Securing the Sensing Functionality in ISAC: KLD-Based Ambiguity Function Shaping

As integrated sensing and communication (ISAC) systems are deployed in next-generation wireless networks, a new security vulnerability emerges, particularly in terms of sensing privacy. Unauthorized sensing eavesdroppers (Eve) can potentially exploit the ISAC signal for their own independent passive sensing. However, solutions for sensing-secure ISAC remain largely unexplored to date. This work addresses sensing-security for OFDM- and OTFS-based ISAC waveforms from a target-detection perspective, aiming to prevent Eves from exploiting the ISAC signal for unauthorized passive sensing. We develop ISAC system models for the base station (BS), communication user equipment, and the sensing Eve, and define a Kullback-Leibler-divergence-based detection metric that accounts for mainlobe, sidelobe, and noise components in the ambiguity function and the resulting range-Doppler maps of the legitimate BS's and Eve's sensing. Building on this analysis, we formulate a sensing-secure ISAC signaling design problem that tunes a perturbation matrix to jointly control signal amplitude and phase in the time-frequency domain and solve it via simulated annealing. Simulation results show that the proposed scheme substantially degrades Eve's detection probability -- from 79.4% to 37.4% for OTFS and from 94.3% to 33.0% for OFDM -- while incurring only a small loss in BS sensing performance. In addition, it allows controllable trade-offs across sensing-security and communication performance.