious purposes.
D. Focusing and Beamforming
Guarding secure communications against eavesdropping us-
ing the RIS elements given in [12]. As shown in [12] artifi-
cial noise solutions are especially effective in combating the
eavesdropper effect. However, a similar design could be used
for malicious purposes. Furthermore, when there is no line-
of-sight between the BS and the RIS link, there can be severe
performance degradation due to RIS-aided communication.
Furthermore, in more extreme cases, only selected victim user
or users might be affected by focusing and beamforming,
whereas other users would not be impacted by using powerful
SP mechanisms.
An artificial interference injection MSMA (Ain-
MSMA) is a possible beamforming attack that uses reflected
interference signals to manipulate the PIN diodes of the
metasurface element. The attack design could be able to
advance by beamforming optimizations with the aid of CSI
of the BS and victim UEs. Please also note that the direct
link between the BS and RIS could be easily targeted for the
jamming attack to ultimate signal degeneration. Victim UEs
are exposed to Ain-MSMA by manipulating metasurfaces to
deteriorate the direct link between BS and UEs.
A beamforming fragmentation MSMA (BeamFrag-
MSMA) which is another eavesdropping action, can be applied
by minimizing the convex or non-convex form of secrecy
capacity which can be solved using alternating optimization,
manifold minimization, or semidefinite relaxation methods. It
can be viable after capturing the phase shift matrix, and CSI
of the BS, UEs, and Eve.
An amplification alteration MSMA (AmpAlt-MSMA)
is another focusing type vulnerable activity that can be found
in active RIS elements capable of amplification. When captur-
ing the phase shift matrix, it is possible to alter the amplitude
of the matrix elements. If the power level is above the desired
level, undesirable situations can occur in signal clipping and
a high peak-to-average power ratio at the destination node.
Potential vulnerabilities and attacks that can occur through
malicious scenarios based on electromagnetic deterioration
considering prerequisites and feasibility are summarized in
Articial Signal Generator
Pilot Tone: Cyclic Prex:
Payload Data: Attacked:
OFDM Symbol
No Attack
P2 P3
F1 : Full band injection MSMA F2 : Partial band injection MSMA F3 : CP injection MSMA F4 : Pilot injection MSMA P1 : Modulation alteration MSMA P2 : Bandwidth alteration MSMA P3 : CSI gathering MSMA
Fig. 2: Potential attacking scenarios on time-frequency deterioration-based MSMA.
Protecting frame security is essential since every trans-
mitted of data carried over the wireless medium by data
frames. Metasurface behavior principally consists of signal
transmission and reception as illustrated in Fig. 2. Metasurface
switch mechanisms are utilized for transmission or reception
options. On the transmission side, external control is capable
to manipulate baseband orthogonal frequency domain multi-
plexing (OFDM) transmitter, phase shift matrix by means of an
artificial signal generator. Generated signals are combined with
OFDM signals as baseband signals and pass through a phase-
shifting network for enabling transmission to metasurfaces.
The phase-shifting network is responsible for adjusting phase
shift matrix elements in the physical domain. In the reception
side, signals collected from metasurfaces are proceeded to
phase-shift network to obtain phase shift matrix elements and
baseband signals. Baseband OFDM receiver is used for signal
equalization. Deterioration of the baseband signal could be
possible in any malicious relay node, but it can be combined
with electromagnetic deterioration.
A. Frame-Based Injection Attacks
OFDM samples, which are the principal components of
the radio frames, are transmitted over the communication
channel from BS to RIS. In the presence of MSMA, incident
signals are converted to baseband signals and then maliciously
manipulated via an external control.
A full band injection MSMA (F1) is a wideband
tone injection attack which can be generated by constituting
an artificial signals into the transmitted OFDM signals. In
this vulnerability case, an artificial signal generator produces
interference signals for degeneration of each subcarrier as
given in Fig. 2.
A partial band injection MSMA (F2) is based on in-
terference injection generated in partially selected subcarriers
from the entire band indicated in Fig. 2.
A cyclic prefix injection MSMA (F3) targets the cyclic
prefix (CP) portion of the incident signal as given in Fig. 2.
Artificial signal generation has an effect only on the set of
CP samples in this attack type. Consequently, it is critical in
deteriorating synchronization in OFDM communication since
the OFDM waveform is capable of fixing the synchronization
issue with the aid of CP samples.
A pilot injection MSMA (F4) aims to deteriorate the
pilot signals in communication channels. It can be applied
by inserting artificial signals into each pilot tone of the
OFDM frame. It may cause a high BER of the system since
the channel estimation process is handled via pilot tones to
equalization of the payload data in the receivers.
B. Parameter Attacks
Communication parameters such as modulation, bandwidth,
and CSI estimation parameters, are also configurable by an
external control unit for transmitting and receiving operations
at RIS node. RIS transceiver is able to operate on different
bandwidth options owing to advances in metamaterials.
A modulation alteration MSMA (P1) is applicable to
alternate modulated symbols from OFDM transmitter as illus-
trated in Fig. 2 with artificially generated ones. When altering
a signal like injection attacks, it can be easily characterized
as a jamming signal. We also note that after obtaining CSI of
the eavesdropper node, modulation can be optimized for the
sake of information gathering purposes.
A bandwidth alteration MSMA (P2) targets to alter
the communication bandwidth of the proper system. In this
way, established connections could fail and deteriorate in the
time-frequency domain.
A CSI gathering MSMA (P3) is highly effective in
capturing CSI information at the OFDM receiving node as
depicted in Fig. 2. It could be also vulnerable to PLS-aided
wireless key generation techniques which are used by CSI to
produce secret keys. Confidential messages can be resolved
by means of captured CSI in the RIS by malicious control
We demonstrate the potential impact of novel threats
through two case studies, represented in Fig. 3. A legitimate
transmitter node (BS), transmits symbols through an RIS-
relayed node, to a legitimate receiver node (UE) in the
presence of an eavesdropper, which we will refer to as Eve.
Both users are equipped with a single antenna to transmit or
receive signals. 𝑖,𝑔𝑖, and 𝑔𝐸𝑖denote the complex channel
coefficients of the 𝑖-th surface elements between BS RIS,
RIS UE, and RIS Eve, respectively. There is also a
direct link between BS and UE, which is indicated as 𝑧. All
individual channels are exposed to Nakagami-𝑚fading with
the 𝑚parameter. Also, Eve could not obtain any information
directly from BS. Please also note that 𝑑𝑥𝑦 is given as the
distance between the nodes, where {𝑥, 𝑦} {1,2,3,4}, which
Fig. 3: Network topology of the case studies.
is presented in Fig. 3. Furthermore, the Gaussian distributed
noise components 𝑛𝐵and 𝑛𝐸are with zero-mean, and variance
of 𝜎2
𝐵and 𝜎2
𝐸for UE and Eve, respectively.
RIS is capable of tuning the electromagnetic phase shifts
with the help of PIN diodes. The number of individual surface
elements is represented as 𝑁. Without any vulnerable access,
𝜙𝑖, the individual components of the diagonal phase shift
matrix can be constructed to maximize SNR considering CSI
between the transmitter node and the RIS and between the
RIS and the receiver node. However, hostile access to a mi-
crocontroller device allows modification and utilization of all
components of the metasurface in which jamming and eaves-
dropping behavior. First, we designate six individual potential
threat scenarios for the impact of hostile interference from the
malicious RIS relay node. Additionally, microcontrollers uti-
lize a baseband processing mechanism to exploit information
at the legitimate receiver node. In C-MSMA, an attacker node
manipulates individual phase shift components by inserting
modified phase terms formed by 𝜙𝑚
𝑖 (0, 𝜎 2
𝐴). Similarly,
in the P-MSMA scenario, preselected metasurfaces are utilized
a jamming manner. Nullspace for the incident and reflected
signals is implemented through O-MSMA with both QR and
SVD decomposition-based. In the InfAbs-MSMA scenario, the
components of the phase shift matrix are set to zero for all
individual components. Ain-MSMA scenario is designed to
deteriorate both the RIS to the UE link and the BS to the
UE link. Second, malicious RIS with information gathering
purpose EaB-MSMA case is also presented. Here, the phase
shift matrix can be generated to diminish the secrecy capacity.
When a malicious user captures the CSI of the BS RIS, RIS
UE, or RIS Eve, it can be uncomplicated to enhance the
level of the received signal at Eve.
First, we examine the various MSMA types to demonstrate
the impact of malicious RIS usage on BER performance, as
presented in Fig. 4. BS transmits a binary phase shift keying
modulated signal through an RIS-aided network to the UE.
In the simulations, 𝑁is selected as 128 and the distances
between the nodes are selected as 1 m. All individual channel
coefficients are exposed to Nakagami-𝑚fading with 𝑚= 4.
The less vulnerable scenario belongs to P-MSMA. Maliciously
selected 50% makes an approximately 5 dB difference in SNR
gain in BER performance at the level of 10−4 in P-MSMA.
An increase in the malicious surface selection from 50% to
75% has a significant impact on the performance of BER in
P-MSMA. A significant difference in BER was observed in
the case of C-MSMA, where all surfaces were actively used
-40 -30 -20 -10 0 10 20 30
Bit Error Rate
Fig. 4: Comparison of BER performance of BPSK transmitted
signal under various MSMA.
Positive Secrecy Capacity [bit/s/Hz]
Fig. 5: Comparison of PSC vs. 𝐸𝑏𝜎2
𝐵for PE and EaB-MSMA
in the attack. Furthermore, increasing manipulation variance
𝐴severely degrades the quality of the received signal. O-
MSMA with QR decomposition has a worse effect on BER
performance than SVD-based O-MSMA. QR-based O-MSMA
is also observed to outperform InAbs-MSMA in terms of
BER performance above 15 dB SNR. The more extreme
vulnerability could be seen in the Ain-MSMA vulnerability
scenario. InAbs-MSMA makes RIS elements unusable, com-
munications are handled by means of the direct link. In Ain-
MSMA, severe BER degradation occurs as a result of the high
impact of interference on the direct link. The impact of secrecy
loss in the presence of RIS-aided EaB-MSMA networks is
compared to conventional PE in Fig. 5. We compare our
results considering the performance of PSC with the path loss
effect, the number of surface elements, and the relative noise
variances of UE and Eve. The path loss coefficient is selected
as 3.4 and the distances of the nodes are also determined as
𝑑12 = 1 m, 𝑑23 = 2 m and 𝑑13 = 4 m, respectively. For
ease of readability, 𝑚is selected as 𝑚= 1. As we can see,
when accessing RIS with SP capability, EaB-MSMA is more
destructive than conventional PE attacks. For RIS equipped
with 𝑁= 128 and 𝑁= 32 surface elements at 𝑑24 = 5
m distance and 20 dB SNR under the equal variances of
UE and Eve, the PSC values for EaB-MSMA and PE reach
approximately 14 bits/s/Hz and 1 bit/s/Hz, respectively. The
location of the eavesdropper further away from the RIS and the
decrease in 𝜎2
𝐸also improve the PSC for both the EaB-MSMA
and PE information gathering cases, as expected. It should
also be emphasized that despite the long distance between the
eavesdropper node and RIS, the PSC has a minimal value
compared to the counterpart.
Metasurfaces with SP functionalities can dramatically
threaten secure wireless communications due to the potential
capabilities of RIS. To improve security on 6G networks, PLS
is critical for preserving user confidentiality and providing
robust communications. In this article, we identified and clas-
sified MSMA for active RIS communication links to anticipate
potential threats in 6G networks. We examined the impact
of MSMA with two different use cases based on information
gathering and information exploitation scenarios. According to
our analyses, the BER of the legitimate user pair is extremely
reduced in the presence of various MSMA types. Furthermore,
in terms of PSC, it was shown that EaB-MSMA scenarios
present a more serious threat to secure communications than
[1] M. Jian et al., “Reconfigurable intelligent surfaces for wireless communi-
cations: Overview of hardware designs, channel models, and estimation
techniques,” Intelligent and Converged Networks, vol. 3, no. 1, pp. 1–32,
[2] E. C. Strinati et al., “Reconfigurable, intelligent, and sustainable wireless
environments for 6G smart connectivity, IEEE Commun. Mag., vol. 59,
no. 10, pp. 99–105, 2021.
[3] C. Pan et al., “Reconfigurable intelligent surfaces for 6G systems:
Principles, applications, and research directions,” IEEE Commun. Mag.,
vol. 59, no. 6, pp. 14–20, 2021.
[4] S. Basharat et al., “Reconfigurable intelligent surfaces: Potentials, ap-
plications, and challenges for 6G wireless networks,” IEEE Wireless
Commun., vol. 28, no. 6, 2021.
[5] A. Almohamad et al., “Smart and secure wireless communications via
reflecting intelligent surfaces: A short survey,” IEEE Open J. Commun.
Soc., vol. 1, pp. 1442–1456, 2020.
[6] J. Luo et al., “Reconfigurable intelligent surface: Reflection design
against passive eavesdropping,” IEEE Trans. Wireless Commun., vol. 20,
no. 5, pp. 3350–3364, 2021.
[7] B. Lyu et al., “IRS-based wireless jamming attacks: When jammers can
attack without power, IEEE Wireless Commun. Lett., vol. 9, no. 10, pp.
1663–1667, 2020.
[8] X. Liu et al., “Detect pilot spoofing attack for intelligent reflecting
surface assisted systems,” IEEE Access, vol. 9, pp. 19 228–19 237, 2021.
[9] K.-W. Huang and H.-M. Wang, “Intelligent reflecting surface aided pilot
contamination attack and its countermeasure,” IEEE Trans. Wireless
Commun., vol. 20, no. 1, pp. 345–359, 2020.
[10] Y. Sun et al., “Intelligent reflecting surface enhanced secure transmission
against both jamming and eavesdropping attacks, IEEE Trans. Veh.
Technol., vol. 70, no. 10, pp. 11 017–11 022, 2021.
[11] ——, “RIS-assisted robust hybrid beamforming against simultaneous
jamming and eavesdropping attacks, IEEE Trans. on Wireless Commun.
(Early Access), May. 2022, doi:10.1109/TWC.2022.3174629.
[12] G. C. Alexandropoulos et al., “Safeguarding MIMO communications
with reconfigurable metasurfaces and artificial noise,” in Proc. IEEE
Int. Conf. on Commun., 2021, pp. 1–6.
[13] ——, “Pervasive machine learning for smart radio environments enabled
by reconfigurable intelligent surfaces, Proceedings of the IEEE, vol.
110, no. 9, pp. 1494–1525, 2022.
[14] Y. Wang et al., “Wireless communication in the presence of illegal re-
configurable intelligent surface: Signal leakage and interference attack,
IEEE Wireless Commun., vol. 29, no. 3, pp. 131–138, 2022.
[15] L. Yang et al., “A novel RIS-assisted modulation scheme, IEEE
Wireless Commun. Lett., vol. 10, no. 6, pp. 1359–1363, 2021.
Hakan Alakoca is a Ph.D. student at Istanbul Technical University, Turkey.
Mustafa Namdar is currently an Associate Professor at Kutahya Dumlupinar
University, Kutahya, Turkey.
Sultan Aldirmaz-Colak is currently an Associate Professor at Kocaeli
University, Turkey.
Mehmet Basaran is currently a Research Professional with Siemens Turkey.
Arif Basgumus is currently an Assistant Professor at Bursa Uludag University,
Bursa, Turkey.
Lutfiye Durak-Ata is currently a full professor at Istanbul Technical Univer-
sity, Istanbul, Turkey.
Halim Yanikomeroglu is a full professor at Carleton University, Ottawa,
... In order to resolve this communication dilemma, researchers continue to provide solutions. One of the high-profile solutions is to insert a re-configurable intelligent surface (RIS) into the environment to reflect or refract the transmitted signal toward the receiver [1][2][3][4][5][6][7][8] . The RIS technology mitigates dead zones in communication systems. ...
... We find the E2E PDF of the L links from the L LSs transiting through the K ORIS elements to study the ergodic channel capacity. To this end, we find the versions of (6) corresponding to the subchannels h and g, f γ h (γ h ) and f γ g (γ g ), substitute these in (4) to obtain the PDF, f γ g (γ g ), of an ORIS-assisted MISO FSO system. Finally, applying (3), we evaluate the corresponding ergodic channel capacity. ...
This paper explores the ergodic channel capacity of multiple-input single-output (MISO) free-space optical (FSO) communication systems, assisted by (optical) re-configurable intelligent surfaces [(O)RIS], made of concave reflectors. On the one hand, RIS technology mitigates dead zones in communication systems. Additionally, it increases the data rate and communication range, enhances the communication channel by making it intelligent, and improves the system's capacity. Finally, the RIS technology improves the spectrum and energy efficiencies of the considered systems. On the other hand, transmitting diversity mitigates deep fade and helps to achieve beamforming to regulate the beam sent in a specific direction. Finally, multiple light sources help to send different versions of the same information at other time slots. Furthermore, compared to flat reflectors, concave mirrors provide economic advantages enabled by their natural shape, which helps converge the impinging light beams into the same focal point. In this paper, we harness the full potential of ORIS and MISO technologies in an FSO system by exploiting the hollow of concave reflectors to focus the reflected beams on a single user. We derive an approximated closed-form expression, provide results of the proposed ORIS-aided FSO systems' ergodic channel capacity, and discuss the suitable type of concave reflector. These results show that all types of concave mirrors provide similar results except when the thickness of the reflector is large enough to impact the reflected light.
... The IRS strengthens the secrecy against multiple eavesdroppers overhearing the two-way transmitted signals. The security vulnerabilities that could exist in a 6G communication network supported by IRS are described in [24]. In this work, meta-surface manipulation attacks which take place as a result of the manipulation of meta-surface behaviour are examined. ...
... By using (24), (20) can be rewritten as, ...
Full-text available
In this paper, passive Intelligent Reflecting Surface (IRS) is used to enhance the performance of a Full Duplex (FD) bidirectional Machine Type Communication (MTC) system with two source nodes. Each node is equipped with two antennas to operate in FD mode. In reality, self-interference and discrete phase shifting are two major impairments in FD and IRS-assisted communication, respectively. The self-interference at source nodes operating in FD mode is mitigated by increasing the number of meta-surface elements at the IRS. Bit Error Rate (BER) and outage performances are analyzed with continuous phase shifting and discrete phase shifting in IRS. Closed-form analytical expressions are derived for the outage probability and BER performances of the IRS-assisted bidirectional FD-MTC system with a continuous phase shifter. The outage and BER performances of the IRS-assisted bidirectional MTC system in the FD mode have Signal-to-Noise Ratio (SNR) improvement compared with the IRS-assisted bidirectional MTC system in Half Duplex (HD) mode, as the number of reflecting elements in IRS is doubled in the FD mode. The outage and BER performances are degraded by a discrete phase shifter. Hence, performance degradation of the proposed IRS-assisted bidirectional FD-MTC is examined for 1-bit shifter (0, π), 2-bit shifter (0, π/2, π, 3π/2), and for 3-bit shifter (0, π/4, π/2, 3π/4, π, 5π/4, 3π/2, 7π/4). The performance degradation when a discrete phase shifter is employed in IRS is compared with the ideal continuous phase shifter in IRS. Further, achievable rate analysis is carried out for finding the best location of the IRS in a bidirectional FD-MTC system.
... In that sense, the potentiality of RIS will open significant degrees of freedom for efficient security design based on PLS, once reflected signals can either be added coherently at the intended receiver to improve the received signal power or be added destructively at the non-desired directions [34]. However, we need to question which vulnerabilities are being opened with the introduction of this new technology and how it influences the design of 6G [35]. ...
Conference Paper
Full-text available
The vision and key elements of the 6th generation (6G) ecosystem are being discussed very actively in academic and industrial circles. In this work, we provide a timely update to the 6G security vision presented in our previous publications to contribute to these efforts. We elaborate further on some key security challenges for the envisioned 6G wireless systems, explore recently emerging aspects, and identify potential solutions from an additive perspective. This speculative treatment aims explicitly to complement our previous work through the lens of developments of the last two years in 6G research and development.
Full-text available
Wireless communications are increasingly vulnerable to simultaneous jamming and eavesdropping attacks due to the inherent broadcast nature of wireless channels. With this focus, due to the potential of reconfigurable intelligent surface (RIS) in substantially saving power consumption and boosting information security, this paper is the first work to investigate the effect of the RIS-assisted wireless transmitter in improving both the spectrum efficiency and the security of multiuser cellular network. Specifically, with the imperfect angular channel state information (CSI), we aim to address the worst-case sum rate maximization problem by jointly designing the receive decoder at the users, both the digital precoder and the artificial noise (AN) at the base station (BS), and the analog precoder at the RIS, while meeting the minimum achievable rate constraint, the maximum wiretap rate requirement, and the maximum power constraint. To address the non-convexity of the formulated problem, we first propose an alternative optimization (AO) method to obtain an efficient solution. In particular, a heuristic scheme is proposed to convert the imperfect angular CSI into a robust one and facilitate the developing a closed-form solution to the receive decoder. Then, after reformulating the original problem into a tractable one by exploiting the majorization-minimization (MM) method, the digital precoder and AN can be addressed by the quadratically constrained quadratic programming (QCQP), and the RIS-aided analog precoder is solved by the proposed price mechanism-based Riemannian manifold optimization (RMO). To further reduce the computational complexity of the proposed AO method and gain more insights, we develop a low-complexity monotonic optimization algorithm combined with the dual method (MO-dual) to identify the closed-form solution. Numerical simulations using realistic RIS and communication models demonstrate the superiority and validity of our proposed schemes over the existing benchmark schemes. Index Terms-Reconfigurable intelligent surface, anti-jamming communications, physical-layer security, hybrid beamforming.
Full-text available
The demanding objectives for the future sixth generation (6G) of wireless communication networks have spurred recent research efforts on novel materials and radio-frequency front-end architectures for wireless connectivity, as well as revolutionary communication and computing paradigms. Among the pioneering candidate technologies for 6G belong the reconfigurable intelligent surfaces (RISs), which are artificial planar structures with integrated electronic circuits that can be programmed to manipulate the incoming electromagnetic field in a wide variety of functionalities. Incorporating RISs in wireless networks have been recently advocated as a revolutionary means to transform any wireless signal propagation environment to a dynamically programmable one, intended for various networking objectives, such as coverage extension and capacity boosting, spatiotemporal focusing with benefits in energy efficiency and secrecy, and low electromagnetic field exposure. Motivated by the recent increasing interests in the field of RISs and the consequent pioneering concept of the RIS-enabled smart wireless environments, in this paper, we overview and taxonomize the latest advances in RIS hardware architectures as well as the most recent developments in the modeling of RIS unit elements and RIS-empowered wireless signal propagation. We also present a thorough overview of the channel estimation approaches for RIS-empowered communications systems, which constitute a prerequisite step for the optimized incorporation of RISs in future wireless networks. Finally, we discuss the relevance of the RIS technology in the latest wireless communication standards, and highlight the current and future standardization activities for the RIS technology and the consequent RIS-empowered wireless networking approaches.
Full-text available
Both the jammer and the eavesdropper pose severe threat to wireless communications due to the broadcast nature of wireless channels. In this paper, an intelligent reflecting surface (IRS) assisted secure communication system is considered, where a base station (BS) wishes to reliably convey information to a user, in the presence of both a jammer and an eavesdropper whose transmit informations are not completely known. Specifically, with the imperfect third-party node's channel state information (CSI) and no knowledge of the jammer's transmit beamforming, we aim to maximize the system achievable rate by jointly designing the BS's transmit beamforming and the IRS's reflect beamforming, while limiting the information leakage to the potential eavesdropper. Due to the non-convexity and intractability of the original problem induced by the incompleted information, we utilize the auxiliary variables, Cauchy-Schwarz inequality, and General Sign-Definiteness transformation to convert the original optimization problem into a tractable convex optimization problem , and then obtain the high-quality optimal solution by using the successive convex approximation and penalty convex concave procedure. Numerical simulations demonstrate the superiority of our proposed optimization algorithm compared with existing approaches, and also reveal the impact of key parameters on the achievable system performance.
Full-text available
Reconfigurable intelligent surfaces (RISs), with the potential to realize smart radio environment, have emerged as an energy-efficient and a cost-effective technology to support the services and demands foreseen for coming decades. By leveraging a large number of low-cost passive reflecting elements, RISs introduce a phase-shift in the impinging signal to create a favorable propagation channel between the transmitter and the receiver. In this article, we provide a tutorial overview of RISs for sixth-generation (6G) wireless networks. Specifically, we present a comprehensive discussion on performance gains that can be achieved by integrating RISs with emerging communication technologies. We address the practical implementation of RIS-assisted networks and expose the crucial challenges, including the RIS reconfiguration, deployment and size optimization, and channel estimation. Furthermore, we explore the integration of RIS and non-orthogonal multiple access (NOMA) under imperfect channel state information (CSI). Our numerical results illustrate the importance of better channel estimation in RIS-assisted networks and indicate the various factors that impact the size of RIS. Finally, we present promising future research directions for realizing RIS-assisted networks in 6G communication.
Full-text available
Reconfigurable intelligent surfaces (RISs) or intelligent reflecting surfaces (IRSs), are regarded as one of the most promising and revolutionizing techniques for enhancing the spectrum and/or energy efficiency of wireless systems. These devices are capable of reconfiguring the wireless propagation environment by carefully tuning the phase shifts of a large number of low-cost passive reflecting elements. In this article, we aim for answering four fundmental questions: 1) Why do we need RISs? 2) What is an RIS? 3) What are RIS’s applications? 4) What are the relevant challenges and future research directions? In response, eight promising research directions are pointed out.
The emerging technology of reconfigurable intelligent surfaces (RISs) is provisioned as an enabler of smart wireless environments, offering a highly scalable, low-cost, hardware-efficient, and almost energy-neutral solution for dynamic control of the propagation of electromagnetic signals over the wireless medium, ultimately providing increased environmental intelligence for diverse operation objectives. One of the major challenges with the envisioned dense deployment of RISs in such reconfigurable radio environments is the efficient configuration of multiple metasurfaces with limited, or even the absence of, computing hardware. In this article, we consider multiuser and multi-RIS-empowered wireless systems and present a thorough survey of the online machine learning approaches for the orchestration of their various tunable components. Focusing on the sum-rate maximization as a representative design objective, we present a comprehensive problem formulation based on deep reinforcement learning (DRL). We detail the correspondences among the parameters of the wireless system and the DRL terminology, and devise generic algorithmic steps for the artificial neural network training and deployment while discussing their implementation details. Further practical considerations for multi-RIS-empowered wireless communications in the sixth-generation (6G) era are presented along with some key open research challenges. Different from the DRL-based status quo, we leverage the independence between the configuration of the system design parameters and the future states of the wireless environment, and present efficient multiarmed bandits approaches, whose resulting sum-rate performances are numerically shown to outperform random configurations, while being sufficiently close to the conventional deep $Q$ network (DQN) algorithm, but with lower implementation complexity.
Reconfigurable intelligent surface (RIS) is considered as a promising technology to realize a smart wireless communication system. In detail, RIS is a man-made surface consisting of massive passive reflecting elements, where each element can reflect the incident signal with tunable phase shifts. To protect wireless communication from security breaches, physical layer security (PLS), which exploits the characteristics of wireless channels, has been widely studied to ensure secure transmission. Due to the reconfigurability of RIS, it has great potential to enhance PLS in wireless systems by enhancing the channel condition of legitimate user (LU) and impair that of eavesdropper (EAV). However, the low hardware cost and reconfigurability lead to non-negligible risk as the EAV and attacker can also apply RIS to promote the data rate at EAV or strengthen the interference signal transmitted to jam LU. In this article, we introduce a new concept, illegal reconfigurable intelligent surface (IRIS), which represents the illegal deployment and utilization of RIS. Two main security concerns in the presence of IRIS, namely, signal leakage and interference attack are investigated. The signal leakage is that IRIS can collect the information signal which could not be received before and interference attack is that it can deploy IRIS to enhance the interference signal power. We discuss several key challenges brought by IRIS, and an artificial noise (AN)-aided joint optimization-based solution to enhance PLS in the wireless communication system with both RIS and IRIS. Simulation results demonstrate the significant impact of IRIS on PLS and verify the effectiveness of the proposed AN-aided joint optimization-based solution.
Various visions of the forthcoming sixth generation (6G) networks point toward flexible connect-and-compute technologies to support future innovative services and the corresponding use cases. 6G should be able to accommodate ever evolving and heterogeneous applications, future regulations, and diverse user-, service-, and location-based requirements. A key element toward building smart and energy sustainable wireless systems beyond 5G is the reconfigurable intelligent surface (RIS), which offers programmable control and shaping of the wireless propagation environment. Capitalizing on this technology potential, in this article we introduce two new concepts: i) wireless environment as a service, which leverages a novel RIS-empowered networking paradigm to trade off diverse, and usually conflicting, connectivity objectives; and ii) performance-boosted areas enabled by RIS-based connectivity, representing competing service provisioning areas that are highly spatially and temporally focused. We discuss the key technological enablers and research challenges with the proposed networking paradigm, and highlight the potential profound role of RISs in the recent Open Radio Access Network architecture.
In this work, in order to achieve higher spectrum efficiency, we propose a reconfigurable intelligent surface (RIS)-assisted multi-user communication uplink system. Different from previous work in which the RIS only optimizes the phase of the incident users’ signal, we propose the use of the RIS to create a virtual constellation diagram to transmit the data of an additional user. We focus on the two-user case and develop a tight approximation for the probability distribution function (PDF) of the minimum distance between constellation points of both users. Then, based on the proposed statistical distribution, we derive the analytical expressions of the average bit error rate of the considered two users. The letter also shows the trade off between the performance of two users as a function of the proposed phase shift at the RIS.