Performance of p-Norm Detector in Cognitive Radio Networks with Cooperative Spectrum Sensing in Presence of Malicious Users

A cognitive radio network (CRN) with a cooperative spectrum sensing scheme is considered. This CRN has a primary user and multiple secondary users, some of which are malicious secondary users (MSUs). Energy detection at each SU is performed using a p-norm detector with p ≥ 2, where p = 2 corresponds to the standard energy detector. The MSUs are capable of perpetrating spectrum sensing data falsification (SSDF) attacks. At the fusion center (FC), an algorithm is used to suppress these MSUs which could be either an adaptiveweighing algorithmor one of the following: Tietjen-Moore (TM) test or Peirce’s criterion.This is followed by computation of a test statistic (TS) which is a random variable. In this paper, we assume TS to have either a Gamma or a Gaussian distribution and calculate the threshold accordingly. We provide closed-form expressions of probability of false alarm and probability of miss-detection under both assumptions. We show that Gaussian assumption of TS is more suited in presence of an SSDF attack when compared with the Gamma assumption. We also compare the detection performance for various values of p and show that p = 3 along with the Gaussian assumption is the best amongst all the cases considered.


Introduction
The increase in demand for high-data-rate communication over wireless channels has fueled research in many possible directions.Some of these include developing spectrally efficient modulation schemes, channel codes that approach capacity, and many such techniques.In this context, one of the prime areas of research is cognitive radio, which enables efficient use of wireless spectrum [1].Wireless spectrum is a scare resource, and a study carried out in the United States revealed the inefficient utilization of this resource [2].The scanning of spectrum brought into light the following observations: some bands of the spectrum were completely unoccupied and some other bands were used only sparingly, while some were heavily occupied.Spectrum holes are those frequencies in the spectrum, which have been allocated to a user, but are not in use at that point in time-frequency and geographic area [3].For a superior utilization of the spectrum, it was proposed that users can be permitted to use spectrum holes.The user who is allocated the spectrum is the licensed user and also known as the primary user (PU), whereas the user, who uses the spectrum when PU is not using it, is known as a secondary user (SU).SU employs cognition at the receiver in order to detect the PU and adapts its parameters accordingly.Hence, SU acts as a cognitive radio (CR) which is aware of its environment.
The presence of a PU and several SUs forms a cognitive radio network (CRN).In a network of cognitive radios, it is obvious that the detection of PU can be made more reliable by providing cooperation amongst SUs.This is cooperative spectrum sensing (CSS) approach [4].There are various types of cooperative sensing methods like centralized, distributed, and relay-assisted cooperative spectrum sensing.Centralized cooperative spectrum sensing consists of a fusion center (FC), which gathers information from all the SUs and makes a hypothesis on the presence or absence of PU.
The objectives of a cognitive radio are efficient use of spectrum along with highly reliable communication.To meet these objectives, the CR must sense the spectrum to find opportunities.The CR can employ various signal processing techniques such as feature detection, energy detection (ED), and cyclostationary approach to detect the PU [5].
Though cooperative sensing performed by several users has the advantage of providing a more reliable decision about the PU, there is also the disadvantage of presence of malicious secondary users (MSUs).In the spectrum sensing process, an MSU can alter the cooperative decision by transmitting false signal leading to incorrect decision of presence of PU.Such attacks are known as spectrum sensing data falsification (SSDF) attacks [6], leading to Byzantine failure.
Various types of SSDF attacks are analyzed for a CR network (CRN) in the literature which include selfish SSDF, interference SSDF, and confusing SSDF [6].The first type of attack is the selfish SSDF or "always yes" attack.In this attack, an MSU continuously transmits a signal indicating that PU is present and then uses the spectrum without letting other SUs to use it.In an interference SSDF or "always no" attack, an MSU continuously transmits a low energy signal indicating the absence of a PU.In this case, other SUs start using the spectrum and cause interference to the PU when the PU is on.Similarly, in case of a confusing SSDF attack, the MSU confuses other SUs by indicating the presence or absence of PU with certain probability.
Malicious user detection is addressed in [7] in which the authors use outlier-detection schemes.These schemes assign outlier factors to SUs using biweight and biweight scale method which are recursive methods to suppress the outliers.The performance is compared using plots of additional probability of false alarm versus additional probability of missdetection.In [8], Grubb's methods I and II along with Dixon's test are analyzed, for "always yes" SSDF attack in order to remove MSUs.The authors have shown that Dixon's test performs better for removal a single MSU; however, it cannot remove more than one MSU.The analysis is performed by plotting the receiver operating characteristics (ROC).In [9], removal of multiple outliers is addressed using Tietjen-Moore (TM) test [10] and Shapiro-Wilk (SW) test.The TM test is an extension of Grubb's test for multiple outlier detection.In [11], the authors address removal of MSUs using a weighted adaptive algorithm in which weights are assigned to all the SUs and iteratively updated.It shown that this algorithm performs better than the one in [7].
An improved energy detector (IED) or a -norm detector for cognitive radios is proposed in [12] and it is shown to perform better than the standard ED for various values of .The test statistic (TS) is the summation of th power of received values and the probability density function (pdf) of the TS is approximated as Gamma pdf.-norm detector is used in CRN in the following papers: [13] analyzes the performance of diversity systems and provides closed-form expressions; in [14], performance of CSS is analyzed with -norm detector and optimal number of SUs is found out; in [15], the authors have combined -norm detector with another improved energy detector and analyzed the performance on generalized -] fading channel.
In this paper, a CRN with interweave mode of operation is considered in the presence of some SUs and MSUs.In the interweave mode of operation, the SU opportunistically uses the spectrum by detecting spectrum holes.The IEEE 802.22 standard [16] proposes the use of cognitive radios for rural broadband wireless access, and the PHY layer is based on OFDM/OFDMA.Since OFDM splits the entire spectrum into narrow band channels, each of which can be considered additive white Gaussian noise channel (AWGN), this paper assumes AWGN channel model.
The scenario considered is as follows: a cognitive radio network is considered which has one PU, some SUs, and MSUs.The number of MSUs is assumed a small percentage of the total number of SUs.This CRN employs CSS.All the SUs and MSUs sense the channel and transmit their quantized energy values to the FC.These energy values are th power of the received signal, where  is an arbitrary positive constant.At FC, one of the following algorithms is executed to suppress the MSUs: (1) TM test, (2) Peirce's criterion, and (3) adaptive weighing.After the removal of MSU data from the received energy values, the energy values are summed to form a global test statistic (TS).This global TS is compared with the threshold to make a decision on the PU.The following assumptions are made: (i) at FC, the energy values from SUs are combined to form a global TS which forms a random variable; (ii) the global TS is assumed to have either a Gamma or a Gaussian distribution and the threshold is calculated accordingly.The Gamma assumption of global TS follows [12].
In this paper, a unified performance analysis of MSU detection schemes is provided.Following is the summary: (i) closed expressions of probability of false alarm and probability of miss-detection are provided for MSU removal scheme which uses -norm detector using assumption of Gamma pdf of TS. (ii) It is observed that, in an SSDF attack, the Gaussian assumption suits the system better than the Gamma assumption.This is so since the -norm detector improves the performance of most of schemes while using the Gaussian assumption for TS, whereas use of Gamma assumption for TS does not improve performance of the norm detector.(iii) In the entire set of observations, it is seen that TM test performs equally well as the adaptive weighing algorithm, whereas Peirce's criterion performs worse than both of these for suppression of multiple malicious users.
The paper is organized as follows.Section 2 describes the system model of CRN.In Section 3, the algorithms for MSU suppression are described.Section 4 describes the observations and results and Section 5 provides the conclusions.

System Model
A CRN with a PU,  SUs, and an FC is considered. SUs cooperate amongst each other.It is assumed that, out of  SUs,  users are malicious where  ≫ M. All SUs sense the presence of PU based on the received signal at SU and send their quantized estimates of signal energy to the FC through error-free control channels.The FC takes a decision on whether the primary is present or not based on these received signal values.The channels between PU and SU are assumed to be AWGN.The presence or absence of a PU is a hypothesis testing problem.Hypothesis H 0 corresponds to the absence of PU, whereas hypothesis or outcome H 1 corresponds to the presence of PU.

Processing at SU. The corresponding signals at any SU are given as follows:
H 0 :   () =   () ,  = 1, . . ., ; In ( 1),   () is the received signal at each SU.  () is additive white Gaussian noise (AWGN) with zero mean and variance  2  .In the absence of the primary signal, only noise is received.  () is the PU signal which is assumed to be Gaussian with zero mean and variance  2  .Hence, the average signal-tonoise ratio is snr =  2  / 2  .At each of the SU after sampling the signal,  samples are used to estimate the PU signal.This forms the local TS using a -norm detector.At th SU, the local TS is formed in the following way: In ( 2),  is an arbitrary positive constant [12].It should be noted that  = 2 corresponds to the standard ED.

Processing at FC.
At the FC, the quantized energy values from all SUs first filtered using an algorithm for MSU suppression and then are combined using either equal gain combining (EGC) or weighted combining to create a global TS.The global TS is described in the next section.In case of a standard ED, the statistics of   in (2) are computed in [17] as normal distribution.However, in the case of a norm detector, the pdf of   is approximate.In [12], this pdf is approximated by a Gamma distribution whose mean and variance are computed.When  ≫ 1, CLT assumption can be invoked and the Gaussian distribution is used to approximate this pdf in [13].
In this paper, we assume   to be a Gamma random variable whose mean and variance are given by the following [12]: ) ; under H 0 and under H 1 .In ( 3) and ( 4), snr is the average SNR.2) is compared with threshold  in order to detect the presence of PU.The important metrics for any hypothesis testing problem are

Related Definitions. The local TS in (
In ( 5), the probability of false alarm (  ) is defined, whereas (6) defines probability of miss-detection (  ).Probability of detection (  ) is defined by (7).

Algorithms for MSU Suppression
At the FC, algorithms for MSU suppression fall into the category of nonadaptive and adaptive algorithms, some of which are described below.

Nonadaptive Algorithms.
In this case, at FC, all of the SSDF attacks are considered as an outlier-detection problem, since the energy of the MSU is extremely higher/lower than that of the SU as assumed in [6][7][8].Outlier detection is also a hypothesis testing problem where the null hypothesis is absence of any outlier and the alternative hypothesis is the presence of one or more outliers.Two algorithms are considered, namely, Peirce's criterion and the TM test which are described below.

Peirce's Criterion.
Peirce's criterion [18] has been used to eliminate the outlier data and does not make any assumptions on significance level as in other tests.The decision is taken based on the number of MSUs and total number of users.To eliminate the outlier values for data set  1 ,  2 , . . .,   , the following operations are performed.Initially, the mean and standard deviation of the data set are calculated. represents ratio maximum allowable deviation of a measured value from data mean value to the standard deviation.Hence,  = |  −   | max /, where   is mean of data. is obtained from a table provided by Peirce [18] assuming a single doubtful observation (or assuming a single outlier initially, though there can be more).Following this, maximum allowable deviation The above steps are repeated assuming two outliers, assuming original mean, standard deviation, and number of measurements.The calculations are repeated by increasing the number of outliers, until no more data measurements need to be eliminated.Tietjen and Moore in [10] and it is an iterative implementation of Grubb's test.It consists of two Grubb-type statistics: one to address removal of upper and lower outliers and the other to address removal of bidirectional outliers.Consider data set  1 ,  2 , . . .,   and order it according to increasing values.Assuming that the Wireless Communications and Mobile Computing number of outliers in the data set is estimated and denoted by , the first statistic for calculating upper outliers is given by

TM Test. TM test was proposed by
where   = ∑ − =1   /( − ) and  is the mean of the full sample.Similarly, the TS for calculating lower outliers is where  *  = ∑  =+1   /( − ).For a prefixed significance value, the critical value (CV) is obtained from the table in [10].If  , < CV,  data values are upper outliers and are eliminated from the data set.Similarly, if  , < CV,  data values are lower outliers and are eliminated from the data set.Hence, a single test is needed to eliminate all outliers simultaneously without the need of repetition.

Global Test Statistic.
The global TS at FC for the nonadaptive algorithms is formed by using EGC in the following manner: where   is defined in (2).

Adaptive Weighing Algorithm Using Standard ED.
A particular algorithm [11] is considered in which MSU suppression is addressed by assigning an adaptive weight to each of the SU.The algorithm is described here.The local TS used, calculated at each SU, has a central Chi-square distribution under H 0 and noncentral Chi-square pdf under H 1 .The mean and variance of this local TS are given in [17].The weighted or global TS is given by In (12),  denotes iteration index and  , denotes the weight applied to each of the SU and  ,, is given in (11).Hypothesis testing is performed by comparing Z with threshold  0,c .Each weight is  , = ( , ), where  is monotonically decreasing function and assumed as a raised cosine function.Initial value of  , is set to 0 and it increases to unity for MSUs as the algorithm proceeds, indicating a loss of credibility.Accordingly, the weight is calculated using  function.At FC, Z is assumed to have a Gaussian pdf.The mean and variance of Z depend on the weighing factors.Closed-form expression for threshold and probability of false alarm and probability of miss-detection are provided in [11] which are given below: , ( 0, ) =  ( ( 0, −  0, )    0, ) , ( 14) In ( 14),   is the factor arising out of weighted combining. 0, and  0, are mean and variance of the Gaussian random variable (r.v.)  ,, .These are expressed as follows: under H 0 and under H 1 [11].

Adaptive Weighing Algorithm Using 𝑝-Norm Detector (A) Gamma Assumption of the Global Test Statistic. 𝑝-norm
detector in ( 2) is used along the adaptive weighing scheme in order to perform the suppression of MSUs.As described in the system model, the quantized data sent by each SU to FC is modeled as Gamma r.v. with mean and variance in (3) and ( 4).The effect of quantization is neglected for computing mean and variance.In case of the adaptive weighing scheme, this data is weighted using the combining scheme and the global TS is It is shown, in [11], that weights  , converge to unity for all the honest SUs and converge to zero for MSUs.Hence, EGC assumption can be used.Apart from that, we also assume that all energy values are i.i.d Gamma r.v.s.The independence assumption is justified since the sources of energy are independent.Hence, using result of Moschopoulos [19], we conclude that Z , for  ≫ , has a Gamma pdf whose mean and variance are given by ) ; under H 0 and under H 1 .In this case, assuming the threshold as  01 ,   in ( 5) is expressed as ) . ( In ( 21), Γ(, ) is the upper incomplete Gamma function [20].The proof of ( 21) is provided in Appendix.The threshold from ( 21) is where   is a fixed value decided by the system requirement.
Similarly, the probability of miss-detection defined in ( 6) is given by ) . ( The proof of ( 23) is provided in Appendix.

Observations and Discussion
Monte Carlo simulations are performed for a CRN using CSS considering  = 40 SUs and  = 3 malicious users.A random input signal with BPSK modulation is considered and an "always yes" attack is assumed.The average SNR (snr) varies in the range −16 to −4 dB.The number of samples used for detection is fixed to  = 40.The probability of false alarm is fixed to   = 0.01 for some of the simulations.The data sent by SUs to FC is quantized to 8 bits.For various simulations, the value of  is considered in the range 2 ≤  ≤ 6, where  = 2 corresponds to the standard ED.Though [12] does not provide any maximum value , in the simulations in [12], maximum of  = 10 is used.Further, the Monte Carlo simulations are compared with theoretical results which are derived in ( 21) and (23).
Figure 1 shows the plot of SNR versus   with a Gaussian assumption of global TS and using a standard ED as well as IED with a fixed   = 0.01.For any , it is observed that the TM test and the adaptive weighing method of MSU suppression perform better and are almost close to the theoretical   in [11], whereas Peirce's criterion performs slightly worse than the adaptive weighing and TM test.Hence, with Gaussian pdf assumption, the -norm detector performs better with respect to a standard ED.
Figure 2 shows the comparative performance of SNR versus   for a CRN with 3 MSUs with  = 2, 3 and fixed   = 0.01 using Gamma assumption for of global TS.Similar to the Gaussian assumption, in this case too, the TM test and adaptive method perform close to theoretical   derived in (23).For the adaptive weighing algorithm as well as statistical tests, the corresponding plots for  = 2 lie below that of  = 3 indicating that, in case of Gamma pdf assumption of global TS, standard ED performs better than -norm detector.This can be attributed to the fact that the input energy values of the FC consists of certain outliers making the Gaussian  assumption of global TS more appropriate than the Gamma assumption.
An ROC is a plot of   versus   and indicates the performance of any detection scheme.An ROC curve of any good detection scheme should lie above  =  line.Gaussian assumption, -norm detector performs better when compared with standard ED for most cases.The TM test and adaptive method perform well and are close to the theoretical curve.The standard ED performs better for Peirce's criterion with Gaussian assumption.Figure 4 plots the ROC curve for the same parameters as before and with a Gamma pdf assumption of global TS.However, with the Gamma assumption, it is observed that  standard ED performs better than -norm detector ( = 3) for all the algorithms except for the Peirce's criterion.
It is observed that when the Gaussian assumption is used for the global TS, the performance of the system improves as  increases from two to three, whereas, for  > 3, the performance of the system starts reducing.This is also observed from Figure 5 in which  = 2 to 6 are considered.It is seen that the maximum value of  for which   is maximized is  = 3.It should be noted that  = 2 corresponds to a standard ED.
Figure 6 plots the ROC curves for the Gamma and Gaussian pdf assumption of global TS using the theoretical formula for low values of probability of false alarm, that is, for   ≤ 0.11 which are to be used in practice [21].The IEEE 802.22 standards have given the sensing requirements on   and   which are   ≤ 0.1 and   ≥ 0.9 [21].It is observed that -norm detector gives a better probability of detection only when the Gaussian assumption of global TS is invoked for computation of threshold.If Gamma distribution is assumed in the threshold computation, then the standard energy detector performs better.Similarly, using Gaussian assumption of global TS,  = 3 gives the best performance for practical values of   .

Conclusion
In this paper, a CRN with CSS was considered which consisted of multiple malicious users capable of perpetrating SSDF attacks.In such a scenario, the problem of malicious user suppression was dealt with.Either of these algorithms, namely, Peirce's criterion or the TM test or an adaptive weighing algorithm, was used for the malicious user suppression which was preceded by either a standard or -norm ED.Closed-form expressions of probability of false alarm  and probability of miss-detection for the adaptive weighing algorithm with a -norm detector were computed under the assumption of a Gamma or Gaussian distribution of the test statistic.Performance comparison of these algorithms indicated that the Gaussian assumption for distribution of test statistic suited this setup as compared to the Gamma assumption in presence of an SSDF attack.Assuming a Gaussian distribution of test statistic, the performance improved as  is increased from two to three but degraded for higher values of .From the observations, we concluded that  = 3 with Gaussian assumption of the TS provided the best performance when various values of  were considered.In the entire set of observations, it was seen that TM test performs equally well as the adaptive weighing algorithm for suppression of multiple malicious users, whereas Peirce's criterion could not meet up with the performance.

Figure 2 :
Figure 2: Probability of miss-detection (  ) versus SNR for  = 3.  = 2 and 3 with fixed probability of false alarm (  ) = 0.01 and Gamma assumption of pdf of global TS.