Contributions to the security of cognitive radio networks

The increasing emergence of wireless applications along with the static spectrum allocation followed by regulatory bodies has led to a high inefficiency in spectrum usage, and the lack of spectrum for new services. In this context, Cognitive Radio (CR) technology has been proposed as a possible solution to reuse the spectrum being underutilized by licensed services. CRs are intelligent devices capable of sensing the medium and identifying those portions of the spectrum being unused. Based on their current perception of the environment and on that learned from past experiences, they can optimally tune themselves with regard to parameters such as frequency, coding and modulation, among others. Due to such properties, Cognitive Radio Networks (CRNs) can act as secondary users of the spectrum left unused by their legal owners or primary users, under the requirement of not interfering primary communications. The successful deployment of these networks relies on the proper design of mechanisms in order to efficiently detect spectrum holes, adapt to changing environment conditions and manage the available spectrum. Furthermore, the need for addressing security issues is evidenced by two facts. First, as for any other type of wireless network, the air is used as communications medium and can easily be accessed by attackers. On the other hand, the particular attributes of CRNs offer new opportunities to malicious users, ranging from providing wrong information on the radio environment to disrupting the cognitive mechanisms, which could severely undermine the operation of these networks. In this Ph.D thesis we have approached the challenge of securing Cognitive Radio Networks. Because CR technology is still evolving, to achieve this goal involves not only providing countermeasures for existing attacks but also to identify new potential threats and evaluate their impact on CRNs performance. The main contributions of this thesis can be summarized as follows. First, a critical study on the State of the Art in this area is presented. A qualitative analysis of those threats to CRNs already identified in the literature is provided, and the efficacy of existing countermeasures is discussed. Based on this work, a set of guidelines are designed in order to design a detection system for the main threats to CRNs. Besides, a high level description of the components of this system is provided, being it the second contribution of this thesis. The third contribution is the proposal of a new cross-layer attack to the Transmission Control Protocol (TCP) in CRNs. An analytical model of the impact of this attack on the throughput of TCP connections is derived, and a set of countermeasures in order to detect and mitigate the effect of such attack are proposed. One of the main threats to CRNs is the Primary User Emulation (PUE) attack. This attack prevents CRNs from using available portions of the spectrum and can even lead to a Denial of Service (DoS). In the fourth contribution of this the method is proposed in order to deal with such attack. The method relies on a set of time measures provided by the members of the network and allows estimating the position of an emitter. This estimation is then used to determine the legitimacy of a given transmission and detect PUE attacks. Cooperative methods are prone to be disrupted by malicious nodes reporting false data. This problem is addressed, in the context of cooperative location, in the fifth and last contribution of this thesis. A method based on Least Median Squares (LMS) fitting is proposed in order to detect forged measures and make the location process robust to them. The efficiency and accuracy of the proposed methodologies are demonstrated by means of simulation

A Survey on the Communication Protocols and Security in Cognitive Radio Networks

A cognitive radio (CR) is a radio that can change its transmission parameters based on the perceived availability of the spectrum bands in its operating environment. CRs support dynamic spectrum access and can facilitate a secondary unlicensed user to efficiently utilize the available underutilized spectrum allocated to the primary licensed users. A cognitive radio network (CRN) is composed of both the secondary users with CR-enabled radios and the primary users whose radios need not be CR-enabled. Most of the active research conducted in the area of CRNs has been so far focused on spectrum sensing, allocation and sharing. There is no comprehensive review paper available on the strategies for medium access control (MAC), routing and transport layer protocols, and the appropriate representative solutions for CRNs. In this paper, we provide an exhaustive analysis of the various techniques/mechanisms that have been proposed in the literature for communication protocols (at the MAC, routing and transport layers), in the context of a CRN, as well as discuss in detail several security attacks that could be launched on CRNs and the countermeasure solutions that have been proposed to avoid or mitigate them. This paper would serve as a good comprehensive review and analysis of the strategies for MAC, routing and transport protocols and security issues for CRNs as well as would lay a strong foundation for someone to further delve onto any particular aspect in greater depth

Synoptic analysis techniques for intrusion detection in wireless networks

Current system administrators are missing intrusion alerts hidden by large numbers of false positives. Rather than accumulation more data to identify true alerts, we propose an intrusion detection tool that e?ectively uses select data to provide a picture of ?network health?. Our hypothesis is that by utilizing the data available at both the node and cooperative network levels we can create a synoptic picture of the network providing indications of many intrusions or other network issues. Our major contribution is to provide a revolutionary way to analyze node and network data for patterns, dependence, and e?ects that indicate network issues. We collect node and network data, combine and manipulate it, and tease out information about the state of the network. We present a method based on utilizing the number of packets sent, number of packets received, node reliability, route reliability, and entropy to develop a synoptic picture of the network health in the presence of a sinkhole and a HELLO Flood attacker. This method conserves network throughput and node energy by requiring no additional control messages to be sent between the nodes unless an attacker is suspected. We intend to show that, although the concept of an intrusion detection system is not revolutionary, the method in which we analyze the data for clues about network intrusion and performance is highly innovative

Trust-based mechanisms for secure communication in cognitive radio networks

Cognitive radio (CR) technology was introduced to solve the problem of spectrum scarcity to support the growth of wireless communication. However, the inherent properties of CR technology make such networks more vulnerable to attacks. This thesis is an effort to develop a trust-based framework to ensure secure communication in CRN by authenticating trustworthy nodes to share spectrum securely and increasing system's availability and reliability by selecting the trustworthy key nodes in CRNs

A Hierarchical Structure towards Securing Data Transmission in Cognitive Radio Networks

Cognitive Radio (CR) technology is considered as a promising technology to overcome spectrum scarcity problem in wireless networks, by sharing the spectrum between both unlicensed users (secondary users, (SUs)) and licensed users (primary users, (PUs)), provided that the SUs respect the PUs’ rights to use the spectrum exclusively. An important technical area in cognitive radio networks (CRNs) is wireless security. A secure CRN must meet different security requirements, which are: confidentiality, integrity, availability and authentication. Data confidentiality is a mandatory requirement in cognitive radio networks, generally to maintain the privacy of the data owner (PU or SU). Integrity means that data is transmitted from the source to the destination without alteration. While availability is to release the channels assigned to one SU as soon as a PU wants to use its spectrum. Authentication in CRN means that each node has to authenticate itself before it can use the available spectrum channels. New classes of security threats and challenges in CRNs have been introduced that target the different layers of OSI model and affect the security requirements. Providing strong security may prove to be the most difficult aspect of making CR a long-term commercially-viable concept. Protection of routes used for data transmission is a critical prerequisite to ensure the robustness of iv the routing process. Therefore, route discovery must be done in such a way that lets each node find the best secure path(s) for its data transmission. In this work, network security of CRN is improved through proposing different models that are built to fulfil the security requirements mentioned above. Improving the network security enhances the network performance, taking into consideration the quality of service (QoS) desired by the different network nodes such as bandwidth and time delay. This work aims to combine the spectrum sensing phase and the spectrum management phase, as well as to detect all the adversary nodes that slow down the network performance by selectively holding and not forwarding packets to their next hop(s). We measure the network node’s reliability for using network resources through a value called belief level (BL), which is considered as the main parameter for our entire work. BL is used to monitor the nodes’ behavior during the spectrum sensing phase, and then it is used to form the best path(s) during the spectrum management phase. Particularly, this work follows a hierarchical structure that has three different layers. At the bottom layer, a novel authentication mechanism is developed to fulfil the authentication and the availability security requirements, which ends assigning a belief level (BL) to each node. At the middle layer, the nodes’ behavior during the spectrum sensing phase is monitored to detect all the adversary node(s). Finally, at the top layer, a novel routing algorithm is proposed that uses the nodes’ security (BL) as a routing metric. SUs collaborate with each other to monitor other nodes’ behavior. Users’ data confidentiality and integrity are satisfied through this hierarchical structure that uses the cluster-based, central authority, and nodes collaboration concepts. By doing so, the traffic carried in the CRN is secured and adversary nodes are detected and penalized

Um esquema para análise multicritério e cooperativa da presença de ataques EUP em redes ad hoc de rádio cognitivo

Resumo: O uso ineficiente do espectro de radiofrequências e a alta proliferação de dispositivos móveis motivaram o desenvolvimento da tecnologia de rádio cognitivo (RC). Esta permite um melhor aproveitamento do espectro de radiofrequências e tem promovido o surgimento das redes ad hoc de rádio cognitivo (CRAHNs, do inglês, Cognitive Radio Ad Hoc Networks). Nestas redes dois tipos de usuários compartilham o espectro: o usuário primário (UP) e o usuário secundário (US). O usuário primário possui licença para usar as bandas de frequência e tem prioridade para acessá-las; enquanto os usuários secundários não possuem licenças, mas utilizam estas bandas quando elas estiverem ociosas. Apesar das vantagens da tecnologia RC, o aproveitamento das frequências ociosas pode ser altamente comprometido por ataques de Emulação de Usuário Primário (EUP). Um ataque EUP é gerado por um usuário secundário, malicioso ou egoísta, que emula o comportamento e as características dos usuários primários legítimos a fim de ganhar prioridade no uso do espectro de radiofrequências. Os esquemas propostos na literatura para a análise, detecção ou mitigação dos ataques EUPs seguem arquiteturas de redes centralizadas ou distribuídas, além de exibir abordagens cooperativas ou não-cooperativas. Porém, esses esquemas realizam uma análise considerando um único critério para avaliar a presença de ataques na rede, resultando em altas taxas de falsos positivos. A fim de prover uma análise mais sofisticada e eficiente, este trabalho propõe IMCA, um esquema para análise Multicritério e Cooperativa da presença de Ataques EUP em redes ad hoc de rádio cognitivo. Este esquema segue uma abordagem descentralizada e cooperativa em que cada US realiza duas fases para determinar a probabilidade da presença de ataque EUP. A primeira fase consiste no sensoreamento e na análise dos valores de múltiplos critérios; e a segunda fase consiste na troca de informações entre vizinhos, seguida da análise das informações trocadas através do teorema de Bayes. O esquema IMCA foi implementado no simulador de rede, Network Simulator (NS), versão 2.31 e avaliado. Os resultados mostram que o esquema apresenta uma superioridade de até 25% comparado com um esquema monocritério não-cooperativo, quando executada apenas a primeira fase, e uma eficácia de até 77% na determinação da probabilidade da presença de ataques EUP, quando aplicadas as duas fases do esquema

Novel Approaches for the Performance Enhancement of Cognitive Radio Networks

This research is dedicated to the study of the challenges faced by Cognitive Radio (CR) networks, which include self-coexistence of the networks in the spectral environment, security and performance threats from malicious entities, and fairness in spectrum contention and utilization. We propose novel channel acquisition schemes that allow decentralized CR networks to have multiple channel access with minimal spectrum contentions. The multiple channel acquisition schemes facilitate fast spectrum access especially in cases where networks cannot communicate with each other. These schemes enable CR networks to self-organize and adapt to the dynamically changing spectral environment. We also present a self-coexistence mechanism that allows CR networks to coexist via the implementation of a risk-motivated channel selection based deference structure (DS). By forming DS coalitions, CR networks are able to have better access to preferred channels and can defer transmission to one another, thereby mitigating spectrum conflicts. CR networks are also known to be susceptible to Sybil threats from smart malicious radios with either monopolistic or disruptive intentions. We formulate novel threat and defense mechanisms to combat Sybil threats and minimize their impact on the performance of CR networks. A dynamic reputation system is proposed that considerably minimizes the effectiveness of intelligent Sybil attacks and improves the accuracy of spectrum-based decision-making processes. Finally, we present a distributed and cheat-proof spectrum contention protocol as an enhancement of the adaptive On-Demand Spectrum Contention (ODSC) protocol. The Modified On-Demand Spectrum Contention (MODSC) protocol enhances fairness and efficiency of spectrum access. We also show that there is substantial improvement in spectrum utilization with the incorporation of channel reuse into the MODSC protocol

Short-Range Cooperation of Mobile Devices for Energy-Efficient Vertical Handovers

The availability of multiple collocated wireless networks using heterogeneous technologies and the multiaccess support of contemporary mobile devices have allowed wireless connectivity optimization, enabled through vertical handover (VHO) operations. However, this comes at high energy consumption on the mobile device due to the inherently expensive nature of some of the involved operations. This work proposes exploiting short-range cooperation among collocated mobile devices to improve the energy efficiency of vertical handover operations. The proactive exchange of handover-related information through low-energy short-range communication technologies, like Bluetooth, can help in eliminating expensive signaling steps when the need for a VHO arises. A model is developed for capturing the mean energy expenditure of such an optimized VHO scheme in terms of relevant factors by means of closed-form expressions. The descriptive power of the model is demonstrated by investigating various typical usage scenarios and is validated through simulations. It is shown that the proposed scheme has superior performance in several realistic usage scenarios considering important relevant factors, including network availability, the local density of mobile devices, and the range of the cooperation technology. Finally, the paper explores cost/benefit trade-offs associated with the short-range cooperation protocol. It is demonstrated that the protocol may be parametrized so that the trade-off becomes nearly optimized and the cost is maintained affordable for a wide range of operational scenarios