Privacy-Preserving and Post-Quantum Counter Denial of Service Framework for Wireless Networks

TL;DR

This paper introduces PACDoSQ, a novel framework that ensures privacy, anonymity, and resistance to DoS attacks in spectrum management systems, even against quantum computer threats, by combining multiple cryptographic techniques.

Contribution

It presents the first holistic solution integrating post-quantum security, privacy, and DoS resistance for spectrum management systems.

Findings

PACDoSQ guarantees location privacy and anonymity.

The framework resists DoS attacks effectively.

Performance evaluation confirms feasibility and security.

Abstract

As network services progress and mobile and IoT environments expand, numerous security concerns have surfaced for spectrum access systems. The omnipresent risk of Denial-of-Service (DoS) attacks and raising concerns about user privacy (e.g., location privacy, anonymity) are among such cyber threats. These security and privacy risks increase due to the threat of quantum computers that can compromise long-term security by circumventing conventional cryptosystems and increasing the cost of countermeasures. While some defense mechanisms exist against these threats in isolation, there is a significant gap in the state of the art on a holistic solution against DoS attacks with privacy and anonymity for spectrum management systems, especially when post-quantum (PQ) security is in mind. In this paper, we propose a new cybersecurity framework PACDoSQ, which is (to the best of our knowledge) the first to offer location privacy and anonymity for spectrum management with counter DoS and PQ security simultaneously. Our solution introduces the private spectrum bastion (database) concept to exploit existing architectural features of spectrum management systems and then synergizes them with multi-server private information retrieval and PQ-secure Tor to guarantee a location-private and anonymous acquisition of spectrum information together with hash-based client-server puzzles for counter DoS. We prove that PACDoSQ achieves its security objectives, and show its feasibility via a comprehensive performance evaluation.