TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Xiaoqi Li, Michael R. Lyu,...

TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks

Xiaoqi Li, Michael R. Lyu, and Jiangchuan LiuIEEE Aerospace ConferenceMarch 2004

March 2004 CSE Dept. of CUHKPage 2

Outline

• Introduction• Background: AODV and Subjective

logic• Framework of TAODV• Trust model for TAODV• Routing operations in TAODV• Analysis• Conclusion and future work


Introduction to MANETs

• Mobile Ad Hoc Networks (MANETs)– No fixed infrastructure– Self-organized routing– Prone to be unstable and insecure

• Previous Secure Solutions for MANETs– Require each node to testify itself by

showing its digital signature at all times– Need a super-trusted third-party to provide

authentication


Introduction to TAODV

• Make use of trust relationships among nodes

• Need not request and verify signature at each time of communication, just like human society

• TAODV: a secure routing protocol based on trust model for MANET


Background: Subjective Logic

• Subjective logic– Represent trust relationship formally– Define how to combine different trust

information together– Map all kinds of evidences to trust

representation space

• We derive our trust model for TAODV from subjective logic


Background: AODV

• AODV– Ad Hoc On-Demand Distance Vector Rout

ing Protocol for MANETs– Two main routing messages:

• RREQ: Routing REQuest• RREP: Routing REPly

• We extend AODV by adding trust information into its routing messages


Framework of TAODV


Trust Model for TAODV: Representation of trust

• Use Opinion to represent trust:– A three-dimensional metric–

• -- Probability of node A believing in node B

• -- Probability of node A disbelieving in node B

• -- Probability of node A’s uncertainty about B

–

ABb

),,( AB

AB

AB

AB udb

ABdABu

1 AB

AB

AB udb


• Discounting Combination: – Combine trusts along one path– Combine

– Equation: Let

Trust Model for TAODV: Combination of trust

A C

B

)()(

)(CA

CB

BA

BC

AB

AB

AB

BC

AB

BC

AB

ABC

ABC

ABC

ubud

db

bb

u

d

b

),,( ABC

ABC

ABC

ABC udb


Trust Model for TAODV: Combination of trust

• Consensus Combination: – Combine trusts from several paths– Combine

– Equation: Let

),()(

)(CBA

CB

CA

B

C

A

C

B

C

A

Cuuuukwhere

BC

AC

AC

BC

BC

AC

AC

BC

BC

AC

BAC

BAC

BAC

kuu

kudud

kubub

u

d

b

2

,

,

,

,

/)(

/)(

/)(

),,( ,,,, BAC

BAC

BAC

BAC udb

A

C

B


• Mapping from evidence space to opinion space:

– p : positive evidences– n : negative evidences

Trust Model for TAODV: Mapping from evidences to opinion space

0,

2

22

2

AB

np

np

nnp

p

AB

AB

AB

uwhere

u

d

b


Routing Operations in TAODV

• Trust Recommendation• Trust Judgement• Routing Table Extension• Trust Update• Routing Messages Extensions• Trusted Routing Discovery


Trust Recommendation• Exchange trust information• Three types of message:

– TREQ: Trust REQuest– TREP: Trust REPly– TWARN: Trust WARNing

• Broadcast TWARN when a node’s disbelief value is zero

• Message structure:


Trust Judgement

• Predefined trust judging rules

b d u Actions>0.5 Request and verify digital

signature

>0.5 Distrust a node for an expire time

>0.5 Trust a node and continue routing

≤0.5 ≤0.5 ≤0.5 Request and verify digital signature

b – belief d – disbelief u – uncertainty 0.5 – threshold


Routing Table Extension

• Add three fields into original routing table– Positive events– Negative events– Opinion

• New routing table formatDestIP DestSe

q...

HopCount

..

.Lifetime Positiv

eEvents

NegativeEvents

Opinion


Trust Update

• Update of Evidences– Successful Communication Positive

events: p++– Failed Communication Negative events: n++

• Update of opinion - two ways: – Mapping from evidence space– Combination from different

recommendations


Trusted Routing Discovery: Scenario I-Beginning of TAODV

• Initial opinions are all (0,0,1)• Node A originates a RREQ to discover a route to C• Node B will authenticate A and C because of high

uncertainty (u=1) of them from its point of view• Finally, if succeeds, the opinions are all changed

to (0.33,0,0.67)


Trusted Routing Discovery: Scenario II-A Stable TAODV MANET

• Trust relationships have been established among almost all the nodes

• The values of uncertainty are getting smaller and smaller

• The general procedures are as follows. (e.g. N2)


Trusted Routing Discovery: Scenario II-A Stable TAODV MANET


Analysis

• Performance– No need to perform cryptographic

computations in every packet reducing computation overhead

– Trust recommendation messages and routing table extension are simple no introducing much routing overhead


Analysis

• Security – A malicious node will be finally denied

from the network and it’s opinion from other nodes will be (0,1,0).

– When a bad node turns to be a good one, it’s opinion in others will be changed from (0,1,0) to (0,0,1) after expiry.


Analysis

• Flexibility– Each node is given more flexibility to

define its own opinion threshold.– The default threshold is 0.5.– For high level security requirement,

the threshold can be increased.– For some non-critical applications, the

threshold can be decreased.


Conclusion

• First approach to apply the idea of trust model into the security solutions of MANETs.

• The trust among nodes can be quantified and combined.

• TAODV is a secure routing protocol with– Less computation overheads – Not introducing much routing overheads– Flexible security levels


Future Work

• Optimize trusted routing discovery algorithm

• Establish fast response mechanism when being attacked

• Perform detailed simulation evaluation

Date post:	20-Dec-2015
Category:	Documents
View:	218 times
Download:	1 times

TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks Xiaoqi Li, Michael R. Lyu,...

Documents