Multi-User MIMO (MU-MIMO) has attracted much attention due to its significant advantage of increasing the utilization ratio of wireless channels. However, Frequency-Division Duplex (FDD) systems are vulnerable to eavesdropping, since the explicit CSI feedback can be manipulated. In this paper, we show that Time-Division Duplex (TDD) systems are insecure as well. In particular, we show that it is possible to eavesdrop on other users’ downloads by tuning training sequences. In order to defend MU-MIMO against such threats, we propose a secure CSI estimation scheme, which can provide correct estimates of CSI when adversarial users are in presence. We prove that our scheme is secure against training sequence based eavesdropping attack. We have implemented our scheme for TDD MU-MIMO systems and performed a series of experiments. Results demonstrate that our secure CSI estimation scheme is highly effective in protecting TDD MIMO networks against eavesdropping attack. Furthermore, we extend our scheme to support massive MU-MIMO networks, with a carefully redesigned uplink protocol and optimized power allocation to achieve higher spectral efficiency. To be more practical, we also take mismatch channel issue into our consideration. An enhancement scheme is proposed and we show that our scheme with enhancement is secure and correct under mismatch channel.

中文翻译：

---

保护 TDD MIMO 网络免受基于训练序列的窃听攻击

多用户多输入多输出（MU-MIMO）因其提高无线信道利用率的显着优势而备受关注。然而，频分双工 (FDD) 系统容易受到窃听，因为可以操纵显式 CSI 反馈。在本文中，我们展示了时分双工 (TDD) 系统也是不安全的。特别是，我们表明可以通过调整训练序列来窃听其他用户的下载。为了保护 MU-MIMO 免受此类威胁，我们提出了一种安全的 CSI 估计方案，该方案可以在敌对用户存在时提供正确的 CSI 估计。我们证明了我们的方案对于基于训练序列的窃听攻击是安全的。我们已经为 TDD MU-MIMO 系统实施了我们的方案并进行了一系列实验。结果表明，我们的安全 CSI 估计方案在保护 TDD MIMO 网络免受窃听攻击方面非常有效。此外，我们扩展了我们的方案以支持大规模 MU-MIMO 网络，通过精心重新设计的上行链路协议和优化的功率分配来实现更高的频谱效率。为了更实际，我们还考虑了不匹配的通道问题。提出了一种增强方案，我们表明我们的增强方案在失配信道下是安全和正确的。我们还考虑了不匹配的渠道问题。提出了一种增强方案，我们表明我们的增强方案在失配信道下是安全和正确的。我们还考虑了不匹配的渠道问题。提出了一种增强方案，我们表明我们的增强方案在失配信道下是安全和正确的。