A Risk-Aware Reputation-Based Trust Management in Wireless Sensor Networks

Wireless sensor networks (WSNs) are susceptible to many security threats and are specifically prone to physical node capture in which the adversary can easily launch the so-called insider attacks such as node compromise, bypassing the traditional security mechanisms based on cryptography primitives. So, the compromised nodes can be modified to misbehave and disrupt the entire network and can successfully perform the authentication process with their neighbors, which have no way to distinguish fraudulent nodes from trustworthy ones. Trust and reputation systems have been recently suggested as a powerful tools and an attractive complement to cryptography-based schemes in securing WSNs. They provide ability to detect and isolate both faulty and malicious nodes. Considerable research has been done on modeling and managing trust and reputation. However, trust topic issue in WSNs remains an open and challenging field. In this paper, we propose a Risk-aware Reputation-based Trust (RaRTrust) model for WSNs. Our novel framework uses both reputation and risk to evaluate trustworthiness of a sensor node. Risk evaluation is used to deal with the dramatic spoiling of nodes, which makes RaRTrust robust to on–off attack and differ from other trust models based only on reputation. This paper contributes to model the risk as opinion of short-term trustworthiness combining with traditional reputation evaluation to derive trustworthiness in WSNs.

     

A Cognitive Energy Efficient and Trusted Routing Model for the Security of Wireless Sensor Networks: CEMT

There are many smart applications evolved in the area of the wireless sensor networks. The applications of WSNs are exponentially increasing every year which creates a lot of security challenges that need to be addressed to safeguard the devices in WSN. Due to the dynamic characteristics of these resource constrained devices in WSN, there must be high level security requirements to be considered to create a high secure environments. This paper presents an efficient multi attribute based routing algorithm to provide secure routing of information for WSNs. The work proposed in this paper can decrease the energy and enhances the performance of the network than the currently available routing algorithm such as multi-attribute pheromone ant secure routing algorithm based on reputation value and ant-colony optimization algorithm. The proposed work secures the network environment with the improved detection techniques based on nodes’ higher coincidence rates to find the malicious behavior using trust calculation algorithm. This algorithm uses some QoS parameters such as reliability rate, elapsed time to detect impersonation attacks, and stability rate for trust related attacks, to perform an efficient trust calculation of the nodes in communication. The outcome of the simulation show that the proposed method enhances the performance of the network with the improved detection rate and secure routing service.

     

基于改进D-S证据理论的信任评估模型

针对已有的信任证据模型不能快速有效地处理分布式网络中存在的恶意攻击,且缺乏关于三元信任关系组的信任归一方法,提出了一种基于改进D-S证据理论的信任模型,在此基础上,提出了基于持续序列的基本可信度函数和基于评估函数的信任评估方法,使得模型能更快地抑制恶意节点,并且评估结果更贴近现实值。通过分析与仿真,验证了本模型具有抑制聚集信任攻击的有效性和健壮性,同时信任评估方法更具合理性和准确性。     

Multiregional secure localization using compressive sensing in wireless sensor networks

Security and accuracy are two issues in the localization of wireless sensor networks (WSNs) that are difficult to balance in hostile indoor environments. Massive numbers of malicious positioning requests may cause the functional failure of an entire WSN. To eliminate the misjudgments caused by malicious nodes, we propose a compressive‐sensing–based multiregional secure localization (CSMR_SL) algorithm to reduce the impact of malicious users on secure positioning by considering the resource‐constrained nature of WSNs. In CSMR_SL, a multiregion offline mechanism is introduced to identify malicious nodes and a preprocessing procedure is adopted to weight and balance the contributions of anchor nodes. Simulation results show that CSMR_SL may significantly improve robustness against attacks and reduce the influence of indoor environments while maintaining sufficient accuracy levels.     

基于简化云与K/N投票的选择性转发攻击检测方法

针对无线传感器网络中恶意节点产生的选择性转发攻击行为,该文提出一种有效的攻击检测方法。该方法将简化云模型引入信任评估中,结合改进的K/N投票算法确定目标节点的信任值,将目标节点信任值与信任阈值比较,进行选择性转发攻击节点的判定。仿真结果表明,当信任阈值为0.8时,经过5个时间段后,该方法能够有效地检测出网络中的选择性转发攻击节点,具有较高的检测率和较低的误检率。     

Self-Recommendation Mechanism in Trust Calculation Among Nodes in WSN

This paper proposes a node self-recommendation mechanism which is effective in trust calculation model in wireless sensor networks (WSNs). The mechanism has little practical sense to cable and wireless network among which nodes’ resources, especially energy, are almost unlimited; furthermore it may bring some security risk to networks on the contrary. But as to WSNs where nodes’ resources are strictly limited, a node can express its intension of participating communication to its neighbors by using the mechanism according to its current running state and predefined strategies. This mechanism is useful to save nodes’ energy, balance network load and prolong network lifetime ultimately. The paper focuses on self-recommendation value expression, calculation and synthesis method. Application method of the mechanism is also discussed. Simulation results show that using trust calculation model cooperatively with self-recommendation mechanism can protect low energy nodes effectively and balance energy consumption among adjacent nodes without weakening malicious node identification function of the trust model.

     

An efficient weighted trust‐based malicious node detection scheme for wireless sensor networks

The aim of wireless sensor networks (WSNs) is to gather sensor data from a monitored environment. However, the collected or reported information might be falsified by faults or malicious nodes. Hence, identifying malicious nodes in an effective and timely manner is essential for the network to function properly and reliably. Maliciously behaving nodes are usually detected and isolated by reputation and trust‐based schemes before they can damage the network. In this paper, we propose an efficient weighted trust‐based malicious node detection (WT‐MND) scheme that can detect malicious nodes in a clustered WSN. The node behaviors are realistically treated by accounting for false‐positive and false‐negative instances. The simulation results confirm the timely identification and isolation of maliciously behaving nodes by the WT‐MND scheme. The effectiveness of the proposed scheme is afforded by the adaptive trust‐update process, which implicitly performs trust recovery of temporarily malfunctioning nodes and computes a different trust‐update factor for each node depending on its behavior. The proposed scheme is more effective and scalable than the related schemes in the literature, as evidenced by its higher detection ratio (DR) and lower misdetection ratio (MDR), which only slightly vary with the network's size. Moreover, the scheme sustains its efficient characteristics without significant power consumption overheads.     

A Robust User Authentication Scheme Using Dynamic Identity in Wireless Sensor Networks

In modern, wireless sensor networks (WSNs) stand for the next evolutionary and innovative development step in utilities, industrial, building, home, shipboard, and transportation systems automation. The feature of WSNs is easy to deploy and has wide range of applications. Therefore, in distributed and unattended locations, WSNs are deployed to allow a legitimated user to login to the network and access data. Consequently, the authentication between users and sensor nodes has become one of the important security issues. In 2009, M. L. Das proposed a two-factor authentication for WSNs. Based on one-way hash function and exclusive-OR operation, the scheme is well-suited for resource constrained environments. Later, Khan and Algahathbar pointed out the flaws and vulnerabilities of Das’s scheme and proposed an alternative scheme. However, Vaidya et al. found that both Das’s and Khan–Algahathbar’s schemes are vulnerable to various attacks including stolen smart card attacks. Further, Vaidya et al. proposed an improved two-factor user authentication to overcome the security weakness of both schemes. In this paper, we show that Vaidya et al.’s scheme still exposes to a malicious insider attack that seriously threatens the security of WSNs. Furthermore, we propose an improve scheme that mends those vulnerabilities.     

一种分布式网络环境下基于挑战-响应模型的可信评估方法

运用信任模型进行可信评估是解决分布式网络安全问题的重要手段。然而,目前大部分研究工作把研究重点放在如何收集更完整的信任证据,以及如何利用一些新手段如机器学习、区块链等评估节点信任值,很少对如何获取节点可靠的初始信任值进行研究。实际上,针对分布式网络提出的很多信任模型都依赖于历史信任证据,而初次对网络进行可信评估时并不具备相关历史信息。基于此,该文面向分布式网络环境的安全问题,提出了基于挑战-响应模型的可信评估方法。首先利用挑战-响应模型获取节点可靠的初始信任值,并利用此初始信任值对网络中的节点进行分簇,在簇内进行信任值计算和信任值更新,完成分布式网络环境下完整的可信评估流程。仿真结果表明,相较于统一设置初始信任值的方式,该文所提方法能对恶意节点、自私节点的信任值有较准确的预测,同时对恶意节点的检测率也更高。     

A Game Theory Based Multi Layered Intrusion Detection Framework for Wireless Sensor Networks

Most of the existing intrusion detection frameworks proposed for wireless sensor networks (WSNs) are computation and energy intensive, which adversely affect the overall lifetime of the WSNs. In addition, some of these frameworks generate a significant volume of IDS traffic, which can cause congestion in bandwidth constrained WSNs. In this paper, we aim to address these issues by proposing a game theory based multi layered intrusion detection framework for WSNs. The proposed framework uses a combination of specification rules and a lightweight neural network based anomaly detection module to identify the malicious sensor nodes. Additionally, the framework models the interaction between the IDS and the sensor node being monitored as a two player non-cooperative Bayesian game. This allows the IDS to adopt probabilistic monitoring strategies based on the Bayesian Nash Equilibrium of the game and thereby, reduce the volume of IDS traffic introduced into the sensor network. The framework also proposes two different reputation update and expulsion mechanisms to enforce cooperation and discourage malicious behavior among monitoring nodes. These mechanisms are based on two different methodologies namely, Shapley Value and Vickery–Clark–Grooves (VCG) mechanism. The complexity analysis of the proposed reputation update and expulsion mechanisms have been carried out and are shown to be linear in terms of the input sizes of the mechanisms. Simulation results show that the proposed framework achieves higher accuracy and detection rate across wide range of attacks, while at the same time minimizes the overall energy consumption and volume of IDS traffic in the WSN.     

基于云模型的无线传感器网络恶意节点识别技术的研究

 无线传感器网络(Wireless Sensor Network,简称WSN)是一种没有基础设施的自组织无线网络.和其它网络一样,WSN需要安全措施来保证网络通信的安全.但是,在无线传感器网络中,基于密码的安全体系不能有效处理来自网络内部的攻击,识别出恶意节点.因此,信任模型被用于无线传感器网络恶意节点识别.在信任模型和云理论的研究基础上,本文构建了一个基于云理论的无线传感器网络信任模型——云信任模型(CTM,Cloud-based Trust Model).实验结果表明,云信任模型能够有效识别恶意节点.     

面向云计算基于双层激励和欺骗检测的信任模型

针对云计算环境下存在的信任问题,该文提出基于双层激励和欺骗检测的信任模型(CCIDTM)。该模型提出了一组云计算服务属性评价指标,引入了信任度随时间衰减的动态信任机制,建立了对服务提供商服务行为和用户评价行为的双层激励机制,提出了一个共谋欺骗检测算法,提高了模型的动态适应性和评价的综合性。实验结果表明,与已有信任模型相比,该模型评估的结果更接近服务提供商的真实服务行为,能够有效地抵抗各种恶意行为的攻击,表现出良好的鲁棒性。     

无线传感器网络基于节点行为的信誉评测模型

提出了一种无线传感器网络下的节点行为评测模型MA&TP-BRSN.MA&TP-BRSN综合考虑了网内节点的多种内部攻击行为和自私行为,并给出了对应于各类攻击的节点信任值的计算和整合方法.同时,为了消除测评过程中第三方节点恶意推荐和诋毁行为对测评结果的影响,MA&TP-BRSN引入了节点评价行为的概念,将节点评价行为与通信行为区分开来,建立了对第三方节点恶意评价行为的具体测评方法,并在此基础上给出了节点间接信誉参数的更新计算方法.实验结果表明,该模型能够更快更准确地识别出具有多种恶意行为的内部节点,并在一定程度上消除了高信誉节点的恶意诽谤行为对测评结果的影响.     

Novel approach of distributed & adaptive trust metrics for MANET

It is known to all that mobile ad hoc network (MANET) is more vulnerable to all sorts of malicious attacks which affects the reliability of data transmission because the network has the characteristics of wireless, multi-hop, etc. We put forward novel approach of distributed & adaptive trust metrics for MANET in this paper. Firstly, the method calculates the communication trust by using the number of data packets between nodes, and predicts the trust based on the trend of this value, and calculates the comprehensive trust by considering the history trust with the predict value; then calculates the energy trust based on the residual energy of nodes and the direct trust based on the communication trust and energy trust. Secondly, the method calculates the recommendation trust based on the recommendation reliability and the recommendation familiarity; adopts the adaptive weighting, and calculates the integrate direct trust by considering the direct trust with recommendation trust. Thirdly, according to the integrate direct trust, considering the factor of trust propagation distance, the indirect trust between nodes is calculated. The feature of the proposed method is its ability to discover malicious nodes which can partition the network by falsely reporting other nodes as misbehaving and then proceeds to protect the network. Simulation experiments and tests of the practical applications of MANET show that the proposed approach can effectively avoid the attacks of malicious nodes, besides, the calculated direct trust and indirect trust about normal nodes are more conformable to the actual situation.

     

A Secure Routing Protocol with Trust and Energy Awareness for Wireless Sensor Network

Nodes in most of the deployments of Wireless Sensor Networks (WSNs) remain un-administered and exposed to variety of security attacks. Characterized by constrained resources and dynamically changing behavior of sensor nodes, reliable data delivery in WSNs is nontrivial. To counter node misbehavior attacks, traditional cryptographic and authentication based solutions have proved to be inappropriate due to high cost and incapability factors. Recently, trust based solutions have appeared to be viable solutions to address nodes’ misbehavior attacks. However, the existing trust based solutions incur high cost in trust estimation and network-wide dissemination which significantly increases traffic congestion and undermines network lifetime. This paper presents a Trust and Energy aware Secure Routing Protocol (TESRP) for WSN that exploits a distributed trust model for discovering and isolating misbehaving nodes. TESRP employs a multi-facet routing strategy that takes into consideration the trust level, residual energy, and hop-counts of neighboring nodes while making routing decisions. This strategy not only ensures data dissemination via trusted nodes but also balances out energy consumption among trusted nodes while traversing through shorter paths. Demonstrated by simulation results in NS-2, TESRP achieves improved performance in terms of energy consumption, throughput and network lifetime as compared to existing solutions.     

Detection of Replica Node Attack Based on Exponential Moving Average Model in Wireless Sensor Networks

Due to the broadcast nature of wireless communication, wireless sensor networks (WSNs) are susceptible to several attacks. Amongst them, replica attack is one of the predominates as it facilitates the attackers to perform some other attacks. So, it is of immense significance to design a competent security method for WSNs. Introducing a trust method is the primary concern for assisting well-organized use of the available energy in each node in the energy restricted environment. In order to tradeoff between energy usage and attack detection, energy-based prediction approach is deemed to be a suitable one. A statistical method, exponential moving average (EMA) model based replica detection is proposed to detect replica node attack based on energy consumption threshold in WSNs. The difference between actual and predicted energy consumption exceeding the threshold level is considered as malicious. In this paper, future energy drop of a sensor node is forecasted using statistical measure instead of probabilistic method. In EMA model, the transition from higher power consuming state (active state) to lower power consuming states (sleep and sense states) is controlled by a fixed schedule. The accumulated average time of the node was in any state in the past is used to estimate the time duration of a node that spends in that state. Unlike Markov Model, the estimations of energy are made periodically. By this, computational overhead on the microcontroller of the sensor is greatly reduced in EMA approach. The simulation results taken using TRM simulator shows that choosing the threshold value which is neither too large nor too small results in optimum level of detection accuracy and lifetime of the network.

     

MANET 中基于信任的安全位置辅助路由模型

In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks, the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed Distance Based LAR. The improved Secure Trust based Location Aided Routing algorithm utilizes direct trust and recommendation trust to prevent malicious nodes with low trust values from joining the forwarding. Simulation results reveal that ST LAR can resist attacks by malicious nodes effectively; furthermore, it also achieves better performance than DBLAR in terms of average end to end delay, packet delivery success ratio and throughput.     

Research on cloud computing users’ public safety trust model based on scorecard-random forest

Traditional cloud computing trust models mainly focused on the calculation of the trust of users’ behavior.In the process of classification and evaluation,there were some problems such as ignorance of content security and lack of trust division verification.Aiming to solve these problems,cloud computing users’ public safety trust model based on scorecard-random forest was proposed.Firstly,the text was processed using Word2Vec in the data preprocessing stage.The convolution neural network (CNN) was used to extract the sentence features for user content tag classification.Then,scorecard method was used to filter the strong correlation index.Meanwhile,in order to establish the users’ public safety trust evaluation model in cloud computing,a random forest method was applied.Experimental results show that the proposed users’ public safety trust evaluation model outperforms the general trust evaluation model.The proposed model can effectively distinguish malicious users from normal users,and it can improve the efficiency of the cloud computing users management.     

一种传感器网络的分布式信任模型

传感器网络面临的攻击很多,尤其是内部节点进行的攻击带来的危险最大。同时,传感器网络特别是军用传感器网络不能采用建立信任中心的信任模型,导致其内部节点的恶意行为更难以控制。通过引入基于CPK认证的源地址认证模块,使用第三方推荐信任,并结合多种相关的网络行为属性,能够为用户提供更准确可信的信任度计算能力作为参考依据,使用户可以根据信任度对权限进行控制,以达到控制恶意行为的目的。     

一种基于云模型的WSNs节点信誉安全方案

针对已有基于轻量云模型的节点信誉安全方案中存在的决策困难问题以及推荐节点的恶意行为识别问题,提出了优化的轻量云模型MLCM(Modified Light-weighted Cloud Model),并在此基础上设计实现一种新型的节点信誉安全方案.首先,在传统无线传感网信任管理信任值的处理方式的基础上,对节点的直接信任值和间接信任值进行综合处理后再利用云模型简化逆向云算子进行计算,以解决信任误判问题;其次,用云隶属度函数计算推荐信任值,在涉及推荐节点信任值计算时可以提高恶意节点识别的准确度.实验表明,该方案在克服传统的入侵容忍和敏感度之间矛盾问题的同时,还解决了攻击节点对单一节点发动攻击时造成的决策困难问题和恶意节点准确识别问题.