Leveraging an Inventory of the Cognitive Radio Attack Surface

The cognitive radio is an emerging technology that holds great promise due to its adaptive nature and ability to exploit the advantages inherent to software defined radios (SDR). The cognitive radio´s potential to address spectrum access challenges resulting from an exponential increase in the number of network devices will make it a leading technology of the next decade. For this reason, it is imperative to investigate the security considerations of the cognitive radio in its infancy rather than attempt to address them at maturity. Though research in the vulnerabilities of cognitive radio exists, few explore the threat vectors against both the cognitive engine and the underlying SDR infrastructure within which it operates. This paper takes such a holistic approach, and then further contributes to the research area by offering three misuse cases that portray how the vulnerabilities discussed could be exploited. These cases visualize the risk environment based on a denial of service, an advanced persistent threat, and an insider threat and will allow for security practitioners to anticipate how their organizations may be impacted. Moreover, by introducing a simulation of the threat one can use existing principles to analyze its prosecution (i.e. attack graphs, evidence graphs, etc.).