Design Considerations for a Cognitive Radio Trust and Security Framework

Albena Mihovska1, Ramjee Prasad1, Elias Z. Tragos2, Vangelis Angelakis3 1: Center for TeleInfrastruktur,

Aalborg University, Aalborg, Denmark

{albena, prasad}@es.aau.dk

2: Institute of Computer Science, Foundation for Research and

Technology Hellas (FORTH), Greece. etragos@ics.forth.gr

3: Department of Science and Technology, Linköping University.

Norrköping Sweden. vangelis.angelakis@liu.se

Abstract — In cognitive radio (CR) systems communication is not restricted to pre-assigned channels, but is rather able to opportunistically detect and use appropriate portions of spectrum. Although much research effort has been put into this new technology, the technical focus has been mainly directed towards pushing further the attainable spectral efficiency gains. Taking a step back, our work looks into the critical challenges with respect to reliability, robustness and security, which hinder operators from investing in this new technology. We propose a new conceptual framework for trust and security to be integrated with the performance architecture and protocols for CR networks (CRNs). Our target is increasing trustworthiness from users and operators perspective in support of their successful deployment.

I. INTRODUCTION

The novelty of cognitive radio (CR) is that radio communication systems should not be restricted to pre-assigned channel resources but rather be able to detect opportunistically the available portions of spectrum and act on these transmission opportunities leading to better spectrum utilization [1]. The dynamicity of CRNs makes traditional security and networking functions infeasible. There is a general lack of knowledge on the trustworthiness of CR with respect to its reliability, robustness and security, which hinders operators from investing in this new technology and accepting CR as a secure technology that meets users’ privacy concerns. Trust is another key parameter for enabling the efficient operation of CRNs, due to its role of gluing together the nature of the various heterogeneous wireless networks that form a CRN. Trust describes a set of relationships between entities and is very close to security, as these relationships are established based on previous knowledge, history or a body of assurance evidence and have been used against various attacks [2].

Security-based architectures and protocols are needed to increase the trust in CRNs, in terms of reliable operation, security and robustness, particularly against malicious attacks that exploit vulnerabilities inherent to the CR functionality. Such an effort is critical to allow CRNs to meet the required levels of trustworthiness for CR to be widely adopted by the telecom market. Furthermore, the research related to privacy in CRs is still in its infancy, therefore, a comprehensive understanding of the open-privacy issues in CRNs can provide the design and implementation tools for such networks.

This paper investigates the critical requirements related to trustworthiness of CRNs: what makes CRNs secure and robust to attacks, malicious users and unintentional

misbehavior, in order to ensure reliable operation and maximum performance, the scalability of CRNs and their interoperability with existing and future heterogeneous technologies required for their successful deployment (Section II). The paper proposes key functional entities for building up a trustworthy CRN framework (Section III). Section IV concludes the paper an outlines future work.

II. REQUIREMENTS FOR TRUSTWORTHY, SECURE AND

ROBUST COGNITIVE RADIO NETWORKS

We focus on the critical requirements related to trust, security and reliability that cut across the infrastructural elements, which can directly affect the requirements for quality of service (QoS), security and user mobility.

A. Trust

Spectrum sensing is one of the key mechanisms of CRNs [3,4] allowing Secondary Users (SUs) to detect spectrum holes, (vacancies in frequencies at a given time and place), and use these transmission opportunities in an agile fashion without harming the Primary Users (PUs). In cooperative spectrum sensing, multiple SUs exchange sensing results and fuse them for achieving better decisions regarding the free spectrum portions. Previous works on spectrum sensing for cognitive radio networks included mechanisms for distributed [5], centralized [6] and relay-assisted sensing [7].

In cooperative spectrum sensing malicious users may send false spectrum occupancy information to a Fusion Center (FC) or to other SUs to avoid usage of specific frequencies that they will use, disrupting network operation. This attack is called Spectrum Sensing Data Falsification (SSDF), in which even one malicious user can substantially degrade the performance of cooperative spectrum sensing [8]. To mitigate this attack an efficient reputation mechanism is required, such that the system relies only on information from trusted SUs, isolating any malicious users.

Trust can be integrated in most cognitive functions requiring that two additional blocks are integrated into the general cognitive cycle [1] as shown in Fig.1. Trust is related to cooperative spectrum sensing and to both spectrum analysis and decision for avoiding SSDF attacks. Security is mostly related to spectrum sensing for avoiding Primary User Emulation Attacks (PUEAs) and Denial-of-Service (DoS) attacks and to spectrum decision for mitigating PUEA.

Authentication, Authorization and Accounting (AAA) are key mechanisms for increasing the trustworthiness of CRNs. The emphasis should be given on authorization mechanisms and certificates for a user connecting to the

2012 IEEE 17th International Workshop on Computer Aided Modeling and Design of Communication Links and Networks(CAMAD)

978-1-4673-3125-8/12/$31.00 ©2012 IEEE 156

CRN. Trusted routing plays also a crucial role, since nodes forwarding the packets must indeed be trusted users that will not intercept their data nor degrade the system performance. In [9] several metrics measure the trust level of a node: confidence level of the trust value, trustworthiness, opinion values about other nodes and trust level per session.

Figure 1. Incorporating trust in the cognitive cycle

Overall four main functionalities are important under the frame of the trustworthy CRN concept: (1) trust models for ensuring the selection of optimum spectrum (trusted spectrum sensing), (2) trust models for maintenance of the CRN communication role (spectrum sharing and vision), (3) trust models for the use of the transmission opportunities (routing and trust), and (4) trust models to the CRN access (authentication/authorization security).

B. Security

Security threats in CRNs can be summarized as follows: - spectrum-access related, where threats can be related

to coexistence mechanisms and threats related to self-coexistence mechanisms.

- radio-software related, such as threats to software downloading, IP theft, software tampering, etc. [10]

In PUEA a malicious (or greedy) user emulates the signal of a PU blocking this frequency for the SUs. Most approaches in the literature on PUEA assume the presence of underlying sensor networks for localization of the malicious nodes [11], while [12] proposed an analytical approach via primary user emulation. Sophisticated collaborative spectrum sensing techniques [13] can be used to avoid this type of attacks.

The detection of malicious and greedy user behavior plays a key role, as such users may lead to severe security and privacy risks as well as performance degradation [14]. For example, in a scenario of flexible spectrum use (FSU), several cells coexisting in the same area can share the spectrum by means of an FSU algorithm [15]. The aim of the FSU is then to locate a portion of the spectrum, (not used or less interfered with), so that each cell can use this portion to transmit to its users. A malicious SU can be falsely detected as a PU, forcing a wrong decision execution of the FSU or may cause the interference distribution over the spectrum to vary in time. Therefore, a solution to detect, isolate, and expel the misbehaving users from the CRNs is a

main requirement for FSU. These “internal attackers” may have all the credentials provided by an off-the-shelf security solution, such as the one adopted by the security mechanism of IEEE 802.22 [16]. Consequently, the detection of abnormal secondary user operation requires mechanisms such as pattern analysis and node cooperation [17]. The feedback provided by the CR devices will enhance the efficiency required for such an intrusion Detection System (IDS). In this respect, an integrated intrusion detection and mitigation system will also be of major importance.

Considering that spectrum sensing operations are done primarily at the physical layer, security techniques that leverage the physical layer characteristics require a new systemic evaluation of the robustness of the CRN. Improving sensory input can reduce the exploitability of cognitive radios in a cross-layer fashion. This is shown in Fig.2 adapted from [18]. The cross-layer functions of trust and security are either horizontal residing in a specific layer (i.e. spectrum sensing at the PHY layer, trusted association at the Link layer or AAA at the application layer) or vertical covering more layers (i.e. secure spectrum handover).

Figure 2. Cross-layer trust and security functions in the protocol stack.

The robust cooperation of CRNs with existing and future heterogeneous networks must be ensured, targeting to achieve an efficient inter-working and a smooth co-existence with licensed networks. The interaction of CRNs with heterogeneous radio networks, both in terms of radio and access methodologies, requires secure and robust Radio Resource Management (RRM), not only from the side of the CRN, but also from the side of the existing infrastructure.

III. PROPOSED TRUST-CRN FRAMEWORK ELEMENTS

We propose a TRUST-CRN framework comprising the entities shown in Fig.3. Policies executed by a TrustPolicy Engine target four main areas: (1) security mechanisms, (2) enhancing SUs trustworthiness, (3) spectrum sharing with legacy networks and (4) inter-operator spectrum sharing.

The TrustMetrics Engine analyzes the CRs behaviour according to the notion of trustworthiness between CRs, ensuring the identification and selection of transmission opportunities and participation in routing. Two types of trust must be considered [19]: (1) social trust (extracted from

157

personal relationships or history data), and (2) QoS trust (related to performance issues) to define different metrics to quantify the trust level in each CR, based on hosts behaviors and their impacts on the performances of the CRN. Social trust is a subjective metric based on friendship, honesty, social interactions, social reputation and history, while QoS trust is a more objective metric based on QoS measurements.

Figure 3. Proposed elements of the TRUST-CRN framework

The TrustMetrics Engine implements functionalities for the support of the exchange of trust-related information between the nodes and algorithms to cooperatively assess the reputation and trustworthiness of a CR, building a generic trust model for CRNs that uses past trust metrics and cooperation to predict future behaviors. The TrustMetrics Engine measures the required levels of trust in a multi-layer approach: (i) between users, (ii) between CRN operators, (iii) how much the users trust their operator and (iv) how much the operator trust its users. These measurements will be interfacing with the TrustPolicy Engine to invoke the required action of the Performance Engine to increase the trustworthiness without affecting the system performance.

The Performance Engine implements mechanisms for thwarting CRN-specific attacks addressing the issues of network scalability and multi-hop connectivity. Both, the Networking Engine and the Performance Engine implement functionalities for the collection and intelligent fusion of measurements. The obtained data will be used for detecting sophisticated attacks on the CRN (e.g., cross layer attacks). Interworking with the TrustPolicy Engine will allow for mitigation strategies that will effectively interrelate: (i) the type of the detected attack, (ii) its domain (e.g. band under attack, nodes compromise), and (iii) the appropriate policy to be applied. The Networking and Performance Engines perform the vertically coordinated operations to realize an improved local and global adaptation, and full context awareness, as well as security and robustness from physical to service layer of the CRN.

IV. CONCLUSIONS AND FUTURE WORK

This paper analyzed the critical challenges related to trustworthiness of cognitive radio, and proposed a framework for incorporating trust and security with the overall performance and operational algorithms of CRNs in

order to capture the required level of trust and security. It is, therefore, important for the framework to seek a trade-off between the level of security and the performance of the CRN (i.e. higher security means low performance). Future work will focus on the studies of security and trust metrics for an optimal trade-off.

REFERENCES [1] K.C. Chen and R. Prasad, Cognitive Radio Networks, John Wiley &

Sons 2009, Ltd, Chichester, UK. DOI: 10.1002/9780470742020.

[2] H. Hexmoor, et al., “A Theoretical Inter-organizational Trust-based Security Model,” The Knowledge Engineering Review Vol. 21 :2, 127-161, Cambridge University Press.

[3] T. Yucek and H. Arslan, “A Survey of Spectrum Sensing Algorithms for Cognitive Radio Applications,” In IEEE Communications,Surveys &Tutorials, Vol. 11, No.1, January- March 2009.

[4] F.Adelantado, A. Juan, and Ch.Verikoukis, "Adaptive Sensing User Selection Mechanism in Cognitive Wireless Networks", IEEE Communication Letters, August 2010.

[5] A. Rawat, P. Anand and H. Chen, “Countering byzantine attacks in cognitive radio networks,” in Proc. of ICASSP, 2010, pp. 3098-3101.

[6] H. Li and Z. Han, “Catching attacker(s) for collaborative spectrum sensing in cognitive radio systems: an abnormality detection approach,” in Proceedings of DySPAN, Singapore, April 2010.

[7] E. Candes and M. Wakin, “An introduction to compressive sampling,” in IEEE Processing Magazine, 2008, pp. 21-30.

[8] W. Wang, H. Li, Y. Sun, and Z. Han, “Attack-proof collaborative spectrum sensing in cognitive radio networks,” in Proc. of CISS, 2009, pp. 130–134.

[9] Jin-Hee Cho; Swami, A.; Ing-Ray Chen; , "A Survey on Trust Management for Mobile Ad Hoc Networks," Communications Surveys & Tutorials, IEEE , vol.13, no.4, pp.562-583, 2011.

[10] A. M. Wyglinski, M. Nekovee, and Y. T. Hou, Cognitive Radio Communications and Networks: Principles and Practice, Chapter 15, Elsevier Publishers, December 2009.

[11] R. Chen and J. M. Park, “Ensuring trustworthy spectrum sensing in cognitive radio networks,” Proc., IEEE Workshop on Networking Technologies for Software Defined Radio Networks, 2006.

[12] Z. Jin S. Anand K. and P. Subbalakshmi, “Mitigating Primary User Emulation Attacks in Dynamic Spectrum Access Networks using Hypothesis Testing,” in Mobile Computing and Communications Review, Vol. 13, No 2, February 2009.

[13] A. Fragkiadakis, E. Tragos, I. Askoxylakis, "A Survey on Security Threats and Detection Techniques in Cognitive Radio Networks," Communications Surveys & Tutorials, IEEE , vol.PP, no.99, pp.1-18.

[14] F. Adelantado, and Ch. Verikoukis, "A Non-Parametric Statistical Approach for Malicious Users Detection in Cognitive Wireless Ad-Hoc Networks", IEEE ICC 2011

[15] A. Osseiran, J. F. Monserrat and W. Mohr (Eds), Mobile and Wireless Communications for IMT-Advanced and Beyond, John Wiley &Sons, 2011, ISBN: 978-1-119-99321-6

[16] A., N., Mody, et al., “Security in cognitive radio networks: An example using the commercial IEEE 802.22 standard,” in Proceedings of IEEE MILCOM, Boston,Massachusetts, 2009.

[17] V. Angelakis, et al., “Security and Resilience in Cognitive Radio Networks,” in ERCIM News, Journal of the European Research Consortium for Informatics and Mathematics, Vol. 85, April 2011.

[18] Ian F. Akyildiz, et. al, NeXt generation/dynamic spectrum access/cognitive radio wireless networks: A survey, Computer Networks, Volume 50, Issue 13, 15 September 2006,

[19] Jin-Hee Cho; Swami, A.; Ing-Ray Chen; , "Modeling and Analysis of Trust Management for Cognitive Mission-Driven Group Communication Systems in Mobile Ad Hoc Networks," Computational Science and Engineering, 2009.

Requirements‐user

‐application‐business

ArchitecturesQoS and Security

Mobility

Trust Metrics Engine: measure 

required levels of trust 

Trust Policy Engine:policies for security and trust in CRNs; common language to express policies; policies enabling spectrum sharing between 

operators including spectrum economics and regulatory aspects

‐‐Networking 

Engine: ‐protocols, 

communication interfaces, cross‐layer interactions  

‐

Performance Engine: ‐Trustworthy 

cooperative spectrum sensing and sharing, ‐Trusted routing‐ Trusted user authentication

158