Privacy-Preserving Location Proof for Securing Large-Scale Database-Driven Cognitive Radio Networks

摘要

The latest Federal Communications Commission (FCC) ruling has enforced database-driven cognitive radio networks (CRNs), in which all secondary users (SUs) can query a database to obtain spectrum availability information (SAI). Database-driven CRNs are regarded as a promising approach for dynamic and highly efficient spectrum management paradigm for large-scale Internet of Things (IoT). However, as a typical location-based service (LBS), before providing services to the user, there is no verification of the queried location, which is very vulnerable to location spoofing attack. A malicious user can report a fake location to the database and access the channels that may not be available for its location. This will introduce serious interference to the primary users (PUs). In this study, we identify a new kind of attack coined as location cheating attack, which allows an attacker to spoof other users to another location and make them query the database with wrong location, or allows a malicious user to forge location arbitrarily and query the database for services. To thwart this attack, we propose a novel infrastructure-based approach that relies on the existing WiFi or cellular network access points (or AP) to provide privacy-preserving location proof. With the proposed solution, the database can verify the locations without knowing the user’s accurate location. We perform comprehensive experiments to evaluate the performance of the proposed approach. Experimental results show that our approach, besides providing location proofs effectively, can significantly improve the user’s location privacy.