150 likes | 285 Views
Conceptual Framework for Dynamic Trust Monitoring and Prediction. Olufunmilola Onolaja Rami Bahsoon Georgios Theodoropoulos School of Computer Science The University of Birmingham, UK. Outline. Definitions Reputation systems Collusion attack Background
E N D
Conceptual Framework for Dynamic Trust Monitoring and Prediction Olufunmilola Onolaja Rami Bahsoon Georgios Theodoropoulos School of Computer Science The University of Birmingham, UK
Outline • Definitions • Reputation systems • Collusion attack • Background • DDDAS Conceptual framework • Summary
Definitions Trust • Social perspective. • Gambetta (1988) stated that when a node is trusted, it implicitly means that the probability that it will perform an action that is beneficial is high enough to consider engaging in some form of cooperation with the node. Reputation • The opinion of an entity about another. • Synonymous to trust? Misbehaviour • Behavioural expectation. • The deviation from the expected behaviour of nodes in a network. • Collusion attack.
Reputation and Trust Based Systems • Provide mechanisms to produce a metric encapsulating reputation for a given domain for each identity in a system. • They aim to • Provide information to distinguish untrustworthy entities, • Encourage members to be trustworthy, • Discourage the participation of malicious entities, • Isolate, deny service and punish malicious entities.
Cooperation Enforcement Schemes Incentive Based Schemes (virtual currency) Integrity Based Framework Credit Based Reputation Models Reputation and Trust Based Systems Recommendations provided by individual nodes in the network are used in deciding the reputation of other nodes. Watchdogis resident on each node that monitors and gathers information based onpromiscuous observation. This mechanism has a weakness of failing to detect misbehaving nodes in the case ofcollusion.
A B B C C Collusion Attack P P P# D • Suppose node A forwards a packet P through B to D. Node C can decide to misbehave and colludes with B. • With the watchdog mechanism, it is possible that B does not report to A when C modifies the packet to P#. • The problem of collusion is very important because its effects • Can considerably affect network performance and • May hinder communication vital to fulfilling of the mission of the network. • e.g. Military application, motes, battlefield.
Why DDDAS? Measurement, simulation, feedback and control • Reputation is not static but dynamic, computation of trust should be equally dynamic. • Dynamic approach to identifying and isolating misbehaving (group of) nodes. • Online rating (Trust values TVs), using data provided from the network – past and present data. • Simulation improves prediction – future data. • The predictions help to focus on areas of uncertainty or risk. • More accurate analysis, prediction.
Controller Data Raw data Agent-based simulation Update TVs Data requests and updates Predictions to update network Data transformation Trust value calculator Aggregation Node Cluster head Data flow Communication Regions of trust Framework Physical system • Online data • Historical data • Simulation • Prediction • Feedback
Framework Components Physical system • Nodes, cluster head Controller • Aggregator • Data collection, relevant data • Data transformer • Observations - captured, quantified and numerically represented • Qualitative data to quantitative value – trust value • 0 ≤ trust value ≤ 5 • Trust value calculator • Available information to useable metric • Data repository • Online and historical data
Framework Components Simulation • Properties – internal or external • Changes to properties influenced by logic/external entity • Probabilities of collusion and misbehaviour • Behavioural rules incorporated into nodes, predicted trust values change using probabilities of collaboration
Trust values • Time intervals j = (1, 2, ..., i-1) • i - current time, (i-1) - time of last snapshot • tvo, tvn,tvh- online, new and historical trust values • Weights o and h - factors for the online and historical TVs • [o,h]>0 and o>h , more emphasis on recent behaviour Intoxication attack
Trust table showing the degrees of trust and corresponding regions of risk. Focus Trust values
Scenario • Repast simulation toolkit, nodes belong to a context, and interaction is defined within the context. • Context-sensitive behaviour is implemented in the simulation by triggers created in nodes. At 9 ticks nodetype = suspect; badtend = true; tvo = 2 nodetype = trusted; badtend = true; tvo = 4 After 18 ticks nodetype = malicious; badtend = true; tvh = 2; tvn= 0 nodetype = suspect; badtend = true; tvh = 4; tvn= 2
Summary • DDDAS framework has the potential of providing a high level of dynamism to trust and reputation systems allowing for more accurate analysis of the system and enabling predictions. • Collusion attack is not possible because trust decisions are not made using node recommendations. • Current status • TV computation, simulator • Future challenges • Data (sources, aggregation and transformation) • Definition of regions of trust • Validation • Evaluation of performance
Thank you. Questions??? Funmi Onolaja o.o.onolaja@cs.bham.ac.uk