240 likes | 251 Views
TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks. Xiaoqi Li, Michael R. Lyu, and Jiangchuan Liu IEEE Aerospace Conference March 2004. Outline . Introduction Background: AODV and Subjective logic Framework of TAODV Trust model for TAODV Routing operations in TAODV
E N D
TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Xiaoqi Li, Michael R. Lyu, and Jiangchuan Liu IEEE Aerospace Conference March 2004
Outline • Introduction • Background: AODV and Subjective logic • Framework of TAODV • Trust model for TAODV • Routing operations in TAODV • Analysis • Conclusion and future work CSE Dept. of CUHK
Introduction to MANETs • Mobile Ad Hoc Networks (MANETs) • No fixed infrastructure • Self-organized routing • Prone to be unstable and insecure • Previous Secure Solutions for MANETs • Require each node to testify itself by showing its digital signature at all times • Need a super-trusted third-party to provide authentication CSE Dept. of CUHK
Introduction to TAODV • Make use of trust relationships among nodes • Need not request and verify signature at each time of communication, just like human society • TAODV: a secure routing protocol based on trust model for MANET CSE Dept. of CUHK
Background: Subjective Logic • Subjective logic • Represent trust relationship formally • Define how to combine different trust information together • Map all kinds of evidences to trust representation space • We derive our trust model for TAODV from subjective logic CSE Dept. of CUHK
Background: AODV • AODV • Ad Hoc On-Demand Distance Vector Routing Protocol for MANETs • Two main routing messages: • RREQ: Routing REQuest • RREP: Routing REPly • We extend AODV by adding trust information into its routing messages CSE Dept. of CUHK
Framework of TAODV CSE Dept. of CUHK
Trust Model for TAODV: Representation of trust • Use Opinion to represent trust: • A three-dimensional metric • -- Probability of node A believing in node B • -- Probability of node A disbelieving in node B • -- Probability of node A’s uncertainty about B CSE Dept. of CUHK
Trust Model for TAODV: Combination of trust • Discounting Combination: • Combine trusts along one path • Combine • Equation: Let CSE Dept. of CUHK
Trust Model for TAODV: Combination of trust • Consensus Combination: • Combine trusts from several paths • Combine • Equation: Let CSE Dept. of CUHK
Trust Model for TAODV: Mapping from evidences to opinion space • Mapping from evidence space to opinion space: • p : positive evidences • n : negative evidences CSE Dept. of CUHK
Routing Operations in TAODV • Trust Recommendation • Trust Judgement • Routing Table Extension • Trust Update • Routing Messages Extensions • Trusted Routing Discovery CSE Dept. of CUHK
Trust Recommendation • Exchange trust information • Three types of message: • TREQ: Trust REQuest • TREP: Trust REPly • TWARN: Trust WARNing • Broadcast TWARN when a node’s disbelief value is zero • Message structure: CSE Dept. of CUHK
Trust Judgement • Predefined trust judging rules b – belief d – disbelief u – uncertainty 0.5 – threshold CSE Dept. of CUHK
Routing Table Extension • Add three fields into original routing table • Positive events • Negative events • Opinion • New routing table format CSE Dept. of CUHK
Trust Update • Update of Evidences • Successful Communication Positive events: p++ • Failed Communication Negative events: n++ • Update of opinion - two ways: • Mapping from evidence space • Combination from different recommendations CSE Dept. of CUHK
Trusted Routing Discovery: Scenario I-Beginning of TAODV • Initial opinions are all (0,0,1) • Node A originates a RREQ to discover a route to C • Node B will authenticate A and C because of high uncertainty (u=1) of them from its point of view • Finally, if succeeds, the opinions are all changed to (0.33,0,0.67) CSE Dept. of CUHK
Trusted Routing Discovery: Scenario II-A Stable TAODV MANET • Trust relationships have been established among almost all the nodes • The values of uncertainty are getting smaller and smaller • The general procedures are as follows. (e.g. N2) CSE Dept. of CUHK
Trusted Routing Discovery: Scenario II-A Stable TAODV MANET CSE Dept. of CUHK
Analysis • Performance • No need to perform cryptographic computations in every packet reducing computation overhead • Trust recommendation messages and routing table extension are simple no introducing much routing overhead CSE Dept. of CUHK
Analysis • Security • A malicious node will be finally denied from the network and it’s opinion from other nodes will be (0,1,0). • When a bad node turns to be a good one, it’s opinion in others will be changed from (0,1,0) to (0,0,1) after expiry. CSE Dept. of CUHK
Analysis • Flexibility • Each node is given more flexibility to define its own opinion threshold. • The default threshold is 0.5. • For high level security requirement, the threshold can be increased. • For some non-critical applications, the threshold can be decreased. CSE Dept. of CUHK
Conclusion • First approach to apply the idea of trust model into the security solutions of MANETs. • The trust among nodes can be quantified and combined. • TAODV is a secure routing protocol with • Less computation overheads • Not introducing much routing overheads • Flexible security levels CSE Dept. of CUHK
Future Work • Optimize trusted routing discovery algorithm • Establish fast response mechanism when being attacked • Perform detailed simulation evaluation CSE Dept. of CUHK