Presentation is loading. Please wait.

Presentation is loading. Please wait.

Suman Bhunia, Shamik Sengupta, Felisa Vazquez-Abad

Published byVilho Nurminen Modified over 5 years ago

Similar presentations

Presentation on theme: "Suman Bhunia, Shamik Sengupta, Felisa Vazquez-Abad"— Presentation transcript:

1 Suman Bhunia, Shamik Sengupta, Felisa Vazquez-Abad
CR-Honeynet: A learning & decoy based Sustenance Mechanism Against Jamming Attack in CRN Suman Bhunia, Shamik Sengupta, Felisa Vazquez-Abad

2 Outline Introduction Motivation Some Related Work Proposed Model
Algorithms Performance Evaluation Conclusion and Future Work

3 Cognitive Radio Network (CRN)
allows secondary user (SU) to use a spectrum when primary user (PU) is absent SUs sense for free channels in sensing period and can transmit on a channel on transmission period. all SUs are synchronous for this cognitive cycle.

4 Aim of the paper The “open” philosophy of the cognitive radio paradigm makes CRN susceptible to Jamming based DoS attacks. Intelligent attacker determines highest impacting communication by observing certain transmission characteristics We propose CR-Honeynet, a honeynet based defense mechanism where the CRN passively learns the strategy of the attacker using stochastic learning, and then place an active decoy namely honeynode to entice the attacker for jamming the honeynode transmission.

5 Outline Introduction Motivation Some Related Work Proposed Model
Algorithms Performance Evaluation Conclusion and Future Work

6 Jamming based DoS attack
wireless medium is vulnerable to jamming based denial of service attack. PU protection mechanism well defined. SUs are left vulnerable Attacker emits jamming signal to create high interference Advancement in SDR and DSA makes it even easier

7 Jamming attack example
PSD of normal data communication PSD of narrow band jamming signal

8 Outline Introduction Motivation Some Related Work Proposed Model
Algorithms Performance Evaluation Conclusion and Future Work

9 Detection of Jamming Noise in wireless medium makes detection of jamming critical. Difficult to correctly detect jamming based on a single system parameter [5]. Solutions: [13] classified spectrum usage anomaly detection data fusion algorithms A cross layer detection mechanism to map jammed region has been proposed in [14]

10 Defense Against Jamming
Channel Surfing Migrate to a channel upon detection of jamming [9] Proactive frequency hopping [15] Spatial Retreat Mobile nodes relocate themselves physically [16] Mapping Jammed Region Multi-hop and intensely populated CRN Avoid jammed links [17] Spread Spectrum low bandwidth data stream uses higher bandwidth channel Honeypot single channel honeypot based channel surfing has been proposed [8] upon detection of attack, the network switches its channel

11 Outline Introduction Motivation Some Related Work Proposed Model
Algorithms Performance Evaluation Conclusion and Future Work

12 Model for attackers We consider three types of attacker
Targets a particular channel. Targets specific SU transmission characteristic(s). Randomly targets channel with active SU transmission. Type I and III causes less harm on a CRN as it does not search for the best communication From CRN’s point of view, targeted transmission characteristic space of an attacker can be obtained by two methods manually by domain experts automatic learning from data obtained over time

13 CRN Assumptions SUs scan for free channels in the sensing period
Central Controller assigns channel to each SU SUs use this channel for data transmission in Transmission period SUs cannot switch its channel during the transmission period Upon being attacked, all data packets transmitted by the SU are lost

14 Difference from Honeypot
Honeypot is a security resource, value lies in being probed, attacked or compromised. used as a camouflaging security tool lure the attacker giving them a false sense of satisfaction retrieve valuable information about the attacker In wireless medium, hard to get attacker’s signature Intelligent Attacker choose target with certain criteria highest transmission power, highest data rate, modulation scheme, packet inter arrival time, quality of route with end-to-end acknowledgments, etc [5], [7]. CR-Honeynet aims to exploit this fact Honeynode acts to lure the attacker by adapting suitable transmission characteristics

15 CR-Honeynet Defense mechanism
Assigns the role of honeynode to a SU at the beginning of each transmission period Honeynode doesn’t transmit its packets, instead, it queues all its incoming packets and transmits garbage data packets Transmission characteristics of Honeynode lure the attacker Some attacks happen on legitimate SUs due to Attacker’s strategy change Error in sensing

16 Channel Allocation by Central Controller

17 Honeynode strategies Attacker type Honeynet strategies
Type-I vulnerable channel will be assigned to the honeynode Type-II actual target property should be learned and used as a lure for the honeynode. Type-III special honeynode strategy that delays all but the honeynode’s transmissions in order to reduce the number of vulnerable channels to 1

18 Benefits of Honeynet Attractiveness of Honeynet (ξ):
The probability that the honeynode transmission is attacked, conditional on observing a jamming attack. Honeynode allocation results in more delay as well as packet drop With probability (1- ξ), legitimate SUs are attacked The threshold, lowest attractiveness of the honeynet (ξ ∗ ) is the value where the net gain is zero Compromise Delay and Packet loss

19 Stochastic Model Let p1 denote the probability of attacking the communication with the target characteristics Let d be the target transmission characteristics space We define Let α ∈ (0, 1) be a confidence level for statistical significance. Lower the value of α, higher the confidence level.

20 Learning Attacker’s type
During the learning phase, the d different lures for type-II attacks are assigned to d different communications among the available ones with uniform probability and counts number of attacks on them. The number of tests (n0) to check for type I is thus typically very small. For example, if α = 0.001, d = 2 then n0 = 7, for α = and d = 6, n0 = 4. If all attack happens on one channel then the attacker is of type-I.

21 Learning Attacker’s strategy for Type-II
Let α ∈ (0, 1) be a confidence level for statistical signifi cance. Then under the base model we can calculate the sample size required to ensure a probability of correct selection of at least 1 − α: N* (θ∗ , d) denotes the number of slots required to observe before deciding type-II attacker strategies With d = 4 and ξ∗ = 0.6, the probability of correct selection after N* = 15 samples is

22 Learning target transmission characteristics
After observing for N* (θ∗,d) slots, we declare having learned that the strategy is of type II and we identify the lure if From this time onwards, we use the honeynode with that lure and start the monitoring phase. If the equation does not hold, attacker is of type-III use the special honeynode allocation delay all other SUs

23 Regime change detection: monitoring phase
After learning period, honeynode is deplyed and honeynet keeps monitoring the attack counts If type-I attacker, then honeynet restarts learning phase upon detection of attack on a different channel If type-II attacker, honeynet uses sliding window averages to test for regime changes. Given a window of size w, let ξ ̃w(k) be the estimate of p1 for k time slots. L(k) is calculated as As soon as ξ ̃w(k)< L(k), the honeynet declares a change of regime and restarts the learning phase

24 Outline Introduction Motivation Some Related Work Proposed Model
Algorithms Performance Evaluation Conclusion and Future Work

25 Algorithm for Honeynet

26 Algorithm for Attacker

27 Outline Introduction Motivation Some Related Work Proposed Model
Algorithms Performance Evaluation Conclusion and Future Work

28 Simulator Coded tick based simulator 20 SUs and 1 attacker
The CR-Honeynet dedicates 1 SU as honeynode in each slot. All SUs generate packets in accordance with Poisson process Packet transmission time: uniform distribution of ms. Sensing Period: 50 ms, Transmission Period: 950 ms Attacker has target transmission characteristics (d) space as 4 attractiveness threshold (ξ ∗ ) is considered as 0.6. Type-I learning horizon (n0) is calculated as 5 Type-II learning horizon (N*) is calculated as15 Simulation time : 5,000,000 ms Warm-up time: 100,000 ms

29 Example of Learning attacker with type II strategy is aiming for lure 2 Lure 2 is actually attacked with a probability 0.8. The actual attacks on the various lures are shown on the upper subplot. The middle subplot depicts Pˆ for the different lures The third subplot provides CI =

30 Honeynet Learning phase corresponding to attacker’s strategy change from I to II and then to III
Yellow, green and red colors indicate type-I, type-II and type-III attacking strategies respectively. 4 types of lure Middle subplots give honeynet’s observation of pˆ honeynet learns the change of strategy of attacker dynamically within 2 time slots

31 Honeynet Learning phase corresponding to attacker of type II and attacker is changing its target
Attacker targeted SU transmission characteristics dynamically. For the first phase, attacker aims characteristics 1and then 2 and then 3. honeynet detect attack strategy change after 3 iteration in the first case and after 2 iterations in the second one.

32 Regime change detection delay for type II attacker
attacker of type-II strategy is attacking a particular lure with probability ζ the simulation is run for 100,000 slots attacker is changing its targeted transmission characteristics randomly with mean interval of 100 steps. window size w = 5 provide optimal result

33 Overall system performance
Event Driven Simulation 20 SUs with ξ = 0.8. for all values of λ, with CR-Honeynet the average packet dropping probability is 0.01, Without honeynet results packet dropping probability of Better packet delivery ratio is achieved at the cost of higher packet delay.

34 Outline Introduction Motivation Some Related Work Proposed Model
Algorithms Performance Evaluation Conclusion and Future Work

35 Conclusion and Future Work
Propose CR-Honeynet, a CRN sustenance mechanism to avoid jamming based DoS attack in CRN. intelligent attacker aims for certain transmission characteristics CR-honeynet confidently learns attacker’s strategy and dynamically evolve with attacker’s strategy change Efficiently lures the attacker towards attacking the active decoy Future Work Use active lures during learning phase Multiple attacker Attacker targeting combination of transmission characteristics

36 Acknowledgement This research was supported by NSF CAREER grant CNS #

37 Thank You!

Download ppt "Suman Bhunia, Shamik Sengupta, Felisa Vazquez-Abad"

Similar presentations

Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 12 Cross-Layer.

Cognitive Radio Communications and Networks: Principles and Practice By A. M. Wyglinski, M. Nekovee, Y. T. Hou (Elsevier, December 2009) 1 Chapter 12 Cross-Layer.
Mobility Increase the Capacity of Ad-hoc Wireless Network Matthias Gossglauser / David Tse Infocom 2001.

Mobility Increase the Capacity of Ad-hoc Wireless Network Matthias Gossglauser / David Tse Infocom 2001.
VSMC MIMO: A Spectral Efficient Scheme for Cooperative Relay in Cognitive Radio Networks 1.

VSMC MIMO: A Spectral Efficient Scheme for Cooperative Relay in Cognitive Radio Networks 1.
Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.

Optimal Jamming Attacks and Network Defense Policies in Wireless Sensor Networks Mingyan Li, Iordanis Koutsopoulos, Radha Poovendran (InfoComm ’07) Presented.
D EFENSE A GAINST S PECTRUM S ENSING D ATA F ALSIFICATION A TTACKS I N C OGNITIVE R ADIO N ETWORKS Li Xiao Department of Computer Science & Engineering.

D EFENSE A GAINST S PECTRUM S ENSING D ATA F ALSIFICATION A TTACKS I N C OGNITIVE R ADIO N ETWORKS Li Xiao Department of Computer Science & Engineering.
DBLA: D ISTRIBUTED B LOCK L EARNING A LGORITHM F OR C HANNEL S ELECTION I N C OGNITIVE R ADIO N ETWORKS Chowdhury Sayeed Hyder Department of Computer Science.

DBLA: D ISTRIBUTED B LOCK L EARNING A LGORITHM F OR C HANNEL S ELECTION I N C OGNITIVE R ADIO N ETWORKS Chowdhury Sayeed Hyder Department of Computer Science.
MULTI-BAND CSMA/CA- BASED COGNITIVE RADIO NETWORKS Jo Woon Chong, Youngchul Sung, and Dan Keun Sung School of EECS KAIST IWCMC 2009 1.

MULTI-BAND CSMA/CA- BASED COGNITIVE RADIO NETWORKS Jo Woon Chong, Youngchul Sung, and Dan Keun Sung School of EECS KAIST IWCMC
802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.

802.11b Vulnerabilities, Ad-Hoc Mode, RF Jamming and Receiver Design Ritesh H Shukla Graduate Student ECE Dept Under the Guidance of Prof. William R Michalson.
The Feasibility of Launching and Detecting Jamming Attacks in Wireless Networks Authors: Wenyuan XU, Wade Trappe, Yanyong Zhang and Timothy Wood Wireless.

The Feasibility of Launching and Detecting Jamming Attacks in Wireless Networks Authors: Wenyuan XU, Wade Trappe, Yanyong Zhang and Timothy Wood Wireless.
Cooperative spectrum sensing in cognitive radio Aminmohammad Roozgard.

Cooperative spectrum sensing in cognitive radio Aminmohammad Roozgard.
COGNITIVE RADIO FOR NEXT-GENERATION WIRELESS NETWORKS: AN APPROACH TO OPPORTUNISTIC CHANNEL SELECTION IN IEEE 802.11-BASED WIRELESS MESH Dusit Niyato,

COGNITIVE RADIO FOR NEXT-GENERATION WIRELESS NETWORKS: AN APPROACH TO OPPORTUNISTIC CHANNEL SELECTION IN IEEE BASED WIRELESS MESH Dusit Niyato,
MAXIMIZING SPECTRUM UTILIZATION OF COGNITIVE RADIO NETWORKS USING CHANNEL ALLOCATION AND POWER CONTROL Anh Tuan Hoang and Ying-Chang Liang Vehicular Technology.

MAXIMIZING SPECTRUM UTILIZATION OF COGNITIVE RADIO NETWORKS USING CHANNEL ALLOCATION AND POWER CONTROL Anh Tuan Hoang and Ying-Chang Liang Vehicular Technology.
International Technology Alliance In Network & Information Sciences International Technology Alliance In Network & Information Sciences 1 Cooperative Wireless.

International Technology Alliance In Network & Information Sciences International Technology Alliance In Network & Information Sciences 1 Cooperative Wireless.
1 Real-Time Traffic over the IEEE 802.11 Medium Access Control Layer Tian He J. Sobrinho and A. krishnakumar.

1 Real-Time Traffic over the IEEE Medium Access Control Layer Tian He J. Sobrinho and A. krishnakumar.
An algorithm for dynamic spectrum allocation in shadowing environment and with communication constraints Konstantinos Koufos Helsinki University of Technology.

An algorithm for dynamic spectrum allocation in shadowing environment and with communication constraints Konstantinos Koufos Helsinki University of Technology.
POWER CONTROL IN COGNITIVE RADIO SYSTEMS BASED ON SPECTRUM SENSING SIDE INFORMATION Karama Hamdi, Wei Zhang, and Khaled Ben Letaief The Hong Kong University.

POWER CONTROL IN COGNITIVE RADIO SYSTEMS BASED ON SPECTRUM SENSING SIDE INFORMATION Karama Hamdi, Wei Zhang, and Khaled Ben Letaief The Hong Kong University.
Utility Based Scheduling in Cognitive Radio Networks Term Project CmpE-300 Analysis of Algorithms Spring 2009 Computer Engineering, Boğaziçi University,

Utility Based Scheduling in Cognitive Radio Networks Term Project CmpE-300 Analysis of Algorithms Spring 2009 Computer Engineering, Boğaziçi University,
RELIABLE MULTIMEDIA TRANSMISSION OVER COGNITIVE RADIO NETWORKS USING FOUNTAIN CODES Proceedings of the IEEE | Vol. 96, No. 1, January 2008 Harikeshwar.

RELIABLE MULTIMEDIA TRANSMISSION OVER COGNITIVE RADIO NETWORKS USING FOUNTAIN CODES Proceedings of the IEEE | Vol. 96, No. 1, January 2008 Harikeshwar.
Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,

Denial of Service (DoS) Attacks in Green Mobile Ad–hoc Networks Ashok M.Kanthe*, Dina Simunic**and Marijan Djurek*** MIPRO 2012, May 21-25,2012, Opatija,
1 11 Subcarrier Allocation and Bit Loading Algorithms for OFDMA-Based Wireless Networks Gautam Kulkarni, Sachin Adlakha, Mani Srivastava UCLA IEEE Transactions.

1 11 Subcarrier Allocation and Bit Loading Algorithms for OFDMA-Based Wireless Networks Gautam Kulkarni, Sachin Adlakha, Mani Srivastava UCLA IEEE Transactions.

Similar presentations

Ads by Google