When Attackers Meet AI: Learning-empowered Attacks in Cooperative Spectrum Sensing

Defense strategies have been well studied to combat Byzantine attacks that aim to disrupt cooperative spectrum sensing by sending falsified versions of spectrum sensing data to a fusion center. However, existing studies usually assume network or attackers as passive entities, e.g., assuming the prior knowledge of attacks is known or fixed. In practice, attackers can actively adopt arbitrary behaviors and avoid pre-assumed patterns or assumptions used by defense strategies. In this paper, we revisit this security vulnerability as an adversarial machine learning problem and propose a novel learning-empowered attack framework named Learning-Evaluation-Beating (LEB) to mislead the fusion center. Based on the black-box nature of the fusion center in cooperative spectrum sensing, our new perspective is to make the adversarial use of machine learning to construct a surrogate model of the fusion center's decision model. We propose a generic algorithm to create malicious sensing data using this surrogate model. Our real-world experiments show that the LEB attack is effective to beat a wide range of existing defense strategies with an up to 82% of success ratio. Given the gap between the proposed LEB attack and existing defenses, we introduce a non-invasive method named as influence-limiting defense, which can coexist with existing defenses to defend against LEB attack or other similar attacks. We show that this defense is highly effective and reduces the overall disruption ratio of LEB attack by up to 80%

Byzantine Attack and Defense in Cognitive Radio Networks: A Survey

The Byzantine attack in cooperative spectrum sensing (CSS), also known as the spectrum sensing data falsification (SSDF) attack in the literature, is one of the key adversaries to the success of cognitive radio networks (CRNs). In the past couple of years, the research on the Byzantine attack and defense strategies has gained worldwide increasing attention. In this paper, we provide a comprehensive survey and tutorial on the recent advances in the Byzantine attack and defense for CSS in CRNs. Specifically, we first briefly present the preliminaries of CSS for general readers, including signal detection techniques, hypothesis testing, and data fusion. Second, we analyze the spear and shield relation between Byzantine attack and defense from three aspects: the vulnerability of CSS to attack, the obstacles in CSS to defense, and the games between attack and defense. Then, we propose a taxonomy of the existing Byzantine attack behaviors and elaborate on the corresponding attack parameters, which determine where, who, how, and when to launch attacks. Next, from the perspectives of homogeneous or heterogeneous scenarios, we classify the existing defense algorithms, and provide an in-depth tutorial on the state-of-the-art Byzantine defense schemes, commonly known as robust or secure CSS in the literature. Furthermore, we highlight the unsolved research challenges and depict the future research directions.Comment: Accepted by IEEE Communications Surveys and Tutoiral

Cognitive Radio for Smart Grid with Security Considerations

In this paper, we investigate how Cognitive Radio as a means of communication can be utilized to serve a smart grid deployment end to end, from a home area network to power generation. We show how Cognitive Radio can be mapped to integrate the possible different communication networks within a smart grid large scale deployment. In addition, various applications in smart grid are defined and discussed showing how Cognitive Radio can be used to fulfill their communication requirements. Moreover, information security issues pertained to the use of Cognitive Radio in a smart grid environment at different levels and layers are discussed and mitigation techniques are suggested. Finally, the well-known Role-Based Access Control (RBAC) is integrated with the Cognitive Radio part of a smart grid communication network to protect against unauthorized access to customer’s data and to the network at large

Intelligent spectrum management techniques for wireless cognitive radio networks

PhD ThesisThis thesis addresses many of the unique spectrum management chal- lenges in CR networks for the rst time. These challenges have a vital e ect on the network performance and are particularly di cult to solve due to the unique characteristics of CR networks. Speci cally, this thesis proposes and investigates three intelligent spectrum management tech- niques for CR networks. The issues investigated in this thesis have a fundamental impact on the establishment, functionality and security of CR networks. First, an intelligent primary receiver-aware message exchange protocol for CR ad hoc networks is proposed. It considers the problem of alleviat- ing the interference collision risk to primary user communication, explic- itly to protect primary receivers that are not detected during spectrum sensing. The proposed protocol achieves a higher measure of safeguard- ing. A practical scenario is considered where no global network topology is known and no common control channel is assumed to exist. Second, a novel CR broadcast protocol (CRBP) to reliably disseminate the broadcast messages to all or most of the possible CR nodes in the network is proposed. The CRBP formulates the broadcast problem as a bipartite-graph problem. Thus, CRBP achieves a signi cant successful delivery ratio by connecting di erent local topologies, which is a unique feature in CR ad hoc networks. Finally, a new defence strategy to defend against spectrum sensing data falsi cation attacks in CR networks is proposed. In order to identify malicious users, the proposed scheme performs multiple veri cations of sensory data with the assistance of trusted nodes.Higher Committee For Education Devel- opment in Iraq (HCED-Iraq

Synoptic analysis techniques for intrusion detection in wireless networks

Current system administrators are missing intrusion alerts hidden by large numbers of false positives. Rather than accumulation more data to identify true alerts, we propose an intrusion detection tool that e?ectively uses select data to provide a picture of ?network health?. Our hypothesis is that by utilizing the data available at both the node and cooperative network levels we can create a synoptic picture of the network providing indications of many intrusions or other network issues. Our major contribution is to provide a revolutionary way to analyze node and network data for patterns, dependence, and e?ects that indicate network issues. We collect node and network data, combine and manipulate it, and tease out information about the state of the network. We present a method based on utilizing the number of packets sent, number of packets received, node reliability, route reliability, and entropy to develop a synoptic picture of the network health in the presence of a sinkhole and a HELLO Flood attacker. This method conserves network throughput and node energy by requiring no additional control messages to be sent between the nodes unless an attacker is suspected. We intend to show that, although the concept of an intrusion detection system is not revolutionary, the method in which we analyze the data for clues about network intrusion and performance is highly innovative