Internet DRAFT - draft-pei-antissdf
draft-pei-antissdf
Mobile Ad-hoc Networks working group Errong Pei
Internet Draft School of Communication and
Information Engineering
Chongqing University
of Postsand Telecommu.
December 2017
Intended status: Informational
Expires: June 2018
Anti-SSDF framework for Cognitive Sensor Networks
draft-pei-antissdf-00.txt
Status of this Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other documents
at any time. It is inappropriate to use Internet-Drafts as
reference material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
This Internet-Draft will expire on June 15, 2009.
Copyright Notice
Copyright (c) 2017 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
Pei Expires June,2018 [Page 1]
Internet-Draft Anti-SSDF framework December 2017
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
Abstract
In cognitive sensor networks, the cooperative spectrum sensing can
effectively improve the accuracy of spectrum sensing. However, it is
also facing with the security issues caused by attacks of potential
malicious users. Lots of algorithms are proposed in existing
literatures to cope with the potential attacks. However, the
traditional strategies are mainly suitable for relative simple and
ideal attack such as the all "1" or all "0" attack. Therefore, we
define a more universal anti Spectrum Sensing Data Falsification
(SSDF) framework in the document, which can better cope with the
probabilistic attacks and random attacks which are closer to the
reality.
Table of Contents
1. Introduction ................................................ 2
2. Conventions used in this document............................ 4
3. The data reconstruction based anti SSDF framework ............ 5
3.1. The detection framework of malicious users .............. 5
3.2. The processing framework of malicious users ............. 6
4. Formal Syntax ............................................... 7
5. Security Considerations...................................... 7
6. IANA Considerations ......................................... 7
7. Conclusions ................................................. 7
8. References .................................................. 8
8.1. Normative References.................................... 8
8.2. Informative References.................................. 8
1. Introduction
Spectrum sensing is the basis and prerequisite of cognitive sensor
networks. However, due to the shadow effect and multipath fading of
the signal as well as the limitation of the calculation performance
of single cognitive sensor node (or user), there exist big errors in
the result of the spectrum sensing. The cooperative spectrum sensing
among multiple cognitive sensor nodes is thus proposed to enhance
the spectrum sensing performance of single cognitive sensor node.
More specifically, multiple cognitive sensor nodes detect the
spectrum simultaneously, one of which is responsible for fusing all
detected data and making the final decision. As a key technology of
cognitive radio, cooperative spectrum sensing not only has excellent
sensing performance, but also can reduce the sensitivity
Pei Expires June, 2018 [Page 2]
Internet-Draft Anti-SSDF framework December 2017
requirements of detection hardware and further reduce deployment
cost of the cognitive sensor networks.
However, there are serious security issues in the cooperative
spectrum sensing while the accuracy of spectrum sensing can be
improved effectively. In the cooperative spectrum sensing, some
malicious nodes (users) among the cognitive sensor nodes (users) may
deliberately influence the spectrum sensing process through forgery,
deception, flooding and gang cooperation, which makes the fusion
center get the wrong sensing information. Based on the wrong sensing
information, the fusion center may make wrong final decision, and
further obtain wrong detection result. Thus the cognitive sensor
nodes (users) cannot faithfully perform spectrum switching according
to the external environment, and the channel allocation will be
controlled and used by the attacker. This kind of attack method,
which interferes with the normal operation of the data fusion center
by sending the fake sensing data to the fusion center, is referred
to as Spectrum Sensing Data Falsification (SSDF) attack.
As a considerably important topic in cognitive sensor networks, the
security issues have received increasing attention. Among them, the
SSDF attack is a major security threat in cognitive radio networks.
Currently, the anti SSDF algorithm is mainly divided into two steps:
the first step is to detect malicious users, and the second step is
to how to process the malicious data in the fusion center.
In the detection of malicious users, some literatures proposed to
detect malicious users by comparing the local judgment results with
the final results in the fusion center. It is assumed in this kind
of detection method that the malicious users are sending the wrong
data. The implementation is thus relatively simple. But in reality,
malicious users may only send the wrong data with a certain
probability, thus the proposed algorithms cannot effectively cope
with the SSDF attack. Other literatures proposed to detect malicious
users through estimating the deviation value of the sensing data
from their mean value. But in the scenarios with more malicious
users, a more robust estimation method of the mean value is urgently
needed.
In the processing of malicious data, there are generally three
processing methods of malicious data according to the existing
literatures. The first method is to delete the malicious data
directly. The method is the simplest. Obviously, the final judgment
of the sensing result can be greatly affected due to the lack of the
deleted malicious data. The second is to remove the malicious data,
and then use the mean value of the entire dataset to replace it.
Although the method is better than the first, the differences of
Pei Expires June, 2018 [Page 3]
Internet-Draft Anti-SSDF framework December 2017
different sensing data is erased as well, which can still affect the
final judgment of sensing results. The third is to give different
weight to different sensing results of multiple cognitive sensor
nodes (users) according to certain an algorithm to neutralize
malicious data. If the local judgment results of a cognitive user
are consistent with the final results, more trust/weight is given,
and vice versa. By employing the method, the attacks of malicious
users can be effectively inhibited. However, in some special
occasions, more complex attack modes might be used by malicious
users to deceive the detection mechanism. For example, a malicious
user deliberately operates as a normal user within some time, and
then starts to attack the system after acquiring enough trust of the
fusion center. The attackers can initiate an SSDF attack in a pre-
designed attack mode with a quite high trust degree. Therefore, the
attacks of malicious users are hard to be inhibited effectively by
means of the user's entire historical performance or simply the
accumulated reputation value. Furthermore, the weighted algorithm is
not fair for the normal users because part of the sensing data of
malicious users is still remained in the final fusion process.
Additionally, the weighted malicious data is not necessarily the
normal and effective data. In the case, the malicious user still
seriously affects the detection performance of the sensing system.
Besides, in the case of malicious data seriously deviating from the
mean value, the effect of the weight of sensing data is more fragile
which can greatly affect the final judgment.
Considering the insufficiency of traditional anti-SSDF strategies,
we define an anti-SSDF framework with more universality in the
document: the data reconstruction based anti-SSDF framework.
2. Conventions used in this document
"SSDF" indicates Spectrum Sensing Data Falsification
"OGK" indicates Orthogonalized Gnanadesikan Kettenring
"Cognitive users" also indicates the sensor nodes
"Detect" also indicates sense
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in RFC 2119 [RFC2119].
In this document, these words will appear with that interpretation
only when in ALL CAPS. Lower case uses of these words are not to be
interpreted as carrying significance described in RFC 2119.
In this document, the characters ">>" preceding an indented line(s)
indicates a statement using the key words listed above. This
Pei Expires June, 2018 [Page 4]
Internet-Draft Anti-SSDF framework December 2017
convention aids reviewers in quickly identifying or finding the
portions of this RFC covered by these keywords.
3. The data reconstruction based anti SSDF framework
3.1. The detection framework of malicious users
In order to find malicious data, the mean value mu and variance
sigma^2 of the dataset need to be calculated. Then the malicious
data can be distinguished through its deviation degree. At present,
the estimation algorithm is shown as the following formula:
mu^=1/n*(sum(mu_i))
sigma^2=1/n*(sum(mu_i-mu^)^2)
This kind of estimation algorithm is simple and convenient. However,
there are big errors in the estimation algorithm when there exist
some malicious data, especially when malicious data is too much.
Therefore, in order to detect malicious users more accurately in
more universal cases, a kind of mean and variance value estimation
algorithm with robustness is necessary.
Based on this, the Orthogonalized Gnanadesikan Kettenring(OGK)
algorithm is considered to be used in the document to estimate mu
and sigma^2, which makes the estimation value more close to the
actual value. OGK algorithm was firstly proposed by Maronna and
Zamar in 2002. This kind of algorithm can provide a relative
accurate estimated value when there exist part of malicious value.
It has better robustness, stronger malicious data tolerance ability
and lower algorithm complexity.
The dataset of U={mu_1,mu_2,...,mu_n} is seen as a sample with
single variable in OGK algorithm, and meets normal distribution with
mu as mean value and sigma^2 as variance. Mu and sigma^2 are
calculated according to the following formula:
Mu^=sum(mu_i*W(v_i))/sum(W(v_i)),v_i=(mu_i-mu_0)/sigma_0
sigma^2=(sigma_0^2/n)*sum rho((mu_i-mu^)/sigma_0)
Where the weighted function W(x) and rho(x) function can be
described as, respectively,
W(x)=(1-(x/c_1)^2)^2, (|x|<=c_1)
Rho(x)=min(x^2,c_2^2)
Pei Expires June, 2018 [Page 5]
Internet-Draft Anti-SSDF framework December 2017
Where c_1 and c_2 are turning coefficient, which can be determined
according to actual situations. Mu_0 and sigma_0 are median and
absolute median deviation in dataset U, respectively.
The dataset U={mu_1,mu_2,,mu_n} can be standardized into
Y={y_1,y_2,...,y_n}, where y_1=|mu_1-mu^/sigma^|,...,y_n=|mu_n-
mu^/sigma^|.
Let V_i=y_i(i=1,...,n) denote the residual error. When the residual
error of a data meets V_i>3*sigma (sigma is the standard error that
can be obtained from the calculation based on the Bessel formulas),
the data will be considered as malicious data (the corresponding
user is a malicious user).
3.2. The processing framework of malicious users
The k-means clustering algorithm in data mining is adopted in the
document to process malicious data. In 1976, the K-means clustering
algorithm was proposed by Macqueen (J.B.Macqueen) to process data
clustering problem. This kind of clustering algorithm is widely
applied because it's simple and convenient. It also has high
scalability, good reliability and high efficiency. Therefore, it is
often applied in science and industry areas.
The processing flow of K-means clustering algorithm is shown as
below:
Input: dataset X={x_1,x_2,...,x_n}, cluster number k,
Output: k class clusters C_j,j=1,2,...,k.
[step1] Let I=1, randomly select k data points as initial cluster
centers of k class clusters, m_j(I), j=1,2,...,k;
[step2] Calculate the Euclidean distance of each data point to the k
class clusters, d(x_i,m_j(I)), i=1,...,n ,j=1,...,k. If satisfied
d(x_i,m_j(I))=squr((x_i-m_j(I))^2)=min{ d(x_i,m_j(I))}, then x_i_is
part of C_J;
[step3] Calculate k new cluster centers: m_j(I+1)=(1/N_j)*sum(x_i),
x_i is part of C_j, j=1,...,k;
[step4] Judge: if m_j(I+1)is not equal to m_j(I), j=1,...,k, then
I=I+1, return to step2, otherwise, the calculation finishes.
Pei Expires June, 2018 [Page 6]
Internet-Draft Anti-SSDF framework December 2017
After the clustering grouping of normal data is completed, the data
is divided into k clusters and each cluster has a cluster center
m_j(I), j=1,2,...,k. According to the relativity of cognitive user
data with geographic position, the malicious users can be
categorized into their nearest cluster (denoted by C_jM) to their
self, and then the malicious data can be replaced with the cluster
center value m_jM(I) of the cluster C_jM.
After completing the above data replacement, the final fusion value
can be calculated as follows:
T=(mu_1+,...,+mu_(n-M))+(m_1(I)+...+m_M(I))
The final judgment of the cooperative spectrum sensing can be made
as follows
If T is more than eta, then the detected channel is occupied;
If T is less than eta, then the detected channel is idle.
Where T represents the final fusion value, n represents the number
of cognitive users, M represents the number of malicious users among
the cognitive users, mu_i represents sensing data sent to the fusion
center by normal cognitive users, m_h(I),h=1,...,M represents the
latest sensing data of malicious users after data reconstruction(ie.
cluster center value of the nearest cluster to their self), eta
represents the judgment threshold of the fusion center.
4. Formal Syntax
The following syntax specification uses the augmented Backus-Naur
Form (BNF) as described in RFC-2234 [RFC2234].
5. Security Considerations
The document introduces a new anti SSDF framework for the cognitive
sensor networks. The framework does not inherently introduce any
additional threats.
6. IANA Considerations
This document has no actions for IANA.
7. Conclusions
The document defines a more universal anti DDSF framework.
Pei Expires June, 2018 [Page 7]
Internet-Draft Anti-SSDF framework December 2017
8. References
8.1. Normative References
P.Kaligineedi, M. Khabbazian, and V. Bhargava, ''SecureCooperative
Sensing Techniques for Cognitive Radio Systems,''in Proc. IEEE ICC,
2008, pp. 3406-3410.
F. Penna, Y. Sun, L. Dolecek, and D. Cabric, "Detecting and
counteracting statistical attacks in cooperative spectrum sensing,"
IEEE Trans.Signal Process., vol. 60, no. 4, pp. 1806-1822, Apr. 2012.
8.2. Informative References
VI T. Zhang, R. Safavi-Naini, and Z. Li, "ReDiSen: Reputation-based
securecooperative sensing in distributed cognitive radio networks"
inProc. IEEE ICC, Budapest, Hungary, Jun. 9-13, 2013, pp. 2601-2605.
This document was prepared using 2-Word-v2.0.template.dot.
Authors' Addresses
Errong Pei
School of Communication and Information Engineering
Chongqing University of Posts and Telecommunications
Nanan Dist., Chongqing, China
<Address>
Phone: 008613638323589
Email: peier@cqupt.edu.cn
Pei Expires June, 2018 [Page 8]