||Security Information Technology of Physical Layer Based on Channel-tap Power for Mobile OFDM Systems and Cognitive Radio Networks
||Department of Engineering Science
||Trong Nghia Le
Physical Layer Detection
Primary User Emulation Attacks
Security Information Technology
本論文提出實體層安全訊息技術(security information technologies) 並將其應用於行動正交分頻多工(OFDM) 系統以及基於正交分頻多工系統的感知無線電(Cognitive radio) 網路。在傳統上，安全的問題被視為實體層(Physical layer) 與上層協定，且通常在上層處理。目前廣泛使用的加密協定(cryptographic protocols) 都將從實體層得到的資料視為完全正確的。然而當隨意(ad-hoc) 和分散網路(decentralized networks) 結合使用時，卻會讓前述的加密協定變的複雜且難以實現。為了改善與增強傳統正交分頻多工系統和感知無線電中的安全機制，我們利用功率延遲剖面(power-delay profile)，
並且同時考慮通道時間(channel time selectivity) 和頻率選擇性(frequency selectivity)。更精確的來說，實體層可以利用正交分頻多工訊號中時變與多路徑通道衰減的特性來幫助全部的驗證過程。在感知無線電網路中，我們利用功率延遲剖面(PDP) 的特性來辨識OFDM 系統中不同的傳送端(Tx)或是感知無線電網路中的模仿主要使用者攻擊PUEA)。在本文所提出的功率延遲剖面估測是基於正交分頻多工訊號的特性：循環前綴(cyclic prefix)。在正交分頻多工系統中功率延遲外觀很容易受到環境的影響，所以不同的通道一定會有不一樣的功率延遲剖面，也因此使用功率延遲剖面當成無線簽章是有其優點的。在基於OFDM 的感知無線電(Cognitive radio) 網路中，通道階能量(channel-tap power) 被當成無線電指紋(RF) 在實體層來辨識使用者。使用固定樣本大小試驗方法(fixed sample size test) 和序列概率比試驗(sequential
probability ratio test (SPRT) 去檢測能提高實體層在衰減通道中的檢測性能。此方法雖然可以區分不同的使用者，但在實體層檢測仍然無法正確地分辨是主要使用者(PU) 還是模仿主要使用者攻擊(PUEA)。因此要準確地知道主要使用者或模仿主要使用者的身份，我們利用感知無線電的跨層級智慧學習能力，建立出通道統計特性的資料庫，使用準確性較高的上層來幫助實體層認證。本論文提出的方法能夠幫助實體層全面且完整的偵測PUs 以及PUEAs，而且實際驗證後也證實此方法的正確性以及優點。
This dissertation investigates security information technologies for mobile orthogonal frequency division multiplexing (OFDM) systems and OFDM-based cognitive
radio (CR) networks. Traditionally, security is viewed as an independent feature addressed above the physical layer (PHY). All widely used cryptographic protocols are established assuming the PHY layer is merely used to provide an error-free link. However, with the emergence of ad-hoc and decentralized networks, higher-layer security techniques are complex and hard to be implemented. To complement and enhance traditional security mechanism, we study novel schemes for OFDM systems and CR networks based on the channel power-delay profile (PDP), considering channel time and frequency selectivities. More specifically, the PHY layer, employing the properties of OFDM signals over time-variant and multipath fading channels, is aimed to assist the overall authentication process. To identify different transmitters (TXs), we employ the hypothesis test based on their PDPs to distinguish different transmission terminals in OFDM systems and primary user emulation attacks (PUEA) in OFDM-based CR networks. The proposed PDP estimation is obtained based on the redundancy of cyclic prefix (CP), which is a common feature for almost all OFDM systems. In OFDM systems, it is advantageous
to use the PDP as the wireless signature, because it depends on the surrounding environment and is therefore considered to be very hard to mimic. In OFDM-based
CR networks, channel-tap power is utilized as a radio-frequency fingerprint (RF) to directly detect users via PHY layer. To improve the detection performance of PHY layer in fading channels, the cooperative detection schemes using the fixed sample size test (FSST) and the sequential probability ratio test (SPRT) are devised
for CR networks. Although different users can be distinguished, it is still impossible to exactly tell identity of a TX as primary user (PU) or PUEA using only PHY layer. Hence, to accurately know identities of PUs and PUEAs, the cross-layer intelligent learning ability of a mobile secondary user (SU) is exploited to establish
detection databases by seamlessly combining the quick detection of PHY layer with the accuracy of higher layer authentication. The proposed methods helps PHY layer
completely detect the identities of PUs and PUEAs. Finally, the performances are analyzed, and simulations confirm the advantages of the proposed methods.
Oral presentation document iii
Chinese version iii
English version iv
Abstract (Chinese) v
Abstract (English) vii
Table of Contents x
List of Tables xiii
List of Figures xiv
Chapter 1. Introduction 1
1.1 Research Background 3
1.1.1 Security Information Technology of Physical Layer for Mobile OFDM Systems 3
1.1.2 Security Information Technology of Physical Layer for OFDM-based Cognitive Radio Networks 5
1.2 Contribution 8
1.2.1 Security Information Technology of Physical Layer for Mobile OFDM Systems 8
1.2.2 Security Information Technology of Physical Layer for OFDM-based Cognitive Radio Networks 9
1.3 Brief Sketch of the Contents 11
Chapter 2. Authentication Scheme for Mobile OFDM Based on Security Information Technology of Physical Layer Over Time-Variant and Multipath Fading Channels 13
2.1 System and Signal Models 13
2.1.1 Scenario 13
2.1.2 Channel Model 14
2.1.3 Conventional OFDM Signal Model and Correlation Characteristics 15
2.2 Proposed Authentication Scheme 16
2.3 Performance Evaluation 20
2.3.1 Channel-Length Estimation 21
2.3.2 PDP Estimation 21
2.3.3 Probability of False Alarm 22
2.3.4 Probability of Detection 22
Chapter 3. Cooperative Detection of Primary User Emulation Attacks
Based on Channel-tap Power in Cognitive Radio Networks 32
3.1 System Model 33
3.1.1 Scenario 33
3.1.2 Channel Model 33
3.1.3 Correlation characteristics of OFDM and proposed estimation of channel-tap power 34
3.2 Proposed detection methods 37
3.2.1 The Non-cooperative method using Channel-based detection by PHY layer 38
3.2.2 Cooperative detection schemes 40
3.3 Performance evaluation 44
Chapter 4. Cross-Layer Design for Primary User Emulation Attacks Detection in Mobile Cognitive Radio Networks 54
4.1 System Model 54
4.1.1 Channel Model 54
4.1.2 Channel-Tap Power Estimation 55
4.2 Proposed Cross-Layer Authentication 56
4.2.1 Constructing Fingerprint Databases for Identification 56
4.2.2 Resemblance Test Using Channel-Tap Power Estimation 57
4.2.3 TX Authentication and Database Update 57
4.2.4 Channel-Based Detection by PHY Layer 59
4.2.5 Probability of Detection Using Cross-Layer 60
4.3 Performance Evaluation 60
Chapter 5. Conclusions and Future Works 64
5.1 Conclusions 64
5.2 Future Works 65
 M. Debbah, "Mobile exible networks: The challenges ahead," in Proceedings of International Conference on Advanced Technologies for Communications-ATC'08, pp. 3-7, 2008.
 I. Corona, G. Giacinto, F. Roli, "Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues," Information Sciences, pp. 201-225, 2013.
 M. Bloch, J. Barros, M.R. Rodrigues, S.W. McLaughlin, "Wireless information-theoretic security," IEEE Transactions on Information Theory, vol.54, pp. 2515-2534, 2008.
 B. Forouzan, "Cryptography And Network Security (Sie)," McGraw-Hill Education (India) Pvt Limited, 2011.
 C. Fei, D. Kundur, R.H. Kwong, "Analysis and design of secure watermark-based authentication systems," IEEE Transactions on Information Forensics and Security, vol.1, pp.43-55, 2006.
 R. Chamlawi, A. Khan, "Digital image authentication and recovery: Employing integer transform based information embedding and extraction,"
Information Sciences, vol. 180, pp. 4909-4928, 2010.
 I.J. Cox, M.L. Miller, A.L. McKellips, "Watermarking as communications with side information," IEEE Proceedings, vol. 87 pp. 1127-1141, 1999.
 T. Yucek, H. Arslan, "Time dispersion and delay spread estimation for adaptive OFDM systems," IEEE
 K.C. Hung, D.W. Lin, "Pilot-based LMMSE channel estimation for OFDM systems with power delay profile approximation," IEEE Transactions on Vehicular Technology, vol. 59, pp. 150-159, 2010.
 K. Ramasubramanian, K. Baum, "An OFDM timing recovery scheme with inherent delay-spread estimation," in Proceedings of IEEE Global Telecommunications Conference-GLOBECOM'01, vol. 5, pp. 3111-3115, 2001.
 K. Witrisal, "On estimating the RMS delay spread from the frequency domain level crossing rate," IEEE Communications Letters, vol.5, pp.287-289, 2001.
 T. Cui, C. Tellambura, "Power delay profile and noise variance estimation for OFDM," IEEE Communications Letters, vol. 10, pp. 25-27,2006.
 X. Gong, C. Zhao, W. Xu, M. Jiang, "Power delay profile estimation for MIMO-OFDM systems over time-varying multipath channels," in Proceedings of 12th IEEE International Conference on Communication Technology-ICCT'10, pp. 1003-1006, 2010.
 C.R.N. Athaudage, A.D.S. Jayalath, "Delay-spread estimation using cyclic-prefix in wireless ofdm systems," in Proceedings of IEEE International Conference on Acoustics, Speech, and Signal Processing-ICASSP'03, vol. 4, pp. IV-668-671, 2003.
 F. Renna, N. Laurenti, H. Poor, "Physical layer secrecy for OFDM systems," in European Wireless Conference-EW'10, pp. 782-789, 2010.
 Z. Li, X.G. Xia, "A distributed differentially encoded ofdm scheme for asynchronous cooperative systems with low probability of interception," IEEE Transactions on Wireless Communications, vol.8, pp. 3372-3379,
 B. Liu, L. Zhang, X. Xin, J. Yu, "Physical layer security in CO-OFDM transmission system using chaotic scrambling," Optics Communications, vol.291, pp. 79-86, 2013.
 H. Koshima, J. Hoshen, "Personal locator services emerge," IEEE Spectrum, vol.37, pp. 41-48, 2000.
 T. Oktem, D. Slock, "Pairwise error probability analysis for power delay profile fingerprinting based localization," in Proceedings of IEEE 73rd Vehicular Technology Conference-VTC Spring'11, pp. 1-5, 2011.
 M. Triki, D.T.M. Slock, "Mobile localization for NLOS propagation," in Proceedings of IEEE 18th International Symposium on Personal, Indoor
and Mobile Radio Communications-PIMRC'07, pp. 1-4, 2007.
 K. Bonne Rasmussen, S. Capkun, "Implications of radio fingerprinting on the security of sensor networks," in Proceedings of Third International Conference on Security and Privacy in Communications Networks
and the Workshops-SecureComm'07, pp. 331-340, 2007.
 O. Ureten, N. Serinken, "Wireless security through RF fingerprinting," Canadian Journal of Electrical and Computer Engineering, vol.32, pp.27-33, 2007.
 J. Tugnait, H. Kim, "A channel-based hypothesis testing approach to enhance user authentication in wireless networks," in Proceedings of Second International Conference on Communication Systems and
Networks-COMSNETS'10, pp. 1-9, 2010.
 C. Yu, D. Yao, X. Li, Y. Zhang, L.T. Yang, N. Xiong, H. Jin, "Location aware private service discovery in pervasive computing environment," Information Sciences, vol.230, pp. 78-93, 2013.
 Federal Communications Commission, Spectrum Policy Task Force report, Technical report 02-135, 2002.
 I. F. Akyildiz, W. Lee, M. C. Vuran, and S. Mohanty, "Next generation/dynamic spectrum access/cognitive radio wireless networks: A survey," Computer Networks, Vol. 50, pp.2127-2159, 2006.
 S. Haykin, "Cognitive radio: brain-empowered wireless communication," IEEE Journal in Selected Areas in Communicatons, Vol. 23, No.2, pp. 201-220, 2005.
 Li Zhang, and Guoxin Zheng, "Adaptive QoS-aware channel access scheme for Cognitive Radio networks," Int. J. Ad Hoc and Ubiquitous Computing, Vol. 6, No. 3, pp. 172-182, 2010.
 J. Mitola, Cognitive radio: An integrated agent architecture for software defined radio. Ph. D. dissertation, KTH, Stockholm, Sweden, 2000.
 Y. L. Zhang, Q. Y. Zhang, and T. Melodia, ``A frequency-domain entropy based detector for robust spectrum sensing in cognitive radio networks,'IEEE Commun. Lett., vol. 14, no. 6, pp. 533–535, Jun. 2010.
 N.-T. Nhan and K. Insoo, ``An enhanced cooperative spectrum sensing scheme based on evidence theory and reliability source evaluation in cognitive radio context,' IEEE Commun. Lett., vol. 13, no. 7, pp. 492–494, Jul. 2009.
 J. C. Shen and E. Alsusa, ``An Efficient Multiple Lags Selection Method for Cyclostationary Feature Based Spectrum-Sensing,' IEEE Signal Process. Lett., vol. 20, no. 2, pp. 133–136, Feb. 2013.
 H. Shokri-Ghadikolaei and R. Fallahi, ``Intelligent sensing matrix setting in cognitive radio networks,' IEEE Commun. Lett., vol. 16, no. 11, pp. 1824–1827, Nov. 2012.
 Deepak, C. Karia, B. K. Lande, R. D. Daruwala, "Performance analysis of HMM- and ANN-based spectrum vacancy predictor behaviour for cognitive radios," Int. J. Ad Hoc and Ubiquitous Computing, Vol. 11, No. 4, pp. 206-213, 2012.
 S. Anand, Z. Jin, and K. P. Subbalakshmi, "An nalytical Model for Primary User Emulation Attacks in Cognitive Radio Networks," Proceedings of the 3rd IEEE Symposium on New Frontiers in Dynamic Spectrum Access Network (DySPAN 2008), pp. 1-6, 2008.
 W. Wang, "Denial of Service Attacks in Cognitive Radio Networks," Proceedings of the 2nd IEEE Conference on Environmental Science and Information Application Technology, 2010.
 R. Chen, J. Park, and J. H. Reed, "Defense against primary user emulation attacks in cognitive radio networks," IEEE Journal on Selected Areas in Communications, Special Issue on Cognitive Radio Theory and Applications, Vol. 26, No. 1, pp. 25-37, 2008.
 R. Chen, and J. M. Park, "Ensuring Trustworthy Spectrum Sensing in Cognitive Radio Networks," Networking Technologies for Software Defined Radio Networks, pp. 110-119, 2006.
 Z. Jin, S. Anand, K. P. Subbalakshmi, "Mitigating Primary User Emulation Attacks in Dynamic Spectrum Access Networks using Hypothesis Testing," ACM SIGMOBILE Mobile Computing and Communications Review (MC2R), Special Issue on Cognitive Radio Technologies and Systems, Vol. 13, No. 2, pp. 74-85, 2009.
 C. Zhao, W. Wang, L. Huang, and Y. Yao, "Anti-PUE attack base on the transmitter fingerprint identification in cognitive radio," Proceedings of the 5th Conference on Wireless Communications, Networking and Mobile Computing, pp. 1-5, 2009.
 C. Zhao, L. Xie, X. Jiang, L. Huang, and Y. Yao, "A PHY-layer authentication approach for transmitter identification in cognitive radio networks," Proceedings of the IEEE Communications and Mobile Computing (CMC), Vol. 2, pp. 154-158, 2010.
 C. N. Mathur and K. P. Subbalakshmi, "Digital signatures for centralized DSA networks," in First IEEE Workshop on Cognitive Radio Networks, pp. 1037-1041, Jan. 2007.
 S. Prasad, D. J. Thuente, "Jamming attacks in 802.11g - A cognitive radio based approach," Proceedings of the Military Communications Conference - MILCOM, pp. 1219-1224, 2011.
 A. Sampath, D. Hui, H. Zheng, and B. Y. Zhao, "Multi-channel jamming attacks using cognitive radios," Proceedings of the 16th International Conference on Computer Communications and Networks, pp. 352-357, 2007.
 W. L. Chin, C. L. Tseng, C. S. Tsai, W. C. Kao, and C. W. Kao,"Channel-Based Detection of Primary User Emulation Attacks in Cognitive Radios," Proceedings of the IEEE 75th Vehicular Technology Conference (VTC Spring), pp. 1-5, 2012.
 P. Kaligineedi, M. Khabbazian, and V. K. Bhargava, "Malicious user detection in a cognitive radio cooperative sensing system," IEEE Transactions on Wireless Communications, Vol. 9, No. 8, pp. 2488-2497, 2010.
 A. W. Min, K. H. Kim, and K. G. Shin, "Robust cooperative sensing via state estimation in cognitive radio networks," IEEE Symposium on Dynamic Spectrum Access Networks (DySPAN), pp. 185-196, 2011.
 L. Tang, and J. Wu, "Research and Analysis on Cognitive Radio Network Security," Wireless Sensor Network, Vol. 4, pp. 120-126, 2012.
 W. L. Chin, T. N. Le, C. L. Tseng, W. C. Kao, C. S. Tsai and C.W. Kao, "Cooperative detection of primary user emulation attacks based on channel-tap power in mobile cognitive radio networks," in Int. J. Ad Hoc and Ubiquitous Computing, Vol. 15, No. 4, pp. 263-274, May 2014.
 W.-L. (William) Chin, Trong Nghia Le, and Chu-Lin Tseng, "Authentication scheme for mobile OFDM based on security information technology of physical layer over time-variant and multipath fading channels," Inform. Sci. (2015), http://dx.doi.org/10.1016/j.ins.2015.01.040
 T. S. Rappaport, Wireless Communications: Principles and Practice, Prentice-Hall, 1996.
 Y. Liu, P. Ning, and H. Dai, "Authenticating primary users' signals in cognitive radio networks via integrated cryptographic and wireless link signatures," in Proc. the 2010 IEEE Symposium on Security and Privacy, pp. 286-301, May 2010.
 A. Goldsmith, Wireless Communications, Cambridge University Press, Cambridge, 2005.
 Trong Nghia Le, Wen-Long Chin, and Wei-Che Kao, "Cross-Layer Design for Primary User Emulation Attacks Detection in Mobile Cognitive Radio Networks," in Communications Letters, IEEE , vol.19, no.5, pp. 799-802, May 2015.
 W. Jakes, "Mobile radio propagation," Wiley-IEEE Press, 2009.
 W.L. Chin, "ML estimation of timing and frequency offsets using distinctive correlation characteristics of OFDM signals over dispersive fading channels," IEEE Transactions on Vehicular Technology, vol.60, pp.
 T. W. Anderson, Introduction to Multivariate Statistical Analysis, New York: John Wiley and Sons, 1958.
 A. Goldsmith, Wireless Communications, Cambridge University Press, Cambridge, 2005.
 H. V. Poor, An introduction to signal detection and estimation, New York: Springer Verlag, 1994.
 A. Wald, "Sequential Test of Statistical Hypothesis," The Annals of Mathematical Statistics, Vol.16, No. 2, pp. 117-186, 1945.
 A. Wald, Sequential Analysis, New York, Wiley, 1947.
 P. M. Schultheis, and E. Weinstein, "Estimation of differential Doppler shifts," Journal of Acoustical Society of America, Vol. 66, Issue 5, pp.1412-1419, 1979.
 L. Krasny, H. Arslan, D. Koilpillai, and S.Chennakeshu, "Doppler spread estimation in mobile radio systems," IEEE Communications Letters, Vol. 5, No. 5, pp. 197-199, 2001.
 International Telecommunication Union, "Guidelines for evaluation of radio transmission technologies for IMT-2000," Recommendation ITUR M.1225, 1997.