Security Enhanced Communications in Cognitive Networks

With the advent of ubiquitous computing and Internet of Things (IoT), potentially billions of devices will create a broad range of data services and applications, which will require the communication networks to efficiently manage the increasing complexity. Cognitive network has been envisioned as a new paradigm to address this challenge, which has the capability of reasoning, planning and learning by incorporating cutting edge technologies including knowledge representation, context awareness, network optimization and machine learning. Cognitive network spans over the entire communication system including the core network and wireless links across the entire protocol stack. Cognitive Radio Network (CRN) is a part of cognitive network over wireless links, which endeavors to better utilize the spectrum resources. Core network provides a reliable backend infrastructure to the entire communication system. However, the CR communication and core network infrastructure have attracted various security threats, which become increasingly severe in pace with the growing complexity and adversity of the modern Internet. The focus of this dissertation is to exploit the security vulnerabilities of the state-of-the-art cognitive communication systems, and to provide detection, mitigation and protection mechanisms to allow security enhanced cognitive communications including wireless communications in CRNs and wired communications in core networks. In order to provide secure and reliable communications in CRNs: first, we incorporate security mechanisms into fundamental CRN functions, such as secure spectrum sensing techniques that will ensure trustworthy reporting of spectrum reading. Second, as no security mechanism can completely prevent all potential threats from entering CRNs, we design a systematic passive monitoring framework, SpecMonitor, based on unsupervised machine learning methods to strategically monitor the network traffic and operations in order to detect abnormal and malicious behaviors. Third, highly capable cognitive radios allow more sophisticated reactive jamming attack, which imposes a serious threat to CR communications. By exploiting MIMO interference cancellation techniques, we propose jamming resilient CR communication mechanisms to survive in the presence of reactive jammers. Finally, we focus on protecting the core network from botnet threats by applying cognitive technologies to detect network-wide Peer-to-Peer (P2P) botnets, which leads to the design of a data-driven botnet detection system, called PeerClean. In all the four research thrusts, we present thorough security analysis, extensive simulations and testbed evaluations based on real-world implementations. Our results demonstrate that the proposed defense mechanisms can effectively and efficiently counteract sophisticated yet powerful attacks. To my beloved wife, Luna Le Lu, and my parents Yaqin Chen and Shifu Yan

随着无处不在的计算和物联网（IoT）的出现，潜在的数十亿个设备将创建广泛的数据服务和应用程序，这将需要通信网络有效地管理日益增长的复杂性。认知网络已被视为一种应对这一挑战的新范式，通过合并尖端技术，包括知识表示，上下文意识，网络优化和机器学习，具有推理，计划和学习的能力。认知网络跨越整个通信系统，包括核心网络和整个协议堆栈中的无线链接。认知无线网络（CRN）是无线链接上认知网络的一部分，这努力更好地利用频谱资源。核心网络为整个通信系统提供了可靠的后端基础架构。但是，CR通信和核心网络基础设施吸引了各种安全威胁，随着现代互联网的日益复杂性和逆境的速度，这些威胁变得越来越严重。本文的重点是利用最先进的认知通信系统的安全漏洞，并提供检测，缓解和保护机制，以允许增强安全性的认知通信，包括CRN中的无线通信和核心网络中的无线通信。为了在CRN中提供安全可靠的通信：首先，我们将安全机制纳入基本的CRN功能，例如安全的频谱传感技术，这些技术将确保对频谱阅读的值得信赖的报告。其次，由于没有安全机制可以完全防止所有潜在威胁进入CRN，因此我们根据无监督的机器学习方法设计了系统的被动监视框架，以策略性地监视网络流量和操作，以检测异常和恶意行为。第三，高功能强大的认知无线电允许更复杂的反应性干扰攻击，这对CR通信构成了严重的威胁。通过利用MIMO干扰取消技术，我们提出了在有反应性干扰物存在下堵塞弹性CR通信机制以生存的。最后，我们专注于通过应用认知技术检测网络范围的对等（P2P）僵尸网络来保护核心网络免受僵尸网络威胁，这导致了数据驱动的僵尸网络检测系统的设计，称为Peerclean。在所有四项研究推力中，我们都会根据现实世界实现进行彻底的安全分析，广泛的模拟和测试评估。我们的结果表明，所提出的防御机制可以有效，有效地抵消复杂而强大的攻击。致我心爱的妻子Luna Le Lu，我的父母Yaqin Chen和Shifu Yan