Defense against SSDF Attack and PUE Attack in CR-Internet of Vehicles (IoVs) for Millimeter Wave Massive MIMO Beamforming Systems

Abstract

The Internet of Vehicles (IoV) is witnessed to play the leading role in the future of Intelligent Transportation Systems (ITS). Though many works have focused on IoV improvement, there is still a lack of performance due to insufficient spectrum availability, lower data rates, and the involvement of attackers. This paper considers all three issues by developing a novel mmWave-assisted Cognitive Radio based IoV (CR-IoV) model. The integration of CR in IoV resolves the issue of spectrum management, while mmWave technology ensures symmetry in acquiring higher data rates for Secondary Users (SUs). With the proposed mmWave-assisted CR-IoV model, symmetric improvements in network performance were achieved in three main areas: security, beamforming, and routing. Optimum detection mechanisms isolate malicious Secondary Users (SUs) in the overall network. First, Spectrum Sensing Data Falsification (SSDF) attack is detected by a Hybrid Kernel-based Support Vector Machine (HK-SVM), which is the lightweight Machine Learning (ML) technique. Then, the Primary User Emulation (PUE) attack is detected by a hybrid approach, namely the Fang Algorithm-based Time Difference of Arrival (FA-TDoA) method. Further, security is assured by validating the legitimacy of each SU through a Lightweight ID-based Certificate Validation mechanism. To accomplish this, we employed the Four Q-curve asymmetric cryptographic algorithm. Overall, the proposed dual-step security provisioning approach assures that the network is free from attackers. Next, beamforming is performed for legitimate SUs by a 3D-Beamforming algorithm that relies on Array Factor (AF) and Beampattern Function. Finally, routing is enabled by formulating Forwarding Zone (FZ) based on the forwarding angle. In the forwarding zone, optimal forwarders are selected by the Multi-Objective Whale Optimization (MOWO) algorithm. Here, a new potential score is formulated for fitness evaluation. Finally, the proposed mmWave-assisted CR-IoV model is validated through extensive simulations in the ns-3.26 simulation tool. The evaluation shows better performance in terms of throughput, packet delivery ratio, delay, bit error rate, and detection accuracy.

1. Introduction

Internet of Vehicles (IoV) is the growing network architecture that supports the Intelligent Transportation System (ITS) efficiently [1,2,3]. Specifically, IoV is the evolved form of the Vehicular Adhoc Network (VANET), which forms the network of intelligent vehicles [4]. Due to the increasing usage of the available spectrum, data transmission among IoV vehicles becomes challenging. On the other hand, Cognitive Radio (CR) is the intelligent radio technology that adapts the data transmission characteristics based on the current network conditions [5,6]. In CRN, the unlicensed users are often known as Secondary Users (SUs) and the licensed users are known as Primary Users (PUs). Mainly, Cognitive Radio Network (CRN) allows unlicensed users to use licensed spectrum if the spectrum is available. As CRN is the best solution to manage spectrum effectually, CRN is integrated with IoV to make it CR-IoV [7,8]. The integrated CR-IoV achieves better data rates and transmission efficiency. In recent times, Millimeter Wave (mmWave) communication is expected to meet the huge capacity requirements of future Internet of Things (IoT), 5G, and IoV applications [9,10]. It is also capable of functioning with CRN networks for attaining better data transmission efficiencies [11].

In CR-IoV, security is the major concern because of the involvement of various attackers [12]. In particular, CR-based attacks are more harmful since most of the attacks affect spectrum sensing and accessing. With the improper spectrum sensing results, the spectrum utilization will be degraded. The most common attacks in CR-IoV are Spectrum Sensing Data Falsification (SSDF) attacks and Primary User Emulation (PUE) attacks [13,14]. In the SSDF attack, the attacker attempts to send false sensing reports on the PU absence to the fusion center (FC) or cognitive base station (CBS) [15]. With the false sensing reports, CBS tends to make a wrong decision on the presence of PU. In sum, the SSDF attack severely affects spectrum sensing reliability, further affecting spectrum utilization. In the PUE attack, the attacker mimics the PU behavior to obscure the legitimate SUs [16]. In the presence of a PUE attacker, the SUs vacate the available spectrum since the attacker behaves like PU. Due to the PUE attack, the SUs are vetoed from accessing the available spectrum. For SSDF detection and mitigation, Machine Learning (ML) algorithms have been utilized widely. For instance, Multi-Layer Perceptron (MLP) neural network detects the SSDF attackers based on the behavior and isolates the attackers from the network [17]. An effective response to dynamic security attacks can be achieved through the use of symmetry-adapted machine learning [18]. In ML-based methods, the hyperparameter setting is the major issue that leads to inaccurate attack detection. For PUE detection, localization methods play a pivotal role [19]. The localization methods determine the accurate location of the signal source and then compare the location with the original location in order to detect the PUE attack accurately. In addition, trust-based methods are also proposed for detecting PUE attacks in CR-based networks [20]. However, slight variations or errors in the localization affect the entire detection process, while trust-based methods have low attack detection accuracy. Thus, PUE attack detection still needs better attention to improve accuracy.

In mmWave-based CR-IoV, beamforming is the additional issue along with the security [21,22]. A symmetry-based hybrid precoder and combiner is an efficient signal processing structure for Non-Orthogonal Multiple Access (NOMA) systems at millimeter wavelengths (mmWave) [23]. Though mmWave achieves better capacity and efficiency, it also demands optimal beamforming and alignment. In mmWave-based massive Multiple-Input-Multiple-Output (MIMO) systems, beamforming techniques make the signal from MIMO as focusing towards the particular receiving device, i.e., vehicles. For beamforming, the position of the receiver, i.e., the vehicle, is essential, which can be determined as 3D positioning [24]. Optimal beamforming results in a higher data rate and improved data transmission efficiency. In addition, optimal route selection also helps in improving data transmission efficiency in mmWave-assisted CR-IoV. Routing in IoV is performed by using conventional AODV, DSR, OLSR, etc. [25] and by using optimization algorithms [26], ML techniques [27] and so on. In all approaches, the main issue is the mobility of vehicles. Mostly, the vehicles dynamically move in any direction of the road, which causes frequent route changes. Therefore, in mmWave-assisted CR-IoV, we need to concentrate on three significant aspects: security, beamforming and routing. Optimizing IoV in these three aspects improves the overall performance of the system.

1.1. Motivation

In IoV, huge challenges need to be addressed. The primary motivation behind this work is to resolve the existing research issues of IoV. The significant challenges are unreliable data delivery, poor scalability, dynamic topologies and dynamic spectrum availability. Each challenge requires a different solution to resolve it. However, the recent research growth in the IoV and IoT fields solves these challenges. Primarily, CR and mmWave are the two major solutions for resolving the IoV issues. On the other hand, integrated IoV architecture is vulnerable to security threats or attacks that affect the overall performance of the system. Motivated by this fact, this research work designs a novel integrated IoV architecture with CR and mmWave technologies along with security solutions. The major aim of the proposed IoV design is to enhance overall performance by incorporating optimal processes. In order to achieve this goal, the following contributions are made to this work.

• A novel mmWave-assisted CR-IoV architecture is designed with the required level of security. In the proposed architecture, communication is optimized by using 5G technology. Further, the overall performance of the system is improved in three aspects such as security, beamforming and routing.
• Security is attained by detecting and mitigating two major attacks such as SSDF and PUE attacks. SSDF mitigation is enabled by a modified ML algorithm, namely the Hybrid Kernel Support Vector Machine (HK-SVM) algorithm. The proposed HK-SVM classifies the SSDF attackers accurately by analyzing the sensing reports. PUE attack is detected based on an accurate hybrid localization approach, namely Fang Algorithm enabled Time Different of Arrival (FA-TDoA) position location system. Isolation of SSDF and PUE attackers in the network assures the required level of security.
• A lightweight ID-based Certificate Validation (LID-CV) procedure is proposed to assure the legitimacy of all SUs. Thus, the available spectrum can only be utilized by legitimate SUs.
• For optimal beamforming, Beampattern Function (BPF) is computed in terms of the 3D position of the SUs, i.e., vehicles in the mmWave-assisted CR-IoV system. The BPF is computed as the function of the Array Factor (AF) of the massive MIMO antenna.
• To enable optimal routing, Forwarding Zone (FZ) enabled Multi-Objective Whale Optimization (MOWO) algorithm is proposed. The proposed FZ-MOWO algorithm uses a novel fitness function, namely Potential Score, to select an optimal route for data transmission.

1.2. Paper Layout

The rest of this paper is organized as follows: Section 2 reviews significant existing works carried out in the literature, and the research gap is highlighted. In Section 3, the overall problem statement is described, which is going to be resolved by the proposed work. In Section 4, the proposed mmWave-assisted CR-IoV model is explained in detail. Section 5 evaluates the performance of the proposed work based on significant simulations. In Section 6, we conclude our contribution and highlight future research directions.

2. Related Works

In this section, the significant prior research works have been reviewed, and the research gap is highlighted.

2.1. SSDF and PUE Attack Detection

An SSDF attack can also be predicted by exploiting frequency and ordering properties [28]. Malicious nodes in the cognitive radio network send the falsified results to the fusion center. Temporal data collected at the fusion center in the form of the sensing reports form a rich audit data set, which can be analyzed to identify the malicious nodes. In this work, anomaly detection techniques are used, which consist of two schemes. At first, the lightweight intrusion detection system is developed by using a frequency property scheme. Secondly, a hidden Markov chain model (HMM) is designed based on the ordering property of data. Here, HMM often has large unstructured parameters, which induce the false detection of the SSDF attacker node. A collaborative approach is used to mitigate the attacks in the cognitive radio networks [29]. Here, the considered attack is the SSDF attack which sends false sensing reports to the fusion center. The collaborative approach during the spectrum sensing process monitors the behavior of the sensing nodes and identifies the malicious and misbehaving sensing nodes. This method measures the reliability of the nodes using a unique value called a belief level. All the sensing nodes are grouped into a number of clusters in which each cluster has one cluster head. The cluster head analyzes the node’s behavior and judges the nodes. During sensing report exchange, there is a high chance for the reports to be affected by the attackers. An Agent-Assisted Defence System (AADS) is presented to jointly detect and mitigate SSDF and PUE attacks [30]. Here, an SSDF attack is detected by comparing the sensing report received from SUs and spectrum agent (SA), which is considered to be trusted. For PUE attack detection, the Received Signal Strength (RSS) based localization method is utilized. Finally, the communication in the network is encrypted by using a Hybrid Advanced Encryption Standard (HAES). Here, attack detection accuracy is poor since it only considers the sensing reports, but the node behavior is not considered. This leads to inaccurate detection since the sensing report may also be affected by the environmental condition, which is not yet considered in this work.

An energy-efficient localization mechanism based on channel parameters variance is proposed to mitigate the PUE attack in which primary user signal and others signal is distinguished [31]. The proposed algorithm comprises four steps: initialize, register, update and authentication. In the initialize phase, cognitive users initialize their level ID and sector ID. In the registration phase, users register their respective level ID, sector ID, location and node ID to the cognitive base station. In the update phase, moving primary user locations are updated in the location table. Finally, in the authentication phase spectrum requested node authentication key is verified. If its ID is not in the location table, that particular node is represented as a malicious node. Through the authentication procedure, the PUE attacker is detected and removed from the network. Here, authentication is performed based on the location which can be falsified by the attacker to access the network. A cooperative spectrum sensing performance improvement is achieved in the presence of a PUE attack [32]. Security is an important issue in the cognitive radio network because it affects the performance of sensing in the fusion center. In PUEA, a malicious attacker transmits the emulated primary user signal and defrauds the CR users to prevent them from accessing spectrum holes. PUE has the ability to transmit the signal in both vacant and occupied bands, which induces interference in the primary users. In this process, two important PUE parameters are estimated and then used to obtain the optimal voting rule for minimizing the global error probability. In this approach, distinguishing PUs and attackers is complex due to the poor location estimation process. The secondary user transmission data rate is maximized under miss detection and false alarm constraints to mitigate the primary user emulation attack [33]. This work introduces the spectrum access function that defines the new transmission rule to access the primary user spectrum based on measured energy. The optimal solution from the transmission rule is different from the classical rule, and it leads to better performance. PUE detection based on the static transmission rule is ineffective and inaccurate. Chaotic tag-based sequencing is used in cognitive radio networks to mitigate the PUE attack [34]. In this work, look-up table-based challenge sequences are used to monitor the cognitive base station and used as a defence against any primary user emulation attacker. This method ensures that all the attackers are suppressed, and for remaining attackers if any, it uses the chaotic tag-based communication system in which each secondary user request is sent like a chaotic noise sequence on the channel. The receiving entity decodes this sequence to obtain the signal communicated to an authorized transmitter. The overall work depends upon Bit Error Rate (BER) calculation which is inaccurate. The brief analysis shows that SSDF and PUE detection still need better approaches since the existing works have some limitations.

2.2. Beamforming

For optimal beamforming, position and orientation computation of MIMO is important. Estimating the position and orientation of 5G systems was established through the millimeter wave MIMO [35]. mmWave signals and massive MIMO systems are the future enabling technologies such as 5G networks. 5G networks provide high data rate communication, and potential advantages for accurate positioning are largely undiscovered. Here, the novel two-stage algorithm is introduced for position and rotation angle estimation. This algorithm is based on the multiple measurement vectors matching pursuit for coarse estimation, and the refinement stage is based on the space alternating generalized expectation maximization algorithm. However, position estimation in two-dimension (2D) is inaccurate since three-dimensional (3D) estimation provides a more accurate position of SU. A low complex hybrid beamforming and precoding processor is presented for 16 × 8 2D planar antenna array in mmWave system [36]. In this work, antenna selection is performed using a Maximum Ratio Combining (MRC) algorithm, which reduces the RF chains and baseband processing complexity. The optimal SVD precoder is used to select a basis vector with the highest correlation. The searching complexity is reduced using a slide window index selection-MIB-SOMP algorithm. Therefore, searching complexity is reduced, and hardware efficiency is increased to the original algorithm. At last, the proposed algorithm was implemented and designed using 90 nm CMOS technology. Usage of a 2D planar array limits the coverage of the massive MIMO to 120° sector in the azimuth angle. Beamforming and security are assured jointly with the use of Artificial Noise (AN) [37]. To improve the security of the secondary network, AN is used to mask the transmitting beamforming. In this, AN-aided transmit power of the information signal is minimized under secrecy rate constraint, harvested energy constraint and the total transmit power. To achieve secure transmission, the secondary transmitter employs transmit beamforming with AN, which acts as interference to the eavesdroppers and provides energy to the secondary users. To achieve the perfect Channel State Information (CSI), this paper proposes the Successive Convex Approximation (SCA) algorithm, which is an iterative algorithm. The addition of AN not only assures security but also degrades the signal quality, which is ineffectual in the secondary network. For antenna arrays with odd symmetry, two adaptive filtering algorithms are presented in [38]. Adaptive antenna arrays with the proposed algorithms perform better in steady-state while decreasing computational complexity.

Beamforming is performed in massive MIMO using a hybrid combination of analog and digital beamforming [39]. This process mitigates the problems of complexity and power consumption which are serious in higher super frequency and extremely high-frequency bands. This method evaluates the performance of the nonlinear block multi-diagonalization precoding, an intermediate solution between the conventional linear precoder and nonlinear precoder over an analog and digital hybrid beamforming constitution. The involvement of 2D beamforming limits the coverage of MIMO, which affects the beamforming performance. Beamforming is performed using the angular-based and power allocation framework in mmWave massive MIMO systems [40]. Many beamforming and power allocation schemes emerged to leverage the mmWave channel characteristics to enhance the sum capacity and coverage of multi-user transmissions. In this process, angular-based beamforming is used which requires the direction of arrival and direction of departure of the propagation channel. This method relies on the estimation of leakage caused by each user equipment (UE) on all other UEs from the Direction of Arrival (DoA) contributions. Here, angular-based beamforming is proposed in which the line of sight (LOS) channel is used. LOS is disturbed by an obstacle such as a building which decreases the efficiency of the beamforming. An effective multiuser transmission scheme in three-dimensional massive MIMO cellular systems with a full duplex base station is proposed [41]. In 3D massive MIMO cellular systems, a full duplex base station equips two separate large-scale uniform planar antenna arrays. This process introduces the 3D Multiuser Beam Space Transmission (MUBT) scheme that requires the spatial angular information of the users and the SI channel. Due to the reduced dimension property of the effective beams pace channel, the overhead for channel estimation is reduced. In this paper scheduling algorithm is proposed to enable the 3D MUBT scheme in the FD systems. In this work, two separate large-scale uniform planar antenna array is proposed, which is two-dimensional only so that the coverage area is limited.

2.3. Routing

Infrastructure-aided hybrid routing uses Road Side Unit (RSU) to help the vehicular nodes to select the idle channel and relay node [42]. The channel is selected using the Belief Propagation Algorithm (BPA), which aggregates the belief from the vehicles and RSU to make the final belief selection. The relay node is selected using the computation of message delivery time; it selects the neighbor node that has minimum message delivery time. This paper proposes a hybrid communication scheme in which two nodes communicate only when they have a consensus about the common idle channel. The major objective of this paper is to combine cognitive capabilities with routing techniques to overcome network connection issues and spectrum scarcity. If there is no common idle channel between RSU and the vehicle, then the vehicle needs to store and carry the packet until there is a common idle channel exist between them. This intern increases the transmission delay. Routing is performed in VANET by using Ant Colony Optimization (ACO) algorithm [43]. Based on the ACO algorithm, a traffic-aware position-based routing protocol is developed. This protocol is an enhanced version of the geographical source routing protocol. The ant-based algorithm is used to find the route that has optimum network connectivity. Vehicles are calculated as a weight for every street segment proportional to the network connectivity of that segment. To find the optimum route between the source and destination, the source vehicle determines the path on the street map with the minimum total weight for the complete route. In general, ACO has a higher convergence time which increases transmission delay.

During route selection, the trustworthiness of the SUs plays a pivotal role [44]. Incompletely predictable vehicular ad-hoc networks where vehicles move in a certain range or just in a particular tendency. A trustworthiness evaluation-based routing protocol is introduced to find the perfect route between the source and destination. In this protocol, the trustworthiness of each individual is calculated using the cloud depending on the attribute parameters uploaded by the corresponding vehicle. According to the results of the cloud, vehicles select appropriate forward nodes and complete the routing. Though consideration of trust value increases security level, it is insufficient to achieve better transmission efficiency. In VANET, routing is performed using spatial distribution-based connectivity aware routing protocol [45]. This protocol divides the street into multiple segments and aggregates the vehicle number and position distribution to access the connectivity quality of the segments. The proposed protocol evaluates the connectivity of the whole streets, in which shadowing of the overpasses is also taken into account if the street is multilevel. In this process, routing is performed using two modes, namely intersection mode and street mode. In intersection mode, when a vehicle at the current intersection receives a packet to be forwarded, it chooses a direction to forward the packet to a neighbor intersection. In street mode, the greedy-based approach is used to select the optimal relay inside Current Street. The involvement of the greedy approach increases the route selection time, which is inefficient.

2.4. Summarization of Related Works

From the related work review, we can confirm that each existing work has some limitation that degrades the overall network performance. In

Table 1. Analysis on existing works.

Process	Existing Work	Demerits
SSDF Detection	Frequency Ordering Method [28]	• The involvement of HMM demands large unstructured parameters which are ineffective • Increases false SSDF detection
	Collaborative Approach [29]	• Sensing report collection is insecure • Unauthorized SU access increases vulnerability
	AADS [30]	• Lower detection accuracy • Sensing report collection is insecure
PUE Detection	Channel variance localization [31]	• SU validation is inefficient since the location information alone is considered • High possibility for sensing reports to be falsified
	CSS based PUE detection [32]	• Lack of localization approach increases the complexity
	Spectrum access based PUE detection [33]	• Static rule-based method decreases the detection accuracy
	Chaotic tag-based detection [34]	• BER is high when SNR decreases • Inaccurate PUE detection
Beamforming	Two stage algorithm [35]	• Position estimation in 2D is inaccurate
	Precoding method [36]	• Coverage of MIMO is limited due to the absence of 3Destimation
	AN based beamforming [37]	• Degrades the signal quality • Security is poor
	Hybrid beamforming [39]	• The coverage of beamforming is limited to a 120-degree
	Angular based beamforming [40]	• The efficiency of beamforming is low due to the presence ofobstacles
	MUBT scheme [41]	• Not suitable for large-scale users • Limits the coverage of the MIMO system
Routing	BPA based routing [42]	• Needs a common idle channel all the time • Increases transmission delay
	ACO routing [43]	• ACO increases the convergence time • Limited metrics only considered
	Trusted routing [44]	• Not able to achieve better performance
	Connectivity-aware routing [45]	• Route selection time is high due to the greedy approach

, we summarize the related works with the objective and demerits of the prior works. The main research gap determined is that prior research works use improper algorithms with limited parameters that degrade the overall performance. In addition, each work relies upon a single objective, such as beamforming, security or data routing. However, for better results, it is necessary to consider all three aspects of the CR-IoV network.

3. Problem Statement

Integration of mmWave, CRN and IoV is expected to be a fine solution to meet the growing requirements of future IoT applications. Consider an IoV network with n number of intelligent vehicles as $V_1,V_2,..,V_n$. The main research problem in mmWave-assisted CR-IoV is the lack of focus on important aspects as follows,

• Security [46,47]: In the n number of vehicles, there may be malicious or illegitimate vehicles presented. In the presence of malicious vehicles, data loss will be high. While attempting attack detection, the absence of an effective mechanism for a particular attack, such as an SSDF or PUE attack, decreases the detection accuracy. In addition, improper validation of SUs allows unauthorized SUs to access the spectrum.
• Beamforming [48]: In mmWave-based communications, beamforming is performed based on the 2D position information. Inaccurate position information produces non-optimal beams, which affects data transmission.
• Routing [49,50]: In CR-IoV, routing metrics are more important for increasing the packet delivery rate. Furthermore, the computation of the optimal route without considering the transmission direction increases time consumption and complexity. Time increase in route selection results in higher transmission delay.

The overall problem statement is depicted in Figure 1. As illustrated in the figure, these three problems affect the overall performance of the CR-IoV system, which is infeasible for achieving better transmission results in real-time.

4. Proposed mmWave Assisted CR-IoV

In this section, we present the overall proposed system in detail. This section is segregated into multiple subsections based on proposed procedures.

4.1. Network Model

The proposed mmWave-assisted CR-IoV network is utilized to resolve the three major issues: insufficient spectrum availability, lower data rates and involvement of attackers. The proposed network consists of a number of intelligent vehicles. The entities involved in the CR-IoV environment are Primary Users (PUs) (receivers), Secondary Users (SUs), Cognitive Base Station (CBS) or Fusion Center (FC), Trusted Authority (TA), and primary user transmitter. The PUs are the licensed users that are static in the environment and act as transmitters and receivers. On the contrary, SUs are vehicles that can exploit the licensed spectrum of the PUs if the PU spectrum gets idled. The FC or CBS is deployed to enable beamforming for the secondary users based on the sensing report, which is equipped with Massive MIMO antennas. The mmWave communication is used to communicate among the entities for high data rates. Further, a Trusted Authority (TA) is deployed in the network to validate the authenticity of SUs. The TA is responsible for issuing certificates to the SUs, which are further used for validation and security constraints. The overall network model is shown in Figure 2.

As shown in the figure, all vehicles can move in any road direction. The SUs are initially registered to the CA to ensure their legitimacy. For legitimate SUs, two types of attack detection processes are taken place named SSDF and PUEA. For the attack-free SUs, the optimal beams are provided by the FC or CBS for the sake of success spectrum sensing. Eventually, data transmission among the source and destination SUs is carried out using an optimization algorithm. Routing, beamforming, and security were the three main aspects of network performance that were improved symmetrically.

4.2. Attacker Model

In the proposed work, we mainly focused on two harmful attacks in CR-based networks. The considered attackers are SSDF and PUE attacks. In an SSDF attack, malicious SU sends a false sensing report to the FC so that the FC makes an incorrect decision on spectrum availability. In the PUE attack, the malicious SU acts as the legitimate PU, preventing other SUs from accessing the spectrum.

In Figure 3, both attack models are depicted. The main aim of the attackers is to use the available spectrum by preventing legitimate SUs from accessing the spectrum. The proposed network model consists of these two kinds of attacks that launch an attack during spectrum sensing.

4.3. Dual Step Security Provisioning

As stated earlier, security is provided in the proposed network by isolating attacker nodes from the network. As both attacks are different in nature, we have presented two different algorithms for SSDF detection and PUE attack detection, respectively. Here, SSDF is detected by using the HK-SVM classifier. Similarly, the PUE attack is detected by the FA-TDoA algorithm. Initially, all legitimate SUs are registered at TA to receive the corresponding certificates. The registration process is initiated by SU by sending a registration request to TA. Then, the TA generates a digital certificate based on the ID of the corresponding SU. In the proposed dual-step security provisioning approach, the first step includes attack detection, and the second step includes certificate validation. The involvement of two steps increases attack detection accuracy and minimizes the false alarm rate. The proposed security provisioning approach is explained below.

4.3.1. SSDF Attack Detection

To detect the SSDF attack, we presented a new HK-SVM algorithm. Here, we have chosen an SVM classifier since SVM is a lightweight ML technique that shows better performance in Intrusion Detection Systems (IDSs) [51]. Due to its high-level accuracy and lower complexity, we adapted SVM for SSDF attack detection in the proposed work. In general, the SVM classifier mainly relies on the kernel function that separates normal SUs from malicious SUs. Generally, SVM uses linear or non-linear such as Radial Basis Function (RBF) kernel function upon classification problem nature. RBF and polynomials show better performance in IDS problems. To further improve the accuracy of SSDF detection, we have presented a hybrid kernel function. The proposed HK-SVM detects SSDF attacks based on the sensing reports collected from the SUs. The proposed HK-SVM is the binary classifier that maps the SUs into two classes, namely normal ($+1$) and malicious ($-1$). The proposed HK-SVM finds the optimum hyperplane between both classes by maximizing the margin and minimizing the classification error between the two classes. First, the input data sequence $X=[x_1,x_2,..,x_n]$ is fed into the SVM classifier. Here, the input data sequence is the sensing report received from all SUs. For each input $x_i\in X$, the output is given as $y_i\in \{+1,-1\}$. This separation is performed by the hyperplane, which can be denoted as follows,

$$\begin{array}{c}\hfill \begin{array}{c}w.x_i+b=0\hfill \end{array}\end{array}$$

(1)

Here, w is the normal vector and b is the position of the relative area. Further, this margin is optimized to its support vector through the kernel function. The kernel function can be denoted as $K(x_n,x_i)$ and it transforms the original data space into a new higher dimension space. In this work, we have combined three important kernel functions in order to achieve better accuracy. The kernel functions are expressed in

Table 2. Kernel functions for HK-SVM.

Kernel Function	Expression
Linear	$K\left(x_n,x_i\right)=(x_n.x_i)$
RBF	$K(x_n,x_i)=exp(-\gamma \parallel x_n-x_i{\parallel }^2+C)$
Polynomial	$K\left(x_n,x_i\right)={\left(\gamma \left(x_n,x_i\right)+r\right)}^2$

.

Each function works better in some cases. To achieve higher performance, we combined all three kernel functions as a hybrid function in the HK-SVM algorithm. The hybrid kernel is expressed as follows,

$$\begin{array}{c}\hfill \begin{array}{c}\begin{array}{c}HK(x_n,x_i)={\beta }_1.(x_n.x_i)+{\beta }_2.exp\left(\begin{array}{cc}-{\beta }_3& {\displaystyle \frac{(-\gamma \parallel x_n-x_i{\parallel }^2+C)}{{(\gamma (x_n,x_i)+r)}^2}}\end{array}\right)\hfill \\ \end{array}\hfill \end{array}\end{array}$$

(2)

Here, the constant value $\beta$ is used to mix all three kernel functions and it is selected as ${\beta }_1+{\beta }_2+{\beta }_3=1$. The proposed hybrid kernel function separates the input data X as shown in Figure 4.

The kernel function uses a distance measure to find the nearest vectors for classification. Conventionally, Euclidean distance is used in SVM for classification. In HK-SVM, we have proposed the Mahalanobis distance measure, which can be expressed as follows,

$$\begin{array}{c}\hfill \begin{array}{c}D\left(x_n,x_i\right)=\sqrt{{\left(\overrightarrow{x_n}-\overrightarrow{x_i}\right)}^{T}C{M}^{-1}\left(\overrightarrow{x_n}-\overrightarrow{x_i}\right)}\hfill \end{array}\end{array}$$

(3)

Here, $CM$ represents the covariance matrix. In this manner, the HK-SVM classifier classifies the SUs into normal and malicious based on received sensing reports. Processing collected sensing reports results in accurately detecting SSDF attacks in the network.

4.3.2. PUE Attack Detection

To detect a PUE attack, we proposed the FA-TDoA algorithm, which estimates the position of the signal source (can be PU or attacker) accurately. Then, the position information is compared with the original position of PUs to detect the attackers accurately. In this work, PUs are the TV receivers, and most PUs are static, i.e., the location of PUs is known priorly. During spectrum sensing, the PUE attacker emulates the PU signal so that the SU generates a report as the PU presence. Before sending the sensing reports to the CBS, each SU detects whether the signal is received from the attacker. In this work, spectrum sensing is performed by using the Enriched Energy Detection (E2D) method, which is capable of working in low Signal-to-Noise Ratio (SNR) scenarios. We have improved the conventional energy detection method by incorporating a dynamic threshold value based on the current SNR level. The reason behind the enriching spectrum sensing method is that the spectrum sensing report may also be falsified due to the presence of noise. In a noisy environment, the energy detection method may provide an incorrect report which may lead to considering the SU as malicious. To assure high-level accuracy, we have enriched the energy detection method. The presence of PU is detected by the E2D method based on the following hypotheses,

$$\begin{array}{c}\hfill \begin{array}{c}RS\left(l\right)=\left\{\begin{array}{cc}\omega \left(l\right),\hfill & H_0\\ PS\left(l\right)\hfill & H_1\end{array}\right.\hfill \end{array}\end{array}$$

(4)

If the received signal ($RS\left(l\right)$) has PU signal ($PS\left(l\right)$) and noise signal ($\omega \left(l\right)$), then the decision is PU presence, i.e., the channel is unavailable. Otherwise, the decision is PU Absence, i.e., the channel is available. The decision is made based on the energy level computed for $RS\left(l\right)$, and it can be expressed as follows,

$$\begin{array}{c}\hfill \begin{array}{c}E\left(RS\right)={\int }_{-\infty }^{\infty }{\left|RS\left(l\right)\right|}^2\hfill \end{array}\end{array}$$

(5)

The PU is presented if the computed energy level is greater than the threshold value. Otherwise, the PU is absent in that channel. In the conventional method, the threshold value is static which is ineffective in determining PU status accurately. Thus, we have presented a new dynamic threshold value by combining the noise uncertainty factor (${\rho }_F$) as follows,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle {\tau }_{new}=\frac{\tau }{\sum {\rho }_F}}\hfill \end{array}\end{array}$$

(6)

The noise uncertainty factor computed is the function of noise frequency ($\mu$) of each signal sample from the total M number of signal samples. It can be expressed as,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle {\rho }_F=\frac{\underset{1\le m\le M}{max}{\mu }_l^2\left(m\right)}{{\displaystyle \frac{1}{M}\sum _{m=1}^M{\mu }_l^2\left(m\right)}}}\hfill \end{array}\end{array}$$

(7)

The above factor is dynamic upon the noise frequency which varies with the noise level present in the environment. The reason for using dynamic threshold value is that the presence of high-level noise results in incorrect sensing results. In the proposed E2D, the sensing report is accurate. Based on this report, PUE attack detection is performed. It is worth mentioning that presenting a new dynamic threshold value also increases the sensing accuracy. In general, the PU presence decision is made in two scenarios as (i) truly PU is presented on the particular channel or (ii) the PUE attacker emulates the PU signal. In the first case, SUs are unable to use the available spectrum, but in the second case, SUs can use the spectrum. For that, it is necessary to detect whether the signal comes from the PU or PUE attacker. For accurate detection, we presented the FA-TDoA algorithm. TDoA shows versatile performance in localization problems [52]. However, in TDoA, ambiguous positioning occurs due to misalignment between the reference receivers. Thus, we have combined FA with TDoA to achieve accurate positioning of the signal source.

4.3.3. Mathematical Model of FA-TDoA

The FA-TDoA uses a trilateration technique in which three reference receivers are considered. Here, the signal source is unknown and the objective is to detect the location of the unknown source. The range difference between receivers can be obtained as,

$$\begin{array}{c}\hfill \begin{array}{c}R{D}_{i,j}=\mathbb{C}\times d_{i,j}={RD}_i-R{D}_j\hfill \end{array}\end{array}$$

(8)

Here, $\mathbb{C}$ is the signal propagation speed and $d_{i,j}$ is the TDoA between receivers i and j. Consider the unknown source location as [$x_u,y_u$] and the known reference receiver location as [$x_i,y_i$]. The distance between source and ith receiver is given as,

$$\begin{array}{c}\hfill \begin{array}{c}{d}_{u,i}=\sqrt{{\left(x_i-x_u\right)}^2+{\left(y_i-y_u\right)}^2}\hfill \end{array}\end{array}$$

(9)

Thus, the range difference is updated as follows,

$$\begin{array}{c}\hfill \begin{array}{c}R{D}_{i,1}=\sqrt{{\left(x_i-x_u\right)}^2+{\left(y_i-y_u\right)}^2}-\sqrt{{\left(x_1-x_u\right)}^2+{\left(y_1-y_u\right)}^2}\hfill \end{array}\end{array}$$

(10)

Here, $x_1,y_1$ is the location of the first receiver, also known as the reference receiver. For determining the unknown location, the above non-linear equation must be linearized. For that, the fang algorithm linearizes the equation by fixing one of the reference receivers at the origin. In FA-TDoA, the reference receivers form a coordinate system. As shown, we have one of the receivers at the origin, the coordinate becomes [$x_1=0,y_1=0$], [$x_2=x_2,y_2=0$] and [$x_3,y_3$]. The equations can be simplified as,

$$\begin{array}{c}\hfill \begin{array}{c}R{D}_1=\left[{\left(x_1-x_u\right)}^2+{\left(y_1-y_u\right)}^2\right]={\left[x_U^2+y_U^2\right]}^{1/2}\hfill \end{array}\end{array}$$

(11)

$$\begin{array}{c}\hfill \begin{array}{c}{x}_{i,1}=x_i-x_1=x_i\hfill \end{array}\end{array}$$

(12)

$$\begin{array}{c}\hfill \begin{array}{c}{y}_{i,1}=y_i-y_1=y_i\hfill \end{array}\end{array}$$

(13)

Applying the above equations in Equation (10) provides the following expression,

$$\begin{array}{c}\hfill \begin{array}{c}2R{D}_{2,1}R{D}_1=R{D}_{2,1}^2-x_2^2+2x_{2,1}^2{x}_u\hfill \end{array}\end{array}$$

(14)

$$\begin{array}{c}\hfill \begin{array}{c}2R{D}_{3,1}R{D}_1=R{D}_{3,1}^2-\left(x_3^2+x_3^2\right)+2x_{3,1}{x}_u+2y_{3,1}{y}_u\hfill \end{array}\end{array}$$

(15)

By equating Equations (14) and (15), we can obtain the following result,

$$\begin{array}{c}\hfill \begin{array}{c}{y}_u=g{x}_u+h\hfill \end{array}\end{array}$$

(16)

where, $g=\left\{\left(\frac{R{D}_{3,1}{x}_2}{R{D}_{2,1}}\right)-x_3\right\}/y_3$.

and $h=\left\{x_3^2+y_3^2-R{D}_{3,1}^2+R{D}_{3,1}{x}_{u}R{D}_{2,1}\left(1-\left(x_2/R{D}_{2,1}{)}^2\right)\right)\right\}/2y_3$.

$$\begin{array}{c}\hfill \begin{array}{c}d{x}_u^2+e{x}_u+f=0\hfill \end{array}\end{array}$$

(17)

Here, $d=-\left\{\left(1-{\left(\frac{x_2}{R{D}_{2,1}}\right)}^2\right)+g^2\right\}$, $e=x_2\times \left\{\left(1-{\left(\frac{x_2}{R{D}_{2,1}}\right)}^2\right)\right\}-2gh$, and $f=\left(\frac{R{D}_{2,1}^2}{4}\right)\times \left\{(1-{\left(\frac{x_2}{R{D}_{2,1}}\right)}^2\right\}-h^2$.

From Equations (16) and (17), we can obtain the location of an unknown signal source as [$x_u,y_u$]. Once the signal source’s location is determined, that location is compared with PU’s original location. If both locations are matched, then the signal source is PU; else, the signal is emitted by the PUE attacker. In this manner, the signal source is validated based on the location calculation.

In proposed dual-step security provisioning, the first step detects the SSDF and PUE attackers presented in the network based on the sensing report and location, respectively. To further improve the accuracy, we then validate the certificates of the SUs to ensure that only legitimate SUs are participating in the network. In this work, the digital certificates tie the digital signature of each SU, which is generated by the Four Q-Curve algorithm. After the attack detection step, the CBS validates the signature of all SUs by the Four Q-Curve algorithm. Here, we have used the Four Q-Curve algorithm because it is lightweight and faster than other signature algorithms [53]. Presenting Four Q-Curve signature makes certificate generation and validation fast. Each vehicle has two secret keys, including a public key ($P{u}_k$) and a private key ($P{v}_k$) which are used in signature validation and generation, respectively. The process of signature validation is performed as follows,

1. First, a hash value is generated for the SU ID, i.e., $e=H\left[S{U}_{ID}\right]$ by using the Secure Hashing Algorithm-3 (SHA-3).

2. Select a secure random integer q from the range of [$1,h-1$]. Here, h represents the order of the base point.

3. Consider FourQ-curve which is represented as,

$$\begin{array}{c}\hfill -x^2+y^2=1+a{x}^2{y}^2\end{array}$$

Here, a is the non-square function of the Mersenne prime. On this curve, the base point $BP$, which is the prime number that satisfies the curve equation is derived.

4. From the $BP,P{v}_{sk}$ and $P{u}_{sk}$ are derived as follows,

$$\begin{array}{c}\hfill P{u}_{sk}=P{v}_{sk}\times BP\end{array}$$

The $P{v}_{sk}$ is chosen random manner and $P{u}_{sk}$ is derived from the private key.

5. Next, compute the curve point ($x_1,y_1)=q\times BP$.

6. Calculate signature pairs as, $S_1=x_{1}modh$ and $S_2=q^{-1}\left(z+S_{1}P{v}_{sk}\right)modh$. These signature pairs are generated as the function of the private key.

Based on the above steps, a signature is generated by SU and it is embedded in the digital certificate. Then, this signature pair is validated by the CBS by using $P{u}_{sk}$ of that SU. In this manner, all SUs are validated by CBS before data transmission. the involvement of the dual-step security provisioning scheme improves the security level in the network by removing attackers and illegitimate SUs.

4.4. 3D-Beamforming in Massive MIMO

For legitimate SUs, CBS produces beams in an optimal manner which is achieved by the 3D-beamforming approach. We considered Massive MIMO with a set of $M\times N$ isotropic array elements, i.e., CBS has M antenna elements in x-axis and N antenna elements in y-axis. The manifold vector of the antenna array in both coordinates is represented as ${\mathcal{F}}_x$ and ${\mathcal{F}}_y$ and can be computed as follows,

$$\begin{array}{c}\hfill \begin{array}{c}{\mathcal{F}}_x=\left[b_0,b_1{e}^{j\left({\varphi }_1+{\eta }_x\right)},..,b_m{e}^{jm\left({\varphi }_1+{\eta }_x\right)},\cdots ,b_{M-1}{e}^{j(M-1)\left({\varphi }_1+{\eta }_x\right)}\right]\hfill \end{array}\end{array}$$

(18)

$$\begin{array}{c}\hfill \begin{array}{c}{\mathcal{F}}_y=\left[p_0,p_1{e}^{j\left({\varphi }_2+{\eta }_y\right)},..,p_n{e}^{jn\left({\varphi }_2+{\eta }_y\right)},\cdots ,b_{N-1}{e}^{j(N-1)\left({\varphi }_2+{\eta }_y\right)}\right]\hfill \end{array}\end{array}$$

(19)

Here, $a_m,p_n$ are the weight value of the mth and nth antenna elements in x and y coordinates, respectively. Similarly, ${\eta }_x,{\eta }_y$ are the function of the direction of angle (DOA) at a determined location, ${\varphi }_1,{\varphi }_2$ are the DOA of intended SU or SUs. The expression for these constraints are expressions for these constraints are,

$$\begin{array}{c}\hfill \begin{array}{c}{\varphi }_1={\mathfrak{AI}}_{x}sin\theta cos\phi \hfill \end{array}\end{array}$$

(20)

$$\begin{array}{c}\hfill \begin{array}{c}{\varphi }_2={\mathfrak{AI}}_{y}sin\theta sin\phi \hfill \end{array}\end{array}$$

(21)

Here, $\mathfrak{I}=2\pi /\lambda$ and ${\eta }_x=-{\mathfrak{AI}}_{x}sin{\theta }_{0}cos{\phi }_0$, ${\eta }_y=-{\mathfrak{AI}}_{y}sin{\theta }_{0}sin{\phi }_0$. We need to calculate the array factor (AF) for optimal beamforming by summing up all elements in the vector. For AF computation, we can consider either ${\mathcal{F}}_x$ or ${\mathcal{F}}_y$, or we can also use the radiation factor of the equivalent element as follows,

$$\begin{array}{c}\hfill \begin{array}{c}{\mathcal{F}}_{xy}={\mathcal{F}}_x^T\times {\mathcal{F}}_y\hfill \end{array}\end{array}$$

(22)

Thus, the AF for the considered Massive MIMO antenna is given as,

$$\begin{array}{c}\hfill \begin{array}{c}AF={\sum }_{m=0}^{M-1}{\sum }_{n=0}^{N-1}{\gamma }_{mn}{e}^{j\left[m\left({\varphi }_1+{\eta }_x\right)+n\left({\varphi }_2+{\eta }_y\right)\right]}\hfill \end{array}\end{array}$$

(23)

The weight value of the antenna array ${\gamma }_{mn}=b_m\times p_n$. From the AF, the beampattern function is derived. The beampattern function is the envelope of the radiation of electromagnetic wavefront in the spatial domain. In general, the beampattern function is equal to the amplitude of AF that can be defined as,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle BP=\left|AF\right|=\frac{sin\left({\displaystyle \frac{M}{2}{\varphi }_x}\right)sin\left({\displaystyle \frac{N}{2}{\varphi }_y}\right)}{MNsin\left({\displaystyle \frac{{\varphi }_x}{2}}\right)sin\left({\displaystyle \frac{{\varphi }_y}{2}}\right)}}\hfill \end{array}\end{array}$$

(24)

Based on this BP function, optimal beams are produced for SUs. The maximum gain of an array antenna is,

$$\begin{array}{c}\hfill \begin{array}{c}\left|MNsin\left({\displaystyle \frac{{\varphi }_x}{2}}\right)sin\left({\displaystyle \frac{{\varphi }_y}{2}}\right)\right|=0\hfill \end{array}\end{array}$$

(25)

The mainlobe Half Power Beamwidth (HPBW) is obtained as the function of $\frac{1}{\sqrt{2}}$ as follows,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle \left|{\displaystyle \frac{sin\left({\displaystyle \frac{M}{2}{\varphi }_x}\right)sin\left({\displaystyle \frac{N}{2}{\varphi }_y}\right)}{MNsin\left({\displaystyle \frac{{\varphi }_x}{2}}\right)sin\left({\displaystyle \frac{{\varphi }_y}{2}}\right)}}\right|=\frac{1}{\sqrt{2}}}\hfill \end{array}\end{array}$$

(26)

Based on the above calculations, CBS forms beams for SUs. The formation of beams in 3D is illustrated in Figure 5.

Once the beams are formed and directed to the SUs, then the SUs are allowed to access the CBS. As only valid SUs are considered in beamforming, the overhead and time consumption are decreased.

4.5. Forwarding Zone Based Routing

To enable data transmission among SUs, we present a novel FZ-MOWO approach. In IoV, there will be a large number of intelligent vehicles presented. Selecting optimal forwarders among a large number of vehicles is a time-consuming process that results in higher transmission delay. To avoid such delay, we introduced a novel forwarding zone concept in route selection. Whale optimization is the recent swarm-based optimization algorithm that solves multidisciplinary problems [54]. In this work, we utilized whale optimization for solving routing problems in IoV. Here, we have improved the whale optimization algorithm in two ways, including (i) formulating a new objective function by considering multiple objectives and (ii) minimizing computational time. Processing all SUs regardless of direction increases computational time. Thus, we first introduce the concept of FZ, which first finds the optimal FZ between the source ($\mathbb{S}$) and destination ($\mathbb{D}$) vehicles. Then, optimal forwarders are selected in the FZ region, as shown in Figure 6.

The first step in determining FZ is to estimate the forwarding angle between $\mathbb{S}$ and $\mathbb{D}$. The forwarding angle ($\psi$) is estimated by the source node to determine FZ. The forwarding angle can be expressed as follows,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle cos\psi =\frac{\mathbb{S}.\mathbb{D}}{\parallel \mathbb{S}\times \mathbb{D}\parallel }}\hfill \end{array}\end{array}$$

(27)

With this estimated angle, the FZ is created by the source node. Then, the proposed FZ-MOWO is executed with a new objective function to select optimal forwarding nodes. The mathematical model of the proposed routing algorithm is detailed below.

Initialization—In this step, the possible solutions (vehicles presented within FZ) are initialized as the whales as [$p=p_1,p_2,..,p_n$].

Fitness Evaluation—For all whales in the population, the fitness function is evaluated. In this work, we have formulated a new fitness function, namely Potential Score (${\rho }_S$), that is built upon multiple objective functions. The ${\rho }_S$ is computed as the combination of Closeness (${\omega }_C$), Direction (${\omega }_D$) and Reliability (${\omega }_R$). Here, ${\omega }_C$ is computed as the function of Euclidean distance between the source and neighbor vehicle and ${\omega }_D$ is the function of the moving direction of the neighbor vehicle (it is represented as 1 if both vehicles move in the same direction and 0 if both vehicles move in the opposite direction). The ${\omega }_R$ is computed as the combination of multiple objectives such as forwarding probability, delay (${{\rm Y}}_{dl})$ and trust value (${{\rm Y}}_{TV}$). Forwarding probability (${{\rm Y}}_{FP}$) is computed as follows,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle {{\rm Y}}_{FP}={\alpha }_1\times \frac{v}{v_{max}}+\frac{{\alpha }_2}{CR}}\hfill \end{array}\end{array}$$

(28)

Here, ${\alpha }_1$ and ${\alpha }_2$ are the weight factors and v and $v_{max}$ represent the current velocity and maximum velocity of the vehicle, respectively. The communication range is denoted as $CR$. Delay is computed in terms of distance and queuing delay, while trust value is computed in terms of the number of successful packets transmitted through the candidate vehicle. By considering these factors, the reliability is computed as follows,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle {\omega }_R=\frac{{{\rm Y}}_{FP}+{{\rm Y}}_{TV}}{{{\rm Y}}_{dl}}}\hfill \end{array}\end{array}$$

(29)

Then, the reliability factor is combined with the potential score as follows,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle {\rho }_S=\frac{{\omega }_R+{\omega }_D}{{\omega }_C}=\frac{\left({\displaystyle \frac{{{\rm Y}}_{FP}+{{\rm Y}}_{TV}}{{{\rm Y}}_{dl}}}\right)+{\omega }_D}{{\omega }_C}}\hfill \end{array}\end{array}$$

(30)

For each solution in the population set, ${\rho }_s$ is computed. Then, the best search agent ($p\ast$) is selected based on the fitness value. Based on this best search agent, the position of other solutions is updated.

Encircling Prey—The whales can recognize and encircle the location of prey. This encircling process is carried out based on the selected best search agent. The objective of this phase is to identify the best search agent and to update the positions of other agents nearer to the best agent. This behavior is modeled as,

$$\begin{array}{c}\hfill \begin{array}{c}\overrightarrow{D}=\left|\overrightarrow{\mathfrak{C}}.\overrightarrow{\mathfrak{X}\times }\left(t\right)-\overrightarrow{\mathfrak{X}}\left(t\right)\right|\hfill \end{array}\end{array}$$

(31)

$$\begin{array}{c}\hfill \begin{array}{c}\overrightarrow{\mathfrak{X}}\left(t+1\right)=\overrightarrow{\mathfrak{X}\times }\left(t\right)-\overrightarrow{A}.\overrightarrow{D}\hfill \end{array}\end{array}$$

(32)

$$\begin{array}{c}\hfill \begin{array}{c}\overrightarrow{A}=2\overrightarrow{\varsigma }.\overrightarrow{\lambda }-\overrightarrow{\varsigma }\hfill \end{array}\end{array}$$

(33)

$$\begin{array}{c}\hfill \begin{array}{c}\overrightarrow{\mathfrak{C}}=2.\overrightarrow{\lambda }\hfill \end{array}\end{array}$$

(34)

Here, $\overrightarrow{\mathfrak{X}\times }\left(t\right)$ is the general best solution and $\overrightarrow{\mathfrak{X}}\left(t\right)$ is the whale position in tth iteration. The constant $\varsigma$ is selected in the range of [2, 0] over iteration and the random number $\lambda$ is distributed in the range of [0, 1].

Bubble-net Attacking Phase—It is the exploitation phase, and it is formulated from the behavior of whales to attack their prey. This attacking phase follows the spiral mathematical formulation that is applied between the position of the whale and prey to imitate helix-shaped movement. This movement can be given as,

$$\begin{array}{c}\hfill \begin{array}{c}\overrightarrow{\mathfrak{X}}\left(t+1\right)=\overrightarrow{D^{{}^{\prime }}}.e^{bl}.cos\left(2\pi l\right)+\overrightarrow{\mathfrak{X}\times }\left(t\right)\hfill \end{array}\end{array}$$

(35)

$$\begin{array}{c}\hfill \begin{array}{c}\begin{array}{c}\overrightarrow{\mathfrak{X}}(t+1)=\left\{\begin{array}{c}\overrightarrow{\mathfrak{X}\times }\left(t\right)-\overline{A}.\overline{D}if\overline{\omega }<0.5\hfill \\ \overline{D^{\prime }}.e^{bl}.cos\left(2\pi l\right)+\overrightarrow{\mathfrak{X}\times }\left(t\right)if\overline{\omega }\ge 0.5\hfill \end{array}\right.\hfill \end{array}\hfill \end{array}\end{array}$$

(36)

The constant $\varpi$ denotes the shape of a logarithmic spiral. All whales move as per the above model.

Search for prey—This is the exploration phase in which the search agents are updated when $A>1$ or $A<-1$. The update is performed as,

$$\begin{array}{c}\hfill \begin{array}{c}\overrightarrow{D}=\left|\overrightarrow{\mathfrak{C}}.\overrightarrow{{\mathfrak{X}}_{rand}}-\overrightarrow{\mathfrak{X}}\right|\hfill \end{array}\end{array}$$

(37)

$$\begin{array}{c}\hfill \begin{array}{c}\overrightarrow{\mathfrak{X}}\left(t+1\right)=\overrightarrow{{\mathfrak{X}}_{rand}}-\overrightarrow{\mathfrak{X}}.\overrightarrow{D}\hfill \end{array}\end{array}$$

(38)

Here, $\overrightarrow{{\mathfrak{X}}_{rand}}$ is the nominated solution at the current iteration.

All the above phases are executed until the stopping criterion is met. Over iteration, the proposed FZ-MOWO selects optimal forwarder vehicles from the set of vehicles presented in FZ. Through selected forwarders, the $\mathbb{S}$ transmits data to the $\mathbb{D}$. The construction of FZ and consideration of multiple parameters improve the proposed routing algorithm and data transmission.

5. Performance Evaluation

In this section, we evaluate the performance of the proposed work in terms of performance metrics. This section first introduces a simulation environment of the proposed CR-IoV. Then, comparisons are made with the existing works.

5.1. Simulation Setup

The proposed work combines mmWave technology with CR-IoV, i.e., the considered simulation tool needs to support all these technologies. Thus, we have selected a network simulator-3.26 (ns-3.26) tool for performing simulations. Ns-3 has a wide range of modules to support various network technologies and algorithms. We have installed the ns-3.26 tool on the PC, which has Ubuntu-14.04 LTS (32-bit) as the Operating System (OS). All algorithms are written in C++ language and imported with Python language. The other simulation parameters considered are listed in

Table 3. Simulation parameters.

Parameter	Value
Simulation area	1000 × 1000
Number of CBS	1
Number of SUs	20
Number of PUs	10
Number of PBS	1
Number of TA	1
Number of Attackers	5
Spectrum range	5 MHz to 100 MHz
Number of channels	20
Channel bandwidth	20 MHz
Data rate	150 Mbps (Maximum)
Number of packets generated	2048
Packet size	1024
Packet Interval	0.1 s
Simulation time	100 s

.

After setting up all the simulation parameters, we start the simulation. Experiments are performed with varying numbers of vehicles and the number of attackers in the network.

Application Scenario (Self Driving Car)—The proposed mmWave-assisted CR-IoV is applicable for all IoV and Intelligent Transportation System (ITS) based applications. Here, we have demonstrated one important application of self-driving cars. In self-driving car applications, there will be a huge need for a spectrum for continuous data transmission and reception. The conventional DSRC is insufficient to meet the huge requirements of self-driving cars. Thus, the proposed mmWave-assisted CR-IoV model is most suitable for self-driving car applications. The self-driving cars connected scenario is shown in Figure 7. As per the scenario, each car demands any service (can be infotainment or entertainment) or information from any nearby vehicles. Mainly, multimedia file sharing, parking slot requests, traffic information dissemination, safety conditions sharing, etc., are shared among self-driving cars. All these data are delay sensitive and must reach the vehicles without a huge delay. For that, seamless connectivity among self-driving cars is required. For all these requirements, our proposed approach provides a better solution.

First, the spectrum requirement is resolved by modeling the CR-IoV system. The cars are allowed to sense the environment and use the available spectrum in an optimum way. Next, the problem of delay is handled by producing optimal beams and selecting optimal multi-objective routes. Furthermore, security is also a major issue need to be addressed in self-driving applications. In particular, the use of the CR-IoV model attracts the attackers to use the available spectrum intentionally. As per our work, we have tackled this issue with SSDF and PUE attack detection and lightweight certificate validation procedure. Overall, the proposed work is apt for self-driving car applications that meet each requirement.

5.2. Performance Measures

(1) Throughput

Throughput is defined as the sum of all data rates delivered for all SUs in the network. In simple, throughput measures the successful data delivery over the network at a given time slot. It can be given as,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle Throughput=\frac{DataSize}{TransmissionTime}}\hfill \end{array}\end{array}$$

(39)

Throughput is in general computed in terms of bits/second or kilobits/second.

(2) Delay

Delay is defined as the time taken by the data to reach a destination from the source. The delay computation includes propagation ($D{l}_P$), queuing ($D{l}_Q$) and transmission time ($D{l}_T$). The delay can be given as,

$$\begin{array}{c}\hfill \begin{array}{c}Delay=[D{l}_P+D{l}_Q+D{l}_T]\hfill \end{array}\end{array}$$

(40)

(3) Packet Delivery Ratio (PDR)

PDR is defined as the ratio between the number of packets transmitted ($\#TP$) by the source node, and the number of packets received successfully ($\#RP$) by the destination. The PDR is defined as,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle PDR=\frac{\#TP}{\#RP}}\hfill \end{array}\end{array}$$

(41)

(4) Bit Error Rate (BER)

BER is defined as the ratio between a number of bit errors ($\#BE$) and the total number of bits transmitted ($\#BT$). The BER is computed as,

$$\begin{array}{c}\hfill \begin{array}{c}{\displaystyle BER=\frac{\#BE}{\#BT}}\hfill \end{array}\end{array}$$

(42)

5.3. Comparative Analysis

In this subsection, we compare the results obtained by the proposed with prior research works. We have compared the proposed work with prior works SVM [46], ML-Neural Network (ML-NN) [47], 2D-Beamforming [48], OLSR [49], and 5G-VANET [50]. The detailed comparison among existing works is summarized in

Table 4. Comparison of prior research works.

Existing Work	Network Model	Security	Beamforming	Routing	Demerits
SVM [46]	Cognitive Radio Network	√	×	×	• Conventional kernel function decreases accuracy • Lack of attack specific feature degrades the performance
Machine Learning–NN [47]	Cognitive Radio Network	√	×	×	• Complexity The complexity of the approach is high • Not suitable for detecting various types of CR attacks
2D-Beamforming  [48]	mmWave-5G	×		×	• Forms inaccurate beams • Lack of position information decreases beampattern efficiency
OLSR [49]	VehicularNetworks	×	×	√	• Route selection needs a large amount of hello packets • Increases packet overhead • Selects non-optimal route
5G-VANET [50]	5G Vehicular networks	×	×	√	• Complexity is high since all vehicles are considered as solution • An increase in route selection time results in higher transmission delay

.

The comparison shows that each work has some demerits. These demerits are the main reasons behind performance degradation in existing works, which can be further analyzed in the following subsections.

5.3.1. Analysis of Throughput

Throughput is an important metric that measures the overall network performance. For better analysis, we have compared throughput with respect to the number of vehicles and the number of attackers.

In Figure 8, throughput is compared with respect to the number of vehicles in the network and Figure 9 compares throughput with respect to the number of attackers. In both aspects, the proposed mmWave-assisted CR-IoV shows better performance, up to 98 Mbps. In all works, a gradual increase is addressed with an increase in the number of vehicles and vice versa with the number of attackers. The main reason is that the presence of a large number of vehicles assures the possibility of selecting optimal forwarders. On the other hand, the presence of attackers increases data loss and interrupts data transmission, which leads to a decrease in throughput. In particular, existing works can only achieve throughput up to 80 Mbps, which is much lower than the proposed work. In SVM and ML-NN-based methods, there is no particular procedure for routing, i.e., data loss is high due to data transmission through non-optimal vehicles. In 2D-beamforming, the produced beams are non-optimal, which leads to degradation in throughput. Specifically, OLSR, which is the conventional routing protocol only has a throughput of 70 Mbps since the OLSR selects routes only based on a distance measure. Due to these reasons, existing works are not able to achieve better throughput.

In the presence of five attackers, we have achieved throughput up to 94%, which is relatively higher than previous works. For the same number of attackers, SVM has 60 Mbps of throughput, and the ML-NN method has 54 Mbps of throughput, which is 34 Mbps and 40 Mbps lower than the proposed work. The analysis shows that the existing SVM and ML-NN methods are unable to handle a large number of attackers in the network. In SVM, the use of the conventional kernel function traps the detection efficiency. In both SVM and ML-NN methods, the overall analysis is performed based on the sensing report, but the sensing report alone is insufficient for detecting attackers in the network. Without accurate attack detection, the network is affected by the large number of attackers that prevent proper data transmission. In addition, most of the attacks such as SSDF and PUE utilize the spectrum intentionally so that the legitimate SUs receive only a limited spectrum which decreases the throughput.

5.3.2. Analysis of PDR

PDR measures the data delivery efficacy of the network. For better PDR, the data loss must be reduced.

In Figure 10 and Figure 11, we have compared PDR with respect to the number of vehicles and attackers, respectively. When we compared PDR with the number of vehicles, we identified that the increase in the number of vehicles assists in achieving better PDR. As stated earlier, a large number of vehicles in the network increases the probability of selecting optimal forwarding nodes, which increases PDR. Though it supports optimal forwarder selection, SVM, ML-NN and 2D-Beamforming methods have no effect on the increasing number of vehicles. Both works (SVM and ML-NN) attain 74% and 75% of PDR, respectively. That is more than 25% of packets are lost during data transmission due to a lack of optimal forwarder selection. Although OLSR is a routing protocol, the PDR is reduced to 75% due to the absence of important parameters during routing. In 5G-VANET, routing is performed with multiple metrics such that PDR is 83%. Here, the main issue is the presence of malicious users who intentionally steal the network resource. Overall, PDR achieved by existing works is insufficient to meet the growing requirements of IoV and ITS. Thus, we have combined mmWave, CR, and IoV to achieve high-level PDR. The packet loss is reduced in three aspects as follows,

• First, we have isolated all malicious nodes from the network.
• Secondly, we produce optimal beams based on important AF and beampattern functions.
• Finally, we have selected optimal forwarders within FZ based on multiple objective functions.

With the above advantages, we have achieved better PDR with respect to the number of vehicles. When it comes to the number of attackers, attack detection plays a vital role. With a poor attack detection procedure, the involvement of attackers will be increased. When the number of attackers increases, then a huge amount of spectrum is used by the attacker. Thus, PDR is reduced to 60% and 66% in SVM and ML methods, respectively. In general, SVM has lower accuracy when the conventional linear or RBF kernel is used. In mmWave-assisted CR-IoV, we have improved HK-SVM with the use of a hybrid kernel function. Further, we have presented separate algorithms for SSDF and PUE attack detection, which assures the network is free from harmful attacks. Thus, we have achieved PDR up to 93% even with five attackers.

5.3.3. Analysis of Delay

Delay is unfavorable in real-time applications since most of the vehicular applications are delay sensitive. Analysis of delay shows the applicability of the work in real time.

In Figure 12, the delay is compared with respect to the number of vehicles. The graphical analysis shows small variations in delay with an increase in the number of vehicles. However, these variations do not affect the proposed mmWave-assisted CR-IoV since the proposed work has only 17 ms of delay, which is 50% lower than SVM based approach. The main cause for delay is excess time introduced during data transmission. In the proposed work, FZ-MOWO considers delay as one of the criteria which selects the optimal forwarder intending to minimize the delay. This objective function reflects the reduction in delay analysis. In existing works, the delay is attained up to 34 ms, which is twice the time higher than the proposed work. Mainly, all existing works rely on either security provisioning or routing. However, both processes are important for transmitting data between SUs without an increase in delay. Thus, the lack of significant security provisioning and routing increases delays in existing works. Similarly, presenting an optimal security provisioning scheme and routing in the proposed work decreases delay.

An increase in the number of attackers is also a major reason for an increase in delay. It can be seen from Figure 13 in which delay is compared with respect to the number of attackers. In all three works, an increase in the number of attackers increases the delay. When a single attacker is presented in the network, then the delay is 10 ms (mmWave assisted CR-IoV), 12 ms in the ML-NN method and 11 ms in the SVM method. When the number of the attacker is increased to 5, the proposed work has 12.1 ms of delay while the ML method has 32 ms of delay and the SVM method has 35 ms of delay which is nearly thrice the time higher than the proposed work. The reason behind this variation is the inefficiency of the SVM and ML-NN method in detecting the attackers accurately. Due to this fact, the attacker involvement is increased in the network and delay is also increased. On the other hand, we have presented HK-SVM and FA-TDoA for SSDF and PUE attack detection, respectively. In addition, optimal 3D beamforming and FZ-MOWO assist in minimizing delay in the network. Overall, we have attained minimum delay through multiple significant procedures.

5.3.4. Analysis of BER

BER mainly depends upon the MIMO characteristics, including channel fading, interference and noise. Here, we have presented an important analysis of the BER.

In Figure 14, we have analyzed BER with respect to the SNR range. With the increase in SNR, the BER is reduced in both proposed and existing works. The BER is high depending on the noise range presented in the network environment. For example, in existing 2D-beamforming, BER in the presence of 2 dB SNR is 0.5, i.e., 50% of error bits are received during data transmission. For the same SNR range, the proposed work attains a BER of 0.1, which is much lower than the existing work. The main reason behind this BER reduction is the optimal beamforming achieved based on AF and BPF parameters. As the work forms beams in 3D, the generated beams are optimum and directed towards the candidate SU. Thus, the noise level can be handled through optimal beamforming. Further, we suppressed attackers by optimal procedures, which further reduced the impact of attackers in the network. In contrast, 2D information is insufficient to assure high-level transmission performance which is confirmed in the BER analysis too.

5.3.5. Analysis of Detection Accuracy

Accuracy is defined as the ability of the proposed algorithm to classify the attackers correctly. It is measured in terms of the number of correct predictions and the total number of predictions. Here, we have compared the accuracy of the proposed detection methods with the base algorithms.

In Figure 15, SSDF attack detection accuracy is measured and compared with base algorithms such as SVM-Linear Kernel, SVM-Polynomial Kernel and SVM-RBF Kernel. The proposed work uses a hybrid kernel that fuses all three kernels to separate the hyperplane. Here, we can see that the SVM-RBF kernel and polynomial kernel show better performance when compared to the linear kernel. With RBF and polynomial kernels, we can expect accuracy up to 84% when the number of iterations is increased. Over iteration, the linear kernel only achieves 75% of accuracy which is 20% lower than the proposed work. The major reason for this reduction is that kernel selection is the most important process in SVM classification. When random kernels are used, then the accuracy level will be degraded. Thus, the existing kernels are unsuitable for detecting SSDF attacks accurately. In contrast, we have presented a hybrid kernel which is the fusion of all three kernels. By utilizing the advantages of all three kernels, we have achieved an accuracy of up to 99%. From this analysis, it is clear that the SVM classifier highly depends upon kernel function and the optimal kernel function provides better results.

In Figure 16, we have compared the PUE attack detection accuracy of the proposed work with conventional Direction of Arrival (DoA), Time of Arrival (ToA) and Time Difference of Arrival (TDoA) approaches. All existing works adopt the general model for localizing signal sources in the network, while the proposed FA-TDoA uses the FA algorithm for localization. Furthermore, we have employed the conventional Energy Detection (ED) method for existing localization approaches and E2D for the proposed TDoA approach. The analysis shows that the fusion of E2D, FA and TDoA detects PUE attacks with 99% of accuracy. The main reason for this accuracy level is we first optimized the sensing method even for a noisy environment. Thus, the sensing report is probably accurate. With the accurate sensing report, we perform PUE detection by using FA-TDoA, which accurately finds the location. When compared to DoA, ToA and TDoA, the proposed FA-TDoA performs well since it uses a proper coordinate system modeled by FA instead of using general models as in existing works.

From the analysis, it is clear that the proposed attack detection algorithms work well in the mmWave-CR-IoV environment.

5.4. Results Discussion

In this subsection, we summarize the overall results obtained for proposed and existing works. The numerical comparison is provided in

Table 5. Numerical Analysis on Results.

Existing Work	Throughput (Mbps)		PDR (%)		Delay (ms)
	Mean	SD	Mean	SD	Mean	SD
SVM [46]	82	±2	70.6	±2.7	33.4	±2.6
Machine Learning-NN [47]	77	±2.6	72.6	±2.3	33.4	±1.14
2D-Beamforming [48]	83	±1.6	74	±2.6	29	±0.74
OLSR [49]	76	±1.8	72.5	±2	31.7	±0.8
5G-VANET [50]	84	±2.9	79	±2.9	26.8	±1.9
ProposedmmWaveassisted CR-IoV	98	±1.12	96.2	±1.6	15.9	±0.89

.

The numerical results show that the proposed work achieves a better mean value in each performance metric which is a notable improvement in this area. Furthermore, the comparison shows that the mmWave-CR-IoV environment needs to focus on three aspects: Security, Beamforming and Routing. When these three aspects are optimized, the result will be more suitable for real-time applications.

In

Table 6. Impact of proposed work in Results.

Proposed Algorithm	Impact on Results
HK-SVM based SSDF Detection	• Increases detection Accuracy Directly • Indirectly, increases throughput and PDR by eliminating the attackers
FA-TDoA-based PUE Detection	•  Increases attack detection accuracy by accurate signal source localization  • Increases PDR, throughput and decreases delay by suppressing the involvement of attackers in the network
Lightweight Certificate Validation	• Assists in achieving higher throughput and PDR by only allowing authorized SUs in the network
3D Beamforming	• Decreases BER even in low SNR ranges by improving beampattern efficacy • Increases network throughput
FA-MOWO-based Routing	• Increases throughput and delivery ratio by selecting optimal forwarders upon multiple objectives • Decreases delay by minimizing route selection time

, the impact of the proposed approaches on obtained results is highlighted. Each proposed approach assists in improving the performance of mmWave-assisted CR-IoV. Finally, we achieved the expected performance with the combination of security, beamforming and routing aspects.

6. Conclusions

In this paper, we have proposed a novel mmWave-assisted CR-IoV model intending to achieve better performance in future applications. For this objective, we have improved the system in three aspects: security, beamforming and Routing. Security is assured through a dual-step security provisioning approach. In the first step, the malicious SUs are detected by HK-SVM (SSDF detection) and FA-TDoA (PUE attack detection) algorithms. After attack detection, the next step is to validate the SUs by a Lightweight ID-based Certificate validation procedure. For all legitimate SUs, the beamforming process is initiated by MIMO CBS through the 3D-Beamforming approach. Finally, optimal route selection is optimized with FZ-MOWO, in which the optimal forwarding zone is detected first, and then the optimal route is selected. The theoretical benefits of the proposed approaches are confirmed through necessary simulations made in the ns-3.26 tool. The proposed work shows better performance in terms of throughput, PDR, delay, BER and detection accuracy.

In future, we have planned to extend this work for more attacks, such as jamming, eavesdropping, etc., to ensure high-level security. We are also interested in analyzing the proposed work’s applicability in a large-scale network.