Abstract

The cognitive radio technology enables the dynamic usage of the spectrum by unlicensed users without interfering with licensed/ primary users through sensing for periods of time that the spectrum is idle. The dynamic usage of the spectrum by unlicensed or secondary users creates several vulnerabilities such as the primary user emulation (PUE) attacks on the spectrum sensing process.

In this attack, the adversary mimics the primary user (PU) behavior to gain unfair advantage in utilizing idle frequency bands. In this dissertation, we describe a new scheme of authenticating the PU signals to mitigate PUE attacks. We propose a PU authentication system based on the deployment of helper nodes, fixed within the geographical area of the cognitive radio network. Unlike existing systems which use link signatures in the authentication process, our system makes use of code-based public-key cryptography (PKC). The helper nodes authenticate the PU using the transmission sequence.

Spectrum authentication for a genuine idle channel is performed by the secondary user (SU) using the occupancy vector of the helper nodes. The code-based PKC is implemented using a novel modified McEliece PKC derived from convolutional codes. This work is an application of  the new variant of the McEliece cryptosystem in cognitive radio networks.

Cryptanalysis is performed using  structural and decoding attacks to demonstrate the difficulties in breaking the new security scheme in the cognitive radio network. In addition, the cryptanalysis shows that, very high security levels could be obtained using small keysizes hence throughput is not compromised.

CHAPTER ONE

INTRODUCTION

1.1 Background  of the study

A Cognitive Radio Network (CRN) can be defined as a network of CRs where all cognitive functions are performed in order to improve the end-to-end performance of the whole system.

A CRN consists of a Primary Network which is an existing network infrastructure operating with license in a given spectrum band, such as current cellular or TV broadcast networks and offering its services to incumbents or Primary Users. In this context, a CRN is allowed to operate in both licensed and unlicensed bands.

When using the licensed band, the CRN may coexist with existing primary networks, and thus it is seen as a Secondary Network, where secondary users are allowed to use the spectrum in an opportunistic manner. Therefore, a CRN must perform spectrum sensing in order to identify the portions of spectrum left unused by primary networks and, among those available, select the channel with best conditions. During its operation in a given channel, a CRN must keep on performing spectrum sensing and, whenever a primary transmission is detected in the current band of operation, it must immediately vacate the channel and switch to another one, a process known as spectrum handoff.

As any other type of wireless network, CRNs make use of an open communications medium which can be easily accessed by malicious users. Therefore, security becomes an indispensable element to ensure the desired level of network performance. As a general rule, CRNs should guarantee basic security services such as data confidentiality and privacy, integrity, availability, authentication and authorization by means of cryptographic primitives. However, CR technology offers new capabilities leading to new security holes that cannot be properly addressed by such countermeasures.

Security attacks could be implemented against the CRN functionalities by providing wrong information on the radio environment or by disrupting the cognitive mechanisms. For example, an attacker altering the medium could lead to erroneous decisions regarding the availability or the quality of a given channel, and therefore to an incorrect management of the spectrum.

On the other hand, the learning algorithms used by the cognitive engines embedded in CRs could be disordered either by feeding them with false data, or by illegally manipulating of the software.

Special consideration should be also devoted to those mechanisms used in cooperative CRNs. Generally, such approaches are built on the basis that nodes are honest and altruistic, making CRNs vulnerable to security threats such as selfish or malicious behaviors. A selfish node which do not cooperate to its own benefit or compromised nodes which report false data could degrade the performance of the network with regard to spectrum utilization. Besides, an attacker could completely disrupt the CRN operation by preventing CRs from communicating.

In this work the attack we are mitigating, is the PUE attacks. Protecting CRNs from PUE attacks is indispensable and requires devising robust techniques for verifying the authenticity of primary signals, such as TV broadcast systems or wireless microphones. The simplest way to achieve it would be to embed a signature in an incumbent signal or to use an authentication protocol between primary and secondary users.

However, these approaches do not conform to the requirement established by the FCC [15], which states that no modification to the incumbent system should be required to accommodate opportunistic use of the spectrum by secondary users.

Being aware of the vulnerable nature of CRNs, the purpose of this work is to contribute to the enhancement of the security of such networks by circumventing the primary user emulation attack.

1.2 Problem Statement

In cognitive radio networks there will poor spectrum utilization if the primary user is not clearly authenticated. This originates from the fact that, the attacker who purports to be the primary user will not adequately use the spectrum compared to when the authentic primary user is occupying the frequency band. Hence, there is a need to clearly authenticate the primary user.

In this dissertation, we address the problem of authenticating the PU signals in order to mitigate PUE attacks. We propose a PU authentication system based on the deployment of helper nodes, fixed within the geographical area of the cognitive radio network. Our system relies on a combination of physical-layer signatures (link-signatures) and cryptographic mechanisms to reliably sense PU activity and relay information to the cognitive radio network.

There are two users in this network, which are the Primary user and the Secondary user. The primary user owns the band so they are the proprietors of the licensed band. The secondary users have to wait when the primary users are not using for them to have access to the licensed band. The secondary users usually check for the availability of the licensed bands by operating spectrum sensing, this is done so as to avoid traffic, congestion in the network. Unlicensed users are allowed to opportunistically use the unused spectrum band [1] when the channel is idle. There is more than one secondary user that will want to have access to a licensed band each period of time.

Since we are dealing with a wireless network, we have to be aware of illegitimate  user/ users that might want to have access to the band in order to disrupt operations in the network. One of the disruptions could be PU refusing access to the spectrum band resulting to the PUE (Primary User Emulation) attack. There is need to authenticate the PU to enable the identification of any fake PU trying to illegitimately occupy a band. Existing methods using link signatures affects performance of the network with additional overheads. There is need to develop new techniques which are code-based. Such techniques like the one presented in this research will enhance both security and throughput since small key sizes are used in the implementation.

1.3 Research Questions

1. How are the helper nodes deployed to effectively address the spectrum occupancy?
2. How can a PU be authenticated based on the information from the helper node?
3. What is the key size to ensure high security without compromising throughput?

Check out: Electrical Engineering Project Topics with Materials