Kai Hong

SpiderRadio: A cognitive radio network with commodity hardware and open source software

In this article we present SpiderRadio, a cognitive radio prototype for dynamic spectrum access networking. SpiderRadio is built using commodity IEEE 802.11a/b/g hardware and the open source MadWiFi driver. This helps us in developing and testing our prototype without having to buy and manage several licensed spectrum bands. We begin with a discussion of the key research issues and challenges in the practical implementation of a dynamic spectrum access network. Then the lessons learned from the development of dynamic spectrum access protocols, designing management frame structures, software implementation of the dynamic spectrum access network protocol stack, and testbed experimental measurement results are presented. Several trade-offs in prototype implementation complexity vs. network performance are also discussed. We also identify potential security vulnerabilities in cognitive radio networks, specifically as applied to SpiderRadio, and point out some defense mechanisms against these vulnerabilities.

Using Sybil Identities for Primary User Emulation and Byzantine Attacks in DSA Networks

In this paper, we investigate a new type of denialof- service attack in dynamic spectrum access networks - Sybilenabled attack. In this attack, the attacker not only launches the primary user emulation (PUE) attacks but also creates and infiltrates multiple Sybil identities to compromise the decision making process of the secondary network via Byzantine attacks. We implement this attack in our cognitive radio testbed to show its feasibility and attack impact. We further analyze the optimal attack strategy from the perspective of the malicious attacker, i.e., the optimal allocation of Sybil interfaces for different attacks, to maximize the impact on the secondary network. The attack models are analyzed under two different scenarios: with and without a reputation system in the network fusion center. Numerical analysis and simulations are conducted to solve the optimal attack strategy and demonstrate the impact of attacks on the secondary network.

Is Channel Fragmentation/bonding in IEEE 802.22 Networks Secure?

We address a unique security threat that arises due to channel fragmentation (or aggregation or bonding) in dynamic spectrum access (DSA) based IEEE 802.22 networks. Typically, channel fragmentation, aggregation and bonding have been studied in the literature as a means to enhance the spectrum utilization. However, the loss of orthogonality between the spectrum bands due to channel fragmentation, aggregation or bonding can be exploited by malicious attackers to cause a cognitive service disruption. We present an analysis of such a threat. We determine the optimal transmit powers a malicious attacker transmits on each fragment, so as to create maximum service disruption. Numerical results indicate that a malicious attacker can cause up to about 16% loss in the capacity of the system as a consequence of fragmentation. Detailed analysis is presented for channel fragmentation and can be easily applied to channel aggregation and bonding. To the best of our knowledge,this is the first analysis of such cognitive service disruption threats due to fragmentation.

Spectrum Stealing via Sybil Attacks in DSA Networks: Implementation and Defense

In this paper, we investigate Sybil attacks on spectrum allocation in distributed dynamic spectrum access (DSA) networks. Using IEEE 802.11 devices as secondary nodes, we demonstrate the feasibility of mounting Sybil attacks in the cognitive radio testbed, in which the malicious node poses as multiple normal secondary nodes with different identities in order to steal more spectrum bands. We also show the impact of the attack through an example and simulation results. A defense strategy using the statistics of beacon intervals is also proposed. Through experimental results, we show the effectiveness of this defense mechanism when there is no interference from external sources as well as in the presence of interference.

SpiderRadio: A Cognitive Radio Implementation Using IEEE 802.11 Components

In this paper, we present SpiderRadio, a software defined cognitive radio (CR) prototype for dynamic spectrum access (DSA) networking. The medium access control (MAC) layer of SpiderRadio is implemented in software on top of commodity IEEE 802.11a/b/g hardware. However, the proposed architecture and implementation are applicable to other spectrum bands as well. We also present a dynamic spectrum sensing methodology for primary incumbent detection. The proposed method is based on observing the PHY errors, received signal strength and statistical model building. For coordination among radio nodes, synchronization and fast channel switching, we present new communication protocols, design extended management frame structure and modify the hardware abstraction layer. Several fundamental tradeoffs (e.g., complexity versus network performance) to be considered during a dynamic spectrum access radio network prototype implementation are also discussed in detail. To demonstrate the practical capabilities of the proposed SpiderRadio prototype, we also present various testbed experimental measurement results.

SpiderRadio: An Incumbent Sensing Implementation for Cognitive Radio Networking Using IEEE 802.11 Devices

Spectrum sensing is one of the critical features in cognitive radio based dynamic spectrum access networking. In this paper, we discuss a new spectrum sensing technique for primary incumbent detection. The proposed method is based on observing the PHY errors, received signal strength and

Exploiting Channel Fragmentation and Aggregation/Bonding to Create Security Vulnerabilities

n

Cognitive Radio Mobile Ad Hoc Networks in Healthcare

-moving window averaging of the observed measurement. The sensing parameters are dynamically optimized based on the operating radio environment. This sensing method is implemented in SpiderRadio, a cognitive radio testbed based on off-the-shelf IEEE 802.11 devices. Experimental results show that the proposed technique results in very low sensing delay and failure probability.

Security Vulnerability Due to Channel Aggregation/Bonding in LTE and HSPA+ Network

We address a unique security vulnerability due to spectrum fragmentation, aggregation, and bonding in IEEE 802.22-based dynamic spectrum access (DSA) networks and in Long-Term Evolution (LTE) and Evolved High-Speed Packet Access (HSPA+) networks. Typically, channel fragmentation, aggregation, and bonding have been perceived as a means of enhancing the bandwidth and throughput for the users. However, this could also result in losing orthogonality between the bonded or fragmented spectrum bands. We show this leads to a security vulnerability that can be exploited by an attacker to cause service disruptions. We present an analysis of two types of attacks, i.e., the MAXimum IMPact (MAXIMP) attack, wherein the attackers try to cause maximum service disruptions by transmitting at maximum power, and the MINPOW attack, wherein the attackers transmit at minimum power just to create a targeted level of service disruption. Results indicate that, although the MAXIMP attack can cause up to about 16% loss in the capacity of the system, the MINimum POWer (MINPOW) attack, which is more difficult to detect than the MAXIMP attack, can cause 11%-15% loss in throughput.

Power Control Game in Multi-Terminal Covert Timing Channels

Low-cost automated health monitoring system sees a high demand with the Presidents’ proposal on health care reform. Legacy health care monitoring systems demand a great amount of resources such as health care personnel and medical equipments. This increases the cost of health care making it unaffordable to the majority of our society. This chapter introduces an architecture and design of a health care automation network. The health care automation network uses a cognitive radio-based infrastructure to monitor real-time patients’ vital signs, collect, and document medical information. The health care automation network can be implemented in hospitals or in senior communities. This network can leverage the existing infrastructure and reduce the cost of implementation. Research challenges in development of cognitive radio health care automation network are also discussed.