2014 6th International Conference on CSIT

ISBN:987-1-4799-3999-2

A Survey on Security in Cognitive Radio Networks

Mahmoud Khasawneh, Anjali Agarwal
Department of Electrical and Computer Engineering, Concordia University, Montreal, Canada
{m_khasaw, aagarwal}@encs.concordia.ca
AbstractCognitive radio (CR) has been introduced to

accommodate the steady increment in the spectrum demand.

In CR networks, unlicensed users, which are referred to as
secondary users (SUs), are allowed to dynamically access the
frequency bands when licensed users which are referred to as
primary users (PUs) are inactive. One important technical
area that has received little attention to date in the cognitive
radio system is wireless security. New classes of security
threats and challenges have been introduced in the cognitive
radio systems, and providing strong security may prove to be
the most difficult aspect of making cognitive radio a longterm commercially-viable concept. This paper addresses the
main challenges, security attacks and their mitigation
techniques in cognitive radio networks. The attacks showed
are organized based on the protocol layer that an attack is
operating on.
Keywords-Cognitive radio; Security; Attack; Primary User
(PU); Secondary User (SU)

I.

INTRODUCTION

Recently, cognitive radio (CR) [1] technique has become

one of the most common studied techniques in wireless
networks field. The conventional spectrum management
approach is currently and widely applied by regulators over
the world; wherein the regulators assign locally the spectrum
frequency bands to service providers for large geographical
ranges and for long periods of time. Then each service
provider manages its frequency band by defining its users,
their rights, and specifying the regulations that control the
communication over its channels. Although these regulations
intend to enhance the spectrum usage, they can lead to
spectrum scarcity problem. Because of these regulations, the
licensed users of the service providers may be prevented from
changing their behaviors according to market demand.
Recently, the power management has been restructured
relying on market forces [2]. A service provider sells the
spectrum to its end users which are referred to primary users
(PUs) in form of bandwidth. These PUs which own the
spectrum for long term, can resell their unused spectrum to
another users which are known as secondary users (SUs).
Security is considered as a vital area that has received little
attention in the cognitive radio network [3]. The most
important behaviour of the attackers can be categorized into
the followings (i) misbehaving, (ii) selfish, (iii) cheating and
(iv) malicious [3]. These behaviours clearly impact the
network performance significantly. The most important
security properties are availability: the spectrum/channel
should be returned to the primary user when he is active;

64

978-1-4799-3999-2/14/$31.002014 IEEE

reliability of transmitting sensing results for SU; nonrepudiation: agreement between the PU and the SU;
authentication: to assure the credibility of the CR users; and
stability: the ability to come back to equilibrium state after
being hindered by a physical disturbance [4].
The attacks generally follow a layered approach [4]. The
attacks such as Primary User Emulation (PUE) [5], Jamming
[6], and the Objective Function [4] occur in the Physical
Layer. The attacks such as Spectrum Sensing Data
Falsification (SSDF) [18] and the Control Channel Saturation
DoS [7-8] occur in the Link Layer. The attacks such as
Sinkhole [4], HELLO Flood [11] and Sybil attack [9] occur at
the Network Layer. The attacks such as the Lion Attack [10]
and Key Depletion Attack [11] occur at the Transport Layer.
Some attacks, such as Jamming Attack, might target one layer
and have influences and consequences over other layers, these
attacks are known as cross-layer attacks.
The rest of this paper is organized as follows: in Section II,
we show a general overview of cognitive. Section III presents
the general security requirements. The different attacks with
their mitigation techniques over physical layer are shown in
Section IV. Data link layer attacks as well as their mitigation
techniques are demonstrated in Section V. Section VI and VII
show the network layer attacks and transport layer attacks with
their mitigation techniques respectively. In Section VIII we
provide some few future directions that need to be addressed
by researchers. We conclude this paper in Section IX.
II.

AN OVERVIEW OF COGNITIVE RADIO NETWORKS

The principle of Cognitive Radio was firstly mentioned and

explained by Joseph Mitola [1]. Cognitive Radio could be
defined as an efficient technology that allows more users to
use the available spectrum. Spectrum sensing is assumed as
the basic functionality in CR. Spectrum sensing aims to find
the vacant spectrum holes for dynamic use. In general, there
are two sensing modes, reactive sensing and proactive sensing
[5]. Generally, the spectrum sensing techniques can be
categorized as transmitter detection, cooperative detection,
and interference-based detection [1]. In transmitter detection,
the presence of the PU transmitter in its spectrum band is
determined. Three schemes that are generally used for the
transmitter detection are: matched filter detection, energy
detection and cyclostationary feature detection [1]. Matched
filter detection is used if the secondary user has information
about the primary user signal. If there is not enough
information about PUs signal, energy detection is applied. In
cyclostationary feature detection, modulated signals are

Published by the IEEE Computer Society

2014 6th International Conference on CSIT

coupled with other signals. In cooperative detection technique,

cooperation concept between the SUs is applied in order to
improve the sensing results. The last technique, interferencebased detection technique, has been introduced by the FCC in
[6], wherein the interference temperature is measured and
compared with statistical information to make the decision
about the PU presence in its spectrum band. Different schemes
represent the spectrum sensing functionally which could be
classified as following:
Centralized cooperative scheme: where there is a
controller, and cooperation between the SUs to sense
the spectrum holes, where each SU, individually,
senses the spectrum holes and sends the sensing
information to the controller that makes the final
decision of the spectrum.
Centralized non-cooperative scheme: in this scheme
the controller senses the spectrum holes and manages
the access to the holes for different SUs.
Distributed cooperative scheme: there is no controller
in this approach. Each SU senses the spectrum holes,
and then all SUs distribute their spectrum sensing
information to other SUs.
Distributed noncooperative: same as the previous
one, but each SU senses the spectrum holes and then
decides which spectrum hole to use without
considering the other SUs sensing information.
Spectrum management is another functionality of CR. The
objective of spectrum management is to share the spectrum
between many users, PUs and SUs, in such a way that it
accomplishes different goals and requirements. The main
objective for the SU is to attain its QoS. There are many
factors that represent the QoS of SU such as using high data
rate for sending its data, using proper power values in the
transmission process, or reducing the interference caused to
other users in the network. For the PU, it always tries to lease
its unused frequency channels to SUs which pay more; that
finally results in attaining high revenue.
Three different models used to represent the spectrum
sharing functionality in cognitive radio networks which are as
follows:
Public commons model: the radio spectrum is open
to anyone for access with equal rights; this model
currently applies to the wireless standards (e.g., WiFi
and Bluetooth radio) operating in the license-free
ISM (Industrial, Scientific, and Medical) band.

Exclusive usage model: the radio spectrum can be

exclusively licensed to a particular user; however,
spectrum utilization can be improved by allowing
dynamic allocation and spectrum trading by the
spectrum owner.
Private commons model: different users in a
cognitive radio network (e.g., primary, secondary,
tertiary, and quaternary users) can have different
priorities to share the spectrum. Secondary users can
access the spectrum using an underlay or overlay
approach.

ISBN:987-1-4799-3999-2

III. SECURITY REQUIREMENTS

As any other type of wireless networks, cognitive radio
networks are vulnerable to many security attacks. Moreover,
the radio technology itself is vulnerable to be attacked.
Cognitive radio networks differ from other wireless networks
where some reliability issues are unique to CRN, such as high
sensitivity to weak primary signals, unknown primary receiver
location, tight synchronization requirement in centralized
cognitive networks, and lack of common control channel [12].
Therefore, malicious nodes can utilize the vulnerability of these
reliability issues to attack the different layers of
communication protocol.
Security is an important issue in the context of CRN that
got less interest of researchers. In CRN, security threats are
much more complex and possibility of an attack is higher than
that in other networks since the network nodes are much more
intelligent by design. Hence, security measurements and
polices should be developed to reduce the opportunity that
malicious
nodes
attack
the
CR
network.
There are many concepts that should be applied to satisfy a
secure communication among wireless network nodes which
are: Confidentiality, integrity, availability and authentication.
Confidentiality means to protect information such that there
is no unauthorized revelation to systems or individuals. Data
Confidentiality is a mandatory requirement in wireless
networks generally to maintain the privacy of the data owner as
the data owner can include a bank storing credit and balance
information about a customer [4].
Integrity is the property of ensuring that information will
not be accidentally or maliciously altered or destroyed. It
means that data is transmitted from source to destination
without alteration [6]. The message data can only be altered by
the sender without detection. Integrity protects against
unauthorized creation, alteration or destruction of data. If it
were possible for a corrupted message to be accepted, then this
would show up as a violation of the integrity property [7].
Availability means to let the network users use the network
for their own transmissions and keep track of the traffic over
the network.
Authentication is the verification of the claimed identity of
a principal [4]. It is a primary security property while other
properties often rely on authentication having occurred.
Authentication is sometimes taken to be of two types:

Message authentication: Ensuring, that a message

received matches the message sent. Sometimes, it
means a proof of the identity of the creator of the
message.
Principal authentication: Corroborating that a
principal is the one claimed.

The first step in utilizing the unused spectrum is the

spectrum sensing process, as mentioned above, which is
considered as cataleptic context for malicious nodes to arise
and attack the CRN. Security comprises two issues in PUs
signals detection which are misdetection and false detection.
False detection means that that a SU records that a PU is

65

2014 6th International Conference on CSIT

ISBN:987-1-4799-3999-2

present in its band while in real it is not and a malicious node

alleges as a PU and sends strong signal to SUs. Misdetection
issue is the opposite of the false detection issue.
The previous mentioned issues are one example of some
security issues that can arise and make CRN more challenging
solution. Stronger security mechanisms should avoid the
harmful effects of the different attacks such as overhearing
other users information, interfering with other users
transmission signals, degrading the quality of service of
licensed users, and therefore increasing the spectrum scarcity
problem which is intended to be solved by CR technology.
Security threats in any mobile ad hoc network are much
higher than a traditional wired network. In CR network, the
threats are much more complex and possibility of an attack is
higher since the network nodes are much more intelligent by
design. The threats, in CRN, can be categorized according to
the layers they target as follows: physical layers attacks, data
link layer attacks, network layer attacks, and transport layer
attacks. Moreover, the threats might have a cross layers effects
wherein one attack can target one layer and affect other layers.
IV.

PHYSICAL LAYER ATTACKS

The bottom layer of the protocol stack is the physical layer

that provides an interface to the transmission medium. The
physical layer consists of any physical medium that is used to
make any two network devices communicate to each other,
such as the network cards, fiber, cables, or the atmosphere as
in the cognitive radio network networks. The operation of the
cognitive radio network is more complicated than other
wireless communication networks because the cognitive radio
uses the frequency spectrum dynamically. Spectrum sensing,
as mentioned earlier, is the first step to use the unallocated
spectrum bands, and as the atmosphere is the medium of that
which is open to public, the physical layer is vulnerable to
many threats that attack the spectrum sensing process.
Following are few attacks aimed at disrupting communication
by targeting the physical layer of the cognitive radio network.
A. Primary User Emulation Attack (PUE)
Proper function of the spectrum sharing feature of the
cognitive radio network requires the radios ability to
distinguish between the primary and secondary user signals
[5]. Many techniques such as filter detection, energy detection,
and cyclostationary feature detection have to be efficient to
provide the ability of distinction.
In such inimical environment, defining the primary user
from others could be extremely difficult. In the primary
emulation attack (PUE), as shown in figure 1, an attacker may
modify their air interface such that it emulates the primaryusers signal characteristics [7]. In this attack the other
secondary users will falsely determine the frequency is in use
by a legitimate primary user, and so vacate the frequency right
away while in real it is not.

66

Figure1. PUE Attack [11]

The fraud may commit the attack selfishly, so the attacker
can use the spectrum, or maliciously, so the other legitimate
users will have their communication disrupted, resulting in a
Denial of Service attack. In addition, the attacker can poison
the data collected about the spectrum usage that is used by the
learning cognitive radio to determine which frequencies to try
to access in the future. Therefore, the primary user attack
(PUE) leads in an objective function attack [4].
In [14] the authors introduce a robust technique based on
the principal component analysis for spectrum sensing
process. All SUs send their observation matrix about different
PUs to one fusion center which keeps track of the SUs
transmission signal power in another matrix called low rank
matrix. The fusion center uses this matrix to decide which
nodes are suspect nodes and notify the other legitimate nodes.
The data cache is no longer poisoned, and the results of the
primary user sensing process are more accurate.
Another method of defense against the primary user
emulation attack is proposed in [15]. This method is based on
the concept of belief propagation. All secondary users in the
network follow a sequence of steps until the suspect nodes are
detected and excluded from the spectrum sending process.
Each SU calculates iteratively two different types of functions
which are location function and compatibility function that are
being used to determine and check the location and the
compatibility of PUs. After that, SU makes the decisions about
PUs, prepares sensing messages, exchanges these messages
with neighboring SUs, and calculates the belief level of other
SUs until convergence. At convergence, any existing attacker
will be detected, and secondary users will be notified via
broadcast message of the attackers signal characteristics and
therefore neglect and exclude that attacker sensing results.
This allows all secondary users to avoid the attackers primary
emulation signal in the future. In [16], the authors propose
another method of detection and mitigation of a primary user
emulator. A fusion center receives the sensing information
from the different SUs in the network which uses such
estimation algorithms to detect the primary user in the
presence of the attacker.

2014 6th International Conference on CSIT

B. Objective Function Attack

As the cognitive radio has the ability to adjust the radio
transmission parameters according to the current state of the
environment. The cognitive engine in the adaptive radio is the
one responsible for adjusting the radio parameters in order to
meet specific requirements such as low energy consumption,
high data rate, and high security. Radio parameters include
center frequency, bandwidth, power, modulation type, coding
rate, channel access protocol, encryption type, and frame size
[13]. The cognitive engine calculates these parameters by
solving one or more objective functions, for instance find the
radio parameters that maximize data rate and minimize power.
Manipulating the parameters that will meet the objective
function is vulnerable to be attacked. An attacker can launch
its attack by wrongly manipulating these parameters which
lead the results to meet its own objective function which is not
the one intended by users of the network.
A scenario of an Objective Function attack is illustrated in
[13], wherein the cognitive engine calculates the parameters
that maximize an objective function composed of transmission
rate (R) and security (S), i.e., f = w1R + w2S, where w1 and
w2 represent the weights of R and S. Whenever the cognitive
engine attempts to use a higher security level S, the attacker
launches a jamming attack on the radio, thus reducing R and
hence reducing the overall objective function. The cognitive
engine will then cease from increasing the level of security in
order not to decrease the overall of the objective function.
Therefore, the attacker forces the radio to use a low security
level that can be hacked.
To detect and mitigate this attack, a predefined threshold
for each of these parameters is proposed in [17]. If the value of
any of these parameters goes beyond the threshold value, the
communication shall stop and these communicating nodes will
be reported to a fusion center that has to re-authenticate each
of them.
C. Jamming Attack
The attacker (jammer) maliciously sends out packets to
block legitimate participants in a communication session from
sending or receiving data; consequently, creating a denial of
service situation. However, there are other reasons that make
the transmission channels saturated such as the network
congestion due to the messages exchange between the nodes.
To mitigate this attack, secondary users have to keep track
of the primary users location which can be obtained by
contacting a base station or relayed upon other participating
network nodes. By comparing the PUs location to the
location of the node making requests would alert the network
that a malicious node may exist.
V.

DATA LINK LAYER ATTACKS

The data link layer is responsible for managing traffic flow

and error control over the physical medium. Moreover, Data
link layer supports multiple users on a shared medium within
the same network. Each computer is assigned its own unique

ISBN:987-1-4799-3999-2

MAC address. Most of the attacks presented in this layer

targets the MAC addresses.
A. Spectrum Sensing Data Flassification
In the spectrum sensing data falsification, the attackers
share false sensing information into the decision stream as a
legitimate member of the network. By doing that, the attackers
aim to selfishly acquire increased spectrum availability for
themselves, or the attackers may have a goal of disrupting the
throughput of the network for other heinous reasons.
The authors in [18] propose a mitigation method for SSDF
attack. During the sensing period, all the malicious nodes and
the other SUs make their own decisions about the
presence/absence of PUs in their bands and forward these
decision to a central fusion. The central fusion keeps a track of
how many times each node needs to have the right decision
about the PU; this number of times is called measure. The
higher the value of the measure the less reliable the nodes
observation is considered. The nodes with higher value of
measure will be excluded from the following sensing results
collection iteration.
B. Control Channel Saturation
In cognitive radio network, one control channel is used to
carry all the control traffic between the network users.
However this control channels has a limit of data to be carried
and transmitted.
The control channel will be in a saturated mode once it is
not able to carry more control traffic. An attacker can
broadcast a large number of packets with the intent to saturate
the control channel. By sending different types of packets, a
malicious node reduces the risk of detection. The attackers
aim to reduce the number of legitimate nodes that can use the
spectrum and give themselves the opportunity to highly use
the frequency bands.
To mitigate this attack, a CR network could be categorized
into many clusters. In each cluster, a common control channel
is used. If an attacker is targeting a control channel, the other
clusters nodes will not be affected; hence the affected
network area is reduced [19].
VI.

NETWORK LAYER ATTACKS

The main functionality provided by the network layer is to

route data packets from a source node on one network to a
destination node on another network, while maintaining
quality of service as it is requested by both the parties of a
communication. Fragmentation and reassembly of packets, if
required are two other services provided by the network layer.
The cognitive radio network shares security issues with the
classic wireless communication networks due to the three
shared architectures which are mesh, ad hoc, and
infrastructure. Cognitive radio networks also share similarities
with wireless sensor networks. The attackers spend their time
on targeting the routing functionality as it is the most
complicated and vulnerable to eavesdropping.
Too many threats are attacking the network layer; however
three of them are considered the most challenging in research
which are Hello, sinkhole, and Sybil attacks.

67

2014 6th International Conference on CSIT

A. Hello Attack
An adversary broadcasts a message to all node of a
network stating that it is the best route to a specific destination
node in the network. The attacker use high power level to send
the broadcast message to convince all the other nodes that this
attacking node (adversary) is their neighbor. When the
attacker uses a high power level to send the broadcast
message, the other nodes will receive this message with good
signal strength and they assume that this attacking node is
very close to them while it is not in reality. The network nodes
will forward their packet destined to a particular node through
this attacking node with regular signal power level, but the
messages will be lost due to the far distance of the attacking
node (the forwarding node). Since all nodes of network
forward packets to an attacking node and their packet are lost,
they will find themselves with no neighbors after a while.
Different methods can be used to mitigate this attack. All
links between nodes should be bidirectional and this
functionality could be checked and verified by sending one
message over links and in presence of a trusted node which is
fusion center. The fusion center will initiate and verify the
session keys between any pair of network nodes. Two
purposes sit behind the use of session key which are verifying
the identity of the communication nodes to each other and
providing a ciphered link among them. If one node claims to
be a neighbor to a big number of network nodes, an alarm
should be raised about attacker detection.
B. Sinkhole Attack
In a sinkhole attack, an attacker advertises itself as the best
route to a specific destination, motivating neighboring nodes
to use it to forward their packets [8]. An attacker may use this
way to perform another attack called selective forwarding
where an attacker has the ability to modify or discard packets
from any node in the network. The attack is particularly
effective in the infrastructure and mesh architectures as all
traffic goes through an access point letting the attacker falsely
claim that it is the best route for packet forwarding.
To mitigate this attack, a fusion center is required to
authenticate the different network nodes. If a new node likes
to join the network, an authentication process should be
applied. This authentication process will add new nodes to the
network if and only they are well authenticated and identified.
If the attacker is one of the already authenticated nodes, a
periodic notification messages should be sent by the base
station to all network nodes about any doubt or
communication issues in the forwarded, dropped, and
modified packets, hence the attacker should be excluded and
discarded from the network. Another solution to mitigate the
sinkhole attack is to apply one of the on demand routing
protocols used in wireless sensor or ad hoc networks such as
security-aware ad hoc routing protocol, AODV, or DSR.
In these routing protocols, the source node that wants to send a
packet to another node establishes the path by sending route
request message. This message should contain a security
metric (level) that should be processed by intermediate nodes
to check if this level is satisfied or not. The message will be

68

ISBN:987-1-4799-3999-2

forwarded to the next intermediate node once the security

level is satisfied otherwise it is dropped. If this request reaches
the destination properly and correctly, the destination will
prepare and send a route reply to sender through the
intermediate nodes that process the route request message
earlier. The attacker still can be present in networks that use
this type of protocols by changing or altering the security
level. However the route request and reply messages contain a
ciphered key that prevents any node that does not know this
key from decrypting the messages. Therefore, even if the
attacker generates messages with changed security levels, the
legitimate nodes will drop these packets since they dont
contain the correct ciphered key generated by the base station.
C. Sybil Attack
In Sybil attack, the attacker uses different fake identities to
represent one entity. The attacker uses the same node with its
different fake identities to cheat on the legitimate nodes. The
effect of this attack is clear in the cooperative spectrum
sensing technique wherein all nodes participate cooperatively
in making the decision about the presence or absence of a PU
over its spectrum. In that, the attacker can send wrong sensing
information which lead to wrong sensing decision and hence
let the PUs channels unused or exclusively used by the
attacker himself.
Nodes identity validation technique is used to mitigate this
attack wherein there are two ways of validation used which
are direct and indirect validation. In direct validation, each
node tests directly the identity of other node if it is valid or
not. On the other hand, in indirect validation, other verified
nodes can validate or send reputation report for other nodes. In
any type of the validation types, the resources of a node are
tested and these resources should be limited and able to handle
communication, storage, and computation resources.
VII. TRANSPORT LAYER ATTACKS
The transport layer provides many services such as flow
control, congestion control, and end-to-end error control and
recovery. The transport layer in the cognitive radio network is
subject to many of the vulnerabilities that plague wireless ad
hoc networks.
A. Key Depeletion Attack
Cognitive radio networks have a short transport layer
session duration due to frequently occurring retransmissions
and high round trip times [6]. Therefore, a large number of
sessions are initiated between communication parties. Most
transport layer protocols, such as secure socket layer (SSL)
and transport layer security (TLS), establish cryptographic
keys at the beginning of each transport layer session. With the
great number of session keys generated, it becomes more
likely that a session key got repeated. Repetitions of a key can
provide an avenue of exploitation to break the underlying
cipher system [9]. It has been established that wired equivalent
privacy (WEP) and temporal key integrity protocol (TKIP)
protocols used for IEEE 802.11 are prone to key repetition
attacks.

2014 6th International Conference on CSIT

ISBN:987-1-4799-3999-2

Figure 2. Cross-Layers Attacks Effects

Therefore, the attackers can eavesdrop the communication

traffic between the two communication users and got the
session key, and therefore use this key to send get the session
data. To mitigate this attack new ciphering algorithms have to
be developed to make the session keys sharing process done
in a more secure way.
Figure 2 illustrates the different concepts of cognitive radio
networks and the way that they are linked to each other. As
each layer is communicating with the other layers to provide
its functionality that brings new security threat problems in
CRN which is called Lure attack problem [10]. In Lure attack,
during the process of finding routes from source to
destination, malicious node firstly modifies the request packet
of receiving routing by adding false available channel
information to it. This false channel information will lure
other nodes into the routing lap, and drop the forwarded
packets. This threat seriously can affect the communication
performance of the network.
Table I summarizes the different attacks illustrated in this
paper. Moreover, it shows the security requirement that each
threat is trying to attack and degrade.
Table I: Attacks Preview

Attack
Primary
User
Emulation (PUE)
Attack
Hello Attack

Targeted layer
Physical

Security requirement
Authentication
and
Availability

Physical

Objective
Function Attack
Spectrum Sensing
Data Falsification
Attack
Control Channel
Saturation Attack
Hello
Flood
Attack

Physical

Authentication
Availability
Authentication
Availability
Authentication
Availability

Data Link
Data Link
Network

Authentication
Availability
Authentication,
Availability,

and
and
and
and

Confidentiality
and
Integrity
Sinkhole Attack
Network
Authentication,
Availability,
Confidentiality
and
Integrity
Sybil Attack
Network
Authentication,
Availability,
Confidentiality
and
Integrity
Key
Depletion Transport
Confidentiality
and
Attack
Integrity
Lure Attack
Cross layers
Authentication,
Availability,
Confidentiality
and
Integrity
In general, to mitigate the previous mentioned attacks in CR
networks behaviors, a CR must possess four key
characteristics. First, CR has to possess the ability to make
authentication for the local nodes forming a cognitive radio
network. Second, CR has to be able to exchange information
with other cognitive radios in a strongly secure way. Third,
CR has to validate the information exchanged among the
different cognitive radios in the network. Last and not least,
CR has to be able to analyze the behavior of the different
nodes of one cognitive radio network.
VIII. FUTURE DIRECTIONS
As the security issues in CRN are still getting less attention
by researchers, we show some research directions that need
further investigations to make the CRN more secure.
A. Considering the existing security solutions.
In other types of wireless network such as cellular
networks, ad hoc wireless networks and mish networks,
different existing security protocols can be applied in the
context of CRN. In cellular networks, each user has a unique
identity which is called international mobile user identity
obtained by an access point. A secret key is shared between
the base station and the newly admitted nodes to apply
authentication mechanism.
The same authentication
mechanisms could be used between the secondary users and
the base station of the cognitive radio network.
B. Considering Cross-Layers Attacks
Some attacks might target one layer and have influences
and consequences over other layers, these attacks are known
as cross-layer attacks. In cognitive networks, there is an
inherent need for greater interaction between the different
layers of the protocol stack. Therefore, the cross-layer attacks
need to be given more attention in cognitive networks.
C. Devloping Cryptograohic Algorithms
Malicious node behaves in such a way to convince the
secondary users that it is a primary user and then start its
misbehaving work. Therefore, each primary user has to
provide its identity to other nodes in the network letting them
differentiate between legitimate primary users and malicious

69

2014 6th International Conference on CSIT

ISBN:987-1-4799-3999-2

nodes. Hence, new cryptographic algorithms should be

proposed for primary users identification process.

[4]

D. Proposing Efficient Spectrum Sensing Techniques

If the secondary users sense the primary users correctly,
then they can efficiently use the unused licensed bands. An
exchanging information method has been proposed in [20],
where we used clustering, sureness, and cooperation concepts
to exchange the spectrum sensing information between the
secondary users. Comparing different proposed schemes will
lead to develop more efficient and robust spectrum sensing
techniques that prevent frauds from attacking cognitive radio
networks.

[5]

E. Applying Game Theory

Game theory has been used mostly in economics, in order
to model competition between firms. It has also been applied
to networking, generally to solve routing and resource
allocation problems in a competitive environment [21].
Recently, game theory was also applied to wireless
communication: the decision makers in the game are rational
users who control their communication devices [21-22]. Most
game approaches on spectrum and power management do not
consider security issues and make some assumptions related to
security, such as all users are not malicious users, all users are
trusted, all users are authorized as well as authenticated, and
the primary user is a trusted party. However, in some
environment these assumptions are not valid, which require
changes to the existing model to prevent any kinds of attacks
or denial of services. Therefore, game theory should be
studied and applied to provide secure approaches of spectrum
sharing between the networks nodes.
IX.

[6]

[7]

[8]

[9]

[10]

[11]

[12]

[13]
[14]

[15]

CONCLUSIONS

Despite the main objective of using cognitive radios which

is to increase spectrum utilization by allowing the unlicensed
(secondary) users to opportunistically access the frequency
band actually owned by the licensed (primary) users, the
classification of users into two different categories gives rise
to several security issues that are unique to cognitive radio
communications.
We showed in this paper the main requirements of having
secure protocols in different wireless networks especially in
CRN, some attacks targeting the different protocol layers
stack, and methods of mitigating these attacks. It showed some
challenging issues in CRN that need more research in future.
The paper attempted to address the major threats that widely
applied in cognitive radio networks and their effects on the
different security requirements.

[16]

[17]

[18]

[19]

[20]

REFERENCES
[1]
[2]

[3]

J. Mitola, Cognitive radio for flexible multimedia communications in

Proceedings of MoMuC99, 1999, pp. 3-10.
P. Crocioni, Is allowing trading enough? Making secondary markets in
spectrum work, Telecommunications Policy, vol. 33, 2009, pp. 451468.
I. Akyildiz, and Y. Li, OFDM-based cognitive radio networks,
Broadband and Wireless Networking Laboratory Technical Report,
(2006) OCRA, March 2006.

70

[21]

[22]

W. El-Hajj, H. Safa, M. Guizani, Survey of Security Issues in

Cognitive Radio Network, Journal of Internet Technology Volume 12,
No.2, 2011.
Z. Jin, S. Anand, and K.P. Subbalakshmi, Detecting Primary User
Emulation Attacks in Dynamic Spectrum Access Networks, Proc. IEEE
Intl Conf. Comm. (ICC 09), June 2009.
S. Sodagari and T. C. Clancy, An anti-jamming strategy for channel
access in cognitive radio networks, In Decision and Game Theory for
Security, pages 3443. Springer, 2011.
J. Zhao and G. Cao, Robust topology control in multi-hop cognitive
radio networks, In INFOCOM, 2012 Proceedings IEEE, pages 2032
2040. IEEE, 2012.
L. Akter and B. Natarajan, Distributed Approach for Power and Rate
Allocation to Secondary Users in Cognitive Radio Networks, IEEE
Trans. Vehicular Technology, vol. 60, no. 4, pp. 1526- 1538, May 2011.
Y. Tan, K. Hong, Sh. S., and KP. Subbalakshmi, Using sybil identities
for primary user emulation and byzantine attacks indsa networks, In
Global Telecommunications Conference (GLOBECOM2011), pages 1
5., 2011.
J. Hernandez-Serrano, O. Len and M. Soriano, Modeling the Lion
Attack in Cognitive Radio Networks, EURASIP Journal on Wireless
Communications and Networking, Vol.2011, Article ID 242304, 10
pages, 2011.
CN. Mathur and KP. Subbalakshmi,"Security issues in cognitive radio
networks", In: Cognitive networks: towards self-aware networks, July
2007.
D. Vir, Dr. S.K Agarwal, Dr. S.A Imam, Power Analysis and
Comparison of Reactive Routing Protocols for Cognitive Radio Ad Hoc
Networks, IJAREEIE, July 2013.
D. Hlavacek,, and J. Morris Chang,, A Layered Approach to Cognitive
Radio Network Security: A Survey.
F. Lin, Z. Hu, S. Hou, J. Yu, C. Zhang, N. Guo, M. Wicks, R. C Qiu,
and K. Currie, Cognitive radio network as wireless sensor network (ii):
Security consideration, In Aerospace and Electronics Conference
(NAECON), Proceedings of the 2011 IEEE National, pages 324328.
IEEE, 2011.
Z. Yuan, D. Niyato, H. Li, J. B. Song, and Z. Han, Defeating primary
user emulation attacks using belief propagation in cognitive radio
networks, Selected Areas in Communications, IEEE Journal on,
30(10):18501860, 2012.
C. Chen, H. Cheng, and Y. Yao, Cooperative spectrum sensing in
cognitive radio networks in the presence of the primary user emulation
attack, Wireless Communications, IEEE Transactions on, 10(7):2135
2141, 2011.
O. Len, J. Hernndez-Serrano, and M. Soriano, Securing cognitive
radio networks, International Journal of Communication Systems,
23(5):633652, 2010.
A. Rawat, P. Anand, H. Chen, and P. Varshney. Collaborative
spectrum sensing in the presence of byzantine attacks in cognitive radio
networks, Signal Processing, IEEE Transactions on, 59(2):774786,
2011.
L. Lazos, S. Liu, and M. Krunz. Mitigating control-channel jamming
attacks in multi-channel ad hoc networks. In Proceedings of the second
ACM conference on Wireless network security, pages 169180. ACM,
2009.
Mahmoud Khasawneh, Anjali Agarwal, Nishith Goel, Marzia Zaman,
Saed Alrabaee, Sureness Efficient Energy Technique for Cooperative
Spectrum Sensing in Cognitive Radios, 2012 International Conference
on Telecommunications and Multimedia (TEMU) , Greece, 2012, Pages
25-30
S. Alrabaee, A. Agarwal, N. Goel, M. Zaman, M. Khasawneh, A
Game Theory Approach: Dynamic Behaviors for Spectrum Management
in Cognitive Radio Network, GC'12 Workshop: MENS 2012,
December 3-7, 2012, Anaheim, California,USA
M. Khasawneh, A. Agarwal, N. Goel, M. Zaman, S. Alrabaee A Game
Theoretic Approach to Power Trading in Cognitive Radio Systems, The
20th International Conference on Software, Telecommunications and
Computer Networks - SoftCOM 2012, September 11-13, 2012, Split,
Croatia.