Quickest detection of denial-of-service attacks in cognitive wireless networks

Many denial-of-service (DOS) attacks in wireless networks, such as jamming, will cause significant performance degradation to the network and thus need to be detected quickly. This becomes more important in a cognitive wireless network employing dynamic spectrum access (DSA), where it is easier for the attackers to launch DOS attacks. For instance, the attackers may pretend to be a licensed primary user, and carry out the primary user emulation (PUE) attacks. The attackers may also explore the spectrum themselves, and conduct smart jamming. These attacks usually happen at unknown time and are unpredictable due to the lack of prior knowledge of the attackers. It is also observed that the statistical property of the resulted paths from multipath routing will have abrupt change when the attack happens. Hence, in this paper, we formulate the detection of DOS attacks as a quickest detection problem, i.e., detect the abrupt changes in distributions of certain observables at the network layer with minimum detection delay, while maintaining a given low false alarm probability. Specifically, we propose a non-parametric version of the Pages cumulative sum (CUSUM) algorithm to minimize the detection delay so that a network manager may react to the event as soon as possible to mitigate the effect of the attacks. Simulation results using a Spectrum-Aware Split Multipath Routing with dynamic channel assignment as a baseline routing protocol demonstrate the effectiveness of the proposed approach.