Collaborative Spectrum Sensing in the Presence of Byzantine Attacks in Cognitive Radio Networks

Similar documents
On Noise-Enhanced Distributed Inference in the Presence of Byzantines

Reliable Cooperative Sensing in Cognitive Networks

Cooperative Spectrum Sensing for Cognitive Radios under Bandwidth Constraints

Target Localization in Wireless Sensor Networks with Quantized Data in the Presence of Byzantine Attacks

Transmitter-Receiver Cooperative Sensing in MIMO Cognitive Network with Limited Feedback

A Byzantine Attack Defender: the Conditional Frequency Check

False Discovery Rate Based Distributed Detection in the Presence of Byzantines

Novel spectrum sensing schemes for Cognitive Radio Networks

DIT - University of Trento

Using Belief Propagation to Counter Correlated Reports in Cooperative Spectrum Sensing

OPPORTUNISTIC Spectrum Access (OSA) is emerging

Energy-Efficient Distributed Spectrum Sensing for Cognitive Sensor Networks

QUANTIZATION FOR DISTRIBUTED ESTIMATION IN LARGE SCALE SENSOR NETWORKS

Distributed Binary Quantizers for Communication Constrained Large-scale Sensor Networks

Chapter 2. Binary and M-ary Hypothesis Testing 2.1 Introduction (Levy 2.1)

WE consider the classical problem of distributed detection

SPATIAL DIVERSITY AWARE DATA FUSION FOR COOPERATIVE SPECTRUM SENSING

Improved Spectrum Utilization in Cognitive Radio Systems

Cooperative Spectrum Prediction for Improved Efficiency of Cognitive Radio Networks

Distributed Detection and Estimation in Wireless Sensor Networks: Resource Allocation, Fusion Rules, and Network Security

On the Optimality of Likelihood Ratio Test for Prospect Theory Based Binary Hypothesis Testing

Lecture 5: Likelihood ratio tests, Neyman-Pearson detectors, ROC curves, and sufficient statistics. 1 Executive summary

A New Algorithm for Nonparametric Sequential Detection

Cooperative Eigenvalue-Based Spectrum Sensing Performance Limits Under different Uncertainty

Censoring for Type-Based Multiple Access Scheme in Wireless Sensor Networks

ADAPTIVE CLUSTERING ALGORITHM FOR COOPERATIVE SPECTRUM SENSING IN MOBILE ENVIRONMENTS. Jesus Perez and Ignacio Santamaria

Versatile, Accurate and Analytically Tractable Approximation for the Gaussian Q-function. Miguel López-Benítez and Fernando Casadevall

Distributed Inference and Learning with Byzantine Data

Hard Decision Cooperative Spectrum Sensing Based on Estimating the Noise Uncertainty Factor

WITH the wide employment of wireless devices in various

EECS 750. Hypothesis Testing with Communication Constraints

2. What are the tradeoffs among different measures of error (e.g. probability of false alarm, probability of miss, etc.)?

Lecture 22: Error exponents in hypothesis testing, GLRT

Maximizing System Throughput Using Cooperative Sensing in Multi-Channel Cognitive Radio Networks

IN HYPOTHESIS testing problems, a decision-maker aims

Byzantines and Mitigation Techniques

Evidence Theory based Cooperative Energy Detection under Noise Uncertainty

INFORMATION PROCESSING ABILITY OF BINARY DETECTORS AND BLOCK DECODERS. Michael A. Lexa and Don H. Johnson

certain class of distributions, any SFQ can be expressed as a set of thresholds on the sufficient statistic. For distributions

Information Theory and Hypothesis Testing

An Improved Blind Spectrum Sensing Algorithm Based on QR Decomposition and SVM

Optimal Power Allocation for Cognitive Radio under Primary User s Outage Loss Constraint

Adaptive Spectrum Sensing

10-704: Information Processing and Learning Fall Lecture 24: Dec 7

Stability Analysis in a Cognitive Radio System with Cooperative Beamforming

PERFORMANCE COMPARISON OF THE NEYMAN-PEARSON FUSION RULE WITH COUNTING RULES FOR SPECTRUM SENSING IN COGNITIVE RADIO *

Fusion of Decisions Transmitted Over Fading Channels in Wireless Sensor Networks

Interference Reduction In Cognitive Networks via Scheduling

Introduction to Statistical Inference

Hypothesis Testing with Communication Constraints

Sensing for Cognitive Radio Networks

Distributed Spectrum Sensing for Cognitive Radio Networks Based on the Sphericity Test

Information Theory in Intelligent Decision Making

Information Theory Meets Game Theory on The Interference Channel

Applications of Information Geometry to Hypothesis Testing and Signal Detection

Fully-distributed spectrum sensing: application to cognitive radio

Decision Fusion in Cognitive Wireless Sensor Networks

Cooperative Communication with Feedback via Stochastic Approximation

Distributed Event Detection under Byzantine Attack in Wireless Sensor Networks

EUSIPCO

THE potential for large-scale sensor networks is attracting

Detection and Estimation Chapter 1. Hypothesis Testing

Dynamic spectrum access with learning for cognitive radio

Maximizing System Throughput by Cooperative Sensing in Cognitive Radio Networks

Cognitive Multiple Access Networks

Average Throughput Analysis of Downlink Cellular Networks with Multi-Antenna Base Stations

Decentralized Detection In Wireless Sensor Networks

Detection Theory. Chapter 3. Statistical Decision Theory I. Isael Diaz Oct 26th 2010

Diversity Performance of a Practical Non-Coherent Detect-and-Forward Receiver

EVALUATING SYMMETRIC INFORMATION GAP BETWEEN DYNAMICAL SYSTEMS USING PARTICLE FILTER

Detection Performance Limits for Distributed Sensor Networks in the Presence of Nonideal Channels

Uncertainty. Jayakrishnan Unnikrishnan. CSL June PhD Defense ECE Department

Decentralized Detection in Wireless Sensor Networks with Channel Fading Statistics

A POMDP Framework for Cognitive MAC Based on Primary Feedback Exploitation

SIGNAL STRENGTH LOCALIZATION BOUNDS IN AD HOC & SENSOR NETWORKS WHEN TRANSMIT POWERS ARE RANDOM. Neal Patwari and Alfred O.

TRANSMISSION STRATEGIES FOR SINGLE-DESTINATION WIRELESS NETWORKS

SIGNAL STRENGTH LOCALIZATION BOUNDS IN AD HOC & SENSOR NETWORKS WHEN TRANSMIT POWERS ARE RANDOM. Neal Patwari and Alfred O.

بسم الله الرحمن الرحيم

Series 7, May 22, 2018 (EM Convergence)

International Journal of Modern Trends in Engineering and Research e-issn No.: , Date: 2-4 July, 2015

Two results in statistical decision theory for detecting signals with unknown distributions and priors in white Gaussian noise.

g(.) 1/ N 1/ N Decision Decision Device u u u u CP

On the Optimality of Myopic Sensing. in Multi-channel Opportunistic Access: the Case of Sensing Multiple Channels

Blind Spectrum Sensing for Cognitive Radio Based on Signal Space Dimension Estimation

Distributed Power Control for Time Varying Wireless Networks: Optimality and Convergence

Asymptotically Optimal and Bandwith-efficient Decentralized Detection

Detection theory 101 ELEC-E5410 Signal Processing for Communications

SPECTRUM sensing is a core concept of cognitive radio

IEEE TRANSACTIONS ON SIGNAL PROCESSING, VOL. 60, NO. 9, SEPTEMBER

Spectrum Sensing for Unidentified Primary User Condition

Minimum Feedback Rates for Multi-Carrier Transmission With Correlated Frequency Selective Fading

How long before I regain my signal?

Secure Degrees of Freedom of the MIMO Multiple Access Wiretap Channel

Analysis of Random Radar Networks

ECE531 Lecture 6: Detection of Discrete-Time Signals with Random Parameters

Novel Distributed Spectrum Sensing Techniques for Cognitive Radio Networks

ADDITIVE noise is most often represented by a fixed

Energy-Efficient Noncoherent Signal Detection for Networked Sensors Using Ordered Transmissions

WIRELESS COMMUNICATIONS AND COGNITIVE RADIO TRANSMISSIONS UNDER QUALITY OF SERVICE CONSTRAINTS AND CHANNEL UNCERTAINTY

Detection theory. H 0 : x[n] = w[n]

Transcription:

Collaborative Spectrum Sensing in the Presence of Byzantine Attacks in Cognitive Radio Networks Priyank Anand, Ankit Singh Rawat Department of Electrical Engineering Indian Institute of Technology Kanpur 86 Email: {panand, ankitsr}@iitk.ac.in Hao Chen, Pramod K. Varshney Department of Electrical Engineering and Computer Science, Syracuse University Syracuse, NY 44 USA Email: {hchen, varshney}@syr.edu Abstract Cognitive radio (CR) has emerged as a solution to the problem of spectrum scarcity as it exploits the transmission opportunities in the under-utilized spectrum bands of primary users. Collaborative (or distributed) spectrum sensing has been shown to have various advantages in terms of spectrum utilization and robustness. The data fusion scheme is a key component of collaborative spectrum sensing. In this paper, we analyze the performance limits of collaborative spectrum sensing under Byzantine Attacks where malicious users send false sensing data to the fusion center leading to increased probability of incorrect sensing results. We show that above a certain fraction of Byzantine attackers in the CR network, data fusion scheme becomes completely incapable and no reputation based fusion scheme can achieve any performance gain. We present optimal attacking strategies for given attacking resources and also analyze the possible counter measures at the fusion center (FC). Index Terms Cognitive radio, spectrum sensing, Byzantine Attacks, Network Security I. INTRODUCTION Increasing demand for wireless communication in various areas of human life has brought an exponential increase in the number of wireless services. This exponential increase has resulted in spectrum scarcity as the electromagnetic spectrum has become too crowded to incorporate the upcoming wireless services. Recently this problem has attracted a lot of attention of the researchers and governing bodies and many new ideas have come up to mitigate the problem of spectrum scarcity. A survey conducted by the FCC [] has shown the presence of highly underutilized licensed spectrum bands. These observations have motivated the communication community to review the conventional spectrum allocation policies and people are exploring new spectrum allocation policies to alleviate the issue of underutilized spectrum. Dynamic Spectrum Access(DSA) is the most explored idea in the area of non-conventional spectrum allocation. In DSA, the same spectrum band is accessed by several users as opposed to the conventional spectrum access where only the licensed user is permitted to transmit in its spectrum band. The unlicensed (secondary) users access the frequency band in such a way that the communication process of licensed (primary) user is interfered within the allowed limits. The secondary users are incorporated in the system as the cognitive radios(crs) have the capability of sensing the availability of spectrum holes in the licensed band []. CRs sense the absence of the primary and transmit their data during this unused period. This eventually increases the efficiency of spectrum utilization as a result of incorporation of multiple services in the same frequency band. Generally, many CRs form a network (Cognitive Radio Network) and perform spectrum sensing(ss) collectively. Collaborative spectrum sensing [] is necessary to make reliable detections in the presence of the unwanted but inevitable effects of wireless channels (e.g. shadowing, path-loss, fading etc). In the collaborative spectrum sensing process, all the participating CRs forward their processed observations regarding the presence of a spectrum hole to the fusion center which makes the final decision regarding the status of the spectrum band. Like all other networks, CRNs are also subject to various security threats. Malicious users may try to introduce false information in the decision process [4] to affect the entire process of SS with the intention of gaining some advantage over other CRs in the network or to disrupt the entire DSA process. In this paper, we consider a particular kind of attack on the network from the malicious users participating in the network itself. This attack is termed as a Byzantine attack in the literature and the attackers are called Byzantine attackers. Byzantine attackers modify their inference regarding the present state of the nature prior to their transmission to the FC to degrade the performance of the collaborating network. The aim of the Byzantine attackers is to make the fusion center detect an incorrect state of nature [5] and then utilize this phenomenon to achieve certain advantages, e.g., in terms of increased spectrum availability or throughput for themselves. Similar kind of attacks have been analyzed in [6] and [7] where the authors have shown the performance degradation due to data falsification and have proposed reputation based fusion schemes to counter these attacks. But the possible blinding of the fusion center under Byzantine attacks making the network completely dysfunctional has not been considered. In [8], Marano et al have analyzed the issue of Byzantine attacks in the distributed detection process of wireless sensor networks. They have assumed that the Byzantine attackers have perfect knowledge of the state of nature which is a particular case when some outsider shares this knowledge with some of the

sensors in the network to harm the functioning of wireless sensor networks. We have considered the same framework as in [8] and have investigated several novel problems in the context of CRNs. Since cognitive radios are not merely sensors and may act as Byzantine attackers to gain advantage by introducing false information in the detection process, we have analyzed the case where Byzantine CRs are themselves motivated to attack. These CRs rely on their own decisions and do not have the true information about the state of nature. Later we show that this assumption is a generalization of the perfect knowledge assumption of [8]. We have also analyzed the case where all the Byzantine CRs collaborate among themselves to improve their knowledge to magnify the effect of the attack on the CRN. We develop optimal attacking strategies for given attacking resources and also analyze performance limits and the counter measures at the fusion center. In Section II, we formulate the problem and present some fundamental results. We analyze the problem and derive some performance limits in Section III. Section IV describes the attack process when Byzantines are not capable enough to blind the fusion center. In Section V, we derive the best possible strategies by the Byzantines as well as the fusion center considering two different performance metrics. Finally, the paper is concluded in Section VI. II. PROBLEM FORMULATION A. Binary Hypothesis Testing at CRs Consider a CR network where N cognitive users are collaborating in the spectrum sensing process in the presence of a primary user as shown in Fig.. Based on its observations, each CR solves a hypotheses testing problem and decides either on hypothesis H (primary present) or H ( primary absent). The one-bit decision of CR i is denoted by v i. CR i then sends its output u i to the FC. For all honest CRs, u i = v i. However, for malicious CRs, u i need not be the same as v i. The communication channels between CRs and the FC are assumed to be error-free in this paper. For hypotheses testing, each CR (secondary user) uses an energy detection scheme for making its decision between H and H. The decision is naturally a function of the distance between the primary and the CR which affects the power received at the CR. The links between primary and secondary users are subject to independent and identically distributed (i.i.d.) log-normal shadowing path loss, such that P L(d)[dB] = P L(d)+X σ = P L(d )+n log d d +X σ () where P L(d) is the path loss as a function of d(the distance between primary and secondary users). X σ represents a zeromean Gaussian distributed random variable with standard deviation σ, d denotes the close in reference distance and n is the path loss exponent that is equal to the rate at which the path loss increases with distance between primary and secondary users(d). P L(d) is the mean of P L(d) and can be found using the HATA model [9] which has been suggested by the IEEE8. working group as the path loss model PU Transmitter ON or OFF Primary signal (P) Local Decision (U) Fusion Center Honest Sensors Byzantine Sensors Fig.. CRN model where CRs receive signal (P r) and decide about the presence of the Primary Transmitter and then send a one-bit decision to the Fusion center where the final decision is made. Byzantine attackers may send wrong decisions to degrade the fusion performance for a typical CR network environment []. Here, it is worth mentioning that IEEE8. is the first standard developed for CRN s coexisting in the TV channels bands. Assuming a rural environment P L(d) is given by [9]: P L(d)[dB] = 7.77 + 46.5 log(f c ) 4.78(log(f c )).8 log(h t ) (. log(f c ).7)h r () +(44.9 6.55 log(h t )) log(d) where f c is the carrier frequency, h t and h r are the effective transmitter and receiver antenna heights (in meters) respectively. The unit of d is kilometers(km). Given P t to be the transmission power of the primary, the power received at a secondary user located at a distance d from the primary (P r (d)) under hypothesis H (primary present) can be represented as P r [db] = P t [db] P L(d)[dB]. When primary is absent (Hypothesis H ) we assume P r = W where W is Gaussian distributed as N(µ, σ ). Assume that each CR uses an energy detection scheme with an identical local threshold λ for binary hypothesis testing between H and H. In this setting, the probability of detection (P d ) can be represented as: P (P r > λ H ) = P (X σ < P t P L(d) λ) P d = Q( λ P t + P L(d) ) () σ where Q(z) = exp( x z )dx is the complement distribution function for the normal distribution with zero mean and unit variance, i.e., Similarly, the probability of false alarm(p fa ) can be expressed as: π P fa = Q( λ µ σ ) (4) B. Binary Hypothesis Testing at the Fusion Center As indicated earlier, we assume that after performing local hypothesis testing each CR transmits its one-bit hard decision to the fusion center over an error free reporting channel. The

original local decision at i th CR is given by v i = j, when CR decides in favor of H j (where j {, }). Now the i th CR reports u i = j to the FC after deciding the current state of the primary transmitter, i.e., v i = or. For the case of malicious CRs, they may or may not send their actual decision to the fusion center. Let N be the number of participating CRs in the network and the fraction of Byzantine attackers be α which results in M = αn malicious and K = ( α)n honest CRs. Let us define the following. For Honest Sensors: { p H = P [u i = v i = ] =, p H = P [u i = v i = ] =. { q H = P [u i = v i = ] =, q H = P [u i = v i = ] =. For Byzantine Sensors: { p B = P [u i = v i = ], p B = P [u i = v i = ]. { q B = P [u i = v i = ], q B = P [u i = v i = ]. where P [u i = j v i = h], represents the probability that CR transmits u i = j after deciding H h (where h {, }) and is assumed to be independent for different CRs. If the CR is honest, it will send u i = j after deciding v i = j. This fact is reflected by (5) and (6). On the other hand, Byzantines will send their outputs to achieve some specific goals and may or may not report the true decided hypotheses to the fusion center. Since the identity of Byzantine CRs are unknown, α is the probability that a single received observation at the fusion center is from a Byzantine. The binary hypothesis testing at the Fusion Center can be formulated as: P B d H : Primary user is not active (absent) P (u = j) = ( α)[(p H fa)p H j + ( P H fa)q H j ] + α[(p B fa)p B j + ( P B fa)q B j ] H : Primary user is active (present) P (u = j) = ( α)[(p H d )p H j + ( P H d )q H j ] + α[(p B d )p B j + ( P B d )q B j ] and P fa B are Byzantine CR s probability of detection and false alarm respectively. Pd H and Pfa H are the corresponding probabilities for an honest CR. We assume that the fusion center is aware of the presence of Byzantine attackers but can not distinguish between legitimate and malicious users. We define the attacks as follows. Malicious Byzantine Attack(MBA): The aim of the Byzantine attack is to destroy the DSA process via the actions of malicious CRs. Byzantines try to make the fusion center incapable of making the correct decision regarding the presence or absence of the primary user. In other words, they want to make the fusion center blind. (5) (6) (7) (8) III. ANALYSIS In this paper, Kullback-Leibler (KL) divergence D (P (u j H ) P (u j H )) is considered to be the network performance metric [8] to characterize detection performance. The following subsection is presented to justify the selection of this performance metric. A. Kullback-Leibler divergence and Hypothesis Testing Consider the hypothesis testing problem: H : i.i.d. data with probability density function (pdf) q(x), H : i.i.d. data with pdf p(x). Let < β < be the fixed detection probability of the test. The Neyman-Pearson(NP) lemma gives the optimal test to minimize the false-alarm rate as : N N log p(x i) > H < q(x i ) H η N. i= Here η N is chosen to satisfy the probability of detection(β) constraint: ( ) N P H log p(x i) N q(x i ) > η N = β. i= The false-alarm rate of the test as a function of N can be represented as: ( ) ( N α N = P H log p(x i) N q(x i ) < η N ( N = P H log p(x ) i) N q(x i ) η N i= We are interested in the minimum value which can be achieved by the α N as N increases. This required dependence of the α N can be expressed in terms of its exponent ( lim N N α N ). Stein s lemma gives this asymptotic expression for α N : Theorem[]: Fix the detection probability of the NP detector operating on i.i.d data to be β,( < β < ). The exponential rate(exponent) of the false-alarm rate(α N ) is given by lim N N α N = x i X i= p(x i ) log p(x i) q(x i ). (9) The right hand side expression in (9) is called the Kullback- Leibler divergence between p and q. It follows from the above theorem that, for a large k, α N ND(p q). () Therefore, we can conclude from () that the larger the D(p q) is, the less is the likelihood of mistaking p with q[]. In this way, KL divergence can be seen as the distance between p and q (from the point of view of hypothesis testing) and it The Neyman - Pearson formulation allows one to set the false-alarm rate (α) and maximize the detection rate (β). In the same mathematical formulation, we can set the detection rate (β) and minimize the false-alarm rate (α)[].

is also called the KL distance. Thus, KL divergence can be used in lieu of the probability of error during system design for a large scale network. B. CRN under MBA As indicated earlier, Kullback-Leibler distance D (P (u i H ) P (u i H )) is employed as the performance metric in our analysis of MBA which was defined in Section II. From the point of view of the MBAs, Byzantines would like to cause as much damage to the spectrum sensing process as possible, which in this case would mean causing as many errors in spectrum sensing as possible. This would be accomplished by reducing the KL distance between pdfs resulting in more decision errors. Thus, for a Byzantine attacker, an optimal Byzantine attack is the one that minimizes the Kullback-Leibler (KL) distance between the two hypotheses at the fusion center. The fusion center is said to become blind when the D (P (u i H ) P (u i H )) =. Hence, Byzantines choose p B j and qb j, j {, } to minimize D (P (u i H ) P (u i H )). Using (9), we can express the KL distance between the distributions P (u i H ) and P (u i H ) as: D (P (u i H ) P (u i H )) = j {,} P (u i H ) log P (u i H ) P (u i H ) () The Byzantines want to make the KL distance decrease to zero, i.e., [P (u i H )] log P (u i H ) P (u i H ) = j {,} The above equality is attained when, P (u i = j H ) = P (u i = j H ) j {, }, After substitution, we have ( α)[(p H d )p H j + ( P H d )q H j ] + α[(p B d )p B j + ( P B d )q B j ] = ( α)[(p H fa)p H j + ( P H fa)q H j ] + α[(p B fa)p B j + ( P B fa)q B j ]. After simplifying the above expression, we have, p B j q B j = α α.(p H d P H fa ) (P B d P B fa ) (qh j p H j ). () Hence, the Byzantines can reduce the KL distance to zero if p B j and q B j satisfy (). Clearly, the choice for p B j and q B j depends on α. Here, we are interested in exploring if there exist some p B j and qb j which reduce D (P (u i H ) P (u i H )) to zero. Following the mathematical analysis similar to that presented in [8], we define, ρ j = (p B j q B j ) + = α α.(p H d P H fa ) (P B d P B fa ) (qh j p H j ) + () where (I) + = max {, I}. Here, we have used the fact that Pd H > Pf H and Pd B > Pf B, i.e., probability of detection is greater than the probability of false alarm. If we sum ρ j over j {, }, one of the following three cases may arise.: (a.) ρ j = : In this case, ρ can be interpreted as the probability mass function and with the following unique attacking probability pair (p B j, qb j ) we get D (P (u i H ) P (u i H )) =. p B j = ρ j qj B = ρ j + α H α.(p d P fa H ) (Pd B P fa B ) (ph j qj H ) (4) (b.) ρj < : In this case, there are infinite attacking probability pairs (p B j, qb j ) which can make D (P (u i H ) P (u i H )) equal to zero. We start with p B j = ρ j found in () and arbitrarily increase either of the p B j, j {, } such that j {,} pb j =, (making it a probability mass function). Now we can find corresponding qj B as qj B = p B j + α α. (P H d P H fa ) (P B d P B fa ) (ph j qh j ) (c.) ρj > : There does not exist any attacking probability pairs (p B j, qb j ) that can reduce the KL distance D (P (u i H ) P (u i H )) to zero and Byzantines can not make the fusion center blind. As we have seen in () that ρ is a function of α and for a given p H and q H there exists a minimum α, i.e., M for a given N such that ρ j and this number of Byzantines in the CRN can make the fusion center blind. We call this minimum α for which ρ j as α blind and it can be computed from () as α α.(p H d P H fa ) (P B d P B fa ) j {,} (q H j p H j ) + Using the equality in the above expression for the limiting case, we get (Pd H α blind = P fa H ) j {,} (qh j p H j )+ (Pd B P fa B ) + (P d H P fa H ) j {,} (qh j p H (5) j )+ Using (5) and (6), Pd H α blind = P fa H (Pd B P fa B ) + (P d H P fa H ) (6) If the fraction of Byzantines among all the CRs in the CRN is such that α α blind, attackers can eliminate the detection capability of the fusion center and make it blind so we term α α blind as the blinding region. For any α lying in the blinding region, Byzantines can always blind the fusion center using the attacking probability pair ((p B, q B )), that can be found from the above analysis. For α = α blind using (4), we get [p B, p B ] = [, ] and [q B, q B ] = [, ]. Marano et. al.[8] have evaluated the value of α blind = P H d P H fa +P H d P, when Byzantine attackers have a perfect knowledge of the state of nature. Hence, our results can be seen as H fa a generalization of the results presented in [8] by replacing the hard assumption of perfect knowledge of the state of primary transmitter by the soft assumption of detection based knowledge of the state of primary transmitter. The results

Fig.. Detection performance in terms of D (P (u i H ) P (u i H )) plotted against the fraction of Byzantines in the network for different attacks. For CMBA majority rule has been used. differ in that has been replaced by the term (Pd B P fa B ) in the denominator and as (Pd B P fa B ) tends to one our results reduce to that of [8]. Let us now assume fixed detection schemes at each CR (Byzantine or Honest) and that use identical thresholds for local spectrum sensing. We define two types of possible MBAs.. Independent Malicious Byzantine Attacks(IMBA): In this case, each Byzantine decides to attack independently relying on its own observation and decision regarding the presence of the primary transmitter. In this case, Pd B = P d H and Pfa B = Pfa H. Hence, using (6) the resulting α blind = /, i.e., unless the number of Byzantines is greater than or equal to 5% of the total cooperating CRs, the fusion center can not be made blind under IMBA.. Cooperative Malicious Byzantine Attacks(CMBA): In this attacking scenario, Byzantines collaborate to make the decision about the presence of the primary transmitter. This type of attack is more practical in the situation where some intruder controls the Byzantine CRs. For a given Pd H and P fa H, Byzantine CRs can increase (Pd B P fa B ) with cooperation [] and so the resulting α blind comes out to be less than /. Assuming that all the M Byzantines colludes, let Q B d and QB fa be their collective probability of detection and probability of false-alarm respectively. Q B d and QB fa can be written as: M ( ) M Q B d = (Pd B ) i ( Pd B ) M i (7) i i=l M ( ) M Q B fa = (P B i fa) i ( Pfa) B M i (8) i=l Here L out of M fusion rule has been used for collaboration among the Byzantine CRs, i. e., when L or more Byzantines decide on H the collective decision is H. Next, we consider the primary transmission model and observation model at local CRs to obtain numerical results. We assume that the primary is transmitting at the UHF frequency of 67MHz with effective transmitter antenna height h t = m and the effective isotropic radiated power (EIRP) is assumed to be 5dBm. All CRs are assumed to be equipped with a simple energy detector and effective receiver antenna height h t = m. The minimum power for a signal to be detected is assumed to be -94dbm. We use the noise power equal to -6dBm and in the log-normal shadowing path loss model as well as noise we use standard deviation, σ = σ =.6 [7]. We consider a large rural city environment where the distance between primary and secondary users is assumed to be equal to Km. We select the threshold at local CRs to achieve a maximum probability of interference(probability of mis-detection) equal to. From the numerical results presented in Fig., we observe that in the case of IMBA the required α to reduce D(P (u i H ) P (u i H )) to zero, i.e., α blind, is. This is marked as point C in the figure. If CMBA is assumed, (Pd B P fa B )) is replaced by (QB d QB fa ) in ()-(6) and the limiting case(lower bound) will be achieved when (Q B d QB fa ) equals, i.e., when the true state of primary transmitter is known. In this case, the required α to make the fusion center blind, is marked as point A, which is at α =.. But for most practical cases of CMBA, the true state of the primary transmitter is unknown, and therefore, (Q B d QB fa ) < resulting in a value of α blind that will be somewhere between A and C depending on (Q B d QB fa ) achieved through cooperation. We show this point in Fig. as B. In Fig., point B is at α = for the system parameters assumed. Next, we obtain the minimum value of α blind, i.e., for a given K, Pd H and Pfa H the minimum α (or M) that can blind the fusion center using cooperation. For this, we maximize the (Q B d QB fa ) term in the denominator of RHS of (5) for a given M and then we solve for M by putting α = M/(K +M) in the LHS of (6). Assuming that under CMBA, Byzantines use the k out-of n fusion rule for maximization of (Q B d Q B fa ). This maximization can be achieved by selecting k = N min(n, +β ) [], [4] where. is the ceiling function and Next, we define β = ln P fa P d ln P d P fa. (9) F (M, K) = M(Q B d Q B fa) K(P H d P H fa), () where Q B d and QB fa are given in (7) and (8). Let L = M min(m, +β ), β be as defined above, and M = min { M; F (M, K) and M I +, M K } The minimum number of Byzantines required to blind the fusion center for a given K is given by M B = min {M, K} () and the corresponding minimum value of α blind is αblind min = M B M B + K ()

Fig.. Attacking probabilities of Byzantines for different types of attacks plotted versus the fraction of Byzantines in the network It can be easily proved that for K > and Pd H > P fa H, M B is always equal to M. Hence under the above assumptions, minimum α blind required to nullify the detection capabilities of the fusion center is less than /, i.e., with less than 5% Byzantines in the network it is possible to make the fusion center blind and in this case, no reputation based scheme can provide any gain in detection performance. C. Moderate Attacks (α < α blind ) Here, we consider the case when α < α blind, i.e., the number of Byzantines is not sufficient to blind the fusion center. In this case, their best strategy would be to minimize D(P (u i H ) P (u i H )) and as described above we can generalize the corresponding results in [8] using the (P B d P B fa ) factor. As mentioned in the example of [8] for fixed local rules and p H q H we get [p B, p B ] = [, ] and [q B, q B ] = [, ] which minimizes D(P (u i H ) P (u i H )). In Fig., we present the attacking probabilities as a function of the fraction of Byzantines. The problem setup is the same as in Fig... For IMBA since α, the attacking probabilities (p B, p B and q B, q B ) are as described above. For CMBA, α = and for the known state case α =. (points A and B in the figure). Now considering CMBA, till α = Byzantines attack with attacking probabilities as described above. But for α α blind =, we have ρ j < and there may be an infinite number of solutions. We plot the limiting case probability in Fig. but any point in the upper triangular region of Fig. and its corresponding point in the lower triangle will lead D(P (u i H ) P (u i H )) to zero, i.e., infinite number of solutions. For example, for CMBA points between the blue circled line (q B optimal for CMBA), qb = line and α = line make the upper triangular region. Similarly the lower triangular region is formed by the line representing p B optimal for CMBA, pb = line and α = line, where we have infinite number of solutions. IV. BEST STRATEGIES : A ZERO-SUM GAME As we have observed in the previous sections that for a given system setting, there exist critical fractions of Byzantine CRs (α blind ) which will make the final detection at the fusion center in collaborative spectrum sensing process non-informative and the fusion center becomes blind. Since the cognitive radios (whether Byzantine or honest) and the fusion center are built upon an intelligent platform with the capability of changing their parameters according to the environmental conditions, the natural question arises as to what is the best strategy for all the elements of the intruded cognitive radio network to get the maximum out of the system to satisfy their respective objectives. Collaborating CRs in the network can choose their behavior (Byzantine or honest) and the local thresholds. Honest CRs are committed to choose their local thresholds as directed by the fusion center to satisfy certain performance criteria of the system. But Byzantine CRs have no interest in obeying the directions from the fusion centers and are bent on using possible parameter values to maximally degrade the performance of the system. The entire setup reduces to a game between Byzantines and the Fusion center where they have conflicting requirements. Honest CRs help the fusion center by allowing it to change their local thresholds. The Byzantines try to choose their personal thresholds in such a way that it results in maximum damage no matter what strategy the fusion center uses. Similarly, the fusion center would try to choose all the parameters in its jurisdiction (the fusion rule and local threshold for the honest CRs) in such a way that it minimizes the worst case damage from the Byzantines no matter what the strategy of the Byzantines is. As is clear from the above description, the game we are trying to analyze is a minimax game and the best strategy for both the players in the minimax case is the saddle point. In this paper, we analyze the above interaction in the context of two different performance metrics : ). KL distance and ). Probability of error (P e ) at the fusion center. A. KL Distance Since the pmf under both the hypotheses are independent of the fusion rule applied at the fusion center, the fusion rule does not come into the picture when the KL distance between the probability mass functions(pmf s) under both the hypotheses is taken as the performance metric. In this case, local thresholds of the honest and the Byzantines are the only parameters to play with. Let D (P (u i H ) P (u i H )) = f(λ h, λ b ), where λ h and λ b are the thresholds of the Byzantines and honest CRs respectively. ) Independent Attack: In this case, finding the optimal strategy for both the Byzantines and the FC, (λ h, λ b ) is straight forward. First, we need to find all the critical points of f(λ h, λ b ) by setting f(λ h,λ b ) λ h = f(λ h,λ b ) λ b =. Subsequently the saddle point is the point among the critical points which gives the negative value for the following expression, f(λ h,λ b ) f(λ h,λ b ) λ h λ b ( f(λ h,λ b ) λ b λ h ). Figs. 4 and 5 show the required saddle point when plotting the f(λ h, λ b ) on a

.8.96.75.95.7.94.65.9.6.9 5.9.9.45.4.89.88.87...9.8.7.6.5.4...4.6.8...5.4....9.8.7.6.7.8.9 Fig. 4. KL distance (in the case of an independent Byzantines attack). Probabilities of detection and false alarm of each CR have been calculated from () and (4). σ =, µ = P t P L(d) = 7, σ =.5, µ = and α =.4. (λ h on x-axis and λ b on y-axis) Fig. 6. KL distance (in the case of collaborative Byzantines attack). σ =, µ = 7, σ =.5, µ = and α =.. (λ h on x-axis and λ b on y-axis).4.... (λ h *, λb * ) = (.8,.5).9 (λ h *,λb * ) = (.77,.77)..8.7.9.6.5.8.6.65.7.75.8.85.9.95.4.4.5.6.7.8.9.. Fig. 7. KL distance (in the case of collaborative Byzantines attack). σ =, µ = 7, σ =.5, µ = and α =.4. (λ h on x-axis and λ b on y-axis) Fig. 5. KL distance (in the case of an independent Byzantines attack). (λ h on x-axis and λ b on y-axis). This figure depicts the contour and gradient diagram of the surface shown in Fig.5. If from one direction the gradients point toward the critical point and from a perpendicular direction all gradients point away from the critical point, the critical point is known as the saddle point. Similarly, the presence of saddle point can be inferred from the intersection of contour lines..45.4.45.4 plane with λ h and λ b on x-axis and y-axis respectively. It defines the optimal strategy for both types of CRs. We can see that for the saddle point λ h = λ b = λ. This value of λ maximizes the local P d P fa for both kinds of CRs. This result is intuitive as (6) also suggests that both types of CRs would try to maximize their P d P fa to achieve their objectives (increasing Pd B P fa B reduces the value of α blind and maximizing Pd H P fa B increases the value of α blind). ) Collaborative Attack: As we have defined in Section III, in collaborative Byzantine attacks all the Byzantine CRs cooperatively make the decision of sending or to the FC. In our analysis, the value of L for L out of M is used as it is defined in the previous section and λ h and λ b are the only variables. Figs. 6 and 7 show the presence of the required saddle point in this scenario and similar to the previous subsection, at the saddle point P d P fa is maximized for both kinds of CRs... 5 4 Fig. 8. Probability of error (in the case of independent Byzantine attack). Probabilities of detection and false alarm of each CR have been calculated from () and (4). σ =, µ =, σ =, µ =, N =, k = and α =.. (λ h on x-axis and λ b on y-axis) B. Probability of Error(P e ) When the fraction of the Byzantine CRs is below the critical value (α blind ), KL-distance cannot be reduced to zero. It is clear from () that reliable detection can always be performed by increasing the number of observations when the KL-distance is non-zero between the pmf s under the two 4 5.

.5.5 * * (λ hk, λbk) = (.,.4).5.5 Fig. 9. Probability of error (in the case of independent Byzantine attack). σ =, µ =, σ =, µ =, N =, k = and α =.. (λ h on x-axis and λ b on y-axis).45.4.. 4 Fig.. Probability of error (in the case of collaborative Byzantine attack). σ =, µ =, σ =, µ =, N =, k = and α =.. (λ h on x-axis and λ b on y-axis).5.5.5.5.5 * * (λ, λbk) = (.,.86) hk Fig.. Probability of error (in the case of collaborative Byzantine attack). σ =, µ =, σ =, µ =, N =, k = and α =.. (λ h on x-axis and λ b on y-axis).5 4.45.4. is using the spectrum band. Hence, the performance of SS can be quantified by the probability of error P e under the Bayesian setting. This motivates us to consider the probability of error(p e ) as another possible performance metric for our analysis. In this case, the fusion center can play with the k of the k out of N fusion rule and the local thresholds of the honest sensors to minimize the P e. On the other hand, Byzantines wish to increase the value of P e to reduce the performance of spectrum sensing process. Since the P e is a function of three variables λ h, λ b and k, out of which k is a discrete variable; finding saddle point analytically is not trivial and is a difficult optimization problem. Here we are interested only in showing the existence of optimal strategies in the Bayesian setting and finding the analytic solution for this will be considered in our future work. ) Independent Attack: In this subsection, first we fix the value of k and then try to find the saddle point for the function g(λ h, λ b ), which represents the Probability of error (P e ) for a given k.the obtained point is represented as (λ h k, λ b k ). Then we choose the k for which g(λ h k, λ b k ) is minimum and the obtained triple (λ h k, λ b k, k ) is the optimal strategy for the Byzantine and the FC. Figs. 8 and 9 represents the (λ h k, λ b k ) for k = k. ) Collaborative Attack: The optimal strategy in the minimax sense can be obtained in this case also by following the procedure given in the previous section. The value of L for L out of M is the same as defined in the previous section which minimizes the probability of error of the cooperative Byzantines network. P e in this case is plotted in Figs. and. V. CONCLUSION AND FUTURE WORK We have analyzed several fundamental issues related to collaborative spectrum sensing for CRNs in the presence of Byzantine attackers. Previous work of [8] has been extended to the realistic scenario in distributed data fusion, where the true state of nature is not likely to be known. Performance limits boundaries have been established for independent and cooperative Byzantine attacks. Optimal strategies for the Byzantines and the fusion center have also been discussed using the minimax approach. There are still many interesting questions remaining to be explored in the future work. One interesting problem is to analyze the dynamic interaction among the Byzantines and the fusion center to find the optimal strategies which can maximize their performance in finite cycles of data fusion. The case where Byzantines collude in several groups to increase their objective to degrade the detection process is another open question and will be analyzed in the future work. ACKNOWLEDGMENT hypotheses. A CRN aims to utilize the maximum fraction of available transmission opportunities. At the same time, it also wants to minimize the interference with the primary caused by transmissions by secondaries when the primary This work was supported in part by AFOSR contract FA955-9-C-46, NSF grant 95854 and CASE: The Center for Advanced Systems and Engineering, a NYSTAR center for advanced technology at Syracuse University.

REFERENCES [] Spectrum policy task force report, Federal Communications Commission, Tech. Rep., Nov.. [] J. Mitola, Software Radio Architecture. John Wiley & Sons,. [] S. M. Mishra, A. Sahai, and R. W. Brodersen, Cooperative sensing among cognitive radios, in IEEE International Conference on Communications ICC 6, Jun. 6, pp. 658 66. [4] W. Du, J. Deng, Y. Han, and P. Varshney, A witness-based approach for data fusion assurance in wireless sensor networks, in Proc. GLOBE- COM,, p. 4549. [5] L. Lamport, R. Shostak, and M. Pease, The byzantine generals problem, ACM Transactions on Programming Languages and Systems, vol. 4, no., p. 84, July 98. [6] P. Kaligineedi, M. Khabbazian, and V. Bhargava, Secure cooperative sensing techniques for cognitive radio systems, in IEEE International Conference on Communications, May 8, pp. 46 4. [7] R. Chen, J.-M. Park, and K. Bian, Robust distributed spectrum sensing in cognitive radio networks, in IEEE INFOCOM, Apr. 8, pp. 876 884. [8] S. Marano, V. Matta, and L. Tong, Distributed detection in the presence of byzantine attack in large wireless sensor networks, in Military Communications Conference, IEEE MILCOM 6, Oct. 6, pp. 4. [9] T. S. Rappaport, Wireless communications: principles and practice. Prentice Hall, 996. [] G. Chouinard, Ieee p8. wireless rans: minutes of the channel model sub-group teleconference, available at: http://www.ieee8.org//, July 6. [] J. A. Bucklew, Large Deviation Techniques in Decision, Simulation, and Estimation. New York: Wiley Series in Probability and Mathematical Statistics, 99. [] O. S. Jahromi, Multirate Statistical Signal Processing. Berlin: Springer- Verlag, 7. [] P. K. Varshney, Distributed Detection and Data fusion. New York: Springer-Verlag, 997. [4] W. Zhang, R. Malik, and K. B. Letaief, Cooperative spectrum sensing optimization in cognitive radio networks, in IEEE International Conference on Communications, ICC 8, May 8, pp. 4 45.