Trust Aware Scheme based Malicious Nodes Detection under Cooperative Spectrum Sensing for Cognitive Radio Networks

Emerging of Cognitive Radio (CR) technology has provided an optimistic solution for the dearth of the spectrum by improving the spectrum utilization. The opportunistic use of the spectrum is enabled by spectrum sensing which is one of the key functionality of CR systems. To perform the interference-free transmission in cognitive radio networks, an important part for the unlicensed user is to identify a licensed user with the help of spectrum sensing. Recently, the Cooperative Spectrum Sensing has been widely used in the literature where various scattered unlicensed users collaborate to make the final sensing decision. This overcomes the hidden terminal problem and also improve the overall reliability of the decisions made about the presence or absence of a licensed user. Each unlicensed user sends the sensing results to the base station for the final decision. However, there exist some nodes which do not provide the correct sensing results to maximize their own profit which can highly degrade the CR network functionality. In this paper, a trust-aware model is proposed for the detection of misbehaving nodes such that their sensing reports can be filtered out from the final result. The performance evaluation of the proposed scheme is done by checking its robustness and efficiency against various possible attacks.


INTRODUCTION
In recent years, there is a rapid growth of wireless services which results in great demand for limited spectrum resources. The limited spectrum is divided into two bands i.e. licensed band and licensefree bands. The utilization of the licensed spectrum is inconsistent which plays a major role in the shortage of spectrum. Due to the fixed allocation scheme of the spectrum, the spectrum remains under-utilized and the unused spectrum is termed as spectrum hole. Recently, Cognitive Radio Networks (CRNs) have been used to improve the utilization of spectrum [7,8]. Cognitive technology [2] mainly focuses upon the opportunistic sharing of the licensed band by secondary users (SUs) with licensed users termed as primary users (PU) without causing interference to them.
In spectrum sensing, few factors, such as shadowing and multipath fading may consequently deteriorate the performance of PU detection by the SUs. Cooperative sensing improves the overall detection performance by aggregating the sensing results of the various SUs located spatially. Due to the spatial diversity, the combined sensing decisions are more accurate than the sensing result of a single SU [1]. Generally, centralized cooperative sensing is more beneficial in which the distributed secondary users forward their own results to the Fusion Center (SU, BS), where the fusion center uses some fusion algorithms to combine the sensing results and decide about PU absence or PU presence [9].
However, in CSS mainly two security threats are faced by CRNs: First, the PU emulation attack, the attacker act as the licensed user, and the unlicensed user have to evacuate the spectrum band forcefully [23]. The second possible threat is the spectrum sensing data falsification attack [25] where the malicious user provides false sensing reports to the cognitive radio leading to the wrong decision. Based on sensing reports [22] produced by the malicious nodes, the attackers which provide the false attacks are classified into three types. The first type of attackers produce results in the form of yes (indicates that the PU is present when in fact it is absent) or no (indicates PU is absent when actually PU is present). The second type of user always produces sensing results opposite to the results they sensed, while the third type of user produces false results once in a while. These kinds of false results that modify the final decision result in false alarms where the SUs are prohibited to use the band by transmitting false information about the presence of PU, though in actual the band is idle. In the other case, the false results lead to the final decision, where it is concluded that the spectrum band is empty where it is in use.
In view of the aforementioned problems, some security measures [12] are required which ensure confidentiality(unauthorized users can not read the data on the network), integrity(detects changes in the data transmitted whether it is intentional or unintentional), availability(data is available to the authorized users whenever required) and access control(ensures that only authorized users can use the resources). In this work, cooperative sensing is considered where sensing results are influenced by the false spectrum sensing results by the malicious nodes. Therefore, in this paper, a trustaware scheme for the malicious nodes detection is proposed such that these nodes are excluded during the preparation of the final sensing report.
The rest of the paper is organized as follows. The next section discusses the work related to security in cooperative spectrum sensing. Section III discusses the system model and the proposed scheme. In section IV performance of the proposed scheme is evaluated against various possible attacks in cooperative spectrum sensing.

RELATED WORK
A Survey of various threats on security in cognitive radio networks can be found in [13,16,19], [18], [24]. An algorithm is proposed by Wang et al. in [20]for the detection of spurious nodes in the network. The malicious nodes can be detected by calculating the trust factor and consistency factor for each user and the nodes whose trust values and consistency values were less than the decided threshold value, were considered as the spurious nodes. The drawback of this method is that it considered that at a single time only one attacker is active.
In [15], Noon and Li studied a new type of attack called hit and run attack, where the attacker can be in two modes i.e either it can produce the sensing report honestly or it can falsify the sensing reports. The author also found a method to mitigate this attack. In the proposed method, for each user, the suspicious point value has been calculated and the threshold value has been decided such that when the suspicious point value of the user crosses the threshold value then it is considered as a spurious node.
For the detection of multiple spurious nodes in a system, Wang et al. [21], proposed a soft decision scheme in which the policy of the attacker is assumed and the location of each user is known to the base station. The heuristic approach has been used to identify the spurious nodes. Further, posterior probability has been used for the detection of the suspicion level of each node. Then calculated probability was compared with the decided threshold value and if the value goes beyond the decided threshold value then the node is considered as a malicious node. This approach is also known as the "onion peeling approach".
To detect the data falsification attackers Bansal et al. in [3], made use of the signals generated by PUs to detect the nodes which were sending false signals. Similarly in [17], authors estimated the attack strength where the attack strength was considered as the ratio of the number of spurious nodes to the total available nodes present in the network. Using this strategy, the authors estimated attack strength and used the Bayesian hypothesis for improving the performance of cooperative sensing.
In [10], Huang et al. considered the weight factor which depicts the contribution of the user. Each user is allocated with some reputation and this reputation factor is negatively influenced by the fading. Mastui et.al. [14] also proposed an algorithm similar to the proposed method of Huang et.al. with the only difference that Mastui et. al. considered the distance between the two nodes where the location of SUs was assumed to be known to the base station.
Authors in [4,5], proposed a mathematical model based on trust and reputation factor. Kar et al. in [11], used four parameters in their work to calculate the trustworthiness (sensing reputation). These factors were an active factor, consistency factor, incentive factor, and trust factor. Based on calculated trustworthiness the nodes are declared as spurious. However, to apply the trustworthiness factor it is necessary to detect the SUs successfully.
The proposed work considers the trust value of nodes along with their previous reputation which is derived in the work. Only those nodes whose trust value and reputation values are above the threshold are included in the sensing process and others are excluded.

PROPOSED SCHEME
This paper considers the CRN consisting of a finite number of primary users, secondary users, and a secondary base station which acts as a fusion center(FC) [6]. The SUs wish to utilize the idle channel i.e. which are not currently being used by the PUs opportunistically. However, to use the licensed channel, a SU first performs spectrum sensing. The secondary BS and the SUs are assumed to be within the range of each other. The FC is used to collect the results of all SUs. First, the secondary BS selects a channel from the network to perform sensing and then instructs the SUs to carry out sensing in the selected channel. The Common Control Channel(CCC) is used by the SUs to forward the sensing results to the secondary base station using one of the following techniques. In soft decision technique, parameters like the measure of energy levels are calculated during SU sensing reports are sent to the secondary base station by the SUs. The problem with this technique is that there is a significant increase in the volume of communication data. While in case of hard decision, only one bit for decision making is used like '1' for the presence and '-1' for the absence of PU is send, and if the state of the channel is not clear then it is denoted by 0. Then suitable data fusion techniques like OR, AND, MAJORITY rules, etc. are used by the FC to make a final decision, and then the result based on the final decision is disseminated to all the SUs back.
It is assumed that the SU base station itself is a sensing node. However, sometimes it is not sure about its own sensing results. Therefore, while computing the final sensing result, the SU base station considers the confidence level of ϕ. The overall sensing result produced by the base station for the channel is given by: where: χ b is the final sensing result given by base station for channel b. ϕ is the confidence level of SUs base station. ω BS is the sensing result produced by the SU base station. ω ib is the sensing report produced by SU i for channel b. ψ ib is the trust level of SU i for the channel b. N is the number of SUs having trust factor value greater than the decided threshold value for the channel b.
The threshold value is set to 0, whenever the variance in trust value in respect of a channel b for all the SUs is not considered and ψ ib of all the nodes is set to 1. The equation 1 reduces to the average of sensing results obtained from the SUs in this case. Further, the final decision D b of made by the SU base station is decided by the associated sign with the final sensing result

Calculating Trust Value
In the proposed model, the assessment of the unlicensed users is done based on last M behavior. The unlicensed user is awarded with[P,M] after each iteration and P,M ϵ0, 1. The unlicensed user is awarded [1,0] if it provides accurate results whereas [0,1] if it provides false results. Further, two databases(trust and reputation databases) are used to store the sensing results,i.e. trust values and history. As it is well known that miss detection error has significantly more chances to occur as compared to the false alarms due to which trust and reputation factors of a SU are highly dependent on this. Further, forgetting factor (ρ kc ) is used to achieve the abovementioned goal and also stored for each SU. The value of forgetting factor (ρ kc ) is ρ 1 if j is miss detection error otherwise the value of forgetting factor is ρ 2 .
The value of trust factor for particular user in context c can be calculated as: Where: ψ kc c is the value of the trust factor of user k in the context c.
ρ kc is the forgetting factor of user k in the context c. M is the number of history ratings. µ jkc is the j t h optimistic nature of user k in the context c. υ jkc is the j t h pessimistic nature of user k in the context c. This technique affects both the positive and the negative ratings of history due to which it is not sufficient to tackle with miss detection rate. Hence, in case of a negative result, [0, M] may be added to the history. However, as there is no need of punishing the user if the final decision is in the favor of PU, due to which [1,0] is added in case of positive rating, [0,1] is added in case of negative rating, and [1,1] is added to the history of the abstained user. However, if the SU base station itself is in confusion and the final decision is zero then no reward is added.

SIMULATION RESULT AND ANALYSIS
In this section, the robustness and efficiency of the proposed algorithm are evaluated. The model is simulated by considering 100 SUs and 8 PUs. A random variable is considered to decide the value of ϕ for each SUs and SU base station. The value of the mean is considered as 0.5 whereas the value of variance is 0.25. Further, the confidence threshold of the node is considered as 0.25 and the node whose confidence threshold is less than 0.25 is not considered for sensing. The trust threshold Ω is set to 0.65 and the nodes whose value of trust factor is below the considered threshold are not considered by the SU base station for making the final decision. Two forgetting factors ρ 1 and ρ 2 are considered as 1 and 0.9 respectively.
To calculate the effectiveness of the proposed algorithm, Total Utility Loss(TUL) is defined as: where, ν 1 is the error rate produced by false alarm, ν 2 is the error rate produced by miss detection, ϖ 1 is the weight factor of ν 1 and ϖ 2 is weight factor of ν 2 .
Since, miss detection errors are more severe and harmful as compared to the false alarm errors, therefore, ϖ 2 is given more weightage than ϖ 1 . Hence the values assigned to ϖ 1 and ϖ 2 is 1 and 10 respectively. Further, attacker ratio (σ ) is taken into consideration and is defined as the number of malicious users present in the system.
The efficiency and the robustness of the proposed algorithm are checked by considering the following attacks.

Fabrication Attack
When SUs always provide false results i.e. opposite to the sensing results, then it is termed as a fabrication attack. This attack either prevents unlicensed users from accessing the spectrum or creates an excessive amount of interference to licensed users. The final decision depends upon the number of spurious nodes present in the system. If the number of malicious nodes is in majority then the final decision is incorrect otherwise it is correct. It is considered that 50% of the total SUs are malicious with α = 50%. The error rate of the system is directly dependent on the spectrum usage by licensed users. It has been observed that the proposed method can reduce the value of total utility loss with an attacker's ratio greater than 40%. Therefore, it is concluded that the proposed algorithm shows robustness under the fabrication attack.

True-False Attack
It is a dynamic strategy, in which the malicious users switch their opinions between correct and incorrect sensing results. The malicious users attain a high reputation by providing correct sensing results and then use this reputation to deceive the system by sending incorrect sensing reports to the SU base station. Let t be the rate of true-false error. The case with σ < 40% is not considered as total utility loss tends to be 0 in that case. Whereas, total utility loss gets diminished when the proposed method is adopted with an attacker's ratio greater than40%. Figure 1 indicates the variation in total utility loss (Φ) under true-false attack.

Denial of Service attack
In this type of attack, the presence of PUs is always reported by the malicious nodes in its sensing report. It is indicative in figure 2 that the proposed algorithm performed well and total utility loss is inversely proportional to the spectrum band usage by the PUs. Further, the total utility loss plot with the attacker's ratio as 100% is not shown because it is unlikely that all the users account for the presence of PU when actually it is not present.  Figure 3 represents the trust score attain by all the SUs when the usage rate of the spectrum band is considered as 45% and 75% respectively and it is concluded that the trust score factor is dependent on the context.

Greedy Attack
In this type of attack, the spurious user always accounts for the absence of PU to the SU base station. If the final decision is influenced by the sensing reports of the malicious nodes then PU face interference and the SU base station get punishment. The value of total utility loss of the CRN under the greedy attack is shown in Figure 4. Further, Figure 5 shows the filtering of these types of nodes.

Amalgamation of Attacks
It is highly probable that more than one attack is present in the system. Therefore, it is necessary to check whether the system is efficient and robust against different types of attacks collectively. The total utility loss under true false attack and denial of service attack collectively with trust score 20% and attacker's ratio as σ 1 and σ 2 respectively is shown in figure 6.
Further, the total utility loss under true false attack and greedy attack collectively with trust score 20% and attacker's ratio as σ 1 and σ 2 respectively is shown in figure 7    The total utility loss under true-false attack with trust score as 20% and attacker's ratio as 50%, greedy attack with attacker's ratio as 10%, fabrication attack with attacker's ratio as 30% and denial of service attack with attacker's ratio as 10% collectively is shown in figure 8. It can be concluded that all the attacks are handled effectively by the proposed algorithm. Further, the trust value of each SU under true-false with attacker's ratio as 50% and attack rate as 20%, greedy attack with attacker's ratio as 10%, fabrication attack with attacker's ratio as 30%, and denial of service attack with attacker's ratio as 10% is shown in figure 9.

CONCLUSION
There is a possibility of the presence of the malicious nodes in the CRN. These malicious nodes may affect the final sensing results in cooperative spectrum sensing due to which efficiency of the CRN may get degraded. The proposed algorithm helps in finding the malicious nodes present in the network. In the present work, the algorithm finds the malicious nodes by considering the trust value and filter out these nodes from the final decision. Further, performance evaluation of the proposed algorithm is performed to find the variation in total utility loss under the influence of various attacks. In the future, various attacks can be studied where PU base stations and SU base stations are not trustworthy. Further, the performance of the proposed scheme can be studied on ad-hoc, mesh, and distributed systems.