PRIMARY USER EMULATION / SIGNAL JAMMING ATTACK DETECTION METHOD

Abstract

The method of the invention is related to utilizing the convergence patterns of sparse coding for detecting a primary user emulation/signal jamming attack in a cognitive radio setting. The method basically comprises a training stage and a testing stage. Through the method, the hypothesis which shows that there is no primary user but only noise (H.sub.0), the hypothesis which shows that there is a legitimate primary user present with a right to use the spectrum and the secondary user should not use the spectrum (H.sub.1), and the hypothesis which shows that there is a primary user emulator/signal jammer in the environment (H.sub.2) can be distinguished.

Claims

1. A method for detecting a primary user emulator/signal jammer (PUE/J), characterized in that it uses the following trio; A signal (y.sub.0.sup.i) corresponding to the hypothesis (H.sub.0), which shows that there is no primary user (PU) but only noise, A signal (y.sub.1.sup.i) corresponding to the hypothesis (H.sub.1), which shows that there is a legitimate primary user (PU) with a right to use the spectrum and that the secondary user (SU) should not use the spectrum, A signal (y.sub.2.sup.i) corresponding to the hypothesis (H.sub.2), which shows that there is a primary user emulator/signal jammer (PUE/J) in the environment, and it comprises a training stage comprising the process steps of; Combining the channel corresponding to the legal primary user (PU) (h.sup.i.sub.PU) and the randomly chosen data set (SD) for each of the said three signals, and calculating a dictionary (D.sub.PU) that is dependent on a primary user (PU), Subjecting each one of said three signals to a sparse coding (SC) process with this dictionary (D.sub.PU) during the calculation of the absolute gradient (|G|) combined with a sparse coding algorithm such as the orthogonal matching pursuit algorithm calculating the residual energy profile (|r|.sub.2) and the corresponding training feature vector and finding the feature data (f) corresponding to each of the three hypotheses with this process, Obtaining a classification model (CM) with the class tags as a result of the machine learning (ML) based classification (C) procedure from said training feature vectors. and a testing stage comprising the process steps of; Obtaining a dictionary (D.sub.PU) as a result of the dictionary calculation (DC) of the sampled data (SD) with the channels (h.sub.PU) corresponding to legal users, Performing sparse coding (SC) via the said dictionary (D.sub.PU) for each test signal (y), and making a feature extraction (FE), Giving the extracted feature vector to the classifier (C) together with the classifier model (CM), The said classifier (C) making a decision (D) regarding the hypothesis corresponding to the present feature data (f) in question.

2. A method for the detection of a primary user emulator/signal jammer (PUE/J) attack according to claim 1, characterized by the addition of the signals of f.sub.0.sup.i, f.sub.1.sup.i, f.sub.2.sup.i to the training feature vectors to which they correspond to, as 0, 1 and 2 respectively and thereby detecting the attack using these features.

3. A method for the detection of a primary user emulator/signal jammer (PUE/J) attack according to claim 1, characterized by the dictionary (D.sub.PU) calculation process being carried out by using the equation of D.sub.PU=h.sub.PU*SD.

Description

FIGURES AIDING THE DESCRIPTION OF THE INVENTION

[0025] FIG. 1 is the schematic view of a primary user emulator/signal jammer in the environment,

[0026] FIG. 2 is the schematic view of the training stage of a primary user emulator/signal jammer detection method of the invention,

[0027] FIG. 3 is the schematic view of the testing stage of a primary user emulator/signal jammer detection method of the invention.

DESCRIPTION OF THE REFERENCES OF THE PARTS OF THE INVENTION

[0028] PU: Primary user
SU: Secondary user
PUE/J: Primary user emulator/signal jammer
SD: Sampled dictionary
h.sup.i.sub.PU: Channel corresponding to legitimate primary user
h.sub.PU: Channels corresponding to legitimate users
DC: Dictionary calculation
D.sub.PU: Dictionary connected to a legitimate primary user
y.sub.o.sup.i: The signal corresponding to the hypothesis which shows that there is no primary user but only noise
y.sub.1.sup.i: The signal corresponding to the hypothesis which shows that there is a legitimate primary user present with a right to use the spectrum and the secondary user should not use the spectrum
y.sub.2.sup.i: The signal corresponding to the hypothesis which shows that there is a primary user emulator/signal jammer in the environment
f.sub.0.sup.i: The feature data corresponding to the hypothesis which shows that there is no primary user but only noise
f.sub.1.sup.i: The feature data corresponding to the hypothesis which shows that there is a legitimate primary user with a right to use the spectrum and the second user should not use the spectrum
f.sub.2.sup.i: The feature data corresponding to the hypothesis which shows that there is a primary user emulator/signal jammer in the environment
y: Test signal
f: Feature data
SC: Sparse coding
FE: Feature extraction

C: Classification

[0029] CM: Classified model

D: Decision

DETAILED DESCRIPTION OF THE INVENTION

[0030] In this detailed description, the method and system which provides the phase and frequency synchronization of the invention are explained in order for the subject to be better understood.

[0031] The system model in which the method of the invention uses is shown in FIG. 1. This model comprises a legitimate primary user (PU) node, a secondary user (SU) node, and an illegal node (primary user emulator/signal jammer (PUE/J). The secondary user (SU) node desires to benefit from the spectrum in the presence of an illegal node which can start a signal jammer attack or primary user emulator attack (PUEA). While a legitimate primary user (PU) node and primary user emulator (PUE) transmit structured signals, the signal jammer sends a random signal. The signal sent from any node is in the form of y=h.sub.x+n. The h.sub.x expresses the general channel vector (or matrix) between any transmitter-receiver pair; n expresses additive white Gaussian noise. Due to the spatial de-correlation concept, the channel h.sub.x between different transmitter-receiver pairs is different [1]. The general channel between the transmitter and receiver nodes is based on the channel model presented on h.sub.x [2].

[0032] The said method basically comprises two stages as the training stage and testing stage.

[0033] FIG. 2 shows the training stage involved in the method of the invention. In the training stage, the test signals of y.sub.o.sup.i, which corresponds to H.sub.0 hypothesis, y.sub.1.sup.i which corresponds to H.sub.1 hypothesis, y.sub.2.sup.i which corresponds to H.sub.2 hypothesis are used. According to this, the training stage comprises the following process steps respectively: [0034] Combining the channel corresponding to the legitimate primary user (PU) (h.sup.i.sub.PU) and the randomly chosen data set (SD) for each of the said three signals, and calculating a dictionary (D.sub.PU) that is dependent on a primary user (PU), [0035] Subjecting each one of said three signals to a sparse coding (SC) process over the dictionary (D.sub.PU). Sparse coding can be achieved using any sparse recovery algorithm such as the orthogonal matching pursuit algorithm. While performing sparse coding, the energy (norm) of the representation residual signal (|r|.sub.2) is calculated for each iteration. Then, the decay of the residual energy is quantified in terms of its absolute gradient (|G|) to give rise to a so-called residual energy profile. This profile is adopted as the classification feature data point (f) corresponding to the received signal of interest, [0036] Obtaining a classification model (CM) with the class tags as a result of the machine learning (ML) based classification (C) procedure from said training feature vectors.

[0037] In a preferred embodiment of the method of the invention, the feature data f.sub.0.sup.i, f.sub.1.sup.i, f.sub.2.sup.i are added to the training feature vectors they correspond to, as 0, 1 and 2, respectively, and thereby the attack is detected.

[0038] In another preferred embodiment of the method of the invention, the dictionary (D.sub.PU) calculation process is carried out by using the equation of D.sub.PU=h.sub.PU*SD. The * in this equation expresses convolution.

[0039] FIG. 3 comprises the testing stage of the method of the invention. Accordingly, the said testing stage comprises the process steps of: [0040] Obtaining a dictionary (D.sub.PU) as a result of the dictionary calculation (DC) of the sampled data (SD) with the channels (h.sub.PU) corresponding to legal users, [0041] For each test signal (y), performing sparse coding (SC) via the said dictionary (D.sub.PU) and making a feature extraction (FE), [0042] Giving the extracted feature data point (f) to the classifier (C) with the classifier model (CM), [0043] The said classifier (C) making a decision (D) regarding the hypothesis corresponding to the present feature data (f) in question.

REFERENCES

[0044] [1] Y. Arjoune and N. Kaabouch, “A comprehensive survey on spectrum sensing in cognitive radio networks: Recent advances, new challenges, and future research directions,” Sensors, vol. 19, no. 1, p. 126, 2019. [0045] [2] T. Yucek and H. Arslan, “A survey of spectrum sensing algorithms for cognitive radio applications,” IEEE Commun. Surveys Tuts., vol. 11, no. 1, pp. 116-130, First 2009. [0046] [3] A. G. Fragkiadakis, E. Z. Tragos, and I. G. Askoxylakis, “A survey on security threats and detection techniques in cognitive radio networks,” IEEE Commun. Surveys Tuts., vol. 15, no. 1, pp. 428-445, First 2013. [0047] [4] B. Wang, Y. Wu, K. J. R. Liu, and T. C. Clancy, “An anti jamming stochastic game for cognitive radio networks,” IEEE J. Sel. Areas Commun., vol. 29, no. 4, pp. 877-889, April 2011. [0048] [5] D. Chaitanya and K. M. Chari, “Performance analysis of puea and ssdf attacks in cognitive radio networks,” in Computer Communication, Networking and Internet Security. Springer, 2017, pp. 219-225. [0049] [6] F. Jin, V. Varadharajan, and U. Tupakula, “Improved detection of primary user emulation attacks in cognitive radio networks,” in 2015 International Telecommunication Networks and Applications Conference (ITNAC), November 2015, pp. 274-279. [0050] [7] S. U. Rehman, K. W. Sowerby, and C. Coghill, “Radio-frequency fingerprinting for mitigating primary user emulation attack in low-end cognitive radios,” IET Communications, vol. 8, no. 8, pp. 1274-1284, 2014. [0051] [8] W. Chin, C. Tseng, C. Tsai, W. Kao, and C. Kao, “Channel-based detection of primary user emulation attacks in cognitive radios,” in 2012 IEEE 75th Vehicular Technology Conference (VTC Spring), May 2012, pp. 1-5. [0052] [9] N. T. Nguyen, R. Zheng, and Z. Han, “On identifying primary user emulation attacks in cognitive radio systems using nonparametric Bayesian classification,” IEEE Trans. Signal Process, vol. 60, no. 3, pp. 1432-1445, March 2012. [0053] [10] R. Chen, J. Park, and J. H. Reed, “Defense against primary user emulation attacks in cognitive radio networks,” IEEE J. Sel. Areas Commun., vol. 26, no. 1, pp. 25-37, January 2008. [0054] [11] N. Patwari and S. K. Kasera, “Robust location distinction using temporal link signatures,” in Proceedings of the 13th Annual ACM International Conference on Mobile Computing and Networking, ser. MobiCom '07. New York, N.Y., USA: ACM, 2007, pp. 111-122. [0055] [12] X. Zhang, Y. Ma, Y. Gao, and S. Cui, “Real-time adaptively regularized compressive sensing in cognitive radio networks,” IEEE Trans. Veh. Technol., vol. 67, no. 2, pp. 1146-1157, February 2018. [0056] [13] F. Ye, X. Zhang, Y. Li, and H. Huang, “Primary user localization algorithm based on compressive sensing in cognitive radio networks,” Algorithms, vol. 9, no. 2, 2016. [0057] [14] S. Maric, A. Biswas, and S. Reisenfeld, “A complete algorithm to diagnose and alleviate the effects of physical layer attacks,” in 2017 International Conference on Signals and Systems (ICSigSys), May 2017, pp. 29-34.