“An attacker can generate the exact same pilot sequences to those of the legitimate users and transmit these sequences together with these users to distort the channel estimation at the base station,” explains Akgun. This tactic ultimately reduces the data transmission rate to users.

In their study, Akgun and his collaborators explored pilot contamination strategies that an attacker could use under different conditions. Their results show that when an attacker is close to the base station, within 300 meters or closer, he or she can impose their own pilots strongly enough to reduce the total transmission rate of a massive MIMO system by more than 50 percent. Unfortunately, their results also suggest that an attacker can degrade the transmission rates of data from farther distances.

Attacks can also become more severe if the attacker knows the locations of some users. “The attacker has a limited power budget to contaminate the pilot transmissions of legitimate users,” Akgun explains. “If the user locations are known to the attacker, it can distort the pilot transmissions of some users more than it does to others. This way, the adversary can enhance the impact of its attack on the overall system performance.”  

Pilot contamination can also be used to siphon off data transfers if the attacker’s pilot signals are strong enough, threatening the privacy of wireless communications. The researchers explored how much this tactic could be maximized under different conditions as well, finding that data transfers are significantly more vulnerable to hacking when the attacker is positioned closer to the base station.

Together, this works underscores the vulnerability of massive MIMO to attack and the need for new protocols for establishing secure communications channels through these systems.