Trust Management in Mobile Ad Hoc Networks Using a Scalable Maturity-Based Model Authors: Pedro B. Velloso, Rafael P. Laufer, Daniel de O. Cunha, Otto.

Trust Management in Mobile Ad Hoc Networks Using a Scalable

Maturity-Based Model

Authors: Pedro B. Velloso, Rafael P. Laufer, Daniel de O. Cunha, Otto Carlos M. B. Duarte, and Guy Pujolle

Paper Presentation By : Gaurav Dixit ([email protected])

Outline

• Introduction• Trust Model• Implementation• Results

• MANets - same node can work as router server client• Assumption of good behavior – Not true!• Trust needs to be measured - This paper provides one such method.• Applying human trust dynamics to trust calculation of nodes• Builds on recommendations

Introduction

• Trust level of a node depends on:= (previous individual experiences) + (recommendation from neighbors)

Benefits of trust calculation:• avoid sending packets to malicious nodes.• increased co-operation among good nodes.

Recommendations collected only from neighbors. Advantages for nodes:

• Less storage• Less power requirement• Less processing • Better for changing topologies – information for entire network not required

Since, recommendations not forwarded, it is good for networks:

• Less recommendation messages travelling in network - low traffic

• Low energy consumption for entire network

Relationship Maturity

Similar to human trust behavior, more weightage is given to the recommendations from older neighbors.

Trust Model

Trust level assigned to each neighbor.

Trust value reflects behavior history, and thus expected future behavior.

Node forms opinion based on experiences.Transmission of these opinions about node i are called recommendations.

Trust Model …

Recommendations compensate for lack of monitoring capabilities.

Paper defines Recommendation Exchange Protocol (REP)

Trust Model…

Trust level varies from 0 to 1.

• Recommendation from C more important than that from B, because of relationship maturity.

Trust Model: Architecture

Two parts:I) Learning Plan: gathers

and converts information into knowledge.

II) Trust plan: assess trust level of each neighbor using stored knowledge and recommendations.

Trust Model: Components

Trust Model: Components• Behavior monitor observes network, indicates new neighbors to Rec Manager, and send behavior report to Classifier.• Classifier sends behavior classification to Experience Calculator.• Trust Calculator calculates trust with inputs from experiences and recommendations.• Auxiliary Trust Table entries correspond to relationship maturity.• Trust table entries have timeout.

Trust Model: Components

• Three operation modes:I) Simple: Just trust table, REP optionalII) Intermediate: Simple mode plus storage of

recommendationsIII) Advanced: Complete system implementation.

• Recommendation Manager implements REP.• All nodes are in advanced mode in this paper.

Trust level evaluation

𝑇𝑎( ) = (1 − )𝑏 𝛼 𝑄𝑎( ) + 𝑏 𝛼𝑅𝑎( )𝑏

𝑄𝑎( ) = 𝑏 𝛽𝐸𝑎( ) + (1 − )𝑏 𝛽 𝑇𝑎( )𝑏

Ta(b) ->Trust calculation from node a for node b Qa(b) -> Personal ExperienceRa(b) -> Recommendations

All variables(except a & b) range from 0 to 1.

Recommendation Computation

𝐾𝑎 subset of neighbors𝑀𝑖( ) 𝑏 relationship Maturity𝑋𝑖( ) 𝑏 random variable with normal distribution representing recommendation uncertainty.𝑋𝑖( ) = (𝑏 𝑁 𝑇𝑖( ), 𝑏 𝜎𝑖( ))𝑏

First Trust Values

Initial trust values can be: I) Prudent : Strangers have low trust valueII) Optimist: High trust in new neighbors.III) Moderate: Trust value between Prudent

and optimist.Fa First trust value

𝑇𝑎( ) = (1 − )𝑏 𝛼 𝐹𝑎 + 𝛼𝑅𝑎( )𝑏

Recommendation Exchange Protocol

Only one hop neighbors considered. ( IP TTL=1)

Consists of:I) TREQ: Trust RequestII) TREP: Trust ReplyIII) TA: Trust Advertisement

REPTREQ sent when nodes first meet, with IP of new neighbor as target node. Wait time tREQ before sending TREQ

TREP sent by neighbors who have target node as their neighbor, after waiting for random time period tREP

TA sent if trust level changes by threshold 𝜋

Authentication

A pair of public-private key for each node is sufficient for the system to work.

Sybil attack would not be a problem since the malicious identities are quickly found and ignored.

Trust Model Implementation

Learning Plan

Nature of nodes vary from 0 (untrustworthy) to 1 (trustworthy)

A node with nature of 0.8 would do 8 good actions out of 10.

Behavior Monitor is emulated by concept of perception, which indicates probability of noticing a certain action.

Classifier (perfectly) classifies actions.

Node will decide for itself whether or not it will use behavior monitor in promiscuous mode. Required perception value and personal constraints would help in this decision.

Experience Calculator observes imin actions before calculating trust. Higher perception would result in more accurate trust level. But higher imin means higher convergence time.

Paper assumes imin =10

Results: Small networksAll nodes are at one hop distance.

Time in seconds.Convergence at t=350 for = = = 0.5𝛼 𝛽 𝜏

Results: Small networksOptimistic first trust strategy.

Time in minutes.Nature set to 0.2 .

Number of neighbors varied.

Results: Small networks

Neighbors =15

Varying alpha

Results: Small networks

Perception is the 𝜏fraction of actions a node can notice from its neighbors

Varying 𝜏

Results: Multihop MANets

Analyzing movement in more complex networks.21 nodes with 250m transmission range, placed in 1000 m × 400 m .

𝛼 = = = 0.5𝛽 𝜏First trust optimist (0.9)Nature of nodes = 0.2

Results: Multihop …

m1 keeps 3 old neighborsm2 has no old neighbors

Results: Multihop …

m1 keeps 3 old neighborsm2 has no old neighbors

Results: Multihop …

Node speeds three times faster.

Results: Multihop …

Varying perception – lower perception takes longer time to converge.

Results: Relationship maturity

Node 1,8,15 go to zone F2.

Evaluating trust level of node 8 about node 20

Results: Relationship maturityUsing lower perception value(0.2)

Note that recommendations are important in low perception cases

Results: Lying Attacks

20 nodes -250m transmission range, placed in a150 m × 150m

Node 1 changes nature from 0.9 to 0.2

Results: Lying Attacks

Malicious nodes fixed at 40%

Results: Lying Attacks

Slander Attack

Node2 evaluating node1 which has nature 0.9

Pessimistic strategy (Fa=0.1)

Results: Lying Attacks

Slander Attack

Varying alpha

Results: Lying Attacks

Slander Attack

Varying perception parameter.

Results: Lying Attacks

Slander Attack

Malicious nodes lie after t=200

Results: Lying Attacks

Slander Attack

Malicious nodes identification time varying

Results: Lying Attacks

Slander Attack

Malicious nodes identification time varying

REPTo reduce number of messages sent across network:• TREQ is sent once containing multiple target nodes, using timer based approach.• TREP instead of sending once per request, implemented as broadcast – this saves 85% • TREP implemented, additionally, with timer, saves 99% messages.• TA implemented with a threshold to reduce its occurrence.

REP

REP

Changing the value of Trust threshold( )𝜋

REP

Changing the value of Trust threshold( ) 𝜋 and its impact on trust levels.

Discussion

• Using smart timers in suppressing redundant messages scales well in large networks, reducing overhead for trust management by 85 to 99%.• Increasing value of α improves the trust model efficiency, since we can use already derived results (by neighbors) in the form of recommendations.

Conclusion

• Flexible trust evaluation model proposed based on concept of human trust, which uses recommendations and relationship maturity.• Recommendation Exchange Protocol (REP) proposed.• Model highly scalable – since only neighbors consulted.• Model tolerates 35 % liars• Trust level error reduced by 50% by using relationship maturity parameter.

Thank You!