ppt - Computer Science and Engineering

Download Report

Transcript ppt - Computer Science and Engineering 

DEFENSE AGAINST SPECTRUM SENSING
DATA FALSIFICATION ATTACKS IN
COGNITIVE RADIO NETWORKS
- Chowdhury Sayeed Hyder, Brendan Grebur and Li Xiao
Li Xiao
Department of Computer Science & Engineering
Michigan State University
Outline

Background
◦ Cognitive Radio Network
◦ The IEEE Standard


SSDF Attacks
Problem Statement
◦ Attack Model



Existing solutions
ARC scheme
Simulation Results
◦ Error rate
◦ True/ false detection rate
Securecomm 2011
2
Background
Figure: Current Spectrum Allocation in US
Figure: Underutilized Spectrum
Ref: Akyildiz, I., W. Lee, M. Vuran, and S. Mohanty, “NeXt Generation/ Dynamic Spectrum Access/
Cognitive Radio Wireless Networks: A Survey”, Computer Networks 2006
Securecomm 2011
3
Background

Current Status
◦ Spectrum Scarcity
◦ Underutilized spectrum

Cognitive radio (CR)
◦ Adapt its transmission and reception parameters
(frequency, modulation rate, power etc.)
Securecomm 2011
4
Background

Cognitive Radio Network
◦ Two types of user
 Primary user or licensed user (PU)
 Secondary user or opportunistic user (SU)
◦ Requirements
 SU cannot affect ongoing transmission of PUs
 Must vacant the spectrum if PU arrives
◦ Spectrum Sensing
Securecomm 2011
5
Background

IEEE 802.22 standard
◦ Centralized, single hop, point to multipoint
◦ Collaborative spectrum sensing
 Quiet Periods (QP)
 Sensing period and frequency
 Must vacant at the arrival of PU
 False alarm and misdetection rate
◦ Inter cell synchronization
Securecomm 2011
6
Background
Vulnerable against security
threats!!
SU
PU
SU
SU
BS
SU
SU
PU
Figure: 802.22 CRN Architecture
Ref: K. Bian and J. Park, “Security vulnerabilities in IEEE 802.22”, Proceedings of the 4th Annual
International Conference on Wireless Internet WICON '08
Securecomm 2011
7
SSDF Attacks
- Independent Attack
- Collaborative Attack
PU
SU
SU
SU
BS
SU
SU
PU
Figure: 802.22 CRN Architecture
How can BS defend against the SSDF attack ?
Securecomm 2011
8
Problem Statement

Network Model
◦ 802.22

Attack Model
◦ Independent Attack
 Attack randomly
◦ Collaborative Attack
 Going Against Majority Attack
 Subgroup Attack

Our goal is to minimize the error in deciding
about the spectrum availability by BS in
addition to detecting the attackers and reducing
the false detection rate.
Securecomm 2011
9
Problem Statement
Detection probability of an honest user (Pd)
Detection probability of an independent attacker (Pdm )
Detection probability of collaborative attackers (Qdm)
Securecomm 2011
10
Problem Statement

Attackers’ goal
◦ Increase the error rate and disguise their intention.
◦ Collaboration makes it easier.

BS’s goal
◦ Correct decision making.
◦ Identify attackers and minimize the impact of their
collaboration.

Solution
◦ Reduce their strength of collaboration.
◦ Differentiate between honest and dishonest nodes.
Securecomm 2011
11
Existing Solutions

Reputation based [1]
◦ BS fails to take a correct decision for 35% attackers
◦ High misdetection rate

K-nearest neighbor [2]
◦ Works well for independent SSDF attack
◦ Threshold selection is critical
Ref: [1] A. Rawat, P. Anand, C. Hao and P. Varshney, “Collaborative Spectrum Sensing in the
Presence of Byzantine Attacks in Cognitive Radio Networks”, IEEE Transactions on Signal
Processing 2011
[2] H. Li and Z. Han, “Catching Attackers for Collaborative Spectrum Sensing in Cognitive
Radio Systems: An Abnormality Detection Approach”, DySPAN 2010.
Securecomm 2011
12
Adaptive Reputation-based Clustering
(ARC) Scheme




Collection: BS collects node reports
Clustering: k-medoid clustering using PAM
Voting:
 Intra-cluster weighted voting
 Inter cluster majority voting
Feedback:
 Cluster adjustment
 Reputation adjustment
Securecomm 2011
13
Adaptive Reputation-based Clustering
(ARC) Scheme

Intra-cluster weighted voting
◦ Further from median, less voting power

Majority cluster voting
◦ Decision of majority clusters becomes
the final decision
Securecomm 2011
14
Adaptive Reputation-based Clustering
(ARC) Scheme



Clusters with poor reputation removed
Number of clusters is adjusted
Reputation of nodes is adjusted based on
◦ cluster's vote
◦ distance from median and
◦ node’s current vote
Securecomm 2011
15
Results
Simulation tool: MATLAB
 Simulation Parameters

◦
◦
◦
◦
◦
Number of attackers 10% - 50%
Probability of attack 0.1 – 1.0
Number of runs – 10
Prob. of false alarm 0.1
Prob. of miss detection 0.1
Securecomm 2011
16
Results


Compared to Rawat et al. reputation-based
method (R)
Collaborative and Independent SSDF attacks
◦ Number of attackers
◦ Probability of attack
◦ Probability of detection

Performance metrics
◦ Probability of error (QE)
◦ Attacker Detection Rate (QD)
◦ Attacker Misdetection Rate (QF)
Securecomm 2011
Rawat Reputation
Method:
1) Node majority vote
for N frames.
2) Remove users with M
or more differences.
3) Repeat.
17
Results
Collaborative SSDF Attack
Figure 1: QD , QE , QF vs # of attackers
• Significant improvement in reducing error rate
• Moderate true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
18
Results
Collaborative SSDF Attack
Figure 2: QD , QE , QF vs prob. of attack
• Huge improvement in reducing error rate
• Significant true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
19
Results
Collaborative SSDF Attack
Figure 3: QD , QE , QF vs prob. of detection
• Significant improvement in reducing error rate
• Moderate true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
20
Results
Collaborative SSDF Attack (Subgroup attack)
Figure 4: QD , QE , QF vs # of attackers
• Huge improvement in reducing error rate
• Similar true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
21
Results
Collaborative SSDF (GAMA) Attack
Figure 5: QD , QE , QF vs # of attackers
• Significant improvement in reducing error rate
• Moderate true detection rate
• Significant improvement in reducing false detection rate
Securecomm 2011
22
Results
Independent SSDF Attack
Figure 6: QD , QE , QF vs # of attackers
• Similar error rate
• Moderate true detection rate
• Huge improvement in reducing false detection rate
Securecomm 2011
23
Results
Independent SSDF Attack
Figure 7: QD , QE , QF vs prob. of attack
• Slight improvement in reducing error rate
• Similar true detection rate
• Significant improvement in reducing false detection rate
Securecomm 2011
24
Results
Independent SSDF Attack
Figure 8: QD , QE , QF vs prob. of detection
• Slight improvement in reducing error rate
• Huge improvement in reducing false detection rate
Securecomm 2011
25
Conclusion & Future Work



Devised robust decision-making algorithm for
CRNs
Displays better performance than current
schemes
ARC can minimize error rate consistently
◦ Low attacker misdetection rates
◦ Does not require any prior knowledge
◦ Applicable to both Independent and Collaborative
attacks

Future Work
◦ Explore a GA method for determining optimal
number of clusters (k values)
◦ Explore different attacking strategies
Securecomm 2011
26
Questions ?