Review
Cognitive radio network security: A survey

https://doi.org/10.1016/j.jnca.2012.06.006Get rights and content

Abstract

Recent advancements in wireless communication are creating a spectrum shortage problem on a daily basis. Recently, Cognitive Radio (CR), a novel technology, has attempted to minimize this problem by dynamically using the free spectrum in wireless communications and mobile computing. Cognitive radio networks (CRNs) can be formed using cognitive radios by extending the radio link features to network layer functions. The objective of CRN architecture is to improve the whole network operation to fulfil the user's demands anytime and anywhere, through accessing CRNs in a more efficient way, rather than by just linking spectral efficiency. CRNs are more flexible and exposed to wireless networks compared with other traditional radio networks. Hence, there are many security threats to CRNs, more so than other traditional radio environments. The unique characteristics of CRNs make security more challenging. Several crucial issues have not yet been investigated in the area of security for CRNs. A typical public key infrastructure (PKI) scheme which achieves secure routing and other purposes in typical ad hoc networks is not enough to guarantee the security of CRNs under limited communication and computation resources. However, there has been increasing research attention on security threats caused specifically by CR techniques and special characteristics of CR in CRNs. Therefore, in this research, a survey of CRNs and their architectures and security issues has been carried out in a broad way in this paper.

Introduction

Of the different kinds of wireless technology supporting Internet access and other services, a very effective idea is to merge different wireless networks and to use one of them appropriately, depending on the communication environments and various application requirements. At first, cognitive radio was pioneered by Mitola (2000) from software defined radio (SDR). The main objective of this idea was originally to improve spectrum utilization. There is an ever-increasing demand for spectrum for emerging wireless applications and there is a spectrum shortage for the wireless applications. In view of this, the Federal Communications Commission (FCC) has considered making the licensed spectrum available to unlicensed users. This will allow unlicensed users to use the empty spectrum, provided they cause no interference to licensed users. Most radio systems today are aware of the radio spectrum. Cognitive radio is a new research area for wireless communication in which either a network or a wireless node is able to change its transmission or reception parameters to communicate efficiently by avoiding interference with licensed or unlicensed users. Basically, the parameters that are used in CRNs are based on the active monitoring of several factors, either in the external or internal radio environment, such as radio frequency spectrum, user behavior and network state. A cognitive radio senses available spectrum, occupies it and can vacate the spectrum on sensing the return of the primary user (PU). We call future wireless networks ‘cognitive radio networks' (CRNs), which is quite consistent with Haykins's definition of cognitive radio (Haykin, 2005): “Cognitive radio is an intelligent wireless communication system that is aware of its surrounding environment (i.e., the outside world), and uses the methodology of understanding-by-building to learn from the environment and adapt its internal states to statistical variations in the incoming RF stimuli by making corresponding changes in certain operating parameters (e.g., transmit power, carries-frequency, and modulation strategy) in real time, with two primary objectives in mind: highly reliable communication, whenever and wherever needed, and efficient utilization of the radio spectrum”. The authors in Chen et al. (2008a) stated that whenever cognitive radios can find opportunities for communication using the “spectrum holes”, cognitive radio transports packets on top of cognitive radio links in order to successfully facilitate useful applications and services. A mobile terminal with cognitive radio capabilities can always sense the communication environments (e.g. spectrum holes, geographic location, available wire/wireless communication system or networks, and available services), analyze the environment and learn information from the environments with the user's requirements and reconfigure itself by adjusting system parameters to conform to certain policies and regulations. The authors provided an example in Chen et al. (2008a), where a cognitive radio mobile terminal senses that there are WiFi and GSM systems nearby while spectrum holes exist in the frequency band of digital TV, hence, it may decide to download files from a certain WiFi AP, make a phone call through the GSM system and communicate with other cognitive radio users, using those spectrum holes. Figure 1 shows the basic difference between wireless networks and cognitive networks.

A cognitive radio terminal also has the ability to negotiate with another spectrum and network utilization. This negotiation process may be undertaken with the support of network/infrastructure sides or simply by proceeding in an ad hoc manner. In CRNs, the radio could also facilitate interoperability among different communication systems in which frequency bands and/or formats are not the same (Chen et al., 2008a). On the other hand, cognitive radio is placed above the SDR (Software Defined Radio) and it uses its “intelligence” that lets an SDR to determine which mode of operation and parameters to use. Actually, an SDR is simply a radio that puts most of the Radio Frequency (RF) and Intermediate frequency (IF) functionality, including waveform synthesis, into the digital (rather than the analog) domain, allowing great flexibility in the modes of radio operation (called “personalities”) (Haykin, 2005). CRNs are more flexible and exposed to Wireless Networks compared with other traditional radio networks. Hence, there are many security threats to CRNs because of its special characteristics, such as intelligence functionality and dynamic spectrum access application, more so than for other traditional radio environments. Since cognitive radios can adapt to their environment and change how they communicate, it is crucial that they select an optimal and secure means of communication. Compared to wired networks, the nature of wireless networks means that it is unavoidable that security is vulnerable. In a wireless network, a signal has to be transmitted through an open media without a real connection. That is to say, the data might be eavesdropped and altered without notice; or the channel might be jammed and overused by an adversary (Zhang and Li, 2009a). A description and categorization of the security threats in CRNs and an analytical survey for the detection of several attacks have been undertaken in Fragkiadakis et al. (2011). The unique characteristics of CRNs make security more challenging. Here we summarize a number of security threats for CRNs:

  • Sensing problem: Cognitive radio technology provides more opportunities for attackers due to its intrinsic nature. For example, spectrum sensing is a key characteristic used in CRNs, which scans certain range of the spectrum to detect unoccupied spectrum (Naveed and Kanhere, 2006b, Kaligineedi et al., 2008b, Akyildiz et al., 2008). Through this process, an unlicensed user can determine whether the radio can be used. However, if the spectrum sensing result is modified maliciously, normal network activities will be disabled; it is possible that all network traffic may collapse. Other types of threats include spectrum decision threats, spectrum sharing and spectrum mobility threats.

  • Hidden terminal problem: As mentioned in Kaligineedi et al. (2008b), the most important challenge facing a cognitive radio system is to identify the presence of PUs over a wide range of spectrum. This process is very difficult as we need to identify various PUs employing different modulation schemes, data rates and transmission powers in the presence of variable propagation losses, interference generated by other SUs, and thermal noise. For example, if the channel between the primary transmitter and the sensing device is under a deep fade, it is possible that the sensing device may not detect the primary signal. As a result, the cognitive radio might transmit a signal in the corresponding PU band, causing interference to the nearby primary receiver. This issue is commonly referred to as the Hidden Terminal Problem.

  • Policy threats: In order to communicate more effectively in an intelligent way, a CR needs policies for reasoning in different environments or under different conditions. There are two types of threats when using policies (Clancy and Goergen, 2008): first, policies may be modified by attackers. An attacker can obtain control of a CR, or obtain permission from the policy database administration to modify the internal policies. Second, false policies also lead to security threats. An attacker can try to inject false policies into the CR policy database, and thereby cause interference.

  • Learning threats: Some CRs are designed with the capability of learning. These CRs can learn from past experiences or current situations to predict the future environment and select optimal operations. But attackers can modify past statistics or spoof current conditions to prevent the CR from predicting accurately (Zhang et al., 2008).

  • Parameter threats: An attacker can manipulate a CR to behave maliciously, and teach the CR to alter the parameters to affect the CR to conduct sub-optimal operations for CRNs (Clancy and Goergen, 2008).

However, to date, there has been no comprehensive analysis or discussion of security threats caused specifically by CR techniques and the special characteristics of CR in CRNs. So, a comprehensive survey of CRNs and their architectures and security issues has been carried out in this paper.

One of the key advantages of CRNs is that they can offer low cost solutions to a variety of real-world challenges. CRNs can reduce or eliminate the need for human interaction in information gathering in certain civilian and military applications (Arslan and Ahmed, 2007) by solving spectrum scarcity problems in the real world. CRNs are vulnerable to various attacks because they are usually deployed in unattended environments and use unreliable wireless communication. However, it is not simple to implement security defences in CRNs. One of the major obstacles in deploying security on CRNs is that the current CRNs have limited computation and communication capabilities. With this in mind, many researchers have begun to ensure security for CRNS with different security mechanisms. Security mechanisms, including trust management, have the ability to secure CRNs against attackers. CRNs are application-specific networks. Except for some common features, a CRN for a specific application has some unique features and correspondingly, some unique security requirements. Our design is driven by specific applications and their security requirements, this principle making the designed scheme more practical. To date, there has been no comprehensive analysis or discussion of security threats caused specifically by CR techniques and the special characteristics of CR in CRNs and there are still several gaps in CRNs research which have not yet been addressed, resulting in there being no effective defense mechanism against attacks in CRNs, as well as no guidelines for the selection of defense mechanisms. Hence, in this work, we integrate prior research results and investigate the current problems in CRNs. The main contributions of this paper are as follows:

  • 1.

    We clarify the security requirements of CRNs according to four security levels which are depicted in Fig. 8, providing a better understanding of the attacks against CRNs and the priority of each security requirement.

  • 2.

    We highlight the advantages and disadvantages of existing schemes and identify open problems in relation to CRNs. We discuss the security model, and threat model for the establishment of four different secure schemes of spectrum management in CRNs.

The rest of the paper is organized as follows: from 2 Cognitive radio network working process and applications, 3 Cognitive radio network architecture, 4 Security requirements of cognitive radio networks, 5 Attacks on protocol layers and scope of attacks in cognitive radio networks, 6 Challenges and threats in cognitive radio networks, we present an overview of CRNs, including CRN architecture; and the different types of attacks on different protocol layers and their countermeasures is discussed in CRNs in Section 7. In Section 8, we describe the spectrum management schemes in CRNs. Subsequently, we consider open problems and challenges in CRNs in Section 9. We conclude the paper in Section 10.

Section snippets

Cognitive radio network working process and applications

The working capabilities of a CRN can be classified according to the working functionalities as shown in Fig. 2. A cognitive radio senses the environment (cognitive capability), analyzes and understands the sensed information (self-organized capability), makes decisions (decision capability) and adapts to the environment (reconfigurable capabilities). In this section, for completeness, we give an overview of each of these activities.

Cognitive radio network architecture

According to Chen et al. (2008a), a CRN can sense available networks and communication systems around it, depending on the spectrum sensing to effectively improve spectrum utilization. CNRs are composed of various kinds of communication systems and networks, and can be viewed as types of heterogeneous networks. The purpose of CRN architecture design is to improve the entire network utilization, rather than just link spectral efficiency. Actually, from the user's perspective, network utilization

Security requirements of cognitive radio networks

As a CRN solves the spectrum shortage problem by dynamically utilizing the spectrum, CRN security becomes a challenging issue. Cognitive radio technology is more susceptible to attack compared to general wireless networks due to its intrinsic nature. Several survey papers (Clancy and Goergen, 2008, Burbank, 2008, Chen et al., 2008b) examine only a small number of general security requirements of CRNs. Mathur et al. were the first to describe security requirements elaborately (Mathur and

Attacks on protocol layers and scope of attacks in cognitive radio networks

In this section, we describe attacks on various protocol layers of CRNs and these attacks are categorized depending on their target in security requirements.

Spectrum sensing

A CR is considered to be aware of and sensitive to the changes in its surroundings, which makes spectrum sensing an important requirement for the realization of CRNs. Spectrum sensing enables CR users to adapt to the environment by detecting spectrum holes without causing interference to the primary network. This task can be accomplished by a real-time wide band sensing capability to detect weak primary signals within a broad spectrum range. Generally, spectrum sensing techniques can be

Countermeasures for various attacks on cognitive radio networks

In this section, we discuss various possible countermeasures to the potential attacks on CRNs. The authors in Leon et al. (2010) proposed various possible countermeasures on different attacks in CRNs.

Secure spectrum sensing scheme

One of the functionalities of cognitive radio is to detect spectrum holes by spectrum sensing which keeps monitoring a given spectrum band and captures the information. CR users may temporarily use the spectrum holes without creating any harmful interference to the PUs. However, CR must periodically sense the spectrum to detect the presence of incumbents and quit the band once detected. The detection techniques which are often used in local sensing are energy detection, matched filter, and

Challenges and open problems in cognitive radio networks

Previous research investigations on spectrum management, as well as the attention (little though it is) given to security for CRNs, mainly focus on spectrum selection and availability on a hypothetical network model, rather than on a specific application. Gaps still exist in the area of security for CRNs and must be thoroughly investigated.

  • 1.

    No guideline for security model definition: Current spectrum management schemes lack a formal security model. Existing literature (Mathur and Subbalakshmi,

Conclusion

This research work aims to address the problem of spectrum management for CRNs, focusing in particular on the security issues of CRNs. Attacks on different protocol layers have been addressed in this paper and possible countermeasures to secure CRNs are presented. Although some work has been done in this realm, there is not a secure framework for CRNs. Hence, this paper presents a survey on the architecture and security issues in CRNs. Challenging problems related to security issues are

References (81)

  • H. Arslan et al.

    Applications of cognitive radio, in cognitive radio, software defined radio, and adaptive wireless systems

    (2007)
  • Atakan B, Akan O. Biologically-inspired spectrum sharing in cognitive radio networks. In: Proceedings of IEEE wireless...
  • Bahramian S, Khalaj BH. A Novel low complexity dynamic frequency selection algorithm for cognitive radios. IEEE...
  • V. Bhuse et al.

    Anomaly intrusion detection in wireless sensor networks

    Journal of High Speed Networks

    (2006)
  • Burbank JL. Security in cognitive radio networks: the required evaluation in approaches to wireless network security....
  • Z. Chair et al.

    Optimal data fusion in multiple sensor detection systems

    IEEE Transactions on Aerospace and Electronic Systems

    (1986)
  • Challapali K, Mangold S, Zhong Z. Spectrum agile radio: detecting spectrum opportunities. In: International symposium...
  • Chen R, Park JM. Ensuring trustworthy spectrum sensing in cognitive radio networks. In: 1st IEEE workshop on networking...
  • R. Chen et al.

    Defense against primary user emulation attacks in cognitive radio networks

    IEEE Journal on Selected Areas in Communications

    (2008)
  • Chen K-C, et al. Cognitive radio network architecture: part I—general structure. In: Proceedings of the 2nd...
  • Chen R, Park J-M, Hou YT, Reed JH. Toward secure distributed spectrum sensing in cognitive radio networks. IEEE...
  • Chen K-C, et al. Cognitive radio network architecture: part II—trusted network layer structure. In: Proceedings of ACM...
  • Chen R, Park J-M, Bian K. Robust distributed spectrum sensing in cognitive radio networks. In: Proceedings of IEEE...
  • Clancy TC, Goergen N. Security in cognitive radio networks: threats and mitigation. In: Proc. of 3rd international IEEE...
  • FCC, E T Docket No 03-222 Notice of Proposed rule making and order,...
  • J.G. Filho et al.

    IDS-COG—intrusion detection system for cognitive radio network

    International Journal of Computer Science and Network Security

    (2012)
  • FIPS, Specification of the advanced encryption standard (AES). Federal Information Processing Standards Publication;...
  • Fragkiadakis AG, Tragos EZ, Askoxylakis IG. A survey on security threats and detection techniques in cognitive radio...
  • Fu X, Zhou W, Xu J, Song J. Extended mobility management challenges over cellular networks combined with cognitive...
  • A. Ghasemi et al.

    Opportunistic spectrum access in fading channels through collaborative sensing

    Journal of Communications (JCM)

    (2007)
  • A.A. Hanbali et al.

    A survey of tcp over ad hoc networks

    Communications Surveys and Tutorials. IEEE Communications Surveys

    (2005)
  • S. Haykin

    Cognitive radiobrain-empowered wireless communications

    IEEE Journal on Selected Areas in Communications

    (2005)
  • A. Huseyin

    Cognitive radio, software defined radio, and adaptive wireless systems

    (2007)
  • Jakimoski G, Subbalakshmi KP. Denial-of-service attacks on dynamic spectrum access networks. In: Proceedings of IEEE...
  • Jakimoski G, Subbalakshmi KP. Towards secure spectrum decision. In: Proceedings of the IEEE international conference on...
  • Kaligineedi P, Khabbazian M, Bhargava KM. Secure cooperative sensing techniques for cognitive radio systems. In:...
  • Kaligineedi P, Khabbazian M, Bhargava VK. Secure cooperative sensing techniques for cognitive radio systems. In:...
  • W.Y. Lee et al.

    Optimal spectrum sensing framework for cognitive radio networks

    IEEE Transactions on Wireless Communications

    (2008)
  • Leon O, Serrano JH, Soriano M. A new cross-layer attack to TCP in cognitive radio networks. Second international...
  • O. Leon et al.

    Securing cognitive radio networks

    International Journal of Communication Systems

    (2010)
  • Cited by (0)

    View full text