Synoptic analysis techniques for intrusion detection in wireless networks

Current system administrators are missing intrusion alerts hidden by large numbers of false positives. Rather than accumulation more data to identify true alerts, we propose an intrusion detection tool that e?ectively uses select data to provide a picture of ?network health?. Our hypothesis is that by utilizing the data available at both the node and cooperative network levels we can create a synoptic picture of the network providing indications of many intrusions or other network issues. Our major contribution is to provide a revolutionary way to analyze node and network data for patterns, dependence, and e?ects that indicate network issues. We collect node and network data, combine and manipulate it, and tease out information about the state of the network. We present a method based on utilizing the number of packets sent, number of packets received, node reliability, route reliability, and entropy to develop a synoptic picture of the network health in the presence of a sinkhole and a HELLO Flood attacker. This method conserves network throughput and node energy by requiring no additional control messages to be sent between the nodes unless an attacker is suspected. We intend to show that, although the concept of an intrusion detection system is not revolutionary, the method in which we analyze the data for clues about network intrusion and performance is highly innovative

Identification as a deterrent for security enhancement in cognitive radio networks

Cognitive Radio Networks (CRNs) are prone to emerging coexistence security threats such as Primary User Emulation Attack (PUEA). Specifically, a malicious CRN may mimic licensees’ (Primary Users (PUs)) signal characteristics to force another CRN to vacate its channels thinking that PUs have returned. While existing schemes are promising to some extent on detecting PUEAs, they are not able to prevent the attacks. In this article, we propose a PUEA Deterrent (PUED) algorithm that can provide PUEAs' commission details: offender CRNs and attacks’ time and bandwidth. There are many similarities between PUED and Closed-Circuit Television (CCTV) in terms of: deterrence strategy, reason for use, surveillance characteristics, surveillance outcome, and operation site. According to the criminology literature, robust CCTV systems have shown a significant reduction in visible offences (e.g. vehicle theft), reducing crime rates by 80%. Similarly, PUED will contribute the same effectiveness in deterring PUEAs. Furthermore, providing PUEAs’ details will prevent the network’s cognitive engine from considering the attacks as real PUs, consequently avoiding devising unreliable spectrum models for the attacked channels. Extensive simulations show the effectiveness of the PUED algorithm in terms of improving CRNs’ performance

A Hierarchical Structure towards Securing Data Transmission in Cognitive Radio Networks

Cognitive Radio (CR) technology is considered as a promising technology to overcome spectrum scarcity problem in wireless networks, by sharing the spectrum between both unlicensed users (secondary users, (SUs)) and licensed users (primary users, (PUs)), provided that the SUs respect the PUs’ rights to use the spectrum exclusively. An important technical area in cognitive radio networks (CRNs) is wireless security. A secure CRN must meet different security requirements, which are: confidentiality, integrity, availability and authentication. Data confidentiality is a mandatory requirement in cognitive radio networks, generally to maintain the privacy of the data owner (PU or SU). Integrity means that data is transmitted from the source to the destination without alteration. While availability is to release the channels assigned to one SU as soon as a PU wants to use its spectrum. Authentication in CRN means that each node has to authenticate itself before it can use the available spectrum channels. New classes of security threats and challenges in CRNs have been introduced that target the different layers of OSI model and affect the security requirements. Providing strong security may prove to be the most difficult aspect of making CR a long-term commercially-viable concept. Protection of routes used for data transmission is a critical prerequisite to ensure the robustness of iv the routing process. Therefore, route discovery must be done in such a way that lets each node find the best secure path(s) for its data transmission. In this work, network security of CRN is improved through proposing different models that are built to fulfil the security requirements mentioned above. Improving the network security enhances the network performance, taking into consideration the quality of service (QoS) desired by the different network nodes such as bandwidth and time delay. This work aims to combine the spectrum sensing phase and the spectrum management phase, as well as to detect all the adversary nodes that slow down the network performance by selectively holding and not forwarding packets to their next hop(s). We measure the network node’s reliability for using network resources through a value called belief level (BL), which is considered as the main parameter for our entire work. BL is used to monitor the nodes’ behavior during the spectrum sensing phase, and then it is used to form the best path(s) during the spectrum management phase. Particularly, this work follows a hierarchical structure that has three different layers. At the bottom layer, a novel authentication mechanism is developed to fulfil the authentication and the availability security requirements, which ends assigning a belief level (BL) to each node. At the middle layer, the nodes’ behavior during the spectrum sensing phase is monitored to detect all the adversary node(s). Finally, at the top layer, a novel routing algorithm is proposed that uses the nodes’ security (BL) as a routing metric. SUs collaborate with each other to monitor other nodes’ behavior. Users’ data confidentiality and integrity are satisfied through this hierarchical structure that uses the cluster-based, central authority, and nodes collaboration concepts. By doing so, the traffic carried in the CRN is secured and adversary nodes are detected and penalized

On robust and secure wireless communication system design using software-defined radios

This dissertation is composed of three parts: airborne multi input multi output (MIMO) communications, physical layer authentication, and software radio design for DARPA Spectrum Challenge. A common theme for the three distinct problems is the system perspective that we have adopted throughout this dissertation. Instead of considering isolated issues within these problems, we have provided a holistic design approach to the three problems and have implemented all three systems using the GNU Radio/USRP (Universal Software Radio Peripheral) platform. In the first part, we develop a MIMO communication system for airborne platforms. MIMO communication has long been considered to be suitable only for environment that is rich in scatterers. This, unfortunately is not the case for airborne platforms. However, this lack of scattering can be compensated by the large aperture of the airborne MIMO platform; this is corroborated by our careful analysis using real measurement data. Our analysis of the airborne MIMO channels leads to the development of a variable rate MIMO transceiver architecture. This architecture is numerically shown to improve the bit error rate (BER) over conventional transceiver architectures that are developed for rich scattering environments. A software radio based MIMO system is then implemented to demonstrate experimentally the efficacy of the developed architecture. In the second part, we develop a physical layer authentication scheme as a counter measure to primary user emulation attack (PUEA) in cognitive radio (CR) networks. In this attack, a malicious user emulates the signal characteristics of the primary user (PU) when it is silent which prevents unsuspecting secondary user (SU) from utilizing the network. The developed physical layer authentication is based on embedding cryptographic hash signatures, referred to as authentication tags, within PU\u27s signal constellations. The embedding is performed such that the legacy receivers are not affected. We analyze the scheme using the fast fading Rayleigh channel model and present an optimal scheme to embed signals in PU\u27s constellations which minimizes the tag BER. Experimental results are obtained that corroborate our theoretical claims, thereby establish that reliable authentication can be achieved without sacrificing signal quality at the primary receivers. In the final part, we describe in detail our design of software radios developed as part of the DARPA Spectrum Challenge (DSC), a year long competition that started in January 2013 and concluded in March 2014 with the final tournament held in Arlington, VA at the DARPA headquarter. DSC was comprised of two tournaments, competitive and cooperative. In the competitive mode two radio pairs, each composed of a transmitter and a receiver, are pitted against each other to transmit the most amount of data error-free while operating concurrently in the same frequency band. In the cooperative mode, three radio pairs have to share a frequency band in a cooperative manner wherein the goal is to maximize the throughput of all the three pairs. We describe the design of our software radio system that integrates some key technologies crucial in operating in an environment that does not allow user coordination and spectrum pre-planning, including: spectrum sensing, adaptive transmission both in spectrum utilization and transmission rate, opportunistic jamming, and sliding window feedback. The developed radio is robust in the presence of unknown interference and achieves the desired balance between throughput and reliability in an uncoordinated transmission environment

Modelling, Dimensioning and Optimization of 5G Communication Networks, Resources and Services

This reprint aims to collect state-of-the-art research contributions that address challenges in the emerging 5G networks design, dimensioning and optimization. Designing, dimensioning and optimization of communication networks resources and services have been an inseparable part of telecom network development. The latter must convey a large volume of traffic, providing service to traffic streams with highly differentiated requirements in terms of bit-rate and service time, required quality of service and quality of experience parameters. Such a communication infrastructure presents many important challenges, such as the study of necessary multi-layer cooperation, new protocols, performance evaluation of different network parts, low layer network design, network management and security issues, and new technologies in general, which will be discussed in this book

Towards realisation of spectrum sharing of cognitive radio networks

Cognitive radio networks (CRN) have emerged as a promising solution to spectrum shortcoming, thanks to Professor Mitola who coined Cognitive Radios. To enable efficient communications, CRNs need to avoid interference to both Primary (licensee) Users (PUs), and among themselves (called self-coexistence). In this thesis, we focus on self-coexistence issues. Very briefly, the problems are categorised into intentional and unintentional interference. Firstly, unintentional interference includes: 1) CRNs administration; 2) Overcrowded CRNs Situation; 3) Missed spectrum detection; 4) Inter-cell Interference (ICI); and 5) Inability to model Secondary Users’ (SUs) activity. In intentional interference there is Primary User Emulation Attack (PUEA). To administer CRN operations (Prob. 1), in our first contribution, we proposed CogMnet, which aims to manage the spectrum sharing of centralised networks. CogMnet divides the country into locations. It then dedicates a real-time database for each location to record CRNs’ utilisations in real time, where each database includes three storage units: Networks locations storage unit; Real-time storage unit; and Historical storage unit. To tackle Prob. 2, our second contribution is CRNAC, a network admission control algorithm that aims to calculate the maximum number of CRNs allowed in any location. CRNAC has been tested and evaluated using MATLAB. To prevent research problems 3, 4, and to tackle research problem (5), our third contribution is RCNC, a new design for an infrastructure-based CRN core. The architecture of RCNC consists of two engines: Monitor and Coordinator Engine (MNCE) and Modified Cognitive Engine (MCE). Comprehensive simulation scenarios using ICS Designer (by ATDI) have validated some of RCNC’s components. In the last contribution, to deter PUEA (the intentional interference type), we developed a PUEA Deterrent (PUED) algorithm capable of detecting PUEAs commission details. PUED must be implemented by a PUEA Identifier Component in the MNCE in RCNC after every spectrum handing off. Therefore, PUED works like a CCTV system. According to criminology, robust CCTV systems have shown a significant prevention of clear visible theft, reducing crime rates by 80%. Therefore, we believe that our algorithm will do the same. Extensive simulations using a Vienna simulator showed the effectiveness of the PUED algorithm in terms of improving CRNs’ performance

Information-Centric Design and Implementation for Underwater Acoustic Networks

Over the past decade, Underwater Acoustic Networks (UANs) have received extensive attention due to their vast benefits in academia and industry alike. However, due to the overall magnitude and harsh characteristics of underwater environments, standard wireless network techniques will fail because current technology and energy restrictions limit underwater devices due to delayed acoustic communications. To help manage these limitations we utilize Information-Centric Networking (ICN). More importantly, we look at ICN\u27s paradigm shift from traditional TCP/IP architecture to improve data handling and enhance network efficiency. By utilizing some of ICN\u27s techniques, such as data naming hierarchy, we can reevaluate each component of the network\u27s protocol stack given current underwater limitations to study the vast solutions and perspectives Information-Centric architectures can provide to UANs. First, we propose a routing strategy used to manage and route large data files in a network prone to high mobility. Therefore, due to UANs limited transmitting capability, we passively store sensed data and adaptively find the best path. Furthermore, we introduce adapted Named Data Networking (NDN) components to improve upon routing robustness and adaptiveness. Beyond naming data, we use tracers to assist in tracking stored data locations without using other excess means such as flooding. By collaborating tracer consistency with routing path awareness our protocol can adaptively manage faulty or high mobility nodes. Through this incorporation of varied NDN techniques, we are able to see notable improvements in routing efficiency. Second, we analyze the effects of Denial of Service (DoS) attacks on upper layer protocols. Since UANs are typically resource restrained, malicious users can advantageously create fake traffic to burden the already constrained network. While ICN techniques only provide basic DoS restriction we must expand our detection and restriction technique to meet the unique demands of UANs. To provide enhanced security against DoS we construct an algorithm to detect and restrict against these types of attacks while adapting to meet acoustic characteristics. To better extend this work we incorporate three node behavior techniques using probabilistic, adaptive, and predictive approaches for detecting malicious traits. Thirdly, to depict and test protocols in UANs, simulators are commonly used due to their accessibility and controlled testing aspects. For this section, we review Aqua-Sim, a discrete event-driven open-source underwater simulator. To enhance the core aspect of this simulator we first rewrite the current architecture and transition Aqua-Sim to the newest core simulator, NS-3. Following this, we clean up redundant features spread out between the various underwater layers. Additionally, we fully integrate the diverse NS-3 API within our simulator. By revamping previous code layout we are able to improve architecture modularity and child class expandability. New features are also introduced including localization and synchronization support, busy terminal problem support, multi-channel support, transmission range uncertainty modules, external noise generators, channel trace-driven support, security module, and an adapted NDN module. Additionally, we provide extended documentation to assist in user development. Simulation testing shows improved memory management and continuous validity in comparison to other underwater simulators and past iterations of Aqua-Sim