trust and reputation in mobile environments

41
Trust and Reputation in Mobile Environments Trust and Reputation in Mobile Environments Andrada A¸ stef˘ anoaie Computer Science Faculty of Ia¸ si December 14, 2012 1/41

Post on 17-Oct-2014

594 views

Category:

Documents


3 download

DESCRIPTION

 

TRANSCRIPT

Page 1: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Trust and Reputation in Mobile Environments

Andrada Astefanoaie

Computer Science Faculty of Iasi

December 14, 2012

1/41

Page 2: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Contents

1 Introduction

2 Social perspective

3 Trust in MANETs and WSNs

4 Overview of Reputation and Trust Based Systems

5 Components of Reputation and Trust Based SystemsInformation GatheringInformation SharingInformation ModellingDecision Making

6 Examples of Reputation and Trust-based SystemsCoreConfidant

7 Open problems

8 Conclusions

9 Bibliography

2/41

Page 3: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Introduction

MANETs and WSNs - Problems

Mobile Ad Hoc Networks and Wireless Sensor Networks ⇒tremendous technological advances over the last few years ⇒ riskof newer threats and challenges and the responsibility of ensuringsafety, security, and integrity of information communication overthese networks.

MANETs ⇒ vulnerable to different types of attacks and security threats(complete autonomy of the member nodes, lack of any centralizedinfrastructure).

WSNs ⇒ unique problems due to their usual operations in unattendedand hostile areas. Also, it is imperative to produce sensors at very lowcosts⇒ to produce tamper-resistant sensors ⇒ very easy for an adversaryto physically capture a sensor node and bypass its limited cryptographicsecurity.

3/41

Page 4: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Introduction

Trust and Reputation

⇒ resolved by modelling MANETs and WSNs as reputation andtrust-based systems.

As in real life, we tend to believe and interact only with people who we

see as having a good reputation. Reputation can be defined as a person’s

history of behaviour, and can be positive, negative, or a mix of both.

Based on this reputation, trust is built. Trust can be seen as the

expectation that a person will act in a certain way.

Reputation: opinion of one entity about another ⇒trustworthiness of an entity.Trust: expectation of one entity about the actions of another.

4/41

Page 5: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Social perspective

Trust and uncertainty

Trust: important factor affecting consumer behaviour, especially inthe e-commerce context where uncertainty abounds.Uncertainty:⇒ originates from two sources: information asymmetry andopportunism.⇒ degree to which an individual or organization cannot anticipateor accurately predict the environment

5/41

Page 6: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Social perspective

Trust beliefs and trust intention

Trust means that the trustor believes in, and is willing to dependon, the trustee. Theory of reasoned action ⇒ trusting beliefs andtrusting intention.Trusting beliefs ⇒ multidimensional, representing one’s beliefsthat the trustee is likely to behave in a way that is benevolent,competent, honest, or predictable in a situation. Most frequently:competence, benevolence, and integrity.Trusting intention is the extent to which one is willing to dependon the other person in a given situation.

6/41

Page 7: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Social perspective

Information asymmetry and Opportunistic behaviour

Information asymmetry is defined as the difference between theinformation possessed by buyers and sellers.Opportunistic behaviour is prevalent in exchange relationships.In the on-line buyer-seller relationship, the seller may behaveopportunistically by trying to meet its own goals withoutconsidering the consumer’s benefits.

7/41

Page 8: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Social perspective

Trust antecedents : calculus , knowledge institution based

Calculus-based trust ⇒ credible information regarding theintentions or competence of the trustee.Knowledge-based trust ⇒ aggregation of trust relatedknowledge by the involved parties ⇒ accumulated either first-hand(based on an interaction history) or second-handInstitution-based trust ⇒ one believes the necessary impersonalstructures are in place to enable one to act in anticipation of asuccessful future endeavour

8/41

Page 9: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Trust in MANETs and WSNs

MANET - Problems

MANETs: nodes are autonomous and do not have any commoninterest ⇒ selfish behaviour ⇒ need incentive and motivation tocooperate

Non-cooperative behaviour of a node:

selfish intention (e.g. save power)

malicious intention (e.g. denial-of-service attacks).

9/41

Page 10: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Trust in MANETs and WSNs

WSN - Problems

WSNs - all sensors belong to a single group/entity and need tocooperate towards the same goal ⇒ incentive is less of a concern.In the same time, WSNs are vulnerable to physical capture ⇒make the sensor nodes tamper-proof ⇒ expensive

tamper-proofing the nodes ⇒ not a viable solution: An adversarymight change sensors to start misbehaving and disruptcommunication in the network and afterwards to launch an attackfrom insider ⇒ need of security mechanisms to make WSNs ableto cope with insider attacks.

10/41

Page 11: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Trust in MANETs and WSNs

Misbehaviour of nodes

Reputation and trust-based systems enable nodes to makeinformed decisions on prospective transaction partners.

11/41

Page 12: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Trust in MANETs and WSNs

Effects of nodes misbehaviour

Examples of effects of the misbehaviour of nodes:

packet loss increased

denial-of-service experienced by honest nodes in the network

There were theoretical studies that emphasized the following ides:

increased cooperation more than proportionately increases theperformance for small networks with fairly short routes

prevention measures (encryption, authentication) reduce thesuccess of intrusion attempts in MANETs, but cannotcompletely eliminate them.

12/41

Page 13: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Overview of Reputation and Trust Based Systems

System goals

1 provide information that allows nodes to distinguish betweentrustworthy and non-trustworthy nodes.

2 encourage nodes to be trustworthy.

3 discourage participation of nodes that are untrustworthy.

4 cope with any kind of observable misbehaviour

5 minimize the damage caused by insider attacks.

13/41

Page 14: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Overview of Reputation and Trust Based Systems

Properties

In order to work effectively the system should have the followingproperties:

1 Long-lived entities that inspire an expectation of futureinteraction.

2 The capture and distribution of feedback about currentinteractions (such information must be visible in the future).

3 Use of feedback to guide trust decisions.

14/41

Page 15: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Overview of Reputation and Trust Based Systems

Properties

Properties of the trust metric:

1 Asymmetric (if node A trusts node B, then it is notnecessarily true that node B also trusts node A),

2 Transitive: (if node A trusts node B and node B trusts nodeC, then node A trusts node C),

3 Reflexive: (node always trusts itself).

15/41

Page 16: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Overview of Reputation and Trust Based Systems

Initialization

Reputation and trust-based systems can be initialized in one of thefollowing presented ways:

1 All nodes in the network are considered trustworthy. Nodestrust each other node in the network. Reputation of nodes isdecreased by every bad encounter.

2 All nodes are considered to be untrustworthy and no nodetrusts any other node within the network. Reputation ofnodes is increased with every good encounter.

3 All nodes are neither considered trustworthy noruntrustworthy. They all take a neutral reputation value tobegin with. Reputation of nodes is increased or decrease withevery good respectively bad encounter.

16/41

Page 17: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Overview of Reputation and Trust Based Systems

Classification

Classification of such systems can be done based on the followingcriteria:

1 Observation: First-Hand (direct observation, own experience) orsecond-hand (information obtained through peers).

2 Information Symmetry: Symmetric (same amount of information) orAsymmetric (different amount of information).

3 Centralization: Centralized (one entity maintains reputation of allnodes) or Distributed (each node maintains reputation of all nodeshe cares about). In case of the second one reputation can be storedLocal or Global.

4 Trust among peers: Credential-based or Behaviour based trustmanagement systems

.

17/41

Page 18: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Overview of Reputation and Trust Based Systems

Pros and cons

Reputation and trust-based systems:+ one of the best solutions for dealing with selfish misbehaviour.+ robust solutions to curtail insider attacks.+ for the most part, self maintaining.

− added overhead, both in computation and communication,− a new dimension of security consideration ⇒ adversary mightattack the system based on the reputation system itself.

18/41

Page 19: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Components of Reputation and Trust Based Systems

Information Gathering

Information Gathering - the process by which a node collectsinformation about nodes it cares about ⇒ concerned only withfirst-hand information.

Most reputation and trust-based systems make use of a componentcalled Watchdog to monitor their neighbourhood and gatherinformation based on promiscuous observation.

19/41

Page 20: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Components of Reputation and Trust Based Systems

Information Sharing

Information Sharing- concerned with dissemination of first-handinformation gathered by nodes.Information can be shared among nodes in the following ways:friends list, blacklist, and reputation table.For sharing information, three important issues have to beaddressed:

1 Dissemination frequency: Proactive Dissemination andReactive Dissemination

2 Dissemination locality: Local and Global

3 Content of information disseminated: Raw and Processed.

20/41

Page 21: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Components of Reputation and Trust Based Systems

Information Modelling

Information Modelling - deals with combining the first-hand andsecond-hand information meaningfully into a metric. It also dealswith maintaining and updating this metric.

21/41

Page 22: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Components of Reputation and Trust Based Systems

Decision Making

Decision Making - responsible for taking all the decisions.Decisions made by this component ⇒ based on the informationprovided by the information modelling component.

Basic decision ⇒ binary decision, on who to trust and who not to(be one of cooperate/dont-cooperate, forward/dont-forward, etc).

22/41

Page 23: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Core

Core - About

A Collaborative Reputation Mechanism to enforce nodeco-operation in Mobile Ad hoc Networks.

a distributed, symmetric reputation model

uses first-hand and second-hand information for updatingreputation values.

uses bi-directional communication symmetry and dynamicsource routing (DSR) protocol for routing.

assumes wireless interfaces that support promiscuous modeoperation

nodes ⇒ members of a community ⇒ have to contribute on acontinuing basis to remain trusted, else reputation willdegrade until eventually they are excluded from the network.

each node: a watchdog mechanism for promiscuousobservation.

23/41

Page 24: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Core

Core - About

addresses only the selfish behaviour problem.

reputation ⇒ formed and updated along time ⇒ subjectivereputation, indirect reputation, and functional reputation

past observations are more important than the currentobservations.

two types of protocol entities, requester (ask execution offunction f ) and provider (execute f )

use of reputation table (RT), with one RT for each function:unique ID, recent subjective reputation, recent indirectreputation, and composite reputation for a predefinedfunction. RTs are updated in two situations: during therequest phase and during the reply phase.

24/41

Page 25: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Core

Core - Information gathering

The reputation of a node computed from first-hand information isreferred to as subjective reputation (calculated directly from anode’s observation). Subjective reputation is calculated only forthe neighbouring nodes and it is updated only during the requestphase. If a provider does not cooperate with a requester’s request,then a negative value is assigned to the rating factor σ of thatobservation and consequently the reputation of the provider willdecrease (value varies between -1 and 1). New nodes, when theyenter the network, are also assigned a neutral reputation valuesince enough observations are not available to make an assessmentof their reputation.

25/41

Page 26: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Core

Core - Information sharing

Indirect reputation (second-hand information) is used to modelMANETs as complex societies. One node sees the others throughthe opinion of the society. Core adds the following restriction: onlypositive information can be exchanged (prevents bad mouthingattacks on benign nodes). Each reply message consists of a list ofnodes that cooperated and like this indirect reputation will beupdated only during the reply phase.

26/41

Page 27: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Core

Core - Information modelling

Functional reputation (combined value of subjective and indirectreputation for different functions) is used to test how trustful anode is with respect to different functions. In CORE, reputation iscompositional. Thus, the global reputation for each node isobtained by combining the three types of reputation. Positivereputation values are decremented along time to ensure that nodescooperate and contribute on a continuing basis.

27/41

Page 28: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Core

Core - Decision making

When a node has to make a decision: it checks the reputationvalue of the requester. Positive values indicates well behavedentities. If the value is negative, the node is tagged as amisbehaving entity and denied the service. A misbehaving entity isdenied service unless it cooperates and ameliorates its reputationto a positive value.Reputation ⇒ hard to build (reputation decreases every time thewatchdog detects a non cooperative behaviour and it also getsdecremented in time to prevent malicious nodes from buildingreputation and then attacking the system resources.

28/41

Page 29: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Core

Core - Discussion

1 if reputation is high, a node can misbehave temporarily

2 CORE prevents false accusation attacks, confining thevulnerability of the system to only false praise

3 since only positive information is shared, the possibility ofretaliation is prevented. There is a problem with combiningthe reputation values for various functions into a single globalvalue.

4 CORE also ensures that disadvantaged nodes that areinherently selfish due to their critical energy conditions are notexcluded from the network using the same criteria as formalicious nodes

29/41

Page 30: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Confidant

Confidant - About

Cooperation Of Nodes - Fairness In Dynamic Ad-hoc NeTworks.

inspired by ”The Selfish Gene” by Dawkins which statesreciprocal altruism is beneficial for every ecological systemwhen favors are returned simultaneously because of instantgratification.

main purpose: make misbehaviour unattractive in MANETsbased on selective altruism and utilitarianism.

distributed, symmetric reputation model which uses bothfirst-hand and second-hand information for updatingreputation values.

aims to detect and isolate misbehaving nodes

for routing: used DSR

assumes that no tamper-proof hardware is required foritselfother nodes to modify their values.

30/41

Page 31: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Confidant

Confidant - Components

Confidant has four components at each node: Monitor, TrustManager, Reputation System, and Path Manager.

31/41

Page 32: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Confidant

Confidant - Information Gathering

The Monitor: helps nodes to passively observes their 1-hopneighbourhood.

nodes can detect deviations by the next node on the sourceroute ⇒ have a copy of a packet while listening to thetransmission of the next node ⇒ any content change can bedetected ⇒ the monitor registers these deviations ⇒ reportbad behaviour to the reputation system.

the monitor also forwards ALARMS to the Trust Manager forevaluation

32/41

Page 33: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Confidant

Confidant - Information Gathering

Trust Manager: handles all the incoming and out-going ALARMmessages.Incoming ALARMs (from any node)⇒ source has to be checkedfor trustworthiness⇒ looking at trust level of the reporting node.Outgoing ALARMS ⇒ generated by the node itself after it wasdetected a malicious behaviour.Recipients: friends ⇒ friends list by each node.The Trust Manager:

contains: alarm table (information about alarms), trust table(trust levels for nodes), and friends list (all friends of node).

responsible: providing or accepting routing information.

33/41

Page 34: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Confidant

Confidant - Information Modelling

Reputation System ⇒ table consisting of entries for nodes andtheir rating.Ratings ⇒ changed when there is sufficient evidence of maliciousbehaviour (has occurred at least a threshold number of times torule out coincidences) ⇒ updated according to a rate function(greatest weight: personal experience, smaller weight: observationsin the neighbourhood, even smaller weight: to reported experience)⇒ the reputation entry for the misbehaving node is updatedaccordingly.Node = rating below a predetermined threshold ⇒ Path Manageris summoned.

34/41

Page 35: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Confidant

Confidant - Decision Making

Path Manager ⇒ the decision maker ⇒ responsible for:

path re-ranking according to the security metric ⇒ deletespaths containing misbehaving nodes

taking necessary actions upon receiving a request for a routefrom a misbehaving node.

35/41

Page 36: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Confidant

Confidant - Discussions

only negative information is exchanged between nodes ⇒system is vulnerable to false accusation of benign nodes bymalicious nodes.

false praise attacks are prevented since no positive informationis exchanged ⇒ eliminates the possibility of malicious nodescolluding to boost the survival time of one another.

since negative information = shared between nodes ⇒ anadversary gets to know his situation ⇒ change his strategy

36/41

Page 37: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Examples of Reputation and Trust-based Systems

Confidant

Confidant - Discussions

nodes that are excluded will recover after a certain timeout

failed nodes are treated like any other malicious node

authors have not explained how the actual reputation iscomputed and how it is updated using experienced, observedand reported information.

authors have not provided any evidence to support theirrationale behind the differentiation of weights.

37/41

Page 38: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Open problems

Reputation and trust-based systems are still in the first phase whenit comes to MANETs and WSNs ⇒ current open problems:

the bootstrap problem.

intelligent adversary strategies.

38/41

Page 39: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Conclusions

Reputation and trust: very important tools ⇒ used since thebeginning to facilitate decision making in diverse fields from anancient fish market to state of the art e-commerce.

39/41

Page 40: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Bibliography

Bibliography

“Reputation and Trust-based Systems for Ad Hoc and SensorNetworks”, Avinash Srinivasany, Joshua Teitelbaumy, HuigangLiangz, Jie Wuy and Mihaela Cardeiy

“A Survey on Reputation and Trust-Based Systems forWireless Communication Networks”, Jaydip Sen

“Trust and Reputation Systems for Wireless Sensor Networks”,Rodrigo Roman, M. Carmen Fernandez-Gago, and JavierLopez

“Performance Analysis of the CONFIDANT Protocol(Cooperation Of Nodes: Fairness In Dynamic Ad NeTworks)”, Sonja Buchegger, Jean-Yves Le Boudec

40/41

Page 41: Trust and reputation in mobile environments

Trust and Reputation in Mobile Environments

Bibliography

Thank you!

41/41