240 likes | 442 Views
FastProbe: Malicious User Detection in Cognitive Radio Networks Through Active Transmissions. Tarun Bansal, Bo Chen and Prasun Sinha Department of Computer Science and Engineering Ohio State University Columbus, Ohio. White Space Channels. Discrepancy in channel usage
E N D
FastProbe: Malicious User Detection in Cognitive Radio Networks Through Active Transmissions Tarun Bansal, Bo Chen and Prasun Sinha Department of Computer Science and Engineering Ohio State University Columbus, Ohio
White Space Channels • Discrepancy in channel usage • Unlicensed (ISM) bands are congested • Licensed bands are free most of the time • Unused channels can be used for data transmission Taken from “How much white-space capacity is there?” IEEE DySPAN, 2010
Opportunistic Usage • Unlicensed users must avoid interference to licensed user (or primary user, PU) • Two Types: • In band Scanning: Detect arrival of primary user to avoid causing interference to them • Out of band Scanning: Detect channels currently not in use by licensed users • Scanning takes time and results in throughput loss • Scanning must be reliable • Use Cooperation • BS based model: BS collects scanning readings from users and aggregates What if some users deliberately report incorrect results?
Malicious Cognitive Radio Users • May not scan the channel • Have a hardware error due to which its readings are erratic • Reports arbitrary sensing results without performing any sensing to save time and/or energy • Incorrectly report the channel to be busy (DoS attack) Objective: Identify the malicious users in the network
Related Work • Existing algorithms (e.g., ADSP, Min et al. ICNP 2009) • Divide the Cognitive Radios (CRs) in clusters • All users in the same cluster are expected to have similar results • If some node has substantially different result compared to its neighbors, it is marked as malicious
Limitations of the Related Work • Presence of obstacles affect the readings • Assumption that users in the same cluster have similar readings may not be true Vacant Busy Cluster Secondary Base Station (SBS) n1 Vacant n2 n3 Existing algorithms will label n1 as malicious
Limitations of the Related Work (contd.) • Ground truth (State of the PU) is unknown • Current algorithms detect malicious users reactively • Users scan the channel and then base stations determine the malicious users • BS may make multiple incorrect scanning decisions before it detects malicious users • Incorrect scanning decisions cause interference to licensed users (Violation of FCC requirements)
Working of FastProbe • Active Transmissions Based Approach: Proactively detect malicious users • A subset of CRs (testing nodes) transmit PU-Emulated (PUE) signals • Neighboring CRs are asked to scan the channel and report results back to the Base Station • Malicious users can’t distinguish PUE signals from the actual PU signals and would report incorrect results. • Mission Accomplished.
Detecting Malicious Users (Out-of-Band Sensing) : FastProbe Illustration SBS n2 n1 n4 n6 n3 n5 A difference of 13 dB: n5 did not participate in out of band sensing in this round Testing Nodes: n1, n4
Detecting Malicious Users (In-Band Sensing) • FastProbe works similar as before • SBS asks a subset of the users to transmit PUE signals • The neighboring users must report the presence of PU within 2 seconds (FCC requirement)
Detecting Malicious Users (In-Band Sensing) : FastProbe Illustration n3 SBS n2 and n3 must report the arrival of the licensed user within 2 seconds n1 n4 n6 n2 n5 n1 transmits PUE signals on the channel that n2 and n3 are currently using If not, mark them as malicious
Advantages of FastProbe • Base Station has knowledge about the ground truth (e.g., transmission power level) for the tests • It can more accurately conclude if the received power level reported by the tested node is correct • Path loss readings compared with the previous readings for the same transmitter-receiver pair • Uncertainties due to obstacles and multipath are removed
Other Challenges Answered in the Paper • How do we test the nodes in the shortest possible time? • Choose the set of testing nodes carefully • Checking if the testing node itself is malicious and does not transmit PUE signals faithfully • Aggregate data from neighboring CRs with high reputation • How to make it difficult for the malicious users to distinguish PUE signals from the actual PU signals • Transmit PUE signals at random power level • Let multiple testing nodes transmit simultaneously to make it difficult to localize • Detecting collusion of malicious users • Use the SBS to transmit PUE signals
Experiment Setup SBS Wall affects the correlation among neighboring users CRs • 3 PUs also deployed (not shown above) • 5 channels in 2.4Ghz and 5Ghz spectrum • Number of malicious CRs varied from 1 to 5
Experiments Setup (Contd.) • Two different attack models: • Attack 1: Malicious nodes sense the channel but they either report higher power level, lower power level or the correct power level, each with 1/3 probability . • Attack 2: Multiple malicious CRs located close to each other collude so as to improve the reputation value of one of the malicious nodes.
Other Algorithms Implemented • ADSP: “Attack-Tolerant Distributed Sensing for Dynamic Spectrum Access Networks”, Min et al., ICNP 2009 • Arranges neighboring CRs in clusters • CRs in the same cluster assumed to have similar readings • Most of the existing algorithms work in a similar way
Experiment Results: Throughput Loss 65% lower loss FastProbe detects malicious users with up to 65% less throughput loss.
Experiment Results: Scanning Accuracy 1.2x On an average, sensing accuracy of FastProbe is 1.2x of ADSP
Experiment Results: Detection Latency ADSP takes 4x longer On an average, ADSP takes 4x longer to detect malicious users
Summary • Proposed an active transmissions based approach • Proactively detect malicious CRs • Detect malicious users that do not perform in-band sensing or out of band sensing Thank you
Simulation Setup • 100 km X 100 km field • Number of CRs: 400 • Malicious CRs: 80 • Number of PUs: 40 • Number of Channels: 50
Simulation Results: Total Transmissions in FastProbe Number of transmissions done in FastProbe taper off since each user can test multiple neighbors
Simulation Results: Throughput Loss Throughput loss for ADSP is at least 2X compared to FastProbe for both the models FastProbe does not require multiple users to scan at the same time
Simulation Results under mobility: Throughput Loss Base Station in FastProbe knows the ground truth, and detects malicious users faster with lower overhead