1 / 36

fine-grained reputation-based routing in wireless ad hoc networks

Alma Cemerlic Department of Computer Science and Engineering Master Thesis Defense. fine-grained reputation-based routing in wireless ad hoc networks. outline. Introduction Wireless ad hoc network Motivation of the study Definition of terms Related work Our methodology

tiffany-leda
Download Presentation

fine-grained reputation-based routing in wireless ad hoc networks

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Alma Cemerlic Department of Computer Science and Engineering Master Thesis Defense fine-grained reputation-based routing in wireless ad hoc networks

  2. outline • Introduction • Wireless ad hoc network • Motivation of the study • Definition of terms • Related work • Our methodology • Fine-grained reputation system • Integration with a wireless routing protocol • Simulation and evaluation • Conclusion

  3. wireless ad hoc network characteristics (1) • Ad hoc mode • No base stations • Nodes can only transmit to other nodes within link coverage • Nodes organize themselves into a network – route among themselves

  4. wireless ad hoc network characteristics (2) • Ad-hoc Network Characteristics • No infrastructure support • Limited resources (power, memory, and processing) • Easily eavesdropped • Naïve trust model • Examples • Hostile environments like battlefields or rescue operations

  5. motivation of the study • Most legacy models of wireless ad hoc routing do not consider security and use hop count as a measure of path cost. • We explore reliability of each node to improve the quality of service and security. • An approach to routing which incorporates security (reputation) of nodes into legacy routing metrics

  6. routing based on fine-grained reputation system • Basic idea: • Route packets through nodes with high reputation values • Protect network traffic from misbehaving nodes • Improve effective throughput • Minimize interaction with misbehaving nodes • Solution • Evaluate reputation of each node • Integrate reputation metric into route selection

  7. definition of terms and assumptions (1) • Neighbors – communication range of two nodes overlaps. • Neighborhood – all neighbors • Behavior – the way that a node handles packet forwarding, i.e. correctly forwards, alters, injects, etc. • Reputation – evaluated through observation of a neighbors’ behavior. • Report – reputation information periodically exchanged among neighbor nodes. • Trust – indicates whether reports coming from a particular node can be considered trustworthy.

  8. definition of terms and assumptions (2) • Bidirectional communication on every link • Many wireless Medium Access Control (MAC) layer protocols require bidirectional communication for reliable transmission • Network interfaces on the nodes support promiscuous mode operation • If a node A is within range of node B, it can overhear all communications to and from B

  9. adversary models • Adversaries are nodes that misbehave in such ways that they degrade integrity and availability of the network • Misbehaviors include: • Packet alternation and injection done by malicious nodes when they are supposed to forward packets for other nodes • Packet dropping done by selfish nodes when they are supposed to forward packets for other nodes

  10. related work • Use forwarding behavior of a node to estimate its reliability. • Nodes categorized as good or bad (Beta Reputation System) • Distinguishing between selfish and malicious behavior is not possible • CONFIDANT (Buchegger 2002a), CORE (Michiardi 2002a), SORI (Wang 2004b), SAFE (Rebahi 2005) • Virtual currency in wireless routing • Packet Purse Model • Packet Trade Model • Nugglets (Buttyan 2001), (Wang 2004a), (Jakobsson 2003)

  11. fine-grained reputation system • “Self-organized system” • Decentralized, cooperation cannot be guaranteed • Reputation systems – “soft security” • Stimulate ethical behavior and integrity of members in collaborative environments; recognize and sanction intolerable behavior, reward obedient members • Each node observes behavior and evaluates reputation of its neighbors • Neighbors exchange reputation information • Reputation is used to select the most reliable and secure path from source to destination

  12. fine-grained reputation classification based on node behavior • Friendly Nodes • Correctly forward packets; expected behavior • Selfish Nodes • Drop packets; expect other nodes to route their packets; • Physical properties (battery, overload), attempt to save resources, random failure • Harm availability of the network • Malicious Nodes • Misroute, alter, or inject packets; • Harm integrity of packets • If behavior changes, node’s reputation changes correspondingly.

  13. fine-grained reputation evaluation • Total Reputation is the combination of • first-hand and • second-hand reputation • First-hand reputation • from direct observation of neighbors’ behavior • Second-hand reputation • from neighbors’ reports

  14. first-hand reputation (1) • Each node observes the forwarding behavior of its neighbors: • Packets may be correctly forwarded, dropped, maliciously modified. • A node’s behavior follows the Dirichlet distribution Dir(α), where α = (α1, … , αn) • Conjugate prior to the Multinomial distribution • The probability that each independent trial result is exactly one of some fixed finite number n of possible outcomes with probabilities p1,…, pn • Bayes Theorem • Allows us to incorporate new observation into prior knowledge and obtain posterior probability of node’s behavior.

  15. first-hand reputation (2) • Combine the Dirichlet distribution and Bayes Theorem • Given the priorthe posterior distribution is calculated as • Starting with the initial state of the prior distribution, the parameters are updated when new data D is available • N represents instances of the new data • First-hand reputation value at a time t is equal to the expectation value of Dir(α)

  16. first-hand reputation - example • Behaviors of a node change from friendly to selfish and malicious.

  17. second-hand reputation • Collaborative monitoring :exchange first-hand reputation with the neighbors • Nodes are required to periodically broadcast • Deviation test – to detect false reports • Increase or decrease trust? • Incorporate the report into the total reputation value?

  18. trust • Indicates how trustworthy the neighbor’s reports are • The same Bayesian approach as for the fine-grained reputation system • Only two possible instances of behavior: trustworthy and not trustworthy • Use the Beta distribution, conjugate prior to the Binomial distribution • TAB ~ Beta(γ, δ), where γ = trustworthy, δ = not trustworthy. • Updated when the results of the deviation test are available • Trust value is calculated as:

  19. total reputation value • Merge first-hand and second-hand reputation information • Second-hand reputation is discounted by the factor ω(trust value) expressing the disbelief in the accuracy of the report

  20. Reputation Calculation Trust Table total reputation value 5. Merge first-hand and second-hand reputation values to derive total reputation value RAB 1. Calculate first-hand reputation FAB based on observations. Reputation Report FCB 3. Deviation Test and Trust Threshold Test 2. Second-hand reputation reports. 4. Depending on the outcome of the deviation test and the trust threshold test, decide whether to accept the second-hand reports. Reputation Report FDB Observation Windows 6. Update trust value for the reporters C and D: ωAC and ωAD. depending on the outcome of the deviation test.

  21. moving window mechanism • Two ways to update first-hand information • Based on all observations • Based on the most recent observations • Reduces computational complexity • Early detection of changes in behavior • Possibility of redemption over time for misbehaving nodes • To calculate first-hand information: • We divide historic information into time intervals of equal size and considered only a limited number of the most recent intervals

  22. moving window mechanism - example Reputation based on recent history better reflects changes in behavior

  23. integrating reputation into ad hoc routing (1) • Our fine-grained system classifies wireless nodes as friendly, selfish, or malicious. • Malicious nodes cause more damage than selfish nodes. • Reputation of each node is denoted by a vector containing friendly, selfish and malicious parameters (f, s, and m). • Each node consider reputation of neighbor nodes to route packets. <0.8, 0.2, 0.0> B A D C <0.9, 0.1, 0.1>

  24. integrating reputation into ad hoc routing (2) • Cost function converts a reputation vector <f,s,m> into a cost value used to determine most reliable path: where • Malicious nodes cause more damage than selfish nodes – therefore b<c • Routing when there is no distinction between selfish and malicious behavior: • Fine-grained reputation system • Beta reputation system

  25. integrating reputation into ad hoc routing (3) • Moving window size • Determines the sensitivity of the system • Allows gradual redemption

  26. simulation and evaluation (1) • 50 nodes are placed on 800m by 800m stage • Data packets emission rate is 50 packets/second • Low mobility – static • All nodes are connected • Random sender-destination pairs • Adobe Flash CS3, in AS3.0 • Graphical and interactive capabilities • Support for OO programming • Platform independence and portability

  27. simulation and evaluation (2) • Evaluation Metrics • Effective throughput • Percentage of packets manipulated by malicious nodes • Connectivity of the network • Compare fine-grained reputation system with • Beta system – classify nodes into friendly or selfish • Beta system – classify nodes into friendly or malicious

  28. simulation - scenarios • Same scenarios tested on all three systems • Selfish nodes – drop approx. 20% packets • Malicious nodes – inject approx. 20% packets • Number of misbehaving nodes varies form 4 – 40% of the population (add a reference about 40%)

  29. results (1) • Effective throughput • The ratio of legitimate traffic and total traffic, where legitimate means that the traffic was not produced as a consequence of the malicious activity • Our system shows highest effective throughput over beta systems

  30. results (2) • Percentage of packets manipulated by malicious nodes • Our system shows lowest percentage of packets manipulated by malicious nodes.

  31. results (3) • Connectivity: average cost for nodes to communicate with each other. • Our system shows higher connectivity over beta (malicious) system • Our system show slight lower connectivity over beta (selfish) system. But the increased connectivity in latter system is used to carry malicious traffic, which is indicated by lower effective throughput in beta (selfish system).

  32. results - conclusion • Random communication, 10% misbehaving on every 50 packets forwarded • Effective throughput • Beta malicious vs. <f,s,m> 2.84% increase • Beta selfish vs. <f,s,m> 2.5% increase • Percentage of malicious packets • Beta malicious vs. <f,s,m> 2.76% decrease • Beta selfish vs. <f,s,m> 2.49% decrease • Connectivity (over 40% set) • Beta malicious vs. <f,s,m> 9.55% increase • Beta selfish vs. <f,s,m> 10.56% decrease

  33. CONTRIBUTION • Proposed a novel solution to evaluating and managing reputation and trust in P2P environment. • Integrated reputation management into wireless ad hoc routing. • Defended wireless ad hoc network against misbehaving nodes. • Implemented and evaluated fine-grained reputation system in application of wireless ad hoc routing • Our system performs better than the Beta reputation systems: • higher effective throughput and • less packets manipulated by malicious nodes

  34. references • Buchegger, S., Le Boudec, J. (2002). Performance analysis of the CONFIDANT protocol: Cooperation Of Nodes – Fairness In Dynamic Ad-hoc NeTworks. IEEE/ACM Symposium on Mobile Ad Hoc Networking and Computing (MobiHOC), Lausanne, Switzerland. • Buchegger, S., Mundinger, J., Le Boudec, J. (2008). Reputation systems for self-organized networks: lessons learned. IEEE Technology and Society Magazine, Special Issue on Limits of Cooperation in Wireless Communications. • Buttyan, L., Hubaux, J. (2001). Nuglets: a virtual currency to stimulate cooperation in self-organized ad hoc networks. Lausanne, Switzerland, Institute for Computer Communications and Applications, Swiss Federal Institute of Technology. • Jakobsson, M., Hubaux, J., Buttyan, L. (2003). A micro-payment scheme encouraging collaboration in multi-hop cellular networks. Proceedings of Financial Crypto, La Guadeloupe. • Michiardi, P., Molva, R. (2002a). CORE: A COllaborative Reputation mEchanism to enforce node cooperation in mobile ad hoc networks. The IFIP TC6/TC11 Sixth Joint Working Conference on Communications and Multimedia Security: Advanced Communications and Multimedia Security. • Rebahi, Y., Mujica, V. E., Simons, C., Sisalem, D. (2005). SAFE: Securing pAcket Forwarding in ad hoc nEtworks. 5th Workshop on Applications and Services in Wireless Networks. Paris, France. • Wang, W., Li, X., Wang, Y. (2004a). Ad hoc-VCG: a truthful and cost-efficient routing protocol for mobile ad hoc networks with selfish agents. MobiCom '04, San Diego (CA), ACM. • Wang, Y., Giruka, V. C., Singhal, M. (2004b). A fair distributed solution for selfish nodes problem in wireless ad hoc networks. Ad-Hoc, Mobile, and Wireless Networks, Springer Berlin / Heidelberg. 3158: 211-224. • Yang, L., Kizza, J.M., Cemerlic, A., Liu, F. (2007). Fine-grained reputation-based routing in wireles ad hoc networks. IEEE International Conference on Intelligence and Security Informatics, New Brunswick, NY, IEEE. • Yang, L., Novobilski, A, Ege, R. (2008). Trust-based usage control in collaborative environment. The International Journal of Information Security and Privacy 2(2).

  35. questions?

More Related