STOP-IT: strategic, tactical, operational protection of water infrastructure against cyberphysical threats

Water supply and sanitation infrastructures are essential for our welfare, but vulnerable to several attack types facilitated by the ever-changing landscapes of the digital world. A cyber-attack on critical infrastructures could for example evolve along these threat vectors: chemical/biological contamination, physical or communications disruption between the network and the supervisory SCADA. Although conceptual and technological solutions to security and resilience are available, further work is required to bring them together in a risk management framework, strengthen the capacities of water utilities to systematically protect their systems, determine gaps in security technologies and improve risk management approaches. In particular, robust adaptable/flexible solutions for prevention, detection and mitigation of consequences in case of failure due to physical and cyber threats, their combination and cascading effects (from attacks to other critical infrastructure, i.e. energy) are still missing. There is (i) an urgent need to efficiently tackle cyber-physical security threats, (ii) an existing risk management gap in utilities’ practices and (iii) an un-tapped technology market potential for strategic, tactical and operational protection solutions for water infrastructure: how the H2020 STOP-IT project aims to bridge these gaps is presented in this paper.Postprint (published version

Byzantine Attack and Defense in Cognitive Radio Networks: A Survey

The Byzantine attack in cooperative spectrum sensing (CSS), also known as the spectrum sensing data falsification (SSDF) attack in the literature, is one of the key adversaries to the success of cognitive radio networks (CRNs). In the past couple of years, the research on the Byzantine attack and defense strategies has gained worldwide increasing attention. In this paper, we provide a comprehensive survey and tutorial on the recent advances in the Byzantine attack and defense for CSS in CRNs. Specifically, we first briefly present the preliminaries of CSS for general readers, including signal detection techniques, hypothesis testing, and data fusion. Second, we analyze the spear and shield relation between Byzantine attack and defense from three aspects: the vulnerability of CSS to attack, the obstacles in CSS to defense, and the games between attack and defense. Then, we propose a taxonomy of the existing Byzantine attack behaviors and elaborate on the corresponding attack parameters, which determine where, who, how, and when to launch attacks. Next, from the perspectives of homogeneous or heterogeneous scenarios, we classify the existing defense algorithms, and provide an in-depth tutorial on the state-of-the-art Byzantine defense schemes, commonly known as robust or secure CSS in the literature. Furthermore, we highlight the unsolved research challenges and depict the future research directions.Comment: Accepted by IEEE Communications Surveys and Tutoiral

Security in Dynamic Spectrum Access Systems: A Survey

Dynamic Spectrum Access (DSA) systems are being developed to improve spectrum utilization. Most of the research on DSA systems assumes that the participants involved are honest, cooperative, and that no malicious adversaries will attack or exploit the network. Some recent research efforts have focused on studying security issues in cognitive radios but there are still significant security challenges in the implementation of DSA systems that have not been addressed. In this paper we focus on security issues in DSA. We identify various attacks (e.g., DoS attacks, system penetration, repudiation, spoofing, authorization violation, malware infection, data modification, etc.) and suggest various approaches to address them. We show that significant security issues exist that should be addressed by the research community if DSA is to find its way into production systems. We also show that, in many cases, existing approaches to securing IT systems can be applied to DSA and identify other DSA specific security challenges where additional research will be required

AN INVESTIGATION OF SECURITY CHALLENGES IN COGNITIVE RADIO NETWORKS

The recent advances in wireless communication have led to the problem of growing spectrum scarcity. The available wireless spectrum has become scarcer due to increasing spectrum demand for new wireless applications. The large portion of the allocated spectrum is sporadically used leading to underutilization of significant amount of spectrum. To improve the spectrum efficiency, the idea of cognitive radio technology was introduced. This concept of cognitive radio provides a promising solution for the spectrum scarcity issues in wireless networks. Meanwhile, the security issues of cognitive radio have received more attentions recently since the inherent properties of CR networks would pose new challenges to wireless communications. In this MS thesis, general concepts of security threats to the cognitive radio networks are briefly reviewed. Performances for primary user emulation attacks are studied from Neyman-Pearson criterion point of view. A novel system model with different configurations of the primary users has been proposed and studied. Our experimental results demonstrate the statistical characteristics of the probability of false alarm and miss detection in the proposed system. I will make performance comparison with others’ research in the future. Adviser: Yaoqing Yan

AN INVESTIGATION OF SECURITY CHALLENGES IN COGNITIVE RADIO NETWORKS

The recent advances in wireless communication have led to the problem of growing spectrum scarcity. The available wireless spectrum has become scarcer due to increasing spectrum demand for new wireless applications. The large portion of the allocated spectrum is sporadically used leading to underutilization of significant amount of spectrum. To improve the spectrum efficiency, the idea of cognitive radio technology was introduced. This concept of cognitive radio provides a promising solution for the spectrum scarcity issues in wireless networks. Meanwhile, the security issues of cognitive radio have received more attentions recently since the inherent properties of CR networks would pose new challenges to wireless communications. In this MS thesis, general concepts of security threats to the cognitive radio networks are briefly reviewed. Performances for primary user emulation attacks are studied from Neyman-Pearson criterion point of view. A novel system model with different configurations of the primary users has been proposed and studied. Our experimental results demonstrate the statistical characteristics of the probability of false alarm and miss detection in the proposed system. I will make performance comparison with others’ research in the future. Adviser: Yaoqing Yan

Roadmap on optical security

Postprint (author's final draft

Contributions to the security of cognitive radio networks

The increasing emergence of wireless applications along with the static spectrum allocation followed by regulatory bodies has led to a high inefficiency in spectrum usage, and the lack of spectrum for new services. In this context, Cognitive Radio (CR) technology has been proposed as a possible solution to reuse the spectrum being underutilized by licensed services. CRs are intelligent devices capable of sensing the medium and identifying those portions of the spectrum being unused. Based on their current perception of the environment and on that learned from past experiences, they can optimally tune themselves with regard to parameters such as frequency, coding and modulation, among others. Due to such properties, Cognitive Radio Networks (CRNs) can act as secondary users of the spectrum left unused by their legal owners or primary users, under the requirement of not interfering primary communications. The successful deployment of these networks relies on the proper design of mechanisms in order to efficiently detect spectrum holes, adapt to changing environment conditions and manage the available spectrum. Furthermore, the need for addressing security issues is evidenced by two facts. First, as for any other type of wireless network, the air is used as communications medium and can easily be accessed by attackers. On the other hand, the particular attributes of CRNs offer new opportunities to malicious users, ranging from providing wrong information on the radio environment to disrupting the cognitive mechanisms, which could severely undermine the operation of these networks. In this Ph.D thesis we have approached the challenge of securing Cognitive Radio Networks. Because CR technology is still evolving, to achieve this goal involves not only providing countermeasures for existing attacks but also to identify new potential threats and evaluate their impact on CRNs performance. The main contributions of this thesis can be summarized as follows. First, a critical study on the State of the Art in this area is presented. A qualitative analysis of those threats to CRNs already identified in the literature is provided, and the efficacy of existing countermeasures is discussed. Based on this work, a set of guidelines are designed in order to design a detection system for the main threats to CRNs. Besides, a high level description of the components of this system is provided, being it the second contribution of this thesis. The third contribution is the proposal of a new cross-layer attack to the Transmission Control Protocol (TCP) in CRNs. An analytical model of the impact of this attack on the throughput of TCP connections is derived, and a set of countermeasures in order to detect and mitigate the effect of such attack are proposed. One of the main threats to CRNs is the Primary User Emulation (PUE) attack. This attack prevents CRNs from using available portions of the spectrum and can even lead to a Denial of Service (DoS). In the fourth contribution of this the method is proposed in order to deal with such attack. The method relies on a set of time measures provided by the members of the network and allows estimating the position of an emitter. This estimation is then used to determine the legitimacy of a given transmission and detect PUE attacks. Cooperative methods are prone to be disrupted by malicious nodes reporting false data. This problem is addressed, in the context of cooperative location, in the fifth and last contribution of this thesis. A method based on Least Median Squares (LMS) fitting is proposed in order to detect forged measures and make the location process robust to them. The efficiency and accuracy of the proposed methodologies are demonstrated by means of simulation

Attack Prevention for Collaborative Spectrum Sensing in Cognitive Radio Networks

Collaborative spectrum sensing can significantly improve the detection performance of secondary unlicensed users (SUs). However, the performance of collaborative sensing is vulnerable to sensing data falsification attacks, where malicious SUs (attackers) submit manipulated sensing reports to mislead the fusion center's decision on spectrum occupancy. Moreover, attackers may not follow the fusion center's decision regarding their spectrum access. This paper considers a challenging attack scenario where multiple rational attackers overhear all honest SUs' sensing reports and cooperatively maximize attackers' aggregate spectrum utilization. We show that, without attack-prevention mechanisms, honest SUs are unable to transmit over the licensed spectrum, and they may further be penalized by the primary user for collisions due to attackers' aggressive transmissions. To prevent such attacks, we propose two novel attack-prevention mechanisms with direct and indirect punishments. The key idea is to identify collisions to the primary user that should not happen if all SUs follow the fusion center's decision. Unlike prior work, the proposed simple mechanisms do not require the fusion center to identify and exclude attackers. The direct punishment can effectively prevent all attackers from behaving maliciously. The indirect punishment is easier to implement and can prevent attacks when the attackers care enough about their long-term reward.Comment: 37 pages including 7 figures and 2 tables; IEEE Journal on Selected Areas in Communications with special issue in Cooperative Networking - Challenges and Applications (2012 expected