1. Trust and Reputation Based mechanisms for CIP Uniparthenope, UniRC, Polito (Fai della Paganella, 10-12 Febbraio 2014)

2. Objectives To enhance the cyber security of Wireless Sensor Networks (WSNs) deployed to protect CIs by exploiting Trust and Reputation Model based techniques – Intrusion Tolerance at the routing level

3. Security of WSNs WSNs have low computational resources and energy supply – Limit the number of exchanged messages – Limit the usage of cryptographic mechanisms WSNs are deployed in unattended, hostile, environments

4. Trust and Reputation A trust and reputation model is proposed to improve cyber defense. Say Node 3 wants to estimate trust and reputation perceived about Node 2: Node 3 estimates a trust score of Node 2 through a direct measure related to Node 2 Node 3 estimates a reputation score of Node 2 through indirect measurements, e.g. by observing the trust level perceived by Node 1 wrt Node 2

5. Attack Model: Sinkhole Attack Trust and reputation-based scores to ensure resilience against attacks such as sinkhole No attack Node 3 successfully attacks (BS = Base Station)

6. Trust and Reputation Model The model proposed acts as follows: 1.When Node 3 starts an attack, by pretending to have the best route toward destination, we need: 1.A reliable way to check if it is lying (to measure trust) 2.A way to share this information (to update neighbourns reputation) (BS = Base Station)

7. Test of Trustworthiness Assuming to have a routing protocol enabling parties authentication 1.Node 4 forces a ping through two alternate paths one of which includes the node under test 2.Node 4 chooses the route with lower round trip time 3.If the selected path does not use the tested node as gateway the trust level of node 3 is lowered – T 43 (t+1) = k* T 43 (t) k < 1 3

8. Reputation If a change in the trust level of node 3 is going to occour, node 4 forwards a feedback to each of the nodes in its neightbour list. Each node receiving the feedback accordingly corrects the reputation of node 3 – R i3 (t+1) = f(R i3 (t), ΔT 43 )

9. Intrusion Tolerance When a node must select a parent to reach the BS this evaluation will be based on: quality of the channel, trust level, and reputation level of the candidate node. – That is a Dependability function is evaluated for each candidate and the new parent will be the one with highest dependability value: For each j in N: D ij (t+1) = f(Q ij (t), T ij (t),R ij (t)) (N set of neighbours) The node j such that D ij (t+1) =Max(Dij(t+1)) is selected as the parent one

10. AODV Routing Protocol Ad hoc On Demand Distance Vector (AODV) is a standard routing protocol defined by RFC 3561 (http://www.ietf.org/rfc/rfc3561.txt) AODV is widely adopted e.g. in Bluetooth and Zigbee http://www.bluetooth.com/ http://www.zigbee.org/

11. Implementation A WSN was simulated through NS-3 NS3 is a command-line, open source (GNU GPL v2) network simulator Programming languages: C++, Python Different WSNs routing protocols are implemented such as Optimized Link State Routing Protocol (OLSR) and Ad hoc On Demand Distance Vector (AODV) http://www.nsnam.org/

12. Future Steps To complete implementation To test the effectiveness of the proposed model under different testbed configurations, and parameters tuning To extend the approach to manage other kind of attacks