A trust evaluation framework in distributed networks: Vulnerability analysis and defense against attacks

Yan Lindsay Sun, Zue Han, Wei Yu, K.J. Ray Liu
2006 Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications  
The performance of distributed networks depends on collaboration among distributed entities. To enhance security in distributed networks, such as ad hoc networks, it is important to evaluate the trustworthiness of participating entities since trust is the major driving force for collaboration. In this paper, we present a framework to quantitatively measure trust, model trust propagation, and defend trust evaluation systems against malicious attacks. In particular, we address the fundamental
more » ... rstanding of trust, quantitative trust metrics, mathematical properties of trust, dynamic properties of trust, and trust models. The attacks against trust evaluation are identified and defense techniques are developed. The proposed trust evaluation system is employed in ad hoc networks for securing ad hoc routing and assisting malicious node detection. The implementation is fully distributed. Simulations show that the proposed system can significantly improve network throughput as well as effectively detect malicious behaviors in ad hoc networks. Further, extensive simulations are performed to illustrate various attacks and the effectiveness of the proposed defense techniques. Trust definition Although definitions and classifications of trust have been borrowed from the social science literature, there is no clear consensus on the definition of trust in computer networks. Trust has been interpreted as reputation, trusting opinion, probability [23], etc. Trust metrics Trust has been evaluated in very different ways. Some schemes employ linguistic descriptions of trust relationship, such as in PGP [18], PolicyMaker [11], distributed trust model [13], trust policy language [14], and SPKI/SDSI public-key infrastructure [12]. In some other schemes, continuous or discrete numerical values are assigned to measure the level of trustworthiness. For example, in [5], an entity's opinion about the trustworthiness of a certificate is described by a continuous value in [0, 1]. In [22], a 2-tuple in [0, 1] 2 describes the trust opinion. In [7], the metric is a triplet in [0, 1] 3 , where the elements in the triplet represent belief, disbelief, and uncertainty, respectively. In [13], discrete integer numbers are used. This full text paper was peer reviewed at the direction of IEEE Communications Society subject matter experts for publication in the Proceedings IEEE Infocom.
doi:10.1109/infocom.2006.154 dblp:conf/infocom/SunHYL06 fatcat:et7peezxzbeetllzsvbrsyt53y