Byzantine Attack and Defense in Cognitive Radio Networks: A Survey

The Byzantine attack in cooperative spectrum sensing (CSS), also known as the spectrum sensing data falsification (SSDF) attack in the literature, is one of the key adversaries to the success of cognitive radio networks (CRNs). In the past couple of years, the research on the Byzantine attack and defense strategies has gained worldwide increasing attention. In this paper, we provide a comprehensive survey and tutorial on the recent advances in the Byzantine attack and defense for CSS in CRNs. Specifically, we first briefly present the preliminaries of CSS for general readers, including signal detection techniques, hypothesis testing, and data fusion. Second, we analyze the spear and shield relation between Byzantine attack and defense from three aspects: the vulnerability of CSS to attack, the obstacles in CSS to defense, and the games between attack and defense. Then, we propose a taxonomy of the existing Byzantine attack behaviors and elaborate on the corresponding attack parameters, which determine where, who, how, and when to launch attacks. Next, from the perspectives of homogeneous or heterogeneous scenarios, we classify the existing defense algorithms, and provide an in-depth tutorial on the state-of-the-art Byzantine defense schemes, commonly known as robust or secure CSS in the literature. Furthermore, we highlight the unsolved research challenges and depict the future research directions.Comment: Accepted by IEEE Communications Surveys and Tutoiral

A comprehensive survey of V2X cybersecurity mechanisms and future research paths

Recent advancements in vehicle-to-everything (V2X) communication have notably improved existing transport systems by enabling increased connectivity and driving autonomy levels. The remarkable benefits of V2X connectivity come inadvertently with challenges which involve security vulnerabilities and breaches. Addressing security concerns is essential for seamless and safe operation of mission-critical V2X use cases. This paper surveys current literature on V2X security and provides a systematic and comprehensive review of the most relevant security enhancements to date. An in-depth classification of V2X attacks is first performed according to key security and privacy requirements. Our methodology resumes with a taxonomy of security mechanisms based on their proactive/reactive defensive approach, which helps identify strengths and limitations of state-of-the-art countermeasures for V2X attacks. In addition, this paper delves into the potential of emerging security approaches leveraging artificial intelligence tools to meet security objectives. Promising data-driven solutions tailored to tackle security, privacy and trust issues are thoroughly discussed along with new threat vectors introduced inevitably by these enablers. The lessons learned from the detailed review of existing works are also compiled and highlighted. We conclude this survey with a structured synthesis of open challenges and future research directions to foster contributions in this prominent field.This work is supported by the H2020-INSPIRE-5Gplus project (under Grant agreement No. 871808), the ”Ministerio de Asuntos Económicos y Transformacion Digital” and the European Union-NextGenerationEU in the frameworks of the ”Plan de Recuperación, Transformación y Resiliencia” and of the ”Mecanismo de Recuperación y Resiliencia” under references TSI-063000-2021-39/40/41, and the CHIST-ERA-17-BDSI-003 FIREMAN project funded by the Spanish National Foundation (Grant PCI2019-103780).Peer ReviewedPostprint (published version

Synoptic analysis techniques for intrusion detection in wireless networks

Current system administrators are missing intrusion alerts hidden by large numbers of false positives. Rather than accumulation more data to identify true alerts, we propose an intrusion detection tool that e?ectively uses select data to provide a picture of ?network health?. Our hypothesis is that by utilizing the data available at both the node and cooperative network levels we can create a synoptic picture of the network providing indications of many intrusions or other network issues. Our major contribution is to provide a revolutionary way to analyze node and network data for patterns, dependence, and e?ects that indicate network issues. We collect node and network data, combine and manipulate it, and tease out information about the state of the network. We present a method based on utilizing the number of packets sent, number of packets received, node reliability, route reliability, and entropy to develop a synoptic picture of the network health in the presence of a sinkhole and a HELLO Flood attacker. This method conserves network throughput and node energy by requiring no additional control messages to be sent between the nodes unless an attacker is suspected. We intend to show that, although the concept of an intrusion detection system is not revolutionary, the method in which we analyze the data for clues about network intrusion and performance is highly innovative

UNION: A Trust Model Distinguishing Intentional and Unintentional Misbehavior in Inter-UAV Communication

[EN] Ensuring the desired level of security is an important issue in all communicating systems, and it becomes more challenging in wireless environments. Flying Ad Hoc Networks (FANETs) are an emerging type of mobile network that is built using energy-restricted devices. Hence, the communications interface used and that computation complexity are additional factors to consider when designing secure protocols for these networks. In the literature, various solutions have been proposed to ensure secure and reliable internode communications, and these FANET nodes are known as Unmanned Aerial Vehicles (UAVs). In general, these UAVs are often detected as malicious due to an unintentional misbehavior related to the physical features of the UAVs, the communication mediums, or the network interface. In this paper, we propose a new context-aware trust-based solution to distinguish between intentional and unintentional UAV misbehavior. The main goal is to minimize the generated error ratio while meeting the desired security levels. Our proposal simultaneously establishes the inter-UAV trust and estimates the current context in terms of UAV energy, mobility pattern, and enqueued packets, in order to ensure full context awareness in the overall honesty evaluation. In addition, based on computed trust and context metrics, we also propose a new inter-UAV packet delivery strategy. Simulations conducted using NS2.35 evidence the efficiency of our proposal, called UNION., at ensuring high detection ratios > 87% and high accuracy with reduced end-to-end delay, clearly outperforming previous proposals known as RPM, T-CLAIDS, and CATrust.This research is partially supported by the United Arab Emirates University (UAEU) under Grant no. 31T065.Barka, E.; Kerrache, CA.; Lagraa, N.; Lakas, A.; Tavares De Araujo Cesariny Calafate, CM.; Cano, J. (2018). UNION: A Trust Model Distinguishing Intentional and Unintentional Misbehavior in Inter-UAV Communication. Journal of Advanced Transportation. 1-12. https://doi.org/10.1155/2018/7475357S112Ghazzai, H., Ben Ghorbel, M., Kadri, A., Hossain, M. J., & Menouar, H. (2017). Energy-Efficient Management of Unmanned Aerial Vehicles for Underlay Cognitive Radio Systems. IEEE Transactions on Green Communications and Networking, 1(4), 434-443. doi:10.1109/tgcn.2017.2750721Sharma, V., & Kumar, R. (2016). Cooperative frameworks and network models for flying ad hoc networks: a survey. Concurrency and Computation: Practice and Experience, 29(4), e3931. doi:10.1002/cpe.3931Sun, J., Wang, W., Kou, L., Lin, Y., Zhang, L., Da, Q., & Chen, L. (2017). A data authentication scheme for UAV ad hoc network communication. The Journal of Supercomputing, 76(6), 4041-4056. doi:10.1007/s11227-017-2179-3He, D., Chan, S., & Guizani, M. (2017). Drone-Assisted Public Safety Networks: The Security Aspect. IEEE Communications Magazine, 55(8), 218-223. doi:10.1109/mcom.2017.1600799cmSeong-Woo Kim, & Seung-Woo Seo. (2012). Cooperative Unmanned Autonomous Vehicle Control for Spatially Secure Group Communications. IEEE Journal on Selected Areas in Communications, 30(5), 870-882. doi:10.1109/jsac.2012.120604Singh, A., Maheshwari, M., Nikhil, & Kumar, N. (2011). Security and Trust Management in MANET. Communications in Computer and Information Science, 384-387. doi:10.1007/978-3-642-20573-6_67Kerrache, C. A., Calafate, C. T., Cano, J.-C., Lagraa, N., & Manzoni, P. (2016). Trust Management for Vehicular Networks: An Adversary-Oriented Overview. IEEE Access, 4, 9293-9307. doi:10.1109/access.2016.2645452Li, W., & Song, H. (2016). ART: An Attack-Resistant Trust Management Scheme for Securing Vehicular Ad Hoc Networks. IEEE Transactions on Intelligent Transportation Systems, 17(4), 960-969. doi:10.1109/tits.2015.2494017Raghunathan, V., Schurgers, C., Sung Park, & Srivastava, M. B. (2002). Energy-aware wireless microsensor networks. IEEE Signal Processing Magazine, 19(2), 40-50. doi:10.1109/79.985679Feeney, L. M. (2001). Mobile Networks and Applications, 6(3), 239-249. doi:10.1023/a:1011474616255De Rango, F., Guerriero, F., & Fazio, P. (2012). Link-Stability and Energy Aware Routing Protocol in Distributed Wireless Networks. IEEE Transactions on Parallel and Distributed Systems, 23(4), 713-726. doi:10.1109/tpds.2010.160Hyytia, E., Lassila, P., & Virtamo, J. (2006). Spatial node distribution of the random waypoint mobility model with applications. IEEE Transactions on Mobile Computing, 5(6), 680-694. doi:10.1109/tmc.2006.86Wang, Y., Chen, I.-R., Cho, J.-H., Swami, A., Lu, Y.-C., Lu, C.-T., & Tsai, J. J. P. (2018). CATrust: Context-Aware Trust Management for Service-Oriented Ad Hoc Networks. IEEE Transactions on Services Computing, 11(6), 908-921. doi:10.1109/tsc.2016.2587259Kumar, N., & Chilamkurti, N. (2014). Collaborative trust aware intelligent intrusion detection in VANETs. Computers & Electrical Engineering, 40(6), 1981-1996. doi:10.1016/j.compeleceng.2014.01.00

Cyber-Physical Security Strategies

Cyber-physical security describes the protection of systems with close relationships between computational functions and physical ones and addresses the issue of vulnerability to attack through both cyber and physical avenues. This describes systems in a wide variety of functions, many crucial to the function of modern society, making their security of paramount importance. The development of secure system design and attack detection strategies for each potential avenue of attack is needed to combat malicious attacks. This thesis will provide an overview of the approaches to securing different aspect of cyber-physical systems. The cyber element can be designed to better prevent unauthorized entry and to be more robust to attack while its use is evaluated for signs of ongoing intrusion. Nodes in sensor networks can be evaluated by their claims to determine the likelihood of their honesty. Control systems can be designed to be robust in cases of the failure of one component and to detect signal insertion or replay attack. Through the application of these strategies, the safety and continued function of cyber-physical systems can be improved

Trust and reputation management for securing collaboration in 5G access networks: the road ahead

Trust represents the belief or perception of an entity, such as a mobile device or a node, in the extent to which future actions and reactions are appropriate in a collaborative relationship. Reputation represents the network-wide belief or perception of the trustworthiness of an entity. Each entity computes and assigns a trust or reputation value, which increases and decreases with the appropriateness of actions and reactions, to another entity in order to ensure a healthy collaborative relationship. Trust and reputation management (TRM) has been investigated to improve the security of traditional networks, particularly the access networks. In 5G, the access networks are multi-hop networks formed by entities which may not be trustable, and so such networks are prone to attacks, such as Sybil and crude attacks. TRM addresses such attacks to enhance the overall network performance, including reliability, scalability, and stability. Nevertheless, the investigation of TRM in 5G, which is the next-generation wireless networks, is still at its infancy. TRM must cater for the characteristics of 5G. Firstly, ultra-densification due to the exponential growth of mobile users and data traffic. Secondly, high heterogeneity due to the different characteristics of mobile users, such as different transmission characteristics (e.g., different transmission power) and different user equipment (e.g., laptops and smartphones). Thirdly, high variability due to the dynamicity of the entities’ behaviors and operating environment. TRM must also cater for the core features of 5G (e.g., millimeter wave transmission, and device-to-device communication) and the core technologies of 5G (e.g., massive MIMO and beamforming, and network virtualization). In this paper, a review of TRM schemes in 5G and traditional networks, which can be leveraged to 5G, is presented. We also provide an insight on some of the important open issues and vulnerabilities in 5G networks that can be resolved using a TRM framework

DEVELOPING AN AUTHENTICATOR BASED PUBLIC INSPECTING DESIGN FOR INSIDER-SPASMS

This architecture is collusion proof, requires relatively high computational capacity in the source node, but incurs low communication and storage overheads over the route. To lessen the computation overhead of the baseline construction, a packet-block-based mechanism was also suggested, which enables someone to trade recognition accuracy for lower computation complexity. Some open issues continue being investigated within our future work. First, the suggested systems are restricted to static torques-static wireless random systems. Link error and malicious packet shedding is a couple of sources for packet deficits in multi-hop wireless random network. In this paper, while watching a string of packet deficits within the network, we are curious about figuring out if the deficits are caused by link errors only, or through the combined aftereffect of link errors and malicious drop. We're especially thinking about the insider-attack situation, whereby malicious nodes that are members of the path exploit their understanding from the communication context to selectively drop a small amount of packets important to the network performance. Since the packet shedding rate within this situation resembles the funnel error rate, conventional calculations that derive from discovering the packet loss rate cannot achieve acceptable recognition precision. To improve the recognition precision, we advise to take advantage of the correlations between lost packets. In addition, to make sure truthful calculation of these correlations, we create a homomorphism straight line authenticator (HLA) based public auditing architecture that enables the detector to verify the reliability from the packet loss information as stated by nodes. This construction is privacy protecting, collusion proof, and incurs low communication and storage overheads. To lessen the computation overhead from the baseline plan, a packet-block-based mechanism can also be suggested, which enables someone to trade recognition precision for lower computation complexity. Through extensive simulations, we verify the suggested systems achieve considerably better recognition precision than conventional techniques such as an optimum-likelihood based recognition

A survey on vehicular communication for cooperative truck platooning application

Platooning is an application where a group of vehicles move one after each other in close proximity, acting jointly as a single physical system. The scope of platooning is to improve safety, reduce fuel consumption, and increase road use efficiency. Even if conceived several decades ago as a concept, based on the new progress in automation and vehicular networking platooning has attracted particular attention in the latest years and is expected to become of common implementation in the next future, at least for trucks.The platoon system is the result of a combination of multiple disciplines, from transportation, to automation, to electronics, to telecommunications. In this survey, we consider the platooning, and more specifically the platooning of trucks, from the point of view of wireless communications. Wireless communications are indeed a key element, since they allow the information to propagate within the convoy with an almost negligible delay and really making all vehicles acting as one. Scope of this paper is to present a comprehensive survey on connected vehicles for the platooning application, starting with an overview of the projects that are driving the development of this technology, followed by a brief overview of the current and upcoming vehicular networking architecture and standards, by a review of the main open issues related to wireless communications applied to platooning, and a discussion of security threats and privacy concerns. The survey will conclude with a discussion of the main areas that we consider still open and that can drive future research directions.(c) 2022 The Author(s). Published by Elsevier Inc. This is an open access article under the CC BY license (http://creativecommons.org/licenses/by/4.0/)