Presentation on theme: "A Survey of Trust Management for Mobile Ad Hoc Networks"— Presentation transcript:
1 A Survey of Trust Management for Mobile Ad Hoc Networks Jin-Hee Cho & Ananthram Swami , Army Research LaboratoryIng-Ray Chen, Virginia Tech
2 Outline Background Motivation Multidisciplinary Trust Concept Trust, Trustworthiness, and Risk AssessmentTrust Properties in MANETsSurvey on Trust Management in MANETsFuture Research DirectionsSurvey on trust management in MANETs: attacks, metrics, trust propertiesCase study: based on a recently submitted paper as our ongoing research, we briefly show our current on based on future research directions.Could skip this slide as needed
3 Background Design Challenges in Mobile Ad Hoc Networks: Resource constraintsenergy, bandwidth, memory, computational powerHigh security vulnerabilityopen medium derived from inherent nature of wireless networksrapidly changing network topology due to node mobility or failure, RF channel conditionsdecentralized decision making and cooperation (no centralized authority)no clear line of defenseTrust: the degree of subjective belief about the behavior of a particular entity.In general, trust in social science is defined as….
4 MotivationTrust management is needed in MANETs with the goal of establishing a network with an acceptable level of trust relationships among participating nodes:During network bootstrappingTo support coalition operation without predefined trustFor authentication for certificates generated by other parties when links are downTo ensuring safety when entering a new zoneDiverse applicability as a decision making mechanism for:Intrusion detectionKey managementAccess controlAuthenticationSecure routingMany othersThese are “application”
5 Trust in Communications & Networking A set of relations among entities participating in a protocol based on evidence generated by the previous interactions of entities within a protocolIf the interactions have been faithful to the protocol, then trust will accumulate between these entitiesContext-aware trust: trust is the quantified belief of a trustor node regarding competence, honesty, security, and dependability of a trustee node in a specific contextMultidisciplinaryConcept of TrustSociologyRisking betrayalSubjectivityEconomicsIncentive-based selfishnessAutonomic computingautomation reliabilityOrganizational managementrisk assessmentPsychologyCognitive processPhilosophyContext-dependent moral relationshipCommunications & Networkingmore...securityreconfigurabilityscalabilityreliabilitydependabilitySystem designers in communications and networking want to derive all properties including security, reconfigurability, scalability, reliability, dependability, and more from the multidisciplinary concept of trust.
6 Trust, Trustworthiness, and Risk Assessment 1TrustworthinessTrustb. misplaced trusta. misplaced distrustTrust =Trustworthiness0.5Definition (Trustworthiness): Trustworthiness is objective probability by which the trustee performs a given action on which the welfare of the trustor dependsDefinition (Trust): Trust is the subjective probability by which the trustor expects that the trustee performs a given action on which the welfare of the trustor dependsDefinition (Risk): risk is defined by the probability and the consequence of an incident. The risk value is given by the function r : P x C -> RV, where P is a set of trust values in [0,1], C is the set of consequence values and RV is the set of risk values.Some scholars distinguished subjective trust, the so called trust, and objective trust, the so called trustworthiness.Misplaced distrust happens when objective trust is higher than subjective trust. Trustworthiness > trust, losing possible helpful collaborations with trustable parties.Misplaced trust happens when subjective trust is higher than objective trust, leading to high possible risky situations, experiencing betrayal.Fire exercise: reliability trustReal fire situation: decision trustIf we know sometimes a particular node does not have a sufficient capability to perform a mission given, if there is no other resource to use, we choose to employ the node with lack of capability. Particularly when not using it is directly related to the definite system failure.Trust Level [Solhaug et al., 2007]
7 Trust vs. RiskTrust-based decision making: a trust threshold is used to say yes/noyes when t > trust threshold (t2 inthe graph)Risk-based decision making: a risk threshold is used to say yes/noyes when r < high risk threshold (high risk zone in the graph)In general when trust is high, risk is low but it really depends on the stake (consequence of failure). It is not enough to consider trust only and then say that trust is risk acceptance, trust is inverse to risk, or the like.1StakeTrust0.5S2S1t1t2High riskMedium riskLow riskTrust vs. Risk[Solhaug et al. 2006,Josang & LoPresti, 2004]
8 Trust Properties in MANETs SubjectivityDynamicityAsymmetryContext-dependencyincomplete transitivityDynamic, not staticTrust in MANETs should be established based on local, short-lived, fast changing over time, online only and incomplete information available due to node mobility or failure, RF channel conditionsExpressed as a continuous value ranging from positive and negative degreeSubjectiveDifferent experiences derived from dynamically changing network topologyNot necessarily transitiveAsymmetric, not necessarily reciprocalHeterogeneous entitiesContext-dependentSensing/Reporting vs. forwardingTrust properties in MANETs.Transitivity: mention about what trust chain is.Trust properties in existing trust management in MANETs.
9 Classification of Trust Management Risk ManagementRisk AssessmentRisk MitigationTrust ManagementTrust UpdateTrust RevocationTrust EstablishmentRisk Controltrust evidence collection, trust generation, trust distribution, trust discovery, and trust evaluationThe terms trust management and trust establishment are also interchangeably used in the literature. To clarifythese two terms, according to Aivaloglou et al. , trust establishment is a process to deal with representing,evaluating, maintaining, and distributing trust among nodes. Trust management deals with the problems such asformulating evaluation rules and policies, representing trust evidence, and evaluating and managing trustrelationships among nodes. As Figure 6 explains, trust establishment belongs to one of trust management tasks.[Solhaug et al., 2006]
10 Attacks considered in existing trust management in MANETs. Attacks in MANETsBy the nature of attack and the types of attackers [Liu et al., 2004]Passive Attacks: when an unauthorized party gains access to an asset but does not modify its content, (e.g., eavesdropping or traffic analysis)Active Attacks : masquerading (impersonation attack), replay (retransmitting messages), message modification, DoS (e.g., excessive energy consumption)By the legitimacy of attackers [Liu et al., 2004]Insider attacks: authorized memberOutsider attacks: illegal userTrust management in MANETs has studied in the presence of attackers.Attacks considered in existing trust management in MANETs.
11 Metrics for Measuring Network Trust in MANETs Network trust has been evaluated by general performance metrics, e.g., detection accuracy, goodput (useful information bits/sec), throughput (data bits/sec), overhead, delay, network utility, route usage (for secure routing), packet dropping rate, etc.Recently, trust level as a metric has been used, e.g., trust level of a network path or sessionMetrics used for evaluating network trust
12 Composite Trust Metrics Quality-of-Service (QoS) TrustCompetence, dependability, reliability, successful experience, and reputation or recommendation representing capability to complete an assigned “task”Examples are the node’s energy lifetime, computational power level, and capability to complete packet deliverySocial TrustUse of the concept of social networksFriendship, similarity, common interest, social connectivity, honesty, and social reputation or recommendation derived from direct or indirect interactions
13 Trust Management in MANETs based on Design Purpose Summary of existing trust management schemes in MANETs based on specific design purposes
14 Trust-based Applications in MANETs Secure RoutingDetect and isolate misbehaving nodes (selfish or malicious)Reputation managementExtension of the existing routing protocols (e.g., DSR, AODV) using trust conceptIncentive mechanism to induce cooperationRevocation + redemption possibleAuthenticationUse trust to authenticate nodes or routing pathsUse direct evidence (certificates or observations of packet forwarding behavior) plus second hand information (e.g., recommendation)Extension of the existing routing protocols (e.g., DSR, Zone Routing Protocol)Key ManagementEstablish keys between nodes based on their trust relationshipsTrust-based PKIDistributed - each node maintains its public/private keysHierarchical – a CA is elected based on trust
15 Trust-based Applications in MANETs (Cont.) Intrusion DetectionTrust as a basis for developing an intrusion detection system (IDS)Trust-based IDS provides audit and monitoring capabilities to enhance securityEvaluating trust and identifying intrusions can be integrated together to build a trustworthy environmentAccess ControlUse trust for decision making of access control to MANET resourcesTrust-based admission control (role-based)A node can use resources if it is trusted by k trusted nodesCan integrate with policy-based access control (with a proof of identity or certificate)
16 Issues for Future Trust Management in MANETs How should we select a trust metric that can reflect the unique properties of trust in MANETs?What constitutes trust? Is it multi-dimensional with multiple trust components? Should we have a different set of trust components reflecting the application characteristics and node behavior (including selfish/malicious behavior)?How can trust contribute to scalability, reconfigurability, security, and reliability of the network?How should a trust protocol be designed to achieve adaptability to rapidly changing MANET environments?How do we design a trust system to reflect adequate tradeoffs, e.g., altruism vs. selfishness, and effectiveness vs. efficiency?Can we identify optimal trust protocol settings under various network and environmental conditions?
17 Questions? Contact us at: Jin-Hee Cho Army Research LaboratoryAnanthram Swami , Army Research LaboratoryIng-Ray Chen Virginia Tech