1 / 31

Haojin Zhu, Suguo Du, Zhaoyu Gao, Mianxiong Dong, Zhenfu Cao Presented by Youyou Cao

A Probabilistic Misbehavior Detection Scheme towards Efficient Trust Establishment in Delay-tolerant Networks. Haojin Zhu, Suguo Du, Zhaoyu Gao, Mianxiong Dong, Zhenfu Cao Presented by Youyou Cao. Outline. Introduction System model Basic iTrust misbehavior detection scheme

stew
Download Presentation

Haojin Zhu, Suguo Du, Zhaoyu Gao, Mianxiong Dong, Zhenfu Cao Presented by Youyou Cao

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A Probabilistic Misbehavior Detection Schemetowards Efficient Trust Establishment inDelay-tolerant Networks Haojin Zhu, Suguo Du, Zhaoyu Gao, Mianxiong Dong, Zhenfu Cao Presented by Youyou Cao

  2. Outline • Introduction • System model • Basic iTrust misbehavior detection scheme • Advanced iTrust probabilistic misbehavior detection scheme • Experiment Results • Future work • Conclusion

  3. Introduction Delay tolerant network(DTN) • lack of contemporaneous end-to-end path • High variation in network conditions • Difficulty to predict mobility patterns • Long feedback delay Store-carry-and-forward strategy • In-transit messages can be sent over an existing link and buffered at the next hop until the next link in path appears DTN Routing Misbehavior • Dropping packets intentionally • Selfish/Malicious • Significantly reduce the packet delivery rate, serious threat against network performance of DTN

  4. Related work Misbehavior detection scheme for MANET: • Neighborhood monitoring ---- won’t work for DTN! black hole attack cannot be detected due to lack of witness • Destination acknowledge ---- won’t work for DTN! Lack of contemporaneous path Current misbehavior detection schemes for DTNs: • Based on forwarding history verification Problem: Transmission overhead and verification cost is high D C A B F E Negative ACK

  5. System Model A normal DTN consisted of mobile devices owned by individual users. • Each node i has a unique ID and a corresponding public/private key pair. • Each node must pay a deposit C before it joins the network, and the deposit will be paid back after the node leaves, if there is no misbehavior activity of the node. A periodically available Trust Authority (TA) exists to take the responsibility of misbehavior detection in DTN. • For a specific detection target , TA will request ’s forwarding history in the global network.

  6. Routing Model Use single-copy routing mechanism(First Contact routing protocol) • Note: the proposed misbehaving detection scheme can also be applied to delegation based routing protocols or multi-copy based routing protocols Assume the communication range of a mobile node is finite. • A data sender out of destination node’s communication range can only transmit data via a sequence of intermediate nodes in a multi-hop manner.

  7. Threat model Assume each node in the networks is rational and a rational node’s goal is to maximize its own profit. Mainly consider two kinds of misbehavior node: • Selfish Due to the selfish nature and energy consuming, selfish nodes are not willing to forward bundles for others without sufficient reward. • Malicious As an adversary, the malicious nodes arbitrarily drop others’ bundles (blackhole or greyhole attack), which often take place beyond others’ observation in a sparse DTN, leading to serious performance degradation.

  8. Design Requirements Distributed: • Require that a network authority responsible for the administration of the network is only required to be periodically available and consequently incapable of monitoring the operational minutiae of the network. Robust: • Require a misbehavior detection scheme that could tolerate various forwarding failures caused by various network environments. Scalability: • Require a scheme that works independent of the size and density of the network.

  9. Basic iTrust scheme for misbehavior detection in DTNs Routing Evidence Generation Phase • Three kinds of data forwarding evidences to judge if a node is a malicious one or not Auditing Phase • Three misbehavior detection cases • An honest data forwarding with sufficient contacts • An honest data forwarding with insufficient contacts • A misbehaving data forwarding with/without sufficient contacts

  10. Routing Evidence Generation Phase message Time stamp Packet expiration time Signature generated by the source nodes on message M Signature generated by node to indicate that the forwarding task has been delegated to node Signature generated by node to indicate that has accepted this task Note: In the audit phase, for the investigation target node , will submit the delegation task evidences to TA for verification

  11. Routing Evidence Generation Phase Signature generated by node to demonstrate the authenticity of forwarding history evidence Note: In the audit phase, the investigation target node will submit the forwarding history evidence to TA to demonstrate that he has tried his best to fulfill the routing task defined by the delegation task evidence.

  12. Routing Evidence Generation Phase Note: Contact history evidence will be stored at both nodes. In the audit phase, for the investigation target node , both and will submit their contact history evidence to TA for verification. Contact history evidence can prevent blackhole or greyhole attack since nodes with sufficient contact with others fail to forward data will be regarded as misbehavior nodes

  13. Basic iTrust scheme illustration • In the Routing Evidence Generation Phase: • A forwards packets to B ,then gets the delegation history back. B holds the packet and then encounters C. C gets the contact history about B. • In the Auditing Phase: • When TA decides to check B, TA will broadcast a message to ask other nodes to submit all the evidence about B, then A submits the delegation history from B, B submits the forwarding history ,C submits the contact history about B.

  14. Auditing phaseTA will launch an investigation request towards node in the global network during a certain period [,]Each node in the network submit its collected evidences regarding TA collect all the information regarding and get the sets TA check if message forwarding requests have been honestly fulfilled by

  15. Auditing phase m: message sent to for future forwarding (m): message expiration time (m): set of next-hop nodes chosen for message forwarding R: set of contacted nodes satisfying the DTN routing protocol requirements during [(m), ] D: number of copies required by DTN routing • Class I (An Honest Data Forwarding with Sufficient Contacts) • Class II (An Honest Data Forwarding with Insufficient Contacts)

  16. Auditing phase m: message sent to for future forwarding (m): message expiration time (m): set of next-hop nodes chosen for message forwarding R: set of contacted nodes satisfying the DTN routing protocol requirements during [(m), ] D: number of copies required by DTN routing • Class III (A Misbehaving Data Forwarding with/without Sufficient Contacts)

  17. The basic misbehavior detection algorithm TA judges if node is a misbehavior or not by triggering the Algorithm 1.

  18. From basic to probabilistic The proposed algorithm itself incurs a low checking overhead. However, to prevent malicious users from providing fake delegation/forwarding/contact evidences, TA should check the authenticity of each evidence by verifying the corresponding signatures, which introduce a high transmission and signature verification overhead. So a probabilistic misbehavior detection scheme, where the TA launches the misbehavior detection at a certain probability, is proposed to reduce the detection overhead without compromising the detection performance. The probabilistic scheme of iTrust is inspired by the Inspection game theory.

  19. Game theory analysis • Assumptions: • g: the forwarding transmission cost for each node to make a packet forwarding • W: compensation received from TA if the node successfully pass the investigation • C: punishment paid if the node failed the investigation • V: credit received by TA for each successful data forwarding • H: investigation cost for TA • TA’s strategies: Inspecting (I) or Not inspecting (N) • Node’s strategies: Forwarding (F) or Offending (O)

  20. Game theory analysis Note: should b

  21. Game theory analysis If the node chooses offending strategy, its payoff is If the node chooses forwarding strategy, its payoff is Note: should b

  22. Reduction of misbehavior detection cost

  23. Game theory analysis Note: should be

  24. Evaluation of the scalability of iTrust

  25. Impact of Percentage of Malicious Nodes Malicious nodes detection rate >60% for all three case Misidentified rate drops when MNR increases Cost is linear to inspection probability

  26. Impact of Various Packet Loss Rate iTrust is effective for both black hole and grey hole attack Misidentification rate is under 8% if the detection probability is under 10% Cost is linear to inspection probability

  27. Impact of choosing different detection probability iTrust can significantly reduce the misbehavior detection cost Suggest a lower detection probability such as 10% or 20% Correction: Note: should change to Fig. 4(c) and 5(c)

  28. Impact of nodes’ mobility

  29. Impact of message generation interval

  30. Future Work • Exploiting reputation system to further improve the performance of iTrust • Currently, iTrust assumes the same detection probability for each node. • Intuitively, should use a lower inspection probability on honest nodes and a higher inspection probability on a misbehaving node • Solution: • Combine reputation system with iTrust • Define the inspection probability p to be the inverse function of reputation r, we also need that 1 > p >

  31. Conclusion iTrust: a Probabilistic Misbehavior Detection Scheme • Model iTrust as an Inspection Game and show that an appropriate probability setting could assure the security of the DTNs at a reduced detection overhead. • Simulation results confirm that iTrust will reduce transmission overhead incurred by misbehavior detection while detecting the malicious nodes effectively.

More Related