CRN Security

7/25/2019 CRN Security

http://slidepdf.com/reader/full/crn-security 1/7

A Survey on Security in Cognitive Radio Networks

Mahmoud Khasawneh, Anjali Agarwal

Department of Electrical and Computer Engineering, Concordia University, Montreal, Canada

{m_khasaw, aagarwal}@encs.concordia.ca

Abstract — Cognitive radio (CR) has been introduced to

accommodate the steady increment in the spectrum demand.

In CR networks, unlicensed users, which are referred to as

secondary users (SUs), are allowed to dynamically access the

frequency bands when licensed users which are referred to as

primary users (PUs) are inactive. One important technicalarea that has received little attention to date in the cognitive

radio system is wireless security. New classes of security

threats and challenges have been introduced in the cognitive

radio systems, and providing strong security may prove to be

the most difficult aspect of making cognitive radio a long-

term commercially-viable concept. This paper addresses the

main challenges, security attacks and their mitigationtechniques in cognitive radio networks. The attacks showed

are organized based on the protocol layer that an attack is

operating on.

Keywords-Cognitive radio; Security; Attack; Primary User

(PU); Secondary User (SU)

I. I NTRODUCTION

Recently, cognitive radio (CR) [1] technique has become

one of the most common studied techniques in wireless

networks field. The conventional spectrum management

approach is currently and widely applied by regulators over

the world; wherein the regulators assign locally the spectrumfrequency bands to service providers for large geographical

ranges and for long periods of time. Then each service

provider manages its frequency band by defining its users,

their rights, and specifying the regulations that control the

communication over its channels. Although these regulations

intend to enhance the spectrum usage, they can lead to

spectrum scarcity problem. Because of these regulations, the

licensed users of the service providers may be prevented from

changing their behaviors according to market demand.Recently, the power management has been restructured

relying on market forces [2]. A service provider sells the

spectrum to its end users which are referred to primary users

(PUs) in form of bandwidth. These PUs which own thespectrum for long term, can resell their unused spectrum to

another users which are known as secondary users (SUs).Security is considered as a vital area that has received little

attention in the cognitive radio network [3]. The most

important behaviour of the attackers can be categorized into

the followings (i) misbehaving, (ii) selfish, (iii) cheating and

(iv) malicious [3]. These behaviours clearly impact the

network performance significantly. The most importantsecurity properties are availability: the spectrum/channel

should be returned to the primary user when he is active;

reliability of transmitting sensing results for SU; non-

repudiation: agreement between the PU and the SU;

authentication: to assure the credibility of the CR users; and

stability: the ability to come back to equilibrium state after

being hindered by a physical disturbance [4].

The attacks generally follow a layered approach [4]. The

attacks such as Primary User Emulation (PUE) [5], Jamming

[6], and the Objective Function [4] occur in the Physical

Layer. The attacks such as Spectrum Sensing Data

Falsification (SSDF) [18] and the Control Channel Saturation

DoS [7-8] occur in the Link Layer. The attacks such as

Sinkhole [4], HELLO Flood [11] and Sybil attack [9] occur atthe Network Layer. The attacks such as the Lion Attack [10]

and Key Depletion Attack [11] occur at the Transport Layer.

Some attacks, such as Jamming Attack, might target one layer

and have influences and consequences over other layers, these

attacks are known as cross-layer attacks.

The rest of this paper is organized as follows: in Section II,

we show a general overview of cognitive. Section III presents

the general security requirements. The different attacks with

their mitigation techniques over physical layer are shown in

Section IV. Data link layer attacks as well as their mitigation

techniques are demonstrated in Section V. Section VI and VII

show the network layer attacks and transport layer attacks withtheir mitigation techniques respectively. In Section VIII we

provide some few future directions that need to be addressed by researchers. We conclude this paper in Section IX.

II. A N OVERVIEW OF COGNITIVE R ADIO NETWORKS

The principle of Cognitive Radio was firstly mentioned and

explained by Joseph Mitola [1]. Cognitive Radio could be

defined as an efficient technology that allows more users to

use the available spectrum. Spectrum sensing is assumed as

the basic functionality in CR. Spectrum sensing aims to find

the vacant spectrum holes for dynamic use. In general, there

are two sensing modes, reactive sensing and proactive sensing

[5]. Generally, the spectrum sensing techniques can becategorized as transmitter detection, cooperative detection,

and interference-based detection [1]. In transmitter detection,the presence of the PU transmitter in its spectrum band is

determined. Three schemes that are generally used for the

transmitter detection are: matched filter detection, energy

detection and cyclostationary feature detection [1]. Matched

filter detection is used if the secondary user has informationabout the primary user signal. If there is not enough

information about PU’s signal, energy detection is applied. In

cyclostationary feature detection, modulated signals are

2014 6th International Conference on CSIT ISBN:987-1-4799-3999-2

64 978-1-4799-3999-2/14/$31.00©2014 IEEE Published by the IEEE Computer Society



coupled with other signals. In cooperative detection technique,

cooperation concept between the SUs is applied in order to

improve the sensing results. The last technique, interference- based detection technique, has been introduced by the FCC in

[6], wherein the interference temperature is measured and

compared with statistical information to make the decision

about the PU presence in its spectrum band. Different schemes

represent the spectrum sensing functionally which could be

classified as following:

• Centralized cooperative scheme: where there is a

controller, and cooperation between the SUs to sense

the spectrum holes, where each SU, individually,

senses the spectrum holes and sends the sensing

information to the controller that makes the final

decision of the spectrum.

• Centralized non-cooperative scheme: in this scheme

the controller senses the spectrum holes and manages

the access to the holes for different SUs.

• Distributed cooperative scheme: there is no controller

in this approach. Each SU senses the spectrum holes,and then all SUs distribute their spectrum sensing

information to other SUs.

• Distributed noncooperative: same as the previous

one, but each SU senses the spectrum holes and then

decides which spectrum hole to use without

considering the other SUs’ sensing information.

Spectrum management is another functionality of CR. The

objective of spectrum management is to share the spectrum

between many users, PUs and SUs, in such a way that it

accomplishes different goals and requirements. The main

objective for the SU is to attain its QoS. There are many

factors that represent the QoS of SU such as using high data

rate for sending its data, using proper power values in thetransmission process, or reducing the interference caused to

other users in the network. For the PU, it always tries to lease

its unused frequency channels to SUs which pay more; thatfinally results in attaining high revenue.

Three different models used to represent the spectrum

sharing functionality in cognitive radio networks which are as

follows:

• Public commons model: the radio spectrum is open

to anyone for access with equal rights; this model

currently applies to the wireless standards (e.g., WiFi

and Bluetooth radio) operating in the license-free

ISM (Industrial, Scientific, and Medical) band.

• Exclusive usage model: the radio spectrum can beexclusively licensed to a particular user; however,spectrum utilization can be improved by allowing

dynamic allocation and spectrum trading by the

spectrum owner.

• Private commons model: different users in a

cognitive radio network (e.g., primary, secondary,

tertiary, and quaternary users) can have different priorities to share the spectrum. Secondary users can

access the spectrum using an underlay or overlay

approach.

III. SECURITY REQUIREMENTS

As any other type of wireless networks, cognitive radionetworks are vulnerable to many security attacks. Moreover,the radio technology itself is vulnerable to be attacked.Cognitive radio networks differ from other wireless networkswhere some reliability issues are unique to CRN, such as highsensitivity to weak primary signals, unknown primary receiverlocation, tight synchronization requirement in centralized

cognitive networks, and lack of common control channel [12].Therefore, malicious nodes can utilize the vulnerability of thesereliability issues to attack the different layers ofcommunication protocol.

Security is an important issue in the context of CRN thatgot less interest of researchers. In CRN, security threats aremuch more complex and possibility of an attack is higher thanthat in other networks since the network nodes are much moreintelligent by design. Hence, security measurements and

polices should be developed to reduce the opportunity thatmalicious nodes attack the CR network.There are many concepts that should be applied to satisfy asecure communication among wireless network nodes which

are: Confidentiality, integrity, availability and authentication.

Confidentiality means to protect information such that thereis no unauthorized revelation to systems or individuals. DataConfidentiality is a mandatory requirement in wirelessnetworks generally to maintain the privacy of the data owner asthe data owner can include a bank storing credit and balanceinformation about a customer [4].

Integrity is the property of ensuring that information willnot be accidentally or maliciously altered or destroyed. Itmeans that data is transmitted from source to destinationwithout alteration [6]. The message data can only be altered bythe sender without detection. Integrity protects against

unauthorized creation, alteration or destruction of data. If itwere possible for a corrupted message to be accepted, then thiswould show up as a violation of the integrity property [7].

Availability means to let the network users use the networkfor their own transmissions and keep track of the traffic overthe network.

Authentication is the verification of the claimed identity ofa principal [4]. It is a primary security property while other

properties often rely on authentication having occurred.Authentication is sometimes taken to be of two types:

• Message authentication: Ensuring, that a messagereceived matches the message sent. Sometimes, it

means a proof of the identity of the creator of themessage.

• Principal authentication: Corroborating that a

principal is the one claimed.

The first step in utilizing the unused spectrum is thespectrum sensing process, as mentioned above, which isconsidered as cataleptic context for malicious nodes to ariseand attack the CRN. Security comprises two issues in PUssignals’ detection which are misdetection and false detection.False detection means that that a SU records that a PU is


65



present in its band while in real it is not and a malicious nodealleges as a PU and sends strong signal to SUs. Misdetectionissue is the opposite of the false detection issue.

The previous mentioned issues are one example of somesecurity issues that can arise and make CRN more challengingsolution. Stronger security mechanisms should avoid theharmful effects of the different attacks such as overhearingother users’ information, interfering with other users’transmission signals, degrading the quality of service oflicensed users, and therefore increasing the spectrum scarcity

problem which is intended to be solved by CR technology.

Security threats in any mobile ad hoc network are much

higher than a traditional wired network. In CR network, the

threats are much more complex and possibility of an attack is

higher since the network nodes are much more intelligent by

design. The threats, in CRN, can be categorized according tothe layers they target as follows: physical layers attacks, data

link layer attacks, network layer attacks, and transport layer

attacks. Moreover, the threats might have a cross layers effects

wherein one attack can target one layer and affect other layers.

IV. PHYSICAL LAYER ATTACKS

The bottom layer of the protocol stack is the physical layer

that provides an interface to the transmission medium. The

physical layer consists of any physical medium that is used to

make any two network devices communicate to each other,

such as the network cards, fiber, cables, or the atmosphere as

in the cognitive radio network networks. The operation of the

cognitive radio network is more complicated than other

wireless communication networks because the cognitive radio

uses the frequency spectrum dynamically. Spectrum sensing,

as mentioned earlier, is the first step to use the unallocated

spectrum bands, and as the atmosphere is the medium of that

which is open to public, the physical layer is vulnerable tomany threats that attack the spectrum sensing process.

Following are few attacks aimed at disrupting communication

by targeting the physical layer of the cognitive radio network.

A. Primary User Emulation Attack (PUE)

Proper function of the spectrum sharing feature of the

cognitive radio network requires the radio’s ability to

distinguish between the primary and secondary user signals

[5]. Many techniques such as filter detection, energy detection,

and cyclostationary feature detection have to be efficient to

provide the ability of distinction.

In such inimical environment, defining the primary user

from others could be extremely difficult. In the primaryemulation attack (PUE), as shown in figure 1, an attacker may

modify their air interface such that it emulates the primary-

user’s signal characteristics [7]. In this attack the other

secondary users will falsely determine the frequency is in use

by a legitimate primary user, and so vacate the frequency right

away while in real it is not.

Figure1. PUE Attack [11]

The fraud may commit the attack selfishly, so the attacker

can use the spectrum, or maliciously, so the other legitimate

users will have their communication disrupted, resulting in a

Denial of Service attack. In addition, the attacker can poison

the data collected about the spectrum usage that is used by the

learning cognitive radio to determine which frequencies to tryto access in the future. Therefore, the primary user attack

(PUE) leads in an objective function attack [4].

In [14] the authors introduce a robust technique based on

the principal component analysis for spectrum sensing

process. All SUs send their observation matrix about different

PUs to one fusion center which keeps track of the SU’s

transmission signal power in another matrix called low rank

matrix. The fusion center uses this matrix to decide which

nodes are suspect nodes and notify the other legitimate nodes.

The data cache is no longer poisoned, and the results of the

primary user sensing process are more accurate.

Another method of defense against the primary user

emulation attack is proposed in [15]. This method is based on

the concept of belief propagation. All secondary users in the

network follow a sequence of steps until the suspect nodes are

detected and excluded from the spectrum sending process.

Each SU calculates iteratively two different types of functions

which are location function and compatibility function that are

being used to determine and check the location and the

compatibility of PUs. After that, SU makes the decisions about

PUs, prepares sensing messages, exchanges these messages

with neighboring SUs, and calculates the belief level of other

SUs until convergence. At convergence, any existing attacker

will be detected, and secondary users will be notified via

broadcast message of the attacker’s signal characteristics and

therefore neglect and exclude that attacker sensing results.

This allows all secondary users to avoid the attacker’s primary

emulation signal in the future. In [16], the authors propose

another method of detection and mitigation of a primary user

emulator. A fusion center receives the sensing information

from the different SUs in the network which uses such

estimation algorithms to detect the primary user in the

presence of the attacker.


66



B. Objective Function Attack

As the cognitive radio has the ability to adjust the radio

transmission parameters according to the current state of theenvironment. The cognitive engine in the adaptive radio is the

one responsible for adjusting the radio parameters in order to

meet specific requirements such as low energy consumption,

high data rate, and high security. Radio parameters include

center frequency, bandwidth, power, modulation type, coding

rate, channel access protocol, encryption type, and frame size[13]. The cognitive engine calculates these parameters by

solving one or more objective functions, for instance find the

radio parameters that maximize data rate and minimize power.

Manipulating the parameters that will meet the objective

function is vulnerable to be attacked. An attacker can launch

its attack by wrongly manipulating these parameters whichlead the results to meet its own objective function which is not

the one intended by users of the network.

A scenario of an Objective Function attack is illustrated in

[13], wherein the cognitive engine calculates the parameters

that maximize an objective function composed of transmission

rate (R) and security (S), i.e., f = w1R + w2S, where w1 andw2 represent the weights of R and S. Whenever the cognitive

engine attempts to use a higher security level S, the attacker

launches a jamming attack on the radio, thus reducing R and

hence reducing the overall objective function. The cognitive

engine will then cease from increasing the level of security inorder not to decrease the overall of the objective function.

Therefore, the attacker forces the radio to use a low security

level that can be hacked.

To detect and mitigate this attack, a predefined threshold

for each of these parameters is proposed in [17]. If the value of

any of these parameters goes beyond the threshold value, the

communication shall stop and these communicating nodes will

be reported to a fusion center that has to re-authenticate eachof them.

C. Jamming Attack

The attacker (jammer) maliciously sends out packets to

block legitimate participants in a communication session from

sending or receiving data; consequently, creating a denial of

service situation. However, there are other reasons that make

the transmission channels saturated such as the network

congestion due to the messages exchange between the nodes.

To mitigate this attack, secondary users have to keep track

of the primary user’s location which can be obtained by

contacting a base station or relayed upon other participatingnetwork nodes. By comparing the PU’s location to the

location of the node making requests would alert the network

that a malicious node may exist.

V. DATA LINK LAYER ATTACKS

The data link layer is responsible for managing traffic flow

and error control over the physical medium. Moreover, Data

link layer supports multiple users on a shared medium within

the same network. Each computer is assigned its own unique

MAC address. Most of the attacks presented in this layer

targets the MAC addresses.

A. Spectrum Sensing Data Flassification

In the spectrum sensing data falsification, the attackers

share false sensing information into the decision stream as a

legitimate member of the network. By doing that, the attackers

aim to selfishly acquire increased spectrum availability for

themselves, or the attackers may have a goal of disrupting thethroughput of the network for other heinous reasons.

The authors in [18] propose a mitigation method for SSDF

attack. During the sensing period, all the malicious nodes and

the other SUs make their own decisions about the

presence/absence of PUs in their bands and forward these

decision to a central fusion. The central fusion keeps a track of

how many times each node needs to have the right decision

about the PU; this number of times is called measure. The

higher the value of the measure the less reliable the node’s

observation is considered. The nodes with higher value of

measure will be excluded from the following sensing results

collection iteration.

B. Control Channel Saturation

In cognitive radio network, one control channel is used to

carry all the control traffic between the network users.

However this control channels has a limit of data to be carried

and transmitted.

The control channel will be in a saturated mode once it isnot able to carry more control traffic. An attacker can

broadcast a large number of packets with the intent to saturate

the control channel. By sending different types of packets, a

malicious node reduces the risk of detection. The attackers

aim to reduce the number of legitimate nodes that can use the

spectrum and give themselves the opportunity to highly use

the frequency bands.To mitigate this attack, a CR network could be categorized

into many clusters. In each cluster, a common control channel

is used. If an attacker is targeting a control channel, the other

clusters’ nodes will not be affected; hence the affected

network area is reduced [19].

VI. NETWORK LAYER ATTACKS

The main functionality provided by the network layer is to

route data packets from a source node on one network to a

destination node on another network, while maintaining

quality of service as it is requested by both the parties of a

communication. Fragmentation and reassembly of packets, if

required are two other services provided by the network layer.The cognitive radio network shares security issues with the

classic wireless communication networks due to the three

shared architectures which are mesh, ad hoc, and

infrastructure. Cognitive radio networks also share similarities

with wireless sensor networks. The attackers spend their time

on targeting the routing functionality as it is the most

complicated and vulnerable to eavesdropping.

Too many threats are attacking the network layer; however

three of them are considered the most challenging in research

which are Hello, sinkhole, and Sybil attacks.


67



A. Hello Attack

An adversary broadcasts a message to all node of a

network stating that it is the best route to a specific destinationnode in the network. The attacker use high power level to send

the broadcast message to convince all the other nodes that this

attacking node (adversary) is their neighbor. When the

attacker uses a high power level to send the broadcast

message, the other nodes will receive this message with good

signal strength and they assume that this attacking node isvery close to them while it is not in reality. The network nodes

will forward their packet destined to a particular node through

this attacking node with regular signal power level, but the

messages will be lost due to the far distance of the attacking

node (the forwarding node). Since all nodes of network

forward packets to an attacking node and their packet are lost,they will find themselves with no neighbors after a while.

Different methods can be used to mitigate this attack. All

links between nodes should be bidirectional and this

functionality could be checked and verified by sending one

message over links and in presence of a trusted node which is

fusion center. The fusion center will initiate and verify thesession keys between any pair of network nodes. Two

purposes sit behind the use of session key which are verifying

the identity of the communication nodes to each other and

providing a ciphered link among them. If one node claims to

be a neighbor to a big number of network nodes, an alarm

should be raised about attacker detection.

B. Sinkhole Attack

In a sinkhole attack, an attacker advertises itself as the best

route to a specific destination, motivating neighboring nodes

to use it to forward their packets [8]. An attacker may use this

way to perform another attack called selective forwardingwhere an attacker has the ability to modify or discard packets

from any node in the network. The attack is particularly

effective in the infrastructure and mesh architectures as all

traffic goes through an access point letting the attacker falsely

claim that it is the best route for packet forwarding.

To mitigate this attack, a fusion center is required toauthenticate the different network nodes. If a new node likes

to join the network, an authentication process should be

applied. This authentication process will add new nodes to the

network if and only they are well authenticated and identified.

If the attacker is one of the already authenticated nodes, a

periodic notification messages should be sent by the base

station to all network nodes about any doubt or

communication issues in the forwarded, dropped, andmodified packets, hence the attacker should be excluded and

discarded from the network. Another solution to mitigate the

sinkhole attack is to apply one of the on demand routing

protocols used in wireless sensor or ad hoc networks such as

security-aware ad hoc routing protocol, AODV, or DSR.

In these routing protocols, the source node that wants to send a

packet to another node establishes the path by sending route

request message. This message should contain a security

metric (level) that should be processed by intermediate nodes

to check if this level is satisfied or not. The message will be

forwarded to the next intermediate node once the security

level is satisfied otherwise it is dropped. If this request reaches

the destination properly and correctly, the destination will prepare and send a route reply to sender through the

intermediate nodes that process the route request message

earlier. The attacker still can be present in networks that use

this type of protocols by changing or altering the security

level. However the route request and reply messages contain a

ciphered key that prevents any node that does not know thiskey from decrypting the messages. Therefore, even if the

attacker generates messages with changed security levels, the

legitimate nodes will drop these packets since they don’t

contain the correct ciphered key generated by the base station.

C. Sybil Attack

In Sybil attack, the attacker uses different fake identities torepresent one entity. The attacker uses the same node with its

different fake identities to cheat on the legitimate nodes. The

effect of this attack is clear in the cooperative spectrum

sensing technique wherein all nodes participate cooperatively

in making the decision about the presence or absence of a PU

over its spectrum. In that, the attacker can send wrong sensinginformation which lead to wrong sensing decision and hence

let the PUs channels unused or exclusively used by the

attacker himself.

Node’s identity validation technique is used to mitigate this

attack wherein there are two ways of validation used which

are direct and indirect validation. In direct validation, each

node tests directly the identity of other node if it is valid or

not. On the other hand, in indirect validation, other verified

nodes can validate or send reputation report for other nodes. In

any type of the validation types, the resources of a node are

tested and these resources should be limited and able to handle

communication, storage, and computation resources.

VII. TRANSPORT LAYER ATTACKS

The transport layer provides many services such as flow

control, congestion control, and end-to-end error control and

recovery. The transport layer in the cognitive radio network is

subject to many of the vulnerabilities that plague wireless adhoc networks.

A. Key Depeletion Attack

Cognitive radio networks have a short transport layer

session duration due to frequently occurring retransmissions

and high round trip times [6]. Therefore, a large number ofsessions are initiated between communication parties. Most

transport layer protocols, such as secure socket layer (SSL)and transport layer security (TLS), establish cryptographic

keys at the beginning of each transport layer session. With the

great number of session keys generated, it becomes more

likely that a session key got repeated. Repetitions of a key can provide an avenue of exploitation to break the underlying

cipher system [9]. It has been established that wired equivalent

privacy (WEP) and temporal key integrity protocol (TKIP)

protocols used for IEEE 802.11 are prone to key repetition

attacks.


68



Figure 2. Cross-Layers Attacks Effects

Therefore, the attackers can eavesdrop the communication

traffic between the two communication users and got thesession key, and therefore use this key to send get the session

data. To mitigate this attack new ciphering algorithms have to

be developed to make the session keys’ sharing process done

in a more secure way.

Figure 2 illustrates the different concepts of cognitive radionetworks and the way that they are linked to each other. As

each layer is communicating with the other layers to provide

its functionality that brings new security threat problems in

CRN which is called Lure attack problem [10]. In Lure attack,

during the process of finding routes from source to

destination, malicious node firstly modifies the request packet

of receiving routing by adding false available channel

information to it. This false channel information will lureother nodes into the routing lap, and drop the forwarded

packets. This threat seriously can affect the communication

performance of the network.

Table I summarizes the different attacks illustrated in this

paper. Moreover, it shows the security requirement that each

threat is trying to attack and degrade.Table I: Attacks Preview

Attack Targeted layer Security requirement

Primary User

Emulation (PUE)

Attack

Physical Authentication and

Availability

Hello Attack Physical Authentication andAvailability

Objective

Function Attack

Physical Authentication and

Availability

Spectrum Sensing

Data Falsification

Attack

Data Link Authentication and

Availability

Control ChannelSaturation Attack

Data Link Authentication andAvailability

Hello Flood

Attack

Network Authentication,

Availability,

Confidentiality and

Integrity

Sinkhole Attack Network Authentication,

Availability,

Confidentiality andIntegrity

Sybil Attack Network Authentication,

Availability,

Confidentiality and

Integrity

Key Depletion

Attack

Transport Confidentiality and

Integrity

Lure Attack Cross layers Authentication,

Availability,

Confidentiality and

Integrity

In general, to mitigate the previous mentioned attacks in CR

networks behaviors, a CR must possess four key

characteristics. First, CR has to possess the ability to make

authentication for the local nodes forming a cognitive radio

network. Second, CR has to be able to exchange informationwith other cognitive radios in a strongly secure way. Third,

CR has to validate the information exchanged among the

different cognitive radios in the network. Last and not least,

CR has to be able to analyze the behavior of the different

nodes of one cognitive radio network.

VIII. FUTURE DIRECTIONS

As the security issues in CRN are still getting less attention

by researchers, we show some research directions that need

further investigations to make the CRN more secure.

A. Considering the existing security solutions.

In other types of wireless network such as cellularnetworks, ad hoc wireless networks and mish networks,

different existing security protocols can be applied in the

context of CRN. In cellular networks, each user has a unique

identity which is called international mobile user identity

obtained by an access point. A secret key is shared between

the base station and the newly admitted nodes to applyauthentication mechanism. The same authentication

mechanisms could be used between the secondary users and

the base station of the cognitive radio network.

B. Considering Cross-Layers Attacks

Some attacks might target one layer and have influences

and consequences over other layers, these attacks are known

as cross-layer attacks. In cognitive networks, there is an

inherent need for greater interaction between the different

layers of the protocol stack. Therefore, the cross-layer attacks

need to be given more attention in cognitive networks.

C. Devloping Cryptograohic Algorithms

Malicious node behaves in such a way to convince the

secondary users that it is a primary user and then start its

misbehaving work. Therefore, each primary user has to

provide its identity to other nodes in the network letting them

differentiate between legitimate primary users and malicious


69



nodes. Hence, new cryptographic algorithms should be

proposed for primary users’ identification process.

D. Proposing Efficient Spectrum Sensing Techniques

If the secondary users sense the primary users correctly,

then they can efficiently use the unused licensed bands. An

exchanging information method has been proposed in [20],

where we used clustering, sureness, and cooperation concepts

to exchange the spectrum sensing information between thesecondary users. Comparing different proposed schemes will

lead to develop more efficient and robust spectrum sensing

techniques that prevent frauds from attacking cognitive radio

networks.

E. Applying Game Theory

Game theory has been used mostly in economics, in order

to model competition between firms. It has also been applied

to networking, generally to solve routing and resource

allocation problems in a competitive environment [21].

Recently, game theory was also applied to wireless

communication: the decision makers in the game are rational

users who control their communication devices [21-22]. Mostgame approaches on spectrum and power management do not

consider security issues and make some assumptions related to

security, such as all users are not malicious users, all users are

trusted, all users are authorized as well as authenticated, and

the primary user is a trusted party. However, in some

environment these assumptions are not valid, which requirechanges to the existing model to prevent any kinds of attacks

or denial of services. Therefore, game theory should be

studied and applied to provide secure approaches of spectrum

sharing between the networks’ nodes.

IX. CONCLUSIONS

Despite the main objective of using cognitive radios whichis to increase spectrum utilization by allowing the unlicensed

(secondary) users to opportunistically access the frequency

band actually owned by the licensed (primary) users, the

classification of users into two different categories gives rise

to several security issues that are unique to cognitive radio

communications.We showed in this paper the main requirements of having

secure protocols in different wireless networks especially in

CRN, some attacks targeting the different protocol layers

stack, and methods of mitigating these attacks. It showed some

challenging issues in CRN that need more research in future.The paper attempted to address the major threats that widely

applied in cognitive radio networks and their effects on thedifferent security requirements.

R EFERENCES

[1] J. Mitola, “Cognitive radio for flexible multimedia communications” inProceedings of MoMuC’99, 1999, pp. 3-10.

[2] P. Crocioni, “Is allowing trading enough? Making secondary markets inspectrum work”, Telecommunications Policy, vol. 33, 2009, pp. 451-468.

[3] I. Akyildiz, and Y. Li, “OFDM-based cognitive radio networks”,Broadband and Wireless Networking Laboratory Technical Report,(2006) OCRA, March 2006.

[4] W. El-Hajj, H. Safa, M. Guizani, “Survey of Security Issues inCognitive Radio Network”, Journal of Internet Technology Volume 12, No.2, 2011.

[5] Z. Jin, S. Anand, and K.P. Subbalakshmi, “Detecting Primary UserEmulation Attacks in Dynamic Spectrum Access Networks,” Proc. IEEEInt’l Conf. Comm. (ICC ’09), June 2009.

[6] S. Sodagari and T. C. Clancy, “An anti-jamming strategy for channelaccess in cognitive radio networks”, In Decision and Game Theory forSecurity, pages 34–43. Springer, 2011.

[7] J. Zhao and G. Cao, “Robust topology control in multi-hop cognitiveradio networks”, In INFOCOM, 2012 Proceedings IEEE, pages 2032– 2040. IEEE, 2012.

[8] L. Akter and B. Natarajan, “Distributed Approach for Power and RateAllocation to Secondary Users in Cognitive Radio Networks,” IEEETrans. Vehicular Technology, vol. 60, no. 4, pp. 1526- 1538, May 2011.

[9] Y. Tan, K. Hong, Sh. S., and KP. Subbalakshmi, “Using sybil identitiesfor primary user emulation and byzantine attacks indsa networks”, InGlobal Telecommunications Conference (GLOBECOM2011), pages 1– 5., 2011.

[10] J. Hernandez-Serrano, O. León and M. Soriano, “Modeling the LionAttack in Cognitive Radio Networks”, EURASIP Journal on WirelessCommunications and Networking, Vol.2011, Article ID 242304, 10 pages, 2011.

[11] CN. Mathur and KP. Subbalakshmi,"Security issues in cognitive radionetworks", In: Cognitive networks: towards self-aware networks, July2007.

[12] D. Vir, Dr. S.K Agarwal, Dr. S.A Imam, “Power Analysis andComparison of Reactive Routing Protocols for Cognitive Radio Ad Hoc Networks”, IJAREEIE, July 2013.

[13] D. Hlavacek,, and J. Morris Chang,, “A Layered Approach to CognitiveRadio Network Security: A Survey”.

[14] F. Lin, Z. Hu, S. Hou, J. Yu, C. Zhang, N. Guo, M. Wicks, R. C Qiu,and K. Currie, “Cognitive radio network as wireless sensor network (ii):Security consideration”, In Aerospace and Electronics Conference(NAECON), Proceedings of the 2011 IEEE National, pages 324–328.IEEE, 2011.

[15] Z. Yuan, D. Niyato, H. Li, J. B. Song, and Z. Han, “Defeating primaryuser emulation attacks using belief propagation in cognitive radionetworks”, Selected Areas in Communications, IEEE Journal on,30(10):1850–1860, 2012.

[16] C. Chen, H. Cheng, and Y. Yao, “Cooperative spectrum sensing incognitive radio networks in the presence of the primary user emulationattack”, Wireless Communications, IEEE Transactions on, 10(7):2135– 2141, 2011.

[17] O. León, J. Hernández-Serrano, and M. Soriano, “Securing cognitiveradio networks”, International Journal of Communication Systems,23(5):633–652, 2010.

[18] A. Rawat, P. Anand, H. Chen, and P. Varshney. “Collaborativespectrum sensing in the presence of byzantine attacks in cognitive radionetworks”, Signal Processing, IEEE Transactions on, 59(2):774–786,2011.

[19] L. Lazos, S. Liu, and M. Krunz. “Mitigating control-channel jammingattacks in multi-channel ad hoc networks”. In Proceedings of the secondACM conference on Wireless network security, pages 169–180. ACM,2009.

[20] Mahmoud Khasawneh, Anjali Agarwal, Nishith Goel, Marzia Zaman,Saed Alrabaee, “Sureness Efficient Energy Technique for CooperativeSpectrum Sensing in Cognitive Radios”, 2012 International Conferenceon Telecommunications and Multimedia (TEMU) , Greece, 2012, Pages25-30

[21] S. Alrabaee, A. Agarwal, N. Goel, M. Zaman, M. Khasawneh, “AGame Theory Approach: Dynamic Behaviors for Spectrum Managementin Cognitive Radio Network”, GC'12 Workshop: MENS 2012,December 3-7, 2012, Anaheim, California,USA

[22] M. Khasawneh, A. Agarwal, N. Goel, M. Zaman, S. Alrabaee “A GameTheoretic Approach to Power Trading in Cognitive Radio Systems”, The20th International Conference on Software, Telecommunications andComputer Networks - SoftCOM 2012, September 11-13, 2012, Split,Croatia.


70

Documents

CRN Security