1 / 41

Fenye Bao , Ing -Ray Chen, Moonjeong Chang Presented by: Changlai Du Feb 27, 2014

Hierarchical Trust Management for Wireless Sensor Networks and its Applications to Trust-Based Routing and Intrusion Detection. Fenye Bao , Ing -Ray Chen, Moonjeong Chang Presented by: Changlai Du Feb 27, 2014. Contents. Introduction System Model

miya
Download Presentation

Fenye Bao , Ing -Ray Chen, Moonjeong Chang Presented by: Changlai Du Feb 27, 2014

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Hierarchical Trust Management for Wireless Sensor Networks and its Applications to Trust-Based Routing and Intrusion Detection FenyeBao, Ing-Ray Chen, Moonjeong Chang Presented by: Changlai Du Feb 27, 2014

  2. Contents • Introduction • System Model • Hierarchical Trust Management Protocol • Performance Model • Trust Evaluation Results • Trust-based Geographic Routing • Trust-based Intrusion Detection • Conclusion

  3. Introduction • Propose a cluster-based hierarchical trust management protocol for WSNs. • Utilize both Quality of Service (QoS) and Social Networking attributes to model the behaviors of nodes to determine their reliability. • Highly scalable due to being a cluster-based model. • Apply the protocol to trust-based geographic routing and trust-based intrusion detection.

  4. Wireless Sensor Network • A Wireless Sensor Network (WSN) refers to a distributed network of autonomous sensors, each operating independently for the greater good of the network. • A WSN is inherently unstable due to the independence of the Sensor Nodes (SN) and their different operating characteristics, including malicious and selfish activity. • The WSN must take input from its SNs, evaluate their input, and determine the overall picture for what is happening across its network.

  5. Sensor Node • A SN monitors physical or environmental conditions, such as temperature, sound, vibration, pressure, motion, or pollutants. • A SN is can transmit, or forward information through multi-hop routing. • SNs have very limited resources: • Energy • Memory • Computational Power • May be compromised and perform to malicious attacks.

  6. Cluster Head • A Cluster Head (CH) is a node that has been elected to take charge of a group of SNs. • A CH receives direct input from each of its SNs. • A CH forwards the data to base station or destination node through other CHs. • CHs use more energy than SNs.

  7. Abnormal Node Behavior • Malicious Node • A node may be captured by the enemy at any point and start passing erroneous information or drop packets. • A node is more likely to become malicious if it has low energy or if it is surrounded by malicious nodes. • Selfish Node • A node may become selfish if its energy becomes low relative to its neighbors’. • “Selfish” can be thought of as “efficient”. If a node recognizes that its battery level is low and its neighbors have sufficient energy, it may start dropping packets so its neighbors pick up more of the burden. • The challenge becomes: How do we create a model such that malicious and selfish nodes can be identified and the WSN can adjust to these conditions to achieve a near-optimal performance?

  8. System Model • Leveraging a two-level hierarchy in the WSN, the protocol is conducted using periodic peer-to-peer trust evaluation between two SNs and two CHs. • Each SN reports it p2p evaluation result to other SNs in the cluster and its CH. • The CHs perform CH-to-SN trust evaluation towards SNs in its cluster. • Each CH reports it p2p evaluation result to other CHs in the system to other CHs and the base station.

  9. How Does Trust Factor In? • Once the hierarchy is established, the evaluations completed by each node follow a trust scheme that allows for direct and indirect trust-based reporting. • Trust Composition includes both social trust and QoS trust. • Social trust: intimacy, honesty, privacy, centrality and connectivity. • QoS trust: competence, cooperativeness, reliability, task completion capability. • In this work we consider intimacy, honesty, energy, unselfishness

  10. Trust metrics • Intimacy • Reflects the relative degree of interaction experiences between two nodes • The more positive experiences SN A had with SN B, the more trust and confidence SN A will have toward SN B • Honesty • Implies whether a node is malicious or not • Energy • Measures if a SN is competent in performing its intended function • Unselfishness • Reflects if a SN can cooperatively execute the intended protocol.

  11. Hierarchical Trust Management Protocol • Peer-to-peer trust evaluation • SN-levels • CH-levels • CH-to-SN Trust Evaluation • Station-to-CH Trust Evaluation

  12. Evaluation Process • A weighted evaluation is performed and all four metrics are factored into one, overall trust score: • Tij(t) denotes the trust that node i has toward node j at time t. • Deciding the best values of w1, w2, w3, and w4 to maximize application performance is a trust formation issue which is explored in this paper.

  13. Peer-to-Peer Trust Evaluation • P2P Trust Evaluation is performed between SNs and between CHs. • When node i evaluates its trust toward a neighbor node j • It snoops, or overhears enough data to provide direct observation. • i should also refer to past experiences. • When i evaluates a node that is beyond its communication range • it will use its past experiences. • It must also use recommendations from its 1-hop neighbors.

  14. Peer-to-Peer Trust Evaluation • This relationship is represented as follows: • γ and α represent weights associated with trust decay. X represents one of the four trust components.

  15. Peer-to-Peer Trust Factors • This measures the level of interaction experiences. It is computed by the number of interactions between node i and j over the maximum number of interactions between node i and any neighbor node over the time period [0, t]. • This refers to the belief of node ithat node j is honest based on node i’s direct observations toward node j. • It’s estimated by keeping a count of suspicious dishonest experiences of node j which node I has observed during [0, t] using a set of anomaly detection rules. • If the count exceeds a system-defined threshold, the value is 0. • Otherwise, the value is 1 minus the ratio of the count to the threshold.

  16. Peer-to-Peer Trust Factors • This refers to the belief of node ithat node j still has adequate energy (representing competence) to perform its intended function. • It is measured by the percentage of node j’s remaining energy • It is estimated utilizing some energy consumption model • This provides the degree of unselfishness of node j as evaluated by node i based on direct observation over [0, t]. • Node i may apply overhearing and snooping techniques to detect selfish behaviors of node j.

  17. Peer-to-Peer Trust Evaluation • This relationship is represented as follows: • When i evaluates a node that is not 1-hop neighbor • use its past experience • use recommendations from its 1-hop neighbors

  18. Parameters Defined • α - Weight that represents a more instantaneous evaluation, since the higher α, the more weight is given to time t. • γ – weight between recommendations vs. past experiences • β – Represents the impact of “indirect recommendations”. • indirect recommendations is normalized to βTik(t) relative to 1 assigned to past experiences

  19. CH-to-SN Trust Evaluation • Once all calculations are complete for a given time period t, the CH applies statistical analysis principles to all Tij(t) values received to perform CH-to-SN trust evaluation toward node j. • CH can also detect any outliers in the cluster to see if any good-mouthing or bad-mouthing is occurring. • The CH can exclude a sensor from reading and routing duties.

  20. Station-to-CH Trust Evaluation • CH-to-CH trust evaluation is peer-to-peer. • Station-to-CH trust evaluation performs in a similar way as CH-to-SN evaluation.

  21. Performance Model • A Stochastic Petri Net model is used to provide a basis for obtaining ground truth status of nodes in the system. • It derives objective trust against which subjective trust obtained as a result of executing our hierarchical trust management protocol can be checked and validated.

  22. Petri Net Model - Energy • Place Energy indicates the remaining energy level of the node • A token will be released from place Energy when transition T_ENERGY is triggered. • The rate of transition T_ENERGY indicates the energy consumption rate. • Energy consumption rates: • Normal nodes • Selfish nodes

  23. Petri Net Model - Selfishness • A node may become selfish to save energy. • An unselfish node may turn selfish in every trust evaluation interval Δt according to its remaining energy and the number of unselfish neighbors around. • A selfish node may redeem itself as unselfish to achieve a service availability goal. • Putting a token into place SN when transition T_SELFISH is triggered and removing the token from place SN when transition T_REDEMP is triggered

  24. Petri Net Model - Compromise • A node becomes compromised when T_COMPRO fires and places a token in CN. • Model the IDS behavior through transition T_IDS • Rate is for compromised nodes • for good nodes (typo error)

  25. Subjective Trust Evaluation • If j is a selfish node (a/c), compromised node (b/c) or normal node (c/c) • a, b and c: The average numbers of interactions of node i with a selfish node, a compromised node and a normal node

  26. Objective Trust Evaluation • Compute objective trust based on actual status as provided by the SPN model output using exactly the same status value assignment as shown in Table I to yield ground truth status of node j at time t. • Tj,obj(t), is also a weighted linear combination of four trust component values

  27. Trust Evaluation Results

  28. Trust Evaluation Results • The trust evaluation consists of two parts • trust composition and trust aggregation • trust formation • Assertion • each trust property X has its own best α and β values • subjective assessment would be the most accurate against actual status of node j in trust property X • because different trust properties have their own intrinsic trust nature and react differently to trust decay over time

  29. Trust Evaluation Results • Larger α indicates that subjective trust evaluation relies more on direct observations compared with past experiences • Larger β indicates that subjective trust evaluation relies more on indirect recommendations provided by recommenders compared with past experiences

  30. Trust Evaluation Results • The best α and β values intrinsically depend on the nature of each trust property as well as a given set of parameter values • Subjective trust obtained as a result of executing our proposed hierarchical trust management protocol approaches true objective trust

  31. Trust-based Geographic Routing • Geographic routing • a node disseminates a message to a maximum of L neighbors closest to the destination node • Trust-based geographic routing • node i forwards a message to a maximum of L neighbors not only closest to the destination node but also with the highest trust values Tij(t) • Baseline routing protocols • flooding-based • a node floods a message to all its neighbors • traditional geographic routing

  32. Best Trust Formation to Maximize Application Performance • Identify weights to assign to individual trust properties • w1=w2=0.5 × wsocial • w3=w4=0.5 × wQoS • wsocial+ wQoS = 1 • Considering both social and QoS trust properties helps generate a higher message delivery ratio

  33. Dynamic Trust Management • Dynamically adjust wsocial (the X coordinate) to optimize application performance in message delivery ratio

  34. Performance Comparison • Outperforms traditional geographic routing • Approaches flooding-based routing

  35. Performance Comparison • Traditional geographic routing performs better than trust-based geographic routing in message delay • This is expected

  36. Performance Comparison • Incurs more message overhead than traditional geographic routing • the path selected by trust-based geographic routing is often the most trustworthy path, not necessarily the shortest path

  37. Trust-based Intrusion Detection • Describe the algorithm that can be used by a high-level node such as a CH (or a base station) to perform trust-based intrusion detection of the SNs • Develop a statistical method to assess trust-based IDS false positive and false negative probabilities

  38. Algorithm for Trust-Based Intrusion Detection • Selecting a system minimum trust threshold, Tth, below which a node is considered compromised • A compromised node will exhibit several social and QoStrust behaviors

  39. Best Trust Formation to Maximize Application Performance • As the minimum trust threshold Tth increases, the false negative probability Pfn decreases while the false positive probability Pfp increases. • There exists an optimal trust threshold Tth,opt at which both false negative and false positive probabilities are minimized.

  40. Performance Comparison • Presented are the best results of all three IDS schemes

  41. Conclusion • Proposed a hierarchical dynamic trust management protocol for cluster-based wireless sensor networks, considering two aspects of trustworthiness, namely, social trust and QoS trust. • Developed a probability model utilizing stochastic Petri nets techniques to analyze the protocol performance, and validated subjective trust against objective trust obtained based on ground truth node status • Demonstrated the feasibility of dynamic hierarchical trust management and application-level trust optimization design concepts with trust-based geographic routing and trust-based IDS applications

More Related