TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks

Download Report

Transcript TAODV: A Trust Model Based Routing Protocol for Secure Ad Hoc Networks 

TAODV: A Trust Model Based
Routing Protocol for Secure Ad
Hoc Networks
Xiaoqi Li, Michael R. Lyu, and Jiangchuan Liu
IEEE Aerospace Conference
March 2004
Outline
• Introduction
• Background: AODV and Subjective logic
• Framework of TAODV
• Trust model for TAODV
• Routing operations in TAODV
• Analysis
• Conclusion and future work
Page 2
CSE Dept. of CUHK
March 2004
Introduction to MANETs
• Mobile Ad Hoc Networks (MANETs)
– No fixed infrastructure
– Self-organized routing
– Prone to be unstable and insecure
• Previous Secure Solutions for MANETs
– Require each node to testify itself by showing its
digital signature at all times
– Need a super-trusted third-party to provide
authentication
Page 3
CSE Dept. of CUHK
March 2004
Introduction to TAODV
• Make use of trust relationships among
nodes
• Need not request and verify signature
at each time of communication, just like
human society
• TAODV: a secure routing protocol based
on trust model for MANET
Page 4
CSE Dept. of CUHK
March 2004
Background: Subjective Logic
• Subjective logic
– Represent trust relationship formally
– Define how to combine different trust
information together
– Map all kinds of evidences to trust
representation space
• We derive our trust model for TAODV
from subjective logic
Page 5
CSE Dept. of CUHK
March 2004
Background: AODV
• AODV
– Ad Hoc On-Demand Distance Vector
Routing Protocol for MANETs
– Two main routing messages:
• RREQ: Routing REQuest
• RREP: Routing REPly
• We extend AODV by adding trust
information into its routing messages
Page 6
CSE Dept. of CUHK
March 2004
Framework of TAODV
Page 7
CSE Dept. of CUHK
March 2004
Trust Model for TAODV:
Representation of trust
• Use Opinion to represent trust:
– A three-dimensional metric
– BA  (bBA , d BA , uBA )
• bBA -- Probability of node A believing in node B
• d BA -- Probability of node A disbelieving in node B
• u BA -- Probability of node A’s uncertainty about B
– bBA  d BA  uBA  1
Page 8
CSE Dept. of CUHK
March 2004
Trust Model for TAODV:
Combination of trust
• Discounting Combination: 
A
– Combine trusts along one path
– Combine
 ( A  B) 
B
C
   ( A  C)
 ( B  C )
– Equation: Let
 CAB  (bCAB , d CAB , uCAB )
 bCAB  bBAbCB
 AB
A B
d

b
 C
B dC
u AB  d A  u A  b Au B
B
B
B C
 C
Page 9
CSE Dept. of CUHK
March 2004
Trust Model for TAODV:
Combination of trust
A
• Consensus Combination: 
– Combine trusts from several paths
– Combine
C
B
 ( A  C)
   ( A, B  C )
 ( B  C )
A, B
A, B
A, B
A, B
– Equation: Let  C  (bC , d C , uC )
 bCA, B  (bCAuCB  bCB uCA ) / k
 A, B
A B
B A
d

(
d
u

d
 C
C C
C uC ) / k , where k
u A, B  (u Au B ) / k
C C
 C
Page 10
CSE Dept. of CUHK
A
B
A
B
 u C  u C  2u C u C
March 2004
Trust Model for TAODV: Mapping
from evidences to opinion space
• Mapping from evidence space to opinion
space:
 bBA  p  pn  2
 A
A
n
d

,
where
u
 B pn2
B  0
u A  2
 B pn2
– p : positive evidences
– n : negative evidences
Page 11
CSE Dept. of CUHK
March 2004
Routing Operations in TAODV
• Trust Recommendation
• Trust Judgement
• Routing Table Extension
• Trust Update
• Routing Messages Extensions
• Trusted Routing Discovery
Page 12
CSE Dept. of CUHK
March 2004
Trust Recommendation
• Exchange trust information
• Three types of message:
– TREQ: Trust REQuest
– TREP: Trust REPly
– TWARN: Trust WARNing
• Broadcast TWARN when a node’s disbelief value is zero
• Message structure:
Page 13
CSE Dept. of CUHK
March 2004
Trust Judgement
• Predefined trust judging rules
b
d
u
>0.5
>0.5
Trust a node and continue routing
≤0.5
b – belief
Page 14
Request and verify digital signature
Distrust a node for an expire time
>0.5
≤0.5
Actions
≤0.5
Request and verify digital signature
d – disbelief
u – uncertainty 0.5 – threshold
CSE Dept. of CUHK
March 2004
Routing Table Extension
• Add three fields into original routing table
– Positive events
– Negative events
– Opinion
• New routing table format
DestIP
Page 15
DestSeq
... HopCount ... Lifetime
CSE Dept. of CUHK
Positive
Events
Negative
Events
Opinion
March 2004
Trust Update
• Update of Evidences
– Successful Communication Positive events: p++
– Failed Communication Negative events: n++
• Update of opinion - two ways:
– Mapping from evidence space
– Combination from different recommendations
Page 16
CSE Dept. of CUHK
March 2004
Trusted Routing Discovery:
Scenario I-Beginning of TAODV
• Initial opinions are all (0,0,1)
• Node A originates a RREQ to discover a route to C
• Node B will authenticate A and C because of high
uncertainty (u=1) of them from its point of view
• Finally, if succeeds, the opinions are all changed to
(0.33,0,0.67)
Page 17
CSE Dept. of CUHK
March 2004
Trusted Routing Discovery:
Scenario II-A Stable TAODV MANET
• Trust relationships have been established among
almost all the nodes
• The values of uncertainty are getting smaller and
smaller
• The general procedures are as follows. (e.g. N2)
Page 18
CSE Dept. of CUHK
March 2004
Trusted Routing Discovery:
Scenario II-A Stable TAODV MANET
Page 19
CSE Dept. of CUHK
March 2004
Analysis
• Performance
– No need to perform cryptographic
computations in every packet
reducing computation overhead
– Trust recommendation messages and
routing table extension are simple
no introducing much routing overhead
Page 20
CSE Dept. of CUHK
March 2004
Analysis
• Security
– A malicious node will be finally denied from
the network and it’s opinion from other
nodes will be (0,1,0).
– When a bad node turns to be a good one,
it’s opinion in others will be changed from
(0,1,0) to (0,0,1) after expiry.
Page 21
CSE Dept. of CUHK
March 2004
Analysis
• Flexibility
– Each node is given more flexibility to define
its own opinion threshold.
– The default threshold is 0.5.
– For high level security requirement, the
threshold can be increased.
– For some non-critical applications, the
threshold can be decreased.
Page 22
CSE Dept. of CUHK
March 2004
Conclusion
• First approach to apply the idea of trust
model into the security solutions of MANETs.
• The trust among nodes can be quantified and
combined.
• TAODV is a secure routing protocol with
– Less computation overheads
– Not introducing much routing overheads
– Flexible security levels
Page 23
CSE Dept. of CUHK
March 2004
Future Work
• Optimize trusted routing discovery
algorithm
• Establish fast response mechanism
when being attacked
• Perform detailed simulation evaluation
Page 24
CSE Dept. of CUHK
March 2004