ppt - Computer Science and Engineering
Download
Report
Transcript ppt - Computer Science and Engineering
DEFENSE AGAINST SPECTRUM SENSING
DATA FALSIFICATION ATTACKS IN
COGNITIVE RADIO NETWORKS
- Chowdhury Sayeed Hyder, Brendan Grebur and Li Xiao
Li Xiao
Department of Computer Science & Engineering
Michigan State University
Outline
Background
◦ Cognitive Radio Network
◦ The IEEE Standard
SSDF Attacks
Problem Statement
◦ Attack Model
Existing solutions
ARC scheme
Simulation Results
◦ Error rate
◦ True/ false detection rate
Securecomm 2011
2
Background
Figure: Current Spectrum Allocation in US
Figure: Underutilized Spectrum
Ref: Akyildiz, I., W. Lee, M. Vuran, and S. Mohanty, “NeXt Generation/ Dynamic Spectrum Access/
Cognitive Radio Wireless Networks: A Survey”, Computer Networks 2006
Securecomm 2011
3
Background
Current Status
◦ Spectrum Scarcity
◦ Underutilized spectrum
Cognitive radio (CR)
◦ Adapt its transmission and reception parameters
(frequency, modulation rate, power etc.)
Securecomm 2011
4
Background
Cognitive Radio Network
◦ Two types of user
Primary user or licensed user (PU)
Secondary user or opportunistic user (SU)
◦ Requirements
SU cannot affect ongoing transmission of PUs
Must vacant the spectrum if PU arrives
◦ Spectrum Sensing
Securecomm 2011
5
Background
IEEE 802.22 standard
◦ Centralized, single hop, point to multipoint
◦ Collaborative spectrum sensing
Quiet Periods (QP)
Sensing period and frequency
Must vacant at the arrival of PU
False alarm and misdetection rate
◦ Inter cell synchronization
Securecomm 2011
6
Background
Vulnerable against security
threats!!
SU
PU
SU
SU
BS
SU
SU
PU
Figure: 802.22 CRN Architecture
Ref: K. Bian and J. Park, “Security vulnerabilities in IEEE 802.22”, Proceedings of the 4th Annual
International Conference on Wireless Internet WICON '08
Securecomm 2011
7
SSDF Attacks
- Independent Attack
- Collaborative Attack
PU
SU
SU
SU
BS
SU
SU
PU
Figure: 802.22 CRN Architecture
How can BS defend against the SSDF attack ?
Securecomm 2011
8
Problem Statement
Network Model
◦ 802.22
Attack Model
◦ Independent Attack
Attack randomly
◦ Collaborative Attack
Going Against Majority Attack
Subgroup Attack
Our goal is to minimize the error in deciding
about the spectrum availability by BS in
addition to detecting the attackers and reducing
the false detection rate.
Securecomm 2011
9
Problem Statement
Detection probability of an honest user (Pd)
Detection probability of an independent attacker (Pdm )
Detection probability of collaborative attackers (Qdm)
Securecomm 2011
10
Problem Statement
Attackers’ goal
◦ Increase the error rate and disguise their intention.
◦ Collaboration makes it easier.
BS’s goal
◦ Correct decision making.
◦ Identify attackers and minimize the impact of their
collaboration.
Solution
◦ Reduce their strength of collaboration.
◦ Differentiate between honest and dishonest nodes.
Securecomm 2011
11
Existing Solutions
Reputation based [1]
◦ BS fails to take a correct decision for 35% attackers
◦ High misdetection rate
K-nearest neighbor [2]
◦ Works well for independent SSDF attack
◦ Threshold selection is critical
Ref: [1] A. Rawat, P. Anand, C. Hao and P. Varshney, “Collaborative Spectrum Sensing in the
Presence of Byzantine Attacks in Cognitive Radio Networks”, IEEE Transactions on Signal
Processing 2011
[2] H. Li and Z. Han, “Catching Attackers for Collaborative Spectrum Sensing in Cognitive
Radio Systems: An Abnormality Detection Approach”, DySPAN 2010.
Securecomm 2011
12
Adaptive Reputation-based Clustering
(ARC) Scheme
Collection: BS collects node reports
Clustering: k-medoid clustering using PAM
Voting:
Intra-cluster weighted voting
Inter cluster majority voting
Feedback:
Cluster adjustment
Reputation adjustment
Securecomm 2011
13
Adaptive Reputation-based Clustering
(ARC) Scheme
Intra-cluster weighted voting
◦ Further from median, less voting power
Majority cluster voting
◦ Decision of majority clusters becomes
the final decision
Securecomm 2011
14
Adaptive Reputation-based Clustering
(ARC) Scheme
Clusters with poor reputation removed
Number of clusters is adjusted
Reputation of nodes is adjusted based on
◦ cluster's vote
◦ distance from median and
◦ node’s current vote
Securecomm 2011
15
Results
Simulation tool: MATLAB
Simulation Parameters
◦
◦
◦
◦
◦
Number of attackers 10% - 50%
Probability of attack 0.1 – 1.0
Number of runs – 10
Prob. of false alarm 0.1
Prob. of miss detection 0.1
Securecomm 2011
16
Results
Compared to Rawat et al. reputation-based
method (R)
Collaborative and Independent SSDF attacks
◦ Number of attackers
◦ Probability of attack
◦ Probability of detection
Performance metrics
◦ Probability of error (QE)
◦ Attacker Detection Rate (QD)
◦ Attacker Misdetection Rate (QF)
Securecomm 2011
Rawat Reputation
Method:
1) Node majority vote
for N frames.
2) Remove users with M
or more differences.
3) Repeat.
17
Results
Collaborative SSDF Attack
Figure 1: QD , QE , QF vs # of attackers
• Significant improvement in reducing error rate
• Moderate true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
18
Results
Collaborative SSDF Attack
Figure 2: QD , QE , QF vs prob. of attack
• Huge improvement in reducing error rate
• Significant true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
19
Results
Collaborative SSDF Attack
Figure 3: QD , QE , QF vs prob. of detection
• Significant improvement in reducing error rate
• Moderate true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
20
Results
Collaborative SSDF Attack (Subgroup attack)
Figure 4: QD , QE , QF vs # of attackers
• Huge improvement in reducing error rate
• Similar true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
21
Results
Collaborative SSDF (GAMA) Attack
Figure 5: QD , QE , QF vs # of attackers
• Significant improvement in reducing error rate
• Moderate true detection rate
• Significant improvement in reducing false detection rate
Securecomm 2011
22
Results
Independent SSDF Attack
Figure 6: QD , QE , QF vs # of attackers
• Similar error rate
• Moderate true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
23
Results
Independent SSDF Attack
Figure 7: QD , QE , QF vs prob. of attack
• Slight improvement in reducing error rate
• Similar true detection rate
• Significant improvement in reducing false detection rate
Securecomm 2011
24
Results
Independent SSDF Attack
Figure 8: QD , QE , QF vs prob. of detection
• Slight improvement in reducing error rate
• Huge improvement in reducing false detection rate
Securecomm 2011
25
Conclusion & Future Work
Devised robust decision-making algorithm for
CRNs
Displays better performance than current
schemes
ARC can minimize error rate consistently
◦ Low attacker misdetection rates
◦ Does not require any prior knowledge
◦ Applicable to both Independent and Collaborative
attacks
Future Work
◦ Explore a GA method for determining optimal
number of clusters (k values)
◦ Explore different attacking strategies
Securecomm 2011
26
Questions ?