Database-driven cognitive radio networks (DB-CRNs) enable dynamic spectrum sharing through geolocation databases but introduce critical security and privacy challenges, including mandatory location disclosure, susceptibility to location spoofing, and denial-of-service (DoS) attacks on centralized services. Existing approaches address these issues in isolation and lack a unified, regulation-compliant solution under realistic adversarial conditions. In this work, we present a unified security framework for DB-CRNs that simultaneously provides location privacy, user anonymity, verifiable location, and DoS resilience. Our framework, denoted as SLAPX, enables privacy-preserving spectrum queries using delegatable anonymous credentials, supports adaptive location verification without revealing precise user location, and mitigates DoS attacks through verifiable delay functions (VDFs) combined with RLRS-based rate limiting. Extensive cryptographic benchmarking and network simulations demonstrate that SLAPX achieves significantly lower latency and communication overhead than existing solutions while effectively resisting location spoofing and DoS attacks. These results show that SLAPX is practical and well-suited for secure next-generation DB-CRN deployments.
翻译:数据库驱动的认知无线电网络通过地理定位数据库实现动态频谱共享,但也引入了关键的安全与隐私挑战,包括强制性的位置披露、易受位置欺骗攻击,以及对集中式服务的拒绝服务攻击。现有方法孤立地处理这些问题,缺乏在现实对抗条件下统一且符合监管要求的解决方案。本研究提出一个针对DB-CRN的统一安全框架,该框架同时提供位置隐私、用户匿名性、可验证位置和DoS攻击弹性。我们的框架(命名为SLAPX)利用可委托匿名凭证实现隐私保护的频谱查询,支持在不暴露精确用户位置情况下的自适应位置验证,并通过可验证延迟函数结合基于RLRS的速率限制来缓解DoS攻击。大量的密码学基准测试和网络仿真表明,SLAPX在有效抵抗位置欺骗和DoS攻击的同时,实现了比现有方案显著更低的延迟和通信开销。这些结果表明SLAPX具有实用性,非常适合用于安全的下一代DB-CRN部署。