Sequential fusion‐based defense strategy against sophisticated Byzantine attacks in cognitive IoT networks

Abstract

Abstract5G and 6G promise to be catalysts for the Internet of Things (IoT), enabling ultra‐massive and mission‐critical IoT. The demands of new IoT applications and the large number of connected objects being announced will exacerbate the thorny issue of spectrum scarcity in wireless communications. Cognitive radio (CR) is a revolutionary technology that promises to mitigate the problem of spectrum scarcity through more efficient use of spectrum. Integrating CR into the IoT allows objects to opportunistically access spectrum resources already allocated to a Primary User (PU) without causing interference. Spectrum sensing (SS) allows objects to be aware of the PU's spectrum occupancy status. In radio environments where the PU signal is subject to multipath and shadowing effects that degrade the channel between the PU and objects, SS performed by a single object could be inaccurate and lead to incorrect decisions about the PU's status. Cooperative spectrum sensing (CSS) has been proposed to improve detection performance. However, this cooperation between objects has opened the way to a new form of attack known as the Spectrum Sensing Data Falsification (SSDF) or Byzantine attack. In a SSDF attack, attackers falsify their local sensing results before sharing them in the CSS. This attack is very harmful to the CSS and can lead to a loss of spectrum opportunities or interference with the PU. In this paper, from the attack point of view, a sophisticated Byzantine attack model that generalizes well the simple attack strategies has been proposed and allows an attacker to implement other attack strategies. From a defense point of view, a new and innovative Weighted Sequential Hypothesis Testing (WSPRT) scheme has been suggested. This ensures the security of the CSS while significantly reducing the average number of samples required for overall decision‐making in a very hostile IoT network. The results obtained from simulations carried out in various attacks scenarios show that the proposed secure CSS scheme requires at most six samples to detect the state of the PU without error when the proportion of attackers reaches 80%. This performance far exceeds that of other defense mechanisms such as classic WSPRT, SPRT, and majority rule, with which we have compared it under the same conditions. In general, for the classic WSPRT, SPRT, and majority rule mechanisms, the error rate starts to deteriorate at ratio 40% of attackers and the number of samples is greater than six and reaches 50.