COGNITIVE RADIO NETWORKs face unique security problems not faced by conventional wireless networks. The current focus of the is on preventive security measures that secure the radio software download process and on schemes that thwart the tampering of radio software once it is installed. COGNITIVE RADIO NETWORKs are alsomore open to attacks such as jamming and selfish nodemisbehaviour.Authentication of the users can prevent use of the network by unauthorised users. The typical method for the identification of such terminals is the transmitter verification procedure, in which the location verification is done in addition to the signal energy detection. The objective of denial of service attack that is likely in COGNITIVE RADIO NETWORKs is to prevent other nodes from accessing the channel and using the channel to inCognitive Radio ease their own throughput. Denial of service attack causes the network to become unavailable to users and disrupts the services. The nodes exchange MAC control frames to contend for the channel. Due to the absence of a base station, the channel negotiation process is done in a distributed manner or by using a centralised spectrum manager. The false control frames transmitted are responsible for the denial of service attacks and selfish misbehaviour. With the MAC-layer authentication scheme, these problems can be solved. A number of security concerns related to cognitive radio would include the following;
• Denial of Service: In multi-channel environments, high traffic load may cause frequent exchange of control packets saturating the control channel. From the security point of view if attackers can saturate the control channel successfully, it can hinder the channel negotiation and allocation process and thus cause denial of service.
• Selfish Misbehaviour: During the channel negotiation process, a selfish node tries to take unfair advantage and improve its own performance. The channel negotiation process is done using the results from spectrum sensing and the fairness depends on the cooperation of the contending nodes.A selfish node may conceal the available data channels from others and reserve it for its own use.
• Licensed User Emulation Attack: COGNITIVE RADIO s use the licensed spectrum when it is free and otherwise use the unlicensed band. The attacker may jam the licensed band and emulate the primary user, thus limiting the COGNITIVE RADIO NETWORKS to operating in the unlicensed bands and therefore limiting COGNITIVE RADIO NETWORKS capacity. A solution to this problem is not yet known.
• Common Control Channel Jamming: In this case, the attacker transmitsperiodicalpulses inthe control channel spectrum. The jamming of one channel blocks the probable communication between all COGNITIVE RADIO nodes.UWB (ultra-wide-band) as common control channel deployment may solve the problem of jamming.
• Attacks on Spectrum Managers: There cannot be just one spectrum manager for assigning frequency bands because it may be a single point of attack on the network. So, when the spectrum manager is not available, communication between COGNITIVE RADIO nodes is not possible. Thus, the spectrum availability should be distributed and replicated in COGNITIVE RADIO NETWORKSs. The attack can be prevented possibly by use of a specific pilot channel in the licensed band.
• Eavesdropping: The transmission range of COGNITIVE RADIO s is not limited to a short distance because it uses bands lower than UNII and ISM. This allows collection of data by attackers invisible to the emergency services. Therefore, a strong data enCognitive Radio yption is needed at the physical level.
• Privacy Compromised: No disclosure of data should be allowed without permission of the user. The distribution and sharing of context information should be governed by rules and policies that ensure that the user’s privacy is not endangered.
• Network Management Infrastructure: The infrastructure is often designed and deployed based on the hierarchical manager/agent architecture, with extensions for ad-hoc wireless networks and techniques for passively and actively monitoring overlays.
• PolicyManagement: Throughout the COGNITIVE RADIO NETWORKS, policy management will be achieved by properly propagating profile information updates by the COGNITIVE RADIO NETWORKS administrator. Policies are personalised according to user interaction and can be achieved by propagation of policy updates throughout the COGNITIVE RADIO NETWORKS.
The figure below illustrates a secure cognitive access control architecture that can be adapted to implement security in cognitive radio networks;
