1. Field of the Invention
The present invention relates generally to cognitive radio networks and, more particularly, to a method for defense against primary user emulation attacks in cognitive radio networks using advanced encryption.
2. Description of the Related Art
Along with the ever-increasing demand in high-speed wireless communications, spectrum scarcity has become a serious challenge to the emerging wireless technologies. In licensed networks, the primary users operate in their allocated licensed bands. It is observed that the licensed bands are generally underutilized and their occupation fluctuates temporally and geographically in the range of 15%-85%. Cognitive radio (CR) networks provide a promising solution to the spectrum scarcity and underutilization problems.
CR networks are based on dynamic spectrum access (DSA), where the unlicensed users (also known as the secondary users) are allowed to share the spectrum with the primary users under the condition that the secondary users do not interfere with the primary user's traffic. The CR networks identify the unused bands (white spaces) through “spectrum sensing”, then utilize the idle bands for data transmissions. The spectrum sensing function is continuously performed. If a secondary user detected a primary user signal in the band that it operates in, then it must evacuate the band and operate in another white space.
The CR networks have become vulnerable to malicious attacks that could disrupt their operation. A well-known malicious attack is the primary user emulation attack (PUEA). In a PUEA, the malicious users mimic the primary user signal over the idle frequency band(s) such that the authorized secondary users cannot use the corresponding white space(s). This leads to low spectrum utilization and inefficient cognitive network operation.
PUEA have attracted considerable research attention. An analytical model for the probability of a successful PUEA based on the energy detection has been proposed, where the received signal power is modeled as a log-normally distributed random variable. In this method, a lower bound on the probability of a successful PUEA was obtained using Markov inequality. Several methods have been proposed to detect and defend against a PUEA. A transmitter verification scheme (localization-based defense) was proposed to detect a PUEA. A similar approach based on the received signal strength (RSS) was proposed to defend against a PUEA. A Wald's sequential probability ratio test is used to detect a PUEA based on the received signal power.
In most existing methods, the detection of a PUEA is mainly based on the power level and/or direction of arrival (DOA) of the received signal. The basic idea is that: given the locations of the primary TV stations, the secondary user can distinguish the actual primary user's signal from the malicious user's signal by comparing the power level and DOA of the received signal with that of the authorized primary user's signal.
A major limitation with such state-of-the-art methods described above is that they would fail when a malicious user is at a location where it has the same DOA and comparable received power level as that of the actual primary transmitter. Therefore, there is a need in the art for a new method for defense against primary user emulation attacks in cognitive radio networks.
Accordingly, the present invention is a method for defense against primary user emulation attacks in cognitive radio networks including the steps of generating an advanced encryption standard (AES)-encrypted reference signal with a transmitter for transmitting to at least one receiver. The method also includes the steps of allowing a shared secret between the transmitter and the at least one receiver and regenerating the reference signal at the at least one receiver and using the regenerated reference signal to achieve accurate identification of authorized primary users as well as malicious users.
One advantage of the present invention is that a new method is provided for defense against primary user emulation attacks in cognitive radio networks using advanced encryption. Another advantage of the present invention is that the method can be applied to today's digital TV (DTV) system, including both the first generation and second generation DTV system, as a defense against PUEAs with no change in hardware or system structure except of a plug-in AES chip, which has been commercialized and widely available. Yet another advantage of the present invention is that the method can detect the primary user, as well as the malicious user, with high accuracy under primary user emulation attacks. Still another advantage of the present invention is that the method combats primary user emulation attacks, enables robust system operation, and efficient spectrum sharing. A further advantage of the present invention is that the method can resolve the limitations associated with the location-dependent detection methods.
Other features and advantages of the present invention will be readily appreciated, as the same becomes better understood, after reading the subsequent description taken in conjunction with the accompanying drawings.
a) and 6(b) are diagrammatic views of a false alarm rate Pf and miss detection probability Pm for primary user detection, respectively, of the method, according to the present invention, for defense against primary user emulation attacks in cognitive radio networks.
a) and 7(b) are diagrammatic views of an overall false alarm rate and overall miss detection probability for malicious user detection, respectively, of the method, according to the present invention, for defense against primary user emulation attacks in cognitive radio networks.
a) and 8(b) is a diagrammatic view of one embodiment of a system for use with a method, according to the present invention, for defense against primary user emulation attacks in cognitive radio networks.
Referring to the drawings and in particular
In Mode (1) of
In Mode (2) of
The receiver 14 of the AES-assisted secondary user or secondary user coordinator includes a correlation detector. The correlation detector evaluates the cross-correlation between a received signal r and a regenerated reference signal s for the primary user detection, and the auto-correlation of the received signal r for the malicious user detection.
In the system 10, an eight-level vestigial sideband (8-VSB) modulation is used for transmitting digital signals after they are partitioned into frames by the transmitter 12. The frame structure of the 8-VSB signal is illustrated in
The system 10 is used for robust and reliable primary and secondary system operations in cognitive radio networks. In the system 10, the primary user generates a pseudo-random (PN) AES-encrypted reference signal that is used as the segment synchronization bits. The synchronization bits in the field synchronization segments remain unchanged for the channel estimation purposes. At the receiving end, the reference signal is regenerated for the detection of the primary user and malicious user. It should be appreciated that synchronization is still guaranteed in the method since the reference bits are also used for synchronization purposes.
In the system 10, the transmitter 12 obtains the reference signal through two steps: first, generating a pseudo-random (PN) sequence, then encrypting the sequence with an AES process provided by the AES-based sync bits generator 16. More specifically, as illustrated in
Once the maximum-length sequence is generated, it is used as an input to an AES process 22, as illustrated in
If the PN sequence is denoted by x, then the output of the AES process 22 is used as the reference signal s, which can be expressed as:
s=E(k,χ) (1)
Here k is the key 24, and E(.,.) denotes the AES encryption operation. The transmitter 12 then places the reference signal s in the synchronization bits of the DTV data segments.
The receiver 14 of the AES-assisted secondary user or secondary user coordinator regenerates the encrypted reference signal by the receiver 14 therein with the secret key and IV 20 that are shared between the transmitter 12 and receiver 14. It should be appreciated that the secret key 24 is available at the receiver 14 and the PN sequence can be regenerated. In the receiver 14, the correlation detector is employed, where for the primary user detection, the receiver 14 evaluates the cross-correlation between the received signal r and the regenerated reference signal s, and for malicious user detection, the receiver 14 further evaluates the auto-correlation of the received signal r. The cross-correlation of two random variables x and y is defined as:
R
xy
=<x,y>=E{xy/} (2)
Under PUEAs, the received signal can be modeled as:
r=αs+βm+n, (3)
where s is the reference signal, m is the malicious signal, n is the noise, and α and β are binary indicators for the presence of the primary user and malicious user, respectively. More specifically, α=0 or 1 means the primary user is absent or present, respectively; and β=0 or 1 means the malicious user is absent or present, respectively.
1. Detection of the Primary User:
To detect the presence of the primary user, the receiver 14 evaluates the cross-correlation between the reference signal s and the received signal r, i.e.,
where σ2s is the primary user's signal power, and s, m, n are assumed to be independent of each other and are of zero mean. Depending on the value of a in equation (4), the receiver 14 decides whether the primary user is present or absent.
Assuming that the signals are ergodic, then the ensemble average can be approximated by the time average. In one embodiment, the time average is used to estimate the cross-correlation. The estimated cross correlation {dot over (R)}rs is given by:
Where N is the reference signal's length, si and ri denote the ith symbol of the reference and received signal, respectively.
To detect the primary user, the receiver 14 compares the cross-correlation between the reference signal s and the received signal r to a predefined threshold λ. This results in two cases:
If the cross-correlation is greater than or equal to λ, that is:
R
rs≧λ, (6)
then the receiver 14 concludes that the primary user is present, i.e., α=1.
If the cross-correlation is less than λ, that is:
{dot over (R)}
rs<λ, (7)
Then the receiver 14 concludes that the primary user is absent, i.e., α=0.
The detection can be modeled as a binary hypothesis test with the following two hypotheses:
H
0: the primary user is absent ({circumflex over (R)}rs<λ)
H
1: the primary user is present ({circumflex over (R)}rs≧λ)
As can be seen from equation (4), the cross-correlation between the reference signal s and the received signal r is equal to 0 or σ2s, in case when the primary user is absent or present, respectively. Following the minimum distance rule, λ=σ2s/2 is the threshold for primary user detection.
2. Detection of the Malicious User:
For malicious user detection, the receiver 14 further evaluates the auto-correlation of the received signal r, i.e.,
where σ2m and σ2n denote the malicious user's signal power and the noise power, respectively. Based on the value of α from equation (4), β can be determined accordingly through equation (8). The following cases result:
Assuming ergodic signals, the time average to estimate the auto-correlation is used as follows:
The detection problem can be modeled using four hypotheses, denoted by Hαβ, where α, βε{0, 1}:
H
00: the MU is absent given that α=0
H
01: the MU is present given that α=0
H
10: the MU is absent given that α=1
H
11: the MU is present given that α=1
In one embodiment, an estimated value of α is denoted as {circumflex over (α)}. The β is estimated after {circumflex over (α)} is obtained. To do this, the receiver 14 compares the auto-correlation of the received signal to two predefined thresholds λ0 and λ1 based on the previously detected {circumflex over (α)}. More specifically, the receiver 14 compares the auto-correlation of the received signal r to λ0 when {circumflex over (α)}=0, and to λ1 when {circumflex over (α)}=1. That is:
The performance of the detection process for the primary user and malicious user is evaluated through “false alarm rates” and the “miss detection probabilities” to be described.
Analytical Evaluation for Primary User Detection
The performance of the system 10 is analyzed for primary user detection, under H0 and H1, through evaluation of the false alarm rate and the miss detection probability.
It is assumed that the detection of the primary user has a false alarm rate Pf and a miss detection probability Pm, respectively. The false alarm rate Pf is the conditional probability that the primary user is considered to be present, when it is actually absent, i.e.
P
f
=Pr(H1|H0) (12)
The miss detection probability Pm is the conditional probability that the primary user is considered to be absent, when it is present, i.e.,
P
m
=Pr(H0|H1) (13)
As can be seen from equation (5), {circumflex over (R)}rz is the averaged summation of N random variables. Since N is large, then based on the central limit theorem, {circumflex over (R)}rs can be modeled as a Gaussian random variable. More specifically, under H0, {circumflex over (R)}rs˜N(μ0, σ02) and under H1, where {circumflex over (R)}rs{circumflex over (˜)}N(μ1, σ12), where μ0, σ0, and μ1, σ1, can be derived as follows.
Under H0, the received signal is represented as ri−βmi+ni, where mi is the ith malicious symbol, and ni˜N(0, σn2). Then, the mean μ0 can be obtained as:
The variance σ20 can be obtained as:
Similarly, under H1, the received signal is represented as ri=si+βmi+ni, and the mean μ1 can be obtained as follows:
and σ21 can be obtained as:
where we assume that {|si|4}={|{tilde over (s)}|4}∀i.
Following equation (12), the false alarm rate Pf can be obtained as:
Similarly, following equation (13), the miss detection probability Pm, can be obtained as:
As will be described, when λ=σ20/2, both Pf and Pm are essentially zero, and independent of the SNR values. The underlying argument is that the detection of the primary user is based on {circumflex over (R)}rs (see equation (4)), which is independent of both σm2 and σn2.
False Alarm Rate and Miss Detection Probability for Malicious User Detection
The false alarm rate and miss detection probability for the detection of malicious user are evaluated. Define {hacek over (P)}j,0 and {hacek over (P)}j,1 as the false alarm rate when {circumflex over (α)}=0 or {circumflex over (α)}=1, respectively,
{tilde over (P)}
f,0
=Pr(Ĥ01|Ĥ00), (20)
{tilde over (P)}
f,1
=Pr(Ĥ11|Ĥ10). (21)
The overall false alarm rate is given by:
{tilde over (P)}
f
={circumflex over (P)}
0
{circumflex over (P)}
f,0+(1−{circumflex over (P)}0){circumflex over (P)}f,1. (22)
where {circumflex over (P)}0 is the probability that α=0, i.e.
{circumflex over (P)}
0=(1−Pf)P(α=0)+PmP(α=1). (23)
As will be described, with the avalanche effect of the AES process 22, the cross-correlation between the reference signal and the received signal is always around σ2s or 0, depending on whether the primary user is present or absent, respectively. That is, Pf and Pm are negligible, as will be described. Therefore, in the following, it is assumed that {circumflex over (α)}=α, and no distinction between Ĥ{circumflex over (α)}β and Hαβ; it follows that {circumflex over (P)}0=P0=P(α=0) Hence, the overall false alarm rate is given by:
{circumflex over (P)}
f
=P
0
{circumflex over (P)}
f,0+(1−P0){circumflex over (P)}f,1. (24)
Similarly, the miss detection probabilities can be defined as {tilde over (P)}m,0 and {tilde over (P)}m,1, when the primary user is absent and present, respectively, i.e.,
{tilde over (P)}
m,0
=Pr(H00|H01). (25)
{tilde over (P)}
m,1
=Pr(H10|H11). (26)
The overall malicious node miss detection probability is defined as:
{tilde over (P)}
m
=P
0
{tilde over (P)}
m,0+(1−P0){tilde over (P)}m,1. (27)
Since {tilde over (R)}rr is the averaged summation of a large number of random variables, then based on the central limit theorem, {tilde over (R)}rr can be modeled as a Gaussian random variable. The following case results:
where μ00, σ00, μ01, σ01, μ10, σ10, and μ11, σ11 can be derived as follows. Under H00, both the primary user and malicious user are absent, resulting in ri=ni. It follows that:
and σ002 can be obtained as:
where it is assumed that {|ni|4}={|
The variance σr012 can be obtained as:
where it is assumed that {|mi|4}={|{tilde over (m)}|4} and {2{(mi)2(ni*)}}={2{({tilde over (m)})2(ñ*)2}}, ∀i, where {χ} means the real part of x.
Under H10, the received signal is expressed as ri=si+ni and the mean μ10 can be obtained as follows:
and |σ102 can be obtained as:
Similarly, under H11, the received signal is represented as ri=si+mi+ni, and the mean μ11 can be obtained as follows:
The variance of σ112 can be obtained as:
From the discussions above, the following case results:
Similarly, the following case results:
The overall false alarm rate {tilde over (P)}c and miss detection probability {tilde over (P)}m can be calculated from equations (24) and (27). That is:
The optimal thresholds λ0,opt and λ1,opt that minimize the overall miss detection probability {tilde over (P)}m subject to a constraint on the false alarm rate will be described.
The Optimal Thresholds for Malicious User Detection
The optimal thresholds λ0,opt an λ1,opt that minimize the overall miss detection probability of the malicious node detection are obtained, while maintaining the false alarm rates below a certain threshold δ. This problem can be formulated as follows:
It is noted that the problem formulation above is equivalent to:
Thus, it is requested:
which implies that:
λ0≧σ00Q−1(δ)+μ00. (47)
and
λ1≧σ10Q−1(δ)+μ10. (48)
It should be appreciated that in order to minimize the overall miss detection probability {tilde over (P)}m, λ0 in equation (47), and λ1 in equation (48) should be as small as possible. Hence, the thresholds are set to:
λ0,opt=σ00Q−1(δ)+μ00, (49)
and
λ1,opt=σ10Q−1(δ)+μ10. (50)
By substituting λ0,opt and λ1,opt in equation (42), the overall miss detection probability is obtained as:
It should be appreciated that for malicious user detection, to minimize the overall miss detection probability {tilde over (P)}m subject to the false alarm rate constraints {tilde over (P)}f,0≦δ and {tilde over (P)}f,1≦δ, which also ensures that {tilde over (P)}f≦δ, λ=0,opt=σ00Q−1(δ)+μ00, and λ1,opt=σ10Q−1(δ)+μ10 are chosen.
Security and Feasibility of the AES-Assisted DTV Method
Security of the AES-Assisted DTV
As it is well known, AES has been proved to be secure under all known attacks, in the sense that it is computationally infeasible to break AES in real time. In the present invention, this means that it is computationally infeasible for malicious users to regenerate the reference signal. Moreover, the AES process 22 has a very important security feature known as the avalanche effect, which means that a small change in the plaintext or the key yields a large change in the ciphertext.
Because of the avalanche effect of the AES process 22, it is impossible to recover the plaintext given the ciphertext. Actually, even if one bit is changed in the plaintext, the ciphertext will be changed by approximately 50%.
To illustrate the security of the AES-assisted DTV based on the avalanche effect, the cross-correlation between the reference signal and malicious signal under different SNR values is obtained, as shown in
These results show that the AES-assisted DTV method of the present invention is secure under PUEAs, as malicious users cannot regenerate the reference signal in real time.
Mitigation of PUEA
The approaches proposed as previously described enable the secondary users to identify the primary signal, as well as malicious nodes. It should be appreciated that due to the large range of DTV channels, the malicious users would not be capable of jamming all DTV white spaces simultaneously. When a primary user emulation attack is detected, the secondary users can adopt different methodologies for effective transmission, such as:
Exploit techniques that are inherently jamming-resistant, such as Code Division Multiple Access (CDMA) and Frequency Hopping (FH) techniques. Both CDMA and FH were initially developed for secure military communications. CDMA is particularly efficient under narrow-band jamming, even if the malicious user hops from band to band. FH based systems are generally robust under wide-band jamming; when the malicious jamming pattern is time-varying, i.e., the malicious user switches between wide-band and narrow-band jamming, the transmitter then needs to be adjusted to combat the cognitive hostile attacks.
Avoid transmission on the white spaces jammed by malicious nodes. For example, consider the case where the benign secondary users are OFDM-based transceivers, then they can shape their transmitted signal through proper precoding design to avoid communication over the jammed subcarriers. For time-varying attacks, the precoder should be adapted accordingly for transmission. This necessitates that jamming detection needs to be performed in real-time, which can generally be achieved by evaluating the time-varying power spectrum of the jamming signal.
Using Energy Harvesting Techniques
PUEA is essentially a jamming interference for the secondary users (SUs). The performance of the SUs can be improved significantly by exploiting PUEA as an extra energy resource using the energy harvesting techniques. That is, each SU can perform information reception and energy harvesting simultaneously. The optimal power splitting ratio can be derived to maximize the sum-rate (i.e. the sum of the downlink data transmission rate and the uplink data transmission rate) for the SUs under PUEA.
Feasibility
It is practical to generate the required sync bits within the frame time duration shown in
The AES process 22 is one of the block ciphers that can be implemented in different operational modes to generate stream data. In one embodiment, high-throughput (3.84 Gbps and higher) AES chips can be used. In one embodiment, an experiment was performed to measure the AES process 22 performance, where several file sizes from 100 KB to 50 MB were encrypted using a laptop with 2.99 GHz CPU and 2 GB RAM. Based on the results of the experiment, when the AES operates in the cipher feedback (CFB) mode, 554 bytes can be encrypted using 256-bit AES process 22 in 77.3 μs. Therefore, 2.99 GHz CPU can generate the required AES reference signal within the frame time duration. It should be appreciated that the TV stations generally have powerful processing units, hence it is not a problem to generate the required secure synchronization bits within the frame duration. With 3.84 Gbps encryption speed, for example, 39 KB can be encrypted in 77.3 μs, which is much more than needed.
Simulations
The effectiveness of the AES-assisted DTV method is demonstrated through simulation examples. First, the impact of the noise level on the optimal thresholds λ0,opt and λ1,opt is illustrated. Then, the false alarm rates and miss detection probabilities for both primary user and malicious user detection is evaluated. In the simulations, it is assumed that si, mi, and ni are i.i.d. sequences, and are of zero mean. It is further assumed that the primary user is absent with probability P0=0.25. The primary user's signal power is assumed to be normalized to σ2s=1. For malicious user detection, the false alarm constraint is set to δ=10−3.
user detection. In this example, the optimal thresholds that minimize the miss detection probabilities under a predefined constraint on the false alarm rates for malicious user detection is demonstrated.
Using λ=σ2s/2, the false alarm rate and miss detection probability numerically is obtained and compared with the theoretical results. The false alarm rate is illustrated in
The probability of miss detection is shown in
In this example, the overall false alarm rate and miss detection probability numerically is obtained and compared with the theoretical results.
The overall miss detection probability {tilde over (P)}m, is illustrated in
From the discussions above, it is concluded that the AES-assisted DTV method of the present invention can achieve very low false alarm rates and miss detection probabilities when detecting the primary user and malicious user. That is, with the AES-assisted DTV method of the present invention, primary user emulation attacks can be effectively combated. It should be appreciated that the theoretical calculations presented are consistent with the numerical simulations.
Feasibility for Second Generation DTV Standard
It should be appreciated that the method of the present invention can be applied directly to the 2nd generation Orthogonal Frequency Division Multiplexing (OFDM) based DTV standard for more efficient spectrum sharing under PUEA. Currently, the most prevalent 2nd generation terrestrial DTV standard is DVB-T2. With the OFDM structure used in DVB-T2, the present invention can accurately detect the presence of the malicious users over each 3-subcarrier sub-band where the P2 pilots present. It should be further appreciated that the present invention can be used to detect PUEA over each single subcarrier if the preamble P2 symbols in the DVB-T2 standard can be adjusted to cover every OFDM subcarrier. The AES encrypted pseudorandom sequence can be used to replace the P2 preamble symbols because their frequency locations are independent of the size of the Fast Fourier Transform (FFT) used, and they have the largest number among all pilot symbols.
Accordingly, a reliable AES-assisted DTV method of the present invention is disclosed for robust primary and secondary system operations under primary user emulation attacks. In the method of the present invention, an AES-encrypted reference signal is generated at the TV transmitter and used as the synchronization bits of the DTV data frames. By allowing a shared secret between the transmitter 12 and the receiver 14, the reference signal can be regenerated at the receiver 14 and be used to achieve accurate identification of authorized primary users. Moreover, when combined with the analysis on the auto-correlation of the received signal, the presence of the malicious user can be detected accurately no matter whether the primary user is present or not. The method of the present invention is practically feasible in the sense that it can effectively combat PUEA with no change in hardware or system structure except of a plug-in AES chip as shown in
The present invention has been described in an illustrative manner. It is to be understood that the terminology, which has been used, is intended to be in the nature of words of description rather than of limitation.
Many modifications and variations of the present invention are possible in light of the above teachings. Therefore, the present invention may be practiced other than as specifically described.
The present invention claims the priority date of co-pending U.S. Provisional Patent Application Ser. No. 61/911,603, filed Dec. 4, 2013.
This invention was made, at least in part, with government support under Contract Nos. CNS 0746811, 1217206, and awarded by the National Science Foundation (NSF). The United States government may have certain rights in this invention.
Number | Date | Country | |
---|---|---|---|
61911603 | Dec 2013 | US |