Spoofing and jamming optimization over Rayleigh fading channels of a cognitive radio adversary

This article has been accepted for publication in a future issue of this journal, but has not been fully edited. Content may change prior to final publication. Citation information: DOI 10.1109/TCOMM.2014.2331964, IEEE Transactions on Communications Spoofing and jamming optimization over Rayleigh fading channels of a cognitive radio adversary Madushanka Soysa, Student Member, IEEE, Pamela C. Cosman, Fellow, IEEE, and Laurence B. Milstein, Fellow, IEEE Abstract—We examine the performance of a cognitive radio system in a hostile environment where an intelligent adversary tries to disrupt communications by minimizing the system throughput. We investigate the optimal strategy for spoofing and jamming a cognitive radio network with a Gaussian noise signal over a Rayleigh fading channel. We analyze a cluster- based network of secondary users (SUs). The adversary may attack during the sensing interval to limit access for SUs by transmitting a spoofing signal. By jamming the network during the transmission interval, the adversary may reduce the rate of successful transmission. We present how the adversary can optimally allocate power across subcarriers during sensing and transmission intervals with knowledge of the system, using a simple optimization approach specific to this problem. We determine a worst-case optimal energy allocation for spoofing and jamming, which gives a lower bound to the overall information throughput of SUs under attack. Index Terms - Cognitive radio, intelligent adversary, partial- band spoofing, partial-band jamming I. I NTRODUCTION Although the demand for wireless spectrum has been grow- ing rapidly, a large portion of the assigned spectrum is used only sporadically. The limited available spectrum and the inefficiency in spectrum usage necessitate a new commu- nication paradigm to exploit the existing wireless spectrum opportunistically. Cognitive radio (CR) [1], which allows dynamic spectrum access, has been widely investigated as a solution. In CR systems, the users are defined as primary users (PUs) if they have priority of access over the spectrum, and secondary users (SUs) otherwise. Any time an unlicensed SU senses a licensed band is unused by the PU, it can dynamically access the band. Thus, spectrum sensing is a key concept for CR but it is also a vulnerable aspect. An adversary intending to disrupt the communication in a CR network has two ways to attack. The first way is to exploit the inherent vulnerability of spectrum sensing, by transmitting a spoofing signal emulating a PU during the sensing interval [2]. Here the SU might mistakenly conclude that the channel is occupied by a PU and not available for transmission. In this way, an intelligent attacker reduces the bandwidth available for the SU. Such exploitations and their impact are discussed in [3]–[10]. Further, the adversary can disrupt communications The authors are with the Department of Electrical and Computer Engineer- ing, University of California at San Diego, La Jolla, CA 92093-0407 USA (e-mail: msoysa@ucsd.edu; pcosman@ucsd.edu; lmilstein@ucsd.edu) This work was supported in part by the Office of Naval Research under grant number N00014-11-1-0733, the Army Research Office under grant number W9111NF-12-1-0510, and the National Science Foundation under grant number CCF-1160832. using jamming techniques during the data transmission phase [11]. Jamming in a cognitive radio network dynamically, using stochastic game models, was studied in [12], [13]. In this work, we analyze the impact of an intelligent adversary on a tactical, spread spectrum, CR system. In [3], the presence of such an intelligent adversary disrupting the sensing by spoofing with a noise signal in an additive white Gaussian noise (AWGN) channel was discussed. This work was extended in [4], to obtain spoofing performance bounds under Rayleigh fading, when the adversary is aware of instan- taneous channel state information (CSI). In [5], the design of an adversary with optimal power allocation for spoofing and jamming under an AWGN channel was investigated. In this work, we extend the analysis to a Rayleigh fading channel, and include forward error correction (FEC) coding, which reduces the effectiveness of jamming. Assuming knowledge of the SU system at the adversary, we determine a worst- case optimal energy allocation for spoofing and jamming. We further propose an optimization method specific to this problem, to find the optimal power allocation over subcarriers to minimize throughput. This enables us to perform the optimization when a closed form expression for the objective function is not available. In [12] and [13], jamming attacks are analyzed as a dynamic game, where the users and the adversary use the probability of successful jamming as a predetermined parameter. In the jamming section of this work, we analyze the probability of successful jamming by the adversary, and optimize the adversary power allocation to maximize the average probability of successful jamming. In Section II, we present the system model, and derive the performance metrics as functions of spoofing or jamming pow- ers under fast and slow Rayleigh fading. Sections III and IV discuss the spoofing and jamming optimization, respectively, where we prove that the performance metric functions derived in Section II have the required properties that enable the optimization method in Appendix A to be used, in almost all cases. In Section V, we discuss the optimal energy allocation between spoofing and jamming. Section VI contains system simulation results and Section VII presents the conclusions. II. S YSTEM MODEL We investigate the impact of an adversary on a cluster based SU network, as shown in Figure 1. We denote the cluster head serving the SUs by CH S , and A is the adversary. We consider the downlinks from the cluster head to the users of a multi- carrier direct sequence code division multiple access (MC- DS-CDMA) system with N T bands (or subcarriers). The N T 0090-6778 (c) 2013 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.

[1]  Laurence B. Milstein,et al.  Analysis and Simulation of Sensing Deception in Fading Cognitive Radio Networks , 2010, 2010 6th International Conference on Wireless Communications Networking and Mobile Computing (WiCOM).

[2]  H. Urkowitz Energy detection of unknown deterministic signals , 1967 .

[3]  Laurence B. Milstein,et al.  Optimal Sensing Disruption for a Cognitive Radio Adversary , 2010, IEEE Transactions on Vehicular Technology.

[4]  Zhu Han,et al.  Dogfight in Spectrum: Combating Primary User Emulation Attacks in Cognitive Radio Systems, Part I: Known Channel Statistics , 2010, IEEE Transactions on Wireless Communications.

[5]  Rong Yu,et al.  Performance analysis of Primary User Emulation Attack in Cognitive Radio networks , 2012, 2012 8th International Wireless Communications and Mobile Computing Conference (IWCMC).

[6]  Santhanakrishnan Anand,et al.  Impact of Primary User Emulation Attacks on Dynamic Spectrum Access Networks , 2012, IEEE Transactions on Communications.

[7]  Adam J. Miller,et al.  Cognitive Jamming Game for Dynamically Countering Ad Hoc Cognitive Radio Networks , 2013, MILCOM 2013 - 2013 IEEE Military Communications Conference.

[8]  S. Anand,et al.  An Analytical Model for Primary User Emulation Attacks in Cognitive Radio Networks , 2008, 2008 3rd IEEE Symposium on New Frontiers in Dynamic Spectrum Access Networks.

[9]  Simon Haykin,et al.  Cognitive radio: brain-empowered wireless communications , 2005, IEEE Journal on Selected Areas in Communications.

[10]  K. J. Ray Liu,et al.  An anti-jamming stochastic game for cognitive radio networks , 2011, IEEE Journal on Selected Areas in Communications.

[11]  Timothy X. Brown,et al.  Potential Cognitive Radio Denial-of-Service Vulnerailities and Protection Countermeasures: A Multi-dimensional Analysis and Assessment , 2007, 2007 2nd International Conference on Cognitive Radio Oriented Wireless Networks and Communications.

[12]  Timothy X. Brown,et al.  Potential Cognitive Radio Denial-of-Service Vulnerabilities and Protection Countermeasures: a Multi-dimensional Analysis and Assessment , 2008, Mob. Networks Appl..

[13]  Laurence B. Milstein,et al.  Spoofing or Jamming: Performance Analysis of a Tactical Cognitive Radio Adversary , 2011, IEEE Journal on Selected Areas in Communications.

[14]  Zhu Han,et al.  Dogfight in Spectrum: Combating Primary User Emulation Attacks in Cognitive Radio Systems—Part II: Unknown Channel Statistics , 2010, IEEE Transactions on Wireless Communications.