1 |
Toward Privacy-Preserving and Secure Dynamic Spectrum AccessDou, Yanzhi 19 January 2018 (has links)
Dynamic spectrum access (DSA) technique has been widely accepted as a crucial solution to mitigate the potential spectrum scarcity problem. Spectrum sharing between the government incumbents and commercial wireless broadband operators/users is one of the key forms of DSA. Two categories of spectrum management methods for shared use between incumbent users (IUs) and secondary users (SUs) have been proposed, i.e., the server-driven method and the sensing-based method. The server-driven method employs a central server to allocate spectrum resources while considering incumbent protection. The central server has access to the detailed IU operating information, and based on some accurate radio propagation model, it is able to allocate spectrum following a particular access enforcement method. Two types of access enforcement methods -- exclusion zone and protection zone -- have been adopted for server-driven DSA systems in the current literature. The sensing-based method is based on recent advances in cognitive radio (CR) technology. A CR can dynamically identify white spaces through various incumbent detection techniques and reconfigure its radio parameters in response to changes of spectrum availability. The focus of this dissertation is to address critical privacy and security issues in the existing DSA systems that may severely hinder the progress of DSA's deployment in the real world.
Firstly, we identify serious threats to users' privacy in existing server-driven DSA designs and propose a privacy-preserving design named P²-SAS to address the issue. P²-SAS realizes the complex spectrum allocation process of protection-zone-based DSA in a privacy-preserving way through Homomorphic Encryption (HE), so that none of the IU or SU operation data would be exposed to any snooping party, including the central server itself.
Secondly, we develop a privacy-preserving design named IP-SAS for the exclusion-zone- based server-driven DSA system. We extend the basic design that only considers semi- honest adversaries to include malicious adversaries in order to defend the more practical and complex attack scenarios that can happen in the real world.
Thirdly, we redesign our privacy-preserving SAS systems entirely to remove the somewhat- trusted third party (TTP) named Key Distributor, which in essence provides a weak proxy re-encryption online service in P²-SAS and IP-SAS. Instead, in this new system, RE-SAS, we leverage a new crypto system that supports both a strong proxy re-encryption notion and MPC to realize privacy-preserving spectrum allocation. The advantages of RE-SAS are that it can prevent single point of vulnerability due to TTP and also increase SAS's service performance dramatically.
Finally, we identify the potentially crucial threat of compromised CR devices to the ambient wireless infrastructures and propose a scalable and accurate zero-day malware detection system called GuardCR to enhance CR network security at the device level. GuardCR leverages a host-based anomaly detection technique driven by machine learning, which makes it autonomous in malicious behavior recognition. We boost the performance of GuardCR in terms of accuracy and efficiency by integrating proper domain knowledge of CR software. / Ph. D. / With the rapid development of wireless technologies in recent years, wireless spectrum which all the wireless communication signals travel over is becoming the bottleneck of the fast growing wireless market. The spectrum scarcity problem is largely due to the current spectrum allocation scheme. Some spectrum bands, like the cellular bands, are overly crowded, while some government-held spectrum bands are used inadequately. By allowing users from the crowded spectrum bands to dynamically access to those less frequently used spectrum bands, the spectrum scarcity problem can be significantly alleviated. However, there are two critical issues that hinder the application of dynamic spectrum access in the real world: privacy and security. For privacy, in order to determine when, where, and how the spectrum can be reused, users need to bear the risk of sharing their sensitive operation data. This is especially frustrating for governmental and military parties whose operation data is highly classified. We solve the privacy problem by designing a privacy-preserving dynamic spectrum access system. The system is based on secure multi-party computation, which keeps users’ input operation data private when performing spectrum allocation computation over those inputs. The system achieves 128-bit industry-level security strength, and it is also computation and memory efficient for real-world deployment. For security, dynamic spectrum access requires radio devices to contain many software components so that the radio devices can be dynamically programmed to access different spectrum bands. However, the software also exposes the radio devices to the risk of malware infection. We develop a malware detection system to capture the anomalous behaviors in radio software executions. By adopting advanced machine learning techniques, our system is even able to detect first-seen malware.
|
Page generated in 0.0827 seconds