A Context-aware Trust Framework for Resilient Distributed Cooperative Spectrum Sensing in Dynamic Settings

Cognitive radios enable dynamic spectrum access where secondary users (SUs) are allowed to operate on the licensed spectrum bands on an opportunistic noninterference basis. Cooperation among the SUs for spectrum sensing is essential for environments with deep shadows. In this paper, we study the adverse effect of insistent spectrum sensing data falsification (ISSDF) attack on iterative distributed cooperative spectrum sensing. We show that the existing trust management schemes are not adequate in mitigating ISSDF attacks in dynamic settings where the primary user (PU) of the band frequently transitions between active and inactive states. We propose a novel context-aware distributed trust framework for cooperative spectrum sensing in mobile cognitive radio ad hoc networks (CRAHN) that effectively alleviates different types of ISSDF attacks (Always-Yes, Always-No, and fabricating) in dynamic scenarios. In the proposed framework, the SU nodes evaluate the trustworthiness of one another based on the two possible contexts in which they make observations from each other: PU absent context and PU present context. We evaluate the proposed context-aware scheme and compare it against the existing context-oblivious trust schemes using theoretical analysis and extensive simulations of realistic scenarios of mobile CRAHNs operating in TV white space. We show that in the presence of a large set of attackers (as high as 60% of the network), the proposed context-aware trust scheme successfully mitigates the attacks and satisfy the false alarm and missed-detection rates of $10^{-2}$ and lower. Moreover, we show that the proposed scheme is scalable in terms of attack severity, SU network density, and the distance of the SU network to the PU transmitter

Byzantine Attack and Defense in Cognitive Radio Networks: A Survey

The Byzantine attack in cooperative spectrum sensing (CSS), also known as the spectrum sensing data falsification (SSDF) attack in the literature, is one of the key adversaries to the success of cognitive radio networks (CRNs). In the past couple of years, the research on the Byzantine attack and defense strategies has gained worldwide increasing attention. In this paper, we provide a comprehensive survey and tutorial on the recent advances in the Byzantine attack and defense for CSS in CRNs. Specifically, we first briefly present the preliminaries of CSS for general readers, including signal detection techniques, hypothesis testing, and data fusion. Second, we analyze the spear and shield relation between Byzantine attack and defense from three aspects: the vulnerability of CSS to attack, the obstacles in CSS to defense, and the games between attack and defense. Then, we propose a taxonomy of the existing Byzantine attack behaviors and elaborate on the corresponding attack parameters, which determine where, who, how, and when to launch attacks. Next, from the perspectives of homogeneous or heterogeneous scenarios, we classify the existing defense algorithms, and provide an in-depth tutorial on the state-of-the-art Byzantine defense schemes, commonly known as robust or secure CSS in the literature. Furthermore, we highlight the unsolved research challenges and depict the future research directions.Comment: Accepted by IEEE Communications Surveys and Tutoiral

Spectrum sharing security and attacks in CRNs: a review

Cognitive Radio plays a major part in communication technology by resolving the shortage of the spectrum through usage of dynamic spectrum access and artificial intelligence characteristics. The element of spectrum sharing in cognitive radio is a fundament al approach in utilising free channels. Cooperatively communicating cognitive radio devices use the common control channel of the cognitive radio medium access control to achieve spectrum sharing. Thus, the common control channel and consequently spectrum sharing security are vital to ensuring security in the subsequent data communication among cognitive radio nodes. In addition to well known security problems in wireless networks, cognitive radio networks introduce new classes of security threats and challenges, such as licensed user emulation attacks in spectrum sensing and misbehaviours in the common control channel transactions, which degrade the overall network operation and performance. This review paper briefly presents the known threats and attacks in wireless networks before it looks into the concept of cognitive radio and its main functionality. The paper then mainly focuses on spectrum sharing security and its related challenges. Since spectrum sharing is enabled through usage of the common control channel, more attention is paid to the security of the common control channel by looking into its security threats as well as protection and detection mechanisms. Finally, the pros and cons as well as the comparisons of different CR - specific security mechanisms are presented with some open research issues and challenges

Secure MAC protocols for cognitive radio networks

A thesis submitted in partial fulfilment for the degree of Doctor of PhilosophyWith the rapid increase in wireless devices, an effective improvement in the demand of efficient spectrum utilisation for gaining better connectivity is needed. Cognitive Radio (CR) is an emerging technology that exploits the inefficient utilisation of the unused spectrum dynamically. Since spectrum sharing is responsible for coordinating channels’ access for Cognitive Users (CUs), the Common Control Channel (CCC) is one of the existing methods used to exchange the control information between CUs. However, the unique characteristics and parameters of Cognitive Radio Networks (CRNs) present several possible threats targeting spectrum sensing, spectrum management, spectrum sharing, and spectrum mobility leading to the deterioration of the network performance. Thus, protection and detection security mechanisms are essential to maintaining the CRNs. This thesis presents a novel decentralised CR MAC protocol that successfully utilises the unused portion of the licensed band. The protocol achieves improved performance; communication time and throughput when compared to two benchmark protocols. Less communication time and higher throughput are accomplished by the protocol due to performing fast switching to the selected available data channel for initiating data transmission. The proposed protocol is then extended to two different versions based on two authentication approaches applied to it; one using Digital Signature and another is based on Shared-Key. The two proposed secure protocols address the security requirements in CRNs leading to subsequent secure communication among CUs. The protocols function effectively in providing defence against several attacks related to the MAC layer such as; Spectrum Sensing Data Manipulation/Falsification, Data Tempering and Modification, Jamming attacks, Eavesdropping, Forgery and Fake control information attacks, MAC address spoofing, and unauthorised access attacks. The associated security algorithms ensure the successful secure communication between CUs in a cooperative approach. Moreover, the security protocols are investigated and analysed in terms of security flows by launching unauthorised access and modification attacks on the transmitted information. The testing results demonstrated that two protocols perform successful detection of threats and ensure secure communication in CRNs

When Attackers Meet AI: Learning-empowered Attacks in Cooperative Spectrum Sensing

Defense strategies have been well studied to combat Byzantine attacks that aim to disrupt cooperative spectrum sensing by sending falsified versions of spectrum sensing data to a fusion center. However, existing studies usually assume network or attackers as passive entities, e.g., assuming the prior knowledge of attacks is known or fixed. In practice, attackers can actively adopt arbitrary behaviors and avoid pre-assumed patterns or assumptions used by defense strategies. In this paper, we revisit this security vulnerability as an adversarial machine learning problem and propose a novel learning-empowered attack framework named Learning-Evaluation-Beating (LEB) to mislead the fusion center. Based on the black-box nature of the fusion center in cooperative spectrum sensing, our new perspective is to make the adversarial use of machine learning to construct a surrogate model of the fusion center's decision model. We propose a generic algorithm to create malicious sensing data using this surrogate model. Our real-world experiments show that the LEB attack is effective to beat a wide range of existing defense strategies with an up to 82% of success ratio. Given the gap between the proposed LEB attack and existing defenses, we introduce a non-invasive method named as influence-limiting defense, which can coexist with existing defenses to defend against LEB attack or other similar attacks. We show that this defense is highly effective and reduces the overall disruption ratio of LEB attack by up to 80%

A Secure Cooperative Sensing Protocol for Cognitive Radio Networks

Cognitive radio networks sense spectrum occupancy and manage themselves to operate in unused bands without disturbing licensed users. Spectrum sensing is more accurate if jointly performed by several reliable nodes. Even though cooperative sensing is an active area of research, the secure authentication of local sensing reports remains unsolved, thus empowering false results. This paper presents a distributed protocol based on digital signatures and hash functions, and an analysis of its security features. The system allows determining a final sensing decision from multiple sources in a quick and secure way.Las redes de radio cognitiva detectora de espectro se las arreglan para operar en las nuevas bandas sin molestar a los usuarios con licencia. La detección de espectro es más precisa si el conjunto está realizado por varios nodos fiables. Aunque la detección cooperativa es un área activa de investigación, la autenticación segura de informes locales de detección no ha sido resuelta, por lo tanto se pueden dar resultados falsos. Este trabajo presenta un protocolo distribuido basado en firmas digitales y en funciones hash, y un análisis de sus características de seguridad. El sistema permite determinar una decisión final de detección de múltiples fuentes de una manera rápida y segura.Les xarxes de ràdio cognitiva detectora d'espectre se les arreglen per operar en les noves bandes sense destorbar els usuaris amb llicència. La detecció d'espectre és més precisa si el conjunt està realitzat per diversos nodes fiables. Encara que la detecció cooperativa és una àrea activa d'investigació, l'autenticació segura d'informes locals de detecció no ha estat resolta, per tant es poden donar resultats falsos. Aquest treball presenta un protocol distribuït basat en signatures digitals i en funcions hash, i una anàlisi de les seves característiques de seguretat. El sistema permet determinar una decisió final de detecció de múltiples fonts d'una manera ràpida i segura

Block Outlier Methods for Malicious User Detection in Cooperative Spectrum Sensing

Block outlier detection methods, based on Tietjen-Moore (TM) and Shapiro-Wilk (SW) tests, are proposed to detect and suppress spectrum sensing data falsification (SSDF) attacks by malicious users in cooperative spectrum sensing. First, we consider basic and statistical SSDF attacks, where the malicious users attack independently. Then we propose a new SSDF attack, which involves cooperation among malicious users by masking. In practice, the number of malicious users is unknown. Thus, it is necessary to estimate the number of malicious users, which is found using clustering and largest gap method. However, we show using Monte Carlo simulations that, these methods fail to estimate the exact number of malicious users when they cooperate. To overcome this, we propose a modified largest gap method.Comment: Accepted in Proceedings of 79th IEEE Vehicular Technology Conference-Spring (VTC-Spring), May 2014, Seoul, South Kore

Physical-Layer Security with Multiuser Scheduling in Cognitive Radio Networks

In this paper, we consider a cognitive radio network that consists of one cognitive base station (CBS) and multiple cognitive users (CUs) in the presence of multiple eavesdroppers, where CUs transmit their data packets to CBS under a primary user's quality of service (QoS) constraint while the eavesdroppers attempt to intercept the cognitive transmissions from CUs to CBS. We investigate the physical-layer security against eavesdropping attacks in the cognitive radio network and propose the user scheduling scheme to achieve multiuser diversity for improving the security level of cognitive transmissions with a primary QoS constraint. Specifically, a cognitive user (CU) that satisfies the primary QoS requirement and maximizes the achievable secrecy rate of cognitive transmissions is scheduled to transmit its data packet. For the comparison purpose, we also examine the traditional multiuser scheduling and the artificial noise schemes. We analyze the achievable secrecy rate and intercept probability of the traditional and proposed multiuser scheduling schemes as well as the artificial noise scheme in Rayleigh fading environments. Numerical results show that given a primary QoS constraint, the proposed multiuser scheduling scheme generally outperforms the traditional multiuser scheduling and the artificial noise schemes in terms of the achievable secrecy rate and intercept probability. In addition, we derive the diversity order of the proposed multiuser scheduling scheme through an asymptotic intercept probability analysis and prove that the full diversity is obtained by using the proposed multiuser scheduling.Comment: 12 pages. IEEE Transactions on Communications, 201