Get documents about "An Efficient Trust Establishment Framework for MANETs
Description
The International Journal of Computer Science and Information Security is a monthly periodical on research articles in general computer science and information security which provides a distinctive technical perspective on novel technical research work, whether theoretical, applicable, or related to implementation. Target Audience: IT academics, university IT faculties; and business people concerned with computer science and security; industry IT departments; government departments; the financial industry; the mobile industry and the computing industry. Coverage includes: security infrastructures, network security: Internet security, content protection, cryptography, steganography and formal methods in information security; multimedia systems, software, information systems, intelligent systems, web services, data mining, wireless communication, networking and technologies, innovation technology and management. Thanks for your contributions in July 2010 issue and we are grateful to the reviewers for providing valuable comments. IJCSIS July 2010 Issue (Vol. 8, No. 4) has an acceptance rate of 36 %.
Document Sample
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 4, July 2010
An Efficient Trust Establishment Framework for
MANETs
Mohammad Karami, Mohammad Fathian
Department of Industrial Engineering
Iran University of Science and Technology
Tehran, Iran
Abstract— In this paper, we present a general trust establishment and communication protocols for MANETs have been
framework comprising three components. The first part is the developed optimistically, where the benign and cooperative
trust computation model that evaluates the trust level of each behavior of all the participating nodes is presumed. However, it
participating node through monitoring and quantification of may not be always the case and in the absence of a fixed trust
some relevant behavioral indicative metrics. The second part is or security infrastructure; some nodes may decide to exhibit a
the trust evidence distribution scheme that distributes the trust non-cooperative or malicious behavior for a variety of
evidences obtained by the first component. And finally the third incentives including better service, selfishness, monetary
part is the reputation computation model that combines the benefits or malicious intents.
collected trust evidences from other nodes to form an overall
reputation score and a judgment basis regarding the Due to the unique characteristics of MANETs such as
trustworthiness level of each node. shared wireless medium, the lack of any fixed infrastructure,
mobility and consequently dynamic topology changes, and
The trust computation model is based on first-hand evidences resource-constrained nodes in terms of battery and computation
obtained via direct observations at the MAC layer. The proposed capability, these networks are seriously susceptible to a large
trust evidence distribution scheme is an efficient, scalable and number of security attacks [2]. The aforementioned
completely distributed scheme based on ant colony optimization characteristics also prevent traditional cryptographic-based
algorithm. For combination of collected evidences in the security methods to be directly applicable to MANETs.
reputation computation model, Dempster’s rule for combination
is applied. Dempster’s rule for combination gives a numerical As a result, in recent years researchers have taken a
procedure for fusing together multiple pieces of evidence from trust-based approach which promotes modeling and computing
unreliable observers. trust by defining and monitoring some behavioral indicative
metrics and coming up with some sort of belief in
The paper, illustrates the applicability of the proposed trustworthiness level of other nodes. This computed degree of
framework on data packet delivery functionality with Dynamic trustworthiness may then be used in situations where a node
Source Routing (DSR) as the underlying routing protocol. We has to rely on previously unknown and therefore unreliable
present simulation results which demonstrate the effectiveness
and efficiency of the proposed framework.
nodes for accomplishment of a cooperative service. In a
MANET context, trust is defined as a belief level that one node
can put on another node for a specific action according to
previous direct or indirect information from observation of
Keywords- Trust establishment framework; mobile ad hoc behaviors. The belief level is the extent to which one node
network (MANAT); evidence distribution; ant colony optimization; believes that another node is willing and able to obey the
Dempster-Shafer theory protocol and act normally [3].
In this paper, we present a trust establishment
I. INTRODUCTION framework that is based on first-hand evidences obtained via
Mobile ad hoc networks (MANETs) are multihop wireless direct observations at the MAC layer as well as second-hand
networks spontaneously constructed by mobile nodes without evidences that are obtained via an ant-based trust evidence
relying on any pre-established infrastructure [1]. In MANETs, distribution scheme from other nodes. A common difficulty in
nodes can directly communicate with other nodes within their trust-based schemes that incorporate various trust evidence
wireless transmission range that are often referred to as exchange mechanisms to reinforce their accuracy pertains to
neighbors. However, to communicate with non-neighbor nodes, the combination of observational data from nodes that can vary
they have to follow a multi-hop scenario where the source in their reliability or trustworthiness. In this paper, we have
nodes rely on their neighbors and several other intermediate employed the Dempster-Shafer evidence theory, which is well
nodes to relay their messages and deliver them to the suited to an ad-hoc network where doubt and uncertainty is
destination. Therefore, the cooperation of participating nodes inherent.
plays a vital role for successful communications. Early routing
252 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 4, July 2010
The remainder of the paper is organized as follows. Section method for combining observational data from nodes that can
II briefly reviews related work on trust establishment in vary in their reliability or trustworthiness. Previous approaches
MANETs. Section III is dedicated to the details of our have used simplistic combination techniques such as averaging
proposed trust establishment framework. Section IV presents or majority voting [18,19]. Here we apply Dempster-Shafer
results from simulation experiments that demonstrate the mathematical theory of evidence to combine independent
effectiveness of the proposed scheme. The final section of the pieces of evidence collected from other nodes in order to form
paper discusses concluding remarks. an overall reputation score regarding the trustworthiness degree
of a given node.
II. RELATED WORK
In recent years, security establishment in MANETs by the III. THE PROPOSED FRAMEWORK
means of trust modeling and management has been a As in real life, in MANETs context, trust levels are
considerable topic of interest. The proposed trust management determined for particular actions. Obviously, trust computation
frameworks in literature fall into two major categories, for any action of interest requires clear definition, monitoring
reputation-based [4,5] and trust establishment [6-9]. In the and quantification of some relevant behavioral indicative
former category, trust in other nodes is evaluated by direct metrics. We believe that our proposed framework is a general
observation and second-hand information distributed among a framework and once corresponding metrics for a given action
network. In this category most of the proposed methods use a of interest are properly defined, monitored and quantified, it
Bayesian approach based on Beta distribution [3, 5, 10, 11]. In may be adapted for various scenarios. However, to give a
this approach, a random variable that follows the beta practical illustration, for the rest of the paper, we will be
distribution is associated with the trust value of a node. Also, particularly considering the incorporation of the proposed
the posterior distribution that represents a notion of trust is framework into data packet delivery functionality with
derived from a prior distribution. In the later category [6-9], Dynamic Source Routing (DSR) as the underlying routing
trust in neighbors is evaluated by direct observation, and trust protocol [20]. In the resulted trust-aware DSR protocol, the
relations between two nodes without previous direct interaction trustworthiness degree of intermediate nodes is taken into
are established through a combination of opinions from account, so that, non-cooperative nodes could be avoided in
intermediate nodes. route selection decisions. The details of the proposed trust
establishment framework are discussed in subsequent
L. Eschenauer et al. [12] present a high-level framework subsections.
for generation, revocation and distribution of trust evidence and
demonstrate the significance of estimation metrics in trust
establishment. A.A. Pirzada et al. [13] present a trust model A. Trust Computation Model
that allows the evaluation of the reliability of the routes, using The trust computation model is executed by each individual
only first-hand information. The notion of confidence as it node. Each node operates independently and maintains its
relates to trust management was explored by G. individual perspective of the trust hierarchy. Each node uses a
Theodorakopoulos et al. [14]. L. Buttyan et al. [15] propose a direct observation mechanism for monitoring data packet
framework for stimulating cooperation in MANETs. The forwarding behavior of its neighbor nodes and accordingly
approach is based on a credit system for packet forwarding quantifies trust level of each neighbor node.
while trusted hardware is assumed. In the proposed scheme, each node buffers all the
The majority of research works presented in the packets it has sent, puts itself in promiscuous mode, initiates a
literature have mainly concentrated on trust modeling and timer and then overhears its neighbor’s forwarding behavior. If
quantification, while little attention has been paid to efficient a packet is properly forwarded within the expected timeout,
distribution of trust information. In most of the proposed trust then a successful forwarding event is recorded, otherwise an
establishment schemes participating nodes are required to unsuccessful forwarding event is recorded. The trust level is
periodically disseminate their trust information acquired simply computed by dividing the number of successful
through direct observations. forwarding observations for a particular node by the total
number of packets sent to that node to be forwarded. In
These trust information are received by other nodes and particular, the trust value, t, assigned to node j by node i is
combined to form an overall reputation score for each node. defined as follows:
This proactive approach suffers scalability, efficiency and
robustness problems in resource-constrained environments Ns
[16]. Tiang and Baras [17] propose an efficient ant-based tij = (1)
approach for the distribution of trust certificates in MANETs. N s + Nu
However, their proposed scheme does not involve any trust or
reputation computation model. In this paper we use an efficient
on-demand trust evidence discovery protocol based on ant
colony optimization algorithm for the distribution of trust Where 0 ≤ t ≤ 1 and Ns and Nu respectively represent
evidences. the cumulative number of successful and unsuccessful
forwarding events of node j recorded by node i. A trust value of
Yet another challenge in reputation-based schemes is 0 for a given node represents complete distrust and a value of 1
related to employing an accurate, robust and straightforward
253 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 4, July 2010
implies absolute trust in packet forwarding functionality of that The idea of the proposed ant-based scheme is inspired by
node. the process used by real ant colony. The ant can seek path
between the nest (source node) and multiple food sources
The trust value computed for each neighbor node is signed (nodes hosting relevant trust evidences). They accomplish the
by observer’s private key and therefore can’t be modified by mission with great efficiency. As the environment changes,
intermediate nodes. We assume that the public key of the ants can also quickly discover new routes. Since trust evidence
signer is well known and authenticated, and the corresponding discovery is a process to find relevant evidences with the best
private key cannot be compromised. Trust evidence is a efficiency, utilizing the ant colony optimization proves to be
foursome tuple denoted as TE=<provider, target, TV, time>. helpful.
Provider is the observer node which has computed the trust
value, target represents the node for which this trust evidence To obtain desired trust evidences hosted by other nodes, a
is produced, TV is the trust value of target node computed by node generates several artificial ants. The probabilistic
the provider and finally time is the last update time of the trust movement of the ant allows it to explore new paths and find the
evidence. Trust evidences are locally stored by observer nodes. proper trust evidence provider. During the trust evidence
discovery period, Forward ants (Fa) and backward ants (Ba)
In the proposed framework as it applies to the data packet are used. Fa is generated by trust evidence requester to explore
delivery functionality of DSR protocol, whenever a node needs a path to a proper trust evidence provider. Ba which contains a
to choose among available paths to communicate with a given relevant piece of trust evidence is generated from the trust
destination, it first evaluates the reliability of each available evidence provider and routes back to the requester.
path and consequently chooses the most reliable one. Path
reliability is computed as the probability that a packet won’t be The formats of Fa and Ba packets are shown in Fig. 1. The
dropped by the nodes along the route and will be safely Fa packet contains RID – requester’s ID, TID – target’s ID (the
delivered to its destination. node for which we are interested to obtain trust evidences),
SeqN – the unique sequence number, TTL – the maximum
To compute reputation scores, a node first employs the number of intermediate nodes allowed to forward the Fa
trust evidence discovery protocol to collect relevant trust packet and pass list– the dynamically increasing list which
evidences and then applies the reputation computation model to consists of the passed nodes’ IDs. In the Ba packet PID is the
combine multiple pieces of independent trust evidences ID of trust provider node which creates the backward ant and
collected from other nodes. The details of these two steps are TimeStamp is the creation time of the Ba packet.
discussed in following subsections.
B. Trust Evidence Discovery Protocol RID TID SeqN TTL Pass List …
Although there exist some literature on trust evidence
discovery in P2P networks [21,22], very little attention has (a)
been paid to exclusive study of trust evidence RID PID TimeStamp Pass List …
discovery/distribution problem in MANETs. Typical
approaches for trust evidence discovery in P2P networks rely (b)
on either flooding or centralized storage. The flooding
Figure 1. (a) FA packet (b) BA packet
approach imposes efficiency and scalability problems and the
centralized storage approach is against the decentralized and Along the path of delivering requested trust evidences,
infrastructure-less nature of MANETs and also imposes backward ants modify the information stored in the trust
robustness risks. evidence table (TET) of each node. The structure of trust
Almost all of the trust establishment schemes that utilize evidence table (TET) is shown in Fig. 2.
trust information sharing mechanisms take a proactive
approach, where nodes periodically broadcast their first-hand
trust information to their neighbors. This approach also suffers N1 N2 … Nm
scalability, efficiency and uneven distribution of trust TE1 P11 P12 … P1m
evidences across the network. TE2 P21 P22 … P2m
Here we introduce an efficient on-demand ant-based trust … … … … …
evidence discovery protocol. Our ant-based scheme uses the TEn Pn1 Pn2 … pnm
swarm intelligence paradigm [23]. The swarm intelligence Figure 2. Trust Evidence Table (TET)
paradigm is inspired from artificial ant colonies techniques to
solve combinatorial optimization problems [24]. The main Each row in TET corresponds to trust evidence of a node.
principle behind the interaction in a swarm is called stigmergy For each trust evidence TEn and for each neighbor node i, the
– indirect communication through the environment. An probability value p ni expresses the probability of choosing
example of stigmergy is pheromone laying on the trails
node i as the next hop when searching for trust evidence n and
followed by ants. Ants are attracted to pheromones and thereby
is calculated by the formula (2):
they tend to follow the trails that have high pheromone
concentrations.
254 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 4, July 2010
p ni
if i ∈ N Route Reply message to the initiator node on the reverse path.
Pni = j∑ p nj
Each intermediate node that forwards the Route Reply message
∈N (2) also checks the list of nodes contained in the route record
(excluding the source and destination nodes) and appends
0
otherwise relevant trust evidences by referring to its own TER.
Intermediate nodes avoid appending repetitive trust evidences
In (2), N is the neighbor node set of current node and p ni
and also replace recorded evidences if they have more recent
is the amount of pheromone on the link between current node versions of those evidences in their TER. Also a node
and node i for trust evidence n. During the trust evidence forwarding the Route Reply message adds useful trust
discovery process, p ni is updated using the following formula: evidences to its own TER.
Explicit mode: In situations where a source node has
p ni = (1 − α ). p ni + ∆p nj (3) multiple routes to a given target of communication, but due to
the lack of adequate trust evidences for the nodes along the
Where 0 < α < 1 is the pheromone evaporation parameter, routes cannot effectively evaluate the reliability of available
routes, it follows the following procedure:
∆p ni is the increment amount of p ni and is determined by
information contained in the received Ba and is calculated 1) The source node creates a forward ant Fa and broadcasts
using the following formula: it to its neighbors.
2) Each neighbor node receiving the Fa searches its first
∆p ni = r − m h − n (4) hand trust evidence storage. If a relevant piece of
evidence is found, a backward ant Ba containing the
In the above formula, r is the recency of the trust evidence discovered trust evidence will be generated and will
contained in the received Ba, h is the hop count the ant have retrace the path of the Fa back to the source. As the Ba
passed by from its source to the current node. m and n are moves on its path, the intermediate nodes will update
parameters which determine the relative importance of trust their TET using the formula (4) and will store the
evidence recency versus hop count. evidence in their TER.
To improve the performance of the trust evidence discovery 3) After decreasing the TTL value of the received Fa, if it is
protocol, discovered evidences are cached in trust evidence still greater than zero, then the current node will unicast
repository (TER) of every node on the path of backward ants. the Fa to the neighbor with the highest probability by
Therefore after a period of adaptation, the request overhead consulting its TET. If there is no preference to the
will be drastically reduced, since probability of obtaining neighbors, i.e. there is no entry in the TET for this
required evidences from neighbors would increase. The evidence, the Fa will be broadcasted to all neighbors.
replication procedure assures the availability of trust evidences, This happens either when no path to the requested trust
even when some origins may be out of reach. Upon receiving evidence has been explored or the information of the
fresher trust evidences, cached evidences are updated. The node is outdated. Nodes discard repetitive Fa packets by
cached trust evidence TE i , j provided by node i about node j checking the sequence number of received packets.
will be deleted from the TER of the current node if a more 4) The requester node waits for a predefined period of time
recent evidence is not received from node i about node j in a in order to get relevant trust evidences from other nodes.
fixed time interval ∆t . Once the requested evidences are received, the requester
applies the reputation computation model to combine
In the proposed trust establishment framework as it applies evidences related to each node to form an overall
to the data packet delivery functionality of DSR protocol, reputation score for each node.
relevant evidences are collected by the requester nodes in two
following modes: The next section discusses the details of the reputation
computation model.
Implicit mode: In this mode, the trust evidence discovery
process is incorporated into the route discovery mechanism of C. Reputation Computation Model
DSR protocol. Here, in addition to standard fields, each Route
In the proposed framework, nodes utilize the trust evidence
Reply message contains a field (trust evidence record) specially
discovery protocol discussed in previous section to obtain
considered for recording relevant trust evidences. Before
relevant trust evidences from other nodes. The obtained trust
receiving a Route Request message at the target node, the route
evidences are combined to form an overall reputation score for
discovery process is performed according to the standard
each node. Combination of trust evidences from other nodes
specifications of DSR protocol. When the target node received
that can vary in their reliability or trustworthiness is a
the Route Request message, it checks the list of all intermediate
challenging task and has a significant impact on the overall
nodes contained in the route record of the received message,
effectiveness of trust establishment framework. Previous
searches its TER, extract evidences related to those nodes and
approaches have used simplistic combination techniques such
in addition to the standard route record, it appends these
as averaging or majority voting [18,19]. Here, we employ the
evidences to the trust evidence record of the Route Reply
Dempster-Shafer evidence theory which offers an alternative to
message that it creates. The target node then sends back the
255 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 4, July 2010
traditional probabilistic theory for the mathematical The plausibility function constitutes the upper bound of the
representation of uncertainty and is well suited to our context interval and represents the weight of evidence that doesn’t
where doubt and uncertainty are inherent. The theory and its refute A.
applicability to reputation computation are discussed in
subsequent subsections. 2) Dempster’s Rule for Combination
1) Dempster-Shafer Theory of Evidence Suppose m1(A) and m2(A) are the basic probability
assignments from two independent observers (in the same
Dmpster-Shafer Theory (DST) is a mathematical theory of frame of discernment). The combination (called the joint m12)
evidence. The seminal work on the subject is [25], which is an is calculated from the aggregation of two bpa’s m1 and m2 in
expansion of [26]. The theory’s practical appeal is largely due the following manner:
to Dempster’s rule for combining beliefs based on independent
pieces of evidence. In a finite discrete space, Dempster-Shafer ∑ m 1 (B ) m 2 (C )
(9)
theory can be interpreted as a generalization of probability m12 ( A ) = B ∩C = A
theory where probabilities are assigned to sets as opposed to 1− k
mutually exclusive singletons. Let X be the universal set: the
set of all states under consideration. The power set, P ( X ) , is the Where
set of all possible sub-sets of X , including the empty set. Any
hypothesis A will refer to a subset of power set for which K = ∑ m1 (B ) m 2 (C ) (10)
observers can present evidence. B ∩C =∅
There are three important functions in Dempster-Shafer
The denominator in Dempster’s rule is a normalization
theory: the basic probability assignment function (bpa or m),
factor and represents the basic probability mass associated with
the Belief function (Bel), and the Plausibility function (Pl). The
conflict.
bpa, represented by m, defines a mapping of each subset of the
power set to the interval between 0 and 1. Formally, 3) Dempster’s Rule for Combination Applied to
m : P (X ) → [0,1] where it verifies two axioms. First, the mass Reputation Computation
of the empty set is zero:
m (∅ ) = 0 (5) We apply the Dempster’s rule to combine multiple pieces
of independent trust evidences collected from other nodes. In
Second, the summation of the bpas of all the subsets of the our context, the power set has three focal elements: hypothesis
power set is 1: H ={ } that characterizes the trust degree of a given node,
T
hypothesis H = { } that characterizes the distrust degree of a
T
∑
A ∈P ( X )
m (A ) = 1 (6) given node and universe hypothesis U ={ ,T } that T
characterizes the degree of belief that a given node is either
trusted or distrusted.
The value of the bpa for a given set A (represented as
m(A)), expresses the proportion of all relevant and available For a simple illustration of how trust evidences are
evidence that supports the claim that a particular element of combined using Dempster’s rule, consider that nodes A and B
X (the universal set) belongs to the set A but to no particular are offering trust evidences on node S. Assume that node A
subset of A. From the basic probability assignment, the upper claims that trust and distrust values for S are 0.8 and 0.2
and lower bounds of an interval can be defined. This interval respectively and B claims that these values are 0.2 and 0.8
contains the precise probability of a set of interest (in the respectively (according to its own observations or maliciously).
classical sense) and is bounded by two nonadditive continuous These two pieces of trust evidence are formalized as follows:
measures called Belief and Plausibility. The Belief function
m A (T ) = 0.8
(Bel) maps a hypothesis A to a value between 0 and 1and is
defined as follows. m A (T ) = 0.2 (11)
Bel ( A ) = ∑
B |B ⊆ A
m (B ) (7)
m A (U ) = 1 − (m A (T ) + m A (T )) = 0
m B (T ) = 0.2
The belief function constitutes the lower bound of the m B (T ) = 0.8
interval and represents the weight of evidence supporting A’s (12)
provability. The plausibility function maps each hypothesis A m (U ) = 1 − (m B (T ) + m (T )) = 0
B B
to a value pls(A) between 0 and 1and is defined as follows.
And the combination is computed as follows:
pl ( A ) = ∑
B | B ∩ A ≠∅
m (B ) (8)
256 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 4, July 2010
mA (T )mB (T ) + mA (T )mB (U ) +mA (U )mB (T ) 0.16 (13) and a pause time of 50 seconds. Simulations run for 900
mA (T ) ⊕mB (T ) = = =0.5 seconds.
1− m (T )m (T ) + m (T )m (T )
0.32
A B A B
B. Simulation Results
We use the following metrics for evaluation of the proposed
Dempster’s rule for combination is a commutative and trust establishment framework:
associative rule and therefore for any arbitrary number of bpas
we can compute the combination by first combining any pair of Success rate: the percentage of requests for which the
bpas and then combining the result with the remaining bpas in requester successfully obtains the relevant evidence(s). In
the same way. simulation, it is the number of unique forward ants sent by the
requester nodes over the total number of corresponding
Even though in this paper we assume that all nodes are backward ants received by those nodes.
completely reliable with respect to offering accurate trust
evidences, a significant advantage of utilizing Dempster’s rule Throughput: In our context, throughput is defined as the
for combination is its ability to effectively discount the impact ratio of the number of packets received by the application layer
of evidences obtained from unreliable sources in the computed of destination nodes to the number of packets sent by the
reputation score. application layer of source nodes.
An honesty coefficient with a value between 0 and 1 for the Average Latency: this metric reflects the overhead
collected evidences can be utilized for this purpose. A value of imposed by the proposed scheme. The metric is defined as the
0 for a given node represents its complete dishonesty and mean time (in seconds) taken by the packets to reach their
completely neutralizes the impact of the trust evidence respective destinations.
provided by that node in the combination rule. Conversely, a Fig. 3 presents the success rate performance results. As it
value of 1 for a given node represents its absolute honesty and can be observed, except at the beginning of the simulation that
maximizes the impact of the trust evidence provided by that still trust evidences are not available and entries in trust
node in the combination rule. To exemplify this, suppose that evidence tables of participating nodes aren’t accurately
in the previous example, instead of absolute honesty, the updated, the success rate for requested trust evidences is low.
honesty coefficient of node B was 0.8. So, we would have: However as the simulation proceeds a fast convergence is
m (T ) = 0.8 × 0.2 = 0.16 achieved at the cost of using broadcast requests for finding
B
desirable trust evidences.
m B (T ) = 08. × 0.8 = 0.64 (14)
m B (U ) = 1 − (m 2 (T ) + m 2 (T )) = 0.2
And the combination rule would yield:
(0.8 × 0.16) + (0.8 × 0.2) 0.288
= = 0.63 (15)
(
1 − (0.8 × 0.64) + (0.16 × 0.2) 0.465 )
As it can be easily verified, the impact of B’s trust evidence
in the combination rule has been weakened and A’s evidence
has been more influential in the gained result.
IV. SIMULATION AND EVALUATION Figure 3. Success rate performance results
The Performance of the proposed framework has been Notice that in fig. 3 the success rate of the proposed scheme
evaluated using some simulations. The simulation model and increases and decreases repeatedly by a small amount. The
gained results are discussed in following subsections. reason is the mobility of nodes hosting requested trust
evidences and abolishment of trust evidences with the passage
A. Simulation Model of time.
To evaluate the effectiveness and efficiency of the proposed
To investigate the effectiveness of the proposed framework
framework, we have conducted some simulations according to
multiple scenarios. We have used NS-2 for simulation purpose. as it applies to the data packet delivery functionality of DSR
protocol; we use the throughput metric. For this purpose, a
All simulations are in an ad hoc network consisting of 50 nodes
spread uniformly through a 1000×1000 meter square area. varying number of selfish nodes that drop their received data
packets destined to other nodes with a probability between 60
Nodes are equipped with an IEEE 802.11 radio network
interface, operating at 11Mbps data rate with a 250m and 100 percent are implemented in simulations.
transmission range. There exist a total of 30 CBR connections Simulations have been conducted for two different
and sending nodes send data packets of size 512b at 4pk/s rate. scenarios. In each scenario the ratio of selfish nodes ranges
Nodes move according to the Random Waypoint mobility from 0 to 50 percent. The two scenarios are: 1) when standard
model with speed uniformly distributed between 0 and 10m/s
257 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 4, July 2010
DSR protocol is used for route selection decisions and V. CONCLUSION
communications among nodes. 2) When the proposed scheme We presented a trust establishment framework that utilizes
is employed to improve route selection decisions. both first and second-hand observational data. An on-demand
Fig. 4 presents the throughput performance results of the ant-based scheme was introduced for efficient distribution of
two scenarios. trust evidences. The flexibility of the formula used for choosing
the best next hop for obtaining the requested trust evidences
provides the possibility of embedding more complicated
metrics such as node mobility, provider’s trustworthiness and
security related items.
Dempster's rule for combination which offers an
effective and robust mechanism for combination of trust
evidences collected from other nodes and quantification of
reputation was used. We used experimental simulations to
demonstrate the effectiveness of the proposed framework as it
applies to the data packet delivery functionality of DSR
protocol. However, we believe that the proposed framework is
a general framework that may be adapted for a variety of
scenarios where nodes have to rely on unreliable nodes to
accomplish a cooperative service.
ACKNOWLEDGMENT
Figure 4. Throughput performance results
This research has been supported by Iran
The performance results reveal that in the presence of a Telecommunication Research Center (ITRC) under contract
varying percentage of selfish nodes, the proposed scheme 19230/500 and herein authors are willing to express their
results in a better throughput. The main reason is that in gratitude.
standard DSR protocol, by default shorter paths are preferred
for communication. However, in the proposed scheme, REFERENCES
whenever a node needs to communicate with another node, it
[1] Chlamtac, I., Conti, M. and Liu, J.N. (2003). Mobile ad hoc networking:
first evaluates the reliability of each available path and imperatives and challenges. Ad Hoc Networks, 1, 13-64.
consequently chooses the most reliable one. Path reliability is [2] Wu, B., Chen, J., Wu, J. and Cardei, M. (2007). A Survey of Attacks and
defined as the probability that a packet won’t be dropped by the Countermeasures in Mobile Ad Hoc Networks. In: Xiao, Shen and Du
nodes along the route and will be safely delivered to its (Eds), Wireless Network Security, 103-136.
destination. [3] Li, J., Li, R. and Kato, J. (2008). Future Trust Management Framework.
Communications Magazine IEEE, 46(4), 108-114.
The comparison results for average latency of standard [4] Buchegger, S. and Le Boudec, J. Y. (2002). Performance Analysis of the
DSR and the proposed scheme are shown in Fig 5. CONFIDANT Protocol (Cooperation Of Nodes Fairness in Dynamic
Ad-hoc NeTworks). Proc. ACM MobiHoc 2002, Atlanta, GA.
[5] Buchegger, S. and Le Boudec, J. Y. (2004). A Robust Reputation
System for P2P and Mobile Ad-Hoc Networks. Proc. P2PEcon 2004,
Harvard Univ., Cambridge, MA.
[6] S. Marti et al., “Mitigating Routing Misbehavior in Mobile Ad Hoc
Networks,” Proc. MobiCom 2000, Aug.2000, pp. 255–65.
[7] Sun, Y., Yang, Y. (2006). A Trust Evaluation Framework in Distributed
Networks: Vulnerability Analysis and Defense Against Attacks. Proc.
IEEE INFOCOM 2006, Barcelona, Spain.
[8] Theodorakopoulos, G. and Baras, S. (2006). On Trust Models and Trust
Evaluation Metrics for Ad Hoc Networks. Selected Areas in
Communications, IEEE, 24(2), 318-328.
[9] Zouridaki, C., Mark, B.L., Hejmo, M., Thomas, R.K. (2007). Hermes: a
quantitative trust establishment framework for reliable data packet
delivery in MANETs. Journal of Computer Security, 15 (1), 3–38.
[10] Ganeriwal, S. and Srivastava, M. (2004). Reputation-based Framework
for High Integrity Sensor Networks. Proc. ACM Wksp. Sec. Ad Hoc and
Figure 5. Average latency results Sensor Networks, Washington, DC.
[11] Zouridaki, C., Mark, B.L., Hejmo, M. and Thomas, R.K. (2005). A
As expected, considering the fact that the trusted paths Quantitative Trust establishment Framework for Reliable Data Packet
chosen by the proposed scheme are not necessarily optimal in Delivery in MANETs. Proc. 3rd ACM Wksp. Sec. Ad Hoc and Sensor
Networks, 1-10.
terms of the number of hops, compared to the standard DSR
protocol the average latency has been increased. However, the [12] Eschenauer, L., Gligor, V.D., Baras, J. (2002). On trust establishment in
mobile ad-hoc networks. proc. Wksp. Security, vol. 2845, LNCS, 47–66.
achieved amelioration of throughput compensates for the
imposed overhead.
258 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
(IJCSIS) International Journal of Computer Science and Information Security,
Vol. 8, No. 4, July 2010
[13] Pirzada, A.A., McDonald, C. (2006). Establishing trust in pure ad-hoc
networks. Wireless Personal Communications, 37, 139-163.
[14] Theodorakopoulos, G., Baras, J.S. (2004). Trust evaluation in ad-hoc
networks. proc. ACM Wksp. Wireless Security (WiSe’04), 1–10.
[15] Buttyan, L., Hubaux, J.P. (2003). Stimulating cooperation in self-
organizing mobile ad hoc networks. Mobile Networks and Applications,
8 (5), 579–592.
[16] Huo, H., Gao, D., Niu, Y. and Gao, S. (2007). ASDP: An Action-Based
Service Discovery Protocol Using Ant Colony Algorithm in Wireless
Sensor Networks, Lecture Notes in Computer Science 4864, 338-349.
[17] Jiang, T. and Baras, J.S. (2004). Ant-based Adaptive Trust Evidence
Distribution in MANET. Proc. 24th International Conference on
Distributed Computing Systems Workshops (ICDCSW’04), 588-593.
[18] Kargl, F., Klenk, A., Weber, M. and Schlott, S. (2004). Sensors for
Detection of Misbehaving Nodes in MANETs. Proc. Detection of
Intrusion and Malware and Vulnerability Assessment.
[19] Zhang, Y. and Lee, W. (2000). Intrusion Detection in Wireless Ad-Hoc
Networks. Proc. 6th Ann. ACM Int’l Conf. Mobile Computing and
Networking, ACM Press, 275–283.
[20] Johnson, D.B., Maltz, D.A. and Hu, Y. (2003). The Dynamic Source
Routing Protocol for Mobile Ad-Hoc Networks (DSR), IETF MANET,
Internet Draft (Work in Progress).
[21] Clarke, I., Sandberg, O., Wiley, B. and Hong, T.W. (2000). Freenet: A
distributed Anonymous Information Storage and Retrieval System. In
Proc. ICSI Workshop on Design Issues in Anonymity and
Unobservability, Berkeley, CA.
[22] Babaoglu, O., Meling, H. and Montresor, A. (2002). Anthill: A
Framework for the Development of Agent-Based Peer-to-Peer Systems.
In Proc. 22nd ICDCS, Vienna, Austria.
[23] Bonabeau, E., Dorigo, M. and Theraulaz, G. (1999). Swarm Intelligence
– From Natural to Artificial Systems. New York: Oxford University
Press.
[24] Caro, G. D. and Dorigo, M. (1998). AntNet: Distributed Stigmergetic
Control for Communications Networks, Journal of Artificial Intelligence
Research, 9, 317-365.
[25] G. Shafer, A. (1976). Mathematical Theory of Evidence. Princeton:
Princeton Univ. Press.
[26] Dempster, A. (1967). Upper and Lower Probabilities Induced by a
Multivalued Mapping. Ann.Mathematical Statistics, 38(2), 325–339.
259 http://sites.google.com/site/ijcsis/
ISSN 1947-5500
Related docs
Other docs by ijcsiseditor
Digital Images Encryption in Spatial Domain Based on Singular Value Decomposition and Cellular Automata
Views: 0 | Downloads: 0
Agent Behavior in Multiagent Systems: Issues and Challenges in Design, Development and Implementation
Views: 1 | Downloads: 0
Optimizing Cost, Delay, Packet Loss and Network Load in AODV Routing Protocols
Views: 2 | Downloads: 0
