An Architecture for Dynamic Trust Monitoring

in Mobile Networks

Onolaja Olufunmilola, Rami Bahsoon,

Georgios Theodoropoulos

School of Computer ScienceThe University of Birmingham, UK

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 2/14

OutlineOutline

Introduction Definitions Motivation Review of current research and

problems Collusion attack Proposed solution Possible real life applications Summary

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 3/14

IntroductionIntroduction

Ad hoc and wireless sensor networks have gained popularity in recent years and have been used in critical applications.

Applications such asMilitary and security monitoring, Traffic regulation, Human tracking and monitoring,Battlefield surveillance etc

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 4/14

IntroductionIntroduction

The use of the networks in the applications leads to the misbehaviour among nodes.

Misbehaviour makes the differentiating between normal and malicious network operations difficult.

Problem further complicated due to nature of these networks

MobilityLimited transmission power Dynamic formulation

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 5/14

DefinitionsDefinitionsTrust Gambetta (1988) stated that when a node is trusted, it implicitly

means that the probability that it will perform an action that is beneficial or at least not detrimental in the network is high enough to consider engaging in some form of cooperation with the node.

Each node has a Trust Value.

Reputation The opinion of an entity about another; it is the trustworthiness of a

node. Synonymous to trust?

Misbehaviour Behavioural expectation ↔ Social perspective The deviation from the expected behaviour of nodes in a network. For example, in a network, a node is said to be misbehaving when

it deviates from the regular routing and forwarding of packets. Collusion attack.

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 6/14

MotivationMotivation

Despite the existing security paradigms, such asPublic Key Infrastructure (PKI): inadequateReputation and Trust Based Systems (RTBSs): collusion attacks

the assurance of security still remains a problem.

The problems that arise due to the dynamic nature of ad hoc and sensor (dynamic) networks, calls for an equally dynamic approach to identifying and isolating misbehaving nodes.

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 7/14

Reputation and Trust Based Reputation and Trust Based Systems Systems Node Cooperation Enforcement: CORE, CONFIDANT - Michiardi et al (IFIP 2002),

Buchegger et al (MOBIHOC 2002)

Incentive Based Scheme: SORI - He et al (WCNC 2004)

Trust Enhanced Model: SMRTI - Balakrishnan at al (AINA 2007)

High Integrity Networks Framework: RFSN - Ganeriwal et al (ACM TSN 2008)

Promiscuous observation: each node overhears the transmission of neighbouring nodes to detect misbehaviour.

This mechanism has a weakness of failing to detect misbehaving nodes in the case of collusion.

Recommendations provided by individual nodes in the network are used in deciding the reputation of other nodes.

Watchdog is resident on each node that monitors and gathers information based on promiscuous observation. Marti et al (MOBICOM 2000)

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 8/14

Collusion AttackCollusion Attack

Suppose node A forwards a packet P through B to D. Node C can decide to misbehave and B colludes with C.

With the watchdog mechanism, it is possible that B does not report to A when C modifies the packet to P#.

The problem of collusion is very important because its effects can considerably affect network performance and may hinder communication vital to fulfilling of the mission of ad hoc and sensor networks.Liu et al (IEEE 2004)

DA B C

PP PP P#P#

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 9/14

Proposal -Proposal - DDDASDDDAS DDDAS (Dynamic Data-Driven Application Systems –

www.dddas.org) is a paradigm whereby applications and measurements become a symbiotic feedback control system.

The paradigm promises to provide more accurate analysis and prediction, more precise controls, and more reliable outcomes.

This entails the ability to This entails the ability to dynamically incorporatedynamically incorporate additional dataadditional data into an into an executing application, executing application, and in reverse, the and in reverse, the ability of an application ability of an application toto dynamicallydynamically steer thesteer the measurementmeasurement process.process.

Real lifeSimulatio

n

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 10/14

Proposal -Proposal - DDDASDDDAS

How?� The concepts of the paradigm are applied in building a dynamic

reputation system. This paper proposes the use of the DDDAS components: measurement, simulation, feedback, control.

� The online data obtained is used to gain a better understanding and more accurate prediction of node behaviour: Simulation.

� The simulation continually incorporates new measurements at runtime for the system to accurately determine and update the trust values.

Why DDDAS?The dynamic nature of mobile and sensor networks require a dynamic approach to identifying and isolating misbehaving or malicious nodes. Which DDDAS provides.

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 11/14

Proposed SolutionProposed Solution

Solution addresses collusion attacks because nodes do not directly determine the reputation of other nodes in the network.

High-level diagram of High-level diagram of architecturearchitecture

Online and historical behaviour Simulation Feedback Prediction

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 12/14

ApplicationsApplications Criminal and terrorist monitoring; Military applications; Femtocells deployment.

CONTROLLER

CONTROLLER

Low power Femtocells that provide high quality signals in the home

Controllers that can aggregate the traffic from several Femtocells

Archive of Historicalbehaviour of Femtocells

Management server/Data controller

CONTROL

Automated response

SIMULATION

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 13/14

SummarySummary

Discussed a pending problem of reputation and trust based models and how the DDDAS approach can fill the gaps.

A dynamic architecture for addressing the problem of collusion among nodes. Model provides a high level of dynamism to reputation systems by updating the trust values of nodes at runtime.

Not only useful at the network level but at a higher level and will allow for making informed decisions.

Future WorkReal life application of model – combating crime and criminal monitoring;

Tests through simulation of model to ascertain its effectiveness in addressing collusion;

Ensuring identity persistence.

Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos MONET, Algarve, Portugal Nov-09 14/14

Thank you. Questions??

?

‘Funmi Onolaja o.o.onolaja@cs.bham.ac.uk