Cognitive Self-securing Networks

Advances in analytical, computing, and wireless network technologies are transforming networks into cognitive networks. These networks provide the opportunity to broadly improve security and protection for network security architecture, but security concerns will play a critical role in the rate of adoption and network security design.   According to Rong et al. (2013), factors such as network resilience, data authentication, access control, and privacy are considered foundational design requirements. These requirements apply to diverse wireless protocols, devices and network designs that are evolving with technologies such as Internet of Things (IoT).

Overview Cognitive Wireless Networks

Intelligent networks (IN) originally evolved to serve network and other communications infrastructure providers (Garrahan, Russo, Kitami, & Kung, 1993).  Over time, specific IN designs such as cognitive radio demonstrated the future of IN. For example, Mitola (2000) outlined an approach that employed software-defined cognitive radio architecture based on data mining, knowledge discovery, and natural language processing. Cognitive radio could be used for many uses such as resource management and network monitoring. Other research extended cognitive radio to cognitive networks that utilized transceivers to monitor communications channels for traffic and switch channels as needed to maintain secure communications (Clancy & Goergen, 2008). Transceivers and other hardware and software agents extend the ability to provide complex and consistent services required to deliver secure and reliable network services (Mitola, 2000). Cognitive networks hold the potential of transforming basic wireless networking security requirements into strong robust network security, but the technologies are still evolving.

Example

A cognitively aware network enhances user tasks and other functions across an information system domain.  A use may perform a single task while traveling and using multiple networks.  The shift in networks does not interrupt work and maintains user services.  With further technological advances, a cognitive network could theoretically anticipate typical user behaviors and suspicious user behaviors. An end-user would enjoy the convenience of airport delay updates or traffic routing to reduce commute-time, but an end-user would expect some control over the communications flow and would desire assurance of secure and authentic communications. Further, an end user would expect issues of privacy such as unwarranted intrusion, unlawful monitoring, or other invasions of privacy to be non-issues.

Cognitive radio---an integrated agent architecture for software defined radio

Figure 1.  Retrieved from “Cognitive Radio—An Integrated Agent Architecture for Software Defined Radio (Dissertation),” by J. Mitola, 2000.

Cognitive radio---an integrated agent architecture for software defined radio

Figure 2. Retrieved from “Cognitive Radio—An Integrated Agent Architecture for Software Defined Radio (Dissertation),” by J. Mitola, 2000.

Unknown Threat Landscape

Cognitive networks introduce a new generation of threats and vulnerabilities, which exist at a diversity of boundaries.  These boundaries include human behaviors, societal norms and beliefs,  as well as technologies (Clancy & Goergen, 2008).  Figure 3 below highlights the intersection of how threats could exist at the intersection of human and technology boundaries.  A sensor component within a cognitive network could have issues discerning its expected role from the diversity of human actions.  Part of these issues would likely stem from lack of applying appropriate context.  The wrong context could enable a threat rather than provide protection.

Security in Cognitive Radio Networks: Threats and Mitigation

Figure 3. Retrieved from “Security in Cognitive Radio Networks: Threats and Mitigation,” by T. Clancy & N. Goergen, 2008, In Cognitive Radio Oriented Wireless Networks and Communications, 3rd International Conference on (pp. 1-8). IEEE.

Figure 4 illustrates an example reasoning architecture where data is collected, mined and applied. This type of architecture could be dangerous if an attacker could manipulate the system. While attacks such as data theft are well-known and a cognitive system could be a high-value target, what is less understood is how an attacker could manipulate reasoning architectures for exploitation. Reasoning architecture refers to the mechanisms and tools associated with data collection, storage, processing, analysis, and utilization (Liao, Chu, P& Hsiao, 2012). Potential exploits could range from fraud to mass deception or other security incidents.

Security in Cognitive Radio Networks: Threats and Mitigation

Figure 4. Retrieved from “Security in Cognitive Radio Networks: Threats and Mitigation,” by T. Clancy & N. Goergen, 2008, In Cognitive Radio Oriented Wireless Networks and Communications, 3rd International Conference on (pp. 1-8). IEEE.

Assumptions Concerning Threats

Clancy and Goergen (2008) outlined the following assumptions concerning threats:

  • Always assume inputs are subject to manipulation
  • Faulty inputs to system could lead to systemic reasoning manipulation
  • Manipulated reasoning could be disseminated through a network
  • Erroneous or malicious actions could be distributed through the network
    • This could also include ill-gotten gain such as freeing up a particular communications channel for use.

Threat Mitigations and Security Considerations

Mitigation for potential attacks against an intelligent system includes use of traditional security measures such as filtering network traffic and monitoring for suspicious activity (Vacca, 2013).  In addition, cognitive networks also require additional measures such as ongoing training with a diversity of sensory input.  Another measure is hardening protocols for the creation, adaption, deployment, and deletion of reasoning rules.  Rules should be highly protected since rules provide the foundation for consistent behavior.  Even if rules have self-adjusting behaviors, there should be thresholds and other protections that prevent inappropriate adjustment such as self-deletion or manipulations.

Sensors in cognitive networks also require security configurations to provide endpoint security such as self-policing to ensure endpoint integrity and data processing integrity and performance.  Further, sensors require use of advanced mathematical models such as particle swarm optimization (PSO) to enable network sensors to adaptively identify security best practices and adapt to a related grid of active and potentially connected sensors (Kulkarni & Venayagamoorthy, 2011).  Security design must be sufficiently advanced to address traditional security risks such as endpoint compromise and protect newer technologies such as grid analytics and responsiveness.

References:

Clancy, T. C., & Goergen, N. (2008, May). Security in cognitive radio networks: Threats and mitigation. In Cognitive Radio Oriented Wireless Networks and Communications, 2008. CrownCom 2008. 3rd International Conference on (pp. 1-8). IEEE.

Fitzek, F. H., & Katz, M. D. (Eds.). (2007). Cognitive wireless networks: concepts, methodologies and visions inspiring the age of enlightenment of wireless communications. Springer Science & Business Media.

Garrahan, J. J., Russo, P. A., Kitami, K., & Kung, R. (1993). Intelligent Network Overview. IEEE Communications Magazine. Retrieved from https://www.researchgate.net/profile/Kenichi_Kitami/publication/3195132_Intelliaent_Network_Overview/links/572b36d408aef5d48d3273c1.pdf

Kulkarni, R. V., & Venayagamoorthy, G. K. (2011). Particle swarm optimization in wireless-sensor networks: A brief survey. IEEE Transactions on Systems, Man, and Cybernetics, Part C (Applications and Reviews)41(2), 262-267.

Liao, S. H., Chu, P. H., & Hsiao, P. Y. (2012). Data mining techniques and applications–A decade review from 2000 to 2011. Expert systems with applications39(12), 11303-11311.

Mitola, J. (2000). Cognitive radio—an integrated agent architecture for software defined radio (Dissertation). Retrieved from https://web.archive.org/web/20120917062752/http://web.it.kth.se/~maguire/jmitola/Mitola_Dissertation8_Integrated.pdf

Rong, C. (2013). Wireless network security. In G. Zhao, L. Yan, E. Cayirice, & H. Cheng (Authors) & J. Vacca (Ed.), Computer and Information Security Handbook (Second Edition) (pp. 285-300). Waltham, MA: Morgan Kaufmann.

Vacca, J. R. (2013). Computer and information security handbook (Second ed.). Amsterdam: Elsevier.