1. 1 Trust Mechanisms in Ad Hoc Networks Azar Rahimi Dehaghani Lei Hu Trust and Security Case Study 2

2. 2 Outline Introduction to ad hoc networks Introduction to ad hoc networks Security issues in ad hoc networks Security issues in ad hoc networks Existing Security Solutions Existing Security Solutions Trust models Trust models Summary Summary

3. 3 Ad Hoc Networks Characteristics: Characteristics: –Temporarily formed –Nodes act as routers –Infrastructure-less –Limited resources –Shared wireless medium Applications: Applications: –Military battlefield networks – Personal Area Networks – Disaster and rescue operation – Peer to peer networks

4. 4 Ad Hoc Networks Routing protocols types: Routing protocols types: –Reactive routing protocols –Proactive routing protocols Leading protocols: Leading protocols: –DSR: Dynamic Source Routing –AODV: Ad hoc On-demand Distance Vector Routing

5. 5 Challenges in Ad Hoc Network The nodes are constantly mobile The nodes are constantly mobile The protocols implemented are co- operative in nature The protocols implemented are co- operative in nature There is a lack of a fixed infrastructure to collect audit data There is a lack of a fixed infrastructure to collect audit data No clear distinction between normalcy and anomaly in ad hoc networks No clear distinction between normalcy and anomaly in ad hoc networks

6. 6 Attacks on Ad Hoc Networks Passive attacks Passive attacks –Do not change the routing information –Listen to get valuable information Active attacks Active attacks –Use its energy to manipulate the routing information

7. 7 Active Attacks Modification: Modification: –Malicious node can modify routing information Fabrication: Fabrication: –Generating false routing message Impersonation: Impersonation: –Initiate attack by masquerading as another node

8. 8 Existing Security Solutions Intrusion prevention Intrusion prevention –Encryption, authentication Nodes are required to have pre-shared keys or digital certificates Nodes are required to have pre-shared keys or digital certificates Central trust authority or pre configuration is not practical for ad- hoc networks Central trust authority or pre configuration is not practical for ad- hoc networks

9. 9 Trust Model 1 Computes situational trust in agents based upon the general trust in the trustor and the importance of the situation Computes situational trust in agents based upon the general trust in the trustor and the importance of the situation 1.Trust derivation: the information that one node can gather about the other nodes in passive mode 2.Quantification: model represents trust in a continual range -1 to 1 signifying a continuous range from complete distrust to complete trust 3.Computation: involves an assignment of weights to the events that were monitored and quantified

10. 10 DSR Protocol On demand protocol: route information discovered only as needed On demand protocol: route information discovered only as needed Source routing: entire path to destination supplied by source in packet header Source routing: entire path to destination supplied by source in packet header Procedure: Procedure: –Route discovery –Route maintenance –Routing

11. 11 Route Discovery Route Request: Route Request: –Source broadcasts Route Request message for specified destination –Intermediate node adds itself to path in message and forwards message toward destination

12. 12 Route Discovery Route Reply: Route Reply: –Destination unicasts Route Reply message to source

13. 13 Route Maintenance Used when link breakage occurs Used when link breakage occurs –Link breakage may be detected using link-layer ACKs, “passive ACKs”, DSR ACK request –Route Error message sent to source of message being forwarded when break detected –Intermediate nodes “eavesdrop”, adjust cached routes –Source deletes route; tries another if one cached, or issues new Route Request

14. 14 DSR Based on Model 1 Trust derivation: Trust derivation: –Acknowledgements –Packet precision –Salvaging –Black lists Trust quantification: Trust quantification: –Quantizes the events and assigns weights to them Trust computation: Trust computation: –Determines aggregate trust level for a particular node

15. 15 Trust Model 2 Build trust manager on each node in the network Build trust manager on each node in the network Two components: Two components: –Monitoring module –Reputation handling module

16. 16 Monitoring Module Each node independently monitors its neighboring nodes packet forwarding activities Each node independently monitors its neighboring nodes packet forwarding activities It is related to the proportion of correctly forwarded packets to the total number of packets It is related to the proportion of correctly forwarded packets to the total number of packets

17. 17 Reputation Handling Module Reputation information collecting Reputation information collecting –Sensing –Recommendations Reputation information template Reputation information template Reputation information maintenance Reputation information maintenance Reputation rating Reputation rating

18. 18 Reputation Handling Module Reputation information collecting Reputation information collecting Reputation information template Reputation information template Reputation information maintenance Reputation information maintenance Reputation rating Reputation rating

19. 19 Reputation Handling Module Reputation information collecting Reputation information collecting Reputation information template Reputation information template Reputation information maintenance Reputation information maintenance Reputation rating Reputation rating

20. 20 Reputation Handling Module Reputation information collecting Reputation information collecting Reputation information template Reputation information template Reputation information maintenance Reputation information maintenance Reputation rating Reputation rating – –Proportion of correctly forwarded packets with respect to the total number of packets to be forwarded during a fixed time window

21. 21 Trust Model 3 Trust is defined based on the following factors: Trust is defined based on the following factors: –Experience statistics –Data value –Intrusion black list –Reference –Personal preference

22. 22 Secure Routing Based on Model 3

23. 23 Summary Trust in ad hoc networks can not be treated as a property of trusted systems but rather it is an assessment based on experience that is shared through networks of people Trust in ad hoc networks can not be treated as a property of trusted systems but rather it is an assessment based on experience that is shared through networks of people Hard-security cryptographic or certification mechanisms are not feasible Hard-security cryptographic or certification mechanisms are not feasible Confidence measures should be built dynamically based on effort/return mechanism Confidence measures should be built dynamically based on effort/return mechanism

24. 24 References 1. Asad Amir Pirzada, Chris McDonald: Establishing Trust In Pure Ad- hoc Networks. ACSC 2004, pp. 47-54, 2004. 2. Patrick Albers, Olivier Camp, Jean-Marc Percher, Bernard Jouga, Ludovic Mé, Ricardo Staciarini Puttini: Security in Ad Hoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches. Wireless Information Systems, pp. 1-12, 2002. 3. Yacine Rebahi, Vicente E. Mujica V, Dorgham Sisalem: A Reputation-Based Trust Mechanism for Ad Hoc Networks. ISCC 2005, pp. 37-42, 2005. 4. Yan Sun, Wei Yu, Zhu Han, K. J. Ray Liu: Trust Modeling and Evaluation in Ad Hoc Networks. Global Telecommunication Conference 2005. 5. Zheng Yan, Peng Zhang, Teemupekka Virtanen: Trust Evaluation Based Security Solution in Ad Hoc Networks. Proceedings of the Seventh Nordic Workshop on Secure IT Systems, 2003.

25. 25 Questions???