I Introduction
Ia Motivations
The wireless access becomes ubiquitous for the civilian and military applications [1], including the exchange of crucial and confidential information like the banking related data, leading to unprecedented attention to the security problem for the exchange of information between nodes in the wireless networks. Comparing with the traditional security methods based on the cryptographic techniques at the upper layers of the communication protocols in a wireless network [2], the physical layer security is an informationtheoretic based approach that guarantees the security of wireless links by exploiting the randomness of wireless channels, which makes it more difficult for the attackers to decipher the delivered messages. From the point of view of the information theory, the security problem can be modeled by the wiretap channel proposed by Wyner in his pioneering work [3], where a source sends the information to a legitimate receiver at the presence of an eavesdropper.
On the other hand, due to the emergence of new types of latencycritical applications such as the commandandcontrol of drones, the advanced manufacturing, the vehicular networks [4] and the tactile Internet, the delay performance becomes an indispensable metric that should be considered in the wireless transmissions [5]. Though the delay in wireless networks has been studied by a number of works [6, 7], the joint optimization of the physical layer security and the endtoend delay management has seldom been studied in the literature, which requires a meticulous crosslayer design. The relationship between the physical layer security and the endtoend delay is exceedingly complex, which is affected by a number of factors, such as the random timevarying channel, the irregular deployment of nodes, the wireless transmission mechanisms and so on.
An intuitive tradeoff between the delay and the physical layer security could be observed from Figure 1, where a transmitter named Alice attempts to deliver messages to a legitimate receiver named Bob, while keeping it secret from an eavesdropper named Eve who intercepts the transmissions. Alice maintains a buffer of infinite capacity to store the incoming packets, and the time is divided into discrete slots with equal duration. In each time slot, Alice attempts to transmit its headofline packet with a certain probability if its buffer is not empty. A failure occurs if Bob cannot decode the packets sent by Alice. When a failure occurs, Alice retransmits the packet in the next time slot with the same access probability . The security constraint is that the probability of a packet delivered by Alice failing to achieve perfect secrecy from the detrimental eavesdropper Eve is less than certain threshold. Increasing the transmit power of Alice reduces the delay but makes it more easier for Eve to decode the message, thus decreasing the security as well. Moreover, in wireless networks with multiple legitimate links and multiple eavesdroppers, the tradeoff between the delay and the physical layer security is much more perplexed. For example, increasing the transmit probability may decrease the delay for legitimate links and increase the chance for Eve to intercept the messages since the probability to schedule the packets is increased, but it also increases the interference in wireless networks which makes it harder for Eve to intercept the messages.
The motivation of this work is to evaluate the tradeoff between the delay and the physical layer security in wireless networks. Particularly, we model the spatial distribution of legitimate nodes and eavesdroppers in wireless networks by using the tools from the point process theory. Through combining the point process theory and the queueing theory, we analyze the tradeoff between the delay and the physical layer security theoretically. Our work will provide a useful guideline for the design of secure wireless transmissions while meeting the endtoend delay requirements imposed by the mobile applications in wireless networks.
IB Related Works
The work in [8] extends the Wyner’s wiretap channel model [3] to the case of broadcast channels with confidential messages, which shows that perfect secrecy could be achieved if the legitimate link has a better channel than the link of eavesdropper. The work in [9] demonstrates that the secrecy capacity, i.e., the maximum achievable rate of the legitimate link while guaranteeing that the eavesdropper cannot decode the message, is the difference of the maximum achievable rates between the legitimate link and the eavesdropping link.
Most of the studies on physical layer security in the literature focused on the scenes of a small number of nodes. For instance, the works in [10, 11] studied the security problem in the case of a small number of nodes with multiple antennas, and the works in [12, 13, 14] studied the security problem in the cooperative transmission and in the multiple access channels. The works in [15, 16] studied the secure and reliable transmission for the multipleinput multipleoutput systems. Recently, due to the applications of stochastic geometry tools in the wireless networks [17], a few studies have been carried out to analyze the security problem in large wireless networks. For example, the works in [18, 19, 20, 21] studied the connectivity problem in the wireless network where the legitimate nodes and the eavesdroppers are randomly distributed in space, and the works in [22, 23, 24] evaluated the coverage and the capacity with the limitation of security. The work in [25] studied the informationtheoretic secrecy performance in large cellular networks by modeling the locations of both base stations and mobile users as two independent Poisson point processes (PPP) [26, 27, 28, 29, 30]. The work in [31] studies the throughput of large decentralized wireless networks with physical layer security constraints, and the authors also utilize the tools from stochastic geometry to model the wireless networks.
Though the relationship between the security and the capacity of large wireless networks has been well explored in the literature, few works have been done to evaluate the relationship between the security and the delay in large wireless networks. Part of the reason is that the analysis of delay in large wireless network is far more difficult than the analysis of coverage and capacity since the delay is a complicated function of all links and is affected by an unusually large number of variables such as the network load, the medium access protocol, the path loss, and so on. In [32], the joint optimization of the physical layer security and the endtoend delay is studied in the wireless body area networks. In [33], the resource allocation problem is studied in the cognitive radio network with delay and security constraints. However, these works considers few nodes in the network and have not obtained the analytical results for the large wireless networks. Recently, several tentative works appear to analyze the delay in large scale wireless networks, such as [34]. The basic idea is to combine the stochastic geometry and the queueing theory, which results in the challenge of interacting queues problem [35, 36, 37], i.e., the service rates of the queues in the networks rely on the status of all queues in the networks. Our previous works have derived the conditions for the stability of queues [38] and the bounds for the delay [6] in large wireless networks.
IC Contributions
In this work, we evaluate the tradeoff between the delay and the security performance in large wireless networks for both the backlogged scenario and the dynamic scenario. To our best knowledge, this is the first work to explore the joint optimization of the delay and the security problem in large wireless networks. By combining the tools from stochastic geometry and queueing theory, we introduce some new analytical approaches and derive the closeformed results for the mean delay and the secrecy outage probability (i.e., the probability of a transmission failing to achieve perfect secrecy). We also propose a simple transmission mechanism which splits a message into two packets and analyze its effect on the delay and security performance.
Our results reveal that the security performance of a large wireless network is better for larger path loss exponent when the density of legitimate nodes is large, and it is reverse when the density is small. We also find that under the condition that a certain confidential rate (i.e., the achievable rate of confidential messages with the constraint of perfect secrecy) is guaranteed, the delay performance is better in high signaltointerference ratio (SIR) regime than that in low SIR regime. By introducing the simple mechanism of message split, it is shown that the delay performance in the backlogged scenario is improved when the density of legitimate transmitters is large. Meanwhile, introducing message split greatly improves the security performance in the backlogged scenario, while slightly improves the security performance in the dynamic scenario for small density of legitimate nodes.
To sum up, our contributions in this work could be summarized as follows.

The joint optimization of the delay and the security problem in large wireless networks, which is seldom explored in the literature, is evaluated through numerical analysis.

New analytical approaches based on the combination of stochastic geometry and queueing theory are proposed to derive the mean delay and the secrecy outage probability in the scenario of random traffic.

Numerical evaluation based on the theoretical analysis is conducted to gain insight for the practical design of wireless networks where both the delay and the security are key concerns.
The remaining part of the paper is organized as follows. Section II describes the propagation model, the traffic model, and the secrecy transmission rate. Section III analyzes the delay in two different scenarios respectively, i.e., the backlogged scenario and the dynamic scenario. Section IV proposes and analyzes a simple transmission mechanism, in which a confidential message is divided into two packets to be delivered independently. Section V numerically analyzes the tradeoff between the security and the delay performance. Finally, Section VI concludes the paper.
Ii System Model
We consider an ad hoc network consisting of both legitimate nodes and eavesdroppers in a large twodimensional space. The locations of the legitimate transmitters are modeled as a homogeneous PPP with intensity , and the locations of the eavesdroppers are modeled as another independent homogeneous PPP with intensity . Each legitimate transmitter is paired with a legitimate receiver at a fixed distance and a random orientation. Without loss of generality, we consider a typical legitimate transmitter located at the origin, and the corresponding legitimate receiver is located at with (see Fig. 2). We consider the discrete time system where the time is divided into discrete slots with equal duration, and each transmission attempt occupies exactly one time slot. In practice, the locations of the transmitters and the receivers are generated once at the beginning and then kept unchanged during all time slots. Therefore, the topology of the network could be considered as static.
Iia Propagation Model
The propagation model in this work consists of two parts, i.e., the path loss and the fading. We assume that the standard power path loss model is used, and the average received power at a receiver from a transmitter is denoted by
(1) 
where is the transmit power, is the received power, and is the path loss exponent (
). The fading of each link is assumed to be Rayleigh block fading with zero mean and unit variance, and it is independent between different links. The power fading coefficients in different time slots are independent identically distributed (i.i.d.) and are constant during one time slot. Note that the channel model in our work is not as comprehensive as that in
[39] which considers the path loss, the Rayleigh fading, the azimuth angle of departure and the lognormal shadowing. However, the channel model in our work is a common assumption that has been widely accepted in the literatures, such as [40]. Meanwhile, using the model of the path loss and the Rayleigh block fading may greatly reduce the complexity of the derivations and make the analysis tractable, and closeformed results could be obtain to gain intuitive insight. Due to the fact that most of the existing wireless networks are interferencelimited, i.e., the noise is much smaller compared with the interference, we ignored the thermal noise in our analysis. Without loss of generality, the transmit power of all legitimate transmitters is normalized.When all transmitters are active, the SIR at the typical legitimate receiver is
(2) 
where is the fading coefficient between the typical legitimate transmitter at the origin and the corresponding receiver at , is the fading coefficients between the transmitter and the typical legitimate receiver .
When all transmitters are active, the SIR at an eavesdropper is
(3) 
where is the fading coefficient between the legitimate transmitter at the origin and the eavesdropper at .
IiB Traffic Model
For completeness consideration, we consider two scenarios for the traffic arrival process, i.e., the backlogged scenario and the dynamic scenario (see Figure 3).
IiB1 Backlogged scenario
In the backlogged scenario, we assume that the network is backlogged, i.e., the transmitters always have packets to transmit when they are scheduled for transmission. In this way, a meaningful and practically relevant metric in the backlogged scenario is the duration to successfully deliver one packet, which is closely related to the number of retransmissions of a packet. This type of delay, which ignores the queueing delay (i.e., the waiting time of a packet until it is served), is also defined as local delay [41, 40, 42]. Without loss of generality, we call it the delay for simplicity in the backlogged scenario.
IiB2 Dynamic scenario
In the dynamic scenario, we assume that the packets arrive at the legitimate transmitters as a stochastic process. The packets arrival process at each legitimate transmitter is assumed to be an independent Bernoulli process of arrival rate per time slot. By the definition of the Bernoulli process, is the probability of an arrival of a packet at user in any time slot.
We assume that each legitimate transmitter maintains a buffer with infinite capacity to store the incoming packets. In each time slot, each legitimate transmitter attempts to transmit its headofline packet with probability if the queue at the transmitter is not empty. As for the retransmission mechanism, we assume that if a packet fails for transmission in the scheduled time slot, the packet will be added into the head of the queue of the corresponding legitimate transmitter and wait to be rescheduled again.
IiC Secrecy Transmission Rate
According to Wyner s secure encoding scheme [3, 43], a transmitter may choose two rate thresholds, i.e., the rate threshold of codewords and the rate threshold of confidential messages . The difference between the two rate thresholds, denoted by , is the rate cost of securing the messages against eavesdropper. If the rate of a legitimate link is less than the threshold , the legitimate receiver cannot decode the message with an arbitrarily small error. Meanwhile, if the rate of every eavesdropping link is less than the threshold , perfect secrecy could be achieved to guarantee the confidential rate .
With the above two rate thresholds, we define two failure events for a transmission attempt, i.e., the connection failure and the secrecy failure (see Figure 4).
IiC1 Connection Failure
The connection failure means that a transmission attempt of a packet sent by a legitimate transmitter cannot be successfully decoded by the corresponding receiver. The probability of connection failure for a transmission attempt is
(4) 
Let be the SIR threshold for the connection failure event. Due to the retransmission mechanism, if a transmission attempt of a packet fails, the packet will be added into the head of the queue and wait to be rescheduled for transmission.
IiC2 Secrecy Failure
The secrecy failure means that a transmission attempt of a packet sent by a legitimate transmitter is not perfectly secure against the eavesdroppers. The probability of secrecy failure for a transmission attempt is
(5) 
Let be the SIR threshold for the secrecy failure event. Since a packet may be retransmitted for several times due to the connection failure, the delivery of a packet is perfectly secure only when all the transmission attempts are successful.
Therefore, the delay in the backlogged scenario is the number of time slots required by a legitimate transmitter to successfully deliver a packet to the corresponding legitimate receiver. On the other hand, the delay in the dynamic scenario is the number of time slots between the arrival of a packet and the successful delivery of that packet. Meanwhile, the secrecy performance can be characterized by the secrecy outage probability, which in this paper is defined as the probability that at least one transmission attempt of a packet is not perfectly secure. Let be the total number of scheduled transmissions until a packet is successfully decoded at the legitimate receiver, and
is a geometric distributed random variable with success probability
, i.e., . Then, the secrecy outage probability with given is(6) 
The relationship between the mean delay and the secrecy outage probability is not straightforward. Intuitively, the equation (6) reveals that increasing the total number of transmissions raises the mean delay as well as the secrecy outage probability. However, since the probability of secrecy failure may decrease, the secrecy outage probability may also decrease. Therefore, the theoretical analysis of the mean delay and the secrecy outage probability is necessary. In the following discussions, we derive the expressions to reveal the exact relationship between the mean delay and the secrecy outage probability.
The system model described above is a general mathematical framework that could be applied to analyze the security and delay performance of general large wireless networks, corresponding to a number of application scenarios. For example, the proposed mathematical framework could be applied in the military communications, where the soldiers from one army want to eavesdrop the confidential messages from the hostile army. In this application scenario, the soldiers from the eavesdropping army could be considered as eavesdroppers and the soldiers from the other army could be considered as the legitimate nodes. Another application scenario could be the prevention of theft in the wireless banking transactions, where the thieves could be considered as the eavesdroppers and the banking users could be considered as the legitimate nodes. In these application scenarios, all eavesdroppers try to eavesdrop the confidential messages from all legitimate users. Thus, the legitimate users should prevent their confidential messages from being eavesdropped by any one of the eavesdroppers.
Iii Delay and Secrecy Outage Probability
The delay in the backlogged scenario is exactly the transmission delay caused by retransmission (i.e., the time to successfully transmit a packet that is served), while the delay in the dynamic scenario consists of two parts, i.e., the queueing delay and the transmission delay. We analyze the delay in the two different scenarios respectively in the following discussions.
Iiia Backlogged Scenario
In the backlogged scenario, whenever a transmitter is scheduled to access the channel it always has packet to transmit. The backlogged assumption is widely used in the analysis of wireless communication systems. With the backlogged assumption, the obtained interference in the network is an upper bound for the interference without backlogged assumption. Therefore, the performance derived with the backlogged assumption will be a useful bound for the performance of the practical system. With the backlogged assumption, considering the queueing delay is meaningless since the queueing delay is always infinite. However, a meaningful and practically relevant metric in the backlogged scenario is the transmission delay. The transmission delay in the backlogged scenario is exactly the local delay, which has been well explored in the literature, such as [40] and [42]. Another benefit of introducing the backlogged assumption is that the theoretical analysis of delay becomes tractable since the interacting between different queues is avoided. Concise and closeformed results could be obtained by the backlogged assumption, which further leads to more insights. From [40], we get the following lemma, which gives the analytical expression for the mean delay of the typical legitimate link.
Theorem 1.
The mean delay of the typical legitimate link in the backlogged scenario is
(7) 
where , and .
Proof.
The result in Theorem 1 is closedform and can be easily evaluated, and it shows directly how the mean delay varies with the transmit probability . The equation (7) indicates that the mean delay goes to infinite both when decreases to zero and when increases to one since holds. When the transmit probability decreases to zero, a packet is scheduled for transmission for very small probability, and when the transmit probability increases to one, the interference and the interference correlation may greatly deteriorate the delay performance.
In the following, we derive the secrecy outage probability for the backlogged scenario. Note that is the total number of transmissions until a packet is successfully decoded at the legitimate receiver. Then, Theorem 1 gives the analytical expression for the mean times of transmissions in the backlogged scenario. For the typical legitimate link, when the realization of is given, the connection failure probability is determined by the fading and random access mechanism, which are independent among different time slots. Thus, the connection failure probability with given , denoted by , is the same for all time slots. Let be the total number of transmissions until a packet is successfully decoded at the legitimate receiver when is given. Then, is a geometric distributed random variable with success probability , i.e., . In order to guarantee the perfect secrecy, each of the transmission attempts should be perfect secure; otherwise, the message will be eavesdropped. Letting be the secrecy failure probability with given and , the secrecy outage probability is
(8)  
where holds since is a geometric distributed random variable with success probability . The last equation holds due to the sum formula of infinite geometric series whose successive terms have a common ratio. With the above discussion, we could further derive the secrecy outage probability in the following theorem.
Theorem 2.
The secrecy outage probability of the typical link in the backlogged scenario can be approximated by
(9) 
Proof.
See Appendix A. ∎
The secrecy outage probability given by Theorem 2 is closedform, and the relationship between the secrecy outage probability and the system parameters can be observed directly from the equation (9). The equation (9) also verifies the intuition that the secrecy outage probability is positively correlated with the intensity of the eavesdroppers and is negative correlated with the intensity of the legitimate transmitters . Specially, we get as , and as . The reason is that increasing the intensity of eavesdroppers may increase the probability that an eavesdropper appears nearby the legitimate links. Meanwhile, increasing the intensity of legitimate transmitters may increase the interference in the wireless network, thus preventing the message from being eavesdropped. Note that when either or holds, the secrecy outage probability goes to one, i.e., , indicating that the secrecy outage event happens with high probability when there are very few active legitimate transmitters. This observation illustrates that increasing the number of concurrent transmissions in the wireless networks is helpful to improve the secrecy performance, i.e., increasing the interference in the wireless networks is helpful from the aspect of the security performance.
IiiB Dynamic Scenario
In the dynamic scenario, the delay consists of the queueing delay and the transmission delay. The analysis of the delay in the dynamic scenario requires the combination of the stochastic geometry and the queueing theory, which induces the interacting queues problem. In order to bypass these difficulties, we propose an approach to approximate the delay in the dynamic scenario. We first simplify the interaction between the queues and assume that all interfering transmitters are active with the same probability . Then, we derive the connection failure probability for the typical legitimate link in each time slot. The service rate of the queue at the typical legitimate transmitter will be , which means that the probability for a packet at the typical user being scheduled and successfully transmitted in a time slot is . Then, represents the average proportion of time occupied by a transmitter. When the queue is empty, the transmitter is inactive, and when the transmitter is occupied, it is active with probability due to the random access. Therefore, the active probability of the typical legitimate link is . Note that is a function of . By solving the equation , we obtain a solution which could be used to derive the approximated delay for the wireless network.
Since the transmissions of the typical user in different time slots are affected by the independent fading and the independent random access, the probability for a transmission attempt to be scheduled and successful in all time slots is the same, which is . Therefore, the queueing system at the typical transmitter is a Geo/G/1 queue, or a discretetime single server retrial queue [44, 45]. In the Geo/G/1 queue, the arrival process of the packets is a Bernoulli process with intensity packets per time slot. The arrival process of the packets is called the geometric arrival since the probability that a packet arrives in a time slot is , and the number of time slots between two adjacent arrivals is a geometric random variable. The success probability is and the service times of packets are i.i.d. with geometric distribution. From [44], we get the mean delay for the Geo/G/1 queue with given as
(10) 
With the above discussions, we could obtain the mean delay in the dynamic scenario in the following theorem.
Theorem 3.
The mean delay of the typical legitimate link in the dynamic scenario is
(11) 
Proof.
By assuming that all interfering transmitters are active with the same probability , we get the connection failure probability as
(12)  
Considering the equation , we get
(13) 
Solving the above equation, we get the solution
(14) 
where is the Lambert function with the defining equation . Then, the connection failure probability is
(15) 
Having derived the connection failure probability, the mean delay is
(16) 
Therefore, we get the results in the theorem. ∎
It is hard to interpret the relationship between the mean delay and the system parameters since the property of the Lambert function is not intuitive. However, we could further simplify the above results for some special cases. Note that when , the asymptotic expansions of the Lambert function is
(17) 
Therefore, we have when . When , the result given by Theorem 3 can be simplified into
(18) 
The above result indicates that when either , , or holds, the delay could be approximated into simple form. Then, the relationship between the mean delay , the transmit probability and the arrival rate could be easily obtained.
The secrecy failure event happens in the transmitting process and is not affected by the queueing process. Thus, the secrecy outage probability in the dynamic scenario is similar to that in the backlogged scenario since the secrecy outage is only determined by the delivering process of a packet. The only difference between the secrecy outage probability in the backlogged scenario and that in the dynamic scenario is that the active probabilities for the two scenarios are different. In the backlogged scenario, the active probability for the interfering transmitters is the transmit probability since all transmitters are backlogged and always have packets to transmit. However, in the dynamic scenario, the active probability is . Therefore, we get the following theorem, which gives the secrecy outage probability in the dynamic scenario.
Theorem 4.
The secrecy outage probability of the typical link in the dynamic scenario can be approximated by
(19) 
where is given by
(20) 
Proof.
The proof is similar to that of Theorem 2. ∎
The equation (19) shows that as or , indicating that when the number of eavesdroppers is very small or when the SIR threshold to eavesdrop the message is very large, the secrecy outage event hardly ever happens. On the other hand, when or , we get , indicating that when the eavesdroppers are densely deployed or when the messages are easily intercepted by the eavesdroppers, the secrecy outage event almost always happens.
Similar to the discussions after Theorem 3, we can also simplify the result given by Theorem 4. Note that as . When , the active probability given by the equation (20) can be simplified as
(21) 
Note that if , the arrival rate is larger than the transmit probability, thus, the queues in the network will be unstable. A more relevant case is , which is a necessary condition for the queues to be stable. If both and hold, the active probability will be
(22) 
Plugging into (19), we get the secrecy outage probability when as
(23)  
The relationship between the secrecy outage probability and the system parameters, such as the intensity of eavesdroppers , the intensity of legitimate transmitters , the SIR threshold and so on, could be observed from the equation (23) directly.
Iv Performance of Message Split
In this section, we propose and analyze a simple transmission mechanism, in which a confidential message is divided into two packets to be delivered independently. A confidential message is successfully decoded at the legitimate receiver only when both of the two packets from the message are successfully decoded at the receiver. Meanwhile, the perfect security could be guaranteed if at least one of the two packets from the same message cannot be decoded by an eavesdropper. This mechanism has a direct effect on the delay and may also affect the security performance. Therefore, in this section, we explore this simple transmission mechanism to provide a guidance to tradeoff the delay and the security of the wireless network.
Iva Backlogged Scenario
Since one message is split into two packets, the size of each packet is halved. When fixing the duration of the time slots, the requirement for the rate of the confidential message could be reduced from to . The threshold for the rate of the eavesdropping link is also reduced from to . Then, the rate threshold of codewords becomes .
Note that the mean delay is doubled since both of the two packets should be successful. By the similar derivations as Theorem 1, we get the following corollary which gives the mean delay in the case of message split.
Corollary 1.
The mean delay of the typical legitimate link in the backlogged scenario with message split is
(24) 
where .
Comparing with the result given by (7), we observe that the mean delay is doubled and is replaced by . However, since the effect of the two changes are in the opposite direction, whether the mean delay is increased or not is still uncertain, which depends on the parameters such as the transmit probability , the intensity of legitimate transmitters , and so on.
In order to intercept the confidential message, both of the two packets from the same message should be successfully decoded at the eavesdropper. Therefore, by the similar derivations as that in Theorem 2, we get
Corollary 2.
The secrecy outage probability of the typical link in the backlogged scenario with message split can be approximated by
(25) 
where .
The secrecy outage probability in the backlogged scenario with message split is closedform. The result also reveals that as , and as . Though whether the message split decreases the secrecy outage probability is still not intuitive from Corollary 2, the numerical analysis could be conducted to evaluate the effect of message split.
IvB Dynamic Scenario
The analysis of the dynamic scenario is different from that of the backlogged scenario when the message split is introduced in the transmission mechanism. The arrival process of the messages is still a Bernoulli process of arrival rate . Since each message is split into two packets which are transmitted independently, at least two time slots are needed to successfully deliver one message. However, the queueing system is still a Geo/G/1 queue because the number of time slots between two adjacent arrivals is still a geometric random variable. When each message is divided into two packets, the service time of each message is the summation of the service time of the two packets. Since the service time of each packet is a geometric random variable, the total service time for each message is the summation of two geometric distributed random variables. The analysis of this queueing system is rather difficult because the service rate is not a well know distribution. Thus, we use the formula for the mean delay obtained from the M/M/1 queueing system to approximate the mean delay in the dynamic scenario with message split. With these discussions, we get the following corollary, which gives the mean delay in the dynamic scenario with message split.
Corollary 3.
The mean delay of the typical legitimate link in the dynamic scenario with message split is
(26) 
where .
Proof.
By approximating the queueing system with the M/M/1 model, the mean delay can be approximated as
(27) 
where is the arrival rate of the messages, and is the service rate. The mean delay in the dynamic scenario with message split could be obtained by the service rate of the Geo/G/1 queue.
Similar to the derivations in Theorem 3, the connection failure probability of a packet is
(28) 
where . The service time for each packet is a geometric random variable with success probability , and the mean service time for each packet is . Thus, the mean service time for each message is , and the mean service rate for each message is . Plugging into the equation (27), we get the mean delay as
(29) 
Therefore, we get the result in the corollary. ∎
By the expansion of the Lambert function given by the equation (17), we get the mean delay when as
(30) 
Furthermore, when and , the mean delay is exactly two time slots, which is the case where the transmission attempts of a packet is scheduled with probability one and is always successful when it is scheduled.
To eavesdrop the confidential message at an eavesdropper in the dynamic scenario with message split, both of the two packets from the same message should be successfully decoded at the eavesdropper. By the similar derivations as that in Theorem 4, we get
Corollary 4.
The secrecy outage probability of the typical link in the dynamic scenario with message split can be approximated by
(31) 
where is given by
(32) 
, and .
V Numerical Evaluation
In this section, we evaluate the tradeoff between the mean delay and the secrecy outage probability through numerical analysis to gain insight. Without special explanation, the numerical parameters are set as follows in default. The intensities of the legitimate transmitters and the eavesdroppers are set as and , respectively, and the desired link distance is . The path loss exponent is , the transmit probability is , and the packet arrival rate is . The rate threshold of codewords is bits/Hz, and that of confidential messages is bit/Hz.
Figure 5 shows the mean delay and the secrecy outage probability as functions of the transmit probability in the backlogged scenario. As increases, both the mean delay and the secrecy outage probability first decrease then increase. When starts to increase, the mean delay decreases since the successful delivery of a packet is limited by the transmit probability, while the secrecy outage probability decreases since the interference for the eavesdropping links increases. When continues to grow, the mean delay increases since the interference increases, while the secrecy outage probability increases since the probability to eavesdrop the message is increased with large . Figure 6 shows the mean delay and the secrecy outage probability as functions of in the backlogged scenario. When increases, the mean delay increases and the secrecy outage probability decreases since the interference in the network increases. However, when continues to grow, the secrecy outage probability increases since the distances of the eavesdropping links are decreased. Figure 7 plots the tradeoff between the mean delay and the secrecy outage probability when increasing in the backlogged scenario. Though the value of is not marked in Fig. 7, we can observe from Theorem 1 that is linear positive correlated to ln which is the value of the horizontal ordinate. Note that when the path loss exponent increases, the secrecy outage probability decreases for large and increases for small , indicating that the security performance is much better when the signal attenuates quickly (i.e., when is large) for large , and it is reverse for small .
Figure 8 shows the mean delay and the secrecy outage probability as functions of the intensity of legitimate transmitters with different in the dynamic scenario. When varying , we keep the rate threshold of confidential messages to be the same (i.e., bits/Hz). Thus, the minimal confidential rate is guaranteed. Figure 8 reveals that although the same confidential rate is guaranteed, the mean delay is larger and the secrecy outage probability is smaller in the high SIR regime than those in the low SIR regime.
Figure 9 and Figure 10 show the comparison of the mean delay and the secrecy outage probability for different scenarios with and without message split. The arrival rate is . Figure 9 reveals that in the backlogged scenario, the mean delay with message split is larger than that without message split when is small, while it is reverse for large , indicating that in the backlogged scenario, message split is beneficial for the delay performance only for large . Figure 9 also reveals that in the dynamic scenario, the delay performance without message split is always better than that with message split. Figure 10 shows that in the backlogged scenario, introducing message split greatly decreases the secrecy outage probability and improves the security performance, while in the dynamic scenario, introducing message split is only beneficial when is large. Accordingly, in the actual application scenario such as the military communications, the message split scheme could be introduced to improve the security performance at the expense of increasing the delay when the density of the soldiers in the communications is not very small.
Vi Conclusions
In this work, we evaluate the tradeoff between the delay and the security performance in large wireless networks for both the backlogged scenario and the dynamic scenario. By combining the tools from stochastic geometry and queueing theory, we derive the closeformed results for the mean delay and the secrecy outage probability. We also analyzed the effect of a simple transmission mechanism which splits a message into two packets.
Our results reveal that the security performance of the wireless network is better when the path loss exponent is larger. We also observe that under the condition that a certain confidential rate is guaranteed, the delay performance is better in high SIR regime than that in low SIR regime. Moreover, by introducing the simple mechanism of message split, it is shown that the delay performance in the backlogged scenario is improved when the density of the legitimate transmitters is large. Meanwhile, introducing message split greatly improves the security performance in the backlogged scenario, while slightly improves the security performance in the dynamic scenario when the density of the legitimate transmitters is large.
Appendix A Proof of Theorem 2
Let be the set of transmitters that are active in time slot , and let be the interference at the typical legitimate receiver located at in time slot . Then, the mathematical expression for is
(36) 
With given , the connection failure probability is
(37)  
where and follow because the fading coefficients
are i.i.d. exponential distributed random variables with unit mean,
holds due to the stationarity of the PPP.With given and , the secrecy failure probability is
(38)  
From equation (8), we get the secrecy outage probability of the typical link as
(39)  
To derive the exact secrecy outage probability is difficult, and we propose to approximate the secrecy outage probability. Using the Jensen’s inequality to approximate the secrecy outage probability, i.e., for a random variable and a function , we get
(40) 
Using the probability generating functional (PGFL) of the PPP, we have
(41)  
Due to the stationarity of the PPP and the independence between and , we have
(42)  
Plugging into the equation (40), we have
(43)  
Therefore, we get the results in the theorem.
References
 [1] X. Ge, S. Tu, G. Mao, C.X. Wang, and T. Han, “5G ultradense cellular networks,” IEEE Wireless Commun., vol. 23, no. 1, pp. 72–79, Mar. 2016.
 [2] C. B. Sankaran, “Network access security in nextgeneration 3GPP systems: A tutorial,” IEEE Commun. Mag., vol. 47, no. 2, pp. 84–91, Feb. 2009.
 [3] A. D. Wyner, “The wiretap channel,” The Bell System Technical Journal, vol. 54, no. 8, pp. 1355–1387, Oct. 1975.
 [4] X. Ge, Z. Li, and S. Li, “5G software defined vehicular networks,” IEEE Commun. Mag., vol. 55, no. 7, pp. 87–93,
Comments
There are no comments yet.