Mai Abdelhakim

Defense Against Primary User Emulation Attacks in Cognitive Radio Networks Using Advanced Encryption Standard

This paper considers primary user emulation attacks in cognitive radio networks operating in the white spaces of the digital TV (DTV) band. We propose a reliable AES-assisted DTV scheme, in which an AES-encrypted reference signal is generated at the TV transmitter and used as the sync bits of the DTV data frames. By allowing a shared secret between the transmitter and the receiver, the reference signal can be regenerated at the receiver and used to achieve accurate identification of the authorized primary users. In addition, when combined with the analysis on the autocorrelation of the received signal, the presence of the malicious user can be detected accurately whether or not the primary user is present. We analyze the effectiveness of the proposed approach through both theoretical analysis and simulation examples. It is shown that with the AES-assisted DTV scheme, the primary user, as well as malicious user, can be detected with high accuracy under primary user emulation attacks. It should be emphasized that the proposed scheme requires no changes in hardware or system structure except for a plug-in AES chip. Potentially, it can be applied directly to todays DTV system under primary user emulation attacks for more efficient spectrum sharing.

Cooperative sensing in cognitive networks under malicious attack

This paper considers cooperative sensing in cognitive networks under Spectrum Sensing Data Falsification attack (SSDF) in which malicious users can intentionally send false sensing information. One effective method to deal with the SSDF attack is the q-out-of-m scheme, where the sensing decision is based on q sensing reports out of m polled nodes. The major limitation with the q-out-of-m scheme is its high computational complexity due to exhaustive search. In this paper, we prove that for a fixed percentage of malicious users, the detection accuracy increases almost exponentially as the network size increases. Motivated by this observation, as well as the linear relationship between the scheme parameters and the network size, we propose a simple but accurate approach that significantly reduces the complexity of the q-out-of-m scheme. The proposed approach can easily be applied to the large scale networks, which can be much more reliable under malicious attacks.

Distributed Detection in Mobile Access Wireless Sensor Networks under Byzantine Attacks

This paper explores reliable data fusion in mobile access wireless sensor networks under Byzantine attacks. We consider the q-out-of-m rule, which is popular in distributed detection and can achieve a good tradeoff between the miss detection probability and the false alarm rate. However, a major limitation with it is that the optimal scheme parameters can only be obtained through exhaustive search, making it infeasible for large networks. In this paper, first, by exploiting the linear relationship between the scheme parameters and the network size, we propose simple but effective sub-optimal linear approaches. Second, for better flexibility and scalability, we derive a near-optimal closed-form solution based on the central limit theorem. Third, subjecting to a miss detection constraint, we prove that the false alarm rate of q-out-of-m diminishes exponentially as the network size increases, even if the percentage of malicious nodes remains fixed. Finally, we propose an effective malicious node detection scheme for adaptive data fusion under time-varying attacks; the proposed scheme is analyzed using the entropy-based trust model, and shown to be optimal from the information theory point of view. Simulation examples are provided to illustrate the performance of proposed approaches under both static and dynamic attacks.

Mobile Coordinated Wireless Sensor Network: An Energy Efficient Scheme for Real-Time Transmissions

This paper introduces the mobile access coordinated wireless sensor network (MC-WSN)-a novel energy efficient scheme for time-sensitive applications. In conventional sensor networks with mobile access points (SENMA), the mobile access points (MAs) traverse the network to collect information directly from individual sensors. While simplifying the routing process, a major limitation with SENMA is that data transmission is limited by the physical speed of the MAs and their trajectory length, resulting in low throughput and large delay. In an effort to resolve this problem, we introduce the MC-WSN architecture, for which a major feature is that: through active network deployment and topology design, the number of hops from any sensor to the MA can be limited to a pre-specified number. In this paper, we investigate the optimal topology design that minimizes the average number of hops from sensor to MA, and provide the throughput analysis under both single-path and multipath routing cases. Moreover, putting MC-WSN in the bigger picture of network design and development, we provide a unified framework for wireless network modeling and characterization. Under this general framework, it can be seen that MC-WSN reflects the integration of structure-ensured reliability/efficiency and ad-hoc enabled flexibility.

Mitigating primary user emulation attacks in cognitive radio networks using advanced encryption standard

This paper considers primary user emulation attacks (PUEA) in cognitive radio networks operating in the white spaces of the digital TV (DTV) band. We propose a reliable AES-encrypted DTV scheme, in which an AES-encrypted reference signal is generated at the TV transmitter and used as the sync bytes of each DTV data frame. By allowing a shared secret between the transmitter and the receiver, the reference signal can be regenerated at the receiver and be used to achieve accurate identification of authorized primary users. We analyze the effectiveness of the proposed approach through both theoretical derivation and simulation examples. It is shown that with the AES-encrypted DTV scheme, the primary user can be detected with high accuracy and low false alarm rate under primary user emulation attacks. It should be emphasized that the proposed scheme requires no changes in hardware or system structure except of a plug-in AES chip. Potentially, it can be applied to todays DTV system directly to mitigate primary user emulation attacks, and achieve efficient spectrum sharing.

Reliable data fusion in wireless sensor networks under Byzantine attacks

In this paper, Byzantine attacks in wireless sensor networks with mobile access (SENMA) points is considered, where a portion of the active sensors are compromised to send false information. One effective method to combat with Byzantine attacks is the q-out-of-m scheme, where the sensing decision is based on q sensing reports out of m polled nodes. In this paper, first, by exploiting the approximately linear relationship between the scheme parameters and the network size, we propose a simplified q-out-of-m scheme which can greatly reduce the computational complexity, and at the same time keeping good performance. We show that for a fixed percentage of malicious sensors, the detection accuracy of the simplified q-out-of-m scheme increases almost exponentially as the network size increases. Second, we propose a simple but effective method to detect the malicious sensors before decision making. The performance of the proposed approach is evaluated under both static and dynamic attacking strategies. It is observed that with the pre-detection procedure, the performance of the q-out-of-m scheme can be improved significantly under various attacking strategies. Simulation results are provided to illustrate the effectiveness of the proposed approaches.

Architecture design of mobile access coordinated wireless sensor networks

This paper considers architecture design of mobile access coordinated wireless sensor networks (MC-WSN) for reliable and efficient information exchange. In sensor networks with mobile access points (SENMA), the mobile access points collect information directly from individual sensors as they traverse the network, such that no routing is needed in data transmission. While being energy efficient, a major limitation with SENMA is the large delay in data collection, making it undesirable for timesensitive applications. In the proposed MC-WSN architecture, the sensor network is coordinated by powerful mobile access points (MA), such that the number of hops from each sensor to the MA is minimized and limited to a prespecified number through active network deployment and network topology design. Unlike in SENMA, where the data collection delay depends on the physical speed of the MA, in MC-WSN, the delay depends on the number of hops and the electromagnetic wave speed, and is independent of the physical speed of the MA. This innovative architecture is energy efficient, resilient, fast reacting and can actively prolong the lifetime of sensor networks. Our simulations show that the proposed MC-WSN can achieve higher energy-efficiency and orders of magnitude lower delay over SENMA, especially for large-scale networks.

Mobile Access Coordinated Wireless Sensor Networks - Topology Design and Throughput Analysis

In this paper, we propose a novel mobile access coordinated wireless sensor network (MC-WSN) architecture for reliable and efficient information exchange. In conventional sensor networks with mobile access points (SENMA), the mobile access points (MAs) traverse the network to collect information directly from individual sensors. While simplifying the routing process, a major limitation with SENMA is that a transmission is made only if an MA visits the corresponding source node; thus, data transmission is limited by the physical speed of the MAs and the length of their trajectory, resulting in low throughput and huge delay. The proposed MC-WSN architecture resolves this problem and provides an efficient solution for time-sensitive information exchange. In MC-WSN, the delay is effectively managed through hop number control. We analyze the throughput of the network, and show that the throughput of the MC-WSN is independent of the physical speed or the trajectory length of the mobile access point. The effectiveness of the proposed approach is demonstrated through simulations.

Throughput analysis and routing security discussions of mobile access coordinated wireless sensor networks

In this paper, we analyze the throughput of a novel mobile access coordinated wireless sensor network architecture (MC-WSN) under single path and multipath routing. The obtained throughput expressions highlight the trade-off between achieving high throughput performance and improving the network security strength. The results reveal the importance of: (i) minimizing the number of hops in maximizing the throughput, and (ii) adopting routing diversity in combating malicious attacks and network failure conditions. We control the number of hops in data transmission through optimal topology design and active network deployment achieved by the mobile access point (MA). To combat routing attacks, we propose a secure routing path selection approach, and show the impact of the proposed approach on improving the throughput performance under malicious attacks.

N-Hop networks: a general framework for wireless systems

This article introduces a unified framework for quantitative characterization of various wireless networks. We first revisit the evolution of centralized, ad-hoc and hybrid networks, and discuss the trade-off between structure-ensured reliability and efficiency, and ad-hoc enabled flexibility. Motivated by the observation that the number of hops for a basic node in the network to reach the base station or the sink has a direct impact on the network capacity, delay, efficiency and their evaluation techniques, we introduce the concept of the N-hop networks. It can serve as a general framework that includes most existing network models as special cases, and can also make the analytical characterization of the network performance more tractable. Moreover, for network security, it is observed that hierarchical structure enables easier tracking of user accountability and malicious node detection; on the other hand, the multi-layer diversity increases the network reliability under unexpected network failure or malicious attacks, and at the same time, provides a flexible platform for privacy protection.