The design of a defence mechanism to mitigate the spectrum sensing data falsification attack in cognitive radio ad hoc networks

Ngomane, Issah

January 2018

Thesis ( M.Sc. ( Computer Science)) -- University of Limpopo, 2018 / Dynamic spectrum access enabled by cognitive radio networks is envisioned to address the problems of the ever-increasing wireless technology. This innovative technology increases spectrum utility by allowing unlicensed devices to utilise the unused spectrum band of licenced devices opportunistically. The unlicensed devices referred to as secondary users (SUs) constantly sense the spectrum band to avoid interfering with the transmission of the licenced devices known as primary users (PUs).Due to some environmental challenges that can interfere with effective spectrum sensing, the SUs have to cooperate in sensing the spectrum band. However, cooperative spectrum sensing is susceptible to the spectrum sensing data falsification (SSDF) attack where selfish radios falsify the spectrum reports. Hence, there is a need to design a defence scheme that will defend the SSDF attack and guaranty correct final transmission decision. In this study, we proposed the integration of the reputation based system and the qout-of-m rule scheme to defend against the SSDF attack. The reputation-based system was used to determine the trustworthiness of the SUs. The q-out-of-m rule scheme where m sensing reports were selected from the ones with good reputation and q was the final decision, which was used to isolate the entire malicious nodes and make the correct final transmission decision. The proposed scheme was implemented in a Cognitive Radio Ad Hoc Network (CRAHN) where the services of a data fusion centre (FC) were not required. The SUs conducted their own data fusion and made their own final transmission decision based on their sensing reports and the sensing reports of their neighbouring nodes. Matlab was used to implement and simulate the proposed scheme. We compared our proposed scheme with the multifusion based distributed spectrum sensing and density based system schemes. Metrics used were the success probability, missed detection probability and false alarm probability. The proposed scheme performed better compared to the other schemes in all the metrics. / CSIR, NRF and, University of Limpopo research office

Defence Mechanism

Mitigate

Cognitive radio

Ad hoc networks

Computer science.

Computer networks.

Enhancing Attack Resilience in Cognitive Radio Networks

Chen, Ruiliang

07 March 2008

The tremendous success of various wireless applications operating in unlicensed bands has resulted in the overcrowding of those bands. Cognitive radio (CR) is a new technology that enables an unlicensed user to coexist with incumbent users in licensed spectrum bands without inducing interference to incumbent communications. This technology can significantly alleviate the spectrum shortage problem and improve the efficiency of spectrum utilization. Networks consisting of CR nodes (i.e., CR networks)---often called dynamic spectrum access networks or NeXt Generation (XG) communication networks---are envisioned to provide high bandwidth to mobile users via heterogeneous wireless architectures and dynamic spectrum access techniques. In recent years, the operational aspects of CR networks have attracted great research interest. However, research on the security aspects of CR networks has been very limited. In this thesis, we discuss security issues that pose a serious threat to CR networks. Specifically, we focus on three potential attacks that can be launched at the physical or MAC layer of a CR network: primary user emulation (PUE) attack, spectrum sensing data falsification (SSDF) attack, and control channel jamming (CCJ) attack. These attacks can wreak havoc to the normal operation of CR networks. After identifying and analyzing the attacks, we discuss countermeasures. For PUE attacks, we propose a transmitter verification scheme for attack detection. The scheme utilizes the location information of transmitters together with their signal characteristics to verify licensed users and detect PUE attackers. For both SSDF attacks and CCJ attacks, we seek countermeasures for attack mitigation. In particular, we propose Weighted Sequential Probability Ratio Test (WSPRT) as a data fusion technique that is robust against SSDF attacks, and introduce a multiple-rendezvous cognitive MAC (MRCMAC) protocol that is robust against CCJ attacks. Using security analysis and extensive numerical results, we show that the proposed schemes can effectively counter the aforementioned attacks in CR networks. / Ph. D.

Transmitter Verification

Spectrum Sensing Data Falsification

Primary User Emulation

Network Security

Cognitive radio networks

Control Channel Jamming

Formalisation d'un environnement d'analyse des données basé sur la détection d'anomalies pour l'évaluation de risques : Application à la connaissance de la situation maritime / Formalisation of a data analysis environment based on anomaly detection for risk assessment : Application to Maritime Domain Awareness

Iphar, Clément

22 November 2017

Il existe différents systèmes de localisation de navires en mer qui favorisent une aide à la navigation et une sécurisation du trafic maritime. Ces systèmes sont également utilisés en tant qu’outils de surveillance et d’aide à la décision par les centres de surveillance basés à terre. Le Système d’Identification Automatique (AIS) déployé par l’Organisation Maritime Internationale, bien qu’étant le système de localisation de navires le plus utilisé de nos jours, est faiblement sécurisé. Cette vulnérabilité est illustrée par des cas réels et détectés tels que des usurpations d’identité ou des disparitions volontaires de navires qui sont sources de risques pour les navires, les infrastructures offshores et côtières et l’environnement.Nous proposons dans cette thèse une démarche méthodologique d’analyse et d’évaluation des messages AIS fondée sur les dimensions de la qualité de la donnée, dont l’intégrité considérée comme la plus importante de ces dimensions. Du fait de la structure complexe de l’AIS, une liste d'indicateurs a été établie, afin d’évaluer l'intégrité de la donnée, sa conformité avec les spécifications techniques du système et la cohérence des champs des messages entre eux et au sein d’un seul ou plusieurs messages. Notre démarche repose également sur l’usage d’informations additionnelles telles que des données géographiques ou des registres de navires afin d’évaluer la véracité et l’authenticité d’un message AIS et de son expéditeur.Enfin, une évaluation des risques associés est proposée, permettant une meilleurecompréhension de la situation maritime ainsi que l’établissement de liens de causalité entre les vulnérabilités du système et les risques relevant de la sécurité et sûreté de la navigation maritime. / At sea, various systems enable vessels to be aware of their environment and on the coast, those systems, such as radar, provide a picture of the maritime traffic to the coastal states. One of those systems, the Automatic Identification System (AIS) is used for security purposes (anti-collision) and as a tool for on-shore bodies as a control and surveillance and decision-support tool.An assessment of AIS based on data quality dimensions is proposed, in which integrity is highlighted as the most important of data quality dimensions. As the structure of AIS data is complex, a list of integrity items have been established, their purpose being to assess the consistency of the data within the data fields with the technical specifications of the system and the consistency of the data fields within themselves in a message and between the different messages. In addition, the use of additional data (such as fleet registers) provides additional information to assess the truthfulness and the genuineness of an AIS message and its sender.The system is weekly secured and bad quality data have been demonstrated, such as errors in the messages, data falsification or data spoofing, exemplified in concrete cases such as identity theft or vessel voluntary disappearances. In addition to message assessment, a set of threats have been identified, and an assessment of the associated risks is proposed, allowing a better comprehension of the maritime situation and the establishment of links between the vulnerabilities caused by the weaknesses of the system and the maritime risks related to the safety and security of maritime navigation.

Système d'identification automatique

Evaluation de l'intégrité

Risques maritimes

Falsification de données

Système de géolocalisation

Système d’aide à la décision

Automatic Identification System

Integrity assessment

Maritime risks

Data falsification

Geolocation system

Decision support system

005.8