The tremendous success of various wireless applications operating in unlicensed bands has resulted in the overcrowding of those bands. Cognitive radio (CR) is a new technology that enables an unlicensed user to coexist with incumbent users in licensed spectrum bands without inducing interference to incumbent communications. This technology can significantly alleviate the spectrum shortage problem and improve the efficiency of spectrum utilization. Networks consisting of CR nodes (i.e., CR networks)---often called dynamic spectrum access networks or NeXt Generation (XG) communication networks---are envisioned to provide high bandwidth to mobile users via heterogeneous wireless architectures and dynamic spectrum access techniques.

In recent years, the operational aspects of CR networks have attracted great research interest. However, research on the security aspects of CR networks has been very limited. In this thesis, we discuss security issues that pose a serious threat to CR networks. Specifically, we focus on three potential attacks that can be launched at the physical or MAC layer of a CR network: primary user emulation (PUE) attack, spectrum sensing data falsification (SSDF) attack, and control channel jamming (CCJ) attack. These attacks can wreak havoc to the normal operation of CR networks. After identifying and analyzing the attacks, we discuss countermeasures. For PUE attacks, we propose a transmitter verification scheme for attack detection. The scheme utilizes the location information of transmitters together with their signal characteristics to verify licensed users and detect PUE attackers. For both SSDF attacks and CCJ attacks, we seek countermeasures for attack mitigation. In particular, we propose Weighted Sequential Probability Ratio Test (WSPRT) as a data fusion technique that is robust against SSDF attacks, and introduce a multiple-rendezvous cognitive MAC (MRCMAC) protocol that is robust against CCJ attacks. Using security analysis and extensive numerical results, we show that the proposed schemes can effectively counter the aforementioned attacks in CR networks.