Communication security is widely regarded as one of the most challenging problems in wireless communications. Traditionally, security is enforced by imposing cryptographic protocols in the application layer . However, this upper layer solution is not flexible as it requires complex key exchange protocols. Fortunately, it is shown by Wyner  that secure communication can be guaranteed by adopting some advanced signal processing techniques developed in the physical layer. In specific, these techniques exploit differences in channel conditions and interference environment to enhance the received signal of legitime users (LUs) and suppress the signal received by the eavesdropper (ED).
In order to enhance physical layer security, intelligent reflecting surface (IRS), a kind of passive metasurface, has emerged as a promising technique [3, 4, 5], since each passive element on the IRS is capable of reconfiguring the wireless channels between the base station (BS) and LU constructively while suppressing the radio frequency (RF) power leaked to the ED by imposing an independent phase shifts to the incident signal [6, 7, 8, 9, 10]. Furthermore, the IRS can be readily coated on existing buildings, such as the walls and ceilings, which reduces the cost and complexity of deployment operations. Hence, IRS holds great promise for excellent security enhancement as it provides a cost-effective and energy-efficient approach.
. In an active attack, in order to mislead the BS to send signals to the ED, the ED pretends to be a LU sending pilot contamination to interfere with the channel estimation procedure at the BS. Nonetheless, a passive attack is more difficult to deal with since the passive ED can hide itself and its CSI is not known at the BS.
Recently, the benefits of IRS in physical layer security under the active attacks have been investigated in the existing literature [6, 7, 8, 9, 10]. The performance gains of IRS in terms of security capacity was first explored in a simple model consisting of only one single-antenna LU and one single-antenna ED in . Closed-form solutions of the phase shifters of IRS were obtained by leveraging the majorization-minimization (MM) technique in , which had a better performance than the classical semidefinite relaxation (SDR) method. The authors in  extended the results in  to a multiple-input multiple-output (MIMO) system where artificial noise (AN) was introduced to enhance the security performance. The results in  further showed that the IRS-aided design without AN performs even worse than the AN-aided design without IRS as the number of eavesdroppers near the IRS increases. However, all the above contributions were based on the assumption of perfect channel state information (CSI) of the eavesdropping channels at the BS. This assumption is too strict and even impractical. The reasons are twofold: 1) It is challenging to estimate the IRS-related channels since IRS is passive and can neither send nor receive pilot symbols. 2) The pilot transmission from the ED to the BS may not be continuous and the corresponding CSI at the BS may be outdated. To deal with the imperfect CSI of the ED, robust transmission methods for IRS secure communication were proposed in [9, 10]. In particular, the authors in  proposed a robust secure transmission strategy by applying the worst-case optimization method under the assumption of imperfect CSI from the IRS to the ED. On the other hand, the authors in  considered the more practical imperfect cascaded BS-IRS-ED channel and proposed an outage constrained beamforming design method under the statistical CSI error model. However, the imperfect CSI of both LU and ED was not studied in .
To the best of our knowledge, all the existing contributions on the IRS-aided security enhancement were developed under the active attack, where the BS can acquire the CSI of ED. There is no existing work studying the passive eavesdropping in IRS-aided secure communication systems. In addition, even for the imperfect CSI under the active attack, the methods proposed in [9, 10] are only applicable to small-size IRS (the number of the reflection elements is less than 10), which can be observed from the numerical simulations. The limitations for the research of small-size IRS lie in twofold. The first is that IRS has advantages over the conventional massive MIMO and relay in terms of energy efficiency only when the number of IRS reflection elements is large . Second, some interesting observations can be found in the robust design in IRS system only when the number of reflection elements is large enough .
Against the above background, this paper studies the IRS-aided secrecy communication under the active attacks and passive eavesdropping. The contributions of this paper are summarized as follows:
This paper proposes an IRS-aided two-phase secrecy communication scheme for a scenario where the ED has a similar channel direction as a LU in order to asquire high-quality eavesdropping information. In particular, in the multicasting phase, the BS transmits signals to the LU with low transmission power to reduce the information leakage to the ED. In the user cooperation phase, other LUs forward the received signals to the attacked LU with the assistance of IRS by using the energy harvested in the previous phase. In addition, two models of ED are considered in this work, i.e. active attack and passive eavesdropping.
In the presence of statistical CSI error under the active attack, we develop an outage constrainted beamforming design problem that maximizes the secrecy rate subject to the unit-modulus constraint, the energy harvesting constraint and the secrecy rate outage probability constraint. Here, the outage probability constraint guarantees the maximum secrecy rate of the system for secure communication under a predetermined probability. By resorting to the Bernstein-Type Inequality (BTI) and some convex approximations, the non-convexity of constraints is addressed. Then, the active precoders and the passive reflection beamforming are updated by using the proposed semidefinite programming (SDP) and penalty convex-concave procedure (CCP) technique respectively in an iterative manner.
For the passive ED case with only partial CSI, we aim to maximize an average secrecy rate subject to the unit-modulus of the reflection beamforming and the energy harvesting constraints. To address the numerical integration in the objective function, an angular secrecy model, which is analytically non-convex, is proposed. A low-complexity algorithm is proposed based on the MM-based alternate optimization (AO) framework, where the precoders are updated by solving a convex optimization problem and the reflection beamforming is updated in a closed-form solution which is globally optimal.
The numerical results demonstrate that the level of the cascaded CSI error plays a vital role in the IRS-aided secure communication systems. Specifically, when the cascaded CSI error is small, the secrecy rate increases with the size of the IRS due to the increased beamforming gain. However, when the cascaded CSI error is large, the secrecy rate decreases with the size of the IRS due to the increased channel estimation error. Hence, whether to deploy the IRS in secure communication systems depends on the level of the cascaded CSI error. In addition, the IRS can enhance the average secrecy rate under the passive eavesdropping.
The remainder of this paper is organized as follows. Section II introduces the channel model and the system model. Outage constrained robust design problem is formulated for the active eavesdropper model in Section III. Section IV further investigates the average eavesdropping rate maximization problem under the passive eavesdropping. Finally, Section V and Section VI show the numerical results and conclusions, respectively.
The following mathematical notations and symbols are used throughout this paper. Vectors and matrices are denoted by boldface lowercase letters and boldface uppercase letters, respectively. The symbols, , , and denote the conjugate, transpose, Hermitian (conjugate transpose), Frobenius norm of matrix , respectively. The symbol denotes 2-norm of vector . The symbols , , , , and
denote the trace, real part, modulus, eigenvalue, and angle of a complex number, respectively.is a diagonal matrix with the entries of on its main diagonal. means the element of the vector . The Kronecker product and the Hadamard product between two matrices and is denoted by and , respectively. means that is positive semidefinite. Additionally, the symbol denotes complex field, represents real field, and is the imaginary unit.
Ii System Model
As shown in Fig. 1, we consider Rician wiretap channels where a BS with transmit antennas communicates with single-antenna LUs in the presence of a single-antenna ED. An IRS with reflection elements is introduced to aid the secure communication.
Ii-a Channel Model
Define the set of all LUs as , and denote set and set . By denoting as the distances and the azimuth angles from the BS to the LUs and the ED, as shown in Fig. 1, then the corresponding channels obey the following Rician fading distribution :
where is the pathloss at the reference distance of , and are the pathloss exponent and the Rician factor of the BS-related links, respectively. It is assumed that the BS is equipped with a uniform linear array (ULA).
Then, the line-of-sight (LoS) component is given by , and the non-LoS component is drawn from a Rayleigh fading, i.e., .
Furthermore, by denoting as the distance and the azimuth angle from the BS to the IRS, it is straightforward to obtain the distances and the azimuth angles from the IRS to the LUs and the ED as shown in Fig. 2, i.e.,
The corresponding channels are given by
where and are the pathloss exponent and the Rician factor of the IRS-related links, respectively. The non-LoS component follows the distribution of . It is assumed that the IRS is an uniform plane array (UPA) with size of , where and are the number of reflection elements in x-axis and y-axis, respectively. Then, the LoS component is written as
where , and is the elevation angle observed at the IRS side.
Ii-B Signal Transmission
To achieve high attack success rate, the ED can locate on the line between the BS and legitimate user. In this situation, the signal received by the ED is highly correlated with that of this user [11, 12], thus posing great threats to the system. As shown in Fig. 1, we assume that the ED hides at the line connecting the BS and one of the users, denoted as user , which leads to , and . When the Rician factor is sufficiently large, the channel gain is approximately equal to the channel gain .
In order to achieve high-quality secure communication, the angle aware user cooperation (AAUC) scheme  is adopted here. In particular, in the first phase, the BS multicasts the common signal to all users except user . In the second phase, the helping users forward the decoded common signal to user via the IRS. In this work, in order to implement the AAUC scheme without consuming extra energy, the LUs adopt the hybrid information and energy harvesting receiving mode which splits the received signal into two power streams with power splitting ratios and . The former is used for decoding the signal and the latter for energy harvesting.
Ii-B1 Multicasting Phase
In this phase, the BS multicasts a signal to the helping LUs through beamforming vector which is limited to the maximum transmit power , i.e., . Since , the beamforming needs to satisfy to ensure that . Let
be the orthogonal matrix which spans the null space of
by using the QR decomposition, i.e.,. Then, we can design , where is a newly introduced variable. Therefore, the signal received by LU is given by , where is the received noise with the noise power of . By adopting the hybrid receiving mode, the achievable rate at LU is
where the factor 1/2 is due to the two transmission phases. The harvested power at LU is
Ii-B2 User Cooperation Phase
In this phase, the helping LUs forward the signal to LU through a beamforming vector by using the power harvested in the multicasting phase. Since LU is randomly selected by the ED and assume that many obstacles in the communication environment, such as indoor applications, the direct links between the helping LUs and the LU may be blocked. To address this issue, an IRS can be installed on the building with a certain height, and thus the IRS is capable of reflecting the signals forwarded by the helping LUs to LU . Denote by the reflection coefficient vector of the IRS, where . Then, the signal received by LU is given by
where , is the cascaded LU-IRS-LU (LIL) channel, and is the noise. The corresponding achievable rate is
On the other hand, the signal recieved by the ED is , where is the cascaded LU-IRS-ED (LIE) channel, and is the received noise at the ED.
The corresponding eavesdropping rate is
Finally, the secrecy rate of this system under the AAUC scheme can be expressed as :
In the following two sections, we consider the system design for two ED models: active eavesdropper model and the passive eavesdropper model.
Iii ED Model I-Active Eavesdropper Model
In this section, we consider the active attack case, in which the ED pretends to be an LU sending pilot signals to interfere with the channel estimation procedure at the transmitters (including the BS and the helping LUs) [11, 12]. It is reasonable to assume that the BS is capable of addressing this attack by using the multi-antenna technique, so as to obtain perfect CSI of the system. Nevertheless, the signle-antenna helping LUs only have the imperfect CSI of LU and the ED due to their limited anti-interference ability.
Iii-a Channel Uncertainties
Based on the above assumption, the cascaded channels can be modeled as
where and are the estimated cascaded channels, and and are the unknown cascaded channel errors. and are the unknown cascaded LIL and LIE channel error vectors at LU , respectively.
According to , the robust beamforming under the statistical CSI error model outperforms the bounded CSI error model in terms of the minimum transmit power, convergence speed and complexity. In addition, the statistical channel error model is more suitable to model the channel estimation error when the channel estimation is based on the minimum mean sum error (MMSE) method. Hence, we adopt the statistical model to characterize the cascaded CSI imperfection , i.e., each CSI error vector is assumed to follow the circularly symmetric complex Gaussian (CSCG) distribution, i.e.,
where and are positive semidefinite error covariance matrices. Note that the CSI error vectors of different LUs are independent with each other. Therefore, we have
where and are block diagonal matrices, i.e., and .
Iii-B Outage constrained beamforming design
Under the statistical CSI error model, we develop a probabilistically robust algorithm for the secrecy rate maximization problem, which is formulated as
where is the secrecy rate outage probability.
Problem (11) is difficult to solve due to the computationally intractable rate outage probability constraint (11b), the non-convex unit-modulus constraint (11d), and the non-convex power constraint (11f).
Firstly, we replace constraint (11b) with the development of a safe approximation consisting of three steps in the following.
Step 1: Decouple the Probabilistic Constraint: First of all, based on the independence between and , we have
Step 2: Convenient Approximations: To address the non-concavity of , we need to construct a sequence of surrogate functions of . More specifically, we need the following lemmas.
 The quadratic-over-linear function is jointly convex in , and lower bounded by its first-order Tayler approximation at fixed point .
By substituting with and with , we utilize Lemma 1 to obtain a concave lower bound of rate for . The lower bound is given by
for any feasible solution .
The upper bound of rate is given by
where is the auxiliary variable.
Proof: Please refer to Appendix A.
The lower bound of rate is given by
where and are the auxiliary variables.
Proof: Please refer to Appendix B.
For the convenience of derivations, we assume that and , then where , and where . Furthermore, the error vectors in (10) can be rewritten as where , and where . Define and . Combining (14) with Lemma 2, the secrecy rate outage probabilities for in (13) are equivalent to
Step 3: A Bernstein-Type Inequality-Based Safe Approximation: The outage probabilities in (19) are characterized by quadratic inequalities, which can be safely approximated by using the following lemma.
(Bernstein-Type Inequality)  Assume , where , , and . Then for any , the following approximation holds:
where . and are slack variables.
Before using Lemma 4, we need the following simplified derivations for LU , , i.e.,
On the other hand, the simplified derivations for LU are given by
at feasible point by adopting the same first-order Taylor approximation used in Lemma 1.
For given , we introduce a new variable with . However, different from the general semidefinite programming (SDP), and , here, coexist in (18d) and (23c). Therefore, the semidefinite relaxation (SDR) technique is not applicable here. In order to handle this problem, we assume and are two different variables. If , then we have . If the obtained is not rank-1, we will have . Therefore, we constrain less than a very small real number threshold to guarantee the rank-1 condition of , yielding the surrogate constraint of rank-1 constraint as
When , the relationship between and is given by the following constraint:
As for constraint (27a), since is a convex function of , the left hand side of (27a) is concave, which is the difference between a linear function and a convex function. Hence, we need to construct a convex approximation of constraint (27a). To address this issue, we introduce the following lemma.
Denote by the eigenvector corresponding to the maximum eigenvalue of a matrix
the eigenvector corresponding to the maximum eigenvalue of a matrix, we have
for any Hermitian matrix .