Trust and Reputation
Based mechanisms for CIP
Uniparthenope, UniRC, Polito
(Fai della Paganella, 10-12 Febbraio 2014)
Objectives
• To enhance the cyber security of Wireless
Sensor Networks (WSNs) deployed to protect
CIs by exploiting Trust and Reputation Model
based techniques
– Intrusion Tolerance at the routing level
Security of WSNs
• WSNs have low computational resources and
energy supply
– Limit the number of exchanged messages
– Limit the usage of cryptographic mechanisms
• WSNs are deployed in unattended, hostile,
environments
Trust and Reputation
A trust and reputation model is proposed to improve cyber defense.
Say Node 3 wants to estimate trust and reputation perceived about
Node 2:
• Node 3 estimates a trust score of Node 2 through a direct measure
related to Node 2
• Node 3 estimates a reputation score of Node 2 through indirect
measurements, e.g. by observing the trust level perceived by Node
1 wrt Node 2
Attack Model: Sinkhole Attack
• Trust and reputation-based scores to ensure
resilience against attacks such as sinkhole
No attack
(BS = Base Station)
Node 3 successfully attacks
Trust and Reputation Model
The model proposed acts as follows:
1. When Node 3 starts an attack, by pretending to
have the best route toward destination, we need:
1. A reliable way to check
if it is lying (to measure trust)
2. A way to share this
information (to update
neighbourns reputation)
(BS = Base Station)
Test of Trustworthiness
Assuming to have a routing protocol enabling parties
authentication
1. Node 4 forces a ping through two alternate paths one of
which includes the node under test
2. Node 4 chooses the route with lower round trip time
3. If the selected path does not use the tested node as
gateway the trust level of node 3 is lowered
–
T43(t+1) = k* T43(t) k < 1
3
Reputation
• If a change in the trust level of node 3 is
going to occour, node 4 forwards a feedback
to each of the nodes in its neightbour list.
• Each node receiving the feedback accordingly
corrects the reputation of node 3
– Ri3(t+1) = f(Ri3(t), ΔT43)
Intrusion Tolerance
• When a node must select a parent to reach
the BS this evaluation will be based on:
quality of the channel, trust level, and
reputation level of the candidate node.
– That is a Dependability function is evaluated for
each candidate and the new parent will be the
one with highest dependability value:
• For each j in N: Dij(t+1) = f(Qij(t), Tij(t),Rij(t)) (N set of
neighbours)
• The node j such that Dij(t+1) =Max(Dij(t+1)) is selected
as the parent one
AODV Routing Protocol
• Ad hoc On Demand Distance Vector (AODV)
is a standard routing protocol defined by RFC
3561 (http://www.ietf.org/rfc/rfc3561.txt)
• AODV is widely adopted e.g. in Bluetooth and
Zigbee
http://www.bluetooth.com/
http://www.zigbee.org/
Implementation
• A WSN was simulated through NS-3
• NS3 is a command-line, open source (GNU GPL
v2) network simulator
• Programming languages: C++, Python
• Different WSNs routing protocols are
implemented such as Optimized Link State
Routing Protocol (OLSR) and Ad hoc On Demand
Distance Vector (AODV)
http://www.nsnam.org/
Future Steps
• To complete implementation
• To test the effectiveness of the proposed
model under different testbed configurations,
and parameters tuning
• To extend the approach to manage other kind
of attacks