Professional Documents
Culture Documents
Introduction
The interest of research community has significantly increased in ad-hoc and sensor networks during last few years.
The nodes in these networks are self organized in order to
provide flexible topology for the dissemination of gathered
information. Such networks have been used in variety of
applications such as military surveillance, emergency services, commercial and civilian environments [1]. The major
objective of providing security in any network, whether wired
or wireless, are to defend the network resources against variety of attacks, such as denial of service (DoS) attack, wormhole attack, blackhole attack, routing table overflow and poisoning attack, packet replication attack, grayhole attack and
modification of packets attack [24]. Sensor nodes are placed
in large numbers in hostile environment, which makes dicult to protect against tampering or captured by an adversary
force that can launch insider attacks to make a node compromised and can have easy access to valid keys and memory contents [5]. Then, an adversary can learn contents of
memory and have access to valid secret keys stored in the
compromised nodes and use them to launch insider attacks.
Protocols and algorithms based on traditional security mechanisms such as authentication [6], encryption and cryptography are not suitable for WSN as these mechanisms assumes
that all participating nodes are cooperative and trustworthy
and also require extensive computation, communication and
Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks
281
In ad-hoc and sensor networks, it is very important to secure each node [33]. An adversary may overtake some critical nodes and inject malicious behavior, which leads to revelation of secure information and collapse of entire network
[11]. There are two common types of misbehaving nodes:
selfish nodes and malicious nodes [34]. If a node does not
cooperate in packet forwarding due to some resource constraints, such as low memory or battery life, it is said to be
selfish node. A selfish node may not have any intention to
destruct the system; an adversary may reprogram a compromised node to behave selfishly. On the other hand, a malicious node has an objective to destruct the system badly, even
at the cost of its own resources.
The security attacks in ad-hoc and sensor networks may be
compared and classified from multiple perspectives. One way
of classifying attacks is based on capabilities and resources
an adversary has in his possession. In this type of classification, attacks may be classified as outsider (external) attack
and Insider attack. In outsider attack, attacker lacks authentication and key information and such type of attack can easily
be dealt with classical security mechanism such as cryptography, encryption and authentication. In insider attack, an adversary already has all key and cryptographic information,
therefore such type of attack cannot be dealt with traditional
security measures. Another classification is based on adversarys intention to destruct the system. The attacks may be
classified as trust management (TM) related attack and network related attack. The intention of TM related attack is to
282
Attacks
Wormhole
Sybil
Grayhole
Blackhole
Routing loop
Packet injection
Conflicting behavior
Packet delay
Bad-mouth
Selfishness
On-o attack
DoS
Network-
security
related
solutions
ecacy
Trust-based
solutions
Attacking behavior
ecacy
Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks
283
284
Fig. 1
sensor and ad-hoc networks have been reviewed and organized into two groups: node-centric trust models and systemcentric trust models. To get a better insight of trust modeling,
it is worthwhile to provide an overview of node-centric trust
models and system-centric trust models.
4.1 Node-centric trust
The essential goal of any trust and reputation based systems is
to facilitate the nodes to predict the behavior of other nodes
and provide secure mutual interaction. The trust among the
nodes may be established either by directly observing behavior of node or reputation information provided by other
nodes. In most of the trust based frameworks, a central trusted
entity is not available; therefore, a node must possess decision making capability to revise its strategy of interaction
and filter indirect information reliably. The node-centric trust
refers to the trust a node has in another node. A node based
trusted systems consists of following components, each component can be considered as step for the trust computation
process.
Information collection Whenever a node transmits packet
to its neighbor node, the watchdog mechanism [92] places
the sender node in promiscuous mode to verify whether the
Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks
ondhand information is very beneficial for trust and reputation based systems such as: it enables the node to learn from
each others mistakes, consistent view of trust in network
is established and makes the reputation process to build up
quickly [7]. Despite the aforementioned usefulness of secondhand information, it makes TRM system target of false
report attack. The solution to avoid such vulnerability is
to share either negative information or positive information
about the node.
The limitation with mentioned solution is that system became vulnerable to false praise attack when nodes only share
positive information and cannot exchange their bad experiences with other nodes [62]. In the same way, system becomes vulnerable to bad-mouth attack when the nodes only
share their bad experiences [56]. There is another possibility
to avoid such consequences is not exchange any information.
The authors in [71] presents a model that established reputation based on its own experiences [firsthand information]
while does not rely on neighboring nodes to share their experiences (secondhand information). Although, the mentioned
solution is highly robust against false report attack but suers
from some weaknesses such as: it allows the malicious nodes
to remain in the systems longer, system takes more time to
converge its reputation database and it takes some time to
decrease reputation value for malicious nodes. Some reputation frameworks like [68] and [70] make use of both positive
and negative information by incorporating firsthand and secondhand information along with dierent weights assigned to
dierent information.
Information mapping to the trust model In this step, firsthand and secondhand information is combined to form trust
and reputation metric. Nodes collect firsthand information by
directly interacting with other nodes, therefore, to incorporate
it into reputation metric does not requires extensive computation. However, this is not applicable to secondhand information because it is provided by other nodes. There might be
the case that node providing secondhand information could
be compromised and provide spurious information about normal node. Therefore, some mechanism must be used to check
the credibility of reporting node. One of the techniques called
deviation test is provided by [28] and represented as Eq. (1):
|E(Beta(, )) E(Beta(F , F ))| d.
(1)
285
[ + B] 1
x (1 x)1 ,
[] []
0 x 1, 0, 0.
(2)
286
decision as follows:
T pq B pq ,
Cooperate,
B pq =
(3)
new
= (wage q ) + x,
q
(4)
new
q
(5)
= (wage q ) + y,
(6)
Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks
287
288
3)
CORE stands for collaborative reputation mechanism to enforce node co-operation in mobile ad-hoc networks.
Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks
Table 2
289
Energy
Ref.
Bootstrapping
Trust
evidence
Trust evaluation
Attack model
Weight
assignment
[70]
Bad-mouth attack
Ranking
and
weight based
No
[68]
Ballot-stung and
bad-mouth
Not assigned
Threshold
and
ranking based
No
[96]
Weighted sum of
distance, energy and
packet
forwarding
ratio
GPSR
Threshold
and
weighted-based
Yes
[60]
Direct
only
trust
Not assigned
DSR
Threshold
and
ranking based
No
[57]
Packet
attack
Higher
weight
assigned to authenticity of data
(Variance)
Ranking-based
Yes
[47]
Sinkhole
wormhole
Threshold-based
and weight-based
Yes
[18]
Direct
only
trust
TCS
aggregates
and distribute trust
among the nodes
Blackhole attack
Not assigned
Ranking-based
No
[63]
Direct
only
trust
Beta
model
distribution
AODV
Threshold-based
No
[64]
Direct
only
trust
Passive acknowledge
mechanism is used to
evaluate trust
AODV
Threshold-based
Yes
[58]
Direct
only
trust
Blackhole, grayhole,
integrity,
modification
&
confidentiality
authentication
Higher weights
given to distance
and forwarding
in
respective
scenarios
GPSR
Threshold
and
weighted-based
Yes
injection
and
protocol
LEACH
DSR
Decision making
consideration
290
measure also requires that misbehaving nodes must be detected accurately so that negligence on behalf of watchdog or
bad-mouth attack from malicious nodes may not result in permanent exclusion of well-behaving node from the network.
The nodes in sensor and mobile ad-hoc network have limited power resources; therefore, a selfish node may not cooperate in packet forwarding to preserve its own resources.
Such act of selfishness degrades overall performance of wireless communication networks. To address this problem in
MANET, a scheme called SORI5) has been proposed by [59]
with the major objective to penalize selfish nodes and encourage packet forwarding. The key characteristics of the
schemes are: one-way-hash based authentication mechanism
has been used for the secure propagation of reputation values, nodes reputation is quantified by objective measures and
reputation values are only forwarded to neighboring nodes
rather than broadcasting to entire network. The scheme consists of three components: monitoring, reputation propagation and punishment. The monitoring component is responsible for observing behavior of neighboring nodes by using
promiscuous mode. The reputation propagation is responsible for recording and evaluating trustworthiness of neighboring nods. The trustworthiness of a node is evaluated by Eq.
(7):
RFN (X)
RN (X) =
,
(7)
HFN (X)
where RN (X) is reputation of node N on node X; RFN (X) represents number of packets that node X has received from node
N for forwarding; HFN (X) represents number of packets noticed by N and forwarded by X. The punishment component
is responsible for penalizing the selfish nodes. If the reputation value for the selfish node X is less than specified threshold value, node N probabilistically dorps the packet originated from node X. Node N not only decreases the reputation
value of node X, but it also informs its neighbor node about
the selfish behavior of node X so that it may be punished by
all neighbor nodes.
Table 3 presents taxonomy of the aforementioned systemcentric trust models. We evaluate each model in terms of
bootstrapping mechanism, trust evidence, neighbor monitoring mechanism, reputation propagation, punishment and redemption mechanism, attack models being addressed, routing protocol being used and energy consideration.
It is observed that CORE and SORI are more flexible than
CONFIDANT in terms of punitive measures and provide redemption mechanism in way that malicious node may return
Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks
291
and cons.
In probability based trust computation models, trust is visualized as probability of expected behavior of a node. The
Beta distribution is most frequently used probabilistic trust
computational approach in TRM systems due to its simplicity, flexibility, easy estimation and compatibility with trust
parameters. The beta distribution represents trust as binary
transactions such as positive or negative and cooperative or
non-cooperative. However, probabilistic trust models may involve high computational complexity which is not desirable
for resource constrained nodes.
Weighting-based approaches provide simple and
lightweight computation methods to estimate trust. These
approaches aggregate the results obtained from nodes and assign dierent weights to dierent observed quantities. However, accuracy of estimated trust should be verified as granularity of expressing trust may not be good when modeled
using weight-based approaches.
Fuzzy logic based trust computation methods are simple
and lightweight in nature. Fuzzy logic rules and membership
functions are used for trust computing. However, due to dynamic nature of trust phenomena the fuzzy logic inference
might be incompatible with trust management system. Trust
Routing
Punishment
mechanism
Redemption
DSR
False praise
attack
No
[56] Nodes
are Both direct Promiscuous
initialized
and indirect mode
with positive trust
trust rating
ALARM
messages are sent to
neighboring nodes
and authenticity is
verified
DSR
Bad-mouth
and
false
report attack
No
DSR
Selfishn-ess
of nodes
No
trust Promiscuous
mode
protocol
If reputation values
exceeds threshold,
selfish node will not
be punished anymore
Attack model
Energy
Reputation
propagation
Table 4
Neighbor
monitoring
consideration
TC methods
Probability
Weight
TRM schemes
Objective
Game Theory
[60,62,7780]
Fuzzy Logic
[8184]
Advantages
Disadvantages
Mathematically sound
High complexity
Provide set of mathematical tools Not a predictive tool for the behavior
for investigating multi-person of nodes and prerequisite to apply game
strategic decision making
theory is bi-directional behavior while
WSN employ one-way transmission
Trust is evaluated on the basis Mathematically sound and easy to Due to dynamic nature of trust phenomof membership function and fuzzy implement
ena, membership function might not
rules
represent accurate trust value
292
computation methods based on game theory provide mathematical tools for investigating behavior in strategic situation
where success of one player depends on the behaviors of others. The interaction among an adversary and defender is studied in these models. However, these models are not in compete compliance to resolve trust problems in WSN as game
theory is not a predictive tool for the behavior of nodes but
a suggestive tool for how nodes ought to behave. Moreover,
WSN almost employ one-way transmission (sensor nodes to
base station) but the prerequisite to apply game theory is bidirectional behavior.
Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks
6.
7.
8.
Devisri S, Balasubramaniam C. Secure routing using trust based mechanism in wireless sensor networks (WSNs). International Journal of
Scientific & Engineering Research, 2013, 4(2): 17
9.
Babu S S, Raha A, Naskar M K. LSR protocol based on nodes potentiality in trust and residual energy for WSNs. International Journal of
Network Security & Its Applications (IJNSA), 2012, 4(2): 2134
10.
Yu Y, Li K, Zhou W, Li P. Trust mechanisms in wireless sensor networks: attack analysis and countermeasures. Journal of Network and
Computer Applications, 2012, 35(3): 867880
11.
12.
13.
Chen H, Wu H, Zhou X, Gao C. Reputation-based trust in wireless sensor networks. In: Proceedings of the IEEE International Conference on
Multimedia and Ubiquitous Engineering, MUE07. 2007, 603607
14.
15.
Song F, Zhao B. Trust-based LEACH protocol for wireless sensor networks. In: Proceedings of the 2nd IEEE International Conference on
Future Generation Communication and Networking (FGCN). 2008,
202207
16.
17.
18.
19.
Pirzada A A, Mcdonald C. Trust establishment in pure ad-hoc networks. Wireless Personal Communications, 2006, 37(1-2): 139168
20.
21.
22.
Chang M, Chen I-R, Bao F, Cho J-H. On integrated social and QoS
trust-based routing in delay tolerant networks. Wireless Personal Communications, 2012, 66(2): 443459
Conclusions
Trust and reputation are two very important tools that facilitate in predicting future actions of nodes based on their past
observations. Information about predicted future actions of
nodes may not be reliable and might lead to incorrect inference about other nodes behavior. Trust and reputation based
systems have been extensively used in eective decision making for identification of suspicious nodes behavior. In this
paper, we surveyed and analyzed existing trust management
schemes in ad-hoc and sensor networks and organized them
into nodes-based trust models and system-based trust models. The aim of node-centric trust models is to enable nodes
to collect direct and indirect trust values, aggregates them and
evaluate the trustworthiness of particular node, thus leading
to decision whether to be engaged with subject node or not.
System-centric trust models focus on providing punitive measures in their interaction mechanism which enables the node
to be aware of the fact that abnormal behavior results in significant punishment. Furthermore, we discussed in detail different type of node misbehaviors in MANET and WSN and
examined all aspects of TRM systems including bootstrapping mechanisms, trust evidence, trust computation and interactive decision making methods. Based on the study of
literature, some unresolved research issues are presented in
pursuit of TRM systems. As part of future work, we plan
to develop a comprehensive trust aware model for WSN not
only to identify and isolate suspicious nodes behavior but also
to take into consideration a rich set of attacks discussed in this
paper.
References
1. Tsetsos V, Alyfantis G, Hasiotis T, Sekkas O, Hadjiefthymiades S. Towards commercial wireless sensor networks: business and technology
architecture. Ad Hoc & Sensor Wireless Networks, 2006, 2(1): 5980
2. Padmavathi G, Shanmugapriya D. A survey of attacks, security mechanisms and challenges in wireless sensor networks. International Journal
of Computer Science and Information Security (IJCSIS), 2009, 4(1):
19
3. Jain A, Kant K, Tripathy M. Security solutions for wireless sensor networks. In: Proceedings of the 2nd IEEE International Conference on
Advanced Computing & Communication Technologies (ACCT). 2012,
430433
293
23.
Chen I-R, Bao F, Chang M, Cho J-H. Trust management for encounterbased routing in delay tolerant networks. In: Proceedings of the IEEE
Global Telecommunications Conference (GLOBECOM). 2010, 16
24.
5. Becher A, Benenson Z, Dornseif M. Tampering with motes: realworld physical attacks on wireless sensor networks. Technical Report.
Springer Berlin Heidelberg, 2006
25.
294
data aggregation in wireless multimedia sensor networks. IEEE Transactions on Dependable and Secure Computing, 2012, 9(6): 785797
26.
44.
27.
45.
28.
Yu B H, Shen Z, Miao C, Leung C, Niyato D. A survey of trust and reputation management systems in wireless communications. Proceedings
of the IEEE, 2010, 98(10): 17551772
46.
29.
Momani M, Challa S. Survey of trust models in dierent network domains. International Journal of Ad hoc, Sensor & Ubiquitous Computing, 2010, 1(3): 119
47.
30.
Cho J-H, Swami A, Chen I R. A survey on trust management for mobile ad hoc networks. International Journal of Network Security and Its
Applications (IJNSA), 2010, 13(4): 562583
Zhan G, Shi W, Deng J. Design and implementation of TARF: a trustaware routing framework for WSNs. IEEE Transactions on Dependable and Secure Computing, 2012, 9(2): 184197
48.
31.
Tanuja R, Rekha M K, Manjula S H, Venugopal K R, Iyengar S, Patnaik L M. Elimination of black hole and false data injection attacks in
wireless sensor networks. In: Proceedings of the 3rd International Conference on Trends in Information, Telecommunication and Computing.
2013, 475482
32.
Fernandez-Gago M C, Roman R, Lopez J. A survey on the applicability of trust management systems for wireless sensor networks. In:
Proceedings of the 3rd IEEE International Workshop on Security, Privacy and Trust in Pervasive and Ubiquitous Computing (SECPerU).
2007, 2530
49.
50.
33.
34.
51.
35.
52.
53.
36.
54.
37.
Dong D, Li M, Liu Y, Li X Y, Liao X. Topological detection on wormholes in wireless ad hoc and sensor networks. IEEE/ACM Transactions
on Networking, 2011, 19(6): 17871796
Sun Y L, Han Z, Yu W, Liu K J R. A trust evaluation framework in distributed networks: vulnerability analysis and defense against attacks.
In: Proceedings of the 25th IEEE International Conference on Computer Communications. 2006, 113
38.
55.
39.
56.
Buchegger S, Le Boudec J-Y. Performance analysis of the CONFIDANT protocol (cooperation of nodes: fairness in dynamic Ad-hoc
networks). In: Proceedings of the 3rd ACM International Symposium
on Mobile Ad Hoc Networking & Computing. 2002, 226236
57.
58.
Stelios Y, Papayanoulas N, Trakadas P, Maniatis S, Leligou H C, Zahariadis T. A distributed energy-aware trust management system for
secure routing in wireless sensor networks. In: Proceedings of the Mobile Lightweight Wireless Systems. 2009, 8592
59.
40.
41.
42.
43.
Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks
295
77.
60.
Reddy Y B, Srivathsan S. Game theory model for selective forward attacks in wireless sensor networks. In: Proceedings of the 17th IEEE
Conference of Control and Automation. 2009, 458463
78.
61.
79.
62.
80.
Xiong L, Liu L. A reputation-based trust model for peer-to-peer eCommerce communities. In: Proceedings of the IEEE International Conference on E-Commerce. 2003, 275284
81.
Gupta B, Mahavidhyalaya K, Kaur H, Bedi P. Predicting grid user trustworthiness using neural networks. In: Proceedings of the IEEE World
Congress on Information and Communication Technologies (WICT).
2011, 727732
82.
Zong B, Xu F, Jiao J, Lv J. A broker-assisting trust and reputation system based on artificial neural network. In: Proceedings of the IEEE
International Conference on Systems, Man and Cybernetics. 2009,
47104715
63.
64.
65.
66.
83.
67.
Yadav K, Srinivasan A. iTrust: an integrated trust framework for wireless sensor networks. In: Proceedings of the 2010 ACM Symposium
on Applied Computing. 2010, 14661471
84.
68.
Srinivasan A, Teitelbaum J, Wu J. DRBTS: distributed reputationbased beacon trust system. In: Proceddings of the 2nd IEEE International Symposium on Dependable, Autonomic and Secure Computing.
2006, 277283
85.
69.
Qin T, Yu H, Leung C, Shen Z, Miao C. Towards a trust aware cognitive radio architecture. ACM SIGMOBILE Mobile Computing and
Communications Review, 2009, 13(2): 8695
86.
70.
Ganeriwal S, Balzano L K, Srivastava M B. Reputation-based framework for high integrity sensor networks. ACM Transactions on Sensor
Networks, 2008, 4(3): 137
87.
Beghriche Y, Toubiana V, Labiod H. A Bayesian filter to detect misbehaving nodes in MANETs. In: Proceedings of the New Technologies,
Mobility and Security (NTMS). 2008, 15
88.
89.
Momani M, Aboura K, Challa S. RBATMWSN: recursive Bayesian approach to trust management in wireless sensor networks. In: Proceedings of the 3rd IEEE International Conference on Intelligent Sensors,
Sensor Networks and Information. 2007, 347352
71.
72.
73.
90.
74.
91.
75.
Dai H J, Jia Z P, Dong X N. An entropy-based trust modeling and evaluation for wireless sensor networks. In: Proceedings of the IEEE International Conference on Embedded Software and Systems (ICESS).
2008, 2734
76.
92.
296
research projects and is the referee for many scientific journals and
conferences. His specialization includes mobile and wireless com-
93.
94.
95.
96.
Zahariadis T, Leligou H, Karkazis P, Trakadas P, Papaefstathiou I, Vangelatos C, Besson L. Design and implementation of a trust-aware routing protocol for large WSNs. International Journal of Network Security
& Its Applications, 2010, 2(3): 5268
97.
Karp B, Kung H. GPSR: greedy perimeter stateless routing for wireless networks. In: Proceedings of the 6th ACM Annual International
Conference on Mobile Computing and Networking. 2000, 243254
98.
99.
Royer E M, Perkins C E. An implementation study of the AODV routing protocol. In: Proceedings of the IEEE Wireless Communications
and Networking Confernce (WCNC). 2000, 10031008
100.
Channa is a professor in the DeQuaid-e-Awam University of Engineering Science and Technology, Pakistan.
He completed his PhD from Asian Institute of Technology (AIT), Thailand.
He completed MSc in Computer Science from University of Sind, Pakistan,
in 1995 and MS in Information Technology from National University of Science and Technology, Pakistan in 2005. His research interest comprises of trust management, security, routing, and quality
of service in mobile ad hoc networks.
Khalid Haseeb received his MSc and
MS degree from University of Peshawar, Pakistan. He is pursuing PhD