| Under traditional licensed spectrum regulation, various technologies, such as modulation, coding, multiple antennas, have been attracting considerable attention as basic solutions for increasing spectral efficiency. However, with fixed spectral bandwidth, none of the above techniques can escape from the constraint of Shannon capacity. With the ever increasing demand of wireless services, limited spectral bandwidth arises as the bottleneck of wireless communications development. On the contrary, field measurements show that the actual spectral utilization by primary users (PU) is very low. Cognitive Radio (CR), with the ability of dynamically accessing unused spectral bands, is considered as a promising technique to solve the contradiction between low spectral utilization and the increasing spectral demand, and is termed "the Next Big Thing".Spectrum sensing, which paves the way for the CR realization, is recognized as one heart technology of CR. It serves as the foundation of dynamic access capability embedded in CR without causing harmful interference to PUs. While increasing spectral efficiency, new security vulnerabilities are imposed by spectrum sensing: spectrum sensing disruption (termed spoofing for short). Spoofing, by emitting spoofing singals in unused bands during sensing periods, aims to mislead CR to reach false decisions on whether the observed band is occupied, such that the spectral efficiency is decreased.Here arise a series of problems of how to understand this new form of attack, such as which factors of the CR system is vulnerable to spoofing, how to analyze its effect to the CR system, and what the worst-case performance would be in the presence of spoofing, etc. These unanswered questions are the fundamental issues toward designing secure spectrum sensing algorithms. However, it is in serious lack of systematic and theoretical investigations yet.This dissertation carries out research focusing on the theory and methodology of spectrum sensing disruption in CR, which includes:First, optimal sensing disruption strategies are derived and analyzed under the constraint of a power budget. Specifically,(1) The problem of optimal sensing disruption under Additive White Gaussian Noise (AWGN) is investigated. By minimizing the available bandwidth for the CR system where energy detection is utilized for sensing, the optimal sensing disruption strategy is derived, which corresponds to equal-power, partial-band spoofing; The optimal spoofing performance with varying sensing parameters is analyzed, which turns out to be proportional to either false alarm probability or integration-time-bandwidth product; Theoretical along with numerical results indicates that:spoofing can effectively reduce the available bandwidth of the CR system. When the power budget of the adversary is large enough, the CR system could even be out of work since no available bandwidth can be found via sensing.(2) The problem of optimal sensing disruption with path loss is investigated. Similar as the case for AWGN, the optimal spoofing strategy considering path loss is derived, which also corresponds to equal-power, partial-band spoofing; Theoretical along with numerical results further analyzed, for this path loss scenario, the optimal spoofing performances under different parameters of the CR system.(3) The problem of optimal sensing disruption with fading is investigated. The mathematical model of optimal spoofing with fading is established:minimizing the available bandwidth of the CR system with the power constraint; Considering that the objective is non-convex with parameters involving integration of nonlinear functions, it is quite difficult to arrive at analytical solutions. However, by utilizing the separable characteristics of both objective and constraints, the non-convex, nonlinear optimization is transformed into mixed-integer linear programming via introducing additional integer variables. This numerical approach can obtain global optimum, and is applicable to various independent fading scenarios, such as Rayleigh, Rician and Nakagammi; Based on this approach, the worst-case (instantaneous channel state information is assumed to be known) performance of spoofing with fading is analyzed:for identical and independent Rayleigh fading whose second moments are normalized to unity, the worst-case performance of spoofing asymptotically approaches that under AWGN; Further, a feasible (only the statistical channel state information is known) optimal spoofing strategy is also given and analyzed:for identical and independent Rayleigh fading, the feasible optimal spoofing strategy turns out to be equal-power, partial-band.When spectrum sensing is fulfilled, a cognitive user (CU) can access those bands that are determined to be vacant through sensing. This phase is called data transmission, where the CU could possibly face the traditional jamming (jamming signals are launched in those bands where the CU is in use, to degrade its performance such that effective transfer of information is denied). For the ideal case where the power/energy is unlimited, the adversary can choose to optimally spoof in the sensing slot and then optimally jam when the CU starts data transmission, in order to maximally degrade the performance of the CR system. However, for a practical matter, the energy of an adversary is usually limited. In this case, how to optimally distribute the energy budget into sensing slot and the data transmission slot so as to maximally attack the CR system remains unanswered. This issue is fundamental and critical to the development of the sensing disruption theory. Therefore, this problem is investigated in the latter part of this dissertation, including:(4) For a basic CR network scenario, the problem of how to optimally combine both spoofing and jamming with an energy budget is investigated. The objective of the adversary is established as the average sum throughput of the CR system, based on which the relationship among the average sum throughput, spoofing signals, jamming signals, and the required bandwidth of the CR system is analytically given. Then the optimal attack to the CR system is mathematically... |
PDF Full Text Request