Reputation-Aware Relay Selection With Opportunistic Spectrum Access: A Blockchain Approach

The highly dynamic nature of cognitive radio (CR) systems and their stringent latency requirements pose a significant challenge in the realization of efficient intelligent transport systems (ITS). In this paper, we investigate relay selection and opportunistic spectrum access in conjunction with blockchain technology in a secure manner. Specifically, we propose a cross-layer method for secure relay selection, where secondary relays (SRs) are granted access to available spectrum bands based on the balance of their respective virtual wallets. These virtual wallets, which are built based on the SRs' secrecy capacity and their behavior in the network, are the predominant factors that allow SRs to participate in an auction model. To quantify the trustworthiness of the SRs, we formulate a mathematical framework to evaluate the trust value of each SR, which is then leveraged for rewarding or penalizing the SR. Also, we develop an offline blockchain framework to store the information of participating relays and make it available for future operations, to detect reputable and non-reputable relays in the presence of multiple eavesdroppers. The stored reputations of the participating relays are used to develop a self-learning algorithm to exclude the non-reputable relays from the selection group. Finally, we present thorough numerical results to demonstrate the superiority of the proposed system in terms of security, credibility, and integrity.

exposes them to potential security attacks. It is important to emphasize that security is one of the key challenges for future 6G networks. In conventional opportunistic CR networks, decentralized schemes are exploited to select trusted secondary users and allow them to transmit [4], [5].
In general, CR networks are considered a viable scheme for vehicular networks in which objects equipped with cognition make intelligent decisions by understanding both the social and physical worlds [6]. However, spectrum availability as well as data sharing and transferring among vehicles are critical for improving services and driving safety metrics, where the presence of malicious devices (MDs) further degrades network performance. Therefore, with the deployment of CR systems for vehicular networks, additional security-related issues arise, such as protecting the privacy of cooperating vehicles and identifying malicious CR-enabled vehicles that broadcast false spectrum sensing reports while driving [7]. Solving security problems in CR-VANETs is challenging because neighboring vehicles can change over time. In particular, it is difficult to detect a malicious vehicle while driving, which might send fake spectrum sensing reports, which requires rapid detection and correction. In doing so, blockchain technology has been introduced in CRN-based vehicle networks to prevent data alteration by these MDs and allow vehicles to track both legal and illegal activities in the network [8]. In particular, blockchain can provide strong security in CR networks by enabling secure dynamic access to the available spectrum and calculating the trustworthiness of participating users to effectively identify malicious users (MU) [9]. In addition, the decentralization feature of blockchain increases the security level more than traditional methods by guaranteeing that all CR network participants have a copy of the ledger to ensure complete transparency [10], [11], [12]. Thus, the problem of single-point-of-failure is prevented in a highly dynamic network, such as a CR-enabled vehicular network [13].
Because of the above characteristics, blockchain technology enables highly secure transactions, which is exactly what is missing in the current CR-based vehicular networks.
To the best of our knowledge, a framework that integrates the blockchain with other network layers, including the physical layer, in a CR scenario has not been studied in the open literature. It should be noted that the integration of the physical layer adds a new perspective to the design from the angles of complexity and reliability. Therefore, in our framework, we propose a novel cross-layer system design by integrating blockchain technology as an offline higher-level verification protocol for decentralized trust management, where we classify secondary users into reputable and non-reputable relays and use reputable ones as trusted reliable relays. The classification is based on the historical behavior of secondary users, which is quantified by the physical layer parameters in an opportunistic spectrum-sharing scenario. In particular, we introduce a payment-based algorithm via virtual wallets to grant spectrum access to unlicensed users. The auction model, where a given node is selected to leverage the available spectrum on a first-come-first-out (FIFO) basis, relies on the advertised price of each spectrum to grant unlicensed access. Transactions between licensed and unlicensed users, as well as all the information collected about the behavior of unlicensed nodes, are stored in blockchain ledgers. Therefore, the blockchain is responsible for validating and updating the virtual wallet of each node according to its historical behavior.

A. RELATED WORK
In this section, we highlight the state of the art in securing CR-based vehicular networks using conventional relay selection methods and a blockchain-based relay selection method to present the motivation for this work.

1) RELAY SELECTION IN VEHICULAR CR NETWORKS
Due to the inherently dynamic nature of vehicular networks, extensive research efforts have been devoted to developing relay selection mechanisms for CR vehicular networks [14]. In [15], the authors propose a buffer state-based relay selection procedure for cooperative cognitive radio networks (CRNs). The model proposed in [15] reduces the internetwork interference in the secondary (unlicensed) network. From a different perspective, the authors in [16] have presented an efficient relay selection scheme to enhance security in V2V wireless communications. The main objective in [16] is to increase the channel security and decrease the intercept probability.
In [17], the authors address the security of data transmission between the transmitter and receiver of a SU via a relay in a CRN when there are eavesdroppers. Their proposed method selects the best decode and forward (DF) relay among different relays to support the transmitter and maximize the achievable secrecy rate without compromising the PU. The authors in [18] presented an optimal scheme for power allocation and relay selection in a CRN to improve the transmission rate of SU transceivers over two-way relays. Their proposed scheme maximizes system throughput. They have demonstrated the efficiency of the model through numerical simulations and comparisons of performance under different operating conditions. The authors in [19] proposed an optimal power allocation scheme between the secondary transmitter (ST) and the secondary relay (SR) with the best relay selection for a two-hop cognitive DF relay network. They presented an optimal power allocation and relay selection considering the quality of service (QoS) of PU according to the joint consideration of the interference of ST and SR with PU. In [20], a trust-preserving relay selection scheme based on Dirichlet distribution was proposed to ensure that only trusted vehicles are selected as relays. The proposed scheme guarantees the confidentiality of the locations of the participating vehicles. It also uses pseudonyms and trust level criteria instead of explicit reputation values. In [21], the authors present a cognitive user emulation attack in a CRN that can be exploited by intruders during spectrum handover. They proposed a secure handover mechanism that can successfully defend the CR network by introducing a controlling cognitive user that calculates the trust level of each cognitive user based on its behavioral characteristics.
On the other hand, a spatiotemporal diversity-based mechanism has been evaluated to confuse eavesdroppers by sending fake data over relays/vehicles traveling on a multi-lane road through dynamic paths. Moreover, in [22], the authors presented a novel MTD framework to improve the channel secrecy capacity in a two-phase DF network. The approach to MTD proposed in [22] enables multi-dimensional spatiotemporal diversification of user traffic in a cooperative wireless network, preventing attackers from tracing the signal transmission pattern.

2) RELAY SELECTION SCHEMES BASED ON BLOCKCHAIN AND SPECTRUM SHARING IN VEHICULAR NETWORKS
In [8], [9], the authors propose a blockchain protocol that provides secure and dynamic access to the available spectrum. The system relies on a virtual currency, Specoins, as a metric to quantify the trustworthiness of participating nodes. The goal of the presented protocol is to prevent malicious users from accessing the licensed spectrum without paying for it. Specoins are used in the transactions to either reward miners for updating the blockchain or allow unlicensed users to lease the available spectrum. In [12], the authors presented a blockchain-based protocol for detecting spectrum in CR networks where malicious attacks are taking place. They proposed an accurate recognition strategy to distinguish authorized users from malicious ones. In particular, they exploited the digital signatures of all the nodes involved to identify reputable users. Moreover, in [23], the authors presented a new approach for secure spectrum management in CR networks using machine learning (ML) and blockchain algorithms. The proposed framework consists of three steps. First, spectrum discovery using the ML-based extreme learning machine (ELM) method. Second, using blockchain to securely allocate spectrum between unlicensed users. Finally, malicious users are identified and prevented from accessing the available spectrum resources. Moreover, blockchain technology has been used in [24] to validate the certificates required for vehicle authentication. In particular, a fully distributed vehicle admission/revocation scheme was proposed to improve network security via digital certificates. The proposed system performed vehicle registration, admission, and revocation in a decentralized manner using blockchain. The authors in [25] proposed a blockchain architecture for radio access networks to coordinate network access in a secure and decentralized manner. The results reported in [25] show that the proposed model is able to handle the rapid network variations and QoS requirements of users. In [26], the authors model a spectrum access coordination process as a call admission control optimization problem using a continuous-time Markov decision process (CTMDP). Spectrum access requests from opportunistic SUs are queued using a blockchain before they can access an idle spectrum. The parameters of CTMDP were applied to a feed-forward neural network to derive the optimal strategy for maximizing the rewards of the threshold policy for accepting SUs. In [27], the authors proposed a blockchainbased framework for dynamic spectrum access sensing. The proposed framework uses unlicensed users as miners to sense the spectrum. In particular, the authors assumed that the unlicensed users are responsible for mining and updating the idle spectrum. In [28], the authors proposed a cross-layer approach that optimizes the selection process for the best relay in a cooperative DF network, allowing only trusted relays to participate in data transmission. They used blockchain to store real-time information about participating users and their channels. They used throughput and bit error rate (BER) as evaluation metrics to demonstrate the effectiveness and efficiency of the presented approach. Finally, in [29], the authors presented a system for validating the exchanged messages in vehicular networks using the Bayesian inference model. Based on blockchain technology and roadside units (RSUs), each vehicle in the network is assigned a trust value based on the validation process of the miners and then stored in the chain. By implementing the proposed system, vehicles can evaluate the credibility of the received messages. However, the proposed solution assumes that all decisions are made online in real-time, which results in a high delay until the decision process is completed. These decisions are generated with a significant delay due to the dynamic message exchange protocol. Such delays have a negative impact on the performance of the wireless network. Authors in [30] proposed a tokenbased dynamic spectrum-sharing platform with blockchains and smart contracts. Their proposed platform improves efficient spectrum usage while enabling advertisement-and sensing-based dynamic spectrum sharing by primary users (PUs) and secondary users (SUs). They demonstrated the utility and performance of the proposed platform by developing it using the Ethereum blockchain and a set of wireless devices. Moreover, the authors in [31] have proposed a blockchainbased spectrum access mechanism for unlicensed spectrum in semi-decentralized wireless networks. Due to some access delay, their proposed spectrum access mechanism can be used for non-real-time data transmission and processing in cyber-physical-social systems (CPSSs). They also used mining on blockchains to solve spectrum conflicts. Finally, they proposed a blockchain-based KM protocol, which is a private chain, to achieve spectrum allocation and transaction recording on a network.
The above discussions are implemented entirely based on higher-level operations. In particular, lower levels are assumed to automatically adapt to changes offered by higher layers. Implementing these schemes in practical scenarios results in a significant overhead for the lower layers to recognize and support the decisions of the higher layers. Due to the lack of coordination between these layers, the research contributions discussed so far have not provided a comprehensive evaluation of network performance considering the parameters of multiple layers. Moreover, the interaction of higher and lower layers with the leverage of blockchain in CR networks has not been studied in the literature yet.
In this work, we tackle some of the shortcomings in the literature and provide a system configuration that guarantees trustworthiness in a CR vehicular network. Table 1 shows a comparative analysis of the researched literature indicating the main advantages and limitations in order to emphasize the main contribution of our work.
In particular, we develop a cross-layer design in order to realize secure CR networks. Such a design has not been proposed in the literature yet. Specifically, we integrate blockchain technology as an offline higher-level verification protocol for decentralized trust management, where we classify secondary users into reputable and non-reputable relays and use reputable ones as trusted reliable relays. The classification is based on the historical behavior of secondary users, which is quantified using the physical layer parameters in an opportunistic spectrum-sharing scenario. The cross-layer approach aims to handle computationally intensive transactions at the network layer without compromising the communication quality. To enable a self-learning system, the framework allows the non-reputable relays to improve their participation quality by sending them alerts. This procedure guarantees the trustworthiness of each relay in the network. Only the SR, whose trust value is above a certain threshold, is allowed to play the role of an active relay in the network.

B. CONTRIBUTION
In this paper, we propose a novel framework for reliable relay selection in CR vehicular networks. The proposed selection scheme enables real-time interaction between the physical and network layers by integrating a blockchain algorithm. The main contributions of the paper can be summarized as follows.
r Propose a solid cross-layer design, that is developed in order to realize secure CR networks, where we incorporate key performance indicators (KPIs) pertaining to the physical layer, network layer, and the cloud.
r Develop a relay selection mechanism based on the available balance of SRs' virtual wallets, which in turn depends on the channel secrecy capacity and the behavior of SR in the network.
r Implement an efficient auction model to identify reputable and non-reputable relays depending on the result of the historical behavior in the blockchain ledgers.
r Develop a self-optimized rewarding/penalizing scheme, to avoid internal attacks by revoking the non-reputable nodes. The rest of the paper is organized as follows. The detailed system model is presented in Section II. Section III. presents the traditional CR model characteristics. Section IV. presents the proposed blockchain framework to secure the CR network. Section V. illustrates the mathematical model supporting the best relay selection and trust values calculation. Section VI. presents simulation results and the paper is concluded in Section VII.  Throughout the paper, the used notations are summarized in Table 2.

II. SYSTEM MODEL
In this work, a blockchain-enabled cognitive radio (CR) vehicular network is adopted, as shown in Fig. 1. In particular, blockchain is used to improve the security of CR networks, where reputation-aware transmission is guaranteed while maintaining high-quality data transmission for primary networks. The proposed system is based on selecting reliable relays and allowing them to access the spectrum securely according to the framework shown in Fig. 1. This can be achieved by quantifying the confidentiality level of all relays and then using it as a criterion to decide whether each participating node should be rewarded or penalized. This approach is presented in two interrelated planes, namely the data plane (DP) and the controller plane (CP).

A. DP
The data plane is part of a network responsible for data transmission. It includes a primary vehicular network, a secondary vehicular network, and L eavesdroppers. The primary network consists of a primary base station (PBS) and N P primary users (PUs). The PUs exploit the licensed spectrum to communicate with their corresponding PBS. The secondary network, on the other hand, consists of K secondary relays (SRs) and K secondary destinations (SDs). The SRs opportunistically access the licensed spectrum with the PUs. Each SR is equipped with computing and sensing devices. Due to the broadcast nature of wireless networks, eavesdroppers might be able to overhear exchanged messages between nodes. Therefore, the proposed model examines the worst-case impact of L eavesdroppers on the reputation of the secondary relays.
Owing to the heterogeneity of the network, SRs are divided into two categories, namely, reputable and non-reputable relays. Specifically, if particular SRs are in the same range, they receive the same channel status information (CSI). If the signal received by a particular relay is different from that of its peers, that relay may be classified as non-reputable.
The operation of DP is illustrated in Fig. 2 in detail. It is worth noting that each relay (vehicle) in the CR network has a unique identity number (ID), which can be its MAC address. This ID contains the public and private keys of the corresponding relay, which are used for digital signatures and encryption methods. Based on Fig. 2 and Algorithm 1, we explain the main architecture of DP and the classification of relays below: r Each relay is associated with a virtual wallet that reflects its behavior on the network. Initially, these wallets are initialized based on the channel secrecy capacity of each SR [32]. Then, the values of the wallets increase or decrease according to the auction results, which is the basic step to determining the reputation of SRs. The auction model is explained in detail in Section IV-B.
r The wallets allow relays to participate in the auction algorithm. In particular, a relay with the highest balance in the wallet can rent the available spectrum.  compared with a certain threshold to be classified as high reputation (g 1 ) and low reputation (g 2 ).
r To evaluate the trustworthiness of SRs based on their historical behavior, the weighted accumulation approach is used as explained in Section V-C. However, the participating relays are rewarded or penalized for their participation in the mining process. The aforementioned information is stored in the communication awareness table (CAT), as explained in Section II-B.
r As a self-learning approach, the proposed model revokes the non-reputable relays after comparing their trust values with thresholds and sending them several warnings.
r Finally, all this information is uploaded to the CP and stored in blockchain ledgers to be ready for the following operation on the CP.

B. CP
The CP is responsible for managing trust values and detecting non-reputable relays. The CP consists of several control users (miners); a minor can be any relay of the available SRs or any other trusted node connected to the network. The mining operation begins by processing the TLUT data, which includes SRs IDs, digital signatures, and reputations. The miners are responsible for: Algorithm 1: Data Plane Algorithm to Generate TLUT and SR's wallets.  1) Verify the data received from DP and allow SRs to participate in the auction process according to their wallets. The auction process is defined as a competition between SRs to lease the available spectrum from the PU. The winning relay is selected according to Algorithm 2. 2) Update the reputation values of the relays in TLUT based on the auction process. 3) Increase or decrease the wallets of the SRs according to their behavior in the auction process and tabulate the new values in the CAT as presented in Table 4. 4) Transfer the data from the CAT to the blockchain to make it available for future use. Specifically, miners calculate the trust values of SRs by determining and analyzing their reputations, as explained in Section V-C. Fig. 3 and Algorithm 2 illustrate the CP operation in detail, including trust value calculation and trust reputation management. These operations are described as follows.

1) TRUST VALUE CALCULATION
The proposed framework assumes that only miners are authorized to evaluate the trust value (TV) of SRs and identify the trusted relays. The trust value is determined using the auction model in the DP plane and the aggregated reputation, which represents the historical trustworthiness and credibility of the transmitted messages of each SR.

2) TRUST REPUTATION MANEGMENT
In the proposed model, miners calculate the reputation of SRs based on their channel secrecy rate and intercept probabilities. The SD has a database register that stores a copy of the information about SRs that existed in the TLUT. However, the limited computational capacity onboard prevents the SDs from collecting a sufficient amount of data on each relay. Therefore, this data will be stored in a shared blockchain ledger, and the CP will adjust the TLUT with real-time updates based on the content of the chain. Table 4 represents the communication awareness table (CAT) for evaluating the trust values of all available relays. In particular, we have developed a reward-based system that helps to identify reputable and non-reputable relays. This approach allows the network controller to select the optimal relay for transmission and to maximize the security of the entire system. Without loss of generality and for simplicity, we consider the following reward mechanism in our model: if an SR successfully completes the mining process, that particular relay is rewarded with one point, and if it passes the auction model, it is rewarded with an additional point. On the other hand, if a relay fails to complete any of these tasks, one point is deducted for each failure. Note that this scheme can be generalized to any number of points, but an appropriate threshold value should be chosen depending on the scheme under consideration.

III. CR MODEL
CR networks allow spectrum sharing between licensed and unlicensed nodes. In conventional CR networks, SUs sense the spectrum to determine the status of PUs. In the Interwave CR network, when a PU is active/transmitting data, SUs are not allowed to access the spectrum until at least one channel becomes idle to avoid interference between channels. On the other hand, if a spectrum is not occupied by a PU, the SU can transmit.
LetĤ denote the status of the sensed spectrum, then a null hypothesis H 0 :Ĥ = 0 and an alternative hypothesis H 1 :Ĥ = 0 represents the idle and occupied spectrum, receptively. In particular, according to Algorithm 4, H 0 considers the case where the spectrum is detected as unoccupied, while H 1 denotes an occupied spectrum. In our framework, we assume that the available spectrum set is f j Hz, { j = 1, 2, . . ., J}, and the time of the received signal is T . We define a random variable α as: where α defines the interference of PUs and SUs that occurs due to the false alarm probability (FAP). In particular, the licensed spectrum f j is assumed to be unoccupied by the PBS when α = 0; therefore, the relay can access the spectrum,Ĥ = H 0 . On the other hand, the relay cannot access the spectrum if it is occupied by the PBS, i.e.,Ĥ = H 1 , and α = 1.

A. SIGNAL MODEL 1) SINGLE EAVESDROPPER ACCESS POINT
According to the presented model in [33], when the spectrum is idle (α = 0), the relay transmits signal x s with power P s . Without loss of generality, we assume that E (|x s | 2 ) = 1. Consequently, the received signal at the SD can be represented as follows where, h sd and h pd represent the channel fading coefficients between the SR-SD link and between the PBS-SD link, respectively. Note that h sd and h pd are assumed to follow the Rayleigh distribution. Also, the additive white Gaussian noise (AWGN) at the destination is denoted by n d , with zero mean and variance σ 2 n = N 0 /2. Owing to the broadcast nature of wireless channels, an eavesdropper (E) could listen to the signal transmitted by the relays. Therefore, the received signal at E can be written as follows.
where the wireless links SR-E and PBS-E are given by h se and h pe , respectively, which are modeled as Rayleigh fading channels. Moreover, the AWGN at E is given by n e , with zero mean and variance σ 2 n = N 0 /2.

2) MULTIPLE EAVESDROPPER ACCESS POINT
Meanwhile, due to the wireless broadcast nature, eavesdroppers attempt to intercept the transmission from S i to D i . Firstly, we combine the received signals at E j to obtain an enhanced version for the purpose of improving the possibility of successful eavesdropping attacks. Then, Considering the Maximum Ratio Combining (MRC), we obtain a combined version of the received signal at (E j | j = 1, 2, . . .., L) as follows

B. CHANNEL SECRECY CAPACITY
The channel secrecy capacity (C s ) is an essential metric to quantify the security level of the nodes [34]. Accordingly, the legitimate channel capacity of SD can be written as follows using (2) and the Shannon capacity equation [35].

IV. SECURE CR NETWORKS USING BLOCKCHAIN
Initially, the relays acquire the spectrum ( f j ) based on energy detection, as in Algorithm 3, to determine the state of channel occupancy. The determined state of the spectrum is represented byĤ N×J (i.e., N represents the total sensing time slots, and J represents the number of available channels). The null hypothesis H 0 :Ĥ (i, j) = 0 denotes the idle spectrum at time i, while the alternative hypothesis H 1 :Ĥ (i, j) = 0 represents the case where the licensed spectrum j is occupied by the PBS at time i. It is worth noting that the proposed model exploits the blockchain to improve the trustworthiness of participating relays and prevent non-reputable relays from accessing the spectrum. The algorithm developed for this purpose is explained in the following subsections.

A. RELAYS CLASSIFICATION
After performing spectrum sensing, SRs are classified into reputable and non-reputable relays using the proposed mechanism shown in Algorithm 4. This mechanism ranks the participating relays based on two metrics, namely, cumulative intercept probability and digital signature verification; the latter is performed using public and private keys. The detection probabilities are explained below.

1) PROBABILITY OF DETECTING A REPUTABLE SR
The probability of detecting a reputable relay can be evaluated as where θ a denotes the number of detected reputable relays and η is the total number of iterations.

2) PROBABILITY OF DETECTING A NON-REPUTABLE SR
This metric specifies the probability of detecting a nonreputable SR, where, θ m is the number of detecting nonreputable SR in η iterations, and it can be written as

3) PROBABILITY OF MISS DETECTION
The probability of miss-detection is defined as the probability that a reputable relay will be misclassified as non-reputable.
This probability can be evaluated as follows: whereθ a is the failed number of detecting a reputable relay given η number of iterations.

4) PROBABILITY OF FALSE ALARM
False alarm probability is the probability of detecting a nonreputable relay as reputable. The probability of a false alarm (P f ) is given by (12) whereθ m is the number of non-reputable SR detected incorrectly with η number iterations.

B. AUCTION MODEL
In this work, we consider a highly distributed network with different SRs. In particular, we use blockchain technology to ensure transparency and integrity. A detailed description of the auction process is provided below. The adopted auction process is performed as follows. 1) PUs set a price for the available spectrum resources.
2) A controller checks the wallet values of each SR, which are updated according to the physical layer parameters, as shown in Algorithm 2. If the balance of a particular relay is sufficient, the available spectrum is allocated to that relay. Otherwise, the relay remains in the queue. r All relays that participate in the hash calculation will calculate their channel capacity and upload it to the TLUT, as shown in Table 1.
r The auction winner's wallet is increased by the block cost, Cost(B M+1 ).
r The wallet of PU is increased by the spectrum cost, Cost( f j ), while the wallet of SR is decreased by the same amount. 6) If a SR engages in untrustworthy behavior, and attempts to miscalculate the hash, it is excluded from the bidding pool [36].

A. INITIAL WALLETS VALUES EVALUATION
Due to the increasing number of attacks and the unpredictable nature of anonymous vehicles, the classification of relays' reputations depends on their historical behavior. Therefore, the secrecy capacity of the channel and the reputation of relays are evaluated based on Algorithm 1 as follows. 1) Single eavesdropper scenario: The legitimate channel capacity of the ith SR is given in (15). where n = 0, 1, 2, . . .., I is the time instant. Moreover, h s id i ζ (n), h s (i+1) d i ζ (n) and h p d (n) denote the fading channel coefficients at time instant n and frequency ζ of the links SR i -SD, SR i+1 -SD and PBS-SD, respectively. Also, the AWGN at SR i is n d , which has zero mean and variance σ 2 n = N 0 /2. Moreover, ith and (i + 1)th signal-to-noise ratios are γ s i = P s i /σ 2 n and γ s (i+1) = P s (i+1) /σ 2 n , respectively. The wiretap channel capacity at E is written as follows.
The channel at time instant n and frequency ζ are given by h se ζ (n) and h pe (n), for SR i -E , and PBS-E, respectively. Consequently, the ergodic channel secrecy capacity at the selected SR can be written as follows [37]: where, γ s i and γ p denotes the signal-to-noise ratios (SNRs) at SR i and PBS, respectively. 2) Multiple eavesdropper scenario: For the worst-case scenario, we assume the existence of K relays and L eavesdroppers (ϒ = {E j | j = 1, 2, . . .. . ., L}). The eavesdroppers independently intercept the transmitted data SR i − SD. The winning SR can use the leased spectrum to transmit its data to a destination. For the case of L eavesdroppers, the channel capacity of ith SR is given in (15) shown at the bottom of this page. Similarly, the eavesdropper channel capacity of the E j is provided by (16) shown at the bottom of this page. Within this context, the channel secrecy capacity at the destination can be written as follows According to the calculated channel secrecy capacity, miners calculate the SRs' reputations. Initial relay wallets W k i will be calculated according to Algorithm 2 as where the ith SR wallet becomes available only if the channel secrecy capacity is greater than zero, meaning that this SR can reliably participate in the auction model. Otherwise, if the channel secrecy capacity falls below zero, it means that this SR is exposed to possible attacks and therefore cannot participate in the transmission.

B. RELAYS REPUTATION
The overall reputation of each SR will increase or decrease according to the evaluated intercept probability, as follows.

C. TRUST VALUES EVALUATIONS
Since the miners verify the performance of the relays based on their behavior in the network, the responses to a given signal may differ across multiple relays due to the different conditions of the participating relays. Therefore, the miners divide the responses into two categories: high-reputation responses (g 1 ) according to ( Rep n SR i > Trust min ) and low-reputation responses (g 2 ) based on ( Rep n SR i < Trust min ). Note that any relay whose trust value is below the threshold (Trust min ) will receive an alert message. Consequently, the alerted relays must send a message with a high value to improve their trustworthiness and maintain their participation in the network. Otherwise, the miners will exclude these relays from the network and disqualify them from future participation. In our framework, trust values are calculated using the weighted accumulation approach as follows New User χ 1 (n).g 1 − χ 2 (n).g 2 where TV n SR i is the trust value of the ith SR at time n. Also, the weights are χ 1 and χ 2 , are given by. and

D. NON-REPUTABLE RELAY DETECTION
Miners can identify the non-reputable relays based on the historical behavior involved, reputations, and trust values of all the relays. Therefore, miners check the public and private keys of a relay before deciding that it is a non-reputable one and excluding it from the network, as shown in Algorithm 4.

E. COMPLEXITY
In this section, we present the complexity of deploying the proposed CR-based cross-layer with a blockchain and the complexity of selecting the optimal relay after deploying the algorithm in order to evaluate the efficiency of the model.

1) TIME COMPLEXITY OF THE CROSS-LAYER ALGORITHM
Throughout the paper, there are two distinct modules: an Of-Chain Module and an On-Chain Module. r Step 1: Off-Chain Module. The overall complexity of the first step depends on the classification of reputable and non-reputable users to select the optimal SU as a relay based on the intercept probability calculation and the auction algorithm. Therefore, the time complexity increases as the number of participating SRs increases. However, this complexity does not affect the real-time transmission since it is deployed off-chain (offline). r Step 2: On-Chain Module. After a certain period, once the secondary users' data is stored on-chain when the PU wants to transmit data to its destination, a request will be sent to the chain in order to retrieve the trust values for all the involved SRs to select the maximum value. Since this operation is executed on the devices (i.e., in the data plane), there is no execution time; it is executed almost immediately.

2) RELAY SELECTION COMPLEXITY
Calculate the time complexity of selecting the optimal SR, it depends on the activated phase. For example, 1) During the Off-Chain module, we will ignore the delay as it is deployed off-chain 2) During the On-Chain module, selecting the optimal relay will occur almost in real-time.

F. BLOCKCHAIN SEQUENCE GENERATION
After the operations at the physical and network layer operations, the miners generate blockchain transactions that contain the CAT, which includes the SR IDs, trust values, public keys, and some useful historical data, such as the SR reputation. The miners must verify these transactions to be ready for the chain.

VI. NUMERICAL RESULTS
In this section, we investigate the performance of the proposed system in different scenarios. Unless otherwise stated, we consider the numerical parameters summarized in Table VI. We assume three SRs, i.e., SR 1 , SR 2 , SR 3 , each of which has different channel conditions. Without loss of generality, we assume that SR 1 has the weakest average channel gain, while SR 3 has the strongest channel gain. In this section, we consider: r Scenario 1, Single eavesdropper r Scenario 2, Multiple eavesdroppers In the following sections, we will explain the steps to compute the trust values using the proposed algorithms.

A. BENCHMARK
In order to validate the superiority of our framework, the distributed CR model for VANETs in [33] is selected as a benchmark model. In [33], similar to our work, the authors considered the intercept probability metric. The difference between the two models lies in the technique used to protect the network from eavesdroppers. In [33], a moving target defense (MtD) approach is used to prevent attacks, hence transmitting the data securely. Specifically, they proposed a queuing model to determine which SU can transmit data in each time slot over the available channel bands through spatiotemporal diversification. While in our framework, we follow a different approach to select the optimal SU by developing a cross-layer reliable relay selection scheme for vehicular CR networks based on blockchain and an auction model. This auction algorithm can rank participating relays as reputable or nonreputable. Specifically, we used blockchain as a trustworthy technique to increase the credibility of participating SRs by storing their trust values and revoking the SRs with low trust values, so, this technique helps to improve the overall network security. Fig. 4 shows the channel secrecy capacity of the three SRs and their associated wallets according to their performance using Scenario 1 and Scenario 2. From Fig. 4(a), it can be seen that SR 1 has the lowest secrecy capacity, while SR 3 has the highest performance for both scenarios. Such performance is to be expected given the assumed channel scenario. Fig. 4(b) reflects the values of the wallets of SR, corresponding to their channel secrecy capacity as well as their behavior in the network as in Scenario 1. It should be noted that these wallet values are provided in addition to the spectrum cost values based on the spectrum access mechanism. In particular, considering that SR 1 , SR 2 , and SR 3 participate in the auction model, their wallet values are compared to the available spectrum cost at each time instant. Then, the relay with a balance higher than the spectrum cost is granted access in a FIFO manner. Note that in our simulation environment, the available spectrum cost is randomly generated. For example, at t = 4 seconds, the cost of the spectrum is about 1.2 virtual currency (VC), and therefore, SR 2 and SR 3 can access the spectrum according to the FIFO queue, while SR 1 cannot rent the spectrum. In Fig.  4(b), it can also be observed that the behavior of the relays in the network allows them to increase their wallets over time.

B. CHANNEL SECRECY CAPACITY AND WALLETS
For example, in the figure, it can be seen that the initial value of SR 1 's wallet is zero, while at time 30 seconds, it increases to 5 VC. The same observations can be seen in Fig. 4(c) for Scenario 2. However, it can be seen from Fig. 4(a) that the performance of the three relays in Scenario 2 is lower than in Scenario 1 over the entire SNR range, which justifies the results in Fig. 4(c), where it can be seen that during the first 10 seconds, all relays cannot access the spectrum because their wallet values are below the spectrum cost.

C. INTERCEPT PROBABILITIES AND SRS REPUTATIONS
Figs. 5 and 6 shows the intercept probability and the reputation of SRs according to their historical behavior in the physical layer. Note that the intercept probability is calculated according to (17) and (18). Since SR 3 has the lowest intercept probability, it can easily conclude that SR 3 has the highest reputation according to (20), as shown in Fig. 5 for the two interception scenarios. Although the intercept probability of SR 1 and SR 2 are close to each other, their reputations are different due to their different behaviors in the network. In Fig. 6, we see that although the reputation of the relays in both scenarios increases with time, SR 3 is the most reputable relay in the system. However, in the multiple eavesdropper scenarios, the reputation of SR 2 decreases after 5 seconds and reaches the reputation of SR 1 then increases again after 10  seconds and approaches SR 3 . This fluctuation is due to the overall behavior of the relays involved in the network.

D. TRUST VALUE CALCULATIONS
In Figs. 7, 8, and 9, we show high and low reputation responses and weights, g 1 , g 2 , χ 1 , and χ 2 , respectively, based on (22) and (23)  Since the selected threshold has a direct effect on g 1 and g 2 , as shown in Figs. 7 and 8, it should be chosen carefully. In the simulation, we choose a threshold value (δ = 0.6). In the next step, after calculating the values for g 1 , g 2 , χ 1 , and χ 2 , the trust values for each involved SR can be calculated.

E. REWARDING AND PENALIZING PROCEDURE
Based on the values stored in CAT (Table 4), the trust values for single and multiple eavesdropper scenarios can be evaluated according to (21). Fig. 10 illustrates the warning messages and revocation list for non-reputable SRs. In the proposed system, a reputation-aware detection system can be used to detect and prevent attacks. When an SR has a trust value below the threshold, the miners send a warning message to that SR. From Fig. 10(a), it can be seen that all relays receive a warning message only at the beginning because their trust value falls below 0.6. The main purpose of this self-learning algorithm is to detect both internal and external attacks on the system. In particular, we implement this mechanism in order to detect untrusted behaviors of SRs by warning the relay and forcing it to increase its trust value by being engaged in more mining activities or increasing the credibility of the transmitted messages. When a relay receives two consecutive warnings, it is revoked and blocked from future transmissions to ensure that all relays involved are trusted and internal attacks are avoided. Fig. 10(b) illustrates the warning messages and the blocking list, including the misbehaving relays for Scenario 2. From Fig. 10(b), it can be seen that the presence of more eavesdroppers increases the vulnerability of SRs to attacks and thus negatively affects their trust values. As shown in Fig. 10(b), a higher number of warning messages are sent to all relays compared to Scenario 1. Any relay that cannot improve its trustworthiness is excluded from further communication in the network after its public and private keys are verified. Fig. 11 depicts detection probabilities based on the calculations of our proposed framework algorithm. We can observe that the detection accuracy for the non-reputable relay is 96% and 90% for single and multiple eavesdroppers, respectively. Moreover, the detection accuracy for the reputable relay is  99% and 96% for scenarios with one and multiple eavesdroppers, respectively. The calculated false alarm probability for Scenario 1 and Scenario 2 is 0% and 5%, respectively. Finally, the miss detection probability for both scenarios is 0% and 6%. These results prove that the proposed system is able to perfectly classify the non-reputable relays even in the multiple eavesdropper scenario. Fig. 12 shows the performance of our proposed cross-layer framework in the case of an increase in the number of eavesdropping devices. The intercept probability increases with the number of eavesdropping devices increases. It is worth noting that our cross-layer framework increases the system's security by almost 70% compared to CR systems without a cross-layer design. These results demonstrate the efficiency and effectiveness of our cross-layer framework for securing transmission in a CR vehicular network without compromising the network's reliability.

VII. CONCLUSION
In this paper, we proposed a cross-layer reliable relay selection scheme for vehicular CR networks based on blockchain and an auction model. In particular, we used blockchain as a trustworthy technique to increase the credibility index of SRs and contribute to improving the overall network security. Based on the calculated trust values, a mathematical model was built to evaluate the trust values of vehicles and the selection process for the best SR. The numerical results showed the effectiveness of the whole system in both single and multiple eavesdropper scenarios, in which an improved performance in terms of SR's reputation, trust value, intercept probability, and channel secrecy capacity is observed. It should be noted that the presented approach is deployed offline, and therefore no real-time delay occurs.