Download presentation
Presentation is loading. Please wait.
1
TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Li Xiaoqi, GiGi October 28, 2003
2
Oct. 28, 2003CSE Dept. of CUHKPage 2 Outline Introduction Background: Subjective logic and AODV Framework of TAODV Trust model for TAODV Routing operations in TAODV Analysis Conclusion and future work
3
Oct. 28, 2003CSE Dept. of CUHKPage 3 Introduction to MANETs Mobile Ad Hoc Networks (MANETs) –No fixed infrastructure –Self-organized routing –Prone to be unstable and insecure Previous Secure Solutions for MANETs –Require each node to testify itself by showing its digital signature at all times –Need a super-trusted third-party to provide authentication
4
Oct. 28, 2003CSE Dept. of CUHKPage 4 Introduction to TAODV Make use of trust relationships among nodes Need not request and verify signature at each time of communication, just like human society TAODV: a secure routing protocol based on trust model for MANET
5
Oct. 28, 2003CSE Dept. of CUHKPage 5 Background: Subjective Logic Subjective logic –Represent trust relationship formally –Define how to combine different trust information together –Map all kinds of evidences to trust representation space We derive our trust model for TAODV from subjective logic
6
Oct. 28, 2003CSE Dept. of CUHKPage 6 Background: AODV AODV –Ad Hoc On-Demand Distance Vector Routing Protocol for MANETs –Two main routing messages: RREQ: Routing REQuest RREP: Routing REPly We extend AODV by adding trust information into its routing messages
7
Oct. 28, 2003CSE Dept. of CUHKPage 7 Framework of TAODV
8
Oct. 28, 2003CSE Dept. of CUHKPage 8 Trust Model for TAODV: Representation of trust Use Opinion to represent trust: –A three-dimensional metric – -- Probability of node A believing in node B -- Probability of node A disbelieving in node B -- Probability of node A ’ s uncertainty about B –
9
Oct. 28, 2003CSE Dept. of CUHKPage 9 Trust Model for TAODV: Combination of trust Discounting Combination: –Combine trusts along one path –Combine Consensus Combination: –Combine trusts from several paths –Combine
10
Oct. 28, 2003CSE Dept. of CUHKPage 10 Trust Model for TAODV: Mapping from evidences to opinion space Mapping function: –p : positive evidences –n : negative evidences
11
Oct. 28, 2003CSE Dept. of CUHKPage 11 Routing Operations in TAODV Trust Recommendation Trust Judgement Route Table Extension Trust Update Routing Messages Extensions Trusted Routing Discovery
12
Oct. 28, 2003CSE Dept. of CUHKPage 12 Trust Recommendation Exchange trust information Two types of messages: –TREQ: Trust REQuest –TREP: Trust REPly Message structure:
13
Oct. 28, 2003CSE Dept. of CUHKPage 13 Message Structures of TREQ & TREP TREQ TREP
14
Oct. 28, 2003CSE Dept. of CUHKPage 14 Trust Judgement bduActions >0.5Request and verify digital signature >0.5Distrust a node for an expiry time >0.5Trust a node and continue routing ≤0.5 Request and verify digital signature b – belief d – disbelief u – uncertainty 0.5 – threshold
15
Oct. 28, 2003CSE Dept. of CUHKPage 15 Route Table Extension Add three fields into original route table –Positive events –Negative events –Opinion New route table format DestIP … Next Hop...StateExpiryPositive Events Negative Events Opinion
16
Oct. 28, 2003CSE Dept. of CUHKPage 16 Trust Update Update of Evidences –Successful Communication Positive events: p++ –Failed Communication Negative events: n++ Update of opinion –Mapping from evidence space –Combination from different recommendations Update fashion –Periodical update if high packets frequency –On-demand update if lower packets frequency
17
Oct. 28, 2003CSE Dept. of CUHKPage 17 Routing Messages Extensions Add trust information into original AODV routing messages RREQ TRREQ RREP TRREP Message structure:
18
Oct. 28, 2003CSE Dept. of CUHKPage 18 Message Structures of TRREQ & TRREP TRREQ TRREP
19
Oct. 28, 2003CSE Dept. of CUHKPage 19 N receives TRREQ from N1. It will then perform such behaviors as follows: 1. Broadcast TREQ to request N1 ’ s opinions 2. Obtain trust recommendation from N2, N3, N4: 3. Combine these three opinions together into 4. Judge the next behavior using trust judgment criteria Trusted Routing Discovery S N1 N2 N N4 N3 D TRREQ N receives TRREQ from N1. It will performs such behaviors:
20
Oct. 28, 2003CSE Dept. of CUHKPage 20 5. If uncertainty>threshold, N requests and verifies N1 ’ s signature 6. If N1 passes trust authentication or signature authentication, N will rebroadcast TRREQ 7. If N1 does not pass any authentication, N will not trust N1 and drop this TRREQ 8. Update the value of opinion using trust update rules Trusted Routing Discovery S N1 N2 N N4 N3 D TRREQ TRREP
21
Oct. 28, 2003CSE Dept. of CUHKPage 21 Analysis Computation overheads of each set of authentication operations –Cost of each set of trust operations is O(16 2 v) (v is the no. of average neighbors) –Cost of each set of signature operations is O(k 3 ) (k is the length of signature)
22
Oct. 28, 2003CSE Dept. of CUHKPage 22 Analysis (con ’ d) Number of authentication operations when given a certain traffic volume. E.g.: n routing messages –No. of signature operations: n –No. of trust operations: t – average packets interval e – trust expiry time U will never be larger than n
23
Oct. 28, 2003CSE Dept. of CUHKPage 23 Analysis (con ’ d) Security –Combination of trust authentication and signature authentication secure –Combination of different recommendations objective –Customization of trust threshold flexible
24
Oct. 28, 2003CSE Dept. of CUHKPage 24 Conclusion and Future Work TAODV is a secure routing protocol with –Less computation overheads –Flexible security levels Optimize trusted routing discovery algorithm Establish fast response mechanism when being attacked Perform detailed simulation evaluation
25
Q&A Thank You!
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.