Trust is a concept from the Social Sciences and can be defined as how much a node is willing to take the risk of trusting another one. The correct evaluation of the trust is crucial for several security mechanisms for Mobile Ad Hoc Networks (MANETs). However, the implementation of an effective trust evaluation scheme is very difficult in such networks, due to their dynamic characteristics. This work presents a trust evaluation scheme for MANETs based on a self-organized virtual trust network. To estimate the trustworthiness of other nodes, nodes form trust chains based on behavior evidences maintained within the trust network. Nodes periodically exchange their trust networks with the neighbors, providing an efficient method to disseminate trust information across the network. The scheme is fully distributed and self-organized, not requiring any trusted third party. Simulation results show that the scheme is very efficient on gathering evidences to build the trust networks. It also shows that the scheme has a very small communication and memory overhead. Besides, it is the first trust evaluation scheme evaluated under bad mouthing and newcomers attacks and it maintains its effectiveness in such scenarios.
Distributed Self-organized Trust Management for Mobile Ad Hoc Networks
1. Introduction
System Model
Refrences
Distributed Self-organized
Trust Management for MANETs
Mehran Misaghi1 Eduardo da Silva2,3
Luiz Carlos P. Albini3
1 Research Department - Educational Society of Santa Catarina
mehran@sociesc.org.br
2 Department of Informatics - Catarinense Federal Institute
eduardos@inf.ufpr.br
3 Department of Informatics - Federal University of Parana
albini@inf.ufpr.br
April 20, 2012
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
2. Introduction
System Model Concepts
Refrences
Introduction
Security
1 One of the most challenging issues for MANETs [WCWC06]:
High vulnerability in security threats due to wireless
communication and dynamic topology
Adversaries can easly perfom attacks via wireless
communcation channel
Difficulty in implementation of security applications
2 Cryptography is the main technique used to ensure data
communication security
It does not provide information about the reliability of the
nodes [LSY05]
Key management relies on some degree of pre-established trust
between nodes
Trust is very difficult to be valued [BFL96]
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
3. Introduction
System Model Concepts
Refrences
Introduction
Security
1 One of the most challenging issues for MANETs [WCWC06]:
High vulnerability in security threats due to wireless
communication and dynamic topology
Adversaries can easly perfom attacks via wireless
communcation channel
Difficulty in implementation of security applications
2 Cryptography is the main technique used to ensure data
communication security
It does not provide information about the reliability of the
nodes [LSY05]
Key management relies on some degree of pre-established trust
between nodes
Trust is very difficult to be valued [BFL96]
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
4. Introduction
System Model Concepts
Refrences
Trust Concepts I
Trust
Can be defined as the trustworthiness of a trustor, or how much it
is willing to take the risk of trust, in a trustee [Bus02]
Trust management can be used in
Support in decisions as intrusion detection [ACP+ 02]
Authentication [GPM05]
Access control [LKZ+ 04]
Isolation of misbehaving nodes for effective routing [MGLB00]
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
5. Introduction
System Model Concepts
Refrences
Trust Concepts I
Trust
Can be defined as the trustworthiness of a trustor, or how much it
is willing to take the risk of trust, in a trustee [Bus02]
Trust management can be used in
Support in decisions as intrusion detection [ACP+ 02]
Authentication [GPM05]
Access control [LKZ+ 04]
Isolation of misbehaving nodes for effective routing [MGLB00]
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
6. Introduction
System Model Concepts
Refrences
Trust Concepts II
In MANETs
Routing strategies, distributed storage,
location management, and key management or establishment
Trust evaluation schemes
Support and maintain trust evidences of nodes
Ant-Based Evidence Distribution (ABED) proposed by [JB04]:
1 Nodes interact with each other through agents (“ants”)
2 Nodes are able to identify an optimal path to accumulate trust
evidence
3 Such a scheme was not evaluated under any type of attack
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
7. Introduction
System Model Concepts
Refrences
Trust Concepts II
In MANETs
Routing strategies, distributed storage,
location management, and key management or establishment
Trust evaluation schemes
Support and maintain trust evidences of nodes
Ant-Based Evidence Distribution (ABED) proposed by [JB04]:
1 Nodes interact with each other through agents (“ants”)
2 Nodes are able to identify an optimal path to accumulate trust
evidence
3 Such a scheme was not evaluated under any type of attack
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
8. Introduction
System Model Concepts
Refrences
Trust Evaluation Schemes I
self-organizing trust-based Physical-Logical Domains
Concept for Grouping nodes and support for distributed control in
the newtwork [VJCU05]:
A security architecture which uses trust to establish keys
between nodes
Establish secure distributed control in MANETs
Nodes use trust information to form groups and to establish
pair-wise key in the groups
Suitable just for establishing group keys
The scheme was not evaluated under attacks
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
9. Introduction
System Model Concepts
Refrences
Trust Evaluation Schemes - Utilities
support secure authentication for MANETs [CKLW09]
SORI uses cooperation incentive based on
reputation [HWK04]:
1 stimulating packet forwarding and disciplining selfish nodes
through punishments
2 Nodes are able to identify an optimal path to accumulate trust
evidence
3 The reputation of a node is calculated using objective metrics
4 The implementation of SORI to support other applications is
very difficult
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
10. Introduction
System Model Concepts
Refrences
Trust Evaluation Schemes - Utilities
support secure authentication for MANETs [CKLW09]
SORI uses cooperation incentive based on
reputation [HWK04]:
1 stimulating packet forwarding and disciplining selfish nodes
through punishments
2 Nodes are able to identify an optimal path to accumulate trust
evidence
3 The reputation of a node is calculated using objective metrics
4 The implementation of SORI to support other applications is
very difficult
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
11. Introduction
System Model Concepts
Refrences
Trust Evaluation Schemes II
Trust Models
Model of [VLDP08]:
Resistant to slander attacks, a variance of the bad mouthing
ones
Provides nodes with a mechanism to build a trust relationship
with their neighbors
Not suitable for applications that require trust information of
nodes out of the radio range
Model of [SHYL06]
This model considers malicious attacks
Secure routing operations and detect malicious nodes
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
12. Introduction
System Model Concepts
Refrences
Trust Evaluation Schemes II
Trust Models
Model of [VLDP08]:
Resistant to slander attacks, a variance of the bad mouthing
ones
Provides nodes with a mechanism to build a trust relationship
with their neighbors
Not suitable for applications that require trust information of
nodes out of the radio range
Model of [SHYL06]
This model considers malicious attacks
Secure routing operations and detect malicious nodes
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
13. Introduction
System Model Concepts
Refrences
Trust Evaluation Schemes - Summary
1 The most os schemes were not evaluated under misbehavior
attacks
2 The use of a non-secure trust evaluation scheme can harm the
entire seure solution of system
3 The schemes that consider the presence of malicious nodes
are limited to one network operation (routing)
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
14. Introduction
System Model Concepts
Refrences
Our work
Our scheme
A trust evaluation scheme for MANETs:
1 To support any application
2 Resistant to misbehavior attacks
In this scheme:
1 Each node creates a virtual layer to support trust information
2 Virtual layer (trust network) contains all trust informations
3 Such informations are gathered via recommendation or direct
interaction
4 Trustworthiness of node is locally computed (Trust network of
the node)
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
15. Introduction
System Model Concepts
Refrences
Our work
Our scheme
A trust evaluation scheme for MANETs:
1 To support any application
2 Resistant to misbehavior attacks
In this scheme:
1 Each node creates a virtual layer to support trust information
2 Virtual layer (trust network) contains all trust informations
3 Such informations are gathered via recommendation or direct
interaction
4 Trustworthiness of node is locally computed (Trust network of
the node)
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
16. Introduction
System Model Concepts
Refrences
Our scheme evaluation
scenarios
Two kinds of attacks:
1 Bad mouthing: consist of malicious nodes providing dishonest
trust evidences to defame good nodes or enhance trust values
of bad ones [Del00].
2 Newcomer (Sybil): consist of a malicious node registering a
new identity and assigning high trust values to it.
Simulations with NS:
1 Proposed scheme is robust and efficient
2 Trust evidences are quickly disseminated through the network
3 Nodes are able to effectively estimate the trustworthiness of
other nodes
4 Proposed scheme is resistant to false accusation attacks
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
17. Introduction
System Model Concepts
Refrences
Our scheme evaluation
scenarios
Two kinds of attacks:
1 Bad mouthing: consist of malicious nodes providing dishonest
trust evidences to defame good nodes or enhance trust values
of bad ones [Del00].
2 Newcomer (Sybil): consist of a malicious node registering a
new identity and assigning high trust values to it.
Simulations with NS:
1 Proposed scheme is robust and efficient
2 Trust evidences are quickly disseminated through the network
3 Nodes are able to effectively estimate the trustworthiness of
other nodes
4 Proposed scheme is resistant to false accusation attacks
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
18. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Our scheme
The scheme focuses on self-organized mobile ad hoc network
Consist of a set of n nodes without losing generality
Such nodes are considered to have similar functionalities
Such nodes contribute to network operations and maintenance
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
19. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Example of Trust Evaluation
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
20. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Calculation Trust Value (TV )
After calculating the trust value for all chains, the trust value
TV(nx ,nu ) can be calculated applying a weighted mean, as follows:
k
i i
(TC(nx ,nu ) × 1/|TC(nx ,nu ) |)
i=1
TV(nx ,nu ) = k
(1)
1
i
|TC(nx ,nu ) |
i=1
weighted mean
The weighted mean reduces the impact of transitivity in trust
chains. This method aims to privilege small chains, following a
social perspective.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
21. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Calculation Trust Value (TV )
After calculating the trust value for all chains, the trust value
TV(nx ,nu ) can be calculated applying a weighted mean, as follows:
k
i i
(TC(nx ,nu ) × 1/|TC(nx ,nu ) |)
i=1
TV(nx ,nu ) = k
(1)
1
i
|TC(nx ,nu ) |
i=1
weighted mean
The weighted mean reduces the impact of transitivity in trust
chains. This method aims to privilege small chains, following a
social perspective.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
22. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Evalaution tool and scenario
Evaluation with NS 2.34
Used for evaluate the performance and effectiveness of the
proposed trust management scheme.
Simulations were made with honest and malicious nodes.
100 nodes use the IEEE 802.11 with DCF as MAC protocol.
Nodes move on an area of 1000m x 1000m, in random
waypoint model (20 m/s) with 20s pause time.
Total time of simulations is 2000s.
Avarage of 35 simulations with 95% confidence interval
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
23. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Scenarios without Attackers
Estimated trust values without attackers
0.9
0.6
0.8
0.7 0.5
Average Trust Values
0.6 0.4
0.5
0.3
β
0.4
0.3 0.2
0.2
0.1
0.1
0
0
0 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 0.9
α
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
33. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Conclusions
Existing Trust Management schemes
No specific attack model was addressed nor evaluated
on [BR08, MM02, BLB02, DJQ09].
Some schemes are limited only to support routing
strategies [MM02, BLB02, DJQ09].
Support for other applications is very difficult in [HWK04].
Our scheme
1 The nodes create a virtual trust network.
2 Contains trust information about other nodes.
3 Each node estimates the trustworthiness of other nodes.
4 Simulation results show the efficiency of our scheme.
5 The scheme is able to resist up to 10% of attackers.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
34. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Conclusions
Existing Trust Management schemes
No specific attack model was addressed nor evaluated
on [BR08, MM02, BLB02, DJQ09].
Some schemes are limited only to support routing
strategies [MM02, BLB02, DJQ09].
Support for other applications is very difficult in [HWK04].
Our scheme
1 The nodes create a virtual trust network.
2 Contains trust information about other nodes.
3 Each node estimates the trustworthiness of other nodes.
4 Simulation results show the efficiency of our scheme.
5 The scheme is able to resist up to 10% of attackers.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
35. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Conclusions
Existing Trust Management schemes
No specific attack model was addressed nor evaluated
on [BR08, MM02, BLB02, DJQ09].
Some schemes are limited only to support routing
strategies [MM02, BLB02, DJQ09].
Support for other applications is very difficult in [HWK04].
Our scheme
1 The nodes create a virtual trust network.
2 Contains trust information about other nodes.
3 Each node estimates the trustworthiness of other nodes.
4 Simulation results show the efficiency of our scheme.
5 The scheme is able to resist up to 10% of attackers.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
36. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Conclusions
Existing Trust Management schemes
No specific attack model was addressed nor evaluated
on [BR08, MM02, BLB02, DJQ09].
Some schemes are limited only to support routing
strategies [MM02, BLB02, DJQ09].
Support for other applications is very difficult in [HWK04].
Our scheme
1 The nodes create a virtual trust network.
2 Contains trust information about other nodes.
3 Each node estimates the trustworthiness of other nodes.
4 Simulation results show the efficiency of our scheme.
5 The scheme is able to resist up to 10% of attackers.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
37. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Conclusions
Existing Trust Management schemes
No specific attack model was addressed nor evaluated
on [BR08, MM02, BLB02, DJQ09].
Some schemes are limited only to support routing
strategies [MM02, BLB02, DJQ09].
Support for other applications is very difficult in [HWK04].
Our scheme
1 The nodes create a virtual trust network.
2 Contains trust information about other nodes.
3 Each node estimates the trustworthiness of other nodes.
4 Simulation results show the efficiency of our scheme.
5 The scheme is able to resist up to 10% of attackers.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
38. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Conclusions
Existing Trust Management schemes
No specific attack model was addressed nor evaluated
on [BR08, MM02, BLB02, DJQ09].
Some schemes are limited only to support routing
strategies [MM02, BLB02, DJQ09].
Support for other applications is very difficult in [HWK04].
Our scheme
1 The nodes create a virtual trust network.
2 Contains trust information about other nodes.
3 Each node estimates the trustworthiness of other nodes.
4 Simulation results show the efficiency of our scheme.
5 The scheme is able to resist up to 10% of attackers.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
39. Introduction
Trust chain
System Model
NS - Evaluation
Refrences
Distributed Self-organized
Trust Management for MANETs
Mehran Misaghi1 Eduardo da Silva2,3
Luiz Carlos P. Albini3
1 Research Department - Educational Society of Santa Catarina
mehran@sociesc.org.br
2 Department of Informatics - Catarinense Federal Institute
eduardos@inf.ufpr.br
3 Department of Informatics - Federal University of Parana
albini@inf.ufpr.br
April 20, 2012
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
40. Introduction
System Model
Refrences
Patrick Albers, Olivier Camp, Jean-Marc Percher, Bernard
Jouga, Ludovic M´, and Ricardo Staciarini Puttini.
e
Security in ad hoc networks: a general intrusion detection
architecture enhancing trust based approaches.
In Proceedings of the 1st International Workshop on Wireless
Information Systems (WIS ’02), pages 1–12. ICEIS Press, April
2002.
Matt Blaze, Joan Feigenbaum, and Jack Lacy.
Decentralized trust management.
In Proceedings of the 1996 IEEE Symposium on Security and
Privacy (SP ’96), page 164. IEEE Computer Society, 1996.
Sonja Buchegger and Jean-Yves Le Boudec.
Performance analysis of the CONFIDANT protocol.
In Proceedings of the 3rd ACM international symposium on
Mobile ad hoc networking & computing (MobiHoc ’02), pages
226–236, New York, NY, USA, 2002. ACM.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
41. Introduction
System Model
Refrences
Azzedine Boukerche and Yonglin Ren.
A security management scheme using a novel computational
reputation model for wireless and mobile ad hoc networks.
In Proceedings of the 5th ACM symposium on Performance
evaluation of wireless ad hoc, sensor, and ubiquitous networks
(PE-WASUN ’08), pages 88–95. ACM, 2008.
Vincent Buskens.
Social Networks and Trust.
Kluwer Academic Publishers, Dordrecht, The Netherlands,
2002.
Ben-Jye Chang, Szu-Liang Kuo, Ying-Hsin Liang, and De-Yu
Wang.
Markov chain-based trust model for analyzing trust value in
distributed multicasting mobile ad hoc networks.
59:1846–1863, 2009.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
42. Introduction
System Model
Refrences
Chrysanthos Dellarocas.
Mechanisms for coping with unfair ratings and discriminatory
behavior in online reputation reporting systems.
In Proceedings of the 21th International Conference on
Information Systems (ICIS ’00), pages 520–525, Atlanta, GA,
USA, 2000. Association for Information Systems.
Hongjun Dai, Zhiping Jia, and Zhiwei Qin.
Trust evaluation and dynamic routing decision based on fuzzy
theory for manets.
JSW – Journal of Software, 4(10):1091–1101, 2009.
Tirthankar Ghosh, Niki Pissinou, and Kami Makki.
Towards designing a trusted routing solution in mobile ad hoc
networks.
Mobile Networks and Applications, 10(6):985–995, 2005.
Q. He, D. Wu, and P. Khosla.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
43. Introduction
System Model
Refrences
SORI: A secure and objective reputation-based incentive
scheme for ad-hoc networks.
In Proceedings of the 2004 IEEE Wireless Communications
and Networking Conference (WCNC ’04), pages 825–830.
IEEE Communications Society, 2004.
Tao Jiang and John S. Baras.
Ant-based adaptive trust evidence distribution in manet.
In Proceedings of the 24th International Conference on
Distributed Computing Systems Workshops(ICDCSW’04),
pages 588–593. IEEE Computer Society, 2004.
Haiyun Luo, Jiejun Kong, Petros Zerfos, Songwu Lu, and Lixia
Zhang.
Ursa: ubiquitous and robust access control for mobile ad hoc
networks.
IEEE/ACM Transaction on Networking (TON),
12(6):1049–1063, 2004.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
44. Introduction
System Model
Refrences
Xia Li, Jill Slay, and Shaokai Yu.
Evaluating trust in mobile ad hoc networks.
In Proceedings of the 2005 Workshop of International
Conference on Computational Intelligence and Security (CIS
’05). Springer, 2005.
Sergio Marti, T. J. Giuli, Kevin Lai, and Mary Baker.
Mitigating routing misbehavior in mobile ad hoc networks.
In Proceedings of the 6th Annual International Conference on
Mobile Computing and Networking (MobiCom ’00), pages
255–265. ACM, 2000.
Pietro Michiardi and Refik Molva.
Core: a collaborative reputation mechanism to enforce node
cooperation in mobile ad hoc networks.
In Proceedings of the IFIP TC6/TC11 6th Joint Working
Conference on Communications and Multimedia Security,
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
45. Introduction
System Model
Refrences
pages 107–121, Deventer, The Netherlands, The Netherlands,
2002. Kluwer, B.V.
Y. L. Sun, Z. Han, W. Yu, and K. J. R. Liu.
A trust evaluation framework in distributed networks:
Vulnerability analysis and defense against attacks.
In Proceedings of the 25th IEEE International Conference on
Computer Communications (INFOCOM ’06), pages 1–13.
IEEE Communications Society, 2006.
Mohit Virendra, Murtuza Jadliwala, Madhusudhanan Ch, and
Shambhu Upadhyaya.
Quantifying trust in mobile ad-hoc networks.
In Proceedings of the IEEE International Conference on
Integration of Knowledge Intensive Multi-Agent Systems
(KIMAS ’05, pages 65–71. IEEE Computer Society, 2005.
P. B. Velloso, R. P. Laufer, O.-C.M.B. Duarte, and G. Pujolle.
A trust model robust to slander attacks in ad hoc networks.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs
46. Introduction
System Model
Refrences
In Proceedings of 17th International Conference on Computer
Communications and Networks. (ICCCN ’08), pages 1–6. IEEE
Communications Society, 2008.
Bing Wu, Jianmin Chen, Jie Wu, and Mihaela Cardei.
A survey on attacks and countermeasures in mobile ad hoc
networks, chapter 12, pages 103–136.
Springer-Verlag, New York, NY, USA, 2006.
Mehran Misaghi - mehran@sociesc.org.br Distributed Self-organized Trust Management for MANETs