TRUST MODEL FOR AD HOC NETWORKS

DEPARTMENT ELECTRICAL AND COMPUTER

ENGINEERING

Senior Design Project II

0402492

TRUST MODEL FOR AD HOC NETWORKS

Spring 2008/2009

By:

• Osama Khaled Al-Koky (20510076)

• Waleed S. Hammad (20510327) Supervisor:

• Dr. Ibrahim Kamel

1

Trust Model in Ad hoc Networks

Abstract

Ad Hoc Networks’ fast growing popularity urged the research into countering the

security concerns arisen from malicious nodes taking part in the construction of a trusted

network. This project highlights some of the efforts that have been done to achieve trustful

ad-hoc network. Then, the project illustrates how its proposed model is different from the

related work. The project proposes a collaboration model that utilizes past interactions to

identify malicious peers in ad-hoc networks. Peers might seek recommendations about an

unknown node from other trusted peers before they decide to collaborate with them. The

model takes into account oscillating peers which exhibit honest behavior for a period of time

and then later become malicious. Also, in this project, we simulate the proposed model and

conduct several experiments in verification of the model’s robustness.

2

Table of Contents

Abstract .......................................................................................................................... 1

Table of Figures ............................................................................................................. 4

Table of Equations ......................................................................................................... 5

Table of Acronyms and Symbols ................................................................................... 5

1. Introduction .......................................................................................................... 6

1.1. Purpose and Motivation ................................................................................... 6

1.2. Ad hoc Network ............................................................................................... 7

1.3. Centralized vs. Decentralized Trust ................................................................. 8

2. Problem definition ............................................................................................... 8

2.1. Scope ................................................................................................................ 8

2.2. Attacks in ad-hoc networks .............................................................................. 8

3. Related Work ..................................................................................................... 10

3.1. Centralized Trust ............................................................................................ 10

3.2. Decentralized Trust ........................................................................................ 12

4. Model and Assumptions .................................................................................... 14

4.1. Collaboration Model ...................................................................................... 14

4.2. Attack Model .................................................................................................. 15

4.3. Details of the Proposed Model ....................................................................... 15

4.4. Bootstrapping ................................................................................................. 19

4.5. Redemption .................................................................................................... 19

5. Performance measures ....................................................................................... 19

5.1.1. Percentage of risky interactions ............................................................... 19

5.1.2. The speed of detecting a malicious node ................................................. 20

6. Experiments ....................................................................................................... 20

6.1. Assumptions and Relaxations ........................................................................ 20

6.2. Simulation Scheme ......................................................................................... 20

6.3. Defenseless vs. fortified ................................................................................. 21

6.4. Speed of detecting a malicious node .............................................................. 22

6.4.1. Speed of detecting a non-cooperating malicious node ............................ 22

6.4.2. Speed of detecting a cooperating malicious node .................................... 23

6.5. Speed of detecting a malicious oscillating node ............................................ 24

6.5.1. Speed of recovering an honest oscillating node ....................................... 25

6.5.2. IDS error rate vs. number of risky interactions ........................................ 26

6.5.3. Weight of second hand experience vs. percentage of risky interactions . 27

7. Conclusion ......................................................................................................... 28

3

References .................................................................................................................... 30

Appendix I: Simulator code ......................................................................................... 32

Class ToT .................................................................................................................. 32

Class node ................................................................................................................ 33

Class network ........................................................................................................... 39

Class Main ................................................................................................................ 50

4

Table of Figures

Figure 1: Collaboration between different devices in a public place ............................. 6

Figure 2: Use of Ad-hoc networks in disasters recovery ............................................... 7

Figure 3: Categorization of trust models ..................................................................... 10

Figure 4: Table of Trust ............................................................................................... 16

Figure 5: Collaboration flow diagram .......................................................................... 19

Figure 6 Defenseless vs. fortified ................................................................................ 22

Figure 7: Speed of detecting a malicious node ............................................................ 23

Figure 8 Speed of detecting a collaborating malicious node ....................................... 24

Figure 9 Speed of detecting an oscillating malicious node .......................................... 25

Figure 10 Speed of recovering an honest oscillating node .......................................... 26

Figure 11 IDS error rate vs. percentage of risky interactions ...................................... 27

Figure 12 Weight of second hand experience vs. percentage of risky interactions ..... 28

5

Table of Equations

Equation (1) ................................................................................................................. 17

Equation (2) ................................................................................................................. 18

Equation (3) ................................................................................................................. 18

Table of Acronyms and Symbols

PIE Past Interactions Experience

Tacc Trust Acceptable

IDS Intrusion Detection System

ToT Table of Trust

α Weight of Second Hand Experience

δ Initialization Distance

6

1. Introduction

1.1. Purpose and Motivation

People in public places such as airports and train stations can share resources among

each other, using their portable PCs, PDAs or any portable or stationary communication

device in the area. For example a person with a mobile phone that has no internet access

could ask for the information from another person whose PDA has internet coverage, or a

person with a PDA needing an operation that requires heavy processing power, (e.g. video

editing or heavy image editing) can ask another person using a laptop to carry on the

operation (see Figure 1). This type of environment is called an ad-hoc network - a brief

description of this is in the following section.

Figure 1: Collaboration between different devices in a public place

The problem arising with an ad-hoc network is that it brought up the need to deal with

strangers or anonymous people in open public places with the absence of central systems that

can govern those interactions. This may result in privacy breeches or may infect systems with

viruses. Still, the ease of forming a network under ad-hoc networks makes it a popular

method for interacting with others, thus urging research to provide better methods to make

ad-hoc networks a safe communication environment.

7

1.2. Ad hoc Network

An ad-hoc (or "spontaneous") network is a local area network such as small networks,

especially one with wireless or temporary plug-in connections, in which some of the network

devices are part of the network only for the duration of a communication's session or, in the

case of mobile or portable devices, while in some close proximity to the rest of the network.

In Latin, ad hoc literally means "for this", a further meaning is "for this purpose only" and

thus usually temporary [1]. The network is created, operated and managed by the nodes

themselves, without the use of any existing network infrastructure or centralized

administration. The nodes assist each other by passing data and control packets from one

node to another, often beyond the wireless range of the original sender. This union of nodes

forms arbitrary topology. The nodes are free to move randomly and organize themselves

arbitrarily; thus, the network's wireless topology may change rapidly and unpredictably. The

decentralized nature of wireless ad hoc networks makes them suitable for a variety of

applications where central nodes cannot be relied on, and may improve the scalability of

networks compared to wireless managed networks. Such a network may operate in a

standalone fashion, or may be connected to the larger Internet. Minimal configuration and

quick deployment make ad hoc networks suitable for emergency situations like disasters

recovery (see Figure 2) or military conflicts. The execution and survival of an ad-hoc

network is highly dependent upon the cooperative and trusting nature of its nodes.

Figure 2: Use of Ad-hoc networks in disasters recovery

8

1.3. Centralized vs. Decentralized Trust

In centralized trust we need a party that is trusted by all nodes in the network and this

party is responsible for calculating the trust for each and every node in the network. Systems

like eBay and Amazon can use a centralized trust authority since users are stationary and they

have a fixed account. This scheme has some disadvantages. First, there is only a single

authority which its failure means the failure of the whole system. Second, trust is something

relative which means that the trust of a certain node may differ from one node to another, and

since ad-hoc network are established on the fly, it is difficult to create a centralized authority.

In decentralized trust, on the other hand, nodes themselves have to organize the

network and each node will compute the trust of its neighbors by monitoring their behaviors

and taking recommendations from other nodes that have experience with the node we are

seeking collaborating with.

2. Problem definition

In ad-hoc networks nodes do not necessarily have to know each other, so they

cannot know whether they are collaborating with a legitimate node or a malicious one. This

leads to the need of a trust model to organize the network without having a centralized unit.

2.1. Scope

In our model, the main concern is to provide trustful community that can find and

eliminate malicious nodes. We also focus the efforts on the level of services provided by or

required by the node rather than forwarding or receiving packets. Thus, our model is not

considering attacks on routing and network layer, but rather attacks on the services level.

2.2. Attacks in ad-hoc networks

There are a wide variety of attacks that target the weakness of ad-hoc network. The

attacks in ad-hoc network can possibly be classified into two major categories according to

the means of attack: Passive attacks and Active attacks. A passive attack obtains data

exchanged in the network without disrupting the operation of the communications, while an

active attack involves information interruption, modification, or fabrication.

9

Examples of passive attacks include eavesdropping, traffic analysis, and traffic

monitoring. Examples of active attacks consist of jamming, impersonating, modification,

denial of service (DoS), and message replay [13].

Attacks in networks can also be either external attacks and/or internal attacks.

External attacks are carried out by nodes that do not belong to the domain of the network.

Internal attacks are from compromised nodes, which are actually part of the network. Internal

attacks are more severe when compared with outside attacks since the insider knows valuable

and secret information, and possesses privileged access rights.

More sophisticated and subtle attacks have been identified in recent research papers.

The black hole, Byzantine, and wormhole [14] attacks are the typical examples. But those

types of attacks are targeting the network layer, and thus routing, which is not the scope of

our trust model. Rather, attacks on application layer are the sort of attacks concerning our

model.

The application layer communication is vulnerable in terms of security compared with

other layers. The application layer contains user data, and it normally supports many

protocols such as HTTP, SMTP, TELNET, and FTP, which provide many vulnerabilities and

access points for attackers [13].

The application layer attacks are attractive to attackers because the information sought

ultimately resides within the application and it is direct for them to make an impact and reach

their goals.

There are mainly two types of attacks on the application layer: Malicious code attack

and Repudiation attacks. Malicious codes, such as viruses, worms, spywares and Trojan

Horses, can attack both operating systems and user applications. The malicious programs

usually can spread themselves through the network and cause the computer systems and the

network to slow down or even be damaged.

In the network layer, firewalls can be installed to keep packets in or keep packets out.

In the transport layer, entire connections can be encrypted, end-to-end. But these solutions do

not solve the authentication or non-repudiation problems in the application layer. Repudiation

refers to a denial of participation in all or part of the communication. For example, a selfish

node could deny conducting an operation on a credit card purchase, or deny any on-line bank

transaction, which is the proToTypical repudiation attack on a commercial system [13].

10

3. Related Work

A lot of researches have been carried out in the field of network trust. These

researches can be categorized based on network topology or on implementation of the trust.

Based on the network topology, there are trust for peer-to-peer networks and trust for ad hoc

networks. Several papers have been published in P2P trust [11] [12]. However, these models

have high overhead which is not suitable for ad-hoc network since mobile devices have

limited energy and low processing capabilities. Based on the implementation of trust, we can

categorize trust models as centralized and decentralized models which is what we are going

to focus on in our project. A detailed discussion about centralized and decentralized trust is in

the following sections.

Figure 3: Categorization of trust models

3.1. Centralized Trust

In centralized trust we need a party that is trusted by all nodes in the network and this

party is responsible for calculating the trust for each and every node in the network. Systems

like eBay and Amazon are using centralized trust authorities since users are stationary and

they have fixed accounts. In eBay after each interaction the user gives a value for the

satisfaction of the interaction (1) for positive, (-1) for negative and (0) for neutral. When

deciding whether to interact with a certain user or not has to decided by a human. This also

makes the system not fully automated since there is a human intervention in making a

decision based on the reputation of a user. This scheme has some other disadvantages as well.

Trust Models

Peer-to-Peer

Decentralized Centralized

Ad-hoc

RoutingServices

(our model)

Web Services

11

First, there is only a single authority which suffers from a single point of failure. This might

not be severe in Internet environment but it is more severe in ad-hoc network where nodes

can be highly mobile and connect and disconnect from the network more frequently. Another

problem of the centralized trust model is that there will be a global trust value for each single

node. However trust is usually subjective [5] that is A may have a trust value for C that is

different from that of B. For example a malicious user A may not be interested in attacking a

normal user B which means that B will have a high trust value for A. On the other hand A

might be interested in attacking user C (e.g. a bank, financial institute etc.) which means that

C will have a low trust value for A.

In ad-hoc networks, on the other hand, nodes themselves have to organize the network

and each node will compute the trust of its neighbors by monitoring their behaviors and

taking recommendations from other nodes that have experience with the node we are seeking

collaborating with. Centralized trust models are difficult to be applied in ad-hoc networks

since the luxury of having centralized unit is very difficult to achieve.

Trust models can also be categorized based on the application or network topology.

There are three main categories which are: internet applications, peer-to-peer and ad hoc

networks.

Peer-to-peer networks are very similar to Ad-hoc networks in that both are self-

organized and decentralized. Most peer-to-peer systems work on the wired internet [6], which

makes the topology somehow known. Since nodes are connected to the internet most of them

are static and have somehow unlimited power and processing capabilities which makes a

heavy trust model feasible. In peer-to-peer we can assume the existence of some pretrusted

nodes that are trusted by most peers in the network. We can even have a central authority to

keep users’ profiles and manage the trust since everything is on the known internet.

A good example of internet applications is web services. Trust in web services could

be either from the point of view of the web service itself or from the point of view of the user

of this service. Web services can evaluate users’ trust based on their profiles and their

behavior. They also use a third party central authority for trust management. This model

cannot be applied to ad hoc networks because of the use of user profiles. The dynamic nature

of ad-hoc network makes keeping user profiles difficult since users can be part of several

networks and the profile of each node need to be stored at every other node in the network

12

due to absence of a centralized unit. Users can trust web services using any authentication

techniques like the X.509 [1].

3.2. Decentralized Trust

Pretty Good Privacy (PGP) encryption uses public-key cryptography and includes a

system which binds the public keys to a user name and/or an e-mail address. It was generally

known as a web of trust to contrast with the X.509 system [3]. It became a popular trust

system replacement for centralized trust. However, for access restricted ad-hoc networks, it

had been shown to be unsuitable for the following reasons: • Assume sufficient density of certificate graphs

o Problem at network initialization.

o Time delay to setup.

• Certificate chains provide weak authentication:

One or more compromised nodes in certificate chain can lead to unsuccessful

authentication [15].

The EigenTrust [6] mechanism aggregates trust information from peers by having

them perform a distributed calculation approaching the eigenvector of the trust matrix over

the peers. EigenTrust relies on good choice of some pretrusted peers, which are supposed to

be trusted by all peers. This assumption may be over optimistic in a distributed computing

environment. The reason is that pretrust peers may not last forever. Once they score badly

after some transactions, the EigenTrust system may not work reliably.

Prakash V. and Vikram L. [7] made a collaborative trust model for secure routing.

Their model is based on monitoring neighbor nodes for routing actions and issuing a single

intrusion detection (SID) in case of observing a malicious action. Routing behaviors that are

monitored to detect a malicious behavior are:

• SIDS issued against a node.

• The difference between the number of beacons a node is expected to send and the

number of beacons it actually sends.

• The difference between the number of acknowledgement a node is expected to send

and the actual number of acknowledgement it sends.

13

The monitoring mechanism is the one used in SCAN [8], which monitors the routing

updates and the packet forwarding behaviors of neighbor nodes. When a node observes a

malicious activity from one of its neighbors it issues an SID against it. However, other nodes

will not accept the SID blindly; instead it will check the trust of the node that issued the SID,

request recommendations from other nodes as well and if the compromised node is in the

radio range it will monitor it for a period and the decide whether to accept the SID or not.

When a node wants to calculate the trust for a remote neighbor, the node requests the trust

value from its neighbors who are in the range of that node. The node then calculates the bad

trust value as a weighted average then it computes the route as a shortest path problem based

on the trust values of the nodes. The shortcomings of this model are that they did not address

the problem of the oscillating nodes and the processing and memory overhead of the model

are very high.

In TOMS [5], Y. Ren and A. Boukerche established a trust management system that

allows only trustworthy intermediate nodes to participate in the path construction process

while also providing anonymity to the communicating parties. The trust model is distributed

to each node in the network and all nodes update their own assessments concerning other

nodes accordingly. The routes set up in this way will traverse the most trustworthy nodes in

each hop. The multicast mechanism used among nodes utilizes the trust as a requirement in

order to choose the most satisfactory neighbors for conveying messages. The main factors in

calculating the trust of a node in this model is the time this node spends in the community and

the past activity record of the node. In most trust computation models, the trust value is

computed generally based on the linear function. However, in TOMS they propose a trust

model that will update the trust value based on different increase-shapes.

The mentioned above related work is concerned with how to implement trust through

routing related algorithms. And this is where our model comes with different scope in mind;

to secure the services on the node from being under attack by malicious nodes.

The PowerTrust [9] system dynamically selects small number of power nodes that are

most reputable using a distributed ranking mechanism. In this model, peer feedbacks are

following a power-law distribution. By using a look-ahead random walk strategy and

leveraging the power nodes, PowerTrust significantly improves in global reputation accuracy

and aggregation speed. PowerTrust is adaptable to dynamics in peer joining and leaving and

robust to disturbance by malicious peers.

14

The previous models suffer from several shortcomings which makes them either weak

or more suitable for peer-to-peer networks rather than ad-hoc networks. The shortcomings of

these models can be summarized in the following points. They assume the existence of some

pretrusted nodes which means that they have a silent assumption that the network exists and

it is running for some time. Also, they did not address the issue of bootstrapping the network

which is very crucial.

Our proposed model is different than previous models in several points. First, we will

implement our model on the application layer, that is, we care only about attacks on this

layer. Second, we assume that there is no network running and we do not rely on pretrusted

nodes and we will consider the issue of bootstrapping the network. Finally, our biggest

contribution is that we will take care of nodes that exhibit oscillating behavior. Oscillating

node issue can be very dangerous for the network. For example a malicious node can join the

network and behave honestly for a certain period of time until it gains high trust value from

most of the nodes and then it starts issuing attacks. Another scenario is of an honest node

being compromised by a malicious node or software. This will make its trust go down until

no one interacts with it anymore. Nevertheless, the node can recover, but due to its trust being

so low, the other nodes will still deny future interactions. This brings the need for a

mechanism to deal with oscillating nodes efficiently.

4. Model and Assumptions

Our model is based on the past interactions between nodes and the recommendations

taken from neighbor nodes. We are not considering routing, however, we are considering

using the model for any type of interactions.

4.1. Collaboration Model

We are considering wireless ad hoc network which consists of an unconstrained

number of nodes. Nodes can be mobile phones, PCs, PDAs or any other portable

communication device. Nodes can join and leave the network at any point of time and they

can be stationary or mobile nodes. We assume that each node has a unique MAC address that

cannot be altered. The network also might have an unconstrained number of malicious nodes.

A node may ask a neighbor node for a certain service such as using the internet, shared

printer, computing power, routing a packet to a certain destination, or any other distributed

service. We will consider the existence of a protection system in the nodes of the network

15

which can be an antivirus, an IDS or other protection and detection software. We will model

this protection system as a probabilistic value which means that the system will detect a

malicious activity in a certain probability.

4.2. Attack Model

In this work we are considering attacks only on the application and transport layer.

We are not concerned with attacks on the network layer (routing attacks). Nodes are divided

into several categories according to their behavior. Selfish nodes are nodes which are not

willing to collaborate with others nodes. Careless nodes are nodes which give random

recommendation instead of the true ones. Malicious nodes are nodes which might attack other

nodes and cause damage. Oscillating nodes are nodes which have oscillating behavior. for

example behaving well for some time to gain high trust and then start attacking, or a trusted

node which is being hacked or compromised by a virus or a malicious node. Trusted nodes

are nodes which behave exactly as others expect them to behave. The most important of all

are the malicious nodes and the oscillating nodes because they are the most dangerous ones.

In our model we have several activities that we consider as attacks:

• Sending a malicious code to a node asking for collaboration.

• Overusing the collaborating node’s resources.

• Usage of an unauthorized resource from the collaborating node.

• Privacy breech or compromising the collaborating node’s privacy.

4.3. Details of the Proposed Model

This section describes the proposed trust model and provides the metrics for assessing

the trust in the network. The trust value computation is based on peer recommendations and

past interactions experience. Past interaction experience is an aggregate measure for the

quality of prior collaborations. The following discussions do not differentiate between service

provider and service requester because any of them can be malicious or honest at some point

of time. Each peer i maintains a Table of Trust (ToT) in which each row corresponds to one

peer that i interacted with in the past. The table stores:

• The peer-ID.

• Past Interaction Experience (PIE) value that corresponds to the quality of past

interaction with hosting peer.

16

• Number of times N peer i interacted with peer j.

ID PIE # Interactions

19AFC34 0.765 3

12DE542 0.456 17

345FAD1 0.823 9

… … …

… … …

Figure 4: Table of Trust The trust value of peer i in peer j is not necessarily the same as the trust value of peer j

in peer i. To compute how much trust peer i has in peer j, peer i asks other peers about their

trust in j. Each peer k submits its recommendation (opinion) as a trust value then the collected

values are weighted by how much i trust the submitting peers. The trust table ToT will be

used by the hosting peer i in one of the following cases:

• If peer j offers a service that peer i requested and if the requested service is available

at more than one service provider, in this case, peer i chooses the most trusted peer to

deal with.

• If the peer i receives a request from peer j to use the services available at peer i; in this

case, peer i would consult its ToT to decide whether it will offer its service to peer j or

not.

• Peer k requests an advice from peer i whether it should collaborate with peer j or not.

Peer i sends the trust value that corresponds to peer j from its ToT.

The trust value is affected and updated when one of the following occurs:

• After the completion of a service request from peer j, peer i might change the trust

value of peer j depending on the experience. Peer i demotes the trust in peer j if the

performance of the system gets affected during the service or right after the service,

e.g., if one of the resources slows down or become unavailable. Peer i can have an

IDS which detects unusual behavior or attempts to overuse or access resources

without permission.

• After peer i asks for service access from peer j. peer i value of trust in peer j will be

updated to reflect the quality of the collaboration. If the service was successful, the

trust value for peer j will be promoted. If the service was not complete or the service

has resulted in damage (e.g., virus), that value will be demoted. In a more formal way,

17

a peer i uses Ti (j) to decide whether to collaborate with peer j or not. Ti (j) is

computed as follows:

𝑇𝑇𝑖𝑖(𝑗𝑗) = (1 − 𝛼𝛼) × 𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗) + 𝛼𝛼 ×∑ 𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑘𝑘) × 𝑃𝑃𝑃𝑃𝑃𝑃𝑘𝑘(𝑗𝑗)𝑀𝑀−2𝑘𝑘=1

∑ 𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑘𝑘)𝑀𝑀−2𝑘𝑘=1

(1) Where:

• Ti (j) is a value that reflects the trust value of peer i in peer j.

• PIEi (j) is a value that peer i maintains and reflect past interaction with peer j.

• α (weight of second hand experience) is a weight for others’ recommendations

and it is a real number between 0 and 1.

• M is the number of peers which are contacted by peer i to give their

recommendations.

The parameter α can be tuned to give more or less importance to peer

recommendations with respect to past interactions. Note that Ti (j) is not stored in ToT but it is

used to update the value of PIE and to decide whether to collaborate or not. If Ti (j) is greater

than a pre-defined threshold, Tacc, collaboration is accepted, otherwise it is rejected. Another

important parameter is the initialization of the trust values in ToT, i.e., bootstrapping issue.

The model initializes the PIE values for all the peers to Tacc + δ, where δ is a positive

parameter. After each collaboration experience, an Intrusion Detection System (IDS)

determines if the collaboration was successful or not. Since IDS might fail to detect some of

the attacks, it is modeled by a probabilistic function. After every collaboration, the value of

PIE is updated using a reward-punishment heuristic to limit the impact of malicious peers and

eventually expel them. The value of PIEi(j) which is maintained by peer i and reflects the

trust of peer i in peer j is updated as follows:

Case of unsuccessful collaboration:

Let S, N denote the number of successful collaborations and the ToTal number of

collaborations between peer i and peer j respectively. Let PIEi(j)old be the value that

corresponds to all peer i’s prior experiences with peer j. We define PIEi(j)old as the fraction

N/S . In case of unsuccessful collaboration, the number of successful collaborations remains

the same while the ToTal number of collaborations N increases.

18

This means that:

𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗)𝑛𝑛𝑛𝑛𝑛𝑛 = 𝑆𝑆

𝑁𝑁 + 1

Hence, we have:

𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗)𝑛𝑛𝑛𝑛𝑛𝑛 = 𝑆𝑆𝑁𝑁

×𝑁𝑁

𝑁𝑁 + 1

Finally, we get:

𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗)𝑛𝑛𝑛𝑛𝑛𝑛 = 𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗)𝑜𝑜𝑜𝑜𝑜𝑜 ×𝑁𝑁

𝑁𝑁 + 1

(2) Case of successful collaboration:

In this case, the number of successful collaborations and the ToTal number of

collaborations increase, thus:

𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗)𝑛𝑛𝑛𝑛𝑛𝑛 =𝑆𝑆 + 1𝑁𝑁 + 1

This means that:

𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗)𝑛𝑛𝑛𝑛𝑛𝑛 =𝑆𝑆 + 1𝑁𝑁

×𝑁𝑁

𝑁𝑁 + 1

Finally:

𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗)𝑛𝑛𝑛𝑛𝑛𝑛 = 𝑃𝑃𝑃𝑃𝑃𝑃𝑖𝑖(𝑗𝑗)𝑜𝑜𝑜𝑜𝑜𝑜 ×𝑁𝑁

𝑁𝑁 + 1+

1𝑁𝑁 + 1

(3) Note that after any kind of collaboration N increases by 1. If Ti (j) < Tacc then PIEi (j)

is demoted according to Equation (2), and no collaboration takes place between peer i and

19

peer j. The decision whether to demote or promote PIE is made by the intrusion detection

system depending on the quality of collaboration. Note that in general, Tacc can be different

from one peer to another.

4.4. Bootstrapping

When a node joins the network and it does not have a previous knowledge about any

of the nodes in the network it may face some bootstrapping issues. If it gives all other nodes a

low PIE it will not interact with anyone. If it gives all nodes a high PIE it will be in a high

risk. To solve this problem we introduced an initialization parameter we call it delta (δ)

which will be used to initialize PIE. PIE of all nodes will be initialized to Tacc + δ and it has

to be set carefully so that interactions will happen and the situation will not be too risky.

4.5. Redemption

If an honest node was compromised and then recovered it will be very difficult to

make people trust it again. We proposed a method to solve this issue by listening to the

recommendations of the oscillating node without interacting with it. If the recommendations

given by the oscillating nodes its PIE will be promoted that is if the oscillating nodes says

someone is good and he is really good it will be promoted. If it says that someone is bad and

he is really bad its PIE will promoted also.

5. Performance measures

The most important measure for such a model is how fast the model can detect all the

malicious nodes in the network. The other important measure is that can it detect all the

malicious nodes with detecting non-malicious nodes as malicious (false rejection rate) and

that the model does not miss a malicious node (false acceptance rate). We consider the

number of interactions with malicious nodes as our measure of how fast the model can detect

the malicious nodes (risky interactions). We would love to detect all malicious nodes with the

minimum number of interactions with them to say that the network is as safe as possible.

5.1.1. Percentage of risky interactions Risky interactions are defined as the number of interactions with malicious nodes

until the detection of all malicious nodes.

Figure 5: Collaboration flow diagram

20

The percentage of risky interactions is calculated as the ratio between the number of

interactions with malicious nodes until detection of all malicious nodes and the number of

ToTal interactions until detection.

5.1.2. The speed of detecting a malicious node We define the speed of detecting a malicious node as the slope of the change of its

average PIE from all honest nodes. If we take one malicious node and observe the change of

its PIE in all honest nodes it eventually will go below Tacc. The slope of this change indicates

how fast honest nodes can detect a malicious node.

6. Experiments

A node is modeled as a data structure which consists of a table to store PIEs (ToT), a

table to store the number of interactions for the corresponding nodes, and an ID for the node.

The network is modeled as a collection of nodes and it will be initialized such that no two

nodes have interacted with each other before.

6.1. Assumptions and Relaxations

First of all we will not consider the mobility of the nodes in our experiments as it will

not affect the performance of the trust in the application layer. We assume that every node

has an IDS software installed in it that can detect malicious activities with some probability

thus we model it as a probabilistic variable. Attacks that we consider are the attacks

addressed in the IDS systems such as privacy compromise, sending a malicious code and

unauthorized access.

6.2. Simulation Scheme

- Initialize all the nodes in the system: o Set PIE with all nodes to Tacc + δ. o Set interactions with all nodes to 1 (not zero because it will cause an error in

the trust calculation). o Set the success with all nodes to zero.

- Randomly choose nodes to be malicious (m malicious nodes). - Start simulation.

o Choose two nodes randomly to interact with each other. o Update the trust:

Take advice and calculate trust. If trust is less than Tacc don’t interact and demote PIE.

21

If trust is greater than Tacc interact and then consult IDS. If the collaboration was successful promote PIE. Else demote PIE.

o Check for nodes which their PIE is less than Tacc according to all trusted nodes and append them to an array.

o If the caught node is really malicious increment k. o Loop until k is equal to the number of malicious nodes in the system.

- Check for false positives.

6.3. Defenseless vs. fortified

In this experiment we are trying to see how implementing the system in a network

would improve its performance. The measure used here is the number of risky interactions

and the defenseless network is stopped at the same number of ToTal interactions where the

fortified network detects all malicious nodes. The IDS was responsible for deciding whether

the interaction was successful or not. This experiment was done on a network with 50 nodes.

The weight of the second hand experience was 0.5 and the initialization distance was 0.5 as

well. IDS error rate was set to zero which is not realistic but we needed to isolate the effect of

IDS to focus on the detection rate.

22

6.4. Speed of detecting a malicious node

In this section two experiments were carried out. The first experiment measures the

speed of detection of a malicious node in an environment where malicious nodes do not

cooperate. The second experiment measures the speed of detecting a malicious node in an

environment where malicious nodes cooperate. Malicious nodes cooperate in a fashion where

they give their fellow malicious high recommendations when they are asked about their

opinions. Malicious nodes also give low recommendations to other honest nodes when they

are asked about their opinions in these nodes.

6.4.1. Speed of detecting a non-cooperating malicious node This experiment was done on a network with 50 nodes, 5 of them are malicious. Tacc

was set to 0.5 and the weight of the second hand experience was set to 0.5 as well. PIEs in

the table of trust of all nodes were initialized to Tacc + 0.2. The IDS error rate was set to 0

which is not realistic but we need to isolate other parameters to get a benchmark for the slope

of changing PIE. In this experiment we assume that malicious nodes attack but they do not lie

when they are asked about their recommendations.

0

10

20

30

40

50

60

70

80

90

100

0 10 20 30 40 50 60 70 80 90

Ris

ky in

tera

ctio

ns

% malicious nodes

% Malicious vs. Risky interactions

Without our model

With our Model

Figure 6 Defenseless vs. fortified

23

Figure 7: Speed of detecting a malicious node

As seen from the graph above after around 30 interactions the average PIE of the

malicious node dropped below Tacc. Since we have 50 nodes and 5 of them are malicious then

we have 45 honest nodes and only 30 of them had to interact with this malicious node in

order for all of them to detect it.

6.4.2. Speed of detecting a cooperating malicious node

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0 10 20 30 40 50 60 70 80 90 100

Avg

PIE

number of interactions

Speed of detecting a malicious node

24

This experiment is measuring the speed of detecting a cooperating malicious node.

The measure used is the average PIE of one of the cooperating malicious nodes. The

cooperation of malicious nodes is that they give other malicious nodes high recommendations

and they give honest nodes low recommendations. We define a parameter which is called

lying distance where malicious nodes give recommendations as Tacc + lying distance or Tacc –

lying distance. This experiment was done on a network with 50 nodes 5 of them are

malicious. Weight of the second hand experience was 0.5 and Tacc was 0.5 as well. The

initialization distance was set to 0.2, the lying distance was set to 0.4 and the IDS error rate

was zero.

As noticed from the graph above the malicious node is detected after about 40

interactions. The number of interactions needed in this case is more than the previous because

when a node asks about a malicious node it will get a higher rating because of its friends’

help. However even with this malicious collaboration all malicious nodes are detected and

detecting each node by all honest nodes needs each node to collaborate with it only once.

6.5. Speed of detecting a malicious oscillating node

This experiment measures the speed of detecting and oscillating malicious node

which is a malicious node that acts honestly for a while and then it starts attacking. It was

modeled as a node which starts as honest and when its average PIE goes above 0.8 it turns

malicious. The experiment was done on a network with 25 nodes 1 of them is oscillating. The

weight of the second hand experience was set to 0.5 and the Tacc was set 0.5 as well. The

Figure 8 Speed of detecting a collaborating malicious node

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0 10 20 30 40 50 60 70 80 90 100

Avg

PIE

of a

mal

icio

us n

ode

number of interactions

Speed of detecting a collaborating malicious node

25

initialization distance was 0.2 and the IDS error rate was zero.

As noticed from the graph above the oscillating node got an average PIE above 0.8

after about 20 interactions. After that it started acting maliciously and it was detected after

less than 40 interactions which is very good since it got a very high rating before attacking.

6.5.1. Speed of recovering an honest oscillating node This experiment measures the speed of recovering an honest node which was

compromised and then got recovered. The speed of recovering is measured by the change of

the average PIE of this node in the point of view of all other honest nodes. This experiment

was done on a network with 25 nodes 1 of them was an oscillating node. The weight of the

second hand experience was set to 0.5 and Tacc was 0.5 as well. The initialization distance

was 0.2 and the IDS error rate was zero.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0.9

0 20 40 60 80 100 120

Avg

PIE

Number of risky interactions

Speed of detecting an oscillating malicious node

Figure 9 Speed of detecting an oscillating malicious node

26

As noticed from the graph above the node’s average PIE goes below Tacc after about

50 interactions. Then when the node recovers it needs about 30 interactions in order for other

nodes to trust it again.

6.5.2. IDS error rate vs. number of risky interactions This experiment measures the change of the IDS error rate versus the percentage of

risky interactions. Our model highly depends on the accuracy of the IDS because it is the

component that measures the quality of the interaction. This experiment was done on a

network with 25 nodes 4 of them are malicious. The weight of second hand experience was

set to 0.5 and Tacc was 0.5 as well. The initialization distance was set to 0.2 and the IDS error

rate was set to zero.

0

0.1

0.2

0.3

0.4

0.5

0.6

0.7

0.8

0 20 40 60 80 100 120 140 160

Avg

PIE

number of risky interactions

Speed of recovering an honest oscillating node

Figure 10 Speed of recovering an honest oscillating node

27

As noticed from the above graph when the IDS error rate goes increases the number

of risky interactions increases exponentially. However it stays reasonable up to 15% IDS

error rate.

6.5.3. Weight of second hand experience vs. percentage of risky

interactions This experiment measures the effect of changing the weight of the second hand

experience on the percentage of risky interactions. This experiment is done on a network with

50 nodes 10 of them are malicious. The initialization distance was set to 0.2 and Tacc was set

to 0.5. IDS error rate was set to zero and the weight of second hand experience was changed

from 0 to 1 incremented by 0.05. The malicious nodes are cooperating by giving their friends

Tacc + 0.4 when they are asked about their opinion and they give others Tacc – 0.4. If the

malicious nodes do not lie when they are asked about their opinion the weight of second hand

experience will not have an effect on the system because all the opinions are honest and it

does not matter how much weight is given to each one.

0

100

200

300

400

500

600

700

800

900

0 0.05 0.1 0.15 0.2 0.25 0.3 0.35 0.4

Ris

ky in

tera

ctio

ns

IDS error rate

IDS error rate vs. percentage of risky interactions

Figure 11 IDS error rate vs. percentage of risky interactions

28

As noticed from the graph above when the node depends more on others’ opinions

and a lot of them are lying the percentage of risky interactions increases. This means in such

environment it is better to choose a lower weight of second hand experience.

7. Conclusion

In our proposed model, we developed a trust model for ad-hoc networks. The main

concern of this model is to provide trustful community that can find and eliminate malicious

nodes. We also focus the efforts on the level of services provided by or required by the node

rather than forwarding or receiving packets. This makes our work different from the main

stream of trust models found in the literature.

0.00%

2.00%

4.00%

6.00%

8.00%

10.00%

12.00%

14.00%

16.00%

18.00%

20.00%

0.00 0.10 0.20 0.30 0.40 0.50 0.60 0.70 0.80 0.90 1.00

% r

isky

inte

ract

ions

Weight of second hand experience

weight of second hand experience vs. % risky interactions

Figure 12 Weight of second hand experience vs. percentage of risky interactions

29

Our model encourages honest collaborations and has a very high detection rate of

malicious nodes. Through conducting several experiments, we could proof the robustness of

our model. Our main contribution to the literature is our method of detecting oscillating

nodes and collaborative attackers.

30

References [1] http://searchmobilecomputing.techtarget.com/sDefinition/0,,sid40_gci213462,00.ht

ml

[2] C. Adams, S. Farrell, "Internet X.509 Public Key Infrastructure: Certificate

Management Protocols", March 1999.

[3] P. R. Zimmerman. Pretty Good Privacy. In The Official PGP User’s Guide. MIT

Press, April 1995. [4] G. Zacharia and P. Maes, Trust Management through Reputation Mechanisms

Applied Artificial Intelligence, vol. 14, no. 8, 2000.

[5] Y. Ren, A. Boukerche, Modeling and managing the trust for wireless and mobile

ad hoc networks, in: Proceeding of the IEEE International Conference on

Communications (ICC), 2008.

[6] S. D. Kamvar, M. T. Schlosser, and H. Garcia-Molina. The eigentrust algorithm

for reputation management in P2P networks. In Proceedings of the 12th

International World Wide Web Conference, pages 640–651, 2003.

[7] P. Veeraraghavan and V. Limaye, Trust in mobile Ad Hoc Networks. In

Proceedings of the IEEE International Conference on Telecommunications, 2007.

[8] H. Yang, H. Shu, X. Meng, and S. Lu. SCAN: Selforganized network-layer

security in mobile ad hoc networks. IEEE J. Selected Areas in Commun.,

24(2):261--273, Feb. 2006.

[9] R. Zhou and K. Hwang, “PowerTrust: A Robust and Scalable Reputation

System for Trusted P2P Computing”, IEEE Trans. on Parallel and Distributed

Systems, accepted to appear 2007.

[10] T. Anantvalee, J. Wu, “A Survey on Intrusion Detection in Mobile Ad Hoc

Networks”, Wireless/Mobile Network Security: Springer 2006, Ch7, pp. 170 – 196.

[11] K. Aberer , Z. Despotovic, “Managing trust in a peer-2-peer information

system”, Proceedings of the tenth international conference on Information and

knowledge management, October 05-10, 2001, Atlanta, Georgia, USA

[12] R. Chen and W. Yeager. Poblano: A distributed trust model for peer-to-peer

networks. Technical report, Sun Microsystems, Santa Clara, CA, USA, February

2003.

[13] B. Wu, J. Chen, J. Wu, and M. Cardei, “A Survey of Attacks and

Countermeasures in Mobile Ad Hoc Networks” in “Wireless Network Security”,

31

Y. Xiao, X. Shen, and D.Z. Du , Springer, Network Theory and Applications, Vol.

17, 2006, ISBN: 0-387-28040-5.

[14] Y. Hu, A. Perrig, and D. Johnson, Packet Leashes: A Defense Against Wormhole

Attacks in Wireless Ad Hoc Networks. Proc. of IEEE INFORCOM, 2002.

[15] J. van der Merwe, D. Dawoud, and S. McDonald, A Survey on Peer-to-Peer Key

Management for Military Type Mobile Ad Hoc Networks, in proc. Military

Information and Communications Symposium of South Africa (MICSSA'05), 2005.

32

Appendix I: Simulator code

Class ToT

import java.util.Hashtable; public class ToT { private class pair { double PIE; int numOfInteractions; public pair(double PIE, int inter) { PIE = PIE; numOfInteractions = inter; } } private Hashtable<Integer, pair> table; public ToT() { table = new Hashtable<Integer, pair>(); } public void add(int id, double p, int in) { table.put(id, new pair(p, in)); } public double getPIE(int ID) { return table.get(ID).PIE; } public int getNumOfInteractions(int ID) { return table.get(ID).numOfInteractions; } public void update(int id, double newPIE, int newNumOfInt) { table.remove(id); table.put(id, new pair(newPIE, newNumOfInt)); } }

33

Class node

import java.util.Random; public class node { /** * weight of the second hand experience */ private static double a; /** * Table of trust as a hashtable where the keys are the nodes' IDS */ private ToT ToT; /** * number of neighbors */ private static int N; /** * Minimum accepted trust */ private static double Tacc; /** * boolean to set malicious nodes */ private boolean mal; /** * Mode of lying: n - no lying r - random recomendations d - distance lying (+ * for freinds) (- for others) */ private static char lying; /** * distance of lying in case of lying mode d */ private static double dl; /** * initialization distance */ private static double d; /** * the node's ID */ private int ID; /** * IDS error rate */ private static double IDSError; /** * honest oscillating honest node that was compromised

34

*/ private boolean osHon; /** * malicious oscillating act well to gain trust then attack */ private boolean osMal; public node(int id) { ID = id; ToT = new ToT(); } /** * initializes the table of trust of the node * * @param neighbors */ public void initializeToT(node[] neighbors) { Random rand = new Random(System.currentTimeMillis()); int i = 0; if (mal) { if (lying == 'n') { for (i = 0; i < neighbors.length; i++) if (neighbors[i].getID() != this.ID) ToT.add(neighbors[i].getID(), Tacc + d, 1); } else if (lying == 'r') { for (i = 0; i < neighbors.length; i++) { if (neighbors[i].getID() != this.ID) ToT.add(neighbors[i].getID(), rand.nextDouble(), 1); } } else if (lying == 'd') { for (i = 0; i < neighbors.length; i++) { if (neighbors[i].getID() != this.ID) { if (!neighbors[i].isMal()) { ToT.add(neighbors[i].getID(), Tacc + dl, 1); } else if (neighbors[i].isMal()) { ToT.add(neighbors[i].getID(), Tacc - dl, 1); } } } } } else if (!mal) { for (i = 0; i < neighbors.length; i++) if (neighbors[i].getID() != this.ID) ToT.add(neighbors[i].getID(), Tacc + d, 1); } } /** * interact with node i and consult IDS * * @param i * @return true if interaction was successful and false otherwise */ public boolean interact(node i) { if (i.getID() == this.ID) { System.err.println("Error: cannot interact with self"); return false;

35

} // double IDS; // Random rand = new Random(System.currentTimeMillis()); // IDS = rand.nextDouble(); /* * if (i.isMal()) { if (IDS >= (1 - IDSError)) return true; else return * false; } else */ return true; } /** * promote node i and incerement number of interactions and update ToT * * @param i */ private void promote(node i) { double newPIE; int newNumOfInt; newNumOfInt = this.ToT.getNumOfInteractions(i.getID()); newPIE = this.ToT.getPIE(i.getID()) * ((double) newNumOfInt / (double) (newNumOfInt + 1)); newPIE += (1.0 / (newNumOfInt + 1)); newNumOfInt++; ToT.update(i.getID(), newPIE, newNumOfInt); } /** * demote node i and increment number of interactions if there was one and * update ToT * * @param i * @param interacted */ private void demote(node i, boolean interacted) { double newPIE; int newNumOfInt; newNumOfInt = this.ToT.getNumOfInteractions(i.getID()); newPIE = this.ToT.getPIE(i.getID()) * ((double) newNumOfInt / (double) (newNumOfInt + 1)); if (interacted) newNumOfInt++; ToT.update(i.getID(), newPIE, newNumOfInt); } /** * compute trust, interact with node i if trust > Tacc, consult IDS and * update ToT * * @param i * @return true if an interaction occured and false otherwise */ public boolean interactAndUpdateTrust(node x, node[] neighbors) {

36

if (x.getID() == this.ID) { System.err.println("Error: cannot interact with self"); return false; } double trust; double IDS; int i; Random rand = new Random(System.currentTimeMillis()); trust = this.computeTrust(x, neighbors); // System.out.println("trust: " + trust); if (trust < node.Tacc) { if (this.getRecomendation(x) > node.Tacc) this.demote(x, false); return false; } else { if (x.isMal()) IDS = rand.nextDouble(); else IDS = 1; if (IDS >= (1 - IDSError)) { this.promote(x); for (i = 0; i < node.N; i++) { if (neighbors[i].getID() != this.getID() && this.getRecomendation(neighbors[i]) < node.Tacc) if (neighbors[i].getRecomendation(x) >= node.Tacc) this.promote(neighbors[i]); } return true; } else { this.demote(x, true); for (i = 0; i < node.N; i++) { if (neighbors[i].getID() != this.getID() && this.getRecomendation(neighbors[i]) < node.Tacc) if (neighbors[i].getRecomendation(x) < node.Tacc) this.promote(neighbors[i]); } return true; } } } public double computeTrust(node j, node neighbors[]) { double adviceSum = 0; double trustSum = 0; double trust; int i; for (i = 0; i < neighbors.length; i++) { if (neighbors[i].getID() != ID && neighbors[i].getID() != j.getID()) { adviceSum += ((ToT.getPIE(neighbors[i].getID())) * (neighbors[i] .getRecomendation(j))); trustSum += ToT.getPIE(j.ID); } } trust = (1.0 - node.a) * (this.ToT.getPIE(j.getID())) + node.a

37

* (adviceSum / trustSum); return trust; } public static void setTacc(double acc) { Tacc = acc; } public static void setN(int n) { N = n; } public static void setAlpha(double r) { a = r; } public static void setLying(char x) { lying = x; } public static void setLyingDist(double x) { dl = x; } public static void setInitDist(double x) { d = x; } public boolean isMal() { return this.mal; } public boolean isOsMal() { return this.osMal; } public boolean isOsHon() { return this.osHon; } public void setMal() { mal = true; } public void unSetMal() { mal = false; } public void setOsMal() { osMal = true; } public void setOsHon() { osHon = true; } public int getID() { return ID; } public void setID(int id) {

38

ID = id; } public static void setIDSError(double error) { IDSError = error; } public static double getTacc() { return Tacc; } public static double getDist() { return d; } public double getRecomendation(node i) { if (getID() != i.getID()) return ToT.getPIE(i.getID()); else return 0.0; } public int getNumOfInteractions(node i) { return ToT.getNumOfInteractions(i.getID()); } }

39

Class network

import java.io.BufferedWriter; import java.io.FileWriter; import java.io.IOException; import java.util.Arrays; import java.util.Random; public class network { private int s;// size of the network private node[] net; private int malicious; private int oscillatingMal; private int oscillatingHon; private int falsePositive; private int rejected_healthy; private char mode; private char oscMode; private final int max = 100000000; // maximum number of allowed // interactions private Random rand;

private int testingNodeMal; // the ID of the malicious node that is tested

private double avgTrustMal; // the average PIE of the malicious node that is

// tested

private boolean penalize; // penalize nodes that give worng recommendation

// or not private int trials;// ToTal number of tried collaborations private boolean defenseless; public network(String FileName, int n, int m, double a, double tac, double de, int iter, char mod, double tol, char LM, double dis, boolean pen, boolean def, char osmod, int osc) throws IOException { BufferedWriter out = new BufferedWriter(new FileWriter(FileName + ".xls")); double[] rr; int[] mm; int i; int iterations = 0;

40

int tes = 0; int div = iter; rejected_healthy = 0; rand = new Random(System.currentTimeMillis()); penalize = pen; defenseless = def; mode = mod; oscMode = osmod; out .write("\t\t\tnodes\tmalicious\ta\tTacc\tdelta\titerations\t" + "mode\tIDS error\tlying mode\tlying dist\tpenalize\n"); out.write("\t\t\t" + n + "\t" + m + "\t" + a + "\t" + tac + "\t" + de + "\t" + iter + "\t" + mode + "\t" + tol + "\t" + LM + "\t" + dis + "\t" + penalize + "\n"); // change alpha if (mode == 'a') { rr = generateArray(0, 1, 0.05); // double[] rr = {0.5}; out .write("weight of 2nd hand\tinteractions\tfalsePositive" + "\trejected healthy\ttrials\n"); for (double r : rr) { System.out.println(r); falsePositive = 0; iterations = 0; div = iter; rejected_healthy = 0; trials = 0; for (i = 0; i < iter; i++) { initializeNetwork(n, r, tac, LM, m, dis, de, tol, osc); tes = testNetwork(); if (tes < max) iterations += tes; else div--; } iterations /= div; System.out.println(div); out.write(1 - r + "\t" + iterations + "\t" + ((double) falsePositive / (double) div) / s + "\t" + (double) rejected_healthy / (double) (trials - iterations) + "\t" + ((double) trials / (double) div) + "\n"); } } // change Tacc else if (mode == 't') { rr = generateArray(0.1, 1, 0.01); out .write("Tacc\tinteractions\tfalsePositive\trejected" + " healthy\ttrials\n"); for (double r : rr) { System.out.println(r); falsePositive = 0; iterations = 0; div = iter; rejected_healthy = 0; trials = 0;

41

for (i = 0; i < iter; i++) { this.initializeNetwork(n, a, r, LM, m, dis, de, tol, osc); tes = testNetwork(); if (tes < max) iterations += tes; else div--; } iterations /= div; out.write(r + "\t" + iterations + "\t" + (double) falsePositive / (double) div / s + "\t" + (double) rejected_healthy / (double) (trials - iterations) + "\t" + ((double) trials / (double) div) + "\n"); } } // change number of nodes else if (mode == 'n') { mm = generateArray(10, n, 1); out .write("#nodes\tinteractions\tfalsePositive\trejected" + " healthy\ttrials\n"); for (int r : mm) { System.out.println(r); falsePositive = 0; iterations = 0; div = iter; rejected_healthy = 0; trials = 0; for (i = 0; i < iter; i++) { this.initializeNetwork(r, a, tac, LM, m, dis, de, tol, osc); tes = testNetwork(); if (tes < max) iterations += tes; else div--; } iterations /= div; out.write(r + "\t" + iterations + "\t" + (double) falsePositive / (double) div / s + "\t" + (double) rejected_healthy / (double) trials + "\t" + ((double) trials / (double) div) + "\t" + malicious + "\n"); } } // change number of malisious nodes else if (mode == 'm') { mm = generateArray(5, m, 5); out .write("#malicious\tinteractions\tfalsePositive\trejected" + " healthy\ttrials\n"); for (int r : mm) { System.out.println((int) (n * (r / 100.0))); falsePositive = 0; iterations = 0; div = iter; rejected_healthy = 0; trials = 0; for (i = 0; i < iter; i++) { // System.out.println(i);

42

this.initializeNetwork(n, a, tac, LM, r, dis, de, tol, osc); tes = testNetwork(); if (tes < max) iterations += tes; else div--; } iterations /= div; trials /= div; out.write(r + "\t" + ((double) iterations / (double) trials) * 100.0 + "\t" + (double) falsePositive / (double) div + "\t" + (double) rejected_healthy / (double) (trials - iterations) + "\t" + ((double) trials / (double) div) + "\t" + div + "\n"); } } // change delta else if (mode == 'd') { rr = generateArray(0.0, de, 0.05); out .write("distance\tinteractions\tfalsePositive\trejected" + " healthy\ttrials\n"); for (double r : rr) { System.out.println(r); falsePositive = 0; iterations = 0; div = iter; rejected_healthy = 0; trials = 0; for (i = 0; i < iter; i++) { this.initializeNetwork(n, a, tac, LM, m, dis, 0.5 - r, tol, osc); tes = testNetwork(); if (tes < max) iterations += tes; else div--; } iterations /= div; out.write(r + "\t" + iterations + "\t" + (double) falsePositive / (double) div / s + "\t" + (double) rejected_healthy / (double) (trials - iterations) + "\t" + ((double) trials / (double) div) + "\n"); } } // change IDS error rate else if (mode == 'i') { malicious = m; rr = generateArray(0.0, tol, 0.05); out .write("IDS error\tinteractions\tfalsePositive\trejected" + " healthy\ttrials\n"); for (double r : rr) { System.out.println(r); falsePositive = 0; iterations = 0; div = iter; rejected_healthy = 0; trials = 0;

43

for (i = 0; i < iter; i++) { this.initializeNetwork(n, a, tac, LM, m, dis, de, r, osc); tes = testNetwork(); if (tes < max) iterations += tes; else div--; } iterations /= div; out.write(r + "\t" + iterations + "\t" + falsePositive + "\t" + (double) rejected_healthy / (double) (trials - iterations) + "\t" + ((double) trials / (double) div) + "\n"); } } // test avg PIE for a malicious node else if (mode == '-') { iterations = 0; div = iter; rejected_healthy = 0; trials = 0; out .write("interactions\tfalsePositive\trejected" + " healthy\ttrials\n"); // System.out.println("********************************\n\n\n\n"); this.initializeNetwork(n, a, tac, LM, m, dis, de, tol, osc); tes = testNetwork(); if (tes < max) iterations += tes; else { // break; div--; } iterations /= div; out.write(iterations + "\t" + (double) falsePositive / (double) div / s + "\t" + (double) rejected_healthy / (double) trials + "\t" + ((double) (trials - iterations) / (double) div) + "\n"); System.out.println(); // System.out.println(div); } out.close(); } public void initializeNetwork(int n, double al, double tacc, char lMode, int mal, double lDist, double initDist, double IDSError, int os) { int i; net = new node[n]; s = n; malicious = (int) (n * (mal / 100.0)); oscillatingMal = (int) (n * (os / 100.0)); oscillatingHon = (int) (n * (os / 100.0)); node.setAlpha(al); node.setTacc(tacc); node.setLying(lMode); node.setInitDist(initDist); node.setLyingDist(lDist); node.setIDSError(IDSError);

44

// creating nodes and giving them IDS for (i = 0; i < s; i++) { if (net[i] == null) net[i] = new node(i); } // initialize nodes' ToTs for (i = 0; i < s; i++) { net[i].initializeToT(net); } // setting malicious nodes int r1; if (oscMode != 'm' && oscMode != 'h') { for (i = 0; i < malicious; i++) { r1 = rand.nextInt(n); if (!net[r1].isMal()) { if (mode == '-') // setting malicious node to test speed // of // detection testingNodeMal = r1; net[r1].setMal(); } else i--; } } else if (oscMode == 'm') { for (i = 0; i < oscillatingMal; i++) { r1 = rand.nextInt(n); if (!net[r1].isOsMal()) { testingNodeMal = r1; net[r1].setOsMal(); } else i--; } } else if (oscMode == 'h') { for (i = 0; i < oscillatingHon; i++) { r1 = rand.nextInt(n); if (!net[r1].isOsHon()) { testingNodeMal = r1; net[r1].setOsHon(); net[r1].setMal(); } else i--; } } // System.out.println("finished initialization"); } /** * Test Network * * @param size * @param tol

45

* @param A * @return * @throws IOException */ public int testNetwork() throws IOException { BufferedWriter out = new BufferedWriter(new FileWriter( "Trust_change.xls")); out.write("avg PIE\n"); // ***************************************************** // initialize network // ***************************************************** int inter = 0; int i, j; int[] mali = new int[s]; int k = 0;// number of detected nodes inter = 0; int one; int two; boolean interacted = false; int x, y, z, l; boolean bool; z = 0; l = 0; for (j = 0; j < s; j++) { mali[j] = s + 1; } // ******************************************************* // start interaction // ******************************************************** // System.out.println("Starting reaction."); while (k < malicious && z <= max) { one = rand.nextInt(s); two = rand.nextInt(s); interacted = false; if (one != two) { trials++; if (!defenseless) { interacted = net[one].interactAndUpdateTrust(net[two], net); // if(net[two].isMal()) // System.out.println("trust updated: " + one + " " + two + // " trust " + net[one].getRecomendation(net[two])); } else { interacted = net[one].interact(net[two]); // System.out.println("interacted."); } for (x = 0; x < s; x++) { bool = true; for (y = 0; y < s; y++) { if (y != x && !net[y].isMal()) { if (net[y].getRecomendation(net[x]) < node .getTacc()) { bool = bool & true; } else bool = false; }

46

} if (bool) { if (Arrays.binarySearch(mali, x) < 0) { mali[l] = x; l++; if (net[x].isMal()) { k++; } } } Arrays.sort(mali); } z++; // ************************************************************ // Trust Change Test // ************************************************************ if (mode == '-' && oscMode != 'm' && oscMode != 'h') { avgTrustMal = 0; if (two == testingNodeMal) { for (j = 0; j < s; j++) { if (j != testingNodeMal && !net[j].isMal()) avgTrustMal += net[j] .getRecomendation(net[testingNodeMal]); } avgTrustMal /= (s - malicious); out.write(avgTrustMal + "\n"); } } else if (oscMode == 'm') { int num = 0; for (i = 0; i < s; i++) { if (net[i].isOsMal()) { num = 0; avgTrustMal = 0; for (j = 0; j < s; j++) { if (!net[j].isOsMal() && !net[j].isMal()) { avgTrustMal += net[j] .getRecomendation(net[i]); num++; } } avgTrustMal /= num; if (two == testingNodeMal) out.write(inter + "\t" + avgTrustMal + "\n"); if (avgTrustMal >= 0.8) net[i].setMal(); } } } else if (oscMode == 'h') { int num = 0; k = 0; for (i = 0; i < s; i++) { if (net[i].isOsHon()) { num = 0; avgTrustMal = 0; for (j = 0; j < s; j++) { if (!net[j].isOsHon() && !net[j].isMal()) { avgTrustMal += net[j] .getRecomendation(net[i]); num++;

47

} } avgTrustMal /= num; if (two == testingNodeMal) out.write(inter + "\t" + avgTrustMal + "\n"); if (avgTrustMal < 0.3) net[i].unSetMal(); if (avgTrustMal > 0.7 && !net[i].isMal()) z = max + 1; } } } if (interacted && net[two].isMal()) { // System.out.print(i++ + "\r"); inter++; } } } /* * check for false positives */ //System.out.println("Number of iterations untill detection: " + // inter); System.out.println("malisous nodes detected: "); try { for (j = 0; j < s; j++) { System.out.print(mali[j] + " "); if (mali[j] < s) { if (!net[mali[j]].isMal()) falsePositive++; } } } catch (ArrayIndexOutOfBoundsException e) { System.out.println("error"); System.out.println(e.getMessage()); // return max; } out.close(); return inter; } /** * function to fill an array of type double with values between start and * end and incremented by step * * @param start * @param end * @param step * @return array */ public static double[] generateArray(double start, double end, double step){ double[] array; int i = 0; int size = (int) ((end - start) / step) + 1; array = new double[size];

48

array[0] = start; for (i = 1; i < size; i++) array[i] = array[i - 1] + step; return array; } /** * function to fill an array of type int with values between start and end * and incremented by step * * @param start * @param end * @param step * @return array */ public static int[] generateArray(int start, int end, int step) { int[] array; int i = 0; int size = (end - start) / step + 1; array = new int[size]; array[0] = start; for (i = 1; i < size; i++) array[i] = array[i - 1] + step; return array; } public static void main(String[] args) { if (args.length != 13) { System.err .println("Specify args: fileName #nodes, #malicious, " + "alpha, Tacc, delta, iteration, mode, " + "IDS error rate, lying Model, lying distance " + "value, penalize"); System.err .println("----------------------------------------------"); System.err.println("Modes: a \tfix all and change alpha"); System.err.println(" t \tfix all and change Tacc"); System.err.println(" n \tfix all and change number of nodes"); System.err .println(" m \tfix all and change number of " + "malicious nodes"); System.err .println(" d \tfix all and change distance from " + "Tacc for initializing PIE"); System.err.println(" i \tfix all and change IDS error rate"); System.err.println(" - \tfix all"); System.err .println("-----------------------------------------------"); System.err .println("Lying Modes: r \tmalicious nodes give random" + " recommendations"); System.err .println(" d \tmalicious nodes give " + "Tacc+distance to other malicious " + "nodes\n\t\tand Tacc-distance to Honest nodes");

49

System.err.println(" n \tno lying"); System.err .println("\nif you want to take advice from all nodes" + " set advice_all to 1\nif you want it from" + " trusted nodes only set it to 0"); System.err .println("\nif you want to penalize nodes that give high" + " trust for malicious\npeers set penalize to" + " 1 if you don't set it to 0"); } else if (args.length == 13) { try { network Net = new network(args[0], Integer.parseInt(args[1]), Integer.parseInt(args[2]), Double.parseDouble(args[3]), Double.parseDouble(args[4]), Double .parseDouble(args[5]), Integer .parseInt(args[6]), args[7].charAt(0), Double .parseDouble(args[8]), args[9].charAt(0), Double.parseDouble(args[10]), args[11].equals("1"), args[12].equals("1"), args[13].charAt(0), Integer .parseInt(args[14])); } catch (IOException e) { e.printStackTrace(); } } } }

50

Class Main

import java.awt.BorderLayout; import java.awt.Dimension; import java.awt.Font; import java.awt.Rectangle; import java.awt.event.ActionEvent; import java.io.IOException; import javax.swing.ButtonGroup; import javax.swing.JButton; import javax.swing.JCheckBox; import javax.swing.JFrame; import javax.swing.JLabel; import javax.swing.JPanel; import javax.swing.JProgressBar; import javax.swing.JRadioButton; import javax.swing.JTextField; import javax.swing.SwingUtilities; import javax.swing.UIManager; public class Main { private JFrame mainFrame = null; private JPanel parOptions = null; private JPanel valOptions = null; private JPanel resultPanel = null; private JPanel jContentPane = null; private JRadioButton malRdio = null; private JRadioButton taccRdio = null; private JRadioButton delRdio = null; private JRadioButton alphaRdio = null; private JRadioButton IDSRdio = null; private JRadioButton avgRdio = null; private JCheckBox oscMalChkBox = null; private JCheckBox oscHonChkBox = null; private JRadioButton nodesRdio = null; private JRadioButton noLieRdio = null; private JRadioButton randLieRdio = null; private JRadioButton coLieRdio = null; private JCheckBox penChkBox = null; private JCheckBox defenselessChkBox = null;

51

private ButtonGroup modeBtnGroup = null; private ButtonGroup lyingBtnGroup = null; private ButtonGroup oscBtnGroup = null; private JTextField alphaTxt = null; private JTextField malTxt = null; private JTextField taccTxt = null; private JTextField delTxt = null; private JTextField nodesTxt = null; private JTextField iterationsTxt = null; private JTextField IDSTxt = null; private JTextField lyingDistTxt = null; private JTextField oscTxt = null; private JTextField fileNameTxt = null; private JLabel alphaLbl = null; private JLabel malLbl = null; private JLabel taccLbl = null; private JLabel delLbl = null; private JLabel nodesLbl = null; private JLabel iterationsLbl = null; private JLabel IDSLbl = null; private JLabel lyingDistLbl = null; private JLabel oscLbl = null; private JButton startBtn = null; private JButton cancelBtn = null; private JProgressBar progressBar = null; Thread t = null; private class runNetwork implements Runnable { public void done() { t.interrupt(); t = null; } public void run() {

52

progressBar.setIndeterminate(true); try { char mode = 'a'; char lieMode = 'n'; char osmod = '-'; if (malRdio.isSelected()) mode = 'm'; else if (taccRdio.isSelected()) mode = 't'; else if (alphaRdio.isSelected()) mode = 'a'; else if (nodesRdio.isSelected()) mode = 'n'; else if (delRdio.isSelected()) mode = 'd'; else if (IDSRdio.isSelected()) mode = 'i'; else if (avgRdio.isSelected()) mode = '-'; if (noLieRdio.isSelected()) lieMode = 'n'; else if (randLieRdio.isSelected()) lieMode = 'r'; else if (coLieRdio.isSelected()) lieMode = 'd'; if (oscMalChkBox.isSelected()) osmod = 'm'; else if (oscHonChkBox.isSelected()) osmod = 'h'; new network(fileNameTxt.getText(), Integer.parseInt(nodesTxt .getText()), Integer.parseInt(malTxt.getText()), Double .parseDouble(alphaTxt.getText()), Double .parseDouble(taccTxt.getText()), Double .parseDouble(delTxt.getText()), Integer .parseInt(iterationsTxt.getText()), mode, Double .parseDouble(IDSTxt.getText()), lieMode, Double .parseDouble(lyingDistTxt.getText()), penChkBox .isSelected(), defenselessChkBox.isSelected(), osmod, Integer.parseInt(oscTxt.getText())); progressBar.setIndeterminate(false); done(); startBtn.setEnabled(true); } catch (IOException ex) { ex.printStackTrace(); } } } private JRadioButton getMalRdio() { if (malRdio == null) { malRdio = new JRadioButton(); malRdio.setBounds(new Rectangle(12, 12, 175, 20)); malRdio.setFont(new Font("Verdana", Font.BOLD, 11)); malRdio.setText("% malicious nodes"); } return malRdio; }

53

private JRadioButton getNRdio() { if (nodesRdio == null) { nodesRdio = new JRadioButton(); nodesRdio.setBounds(new Rectangle(12, 42, 175, 20)); nodesRdio.setFont(new Font("Verdana", Font.BOLD, 11)); nodesRdio.setText("num of nodes"); } return nodesRdio; } private JRadioButton getTaccRdio() { if (taccRdio == null) { taccRdio = new JRadioButton(); taccRdio.setBounds(new Rectangle(12, 72, 175, 20)); taccRdio.setFont(new Font("Verdana", Font.BOLD, 11)); taccRdio.setText("Tacc"); } return taccRdio; } private JRadioButton getDelRdio() { if (delRdio == null) { delRdio = new JRadioButton(); delRdio.setBounds(new Rectangle(12, 102, 175, 20)); delRdio.setFont(new Font("Verdana", Font.BOLD, 11)); delRdio.setText("Delta"); } return delRdio; } private JRadioButton getAlphaRdio() { if (alphaRdio == null) { alphaRdio = new JRadioButton(); alphaRdio.setBounds(new Rectangle(12, 132, 175, 20)); alphaRdio.setFont(new Font("Verdana", Font.BOLD, 11)); alphaRdio.setText("Alpha"); } return alphaRdio; } private JRadioButton getIDSRdio() { if (IDSRdio == null) { IDSRdio = new JRadioButton(); IDSRdio.setBounds(new Rectangle(12, 162, 175, 20)); IDSRdio.setFont(new Font("Verdana", Font.BOLD, 11)); IDSRdio.setText("IDS"); } return IDSRdio; } private JRadioButton getAvgRdio() { if (avgRdio == null) { avgRdio = new JRadioButton(); avgRdio.setBounds(new Rectangle(12, 192, 175, 20)); avgRdio.setFont(new Font("Verdana", Font.BOLD, 11)); avgRdio.setText("Avg"); } return avgRdio; }

54

private JCheckBox getOscMalChkBox() { if (oscMalChkBox == null) { oscMalChkBox = new JCheckBox(); oscMalChkBox.setBounds(new Rectangle(12, 222, 175, 20)); oscMalChkBox.setFont(new Font("Verdana", Font.BOLD, 11)); oscMalChkBox.setText("osc mal"); } return oscMalChkBox; } private JCheckBox getOscHonChkBox() { if (oscHonChkBox == null) { oscHonChkBox = new JCheckBox(); oscHonChkBox.setBounds(new Rectangle(12, 252, 175, 20)); oscHonChkBox.setFont(new Font("Verdana", Font.BOLD, 11)); oscHonChkBox.setText("osc hon"); } return oscHonChkBox; } private JRadioButton getNoLieRdio() { if (noLieRdio == null) { noLieRdio = new JRadioButton(); noLieRdio.setBounds(new Rectangle(12, 312, 175, 20)); noLieRdio.setFont(new Font("Verdana", Font.BOLD, 11)); noLieRdio.setText("no lie"); } return noLieRdio; } private JRadioButton getRandLieRdio() { if (randLieRdio == null) { randLieRdio = new JRadioButton(); randLieRdio.setBounds(new Rectangle(12, 342, 175, 20)); randLieRdio.setFont(new Font("Verdana", Font.BOLD, 11)); randLieRdio.setText("random lie"); } return randLieRdio; } private JRadioButton getCoLieRdio() { if (coLieRdio == null) { coLieRdio = new JRadioButton(); coLieRdio.setBounds(new Rectangle(12, 372, 175, 20)); coLieRdio.setFont(new Font("Verdana", Font.BOLD, 11)); coLieRdio.setText("Cooperative lie"); } return coLieRdio; } private JCheckBox getPenChkBox() { if (penChkBox == null) { penChkBox = new JCheckBox(); penChkBox.setBounds(new Rectangle(12, 402, 175, 20)); penChkBox.setFont(new Font("Verdana", Font.BOLD, 11)); penChkBox.setText("penalize"); } return penChkBox; } private JCheckBox getDefenselessChkBox() {

55

if (defenselessChkBox == null) { defenselessChkBox = new JCheckBox(); defenselessChkBox.setBounds(new Rectangle(12, 432, 175, 20)); defenselessChkBox.setFont(new Font("Verdana", Font.BOLD, 11)); defenselessChkBox.setText("defenseless"); } return defenselessChkBox; } private JTextField getAlphaTxt() { if (alphaTxt == null) { alphaTxt = new JTextField(); alphaTxt.setBounds(new Rectangle(130, 12, 100, 20)); } return alphaTxt; } private JTextField getMalTxt() { if (malTxt == null) { malTxt = new JTextField(); malTxt.setBounds(new Rectangle(130, 42, 100, 20)); } return malTxt; } private JTextField getDelTxt() { if (delTxt == null) { delTxt = new JTextField(); delTxt.setBounds(new Rectangle(130, 72, 100, 20)); } return delTxt; } private JTextField getNodesTxt() { if (nodesTxt == null) { nodesTxt = new JTextField(); nodesTxt.setBounds(new Rectangle(130, 102, 100, 20)); } return nodesTxt; } private JTextField getIterationsTxt() { if (iterationsTxt == null) { iterationsTxt = new JTextField(); iterationsTxt.setBounds(new Rectangle(130, 132, 100, 20)); } return iterationsTxt; } private JTextField getIDSTxt() { if (IDSTxt == null) { IDSTxt = new JTextField(); IDSTxt.setBounds(new Rectangle(130, 162, 100, 20)); } return IDSTxt; } private JTextField getLyingDistTxt() { if (lyingDistTxt == null) { lyingDistTxt = new JTextField(); lyingDistTxt.setBounds(new Rectangle(130, 192, 100, 20));

56

} return lyingDistTxt; } private JTextField getTaccTxt() { if (taccTxt == null) { taccTxt = new JTextField(); taccTxt.setBounds(new Rectangle(130, 222, 100, 20)); } return taccTxt; } private JTextField getOscTxt() { if (oscTxt == null) { oscTxt = new JTextField(); oscTxt.setBounds(new Rectangle(130, 252, 100, 20)); } return oscTxt; } private JTextField getFileNameTxt() { if (fileNameTxt == null) { fileNameTxt = new JTextField(); fileNameTxt.setBounds(new Rectangle(100, 10, 100, 20)); } return fileNameTxt; } private JButton getStartBtn() { if (startBtn == null) { startBtn = new JButton(); startBtn.setBounds(new Rectangle(250, 10, 70, 30)); startBtn.setText("Start"); startBtn.setFont(new Font("Verdana", Font.BOLD, 11)); startBtn.addActionListener(new java.awt.event.ActionListener() { public void actionPerformed(ActionEvent e) { if (t == null) { t = new Thread(new runNetwork()); startBtn.setEnabled(false); t.start(); } } }); } return startBtn; } private JButton getCancelBtn() { if (cancelBtn == null) { cancelBtn = new JButton(); cancelBtn.setBounds(new Rectangle(330, 10, 90, 30)); cancelBtn.setText("Cancel"); cancelBtn.setFont(new Font("Verdana", Font.BOLD, 11)); cancelBtn.addActionListener(new java.awt.event.ActionListener() { public void actionPerformed(ActionEvent e) { if (t != null) { t.interrupt(); System.out.println("inerrupted."); t = null; progressBar.setIndeterminate(false);

57

startBtn.setEnabled(true); } } }); } return cancelBtn; } private JProgressBar getProgressBar() { if (progressBar == null) { progressBar = new JProgressBar(); progressBar.setBounds(new Rectangle(70, 50, 350, 30)); } return progressBar; } private JPanel getJContentPane() { if (jContentPane == null) { jContentPane = new JPanel(); jContentPane.setLayout(new BorderLayout()); jContentPane.add(getParOptionsPanel(), BorderLayout.WEST); jContentPane.add(getValOptionsPanel(), BorderLayout.CENTER); jContentPane.add(getResultPanel(), BorderLayout.SOUTH); } return jContentPane; } private JPanel getResultPanel() { if (resultPanel == null) { resultPanel = new JPanel(); resultPanel.setLayout(null); resultPanel.setPreferredSize(new Dimension(50, 100)); resultPanel.add(getFileNameTxt(), null); resultPanel.add(getStartBtn()); resultPanel.add(getCancelBtn()); fileNameTxt.setText("result"); resultPanel.add(getProgressBar()); } return resultPanel; } private JPanel getParOptionsPanel() { if (parOptions == null) { parOptions = new JPanel(); parOptions.setLayout(null); parOptions.setPreferredSize(new Dimension(200, 450)); parOptions.add(getMalRdio(), null); parOptions.add(getTaccRdio(), null); parOptions.add(getNRdio(), null); parOptions.add(getDelRdio(), null); parOptions.add(getAlphaRdio(), null); parOptions.add(getIDSRdio(), null); parOptions.add(getAvgRdio(), null); parOptions.add(getOscMalChkBox(), null); parOptions.add(getOscHonChkBox(), null); modeBtnGroup = new ButtonGroup(); modeBtnGroup.add(getMalRdio()); modeBtnGroup.add(getTaccRdio()); modeBtnGroup.add(getNRdio()); modeBtnGroup.add(getDelRdio()); modeBtnGroup.add(getAlphaRdio());

58

modeBtnGroup.add(getIDSRdio()); modeBtnGroup.add(getAvgRdio()); oscBtnGroup = new ButtonGroup(); oscBtnGroup.add(getOscMalChkBox()); oscBtnGroup.add(getOscHonChkBox()); malRdio.setSelected(true); parOptions.add(getNoLieRdio(), null); parOptions.add(getRandLieRdio(), null); parOptions.add(getCoLieRdio(), null); lyingBtnGroup = new ButtonGroup(); lyingBtnGroup.add(getNoLieRdio()); lyingBtnGroup.add(getRandLieRdio()); lyingBtnGroup.add(getCoLieRdio()); noLieRdio.setSelected(true); parOptions.add(getDefenselessChkBox(), null); parOptions.add(getPenChkBox(), null); defenselessChkBox.setSelected(false); penChkBox.setSelected(false); } return parOptions; } private JPanel getValOptionsPanel() { if (valOptions == null) { valOptions = new JPanel(); valOptions.setLayout(null); valOptions.setPreferredSize(new Dimension(200, 350)); alphaLbl = new JLabel(); alphaLbl.setBounds(new Rectangle(10, 12, 120, 20)); alphaLbl.setText("Alpha:"); malLbl = new JLabel(); malLbl.setBounds(new Rectangle(10, 42, 120, 20)); malLbl.setText("% malicious nodes:"); delLbl = new JLabel(); delLbl.setBounds(new Rectangle(10, 72, 120, 20)); delLbl.setText("Delta:"); nodesLbl = new JLabel(); nodesLbl.setBounds(new Rectangle(10, 102, 120, 20)); nodesLbl.setText("Number of nodes:"); valOptions.add(alphaLbl, null); valOptions.add(malLbl, null); valOptions.add(delLbl, null); valOptions.add(nodesLbl, null); valOptions.add(getAlphaTxt(), null); valOptions.add(getMalTxt(), null); valOptions.add(getDelTxt(), null); valOptions.add(getNodesTxt(), null); valOptions.add(getIterationsTxt(), null); valOptions.add(getIDSTxt(), null); valOptions.add(getLyingDistTxt(), null); valOptions.add(getTaccTxt(), null); valOptions.add(getOscTxt(), null); iterationsLbl = new JLabel(); iterationsLbl.setBounds(new Rectangle(10, 132, 120, 20)); iterationsLbl.setText("Number of iterations:"); IDSLbl = new JLabel(); IDSLbl.setBounds(new Rectangle(10, 162, 120, 20)); IDSLbl.setText("IDS error rate:"); lyingDistLbl = new JLabel(); lyingDistLbl.setBounds(new Rectangle(10, 192, 120, 20)); lyingDistLbl.setText("lying distance:");

59

taccLbl = new JLabel(); taccLbl.setBounds(new Rectangle(10, 222, 120, 20)); taccLbl.setText("Tacc:"); oscLbl = new JLabel(); oscLbl.setBounds(new Rectangle(10, 252, 120, 20)); oscLbl.setText("No. of oscillating nodes:"); valOptions.add(iterationsLbl); valOptions.add(IDSLbl); valOptions.add(lyingDistLbl); valOptions.add(taccLbl); valOptions.add(oscLbl); alphaTxt.setText("0.5"); taccTxt.setText("0.5"); delTxt.setText("0.2"); nodesTxt.setText("10"); malTxt.setText("10"); iterationsTxt.setText("100"); IDSTxt.setText("0.1"); lyingDistTxt.setText("0.2"); oscTxt.setText("0"); } return valOptions; } private JFrame getmainFrame() { if (mainFrame == null) { mainFrame = new JFrame(); mainFrame.setDefaultCloseOperation(JFrame.EXIT_ON_CLOSE); mainFrame.setSize(500, 600); mainFrame.setContentPane(getJContentPane()); mainFrame.setTitle("Trust Model simulator"); } return mainFrame; } public static void main(String[] args) { SwingUtilities.invokeLater(new Runnable() { public void run() { try { UIManager.setLookAndFeel(UIManager .getSystemLookAndFeelClassName()); } catch (Exception uex) { System.out.println("Unsupported look and feel specified"); } Main application = new Main(); application.getmainFrame().setVisible(true); } }); } }