IPASJ International Journal of Computer Science (IIJCS)

Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm

A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 10, October 2017 ISSN 2321-5992

Authentication and Secure Communication

in CSS Cognitive Radio Networks
Rajesh D. Kadu1, Dr. Pravin P. Karde2 and Dr. V. M. Thakare3
1
Research Scholar, SGB Amravati University, Amravati, India
2
Information Technology Department, Government Polytechnic, Amravati, India
3
P. G. Department of Computer Science, SGB Amravati University, Amravati, India

ABSTRACT
Cognitive Radio (CR) technology solves spectrum shortage problem by making utilization of unused spectrum of primary users
(PUs). For this purpose, CR or secondary user in network sense the spectrum to know whether primary user (PU) exist in
spectrum band or not. Cooperative spectrum sensing (CSS) scheme is more advantageous than individual spectrum sensing
(ISS) by CR users. CSS is more accurate and reliable compared to ISS scheme. Some of the secondary users (SUs) may behave
maliciously in cooperative spectrum sensing process. These users may send false results of spectrum sensing to fusion center
(FC) or may jam the communication channels. Hence, authentication of the users in cognitive radio network (CRN) is
necessary. In this paper, propose the protocol which supports authentication for CRNs user based on elliptic curve digital
signature algorithm (ECDSA) as it supports for minimum key length. The protocol also establishes the secure communication
among CRN nodes.
Keywords: CRNs, CSS, PU, SUs, FC, Authentication

1. INTRODUCTION
As wireless communication is increasing due to rapid developments of wireless applications, the fixed allocation of
spectrum cannot meet the spectrum demand of more and more users. All these modern applications demands for more
spectrum and reliable access to it with reasonable cost. The static allocation of spectrum is the one of the reason for
shortage of spectrum. To solve this spectrum shortage problem, CRN [1] was proposed to use the spectrum in
opportunistic and efficient manner. Both licensed users and unlicensed wireless users with cognitive capabilities work
in CRN. The licensed users are referred as primary users (PUs) and unlicensed users are referred as secondary users
(SUs). The SUs sense the spectrum to know whether PU exists in spectrum band or not. If PU is not using spectrum
then SU can use it. Hence, spectrum shortage problem can be solved by making use of unused spectrum.

If the spectrum sensing by SUs is carried out in cooperative manner then it is more accurate and reliable. If individual
SU sense the spectrum then it is inaccurate and not reliable due to signal fading and shadowing effects. However,
cooperative spectrum sensing (CSS) is more vulnerable to security threats and attacks. The most common attacks in
CRNs are primary user emulation attack (PUEA), spectrum sensing data falsification (SSDF) attack and jamming
attack. These attacks degrade the performance of CRN. Moreover, SUs in network can behave maliciously so as to
launch these attacks. Hence, the SUs need to be authenticated. Authentication mechanism is also required to
authenticate the users of CRNs. Authentication of spectrum sensing reports is also necessary in order to ensure the
robust security to CRN. Also security of the CRNs can be further improved by establishing the secure communication
among the nodes.

Volume 5, Issue 10, October 2017 Page 81

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 10, October 2017 ISSN 2321-5992

2. RELATED WORK
In [2], authors considered the location of the primary transmitter as a defense against PUEA. In this proposed scheme,
signals characteristics and location of transmitter of the signals is taken into consideration to know whether genuine
PU is present or not. The primary network consists of TV signal transmitters and receivers. At first, signal
characteristics verification is carried out and then the energy level of received signal is detected. Finally signal source
localization is carried out. Z. Jin et al. [3] used Neyman-Pearson composite hypothesis test (NPCHT) and a Walds
sequential probability ratio test (WSPRT) to study the PUEA analytically. Authors considered the fading wireless
environment and multiple MUs to carry out this study. The WSPRT gives 50 % drop off in probability of successful
PUEA with compare to NPCHT for he set desired threshold. In [4] authors analyzed the impact of PUEA on
performance of system under CSS scheme. The conventional maximal ratio combining (MRC) method and single-user
energy detection method is used. The proposed scheme accurately detects PU in presence of PUEA in the network. In
this proposed scheme, the soft fusion rule is executed at FC and SUs sends weight with sensed signals to FC. The
optimization of these weights is carried out to get better detection probability.

Deepa Das and Susmita Das [5] proposed hybrid invasive weed optimization and particle swarm optimization (hybrid
IWOPSO) algorithm to optimize the weight coefficients. The maximum detection probability is obtained in presence of
PUEA in network during CSS process by optimizing the weight coefficients. The proposed approach gives more than
95% of MU detection accuracy with the help of single trusted user when arbitrary numbers of MUs present in network.
In [6] authors proposed approach to detect malicious user (MU) in CSS process. A Conditional Frequency Check (CFC)
and Hamming Distance Check (HDC) is used in this proposed approach. In [7], the low cost symmetric cryptographic
approach is proposed as a defense against SSDF attack. In this scheme, message authentication code is used for the
authentication of sensing results of SUs. In [8], authors proposed trust management method to get better detection
performance in distributed spectrum sensing. In this approach, each CR node compares its sensing decision with its
neighbor nodes to calculate the trust value. The trust management reduces the error rates. The issue of general and
reliable reference design for CSS is addressed in [9]. The proposed approach in together takes advantage of CSS
process and spectrum access in closed loop manner.

In [10], authors proposed a joint spectrum sensing and resource allocation (JSSRA) scheme. The proposed scheme
considers both CSS process and resource-allocation process to improve SUs sensing constancy and honor the SUs with
high sensing constancy. In [11], authors considered spectrum sensing and jammer detection in together and used
multiple hypotheses testing. In first scenario knowledge of jammers signals is not considered and other scenario is
considered without knowledge of noise power. For these both scenarios, a correlated generalized likelihood ratio test
(GLRT) is used. In [12] authors considered communication parameters of software defined radio for detection of the
jamming attacker. In [13], authors proposed the jDefender framework to detect the CR user being a jammer. The
observed jamming events are used to conclude the user as jammer. This information then used to improve anti-
jamming strategies.

In [14], authors proposed the location based authentication protocol which uses location information to authenticate
each other. The protocol is proposed for IEEE 802.22 wireless regional area networks in which CR technology is used
to solve spectrum shortage problem. The protocol authenticates SUs in network and uses many keys for secure
communication. In [15], authors proposed authentication protocol for secure distributed spectrum sensing which
identify the SUs and authenticate their spectrum sensing results. The protocol requires less bandwidth and efficient in
terms of computational cost.

In [16], authors proposed new Elliptical Key Digital Signature Algorithm. This algorithm is more efficient than
original ECDSA and offers more security. G. A. Safdar et al. [17] proposed cognitive authentication protocol for
mutual authentication between any two SUs using public/private key pairs. After authentication, the protocol offers
security for exchanging free channel list over common control channels. In [18], author compared the performance of
RSA algorithm with Elliptical Key Digital Signature Algorithm. As key size in Key Digital Signature Algorithm is
smaller, it performs better with compare to RSA.

Volume 5, Issue 10, October 2017 Page 82

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 10, October 2017 ISSN 2321-5992

3. COOPERATIVE SPECTRUM SENSING SCHEME

CR devices or SUs have to sense the spectrum for its availability. This spectrum sensing can be carried out either on
individual basis (ISS) by SUs or in cooperative manner. CSS is more beneficial than individual spectrum sensing. In
CSS scheme of spectrum sensing, all the SUs are involved in sensing of spectrum and then results of sensing is
forwarded to FC. CSS process of spectrum sensing is primarily classified in two classes. One is centralized and other is
distributed spectrum sensing. In case of centralized CRNs, if centralized spectrum sensing scheme is used then there is
separate base station to carry out the job of FC for fusion process. In case of distributed CRNs, if centralized CSS
scheme is used then any one SU can work as FC to execute fusion process. In distributed CRNs, if distributed spectrum
sensing scheme is used then every SU acts as FC to execute the fusion process. In this case, all SUs share their
spectrum sensing results among each other.

4. MAJOR ATTACKS IN CRNS

Although CSS scheme is more accurate and reliable than ISS, it is more vulnerable to security threats and attacks from
malicious users (MUs). The attacks that are more common in CRNs are primary user emulation attack (PUEA),
Spectrum sensing data falsification (SSDF) attack and jamming attack. When these attacks occupy the network then
network performance degrades. There are many SUs working in the CRN out of which some are genuine SUs and other
may behave maliciously. These malicious users (MUs) are responsible for launching these attacks.
4.1 Primary User Emulation Attack (PUEA)
The legitimate SUs are allowed to use the spectrum when PU is not using it. All the SUs have to sense the spectrum to
know whether PU is present in spectrum band or not. After sensing the spectrum, if SUs find vacant band then they can
use it for transmission. In this scenario, some of the MUs can mimic the primary users signals making other SUs in to
thinking that PU is under transmission. The MUs transmit the signals similar to PU signals characteristics. Hence,
genuine SUs believe that PU is using the spectrum. This vacant spectrum is then utilized by MUs mimicking the PU
signals. This attack launched by MUs is called PUEA. This attack is again categorized as selfish PUEA and malicious
PUEA. In selfish PUEA, the aim of the MUs is to use vacant band and prevent the other genuine SUs from using it. In
malicious PUEA, the aim of the MUs launching the attack is to block all the genuine from using the spectrum. This is
just like denial of service to all the genuine SUs in the network.
4.2 Spectrum Sensing Data Falsification (SSDF) Attack

The CSS scheme can be centralized or distributed. In centralized scheme, all the SUs send the results of spectrum
sensing to FC which then concludes presence or absence of PU by executing fusion process. In distributed CSS also
results of spectrum sensing are exchanged by SUs among them. Each SU acts as FC and execute fusion process to
conclude about PUs availability in spectrum band. In this CSS process, some of MUs can send the false results of
spectrum sensing to FC to influence the decision making of FC. This attack is called as SSDF attack.

4.3 Jamming Attack

Jamming attack blocks the channels so that genuine SUs should not be able to use it for communication. Some of the
MUs or jammers send the bogus packets over communication channel with intension of jamming the channels. In CSS
process, there is communication between SUs and FC. Also there is communication between SUs. The intension behind
jamming attack is to block this communication. This attack can be launched by jammers on both physical layer and
MAC layer. In MAC layer, common control channel (CCC) is used to send control packets and it supports to finite
number of users at the same time. This CCC is blocked by jammers so that it should not be available for
communication.

5. AUTHENTICATION AND SECURE COMMUNICATION

As some of the SUs behave maliciously to launch the above attacks, authentication of the SUs is necessary. An attacker
can also forge the identity of SUs to send false reports to FC. The proposed protocol considers network model with the
base station (FC), whitespace server (WSS) , SUs and PU in network. All SUs receives broadcasted message by FC as
its availability. White space server performs the authentication of all the SUs in network. All the nodes receive
broadcast message from white space server. All the SUs update the white space server information by adding in their

Volume 5, Issue 10, October 2017 Page 83

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 10, October 2017 ISSN 2321-5992

communication list. All the SUs use elliptic curve digital signature algorithm (ECDSA) in order to generate their
digital signature. After this, all SUs send the join message to white space server. After receiving join message, the
white space server verifies generated digital signature by SU using ECDSA. White space server then authenticates the
SU by authentication code enclosed with digital signature. This message white space server sends as reply message to
SU node to authenticate it. Those SU which still not authenticated generate the digital signature using ECDSA and
request to white space server by sending message. White space server then verifies digital signature by using ECDSA
and sends authentication code to SU in order to authenticate it. The secure communication is also established among
SUs and between SUs and FC by using elliptic key cryptography (ECC) encryption mechanism.

Figure 1 Communication between SUs, FC and WSS

6. SIMULATION ENVIRONMENT AND RESULT ANALYSIS

The simulation of the proposed protocol is carried out in NS-2 environment. The parameters that are considered for
performance measurement are packet delivery ratio (PDR), dropping ratio, control overhead, throughput and jitter. All
these parameters are measured with increasing size of traffic. The simulation time considered is 200 seconds and
packet size is 512 bytes. The number of users considered for simulation is 50. The network area considered is 800 X
800. Following results are obtained at FC and whitespace server. Although the attacks occupy the network, the obtained
results show the good performance. The protocol identifies and eliminates the attacker and also support for
authentication and secure communication. As there is secure path established, the link disconnection is also minimized.
Fig. 2 shows PDR and dropping ratio at FC. As number of sender increases in network, traffic also increases. The PDR
and hence dropping ratio is showing good performance as protocol avoids collision by reducing flooding.

Figure 2 PDR and Dropping ratio at FC for increasing traffic

Volume 5, Issue 10, October 2017 Page 84

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 10, October 2017 ISSN 2321-5992

Fig. 3 shows PDR and dropping ratio at white space server. At white space server also PDR is showing better results
with increasing traffic and hence dropping ratio accordingly.

Figure 3 PDR and Dropping ratio at WSS for increasing traffic

Figure 4 shows less number of control packets required to find correct to reach destination with increasing traffic. It
shows good network performance.

Figure 4 Control overhead at FC and WSS for increasing traffic

Fig. 5 shows throughput at FC and WSS for increasing traffic in network. Throughput increases with increasing traffic
showing good performance of network. Fig. 6 shows better results for jitter for increasing traffic.

Figure 5 Throughput at FC and WSS for increasing traffic

Volume 5, Issue 10, October 2017 Page 85

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 10, October 2017 ISSN 2321-5992

Figure 6 Jitter vs. traffic

7. CONCLUSION
In this paper, we proposed protocol that provides the authentication of SUs in CRN as they may behave maliciously to
launch PUEA, SSDF attack and jamming attack. The authentication is also needed as MU may forge the identity of
genuine SU to send the false reports to FC. White space server authenticates the SUs in network. The proposed protocol
also provides secure communication among SUs which minimize the link disconnection. The proposed protocol
identifies and eliminates the attacker of discussed attacks and hence it provides more channel quality for
communication. The results show good network performance for increasing size of traffic in network.

References
[1] J. Mitola, Cognitive radio for flexible mobile multimedia communications, in proceedings of 1999 IEEE
International Workshop on Mobile Multimedia Communications, 1999.(MoMuC99). IEEE, 1999, pp. 310.
[2] R. Chen, J. M. Park, and J. H. Reed, "Defense against primary user emulation attacks in cognitive radio networks
IEEE Journal on Selected Areas in Communications: Spl. Issue on Cognitive Radio Theory and Applications,
vol. 26, no. 1, pp. 25-37, Jan 2008.
[3] Z. Jin, S. Anand and K. P. Subbalakshmi, "Mitigating Primary User Emulation Attacks in Dynamic Spectrum
Access Networks using Hypothesis Testing" Mobile Computing and communication IEEE transactions on
communications, vol. 60, no.4, Sept 2010.
[4] Jianxin Yang,Yuebin Chen, Weiguang Shi, Xuejiao Dong and Ting Peng "Cooperative Spectrum Sensing
Against Attacks in Cognitive Radio Networks" Proceeding of the IEEE International Conference on Information
and Automation Hailar, China, 28-30 July 2014.
[5] Deepa Das and Susmita Das, "Cooperative Spectrum Sensing Using Hybrid IWOPSO Algorithm in Cognitive
Radio Networks" IEEE 12th Malaysia International Conference on Communications (MICC), Kuching, Malaysia,
23 - 25 Nov 2015.
[6] Xiaofan He, Huaiyu Dai and ,Peng Ning "A Byzantine Attack Defender in Cognitive Radio Networks: the
Conditional Frequency Check" IEEE Transactions on Wireless Communications, vol. 12, issue 5, May 2013.
[7] CAO Long, ZHAO Hangsheng, ZHANG Jianzhao and LIU Yongxiang "Secure cooperative spectrum sensing
based on energy efficiency under SSDF attack" IEEE International Wireless Symposium (IWS 2015), 30 March-1
April 2015.
[8] Aida Vosoughi, Joseph R. Cavallaro and Alan Marshall Robust Consensus-based Cooperative Spectrum Sensing
under Insistent Spectrum Sensing Data Falsification Attacks" IEEE Global Communications Conference
(GLOBECOM), 6-10 Dec 2015.
[9] Linyuan Zhang, Guoru Ding, Fei Song and Qiao Su Defending Against Byzantine Attack in Cooperative
Spectrum Sensing Relying on a reliable Reference IEEE/CIC and International Conference on Communications
in China (ICCC), 27-29 July 2016.
[10] Huifang Chen, Ming Zhou and Lei Xie "Joint Spectrum Sensing and Resource Allocation Scheme in Cognitive
Radio Networks with Spectrum Sensing Data Falsification Attack" IEEE transactions on Vehicular Technology,
vol. 65, no. 11, Nov 2016.

Volume 5, Issue 10, October 2017 Page 86

 IPASJ International Journal of Computer Science (IIJCS)
Web Site: http://www.ipasj.org/IIJCS/IIJCS.htm
A Publisher for Research Motivation ........ Email:editoriijcs@ipasj.org
Volume 5, Issue 10, October 2017 ISSN 2321-5992

[11] Jafar Mohammadi, Sawomir Stanczak and Meng Zheng Joint Spectrum Sensing and Jamming Detection with
Correlated Channels in Cognitive Radio Networks IEEE International Conference on Communication Workshop
(ICCW), 8-12 June 2015.
[12] Ronak Bhojani, Rutvij Joshi An Integrated Approach for Jammer Detection using Software Defined Radio 7th
International Conference on Communication, Computing and Virtualization 2016, Procedia Computer Science,
vol. 79, pp. 809 816, 2016.
[13] Haojin Zhu, Chenliaohui Fang, Yao Liu, Cailian Chen, Mengyuan Li, and Xuemin (Sherman) Shen You Can
Jam But You Cannot Hide: Defending Against Jamming Attacks For Geo-Location Database Driven Spectrum
Sharing IEEE Journal On Selected Areas In Communications, vol. 34, no. 10, October 2016.
[14] Hyun Sung Kim Location-based authentication protocol for first cognitive radio networking standard Elsevier,
Journal of Network and Computer Applications, vol. 34, pp. 1160-67, 2011.
[15] Helena Rifa-Pous and Carles Garrigues, Authenticating hard decision sensing reports in cognitive radio
networks Elsevier, Journal of Computer Networks, vol. 56, pp. 566-576, 2012.
[16] Shweta Lamba and Monica Sharma, An Efficient Elliptic Curve Digital Signature Algorithm (ECDSA) IEEE
International Conference on Machine Intelligence and Research Advancement, (ICMIRA 2013), ,Katra, India,
21-23 Dec 2013.
[17] G.A. Safdar, S. Albermany, Nauman Aslam, A. Mansou1 and G. Epiphaniou Prevention against threats to self
co-existence A Novel Authentication Protocol for Cognitive Radio Networks IEEE 7th IFIP Wireless and
Mobile Networking Conference (WMNC), Vilamoura, Portugal, 20-22 May 2014.
[18] Sharon Levy Performance and Security of ECDSA www.semanticscholar.org, 2015.

Volume 5, Issue 10, October 2017 Page 87