Security and performance enhancement of AODV routing protocol

A mobile ad hoc networks (MANET) is a decentralized, self‐organizing, infrastructure‐less network and adaptive gathering of independent mobile nodes. Because of the unique characteristics of MANET, the major issues to develop a routing protocol in MANET are the security aspect and the network performance. In this paper, we propose a new secure protocol called Trust Ad Hoc On‐demand Distance Vector (AODV) using trust mechanism. Communication packets are only sent to the trusted neighbor nodes. Trust calculation is based on the behaviors and activities information of each node. It is divided in to trust global (TG) and trust local (TL). TG is a trust calculation based on the total of received routing packets and the total of sending routing packets. TL is a comparison between total received packets and total forwarded packets by neighbor node from specific nodes. Nodes conclude the total trust level of its neighbors by accumulating the TL and TG values. The performance of Trust AODV is evaluated under denial of service/distributed denial of service (DOS/DDOS) attack using network simulator NS‐2. It is compared with the Trust Cross Layer Secure (TCLS) protocol. Simulation results show that the Trust AODV has a better performance than TCLS protocol in terms of end‐to‐end delay, packet delivery ratio, and overhead. Next, we improve the performance of Trust AODV using ant algorithm. The proposed protocol is called Trust AODV + Ant. The implementation of ant algorithm in the proposed secure protocol is by adding an ant agent to put the positive pheromone in the node if the node is trusted. Ant agent is represented as a routing packet. The pheromone value is saved in the routing table of the node. We modified the original routing table by adding the pheromone value field. The path communication is selected based on the pheromone concentration and the shortest path. Trust AODV + Ant is compared with simple ant routing algorithm (SARA), AODV, and Trust AODV under DOS/DDOS attacks in terms of performance. Simulation results show that the packet delivery ratio and throughput of the Trust AODV increase after using ant algorithm. However, in terms of end‐to‐end delay, there is no significant improvement. Copyright © 2014 John Wiley & Sons, Ltd.     

A Trust-Distortion Resistant Trust Management Scheme on Mobile Ad Hoc Networks

Trust management is a promising approach to conduct nodes’ transactions and establish management interactions in mobile ad hoc networks, in which collaboration between nodes is critical to achieve system goals. Lack of centralized management, severe resource constraints (e.g. computing power, energy, bandwidth), and important network dynamics (e.g. topology changes, node mobility, node failure, propagation channel conditions) make the trust management a challenging task in such a network. Mainly, trust management frameworks are prone to attacks trying to deceive nodes’ estimation on other nodes’ trustworthiness, referred to as trust-distortion attacks. In order to inhibit such attacks, we propose a Trust-distortion Resistant Trust Management Scheme (TRTMS) which provides nodes with an accurate estimation on other nodes’ behavior and enables them to handle different trust-distortion attacks in a multi-attack environment. Simulation results prove that TRTMS significantly outperforms the existing alternatives in the literature in presence of simultaneous and contradictory different trust-distortion attacks.     

MANET 中基于信任的安全位置辅助路由模型

In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks, the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed Distance Based LAR. The improved Secure Trust based Location Aided Routing algorithm utilizes direct trust and recommendation trust to prevent malicious nodes with low trust values from joining the forwarding. Simulation results reveal that ST LAR can resist attacks by malicious nodes effectively; furthermore, it also achieves better performance than DBLAR in terms of average end to end delay, packet delivery success ratio and throughput.     

A non‐biased trust model for wireless mesh networks

Trust models that rely on recommendation trusts are vulnerable to badmouthing and ballot‐stuffing attacks. To cope with these attacks, existing trust models use different trust aggregation techniques to process the recommendation trusts and combine them with the direct trust values to form a combined trust value. However, these trust models are biased as recommendation trusts that deviate too much from one's own opinion are discarded. In this paper, we propose a non‐biased trust model that considers every recommendation trusts available regardless they are good or bad. Our trust model is based on a combination of 2 techniques: the dissimilarity test and the Dempster‐Shafer Theory. The dissimilarity test determines the amount of conflict between 2 trust records, whereas the Dempster‐Shafer Theory assigns belief functions based on the results of the dissimilarity test. Numerical results show that our trust model is robust against reputation‐based attacks when compared to trust aggregation techniques such as the linear opinion pooling, subjective logic model, entropy‐based probability model, and regression analysis. In addition, our model has been extensively tested using network simulator NS‐3 in an Infrastructure‐based wireless mesh networks and a Hybrid‐based wireless mesh networks to demonstrate that it can mitigate blackhole and grayhole attacks.     

A fuzzy‐based trust model for flying ad hoc networks (FANETs)

The use of unmanned aerial vehicles has significantly increased for forming an ad hoc network owing to their ability to perform in exciting environment such as armed attacks, border surveillance, disaster management, rescue operation, and transportation. Such types of ad hoc networks are popularly known as flying ad hoc networks (FANETs). The FANET nodes have 2 prominent characteristics—collaboration and cooperation. Trust plays an important role in predicting the behavior of such nodes. Researchers have proposed various methods (direct and indirect) for calculation of the trust value of a given node in ad hoc networks, especially in mobile ad hoc networks and vehicular ad hoc networks. The major characteristic that differentiates a FANET from other ad hoc networks is the velocity of the node; as a result, there are frequent losses in connection and topology change. Therefore, the existing methods of trust calculation are not efficient and effective. In this paper, a fuzzy‐based novel trust model has been proposed to handle the behavioral uncertainty of FANET nodes. Nodes are classified using a multicriteria fuzzy classification method based on node's behavior and performance in the fuzzy and complex environment. Quality of service and social parameter (recommendation) are considered for evaluating the trust value of each node to segregate the selfish and malicious nodes. With the node classification, FANET nodes are rewarded or punished to transform node behavior into a trust value. Compared with the existing trust techniques, the simulation results show that the proposed model has better adaptability, accuracy, and performance in FANETs.     

Study of trust‐based mechanism and its component model in MANET: Current research state,issues, and future recommendation

Security against routing attacks in MANET is most critical issue and traditional concepts of cryptography, authentication, or Watchdog are not that significant in mitigation of these attacks. In recent years, trust‐based approach provides a reputation system that compose of different components to provide security against routing attacks. In this paper, we provide an in‐depth analysis of various components that are used in trust‐based mechanism and techniques deployed in effective and efficient execution of task by the components. Trust‐based mechanisms generally have five components: monitoring and information gathering, trust calculation and evaluation unit, trust recommendation unit, decision‐making and dissemination of detection unit. All or some of these units cooperate together to provide a reliable communication environment with the aim to prevent routing attacks from participating in route formation process and detect attacking nodes simultaneously. Different routing attacks and measures in trust‐based mechanism along with some published work are discussed to understand the implementation of this type of mechanism. Various related issues are explored, discussed, and recommendations are pointed out for future research work in this field.     

Trust-aware secure routing protocol for wireless sensor networks

A trust-aware secure routing protocol (TSRP) for wireless sensor networks is proposed in this paper to defend against varieties of attacks. First, each node calculates the comprehensive trust values of its neighbors based on direct trust value, indirect trust value, volatilization factor, and residual energy to defend against black hole, selective forwarding, wormhole, hello flood, and sinkhole attacks. Second, any source node that needs to send data forwards a routing request packet to its neighbors in multi-path mode, and this continues until the sink at the end is reached. Finally, the sink finds the optimal path based on the path's comprehensive trust values, transmission distance, and hop count by analyzing the received packets. Simulation results show that TSRP has lower network latency, smaller packet loss rate, and lower average network energy consumption than ad hoc on-demand distance vector routing and trust based secure routing protocol.     

移动Ad hoc网络信任模型研究

AdHoc网络信任模型的工作流程分为收集客体的行为信息,计算信任值,最后进行信任决策3个环节。分析了当前Adhoc网络中的5类信任模型,即基于社会网络理论的信任模型、基于分簇的信任模型、基于图论的信任模型、基于非合作博弈论的信任模型和基于合作博弈论的信任模型。指出上述模型各有优缺点在构建Adhoc网络信任模型时,必经考虑适应网络的动态拓扑和成员关系的变化,所构建信任模型的密钥管理、信任管理如访问控制不能依赖固定的可信第三方的设施并减少模型中的假设条件,算法具有鲁棒性。     

P2P网络信任模型研究综述

近年来,对等网络（P2P）得到了迅速发展,但是由于P2P网络的开放性、匿名性等特点,节点之间的交流和服务存在着很大的安全隐患。信任模型作为一种解决方案,得到了广泛的研究和发展。文章在前人研究的基础上,分析了目前比较有代表性的P2P网络信任模型,归纳了目前普遍存在的一些问题,并对未来的研究做出了展望。     

Trust Establishment In Pure Ad-hoc Networks

An ad-hoc network is a set of limited range wireless nodes that function in a cooperative manner so as to increase the overall range of the network. Each node in the network pledges to help its neighbours by passing packets to and fro, in return of a similar assurance from them. All is well if all participating nodes uphold such an altruistic behaviour. However, this is not always the case and often nodes are subjected to a variety of attacks by other nodes. These attacks range from naive passive eavesdropping to vicious battery draining attacks. Routing protocols, data, battery power and bandwidth are the common targets of these attacks. In order to overcome such attacks a number of routing protocols have been devised that use cryptographic algorithms to secure the routing mechanism, which in turn protects the other likely targets. A limiting requirement regarding these protocols is the reliance on an omnipresent, and often omniscient, trust authority. In our opinion, this reliance on a central entity is against the very nature of ad-hoc networks, which are supposed to be improvised and spontaneous. We present in this paper, a trust-based model for communication in ad-hoc networks that is based on individual experience rather than on a third party advocating trust levels. The model introduces the notion of belief and provides a dynamic measure of reliability and trustworthiness in pure ad-hoc networks. Asad Amir Pirzada is presently doing his Ph.D. on trust and security issues in ad-hoc wireless networks at The University of Western Australia. His current research interests include wireless communications, networking, cryptography, real-time programming and data acquisition systems. He holds a BE Avionics from NED University Pakistan, a MSc Computer Science from Preston University USA and a MS Information Security from the National University of Sciences and Technology Pakistan. Chris McDonald holds a B.Sc(Hons) and Ph.D. in Computer Science from The University of Western Australia, and currently holds the appointments of senior lecturer in the School of Computer Science & Software Engineering at UWA and adjunct professor in the Department of Computer Science at Dartmouth College, New Hampshire. Chris has recently taught in the areas of computer networking, operating systems, computer & network security, computer architecture, distributed systems programming and, together with these areas, his research interests include network simulation, ad-hoc & mobile networking, programming language implementation, open-source software.     

基于信任管理系统的可信路由器的设计与实现(英文)

This paper presents a scheme to perform QoS management and assure network security by using the trusted-router based on the Trust Management System.In this trusted-router,every IP packet is forwarded and queued by its trust value,which is the quantification of the network's expectation for this packet's and its owner's behavior in the network.We outline the algorithms to calculate the trust value of the trusted-router and the IP packet.We also introduce the trust-based QoS management algorithm and the deplo...     

Faster-than-Nyquist Transmission in SC-FDE System Over Frequency Selective Channel with Concatenated Equalizers

The trustworthiness and connectivity of the network depends on the energy drain rate of mobile nodes. Colluders like vampire nodes in ad hoc network make it more vulnerable as they rapidly drain considerable amount of energy. This generic vampire attacks seem to capitalize on the potential features of the incorporated baseline protocol used for facilitating trustworthy data dissemination. The main goal of this paper is to formulate an attack prevention scheme that uses fuzzy trust relationship perspective for detecting vampire attacks and enforcing reduced energy drain rate of colluding mobile nodes. This fuzzy trust relationship perspective-based prevention mechanism (FTRPPM) initially estimates the associative trust and associative reputation of mobile nodes. Further, it quantifies the impact of factors that could induce vampire attack in the network under its influence. Finally, it facilitates the detection of vampire nodes based on the established ranges of threshold that are dynamically adjusted based on quantified level of probability factor. The empirical and simulation results of FTRPPM is confirmed to be exceptional as it ensures a remarkable improvement in mean PDR of 16% and mean throughput of 14% under the impact of increasing number of mobile nodes on par with the existing vampire attack mitigation schemes.     

一种基于P2P系统的分布式信任模型

在P2P环境中,信任管理是一个新颖而又重要的安全问题。提出了一种基于P2P系统的分布式信任模型,该模型在Chord协议的基础上进行扩展,采用了一种新的信任值发布、查询、获取的方法,信任值的计算与更新的过程,采用了全局信任值和局部信任度合成的方法。分析表明该模型能够满足信任值的安全管理需求,保证了在开放分布的P2P环境下信任值的存储,更新,和获取的安全性,为信任管理研究提供了一种新思路。     

Novel approach of distributed & adaptive trust metrics for MANET

It is known to all that mobile ad hoc network (MANET) is more vulnerable to all sorts of malicious attacks which affects the reliability of data transmission because the network has the characteristics of wireless, multi-hop, etc. We put forward novel approach of distributed & adaptive trust metrics for MANET in this paper. Firstly, the method calculates the communication trust by using the number of data packets between nodes, and predicts the trust based on the trend of this value, and calculates the comprehensive trust by considering the history trust with the predict value; then calculates the energy trust based on the residual energy of nodes and the direct trust based on the communication trust and energy trust. Secondly, the method calculates the recommendation trust based on the recommendation reliability and the recommendation familiarity; adopts the adaptive weighting, and calculates the integrate direct trust by considering the direct trust with recommendation trust. Thirdly, according to the integrate direct trust, considering the factor of trust propagation distance, the indirect trust between nodes is calculated. The feature of the proposed method is its ability to discover malicious nodes which can partition the network by falsely reporting other nodes as misbehaving and then proceeds to protect the network. Simulation experiments and tests of the practical applications of MANET show that the proposed approach can effectively avoid the attacks of malicious nodes, besides, the calculated direct trust and indirect trust about normal nodes are more conformable to the actual situation.

     

Research on trust sensing based secure routing mechanism for wireless sensor network

Aiming at the serious impact of the typical network attacks caused by the limited energy and the poor deployment environment of wireless sensor network (WSN) on data transmission,a trust sensing based secure routing mechanism (TSSRM) with the lightweight characteristics and the ability to resist many common attacks simultaneously was proposed.Based on the analysis of the characteristics of network attack,the trust degree calculation model was constructed by combining node’s behavior with energy,at the same time the security route selection algorithm was also optimized by taking trust degree and QoS metrics into account.Performance analysis and simulation results show that TSSRM can improve the security and effectiveness of WSN.     

物联网中信任管理机制(英)

Trust management has been proven to be a useful technology for providing security service and as a consequence has been used in many applications such as P2P,Grid,ad hoc network and so on.However,few researches about trust mechanism for Internet of Things(IoT) could be found in the literature,though we argue that considerable necessity is held for applying trust mechanism to IoT.In this paper,we establish a formal trust management control mechanism based on architecture modeling of IoT.We decompose the IoT into three layers,which are sensor layer,core layer and application layer,from aspects of network composition of IoT.Each layer is controlled by trust management for special purpose:self-organized,affective routing and multi-service respectively.And the final decision-making is performed by service requester according to the collected trust information as well as requester' policy.Finally,we use a formal semantics-based and fuzzy set theory to realize all above trust mechanism,the result of which provides a general framework for the development of trust models of IoT.     

自组织Ad Hoc网络的信任路径研究

信任机制是Ad Hoc网络安全通信的前提。针对AdHoc网络自组织信任模型,给出信任和推荐信任的定义,设计由最大入度算法和基于证据理论度量信任的评估算法共同构成的一种最优信任路径选择算法．模拟结果和性能分析表明在小规模的Ad Hoc网络中,该算法具有良好的复杂度O（n）,信任路径经过恶意节点的比率下降3％．5％,丢包率也降低4％～10％。事实证明该算法在小规模Ad Hoc网络中具有良好性能。     

A Secure Routing Protocol with Trust and Energy Awareness for Wireless Sensor Network

Nodes in most of the deployments of Wireless Sensor Networks (WSNs) remain un-administered and exposed to variety of security attacks. Characterized by constrained resources and dynamically changing behavior of sensor nodes, reliable data delivery in WSNs is nontrivial. To counter node misbehavior attacks, traditional cryptographic and authentication based solutions have proved to be inappropriate due to high cost and incapability factors. Recently, trust based solutions have appeared to be viable solutions to address nodes’ misbehavior attacks. However, the existing trust based solutions incur high cost in trust estimation and network-wide dissemination which significantly increases traffic congestion and undermines network lifetime. This paper presents a Trust and Energy aware Secure Routing Protocol (TESRP) for WSN that exploits a distributed trust model for discovering and isolating misbehaving nodes. TESRP employs a multi-facet routing strategy that takes into consideration the trust level, residual energy, and hop-counts of neighboring nodes while making routing decisions. This strategy not only ensures data dissemination via trusted nodes but also balances out energy consumption among trusted nodes while traversing through shorter paths. Demonstrated by simulation results in NS-2, TESRP achieves improved performance in terms of energy consumption, throughput and network lifetime as compared to existing solutions.     

基于物联网节点行为检测的信任评估方法

针对物联网感知层节点的信任研究未能兼顾信任评估的主客观性且信任传递能耗大的问题,提出一种基于节点行为检测的低能耗信任评估模型。该模型采用事件触发检测与周期性检测相结合的方式,通过直接信任值、统计信任值与推荐信任值3种信任因子计算综合信任值,进而判断节点行为是否发生异常。仿真实验结果表明本方法有效兼顾信任评估的主客观性,同时可以快速规避恶意节点并降低信任传递能耗。     

物联网分布式路由中基于Beta函数的抗攻击信任管理模型

With the rapid development of Internet of Things (IoT), the issue of trust in distributed routing systems has attracted more research attention. The existing trust management frameworks, however, suffer from some possible attacks in hostile environments, such as false accusation, collusion, on-off, and conflicting behavior. Therefore, more comprehensive models should be proposed to predict the trust level of nodes on potential routes more precisely, and to defeat several kinds of possible attacks. This paper makes an attempt to design an attack-resistant trust management model based on beta function for distributed routing strategy in IoT. Our model can evaluate and propagate reputation in distributed routing systems. We first describe possible attacks on existing systems. Our model is then proposed to establish reliable trust relations between self-organized nodes and defeat possible attacks in distributed routing systems. We also propose a theoretical basis and skeleton of our model. Finally, some performance evaluations and security analyses are provided to show the effectiveness and robustness of our model compared with the existing systems.