Cognitive Radio Network Security

Slides:



Advertisements
Similar presentations
$ Network Support for Wireless Connectivity in the TV Bands Victor Bahl Ranveer Chandra Thomas Moscibroda Srihari Narlanka Yunnan Wu Yuan.
Advertisements

Chapter 14 무선 LAN (Wireless LAN).
1 UNIT I (Contd..) High-Speed LANs. 2 Introduction Fast Ethernet and Gigabit Ethernet Fast Ethernet and Gigabit Ethernet Fibre Channel Fibre Channel High-speed.
Copyright © 2003 Pearson Education, Inc. Slide 1 Computer Systems Organization & Architecture Chapters 8-12 John D. Carpinelli.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 17 Auction-based.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 13 Defining.
Spectrum Sensing and Identification
1 Chapter 3 Digital Communication Fundamentals for Cognitive Radio Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski,
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 11 Information.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 10 User.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 5 Spectrum.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 6 Agile.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 9 Fundamentals.
Chapter 14 Cognitive Radio for Broadband Wireless
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 12 Cross-Layer.
Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 2 Radio.
Security Issues In Mobile IP
Doc.: IEEE /0712r1 Submission July 2013 Larry Taylor, DTC (UK)Slide 1 A Brief Time of History Date: Authors:
Doc.: IEEE /0046r0 Submission July 2009 Ari Ahtiainen, NokiaSlide 1 A Cooperation Mechanism for Coexistence between Secondary User Networks on.
1 IEEE Media Independent Handoff Overview of services and scenarios for 3GPP2 Stefano M. Faccin Liaison officer to 3GPP2.
Doc.: IEEE /0006r0 Submission January 2006 Gerald Chouinard, CRCSlide 1 TV bands White Spaces and DTV receiver RF front-end performance and protection.
Cognitive Radio: Opportunities and Challenges Dr Ying-Chang Liang Senior Scientist & Project Manager Institute for Infocomm Research (I 2 R) Singapore.
1 Multi-Channel Wireless Networks: Capacity and Protocols Nitin H. Vaidya University of Illinois at Urbana-Champaign Joint work with Pradeep Kyasanur Chandrakanth.
Wireless Networks Should Spread Spectrum On Demand Ramki Gummadi (MIT) Joint work with Hari Balakrishnan.
Towards Collision Detection in Wireless Networks Souvik Sen, Naveen Santhapuri, Romit Roy Choudhury, Srihari Nelakuditi.
Chapter 1 Introduction Copyright © Operating Systems, by Dhananjay Dhamdhere Copyright © Introduction Abstract Views of an Operating System.
Designing Multi-User MIMO for Energy Efficiency
MIMO Broadcast Scheduling with Limited Feedback Student: ( ) Director: 2008/10/2 1 Communication Signal Processing Lab.
Chapter 1: Introduction to Scaling Networks
Doc.: sg-whitespace r2 Submission March 2009 Gerald Chouinard, CRCSlide Presentation to the ECSG on White Space Author: Notice: This document.
Copyright © Chang Gung University. Permission required for reproduction or display. On Femto Deployment Architecture and Macrocell Offloading Benefits.
Countering DoS Attacks with Stateless Multipath Overlays Presented by Yan Zhang.
Multi-carrier CDMA. Outline Introduction System Model Types Applications References.
1 Adaptive Bandwidth Allocation in TDD-CDMA Systems Derek J Corbett & Prof. David Everitt The University of Sydney.
Doc.: IEEE / wng SubmissionRoberto Aiello, Stefan MangoldSlide 1 carrier-grade operating in paired spectrum Date: Authors:
Doc.: IEEE /0403r0 Submission August 2007 Wendong Hu, STMicroelectronicsSlide 1 Impact of Directional Antenna at CPEs on Coexistence Beaconing.
Submission doc.: IEEE /1409r0 November 2013 Adriana Flores, Rice UniversitySlide 1 Dual Wi-Fi: Dual Channel Wi-Fi for Congested WLANs with Asymmetric.
Multistage Spectrum Sensing for Cognitive Radios UCLA CORES.
©Brooks/Cole, 2001 Chapter 12 Derived Types-- Enumerated, Structure and Union.
PSSA Preparation.
Introduction to Ad-hoc & Sensor Networks Security In The Name of God ISC Student Branch in KNTU 4 th Workshop Ad-hoc & Sensor Networks.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 11: Wireless operators in.
Essential Cell Biology
14.1 Chapter 14 Wireless LANs Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
1 Understanding and Mitigating the Impact of RF Interference on Networks Ramki Gummadi (MIT), David Wetherall (UW) Ben Greenstein (IRS), Srinivasan.
Where Are You From? Confusing Location Distinction Using Virtual Multipath Camouflage Song Fang, Yao Liu Wenbo Shen, Haojin Zhu 1.
D EFENSE A GAINST S PECTRUM S ENSING D ATA F ALSIFICATION A TTACKS I N C OGNITIVE R ADIO N ETWORKS Li Xiao Department of Computer Science & Engineering.
Security in Wireless Sensor Networks Perrig, Stankovic, Wagner Jason Buckingham CSCI 7143: Secure Sensor Networks August 31, 2004.
Wireless Sensor Network Security Anuj Nagar CS 590.
Multiantenna-Assisted Spectrum Sensing for Cognitive Radio
COGNITIVE RADIO FOR NEXT-GENERATION WIRELESS NETWORKS: AN APPROACH TO OPPORTUNISTIC CHANNEL SELECTION IN IEEE BASED WIRELESS MESH Dusit Niyato,
MAXIMIZING SPECTRUM UTILIZATION OF COGNITIVE RADIO NETWORKS USING CHANNEL ALLOCATION AND POWER CONTROL Anh Tuan Hoang and Ying-Chang Liang Vehicular Technology.
UNIVERSITY OF PATRAS Department of Electrical & Computer Engineering Wireless Telecommunications Laboratory M. Tsagkaropoulos “Securing.
Cognitive Radio Networks
A Survey of Spectrum Sensing Algorithm for Cognitive Radio Applications YaGun Wu netlab.
Tarun Bansal, Bo Chen and Prasun Sinha
Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols ► Acts as denial of service by disrupting the flow of data between a source and.
Cognitive Radio: Next Generation Communication System
CHANNEL AWARE MEDIUM ACCESS CONTROL IN COGNITIVE RADIO NETWORKS
Distributed-Queue Access for Wireless Ad Hoc Networks Authors: V. Baiamonte, C. Casetti, C.-F. Chiasserini Dipartimento di Elettronica, Politecnico di.
A discussion on channel sensing techniques By James Xu.
Phd Proposal Investigation of Primary User Emulation Attack in Cognitive Radio Networks Chao Chen Department of Electrical & Computer Engineering Stevens.
SPECTRUM SHARING IN COGNITIVE RADIO NETWORK
Channel Allocation (MAC)
PERFORMANCE ANALYSIS OF SPECTRUM SENSING USING COGNITIVE RADIO
Cognitive Radio Networks
An overview of the IEEE Standard
Spectrum Sharing in Cognitive Radio Networks
Security in SDR & cognitive radio
Presentation transcript:

Cognitive Radio Network Security Chapter 15 Cognitive Radio Network Security

Outline A taxonomy of CR security threats Primary user emulation attacks Byzantine failures in distributed spectrum sensing Security vulnerabilities in IEEE 802.22

Introduction Successful deployment of CR networks and the realization of their benefits will depend on the placement of essential security mechanisms Emergence of the opportunistic spectrum sharing (OSS) paradigm and cognitive radio technology raises new security implications that have not been studied previously Researchers have only recently started to examine the security issues specific to CR devices and networks

Some Recent Publications on CR Security R. Chen, J. Park, & J. Reed, “Defense against primary user emulation attacks in cognitive radio networks,” IEEE Journal on Selected Areas in Communications, vol. 26, no. 1, Jan. 2008. R. Chen, J. Park, T. Hou, & J. Reed, “Toward secure distributed spectrum sensing in cognitive radio networks,” IEEE Comm. Magazine, vol. 46, no. 4, 2008. S. Xiao, J. Park, and Y. Ye, “Tamper Resistance for Software Defined Radio Software,” IEEE Computer Software and Applications Conference, July 2009. K. Bian and J. Park, “Security Vulnerabilities in IEEE 802.22,” Fourth International Wireless Internet Conference, Nov. 2008.

Some Recent Publications on CR Security T. Clancy, N. Goergen, “Security in Cognitive Radio Networks: Threats and Mitigation,” Int’l Conference on Cognitive Radio Oriented Wireless Networks and Communications, May 2008. T.B. Brown and A. Sethi, “Potential cognitive radio denial-of-service vulnerabilities and protection countermeasures: a multi-dimensional analysis and assessment,” Journal of Mobile Networks and Applications, vol. 13, no. 5, Oct. 2008. A. Brawerman et al., “Towards a fraud-prevention framework for software defined radio mobile devices,” EURASIP Journal on Wireless Comm. and Networking, vol. 2005, no. 3, 2005. L.B. Michael et al., “A framework for secure download for software-defined radio,” IEEE Comm. Magazine, July 2002. P. Flanigan et al., “Dynamic policy enforcement for software defined radio,” 38th Annual Simulation Symposium, 2005.

A Taxonomy of CR Security Threats

The Importance of Distinguishing Primary Users from Secondary Users Spectrum usage scenario for a secondary user Periodically search for spectrum “white spaces” (i.e., fallow bands) to transmit/receive data When a primary user is detected in its spectrum band Immediately vacate that band and switch to a vacant one  “vertical spectrum sharing” When another secondary user is detected in its spectrum band When there are no better spectrum opportunities, it may choose to share the band with the detected secondary user  “horizontal spectrum sharing” CR MAC protocol guarantees fair resource allocation among secondary users

Primary User Emulation Attacks

Existing Technique (1): Using Energy Detection to Conduct Spectrum Sensing Trust model An energy detector measures RF energy or the RSS to determine whether a given channel is idle or not Secondary users can recognize each other’s signals and share a common protocol, and therefore are able to identify each other If an unidentified user is detected, it is considered a primary user

Existing Technique (1): Using Energy Detection to Conduct Spectrum Sensing Problem: If a malicious secondary user transmits a signal that is not recognized by other secondary users, it will be identified as a primary user by the other secondary users Interference to primary users Prevents other secondary users from accessing that band

Existing Technique (2): Matched Filter and Cyclostationary Feature Detection Trust model Matched filter and cyclostationary feature detectors are able to recognize the distinguishing characteristics of primary user signals Secondary users can identify each other’s signals Problem: If a malicious secondary user transmits signals that emulate the characteristics of primary user signals, it will be identified as a primary user by the other secondary users Interference to primary users Prevents other secondary users from accessing that band

Existing Technique (3): Quiet Period for Spectrum Sensing Trust model Define a “quiet period” that all secondary users stop transmission. It is dedicated for spectrum sensing. Any user detected in the quiet period (using energy detector, matched filter or cyclostationary feature detector) is a primary user Problem: If a malicious secondary user transmits signals in the quiet period, it will be identified as a primary user by the other secondary users Interference to primary users Prevents other secondary users from accessing that band

The Disruptive Effects of Primary User Emulation Attacks Selfish PUE attacks Malicious PUE attacks

Transmitter Verification for Spectrum Sensing Transmitter verification for spectrum sensing is composed of three processes: Verification of signal characteristics Measurement of received signal energy level Localization of the signal source

A Flowchart of transmitter verification

Challenges in PST Localization Primary signal transmitter (PST) localization is more challenging than the standard localization problem due to two reasons No modification should be made to primary users to accommodate the DSA of licensed spectrum. This requirement excludes the possibility of using a localization protocol that involves the interaction between a primary user and the localization device(s).  PST localization problem is a non-interactive localization problem When a receiver is localized, one does not need to consider the existence of other receivers. However, the existence of multiple transmitters may add difficulty to transmitter localization

A solution to PST Localization Magnitude of an RSS value typically decreases as the distance between the signal transmitter and the receiver increases If one is able to collect a sufficient number of RSS measurements from a group of receivers spread throughout a large network, the location with the peak RSS value is likely to be the location of a transmitter. Advantage of this technique is twofold, Obviates modification of primary users and Supports localizing multiple transmitters that transmit signals simultaneously

Byzantine failures in distributed spectrum sensing Cause of Byzantine failures in distributed spectrum sensing (DSS) Malfunctioning sensing terminals Spectrum sensing data falsification (SSDF) attacks A malicious secondary user intentionally sends falsified local spectrum sensing reports to the data collector in an attempt to cause the data collector to make incorrect spectrum sensing decisions

SSDF Attacks

Modeling of DSS as a parallel fusion network We can model the DSS problem as a parallel fusion network

Data fusion algorithms for DSS Decision fusion Bayesian detection Neyman-Pearson test Weighted sequential probability ratio test (WSPRT)

The Coexistence Problem in CR Networks Incumbent coexistence Avoid serious interference to incumbent users Ex: spectrum sensing for detecting incumbent signals Ex: dynamic frequency hopping to avoid interfering with detected incumbents Why is self-coexistence important in CR networks? Minimize self interference between neighboring networks Need to satisfy QoS of networks’ admitted service workloads in a DSA environment Ex: 802.22 prescribes inter-cell dynamic resource sharing mechanisms for better self-coexistence CR coexistence mechanisms can be exploited by adversaries Threats to incumbent coexistence mechanisms Threats to self-coexistence mechanisms

Operating Environment of 802.22 Networks Incumbent services: TV broadcast services Part 74 devices (wireless microphones) WRAN Base Station Wireless microphones TV transmitters WRAN Base Station Typical ~33km Max. 100km Wireless microphones : WRAN Base Station : CPE (Consumer Premise Equipment) 23 23

PHY-Layer Support for Coexistence Two-stage spectrum sensing in quiet periods (QPs) Fast sensing stage: a quick and simple detection technique, e.g., energy detection. Fine sensing stage: measurements from fast sensing determine the need and duration of fine sensing stage. Synchronization of overlapping BSs’ QPs 24 24

Cognitive MAC (CMAC) Layer (1) Two types control messages Management messages: intra-cell management Beacons: inter-cell coordination Inter-cell synchronization Frame offset is contained in beacon payload The receiver BS performs frame sliding to synchronize with the transmitter BS. 25 25

Cognitive MAC (CMAC) Layer (2) Inter-BS dynamic resource sharing Needed when QoS of admitted service workload cannot be satisfied 802.22 prescribes non-exclusive & exclusive spectrum sharing On-demand spectrum contention (ODSC) protocol Select a target channel to contend Each BS selects a Channel Contention Number (CCN) from [0,W]. BS with a greater CCN wins the pair-wise contention procedure. BS wins the channel if it wins all pair-wise contention procedures with all co-channel BSs. Inter-cell beacons used to carry out ODSC 26 26

Cognitive MAC (CMAC) Layer (3) Protection of Part 74 devices (wireless microphones) Class A solution A separate beacon device deployed Transmit short wireless microphone beacons (WMB) Use WMBs to notify collocated 802.22 cells about operation of Part 74 devices Class B solution A special type of CPE is deployed Class B CPEs detect Part 74 device operations and notify other 802.22 systems Wireless MIC WRAN Base Station Class B CPE 27 27

Overview of 802.22’s Security Sublayer 802.22 security sublayer provides confidentiality, authentication and integrity services for intra-cell management messages PKM (Privacy Key Management) protocol Encapsulation protocol It fails to protect inter-cell beacons used in coexistence mechanisms CMAC mechanisms protected by 802.22’s security sublayer 28 28

Potential Security Threats DoS attacks Insertion of forged management messages by rogue terminals Prevented by use of mutual authentication and MACs Replay attacks Management messages: Prevented by use of nonces in challenge/response protocols Data packets: Thwarted using AES-CCM & packet numbers Threats against WMBs Class B CPEs possess pre-programmed keys that enable the use of authentication mechanisms to prevent WMB forgery/modification Spurious transmissions in QPs Interfere w/ various coexistence-related control mechanisms Primary user emulation Adversarial radio transmits signals whose characteristics emulate those of incumbent signals 29 29

Security Vulnerabilities in Inter-Cell Coexistence Mechanisms Inter-cell beacons are not protected by 802.22’s security sublayer! Beacon Falsification (BF) attack Two types of BF attacks Tx of false/forged inter-cell beacons to disrupt spectrum contention processes  Network throughput drop interfere with inter-cell synchronization  Undermine the accuracy of spectrum sensing

Disrupting Inter-cell Spectrum Contention Objective of BF attacks Disrupt self-coexistence mechanisms (spectrum contention processes) Attack method Forge inter-cell beacons with arbitrarily large CCN value (e.g., select CCN from [W / z, W ], where z >= 1) Tx beacons that contain large CCN to neighboring BSs Impact of BF attacks Legitimate victim BSs lose the target channels. Drop in network throughput Z = 1 Simulation layout and results 31 31

Interfering with Inter-cell Synchronization Objective of BF attack Undermine efficacy of incumbent coexistence mechanism (spectrum sensing) Attack method Forge inter-cell beacons with spurious Frame Offset Impact of BF attack Victim BS performs frame sliding according to the spurious Frame Offset, which causes asynchrony of QPs. Asynchrony causes self-interference that degrades accuracy of spectrum sensing during QPs. Impact on misdetection probability (for energy detector) An incumbent signal is detected if Y > r (estimated Rx signal power, Y , is greater than threshold r ). Under BF attacks, self-interference in QPs causes the threshold to increase to a larger value, r*. Miss detection probability increases by 32 32

Countermeasures To thwart the forgery of inter-cell beacons, an inter-cell key management scheme is needed Utilize the backhaul infrastructure that connects multiple cells Employ a distributed key management scheme 802.22 backhaul infrastructure

Chapter 15 Summary Emergence of the opportunistic spectrum sharing (OSS) paradigm and cognitive radio technology raises new security implications that have not been studied previously One countermeasure for primary user emulation attacks is transmitter verification; it is composed of 3 processes: Verification of signal characteristics Measurement of received signal energy level Localization of the signal source We can model the distributed spectrum sensing problem as a parallel fusion network to deal with Byzantine failures IEEE 802.22 is vulnerable to attacks because its inter-cell beacons are not protected

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.