Spectrum sharing security and attacks in CRNs: a review

Cognitive Radio plays a major part in communication technology by resolving the shortage of the spectrum through usage of dynamic spectrum access and artificial intelligence characteristics. The element of spectrum sharing in cognitive radio is a fundament al approach in utilising free channels. Cooperatively communicating cognitive radio devices use the common control channel of the cognitive radio medium access control to achieve spectrum sharing. Thus, the common control channel and consequently spectrum sharing security are vital to ensuring security in the subsequent data communication among cognitive radio nodes. In addition to well known security problems in wireless networks, cognitive radio networks introduce new classes of security threats and challenges, such as licensed user emulation attacks in spectrum sensing and misbehaviours in the common control channel transactions, which degrade the overall network operation and performance. This review paper briefly presents the known threats and attacks in wireless networks before it looks into the concept of cognitive radio and its main functionality. The paper then mainly focuses on spectrum sharing security and its related challenges. Since spectrum sharing is enabled through usage of the common control channel, more attention is paid to the security of the common control channel by looking into its security threats as well as protection and detection mechanisms. Finally, the pros and cons as well as the comparisons of different CR - specific security mechanisms are presented with some open research issues and challenges

Ciberseguridad en las redes móviles de telecomunicaciones y su gestión de riesgos

The 3.5G and 4G network technology are currently the most used in Colombia, given the great deployment that Internet service providers have made, which represents a security challenge with respect to the different attacks on these networks. The interception of data with "Man in the middle attacks" (MiTM) and denial of service - DoS (in the smartphone or in the mobile network) are very feasible. In this article of applied research, some risk and security vulnerabilities in mobile networks and their possibility of exploitation, as well as the general recommendations for risk reduction. To achieve the above, an investigation of different vulnerabilities in these telecommunications networks was carried out, a risk map was made, in order to visualize the possible impacts, then, a technical test was run to capture traffic with the MiTM attack (which was successful), and as a final result, deliver recommendations in the event that they can execute cyber-attacks.La tecnología de redes 3.5G y 4G son actualmente las más usadas en Colombia, dado el gran despliegue que han realizado los proveedores de servicios de Internet, lo que supone un reto de seguridad con respecto a los diferentes ataques a dichas redes. La interceptación de datos a través de ataques de tipo hombre en el medio- MiTM y la negación de servicio – DoS (en el smartphone o en la red móvil) son muy factibles. En este artículo de investigación aplicada, se muestran algunas vulnerabilidades de seguridad en las redes móviles, los riesgos que esto tiene y su posibilidad de explotación, así como las recomendaciones generales para la reducción de dichos riesgos. Para lograr lo anterior, se realizó una investigación de diferentes vulnerabilidades en estas redes de telecomunicaciones, se realizó un mapa de riesgos con el fin de visualizar los posibles impactos, seguidamente, se realizó una prueba técnica que consolida un ataque MitM con una captura de tráfico, siendo exitoso dicho ataque y finalmente, se entregan recomendaciones de seguridad en el caso que lo logren ejecutar ciberataques

GSM Security Issues

Import 05/08/2014Globální systém pro mobilní komunikaci (GSM) je v současnosti celosvětově nejrozšířenějším telekomunikačním systémem s více než 7 miliardami uživatelů. Tato diplomová práce se zabývá problematikou zabezpečení komunikace na rádiovém rozhraní systému GSM. Práce nejprve analyzuje bezpečnostní rizika v systému GSM, a popisuje již realizované a publikované útoky vůči tomuto systému. Na základě těchto poznatků je následně prakticky provedena realizace útoků vůči autentizačním a šifrovacím mechanismům sítě GSM, za využití volně dostupného software a hardware v podobě softwarově programovatelného rádia USRP (Universal Software Radio Peripheral) a DVB-T (Digital Video Broadcasting-Terrestrial) přijímače.Global System for Mobile communication (GSM) is actually the most wordldwide used telecommunication system serving over 7 billion users. This master thesis points out security weaknesses in the radio interface of GSM. These weaknesses are analyzed and afterwards already realized attacks against GSM are described. Using open-source software and available hardware – USRP (Universal Software Radio Peripheral), DVB-T (Digital Video Broadcasting – Terrestrial) receiver are realized several attacks against authentication and ciphering mechanisms in GSM.440 - Katedra telekomunikační technikyvýborn

Secure MAC protocols for cognitive radio networks

A thesis submitted in partial fulfilment for the degree of Doctor of PhilosophyWith the rapid increase in wireless devices, an effective improvement in the demand of efficient spectrum utilisation for gaining better connectivity is needed. Cognitive Radio (CR) is an emerging technology that exploits the inefficient utilisation of the unused spectrum dynamically. Since spectrum sharing is responsible for coordinating channels’ access for Cognitive Users (CUs), the Common Control Channel (CCC) is one of the existing methods used to exchange the control information between CUs. However, the unique characteristics and parameters of Cognitive Radio Networks (CRNs) present several possible threats targeting spectrum sensing, spectrum management, spectrum sharing, and spectrum mobility leading to the deterioration of the network performance. Thus, protection and detection security mechanisms are essential to maintaining the CRNs. This thesis presents a novel decentralised CR MAC protocol that successfully utilises the unused portion of the licensed band. The protocol achieves improved performance; communication time and throughput when compared to two benchmark protocols. Less communication time and higher throughput are accomplished by the protocol due to performing fast switching to the selected available data channel for initiating data transmission. The proposed protocol is then extended to two different versions based on two authentication approaches applied to it; one using Digital Signature and another is based on Shared-Key. The two proposed secure protocols address the security requirements in CRNs leading to subsequent secure communication among CUs. The protocols function effectively in providing defence against several attacks related to the MAC layer such as; Spectrum Sensing Data Manipulation/Falsification, Data Tempering and Modification, Jamming attacks, Eavesdropping, Forgery and Fake control information attacks, MAC address spoofing, and unauthorised access attacks. The associated security algorithms ensure the successful secure communication between CUs in a cooperative approach. Moreover, the security protocols are investigated and analysed in terms of security flows by launching unauthorised access and modification attacks on the transmitted information. The testing results demonstrated that two protocols perform successful detection of threats and ensure secure communication in CRNs

Base Station Security Experiments Using USRP

With a coverage of over 90% of the world's population, the cellular technology standard, GSM, is used by millions all over the world every day. The standard is known to have several security weaknesses. One of the weaknesses is that there is no authentication of the network. IMSI-catchers exploit this weakness to perform various attacks. The largest Norwegian newspaper, Aftenposten, searched for IMSI-catchers in Oslo in December 2014. The newspaper used two different methods in the search. The conclusion of Aftenposten was that they ''most likely'' found several IMSI-catchers in Oslo. In this thesis, IMSI-catchers are studied. An IMSI-catcher is built and configured with an USRP and OpenBTS. Two attacks were performed in an experiment with the IMSI-catcher. The first attack presented is a DoS attack aimed at subscribers of specific operators. The other attack presented is a selective jamming attack, aimed at a specific subscriber. In both the attacks, IMSIs were caught. Both types of attacks were successful. It was found that the effectiveness of the IMSI-catcher depends on the signal strength from the nearby base stations. The experiments indicate that for the proposed IMSI-catcher to be effective, it should be operating and be in the vicinity of the targeted cellphones for several minutes. Additionally, the investigations made by Aftenposten are analyzed and discussed in this thesis. A technical analysis is performed on all the data Aftenposten acquired in Oslo in December 2014 and the major anomalies found by Aftenposten are discussed in details. From the analysis, it was found that it is possible that Aftenposten observed at least one IMSI-catcher during the investigations. The first articles published by Aftenposten in December 2014 were likely based on misinterpretations of the data the newspaper acquired. It was also discovered a possible bug in the measuring equipment used by Aftenposten. Some of the anomalies discovered by Aftenposten might have been due to misconfigurations of the networks in Oslo