1 / 17

Jin- Hee Cho & Ananthram Swami , Army Research Laboratory Ing -Ray Chen, Virginia Tech

A Survey of Trust Management for Mobile Ad Hoc Networks . Jin- Hee Cho & Ananthram Swami , Army Research Laboratory Ing -Ray Chen, Virginia Tech. Outline. Background Motivation Multidisciplinary Trust Concept Trust, Trustworthiness, and Risk Assessment Trust Properties in MANETs

mireya
Download Presentation

Jin- Hee Cho & Ananthram Swami , Army Research Laboratory Ing -Ray Chen, Virginia Tech

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Survey of Trust Management for Mobile Ad Hoc Networks Jin-Hee Cho & Ananthram Swami , Army Research Laboratory Ing-Ray Chen, Virginia Tech

  2. Outline • Background • Motivation • Multidisciplinary Trust Concept • Trust, Trustworthiness, and Risk Assessment • Trust Properties in MANETs • Survey on Trust Management in MANETs • Future Research Directions

  3. Background • Design Challenges in Mobile Ad Hoc Networks: • Resource constraints • energy, bandwidth, memory, computational power • High security vulnerability • open medium derived from inherent nature of wireless networks • rapidly changing network topology due to node mobility or failure, RF channel conditions • decentralized decision making and cooperation (no centralized authority) • no clear line of defense • Trust: the degree of subjective belief about the behavior of a particular entity.

  4. Motivation • Trust management is needed in MANETs with the goal of establishing a network with an acceptable level of trust relationships among participating nodes: • During network bootstrapping • To support coalition operation without predefined trust • For authentication for certificates generated by other parties when links are down • To ensuring safety when entering a new zone • Diverse applicability as a decision making mechanism for: • Intrusion detection • Key management • Access control • Authentication • Secure routing • Many others

  5. Trust in Communications & Networking • Trust in Communications & Networking • A set of relations among entities participating in a protocol based on evidence generated by the previous interactions of entities within a protocol • If the interactions have been faithful to the protocol, then trust will accumulate between these entities • Context-aware trust: trust is the quantified belief of a trustornode regarding competence, honesty, security, and dependability of a trustee node in a specific context

  6. Trust, Trustworthiness, and Risk Assessment Trustworthiness Trust =Trustworthiness 1 a. misplaced distrust 0.5 b. misplaced trust Trust 0.5 1 • Definition (Trustworthiness): Trustworthiness is objective probability by which the trustee performs a given action on which the welfare of the trustordepends • Definition (Trust): Trust is the subjective probability by which the trustorexpectsthat the trustee performs a given action on which the welfare of the trustor depends • Definition (Risk): risk is defined by the probability and the consequence of an incident. The risk value is given by the function r : Px C -> RV, where Pis a set of trust values in [0,1], C is the set of consequence values and RV is the set of risk values. Trust Level [Solhaug et al., 2007]

  7. Trust vs. Risk Stake 1 High risk S2 Medium risk S1 Low risk t1 0.5 t2 1 Trust • Trust-based decision making: a trust threshold is used to say yes/no yes when t > trust threshold (t2 in the graph) • Risk-based decision making: a risk threshold is used to say yes/no yes when r < high risk threshold (high risk zone in the graph) In general when trust is high, risk is low but it really depends on the stake (consequence of failure). It is not enough to consider trust only and then say that trust is risk acceptance, trust is inverse to risk, or the like. Trust vs. Risk [Solhaug et al. 2006, Josang & LoPresti, 2004]

  8. Trust Properties in MANETs • Dynamic, not static • Trust in MANETs should be established based on local, short-lived, fast changing over time, online only and incomplete information available due to node mobility or failure, RF channel conditions • Expressed as a continuous value ranging from positive and negative degree • Subjective • Different experiences derived from dynamically changing network topology • Not necessarily transitive • Asymmetric, not necessarily reciprocal • Heterogeneous entities • Context-dependent • Sensing/Reporting vs. forwarding Trust properties in MANETs. Trust properties in existing trust management in MANETs.

  9. Classification of Trust Management trust evidence collection, trust generation, trust distribution, trust discovery, and trust evaluation [Solhaug et al., 2006]

  10. Attacks in MANETs • By the nature of attack and the types of attackers [Liu et al., 2004] • Passive Attacks: when an unauthorized party gains access to an asset but does not modify its content, (e.g., eavesdropping or traffic analysis) • Active Attacks : masquerading (impersonation attack), replay (retransmitting messages), message modification, DoS (e.g., excessive energy consumption) • By the legitimacy of attackers [Liu et al., 2004] • Insider attacks: authorized member • Outsider attacks: illegal user Attacks considered in existing trust management in MANETs.

  11. Metrics for Measuring Network Trust in MANETs • Network trust has been evaluated by general performance metrics, e.g., detection accuracy, goodput (useful information bits/sec), throughput (data bits/sec), overhead, delay, network utility, route usage (for secure routing), packet dropping rate, etc. • Recently, trust level as a metric has been used, e.g., trust level of a network path or session Metrics used for evaluating network trust

  12. Composite Trust Metrics • Quality-of-Service (QoS) Trust • Competence, dependability, reliability, successful experience, and reputation or recommendation representing capability to complete an assigned “task” • Examples are the node’s energy lifetime, computational power level, and capability to complete packet delivery • Social Trust • Use of the concept of social networks • Friendship, similarity, common interest, social connectivity, honesty, and social reputation or recommendation derived from direct or indirect interactions

  13. Trust Management in MANETs based on Design Purpose Summary of existing trust management schemes in MANETs based on specific design purposes

  14. Trust-based Applications in MANETs Secure Routing • Detect and isolate misbehaving nodes (selfish or malicious) • Reputation management • Extension of the existing routing protocols (e.g., DSR, AODV) using trust concept • Incentive mechanism to induce cooperation • Revocation + redemption possible Authentication • Use trust to authenticate nodes or routing paths • Use direct evidence (certificates or observations of packet forwarding behavior) plus second hand information (e.g., recommendation) • Extension of the existing routing protocols (e.g., DSR, Zone Routing Protocol) Key Management • Establish keys between nodes based on their trust relationships • Trust-based PKI • Distributed - each node maintains its public/private keys • Hierarchical – a CA is elected based on trust

  15. Trust-based Applications in MANETs (Cont.) Intrusion Detection • Trust as a basis for developing an intrusion detection system (IDS) • Trust-based IDS provides audit and monitoring capabilities to enhance security • Evaluating trust and identifying intrusions can be integrated together to build a trustworthy environment Access Control • Use trust for decision making of access control to MANET resources • Trust-based admission control (role-based) • A node can use resources if it is trusted by k trusted nodes • Can integrate with policy-based access control (with a proof of identity or certificate)

  16. Issues for Future Trust Management in MANETs • How should we select a trust metric that can reflect the unique properties of trust in MANETs? • What constitutes trust? Is it multi-dimensional with multiple trust components? Should we have a different set of trust components reflecting the application characteristics and node behavior (including selfish/malicious behavior)? • How can trust contribute to scalability, reconfigurability, security, and reliability of the network? • How should a trust protocol be designed to achieve adaptability to rapidly changing MANET environments? • How do we design a trust system to reflect adequate tradeoffs, e.g., altruism vs. selfishness, and effectiveness vs. efficiency? • Can we identify optimal trust protocol settings under various network and environmental conditions?

  17. Questions? Contact us at: Jin-Hee Cho (jinhee.cho@arl.army.mil), Army Research Laboratory Ananthram Swami (aswami@arl.army.mil) , Army Research Laboratory Ing-Ray Chen (irchen@vt.edu), Virginia Tech

More Related