Towards Securing Routing Based on Nodes Behavior During Spectrum Sensing in Cognitive Radio Networks

Routing is a challenge in cognitive radio networks (CRNs) due to the properties of cognitive radio (CR) technology, as well as other limitations. Firstly, the CR’s frequency band is considered a dynamic spectrum. Therefore, since the routing algorithms used in other types of networks rely on a fixed frequency band, they cannot be directly used in CRNs. Secondly, the dynamic spectrum access, which is enabled by CR technology, negatively affects the network performance. Thirdly, having an effective routing in CRNs needs a local and continual knowledge of its changeable environment. Lastly, the presence of adversary nodes and their malicious activities affect the route establishment process, thereby reducing the network performance. This paper addresses these limitations by combining the spectrum sensing and the spectrum management phases by proposing a novel and secure routing algorithm. Security in the proposed algorithm combines two aspects. The first aspect is measuring the nodes’ behavior during the spectrum sensing phase through a parameter called belief level (BL), which refers to the nodes’ reliability to correctly find and use the white spectrum channels. The second aspect is securing the routing request and reply messages by encoding them with the existing cryptography techniques. The main goal of the proposed approach is to make the available paths between any two communicating nodes secure, reduce the negative effects to the licensed users over the spectrum channels, and moderate the total cost of the used channels over the best path(s). The performance evaluation in terms of end-to-end delay, packet delivery ratio, packet loss ratio, and routing overhead show that the proposed approach outperforms multiple existing routing algorithms. Moreover, the proposed algorithm is validated and verified in terms of security functionality against any attacks.


I. INTRODUCTION
In this era of 5G and IoT, cognitive radio (CR) technology is being considered one of the emerging technologies that enables open spectrum sharing for 5G. This promising technology can satisfy the strict spectrum requirement of 5G networks. CR is reconfigurable and adjustable which make it suit different environment characteristics [1]. In cognitive radio networks (CRNs), two types of users exist: unlicensed users, referred to as secondary users (SUs), and licensed The associate editor coordinating the review of this manuscript and approving it for publication was Amjad Mehmood . users, referred to as primary users (PUs). The SUs can access the PUs spectrum channels when the PUs are inactive [1], [2].
As mentioned in [3], [4], physical and data link layers' issues, mainly spectrum sensing and interference avoidance, are the current main areas of research about cognitive radio. Finding the best path(s) between any two nodes becomes an essential step in CRNs because of the nature of the CR technology, which permits unlicensed users to access the frequency bands of the licensed users, taking into consideration that they do not interfere with the licensed users. The spectrum access strategies have some features such as their dynamicity and flexibility, which make it a pressing need for designing communication approaches and schemes that discover and use the spectrum holes. With this method, the interference between the communicating nodes will be minimized, the contention on channels will decrease, and the average channel efficiency will improve. Routing in CRNs is different from the traditional routing protocols due to several challenges. These challenges are related to two factors: the CR technology itself and the environment where the CR is applied. The former influences the dynamic changes of the spectrum availability and the instable behavior of spectrum users, while the latter influences the resources' heterogeneity and the ability of synchronizing the different spectrum users. Thus, applying the traditional routing protocols used in the ad-hoc networks in the CRNs will result in a poor network performance in terms of higher end-to-end delay, less packet delivery ratio, more packet loss ratio, and low throughput.
Many security attacks (both passive and active) can target the CRNs, especially during the spectrum sensing phase in multiple ways. Firstly, the radio technology itself can be attacked since any radio frequency can be blocked or jammed when nodes transmit adequate signals at the same frequency with enough power. Secondly, the absence of the control over the unlicensed users' behavior threatens the security of the licensed users. Therefore, while designing routing algorithms or protocols for CRNs, security must be enhanced in two ways. The first is by making sure that the routing algorithm or protocol itself is secure, that is, securing the route establishment, route maintenance, and data forwarding processes by applying cryptographic encryption to the different messages transmitted over the available routes. The second way is by using security as a routing metric to find the best path(s) that contain(s) the best secure nodes which, to the best of our knowledge, has not been applied in the CRNs to date.
In this paper, which is an extension of our previous work in [5], [6], nodes' behavior during the spectrum sensing phase is analyzed to propose a compound secure routing algorithm used in the spectrum management phase. It uses the nodes' belief level (BL), which measures the level of security of the nodes' behavior during the spectrum sensing phase. The proposed routing algorithm combines security (nodes' BL) as a routing metric with two other routing metrics, which are the probability of PU presence and channel cost in terms of delay. In the proposed algorithm, we rely on two key-cryptographic methods: the public-key and symmetric-key cryptography. These two cryptographic methods are used to encrypt/decrypt the messages transmitted during the route establishment, route maintenance, and data forwarding phases. Therefore, these cryptographic methods prevent any malicious node from eavesdropping on these messages, from altering them, and/or from participating in the packets routing over the network. The objective of the proposed approach is to build secure routes that contain trusted nodes only, which would enhance the network performance in terms of end-to-end delay, packet delivery ratio, packet loss ratio, and routing overhead.
The main contributions of this paper and the characteristics of the proposed approach can be summarized as follows: • To the best of our knowledge, this work is the first to consider security as a routing metric in the CRNs. In the proposed approach, security covers two disciplines: providing resources' access to secure nodes only and securing the message exchange process over the network. By doing so, we secure the network paths, thereby enhancing the network security and performance implicitly.
• To the best of our knowledge, this work is the first to combine the spectrum sensing and the spectrum management phases in the CRNs. It uses the nodes' behavior during the spectrum sensing phase to find the best secure routes during the spectrum management phase.
• The proposed approach works as a proactive scheme to detect misbehaving nodes before the start of data transmission process.
• In the proposed approach, the best paths are found based on three different routing metrics combined: the nodes' BL, the probability of PU presence, and the channel cost.
• The three metrics used in the proposed routing approach have different weights for finding the best paths based on their effects on the routing process. The proposed approach focuses more on the nodes' BL, which is the main metric of the proposed routing algorithm.
• The proposed approach has the ability of adapting any changes in the licensed users' activity over the network, which is being implemented by considering the probability of the PU's presence to be a routing metric. Hence, the available routes will be more stable, which would make the proposed approach more reliable.
• The proposed approach considers the issues happening at the different layers of the OSI architecture, that is, it is a cross-layering approach. It considers the channel status and the PU's activity at the physical and data link layers, which affects the routes establishment at the network layer. Therefore, it implicitly minimizes the time needed for route(s) establishment and reduces the maintenance cost.
• The proposed algorithm is evaluated from different perspectives: its security functionality, its correctness, and its performance. This proves that it is secure against attacks and outperforms other approaches. The rest of this paper is further organized into six additional sections. Section II presents a literature review. In Section III, the proposed scheme is shown in detail. A case study is presented in Section IV. In Section V, the performance of the approach and evaluation results are presented, which show the efficiency of the proposed routing algorithm as compared with other algorithms/protocols. The proposed algorithm is validated and verified in Section VI. The paper is concluded in Section VII.

II. RELATED WORK
Two different routing infrastructures are used in conventional networks: single-hop infrastructure and multi-hop infrastructure [6]. In the single-hop infrastructure, there is only one VOLUME 8, 2020 single path that exists between any two communicating nodes in the network. This single path is used for packets transmission between the communicating nodes. Its main advantage is that the routing tables are simpler and the packets flow smoothly. However, the single-hop infrastructure is not faulttolerant. In other words, if any failure occurs in the network, the nodes become unreachable, and messages transmitted to them are dropped and not sent successfully. This is its main drawback. On the other hand, the multi-hop infrastructure is fault-tolerant because of the availability of multiple paths between any two communicating nodes. If any failure occurs in the network, the packets still have the chance of being sent successfully to their destination because of back-up paths that can be used for message delivery. The main drawback of multi-hop infrastructure is its complicated implementation that makes the routing tables much bigger. Both the infrastructures can be applied in CRNs. They can use the classical routing metrics such as delay, hop count, distance, or power consumption [7]. New routing metrics that have been introduced based on the CRN characteristics such as spectrum availability, SU interference, or route stability can also be used to find the best routes [8].
The end-to-end delay is a routing metric used in the classical networks. Many factors affect the end-to-end delay, such as queuing delay, transmission delay, and channel switching time. The authors of [9] proposed a spectrum-aware routing scheme for infrastructure-based CRN called SAAR. This scheme uses statistical information about the network to find the quality of any path routing for each network node. The time required to change the channel and the back-off delay caused by the contention between the different nodes are used to develop another routing metric in [10]. In [11], the authors find the optimal path between any nodes based on various metrics such as delay, channel availability, and the probability of PUs' interference. The main drawback of such protocols is that they may not be practical if cognitive nodes do not follow protocol's presumptions. The time required to change the channel is proportional to the difference between the initial and final channels. The queuing delay has been taking into consideration with the previous concepts of delay by proposing another routing algorithm in [12], [13]. In [14], a routing algorithm called SEARCH, which uses the delay as a routing metric, is proposed. It applies the end-to-end delay as a routing metric, which includes the cost of switching channels and the delay over each channel. In [15], the authors proposed another routing protocol called spectrum aware opportunistic routing (SAOR). It relies on a routing metric called the opportunistic link transmission (OLT) that uses three delay concepts: link transmission delay, packet queuing delay, and link access delay. The authors in [16] proposed a routing protocol that relies on location information and channel usage statistics. It uses a routing metric called cognitive transport throughput (CTT), which represents the potential relay gain over the next hop. Another routing protocol called DORP [12] proposes a delay aware routing metric. It considers different types of delays, such as queuing delay, switching delay, and back-off or medium access delay, in finding the best path(s). The path with the minimum combined delay value is selected for routing.
Another routing metric that is widely applied in different routing algorithms is the hop count. The hop count is used as a routing metric in Ad Hoc On-Demand Distance Vector protocol (AODV) [17], Cognitive Ad Hoc On-Demand Distance Vector protocol (CAODV) [18], and Spectrum Aware Mesh Routing (SAMER) [19] routing protocols. In AODV or in CAODV, which is an adapted version of AODV for CRNs, the regions that have active PUs are eliminated during the route establishment and data forwarding phases; therefore, the best path is the one that has no active PUs. SAMER protocol utilizes available spectrum blocks by routing data traffic over paths with higher spectrum availability; therefore, the best path is the one that has the highest spectrum availability. The authors in [20] proposed an on-demand routing scheme called split multi-path routing (SMR). It establishes different paths between any two network nodes, wherein one of these paths has the shortest delay path. An on-demand node-disjoint routing algorithm (NDMR) is proposed in [21]. It builds different node-disjoint routes with a low routing overhead. Differential queue backlog is used as a routing metric in [22]. It is applied to achieve throughput efficiency by proposing a distributed medium access control algorithm. In CRNs, the transmission delay time is affected by many factors such as the data transmission time, spectrum sensing time, and presence of PU over its channels. In contrary, such factors may also affect the network security, as a malicious node can emulate a PU in order to lower the network performance [23], [24].
Power consumption is considered to be a routing metric in many routing algorithms. If the power consumption-based routing algorithm is applied in CRNs, then the best path is the one that uses less power for packets transmission. Another routing protocol, namely MP-JSRA, is proposed in [25]. It uses the lowest Data Transmission Cost (DTC) as a routing metric. The mobility cost and the interference cost to the other network nodes, including PUs and Sus, are the two factors used to find the lowest DTC, which is then used to find the best route. The authors in [26] proposed an energy harvesting routing model for multi-hop CRN. This model used Q learning with Reinforcement Learning (EHR-QL) to find optimal paths. Another routing protocol, namely LAUNCH, is proposed in [27]. It uses multiple routing metrics: PU activity, switching delay, and location information, as routing metrics. The authors in [28]- [30] studied routing algorithms for energy harvesting in multi-hop wireless networks. The main drawback of such protocols is that they consume a large amount of router resources, as each node must keep track of the network global state. The proposed scheme in [30] focuses on minimizing the probability of an outage in an energy harvesting multi-hop CRN by considering the joint power allocation and routing selection. The best route path is selected based on The Bellman-Ford algorithm and Dijkstra's algorithm.
Many cryptographic security frameworks for data mobility or nodes transmission have been proposed in several environments such as MANETs, VANETs, UAVs, WMNs, and WSNs [31]- [34]. Such frameworks cannot be directly applied in CRNs because of their unique individuality. Additionally, these current cryptographic techniques increase the transmission delay, which may lead to an increase in the communication and storage overhead. In CRNs, nodes identity verification can be done using trust-based approaches [35]- [39]. General cryptographic algorithms such symmetric key and public key can be used in CRNs. Trust-based approaches improve the network security without affecting the network delay and communication overhead. However, such trust-based security methods in CRNs are still developing. Therefore, a new trust-based method is proposed in this paper, which uses trust values to develop a secure routing protocol.
The main limitation of the previous work is that none of them has considered security a routing metric. Security has been investigated in detecting nodes that degrade the network performance. Existing solutions are reactive approaches, wherein nodes are detected after they start their malicious behavior during the data transmission phase. The major scientific novel contribution of this paper is using security as a routing metric to find the best secure paths for data transmission between the different network nodes. Security in the proposed routing algorithm relies on nodes' behavior during the spectrum sensing process. Therefore, the proposed approach works as a proactive solution, as it can identify the misbehaving nodes during the spectrum sensing phase and before the data transmission phase starts. The main goal of the paper is to provide efficient and secure spectrum sensing scheme for better data transmission and secure spectrum management. All routing algorithms differ from each other in the routing metric used, the environment where the protocol is applied, and the performance.
The main difference between our proposed routing algorithm and the previously mentioned routing algorithms or protocols is that ours is the first work that uses security as a routing metric in CRNs, combines the spectrum sensing and the spectrum management phases, and has better performance measures as compared with other routing protocols in terms of end-to-end-delay, packet delivery ratio, packet loss ratio, and routing overhead. Moreover, to the best of our knowledge, the proposed routing algorithm is the first to be validated in terms of security functionality in CRNs.

III. THE PROPOSED APPROACH
In this section, we have shown the network model, the general assumptions applied to our proposed approach, as well as the proposed routing algorithm in detail.
A. PREFACE Figure 1 shows the system model, which is a network of M secondary users (SUs) grouped into L different clusters based on their geographical locations as in [40]. One central point called fusion center (FC) controls the traffic over the network and manages the communication in the network clusters. In each cluster, the FC selects the node that has the highest BL as a cluster head (CH). More details on the clustering method, CH selection method, and its constraints can be found in [41]. We assume that the CH cannot become malicious once selected.
The nodes' BL measures the degree of security of the nodes' behavior during the spectrum sensing phase. The attacker model and capability are like the one that we proposed and used in [42], wherein the node may behave in a malicious, misbehaving, cheating, and/or selfish way to launch different attacks such as PUEA, SSDF, DoS, and objective function attack.
An initial moderate BL of value equal to two is assigned to each node at the joining time. We assume four categories of trust, and the BL has a range of [0-4] based on these categories of trust as following: As each node is assigned an initial moderate BL of value equal to two, it is in the ''Trusted'' category. The cooperative spectrum sensing is done as in [43], wherein all the cluster nodes sense the spectrum, make a decision about the PU presence/absence and forward their decision to the other nodes. Upon reception of the sensing decision from other neighboring nodes, each SU prepares a report called sensing-reputation report (described in Section III b) and sends it to the CH.
We have developed a hybrid routing algorithm that uses security (nodes' BL) combined with other routing metrics to VOLUME 8, 2020 find the best path(s) between any two communicating nodes in a cluster. The proposed routing algorithm considers three metrics: channel cost in terms of delay, probability of PU presence, and node's belief level. The proposed approach has an objective function-to maximize the node's belief level, simultaneously minimizing the PU's presence probability and channel cost. The messages sent between the different network nodes during the spectrum sensing phase and spectrum management phase are encrypted by using the symmetric-key cryptography. Symmetric key has many advantages; it is straightforward, occupies less memory, uses less memory, and utilizes less power. Preventing misbehaving sensing nodes from participating in the spectrum sensing phase and accessing the network helps to fairly allocate and manage the network resources. Consequently, the spectrum security and utilization are increased. Public-key cryptography is initially used to encrypt the messages sent between the joining node and the authenticating node. Once a symmetric key is shared between the joining node, the FC, and the CH, all the messages from then on are encrypted by this symmetric key. The symmetric key can be assigned to each node during the node's authentication process which can be achieved as in [41]. During the spectrum sensing and the spectrum management phases, each node uses the same key for encrypting and decrypting the messages transmitted.

B. MONITORING NODES' BEHAVIOR IN SPECTRUM SENSING
In each cluster, each node senses the spectrum to find any unused spectrum channels. The sensing method used is the energy detection technique [43], wherein each sensing node uses its sensing information to make the initial binary decision about the presence/absence of PU in its reserved channel(s). Each sensing SU compares the pre-known information about the PUs' signal (such as signal power threshold and modulation type) with the sensing signal recorded over a specific PU's channel in order to avoid malicious nodes that emulate PUs. If the signals do not match, the sensing SU decides that a malicious node is emulating PU; therefore, the sensing SU sends a broadcast message to notify all the cluster nodes. However, if they match, the sensing SU decides that a real PU is present in its spectrum channels. If no signal is received over the sensing channel(s), the sensing SU decides that no PU is present, and that the spectrum can be used.
The spectrum sensing process is a periodic process, that is, it is carried over multiple sensing rounds. We assume that each sensing round is carried over 200ms. Therefore, every sensing node must finish sensing within the sensing round as at every sensing round, each sensing SU saves its sensing decision in a parameter called sensing result (SR) and forwards it to its neighbors. Meanwhile, each sensing SU receives the SR(s) of its neighbors. Then, each sensing SU monitors the behavior of its neighboring nodes during the spectrum sensing phase by comparing its own SR with the received SR from its neighboring node(s). If they match, the sensing SU decides that the behavior of its neighboring node(s) is ''GOOD''; otherwise, it is ''BAD.'' Finally, each sensing SU prepares a report called the sensing-reputation report and forwards it to the CH. The sensing-reputation report has the following format and information: Reporting Node ID (RG) || SR RG || Reported Node ID (RD) || Opinion, where SR RG is the sensing result of the reporting node, which is either 0 (i.e. ''Free'' spectrum) or 1 (i.e. ''Occupied'' spectrum), and Opinion is about the reported node (RD), which is either 0 (i.e. ''BAD'' node) or 1 (i.e. ''GOOD'' node).
The CH collects the sensing-reputation reports sent by the different sensing SUs and analyzes them to make two decisions. The first decision is about the spectrum availability, and the second decision is about the behavior of each sensing SU. Then, the CH forwards the final decision about the spectrum availability to its cluster nodes, while the CH applies proper reward/penalty actions to the sensing SUs based on their behavior decision. A specific rule is applied by the CH to process these reports in order to make the decision about the behavior of the reporting and reported nodes. The general rule is K-out-of-N rule, wherein K users out of N users must have the same opinion in order to consider their opinion. In case the 50% K-rule is used, K is equal to N/2. We have proposed a new K-rule, where K represents the number of votes. Each cluster node is assigned a different voting weight based on its BL value. The following criteria are applied in order to find the value of K based on the four categories of BL mentioned before: • A node's decision is worth three votes if its BL value is in the range of 3 ≤ BL ≤ 4.
• A node's decision is worth two votes if its BL value is in the range of 2.5 ≤ BL < 3.
• A node's decision is worth one vote if its BL value is in the range of 2 ≤ BL ≤ 2.5.
• A node's decision is worth zero votes if its BL value is less than 2. Then, the CH updates the belief level of each node based on the number of the ''GOOD'' or ''BAD'' opinions received from the different sensing SUs. Each ''GOOD'' behaving node will be rewarded with an increase in its BL, and each ''BAD'' behaving node will be penalized with a decrease in its BL. The CH uses a parameter called Adjustment Factor (AF), which is calculated as shown in (1), and then adds it to the recent value of BL as shown in (2). The AF of a node represents the difference between the ''GOOD'' opinions and the ''BAD'' opinions sent by the reporting nodes about the reported node.
where G represents the number of nodes which decide that SU i is a good node, B represents the number of nodes which decide that SU i is a bad node, ∝ is the rewarding factor and β is the penalizing factor, N(BL SU b ) is the normalized belief level of the reporting node that sends a ''BAD'' opinion about SU i , and N(BL SU g ) is the normalized belief level of the reporting node that sends a ''GOOD'' opinion about SU i . We choose the rewarding factor and the penalizing factor, and as in real life, the penalty has more weight than rewarding. The AF value limits cannot be more than 4 or less than −4 because the BL range is between zero and four; therefore, the updated value of BL after adding the AF value should remain within the valid range. If AF value is more than 4, it will be set to 4, and if it is less than −4, it will be set to −4.
Each sensing node's BL affects the process of finding the value of AF; the higher the reporting node's BL, the greater the effect on the AF value. Once the final BL of each node is calculated, it is used as a routing metric combined with other routing metrics. If a node with a BL of 4 becomes malicious, the periodic sensing process, that is, the periodic voting of all nodes allows all affected nodes to detect this node as malicious, thereby decreasing its BL value; and all the nodes come to identify it as malicious, and it gets reported to the CH.

C. THE ROUTING ALGORITHM
The main objective of the proposed routing algorithm is to find the best path between any two communicating nodes. As mentioned earlier, the best next nodes have the highest BL, the lowest probability of PU presence, and the lowest channel cost will be forming the best path. The objective function of finding the best next node (BNN) for each node is found as in (3): where F(BNN ) is the function of the best next node, BL SU j is the next node's BL, P PU is the probability of PU's presence over next channel, and Cost ch is the cost of the channel between current node and its next node, which is the delay in our proposed routing algorithm. Algorithm I is showing the proposed routing approach step by step. All the parameters and the functions used to implement the algorithm are initially defined. The algorithm starts when every CH sends the following information to its cluster nodes: the BL of their next node(s), the channel(s) cost, and the probability of PU presence over those channels. Then, each current cluster node (SU i ) uses the BL of its next nodes(s) to find the inverse BL as BL inverse SU j = 1/BL SU j . Those inverse BLs along with the channel(s) cost and the probability of PU presence over those channels are saved in a table called Next Nodes Information (NNI) as shown in Table 1. Each node (SU i ) has its own NNI table that the node uses

Algorithm 1 The Routing Algorithm
Parameters: M : the set of SUs. X : a subset of M that represents the next nodes of the current node. K : a set of Channels. Cost ch : the Channel's cost. SU src : the source node. SU des : the destination node. SU cur : the current node. SU next : the next node. SU best : the best next node. K cur →next : the channel between the current node and its next node. Cost K cur →next : the cost of the channel between the current node and its next node. BL inverse Node : the node's inverse BL. P PU : the probability of PU's presence. V SU : the calculated value in the objective function. Next Nodes Information (NNI) Table: a table maintained by the current SU, which includes information about its neighboring (next) nodes: Node ID, Inverse BL, Channel Cost, and Probability of PU Presence. Save (Inverse BL, Channel Cost, and Probability of PU Presence): a function applied by the current SU to save the information of its next nodes in NNI. BPath(BNN ) : a function that builds the best path between any two nodes by appending the best next node of each node in the path. 1. If the current node has multiple nodes as BNN, i.e. multiple nodes have the same V SU next :

Initialize
• The current node chooses the neighboring node that has MIN (BL inverse SU next ). • If multiple nodes have the same BL inverse SU next , the current node chooses the neighboring node that has MIN (P PU ).
• If multiple nodes have the same P PU , the current node chooses the neighboring node that has MIN (Cost K cur→next ).
• If multiple nodes have the same BL inverse SU next , P PU , and Cost ch cur→next , the current node chooses any of the neighboring nodes. 2. If P PU over a channel is equal to 1, this channel is eliminated from the routes' establishment. to find its best next node among its different neighboring nodes. Then, every (SU i ) arranges its neighboring nodes according to each parameter in an ascending order by using the Sort (Parameter) function. After that, every (SU i ) applies the weight coefficient of each parameter to the nodes' order in order to find a value called V SU j , which will be used to find the best next node. The objective function, as shown in (4), is used to find the best next node. According to the objective function, the best next node is the node that has the smallest V SU j . Finally, all the best next nodes are appended together to form the best path.
Each metric has a weight coefficient that represents how much important the metric is in finding the best path. We have defined the following weight coefficients: • µ is the weight coefficient of the BL parameter and equals to 0.5.
• ε is the weight coefficient of the channel cost parameter and equals to 0.2.
• ϑ is the weight coefficient of the probability of PU presence parameter and equals to 0.3. The values of weight coefficients were selected to satisfy the main objective of the routing algorithm-to use security as a routing metric. Therefore, the BL value has the highest priority (i.e. its weight coefficient has the highest value) followed by probability of PU presence, and finally the channel cost. The sum of these weight coefficients equals to one (i.e. µ + ε + ϑ = 1).

D. COMPLEXITY ANALYSIS
In this section, the complexity of the proposed routing algorithm is discussed including the sensing phase. The complexity is evaluated in terms of the communication overhead (i.e. the number of messages exchanged) and storage overhead (i.e. memory usage). First, for the communication overhead, the messages are exchanged between all sensing nodes and the CH. Sensing-reputation reports are sent by each cluster sensing node to its CH. The neighboring nodes' information are forwarded by the CH to each cluster node, which in turn saves this information in the NNI table. Supposedly, if we have a cluster of N SUs, and each SU has certain neighboring nodes denoted by 'M ,' then number of messages exchanged by sensing nodes to their CH can be given approximately as N * M , where N is the number of messages CH sends which is equal to number of SUs. Therefore, the total messages exchanged can be given approximately as N * M + N , which is a complexity of second order (≈ O(N 2 )).
Second, with respect to the memory usage, N * N entries of memory are required by each CH to store all the cluster nodes' information, where N is number of SUs in the cluster. On the other hand, M entries of memory are required by each cluster node to save its neighboring nodes' information, where M is the number of the neighboring nodes of an SU. Hence, the total memory usage can be represented approximately as N * N + N * M, which is a complexity of second order (≈ O(N 2 )). The memory utilization in addition to the processing time at the CH level would increase if the number of SUs in the network raises.

IV. CASE STUDY
In this section, we have presented a case scenario in order to show how our proposed routing algorithm works. Figure 2 shows the network scenario. In Table 2, each node's information is shown: its ID, its BL, its neighbors, the channel cost, and the probability of PU presence over each channel, with the assumption that there is at least one channel between each two SUs. We assume that SU 0 is the source node and SU 18 is the destination node, therefore the best path(s) will be found by applying our proposed algorithm. According to the proposed algorithm, each node will first find its best next hop, and then each next hop is added to a list that contains all best next nodes. When these nodes accumulate in the list in this manner, the best path is formed.
At the source node (SU 0 ): The source node, SU 0, has two neighboring nodes: SU 1 and SU 2 . It must choose either one as its next node. The source node, SU 0, performs the following calculations based on the routing algorithm:  According to the objective function and the routing algorithm, the best next node is the node that has the smallest V SU j , therefore; the source node, SU 0, chooses SU 2 as its best next hop.
The best path includes SU 0 →SU 2 At SU 2 SU 2 has three neighboring nodes: SU 4 , SU 5 , and SU 6 . It must choose one of them as its next node. Hence, SU 2 does the following calculations based on the routing algorithm: According to the objective function and the routing algorithm, the best next node is the node that has the smallest V SU j , therefore; SU 2 chooses SU 5 as its next hop.
The best path includes SU 0 →SU 2 →SU 5 At SU 5 SU 5 has four neighboring nodes: SU 7 , SU 8 , SU 9 , and SU 10 . It must choose one of them as its next node. Hence, SU 5 does the following calculations based on the routing algorithm: According to the objective function and the routing algorithm, the best next node is the node that has the smallest V SU j , therefore; SU 5 chooses SU 8 as its next hop.
The best path includes SU 0 →SU 2 →SU 5 →SU 8 At SU 8 SU 8 has two neighboring nodes: SU 11 and SU 12 as its next node. It must choose either one as its next node. Hence, VOLUME 8, 2020 SU 8 does the following calculations based on the routing algorithm: According to the objective function and the routing algorithm, the best next node is the node that has the smallest V SU j , therefore; SU 8 chooses SU 11 as its next hop.
The best path includes SU 0 →SU 2 →SU 5 →SU 8 →SU 11 At SU 11 SU 11 has three neighboring nodes: SU 13 , SU 14 , and SU 15 . It must choose one of them as its next node. SU 11 does the following calculations based on the routing algorithm: According to the objective function and the routing algorithm, the best next node is the node that has the smallest V SU j , therefore; SU 11 chooses SU 13 as its next hop.
The best path includes SU 0 →SU 2 →SU 5 →SU 8 → SU 11 →SU 13 At SU 13 SU 13 has two neighboring nodes: SU 16 and SU 17 It must choose either one as its next node. Hence, SU 13 does the following calculations based on the routing algorithm: According to the objective function and the routing algorithm, the best next node is the node that has the smallest V SU j , therefore; SU 16 and SU 17 are both the best next node for SU 13 . However, SU 13 must choose one of them. In this case, the cluster node that has a higher BL is chosen as the next node, therefore; SU 16 is selected as the next node of SU 13 .
The best path includes SU 0 →SU 2 →SU 5 →SU 8 → SU 11 →SU 13 →SU 16 At SU 16 SU 16 has one neighboring node only which is SU 18 . Therefore, it is the next node for SU 16 .
The best path is SU 0 →SU 2 →SU 5 →SU 8 →SU 11 → SU 13 →SU 16 →SU 18 Hence, the route shown above is the best and secured route, which guarantees that no adversary node can overhear or alter. If a message is sent over this route, the nodes in the route should forward the message to its next hop with no problems assuming that the channels are free of error prone.

V. PERFORMANCE EVALUATION A. PERFORMANCE METRICS UNITS
We have evaluated the performance of our proposed approach by considering multiple performance metrics. The proposed routing algorithm is simulated in three different networks, each of which has a different number of SUs. Then, we compare the performance of our proposed approach with three other routing algorithms in terms of different metrics: • Average end-to-end delay (measured in seconds) represents the total time needed for a packet to be received by the destination node after it has been generated at the source node.
• Packet delivery ratio measures the ratio of the number of packets received by the destination node to the number of packets generated by the source node.
• Packet loss ratio measures the packets that have been generated and transmitted by the source node, but not received by the destination node.
• Routing overhead measures the ratio of routing packets to the total number of packets sent over the network. It is worth mentioning that we considered both packet delivery ratio and packet loss ratio as a packet considered lost if it was delivered after its deadline; therefore, packet loss ratio gives us indications if attacks are delaying the delivery of packets, which, in turn, helps in identifying such nodes, thereby helping in mitigating attacks.

B. SIMULATION ENVIRONMENT SETUP
We simulated our routing algorithm in the QualNet environment and analyzed the results through MATLAB. We simulated our proposed approach under two different simulation scenarios. Tables 3 and 4 show the simulation parameters used referring to [41]- [45]. In the first simulation scenario shown in Table 3, we compared our proposed routing algorithm with three different state-of-the-art routing algorithms used in CRNs: COADV [18], SEARCH [14], and LAUNCH [27]. In the second simulation scenario shown in Table 4, we compared the proposed approach with two other routing protocols: DORP [12] and AODV [17]. Note that we did not simulate the other routing algorithms; we just used their results as shown in their research papers. The rationale behind using these previous mentioned routing algorithms in the comparison with the proposed approach is to compare their general performance regardless of the routing metrics used in each.

C. NUMERICAL RESULTS AND PERFORMANCE COMPARISON
This section shows the performance comparison between the proposed routing algorithm and five other routing algorithms listed before: CAODV, SEARCH, LAUNCH, AODV, and DORP.  The comparison between the end-to-end delay in our proposed algorithm and CAODV is illustrated in Figure 3. It is depicted that the relation between the end-to-end delay and the number of SUs in the network is an inverse relation. In other words, as the number of SUs increase, the end-to-end delay decreases in both the approaches. However, in our proposed approach, it decreases more than that in CAODV; therefore, our proposed routing algorithm outperforms the CAODV routing algorithm. The end-to-end delay in our proposed routing algorithm is improved by up to 60% when the number of SUs is equal to 100. The reason that the endto-end delay decreases with the increment of number of SUs is because having more SUs increases the chance of having more paths; therefore, the packets will be re-routed if one path is congested or unavailable. Figure 4 illustrates the comparison between the end-to-end delay in our proposed approach and the two other routing algorithms, SEARCH and LAUNCH. As the relation between the number of SUs in the network and the endto-end delay is inverse, incrementing the number of trusted SUs decreases the end-to-end delay since more nodes in the network increases the number of paths. Our proposed algorithm outperforms the other two routing approaches, as secure nodes forward packets to their next hop without delaying/dropping them. It is depicted in the figure that the end-to-end delay is improved by up to 41% and 74% as  compared with that in LAUNCH and SEARCH protocols, respectively.
In Figure 5, we have compared the packet delivery ratio in our proposed approach to the CAODV routing protocol. Moreover, the packet loss ratio in our proposed approach is compared with SEARCH and LAUNCH protocols, as illustrated in Figure 6. It is clear from Figure 5 that the relation between the packet delivery ratio and the number of SUs in the network is proportional. In other words, the packet delivery ratio increases with the increment of the number of trusted SUs in the network, as multiple routes exist. The packet delivery ratio reaches a higher value in our proposed routing algorithm. It can reach up to 95% using our proposed approach as compared with that in CAODV. On the other hand, Figure 6 illustrates the comparison between the packet loss ratio in our proposed routing algorithm and the two other routing algorithms, LAUNCH and SEARCH. In this simulation scenario, more SUs were implemented to measure the  packet loss ratio, as well as the scalability of the three routing algorithms. It is depicted that the three routing algorithms are scalable and can work fine with higher number of SUs; however, our proposed routing algorithm performs better than LAUNCH and SEARCH. The packet loss ratio drops quickly when more trustworthy SUs take part in forwarding the packets over the network. For example, when the number of trusted SUs is equal to 100, the packet loss ratio is equal to 100%, 80%, and 70% in SEARCH, LAUNCH, and our proposed approach, respectively. Our proposed routing algorithm succeeds in obtaining the minimum packet loss ratio as compared with those in SEARCH and LAUNCH, which reveals that our proposed approach overtakes the SEARCH and LAUNCH routing algorithms.  The routing overhead in the proposed approach is compared to that in CAODV, SEARCH, and LAUNCH routing algorithms in Figures 7 and 8. In Figure 7, the routing overhead is measured as the ratio of the routing packets to the total number of packets sent over the network. It is illustrated that as the nodes have more channels for sending more routing requests, the routing overhead decreases when the number of available channels increase. Our proposed approach outperforms the CAODV and keeps the routing overhead at a minimum ratio as compared to that of CAODV. In Figure 8, the routing overhead is measured in terms of number of packets routed over the network. Despite the increment of routing overhead with the increase of the number of SUs, our proposed approach has a lower routing overhead as compared to that of SEARCH and LAUNCH routing algorithms. Figure 9 compares our proposed approach with DORP and AODV in terms of the packet delivery ratio. It is clear from the figure that the packet delivery ratio decreases when more malicious nodes are present in the network. However, the packet deliver ratio in the proposed approach is better than that of the DORP and AODV algorithms because the routes contain only normal-behaving nodes; nodes that have lower belief level are excluded. Our proposed approach achieves up to 11 times better packet delivery ratio than DORP and AODV algorithms when 60% of the network nodes misbehave. Figure 10 compares our proposed approach with DORP and AODV in terms of the end-to-end delay. It is clear from the figure that the end-to-end delay increases when more malicious nodes are present in the network. However, the endto-end delay in the proposed approach is better than that in DORP and AODV algorithms because the routes contain only normal-behaving nodes; and nodes that have lower belief level are excluded. Our proposed approach achieves up to 5 times less end-to-end delay than DORP and AODV algorithms when 60% of the network nodes misbehave.
In Table 5 and Table 6, we have compared our proposed approach to the COADV, LUANCH, SEARCH, DORP, and AODV routing algorithms in terms of the routing metrics used and the characteristics supported by the protocols. Table 5 summarizes the routing metrics used in the other routing protocols (SEARCH, LAUNCH, COADV, DORP, and AODV) as compared with our proposed approach. It is depicted that the different routing algorithms merge several routing metrics to accomplish various objectives of discovering the best routes; however, they did not think about security to be a routing metric. Therefore, their algorithms are vulnerable to attacks, and they do not properly work in case adversary nodes participate in routes establishment. On the other hand, our proposed solution uses security as a routing metric; thus, adversary nodes are identified and eliminated from participating in routes establishments. This behavior enhances the routes' reliability. In Table 6, we compare the different  routing algorithms based on different characteristics that they can support. These characteristics are as follows: • Centralized/Distributed: in central routing algorithms, best routes are found based on the different network nodes' information that is collected by a central node, whereas in distributed routing algorithms, the different network nodes participate in finding the best network routes.
• Route Maintenance Support: represents the ability of the routing algorithm of modifying the paths in case of PU presence over the currently used channels.
• Mobility Support: represents the ability of the routing algorithm of considering the mobility of Sus in the network.
• Common Control Channel: represents the routing algorithm requirement of having a predefined channel known to all network nodes, which is used to forward the routing packets.
• Secure Routes: shows if the different routes are secure, as well as if the security is considered in finding the best paths.
It is depicted from the tables below that most of the characteristics are supported by all the routing protocols support and on contrary they lack some of them; however, all of these characteristics are supported by the proposed approach. Therefore, the proposed approach is proven to be a better choice to be applied in CRNs.

D. VERIFICATION THROUGH SCYTHER
We verified the correctness of our routing algorithm by using a well-known verification tool, namely Scyther [46]. Scyther is a verification tool that can check the existence of any attack that might negatively affect the correctness of the routing protocol. Scyther can detect the occurrence of many attacks such as man-in-the middle, sybil, PUEA, SSDF, and others. Figure 11 shows the verification process. Our routing algorithm is secure, and none of the aforementioned attacks can eavesdrop on messages sent between the reporting node and the CH. Moreover, the security level of the proposed approach can be depicted from the '' comments'' column that shows ''no attacks,'' which means that the sensing-reputation reports are sent and received safely by the reporting node and the CH repitively. Consequently, we are able to infer from the verification process applied to our proposed routing approach that the routing approach is ffective in improving the packet dilevery ratio with effectively no overhead on the CH. The repititive formal verification of the proposed routing algorithm provided useful insights of the routing algorithm during its developing time and helped in the approach development indeed.

VI. CONCLUSION
Spectrum scarcity problem can be overcome with effective CR technology. Spectrum sensing is the initial important phase of exploiting unused spectrum bands. However, as the presence of adversary nodes can make the spectrum sensing results ineffective, investigating the reliability of sensing nodes becomes more important. Therefore, security of the sensing nodes must be taken into consideration before data is routed over the network. To build secure routing protocols/algorithms, the nodes' behavior during spectrum sensing is important and must be analyzed. Effective and secure routing algorithms enhance the network performance and increase network reliability. Current routing mechanisms in CRNS do not consider security to be a routing metric. They focus more on securing the routes of message exchange, which is important; however, counting security as a routing metric is more important to prevent malicious nodes from targeting the networks, thereby degrading the network performance. In this paper, we proposed a routing algorithm that combines the spectrum sensing and spectrum management phases. The routing algorithm uses security as a routing metric combined with other metrics relying on nodes' behavior during the spectrum sensing phase to manage the spectrum access. The proposed approach aims to find secure paths that consist of trusted sensing nodes only, which VOLUME 8, 2020 enhances the network performance in terms of end-to-end delay, packet delivery /loss ratio, and routing overhead. The simulation results showed how the proposed approach outperformed other routing models. It improved the network performance measures, which increased the network security, and implicitly enhanced the spectrum utilization and the network throughput. As a future direction, the proposed approach can be used in IoT-constrained devices that can be used smaller networks for faster responses.