Abstract
The traditional credibility-based security performance analysis method of physical layer transmission link for millimeter wave communication system applies single analytic hierarchy process and the built evaluation index system has limitation. To address this problem, a security performance evaluation method for physical layer link of millimeter wave communication system based on fuzzy AHP is proposed in this paper. Combined with fuzzy evaluation and analytic hierarchy process, the safety performance evaluation index system of physical layer transmission link for millimeter wave communication system is built from 4 aspects: asset, threat, vulnerability, and security. Experimental results show that the proposed method can obtain valuable evaluation results, and it is reliable and accurate for analyzing the security performance of the physical layer transmission link for millimeter wave communication system.
Keywords
Introduction
With the development of information technology and the wide application of information network system, the future wireless communication system is facing the bottleneck problem of the shortage of traditional spectrum resources and the explosive growth of wireless business demand. Millimeter wave communication with rich available spectrum resources is an effective choice for the next generation of wireless communications [1]. The security of the information network system becomes particularly important. Information system security risk assessment, as an important part and basic work of information security management, is an important means to grasp the security status of information system and establish reasonable information security guarantee measures [2]. As the support of the operation of the information network, the millimeter wave communication technology has been developed rapidly and widely used. Especially in the field of military communication application, it greatly improves the communication ability and combat level of the battlefield [3]. However, because of the openness of the millimeter wave communication link, it makes it possible for the attackers to monitor, tamper, forged and other unauthorized access. The security risk assessment of the millimeter wave communication link can provide reference for the selection of the security protection measures of the millimeter wave communication system.
The traditional credibility-based security performance analysis method of physical layer transmission link for millimeter wave communication system applies single analytic hierarchy process for risk assessment. The evaluation results have strong subjectivity and lack the effective method of calculating the risk grade [4]. To address these problems, combined with the actual engineering background, the millimeter wave communication link security risk is taken as the evaluation object. Through the safety analysis of the millimeter wave communication link, the millimeter wave communication link security performance evaluation index system is built. A comprehensive evaluation of asset, threat, vulnerability, and security is implemented by fuzzy AHP algorithm. Finally, the calculation of the value of the risk is accomplished by the method of matrix and step by step weight assignment [5]. The security performance evaluation method of the physical layer link based on the fuzzy AHP for millimeter wave communication system provides a reference to the development of information technology.
Security performance analysis of physical layer transmission link for millimeter wave communication system
Security performance evaluation method for physical layer link of millimeter wave communication system based on fuzzy AHP
AHP method
Analytic hierarchy process (AHP) is a simple, flexible and practical multi-criterion decision making method proposed by T L Saaty, an American operational research scientist. It is a multi-objective decision making method combining qualitative and quantitative [6]. The main steps are as follows.
The eigenvector is W = [W1, W2, ⋯, W
n
] T. The maximum eigenvalue is given by
First, consistency index CI is calculated by using
Then, the corresponding RI is found from the average random consistency index table. For the 1–9 order judgment matrixes, the value of RI is shown as Table 1.
Average random consistency index
Finally, consistency ratio is calculated by using
When CR < 0.1, it is considered that the consistency check is passed and the judgment matrix can be accepted. Otherwise, it should be properly adjusted and recalculated until the test is passed.
AHP is effective for solving the problem of multi-level and multi-objective large system optimization, but it also has some limitations [8], which are that the scale values of the two adjacent indexes are generally determined by the expert scoring method, and have certain subjectivity; in the synthesis of comprehensive indexes, the case is limited to linear weighting; the obtained weight is given in the form of exact quantity, but it has fuzziness [9]. Therefore, in this paper, the fuzzy evaluation method is combined with AHP to reduce the subjectivity of the construction of the judgment matrix.
Fuzzy comprehensive evaluation is to evaluate things with a variety of attributes, or affected by many factors [10]. The steps are as follows.
Security performance assessment consists of 4 aspects: asset, threat, vulnerability, and security, in which, asset, threat, and vulnerability are risk assessment indexes [12]. For the physical layer transmission link for millimeter wave communication system, the whole link can be regarded as a single asset, and its security risk assessment is based on the implementation of the entire communication link.
Confidentiality, integrity, and availability are the three security attributes of the asset evaluation. The identification of asset is to determine the confidentiality, integrity and availability of asset by analyzing the various types of assets and asset information of the statistical information system [13]. Typical assets of millimeter wave communication links include codec, encryption, modem, transmitter, receiver and other related hardware and application software. Any threat to an asset will cause a serious loss to the entire communication link [14]. According to the importance, assets are divided into 5 levels, numbered with 5-1 from high to low. The hierarchical structure of the millimeter wave communication link assets as shown in Fig. 1.

Asset value hierarchy.
Threats are divided into three aspects in the form of expression: technical threat, personnel threat, and environmental threat. Technical threats include physical attack, interference, tampering, and monitoring. Personnel threats include malware misoperation and non-malware misoperation. Environmental threats include bad environment and equipment failure. The possibility of the occurrence of the threat is divided into 5 levels, numbered with 5-1 from high to low. The hierarchical structure is shown as Fig. 2.

Threat level hierarchical structure diagram.
Vulnerabilities are divided into three aspects: technical vulnerability, management vulnerability, and operational vulnerability. Vulnerability can be identified by means of questionnaire survey, document inspection, human intrusion detection, and penetration test [15]. Technical vulnerabilities include simple encryption algorithm and lack of anti-virus measures. Management vulnerabilities include unsound management system, complex electromagnetic environment, and equipment aging. Operational vulnerabilities include improper equipment configuration and unskilled staff business. The possibility of the occurrence of vulnerability is divided into 5 levels, numbered with 5-1 from high to low. The hierarchical structure is shown as Fig. 3.

Frailty hierarchy structure diagram.
Security includes generally three major categories, namely, technical security, content security, and environment security. Technical security includes symmetric encryption method and public key encryption method. Content security refers to high level of content confidentiality [16]. Environment security includes equipment in good condition and high level professional operator. The possibility of the occurrence of security is divided into 5 levels, numbered with 5-1 from high to low. The hierarchical structure is shown as Fig. 4.

Security hierarchy structure diagram.
security risk index evaluation of physical layer transmission link for millimeter wave communication system
Experimental setup
To verify the proposed fuzzy AHP method, the experiment is carried out through the expert assignment and the judgment matrix establishment. The asset, threat, and vulnerability of the physical layer transmission links in the millimeter wave communication system are analyzed [17]. Taking asset evaluation as an example, according to the evaluation elements and their relations in Fig. 1, the judgment matrixes at all levels are built by expert assignment, and the individual ranking vector, the maximum eigenvalue λmax and the consistency ratio CR are calculated by using the square root method. The calculation of the judgment matrixes is shown in Tables 2–5. From the results, it can be known that, the CR in each judgment matrix is less than 0.1, and the consistency check is passed.
A-B judgment matrix
A-B judgment matrix
B1-C judgment matrix
B2-C judgment matrix
B3-C judgment matrix
According to the asset value index structure, the weight of the standard level relative to the general goal is still calculated by the traditional AHP method. Because of the complexity, the fuzzy comprehensive evaluation method is adopted for the weight of each index in the third layer relative to the criteria layer. The fuzzy mathematical model is used for comprehensive evaluation and the steps are as follows.
The evaluation of the index factors is divided into 5 grades, which are higher, high, medium, low, and lower. By the way of expert evaluation, 10 experts are invited to evaluate the degree of membership based on the determined evaluation level. The fuzzy relation matrix from factor set to evaluation set can be determined. Fuzzy relation matrixes of confidentiality, integrity, and availability are given by
With Bi = Wi · Ri, fuzzy comprehensive evaluation matrixes are obtained as
According to the principle of maximum membership degree, the level of comprehensive evaluation of confidentiality, integrity, and availability are 5, 5, and 4, respectively.
Asset value can be obtained by asset confidentiality, integrity, availability of comprehensive evaluation and the relative weight, which is given by
According to the scale of asset importance, the value of the asset is 5.
With reference to the previous asset evaluation method, the threat level of the link is set to 3, and the severity of the vulnerability is set to 3.
In this paper, the matrix method is used to calculate the risk value. The steps are as follows.
First, the possibility of security event occurrence matrix is built, as shown in Table 6. A is the frequency of threat occurrence, and B is the severity of the vulnerability. Then, according to the severity of the vulnerability of the communication link and the frequency of threat occurrence, the probability of security incidents is 12. Finally, according to Table 7, the probability level of security event occurrence is 3.
Security event occurrence matrix
Security event occurrence matrix
Security event possibility level table
First, the security event loss matrix is constructed, as shown in Table 8. C represents asset value. Then, according to the assessment of the severity of the vulnerability and the asset value, the loss value of the safety event is 16. According to Table 9, the security event loss level is 4.
Security event loss matrix
Level of security event loss
The risk matrix is constructed, as shown in Table 10. D represents the loss level, and the E represents the possibility level. According to the probability level of security event occurrence and the loss level, the security event risk value is 16. According to Table 11, the security risk level is 3, which is medium risk value.
Risk matrix
Risk rating table
Through the threat and vulnerability assessment process, it can be seen that the main risk of the security performance is the interference and threat caused by the complex electromagnetic environment and the unauthorized access caused by the simple encryption algorithm. Security risks can be reduced by increasing anti-interference and improving complex encryption algorithm [18]. Experimental results show that the proposed method is feasible and effective for the security performance analysis of the physical layer link for the millimeter wave communication system.
Evaluation of security index of physical layer transmission link for millimeter wave communication system
Experimental setup
To verify the feasibility and effectiveness of the proposed fuzzy AHP evaluation method, experimental research on power communication network with millimeter wave communication is carried out. In this paper, the case of SCADA communication link is used to illustrate the feasibility of the proposed evaluation method. The configuration strategy of the SCADA communication link is that any SCADA communication service is provided by 2 links of a dedicated line and a virtual private network (VPN), respectively. The dedicated line is configured directly by the synchronous digital hierarchy (SDH) transmission network, and VPN is configured by the scheduling data network [19]. In the experiment, the security of the 2 traffic channels is quantified. It needs to be explained that the number of dedicated line, the length of fiber cable, the type of optical cable, the number of nodes in VPN, the distribution of network traffic, and the algorithm of routing are not the evaluation factors. For the sake of generality, the composition of the detailed line and the VPN are not discussed in this paper.
Index weight and assignment
First-level index weight
According to the characteristics of physical layer transmission link of the millimeter wave communication, the first-level index weight can be determined by the analytic hierarchy process. For millimeter wave communication link, millimeter wave communication and the related communication systems have a decisive effect on the security of the link. In contrast, the integrity of the system information is less important than the security of information and communication. Secondly, access control, identification, and authentication are of the lowest importance. Any two indexes of the 4 first-level indexes are compared. 9 scales are used to represent the degree of importance. Then the judgment matrix is given by
The maximum eigenvalue of A is obtained as λ = 4. By conformity judgment, λ meets the requirement of consistency index. Eigenvector of A is α = [0.1, 0.1, 0.6, 0.2]
T
. The eigenvector is the weight of the first order index, as shown in Table 12.
Second-level index weight
Weight allocation of first-level index
Each second-level index corresponds to a security requirement and assigns different weights. The first-level index of system and communication protection has 5 second-level indexes, in which, SG.SC-05 is the index of system availability and the most important security target, with the highest weight. SG.SC-03 reflects the security level of the application function, which represents the secrecy and integrity of the system. SG.SC-07 reflects the degree of isolation between a dedicated communication system and an external communication system, and represents the confidentiality, integrity, and availability of communication information [20]. SG.SC-08 and SG.SC-09 reflect the integrity and security of the network system, respectively. For the millimeter wave communication link used for SCADA service, the integrity requirement is higher than the security requirement. SG.SC-08 is more important than SG.SC-09. Since both SG.AC-14 and SG.SI-07 are the only second-level indexes under the first-level index, the weight is 1. The evaluation matrix of the first-level index of identification and authentication is expressed as
The maximum eigenvalue of B2 is obtained as λ = 3.0092. By conformity judgment, C R = 0.008, and λ meets the requirement of consistency index. Eigenvector of B2 is β2 = [0.30, 0.54, 0.16] T , which is the second-level index weight of SG.IA.
The evaluation matrix of the first-level index of system and communication protection is expressed as
The maximum eigenvalue of B3 is obtained as λ = 5.0271. By conformity judgment, C
R
= 0.006, and λ meets the requirement of consistency index. Eigenvector of B3 is β3 = [0.009, 0.39, 0.32, 0.15, 0.05]
T
, which is the second-level index weight of SG.SC, as shown in Table 13.
Third-level index weight
Second-level index weight allocation
Third-level index reflects the implementation of safety control measures. If each measure is equally important, the weight of the third-level index is the same. If there are n third-level indexes, each third-level index weight is
Three levels of index assignment
Link1 and Link2 represent 2 types of links of the dedicated line and VPN, respectively. The 2 types of links belong to the same department, and access control is an organizational measure, so it has the same assignment, which is 0.5. For the identification and authentication, the management level of VPN is superior to the dedicated line, which is 0.75 and 0.25, respectively. According to the evaluation index system built in this paper, the proposed method is combined with the index assignment method provided in Table 14, and assigned from three levels. The results are shown in Table 15.
Link 1, three level index assignment for Link 2
Link 1, three level index assignment for Link 2
Weighted sum of the assignment result in Table 15 is to obtain the index value at all levels. Figure 5 is the histogram of the second-level index. Figure 6 is the histogram of the first-level index. The security of Link1 is 0.364, and the security of Link2 is 0.593. The results show that Link2 is more secure than Link1.

Second-level index value.

First-level index value.
In the process of evaluation, three levels of assignment are very important. The evaluator must have a deep understanding of the communication function, the structure of the communication system [21–23], the technical system, and the management method. On this basis, the principle of Table 14 is followed for value assignment. SG.AC-14 is security strategy at the organizational level, two links belong to the same organization, and SG.AC-14 is regarded as the same level. In Fig. 5, SG.AC-14 and SG.IA-06 have the same value. SG.IA-06 refers to the concealment of the feedback content of the authentication information to maximize the confidentiality. The network management system and communication system of Link1 and Link2 have taken effective measures [24–26], so they have the same value. SG.SI-07 is not implemented in Link1, and the value is 0. Figure 6 shows the weight allocation of 4 first-level indexes. The proposed method obtains the valuable evaluation results.
Conclusions
In this paper, security performance evaluation method for physical layer link of millimeter wave communication system based on fuzzy AHP is proposed. Analysis of the security performance of the physical layer link of the millimeter wave communication system is carried out from two aspects of risk factors and security, and the valuable evaluation results are obtained. The proposed method provides reliable security performance evaluation basis for the development of wireless communications, and has practical application value.
Footnotes
Acknowledgments
National Natural Science Foundation of China (Nos. 61571143, 61371107).
