Biming Tian

Review: Cognitive radio network security: A survey

Recent advancements in wireless communication are creating a spectrum shortage problem on a daily basis. Recently, Cognitive Radio (CR), a novel technology, has attempted to minimize this problem by dynamically using the free spectrum in wireless communications and mobile computing. Cognitive radio networks (CRNs) can be formed using cognitive radios by extending the radio link features to network layer functions. The objective of CRN architecture is to improve the whole network operation to fulfil the users demands anytime and anywhere, through accessing CRNs in a more efficient way, rather than by just linking spectral efficiency. CRNs are more flexible and exposed to wireless networks compared with other traditional radio networks. Hence, there are many security threats to CRNs, more so than other traditional radio environments. The unique characteristics of CRNs make security more challenging. Several crucial issues have not yet been investigated in the area of security for CRNs. A typical public key infrastructure (PKI) scheme which achieves secure routing and other purposes in typical ad hoc networks is not enough to guarantee the security of CRNs under limited communication and computation resources. However, there has been increasing research attention on security threats caused specifically by CR techniques and special characteristics of CR in CRNs. Therefore, in this research, a survey of CRNs and their architectures and security issues has been carried out in a broad way in this paper.

Trust-Based Authentication for Secure Communication in Cognitive Radio Networks

Over the past few years, Cognitive Radio (CR) has been considered as a demanding concept for improving the utilization of limited radio spectrum resources for future wireless communications and mobile computing. Since a member of Cognitive Radio Networks may join or leave the network at any time, the issue of supporting secure communication in CRNs becomes more critical than for the other conventional wireless networks. This work thus proposes a secure trust-based authentication approach for CRNs. A CR node’s trust value is determined from its previous trust behavior in the network and depending on this trust value, it is decided whether or not this CR node will obtain access to the Primary User’s free spectrum. The security analysis is performed to guarantee that the proposed approach achieves security proof.

Efficient threshold self-healing key distribution with sponsorization for infrastructureless wireless networks

Self-healing key distribution schemes are particularly useful when there is no network infrastructure or such infrastructure has been destroyed. A self-healing mechanism can allow group users to recover lost session keys and is therefore quite suitable for establishing group keys over an unreliable network, especially for infrastructureless wireless networks, where broadcast messages loss may occur frequently. An efficient threshold self-healing key distribution scheme with favorable properties is proposed in this paper. Firstly, the distance between two broadcasts used to recover the lost one is alterable according to network conditions. This alterable property can be used to shorten the length of the broadcast messages. Secondly, any more than threshold-value users can sponsor a new user to join the group for the subsequent sessions without any interaction with the group manager. Thirdly, the storage overhead of the self-healing key distribution at each group user is a polynomial over a finite field, which will not increase with the number of sessions. In addition, if a smaller group of users up to a threshold-value were revoked, the personal keys for non-revoked users can be reused.

A mutual-healing key distribution scheme in wireless sensor networks

How to establish secure session keys is one of the central tasks for wireless sensor network communications. General key distribution schemes for traditional computer networks could not be directly shifted to wireless sensor network environments as broadcast messages may be lost due to sensor network internal factors or external attacks. Self-healing key distribution schemes, therefore, have been proposed to address packet loss issues since 2002. The essential issue that self-healing key distribution mechanism addressed is the fixed-number of broadcast messages (excluding the last broadcast message) loss. In other words, a node could not recover its new session keys if a node has missed more than a fixed number broadcast messages or the last broadcast message in a self-healing key distribution scheme for wireless sensor networks. This paper aims to address this emerged issue and provide a new key distribution scheme: mutual-healing key distribution scheme for wireless sensor networks. This mutual-healing key distribution can enable a node in a wireless sensor network to recover its new session key although its last broadcast message was lost. A formal definition for mutual-healing key distribution will also be proposed in this paper. The proposed mutual-healing key distribution scheme is based on bilinear pairings. The scheme is collusion-free for any coalition of non-authorized nodes. Each nodes private key has nothing to do with the number of revoked nodes and can be reused as long as it is not disclosed. The storage overhead for each node is a constant.

A self-healing key distribution scheme based on vector space secret sharing and one way hash chains

An efficient self-healing key distribution scheme with revocation capability is proposed for secure group communication in wireless networks. The scheme bases on vector space secret sharing and one way hash function techniques. Vector space secret sharing helps to realize general monotone decreasing structures for the family of subsets of users that can be revoked instead of a threshold one. One way hash chains contribute to reduce communication overhead. Furthermore, the most prominent characteristic of our scheme is resisting collusion between the new joined users and the revoked users, which is fatal weakness of hash function based self-healing key distribution schemes.

Self-Healing Key Distribution Schemes for Wireless Networks

The objective of self-healing key distribution is to enable group users to recover session keys by themselves, without requesting additional transmissions from the group manager (GM), even when they miss some broadcast messages. One major benefit of the self-healing key distribution mechanism is the reduction of energy consumption due to the elimination of such additional transmission. Also in some applications, e.g., uni-directional broadcast channel from the GM, the self-healing key distribution mechanism seems to be the ideal solution. Desired features of self-healing key distribution schemes include energy awareness, short broadcast message, efficient users addition, revocation and so on. A primary challenge is managing the trade-off between providing an acceptable level of security and conserving scarce resources in particular energy which is critical for wireless network operations. Over a decade, a great number of self-healing key distribution schemes have been proposed for establishing a group key amongst a dynamic group of users over an unreliable, or lossy, network. In this paper a comprehensive survey is conducted on the state-of-the-art in the field of self-healing key distribution. First, we clarify the security requirements of self-healing key distribution scheme for their special application environment. Then, we present a classification of self-healing key distribution schemes according to different cryptographic primitives, and give an insight to their features and goals. Furthermore, we consider several problems, namely authentication on broadcast messages, sponsorization and mutual-healing, related to the robustness of self-healing key distribution schemes. At last, we delineate their similarities and differences and outline several future research directions.

An Efficient Self-Healing Key Distribution Scheme

Self-healing key distribution schemes enable a group user to recover session keys from two broadcast messages it received before and after those sessions, even if broadcast messages for middle sessions are lost due to network failure. These schemes are quite suitable for supporting secure communication over unreliable networks such as sensor networks and ad hoc networks. An efficient self-healing key distribution scheme is proposed in this paper. The scheme based on the concept of access polynomial and self-healing key distribution model constructed by Hong et al. The new scheme reduces communication overhead and computation overhead greatly yet still keeps the constant storage overhead. In addition, we consider the possibility of mutual-healing between neighbor users in wireless networks.

A Key Management Protocol for Multiphase Hierarchical Wireless Sensor Networks

The security of Wireless Sensor Networks (WSNs) has a direct reliance on secure and efficient key management. This leaves key management as a fundamental research topic in the field of WSNs security. Among the proposed key management schemes for WSNs security, LEAP (Localized Encryption and Authentication Protocol) has been regarded as an efficient protocol over the last years. LEAP supports the establishment of four types of keys. The security of these keys is under the assumption that the initial deployment phase is secure and the initial key is erased from sensor nodes after the initialization phase. However, the initial key is used again for node addition after the initialization phase whereas the new node can be compromised before erasing the key. A time-based key management scheme rethought the security of LEAP. We show the deficiency of the time-based key management scheme and proposed a key management scheme for multi-phase WSNs in this paper. The proposed scheme disperses the damage resulting from the disclosure of the initial key. We show it has better resilience and higher key connectivity probability through the analysis.

Highly Efficient Distance-Based Anomaly Detection through Univariate with PCA in Wireless Sensor Networks

Unsupervised anomaly detection (UAD) techniques have received increasing attention in wireless sensor networks (WSNs). However, the high dimensional training data often make sensor nodes unable to sustain in computation, and result in quite expensive communication overhead. The feature reduction techniques make great sense through the reduction of the dimensionality when the features are strongly interrelated. Among these UAD techniques, distance-based anomaly detection (DB-AD) is a special one that allows to be described by a probability model. Based on this observation, DB-AD is explored deeply with a feature reduction technique, principal component analysis (PCA). Through examining the proportion of the variance explained by the first principal component (PC), a new feature reduction approach is proposed for DB-AD in WSNs, which enables to reduce the dimensionality to one in any situation. Specifically, the first PC is alone used for representing the original data as long as it retains most of the variance, otherwise, the information loss is geometrically reverted to neutralize the error. By obtaining a tradeoff between the detection error and performance overload, this approach is significant for resource-constrained WSNs, as the computational complexity and communication overhead will be reduced to a fraction of the original magnitude. Finally, this approach is evaluated with a real WSN dataset.

An Efficient Self-Healing Key Distribution Scheme with Constant-Size Personal Keys for Wireless Sensor Networks

The availability of group communications over inexpensive wireless networks has facilitated new types of applications and created new security challenges. One of the security challenges is how to securely distribute session keys over wireless networks. Self-healing key distribution mechanism is an ideal countermeasure for enabling session key distribution and recovery. In order to address the issue that personal keys could not be reused if more than a threshold number of nodes are revoked in self-healing key distribution schemes, a new self-healing key distribution scheme using bilinear pairings is proposed in this paper. Another motivation for developing this new scheme is to reduce computation cost in some existing IDbased self-healing key distribution schemes. The new scheme enables users to have constant size personal keys. The personal key of each user can be reused as long as it is not disclosed. Further, any coalition of non-authorized users can not recover the session keys. That is, the scheme is collusion-free secure. The ID-based scheme can support key management by mitigating the certificate management overload. Additional advantage includes sliding-window mechanism can be applied to our scheme such that it is unnecessary to determine the number of sessions during the Setup procedure.