The document proposes a cryptography-based mechanism for detecting misbehavior and controlling trust in opportunistic network systems. It designs a security overlay using cryptography over existing trust-based routing. Spy nodes monitor the network for evidence of malicious nodes. Hop-to-hop authentication uses asymmetric cryptography while end-to-end authentication uses symmetric cryptography. Spy nodes identify suspicious nodes and judges declare them as malicious or normal by decreasing their trust values. The proposed system aims to provide security services like authentication, integrity and confidentiality through cryptography to strengthen security for commercial use of opportunistic networks.
Cryptography based misbehavior detection for opportunistic network
1. Cryptography-Based Misbehaviour Detection and
Trust Control Mechanism for Opportunistic
Network Systems
Guided by, Prepared by,
Saranya Shaji P H SHAHANA
Asst. Professor Roll no: 41
Dept. of CSE
2. AIM
• To design a robust and scalable security overlay over trust-based routing.
• To provide security services through cryptography.
3. ABSTRACT
Opportunistic networks (OppNets) are a kind of wireless networks that
provide the opportunity to have social interaction and obtain data that can be
used for message passing decision. One among the challenge for OppNets is to
take efficient routing decisions on securing the delivery of messages to the
destination. The trust based mechanism are capable of providing social security
in terms of access control in the network, but do not provide security services
through cryptographic means. The commercial application of OppNets not
only demands the social security, but also requires cryptographic security. Here
proposes a robust design of security overlay over trust based routing for
detecting malicious nodes and provide security services such as authentication,
message confidentiality, and integrity in the network through cryptographic
mechanism.
4. INTRODUCTION
o DTNs are networks with intermittent end to end connections.
o OppNets are subclass of DTNs characterized by,
• Wireless
• Hand held devices carried by the people are the nodes.
• Routes are built dynamically to reach the destination.
o The commercial usage of OppNets demands strengthening of security in
the network.
o Trust based routing mechanism cannot provide security services.
o Sparsity in the network, resource constraint restricted use of
cryptography.
5. INTRODUCTION(cont..)
o This system detects maliciousness through depreciation of trust.
o Provides hop to hop and end to end authentication through asymmetric and
symmetric respectively.
o A robust design of security overlay over trust based mechanism for detecting
malicious nodes and providing social security through cryptography.
6. EXISTING SYSTEM
• Currently, the trust and reputation based mechanisms are used to authenticate
a node’s identity and avoid malicious nodes.
• The trust based mechanisms checks whether the trust value of a particular node
is above a threshold.
• The trust based mechanism are capable of providing social security in terms of
access control in the network.
• Incentive-based routing mechanisms are also designed on trust based
reputation system for thwarting selfishness and increase participation.
7. LITERATURE SURVEY
Sl.no. Name Year Advantage Disadvantage
1.
Privacy enhanced social
network routing in
OppNets
2010
• Analyse potential
treats
• Hide social n/w
information
• Only initial
evaluation of the
routing schemes
• Treats can increase
2.
IRONMAN: Using social
networks to add incentives
and reputation to OppNets
2011
• Fastest and
accurate
• No infrastructure
network
• Trust mechanism
only provide social
security
3.
A trust based framework
for data forwarding in
OppNets
2013
• PFM introduced
• Assisted data
forwarding
• Explains against
black hole attack
4.
Security and trust
management in OppNets:
A survey
2014
• Proposes a
general security
architecture
• Does not address
security aspect of
registering.
5.
Reputation based
malicious node detection
in OppNets
2016
• Node by node
detection reduces
the n/w overhead
and difficulties
• Modification
attacks can’t be
detected
8. PROPOSED SYSTEM
• A security overlay is designed over trust based routing mechanism.
• Spy nodes keep careful watch over the participative nodes in the network.
• The hop-to-hop authentication using asymmetric cryptography.
• End-to-end authentication using symmetric cryptography.
• Suspicious nodes figured out and are under the supervision of spy nodes.
• Spy nodes then declares it as malicious or as a normal node.
• Maliciousness of the node is modified by decreasing the trust value.
9. A. Motivation
• The commercial usage of OppNets demands the strengthening of security
for the network.
• The distributive nature and low end computing devices always restrict the
OppNets from using cryptographic solutions for security perspective.
• Most of trust-based routing in OppNets is supposed to cater the
identification and isolation of socially misbehaved nodes in the network.
• The existing trust based protocol only provides social security to the
network.
• The commercial application of OppNets not only demands the social
security, but also requires the cryptographic security.
B. Design Assumptions
• Designed for high-end computing mobile devices in dense urban settings.
10. • The distributive and disruptive nature of OppNets restricts the use of trusted
third party for key distribution purpose.
• Delffi–Hellman key exchange protocol is used.
• Limited to address problem posed by malicious nodes within the network.
C. Security Model
• The aim of this design is to protect the normal nodes from malicious nodes in
the network.
• The security framework designed has been inspired from the intelligence
network of a country.
• The executive wing collects and produces evidence of malicious nodes in
front of the judiciary.
• Which evaluates, then disseminates the judgment regarding the presence of
maliciousness in the network.
11. 1) Security Infrastructure
• The proposed model is infrastructure dependent for providing
security in the network.
• Classified in to two components:
a) Physical intelligence node component
b) Logical cryptographic component
a) Physical intelligence node component:
• The intelligence nodes in the network are responsible for
security measures.
12. • As depicted in Fig. 1, the network area is divided into separate areas
of influence called zones and each zone is assigned with a spy team.
• Each zone is assigned with a spy team.
• One of those node act as head spy.
• A single judge node for four adjacent zone’s spy team.
13. b) Logical cryptographic component:
• The cryptographic algorithm provides
o Message integrity
o Authentication
o Confidentiality
• The exchange of keys uses the established Diffie–Hellman
key exchange protocol.
• As each node carries only the public keys of immediate
neighbors.
14. • As shown in Fig. 2, once the symmetric keys are exchanged
between the source and destination the communication nodes use
these keys for message encryption.
• The end-to-end message integrity is ensured by HMAC.
• HMAC(K,M) is performed, generates MD.
• Generated MD appended with the encrypted message at the
source.
• The appended MD is compared against the revaluated MD at the
destination.
• The comparison reveals the integrity and the encryption of the
message at the source site and also ensures its confidentiality in
the network.
• Hop to hop authentication through asymmetric cryptographic
algorithm RSA.
15. 2) Intelligence Modelling
• Infrastructure nodes collects relevant misbehaving evidence of
malicious nodes.
• The modelling of intelligent nodes requires discussion on profiling and
communication among infrastructure nodes.
a) Profiling: The profiling of normal nodes, spy nodes, head
spy nodes, judge nodes, and malicious nodes.
1. Normal node:
• Prone to attacks.
• A normal node maintains nodes encounter vector (𝐸𝑉𝑖) with
respect to time.
• The encounter vector has three fields:
1. id of the encountered node,
2. 𝑇𝑖𝑚𝑖, the time stamp of encountered time,
3. 𝑃𝑟𝑖 (𝑇𝑖𝑚𝑖), the digitally signed 𝑇𝑖𝑚𝑖 with the private key
of the encountered node i.
16. • Normal nodes also maintain the
• message encounter lists MSG_ENC_LIST,
• message forward list MSG_FOR_LIST,
• request vector , 𝑅𝑖.
• Requests 𝑅𝑖 to spy at time 𝑡0.
2. Spy nodes and head spy
• Critical for identifying malicious nodes.
• These spy nodes as a coordinated team follow up the node and keep up
the surveillance vector 𝑆𝑉 𝑖
𝑡 for node during a time duration t. The
𝑆𝑉 𝑖
𝑡 maintains the following fields as shown in Fig. 3.
17. 3.Judge node
• The process of collecting and establishing evidences against
malicious nodes by spy nodes is shared with the corresponding
judge node.
• The judge node reorganizes this collected information from
different zones spy head.
• The judge node checks for the MSG_ENC_LIST at a node i and
then looks for the paired message ids for which the source of one
message id is the destination for other message id and vice-versa.
Communication:
• Two types:
• Intranode communication
• Internode communication
20. E. Mobility Modelling
• The mobility pattern of infrastructure node is crucial for the success.
1. Spy Node Mobility
• The spy nodes work under three activation modes: self-induced,
spy-induced, and judge-induced activation.
a) Self-induced activation:
• Spy nodes work in proactive mode.
• Suppose there is a zone i that needs to be placed with spy nodes.
• Initially, the spy team 𝑆𝑇 𝑖
𝑘 [P,N] with team identity k and having
N members with node id P as the team head are assigned to zone i
in the network.
• The spy nodes are then randomly placed in the zone.
• The mobility of the spy nodes is governed by the finite-state
automaton machine FSAM1.
21. • “Q” represents the set of internal states for FSAM1
• The set of finite alphabet ∑={a,b,c,d,e,f}represents the directions
southeast, east, southwest, west, northwest, and northeast,
respectively.
• The grammar “Ω ι ” of the FSAM1 determines the direction of
movement of a spy node at a particular time.
• The internal state “A” is considered to be the initial and final state
of the machine.
22. b) Spy-induced activation
• The spy nodes may request the other spy nodes for
message/node follow-up operations.
• Let a node Ni roams in the network with its last two
coordinates as (𝑥𝑖,𝑦𝑖)at time 𝑡 𝑘 and(𝑥𝑗,𝑦𝑗)at time 𝑡 𝑘′,
respectively.
• It is used in calculating the directional angle D𝑖𝑛
𝑄
with
respect to horizontal x-axis, as follows:
Varying speed,
23. 2) Spy Node Calculation:
• Let the dimension of zone in concern be of length x and breadth y,
the transmission range of the nodes is R.
• Let the average numbers of spy nodes in the zone be “n.”
• Then the average region covered by the spy nodes is nπ𝑅2
.
• If the nodes are assumed to be statically placed then the average
region not covered up also knows as black shed area would be
xy−nπ𝑅2
.
• Considering a scenario, when black shed area is virtually zero, then
24. • In real scenario the black shed area could not be zero. Hence,
assuming that at least p% of the total zones is under black shed.
• We have ,
• Let us introduce the parameter d for mobility of spy nodes in the
network. Let the introduction of mobility further reduce the
percentage of black shed area by w, then
25. • The relationship between w and d is as shown in Fig.4.
• The maximum value of w = k at d = h facilitates the calculation for
minimum number of spy nodes in the zone, represented as :
26. • The number of spy nodes in the zone depends on the parabolic
equation between w and d.
• Further helping in utilizing the infrastructure resources
effectively.
27. F. Trust
• It identifies and isolates the malicious nodes in the network.
• Also affects the trust of the malicious nodes through the application of
TAF.
• The scale of trust breachment is directly responsible for ascertaining the
TAF, which is as follows:
28. ADVANTAGES
• Provide various security services through cryptographic means.
• Uses latest cryptographic techniques.
• Provides a reliable security service.
• Robust and scalable.
29. DISADVANTAGES
• Compromise between the security performance and the energy usage in the
system.
• The cost associated with the system is high.
• Limited to problems within the network.
30. CONCLUSION
This paper proposed, a security overlay designed over a trust based routing
mechanism. The designed scheme uses the infrastructure nodes for keeping the vigilance
upon the participative nodes in the network and detecting the malicious nodes. The usage
of established symmetric and asymmetric key cryptography provides authentication,
message confidentiality and integrity in the network. The surveillance nodes provide TAF
to the protocol for adjusting trust values of the malicious nodes. The infrastructure
surveillance along with the cryptographic features provides a reliable security and detects
malicious nodes. The results prove that security overlay helps in thwarting the malicious
behaviour and improves average performance by 35%.
31. FUTURE WORK
• Needs to address the energy efficiency issue (associated with the
infrastructure nodes.)
• The cost needs to be reduced.
32. REFERENCE
[1] S. K. Dhurandher, A. kumar, and M. S. Obaidat, “Cryptography based
misbehaviour detection and trust control mechanism for opportunistic
network systems,” IEEE Systems Journal, 2017.
[2] I. Parris, G. Bigwood, T. Henderson, “Privacy-enhanced social
network routing in opportunistic networks,” in Proc. 8th IEEE Int.
Conf. Pervasive Comput. Commun. Workshops, 2010.
[3] G. Bigwood, and T. Henderson, “Ironman: Using socialnetworks to
add incentives and reputation to opportunistic networks,” in Proc.
IEEE 3rd Int. Conf. Soc. Comput., 2011.
[4] N. Li, S. K. Das, “A trust-based framework for data forwarding in
opportunistic networks,” Ad Hoc Netw., 2013.
[5] Y. Wu, Y. Zhao, M. Riguidel, G. Wang, and P. Yi, “Security and trust
management in Opportunistic networks: a survey,” in Wiley Online
Library, 2014.
[6] A. Ahmed, M. Alajeely, R. Doss, “Reputation based malicious node detection in
OppNets,” in IEEE 16th Int. Joint Conf. Comp. Science and Soft. Eng., 2016.