0% found this document useful (0 votes)
76 views10 pages

Gong, 2021

1) The document discusses the construction of a trusted routing scheme based on trust computation for self-organizing networks in the Internet of Things (IoT). 2) It aims to design a routing scheme that improves network efficiency by reducing the load on individual nodes and balancing the network load. 3) The proposed scheme evaluates nodes based on data transmission rate, transmission delay, and other operational factors to establish trust and select routing paths.

Uploaded by

Faisal Ali
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
76 views10 pages

Gong, 2021

1) The document discusses the construction of a trusted routing scheme based on trust computation for self-organizing networks in the Internet of Things (IoT). 2) It aims to design a routing scheme that improves network efficiency by reducing the load on individual nodes and balancing the network load. 3) The proposed scheme evaluates nodes based on data transmission rate, transmission delay, and other operational factors to establish trust and select routing paths.

Uploaded by

Faisal Ali
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 10

Hindawi

Wireless Communications and Mobile Computing


Volume 2021, Article ID 6657580, 10 pages
https://doi.org/10.1155/2021/6657580

Research Article
Construction of Trusted Routing Based on Trust Computation

Bei Gong , Jingxuan Zhu , and Yubo Wang


Faculty of Information Technology, Beijing University of Technology, Beijing 100124, China

Correspondence should be addressed to Yubo Wang; [email protected]

Received 24 December 2020; Revised 2 February 2021; Accepted 23 March 2021; Published 19 April 2021

Academic Editor: Xiao Zhang

Copyright © 2021 Bei Gong et al. This is an open access article distributed under the Creative Commons Attribution License, which
permits unrestricted use, distribution, and reproduction in any medium, provided the original work is properly cited.

In the field of applied IoT, a large number of wireless sensor devices are tasked with data production and collection, providing IoT
subjects with a large amount of basic data to support top-level IoT applications. However, there is a considerable risk of being
attacked on such sensor networks that are organized in a wireless form. These relatively independent network devices have
extremely limited performance and lifetime, a problem that can be supplemented in a centralized network with base stations by
relying on the performance of the core nodes of the network, but in a decentralized self-organizing network, they can have a
serious adverse impact on the implementation of security solutions. Considering the fundamental nature of the data generated
by such end devices in IoT application services, the protection of their security is also directly related to the quality of upper
layer services provided. The main research result of this paper is the design of a trust routing scheme for self-organizing
networks. The scheme is based on a comprehensive evaluation of data transmission rate, transmission delay, and other factors
related to the operation status of the self-organized network and improves the efficiency of the overall work of the self-organized
network by reducing the performance consumption of individual nodes of the self-organized network and balancing the
network load.

1. Introduction IoT. The dependence of the IoT on the Internet and the lack
of basic security technologies make the overall security of the
With the popularization and development of Internet tech- IoT a serious threat at the same time as the rapid develop-
nology, the old Internet infrastructure services gradually fail ment of the IoT application technology. This threat is
to meet the demand for Internet application services. As a reflected, on the one hand, in the fact that low-protection
form of network connection between network data and ser- IoT terminal devices are more likely to be affected by network
vice devices, the deep connection to users and network attacks, and on the other hand, when a large number of low-
devices and a wide range of application scenarios make Inter- protection devices with network data transmission capabili-
net of Things (IoT) technology an important way to develop ties are controlled by a network attacker, the attacker can
network services. And based on the development of mobile use this as a basis to further expand the threat of network
terminal technology, the field of IoT technology has gradu- attacks.
ally emerged as a new development direction represented According to the predictions [1] made by Cisco, a leading
by mobile Internet-built mobile IoT technology, with more provider of network equipment and services, regarding the
emphasis on the flexibility of IoT devices in deployment, data transmission during the operation of global networks,
management, use, and other aspects. Therefore, mobile IoT using 2018 statistics as a basis, Cisco believes that the number
technology has been developed by many Internet-developed of data network users worldwide will increase 51% by 2023
countries as the next stage of important development goals from 3.9 billion in 2018, while there will be 29.3 billion
and direction and to a large number of human and financial network devices connected to the global Internet, in which
investment. the development of IoT technology has played an important
With the advancement of the technology and the applica- role. In the forecast data, M2M devices [2], which are repre-
tion process, some new issues are emerging around mobile sentative of IoT devices with services covering multiple
2 Wireless Communications and Mobile Computing

applications such as smart towns, smart grids, smart climate possible to obtain an assessment of the changes in the overall
management, smart shopping, and smart picking, will security situation of the network and to detect security events
account for more than 50% of the total network devices, in the network. In the Internet of Things (IoT), which simul-
making them a major component of global network connec- taneously has multiple characteristics of wireless transmis-
tivity. Such rapid network growth in the good direction will sion networks, social networks, and P2P networks [10],
promote new concepts such as social IoT (SIoT) [3], which trust models are well suited to guide the overall operation
shares services over the Internet, while in the bad direction of the network by describing its interactive behavior. For a
will lead to a rapid increase in attacks against network devices self-organizing network at the end of the Internet of Things,
occurring in the network, with a 39% increase in DDoS the process can be described as some members acting socially
attacks alone globally between 2018 and 2019 [1]. In 2016, to provide or request services from other members. A class of
the Mirai malware contaminated about 2.5 million endpoint trust protocols such as [11–15] has emerged during research
devices and used them to carry out further network attacks and development on self-organizing network security at the
[4]. A botnet malware attack called Dark Nexus, spanning end of the Internet of Things (IoT). It is built on basic trusted
China, Thailand, Brazil, South Korea, and Russia in a reverse security techniques, but the trust calculation process is com-
proxy fashion, was also seen in April 2020 [5]. As a direct plex and difficult to apply in sensor mobile self-organizing
result of these problems, the applications built on the IoT networks. And social network trust protocols such as [16–
infrastructure framework cannot guarantee the security and 18] introduce social network relationships in trust manage-
reliability of their application services. They also indirectly ment and enhance network security, but still fail to consider
affect the reliable operation of other networks, as controlled network operation efficiency well and lack countermeasures
IoT devices can be used to launch new network attacks. This related to the spatial location change of sensing devices.
risk poses a significant threat to IoT technologies, which rely In terms of trusted route establishment, the security-
on extensive data collection and remote interaction, with aware ad hoc routing (SAR) [19] scheme designed by
extremely high data transmission reliability requirements. Sherchan et al. provides basic route discovery and route secu-
This explosive growth accompanied by elevated industry risk rity for the route establishment problem in a wireless self-
requires effective countermeasures to be taken in order for organizing network environment. It designed a node trust
mobile IoT application technology to achieve long-term level management mechanism to evaluate the security of
growth [6]. network nodes in the region. However, the complex com-
In order to establish a secure and effective data transmis- putational process associated with secure schemes based
sion mechanism in the Internet of Things (IoT), which guar- on encryption and decryption algorithms can lead to degra-
antees the security of data transmission while reducing the dation of internode transmission performance, which is
additional performance impact generated, this paper designs unacceptable in sensor networks with relatively limited
a wireless router establishment scheme based on distributed computational resources and energy.
trust assessment. Firstly, a feasible data collection and trust The CENtralized Trust-based Efficient Routing (CEN-
assessment model is designed for the operating environment TERA) protocol [20] designed by Yi et al. uses authentication
of the wireless self-organized network of IoT in order to real- as the basis of trust and establishes a trust assessment for net-
ize the conversion from network state to quantitative trust work nodes based on their forwarding situation. It performs
assessment results. Then, based on the results of such a trust the trust evaluation process and trust-based node state dis-
assessment, a set of route establishment schemes based on crimination and malicious node quarantine through a base
trust assessment is designed in combination with path length, station designed in the solution. The trusted state of the node
transmission delay, and other metrics related to the network obtained from the forwarding case can be directly associated
routing process. And a corresponding information mainte- with the data forwarding process of routing, and the message
nance mechanism to maintain and respond to network state and authentication computation, which is less expensive than
changes is designed. the encryption and decryption computation, can also be used
to protect the security of the message as it is propagated.
2. Related Work However, the scheme’s dependence on a base station prevents
it from being directly applied to a self-organizing network of
Trust-based security is a new way of providing security with- sensor devices. Also, such a centralized trust management
out using cryptography approaches [7] and can effectively model has a certain degree of lag in the feedback control
perform node anomaly behavior detection and overall net- process.
work situational awareness tasks in an IoT environment. In Based on existing research results related to trust models
terms of efficiency, avoiding or to some extent reducing the and trusted routing schemes, and taking into account the
additional overhead in the execution of target devices for network situation of sensor self-organizing networks, this
security through trusted security is also more suitable for paper designs a routing scheme, including a self-organizing
use on IoT devices with limited resources. Trust in the field network trust assessment model, a trust-based routing
of wireless communication networks may be defined as the scheme, and continuous maintenance of routing informa-
degree of reliability of other nodes performing actions [8, tion. Compared with the above scheme, this proposal focuses
9]. By evaluating this degree of reliability, it is possible to gain on the application of trustworthy evaluation in distributed
an understanding of the operation of each object in the net- scenarios and the application of encryption algorithms in
work, and through the process of evaluating the trust, it is the network of IoT end devices
Wireless Communications and Mobile Computing 3

3. Trust Assessment Model state parameters Lns , the network state quantization evalua-
tion function qaðÞ, and the network state evaluation weights
The design goal of the scheme is to address the problem of W ns :Lns ½pno, parno containing multidimensional opera-
route security in sensor self-organizing networks. In the rout- tional state data collected by node A for other nodes. The
ing process, the core interaction is the transmission of data function qaðÞ describes the algorithm for quantitative evalu-
over the wireless medium, and the scheme divides this trans- ation of each dimension of data in Lns :W ns ½parno which
mission process into two stages: route discovery and data contains the calculated weights of the results of the quantita-
relay. The route discovery stage is the network establishment tive assessment of each state parameter in node A in the com-
stage, where devices exchange routing information several prehensive trust assessment process. In summary, as an
times to establish a basic data framework for the self- example of direct trust assessment of the m-dimension of
organizing network topology. In the data relay stage, the sen- node A on node B, the direct trust assessment function can
sor dynamically carries out multiple relay node selection pro- be expressed as
cesses on multiple nonrepeating sensor devices according to
the routing information established in the previous stage to m  
complete the transmission of data from the source device to DT = dtaðpB Þ = 〠 W nsi qa Lns ½B,i : ð1Þ
the destination device. i=1
The trust assessment model in this scheme consists of
three parts: trust model, trust data acquisition, and trust On this basis, it is only necessary to unify the dimensional
maintenance. The trust model describes the overall process composition of the network state parameter list and the net-
of assessing the trustworthiness of a node, including a quanti- work state quantization evaluation function within a self-
tative assessment of data related to the operational state of the organized network to obtain a relatively uniform standard
network and a computational scheme for obtaining standard of direct trust evaluation data to support the subsequent trust
comprehensive trust assessment results based on the quantita- evaluation process.
tive assessment. Trust data acquisition describes the way
nodes acquire raw data in the trust assessment process, as well 3.1.2. Indirect Trust Assessment. In the model, the indirect
as the process of authenticating and assessing the trustworthi- trust assessments correspond to the trust calculations based
ness of the data itself. Trust maintenance describes a scheme on the results of other node trust assessments above. In the
for maintaining the validity of a self-organized network trust process of trust assessment of nodes, due to differences in
state by controlling trust assessment behavior and responding the level of interaction and spatial distribution between
to security events that occur during operation. nodes, in a relatively large self-organized network, the data
obtained by a node through direct data collection and the
3.1. Trust Model. The design of the scheme’s trust model is corresponding direct trust assessment results are only effec-
primarily used to describe the method by which nodes evalu- tive in reflecting the actual operational status of a small num-
ate the process of data exchange between the network envi- ber of nodes. For other (typically spatially distant) nodes, the
ronments in which they are located, i.e., with other network results of the trust assessment need to be corrected by indi-
nodes. In general, this evaluation process can be described rect data. This indirect data can be raw network state data
as the evaluation and quantification of the data transmission collected by other nodes or direct trust assessment results
rate, data transmission delay, and other parameters by a node computed by other nodes that have not been corrected for
in a self-organized network to calculate the comprehensive indirect trust. Using raw data avoids inconsistencies in trust
trust assessment value of other nodes in the same self- calculations due to differences in W ns settings or dynamic
organized network. adjustment of different nodes, but incurs a large additional
In the specific design, the scheme uses a distributed trust data transfer overhead. In this paper, an indirect evaluation
assessment approach for the decentralized self-organized approach based on the results of trust calculations is chosen
network of end devices. Suppose there are n network nodes for the actual application scenario characteristics of the ter-
p1 to pn in a self-organizing network M, a node p in a self- minal self-organizing network.
Assuming that there are two network nodes A and B in a
organizing network needs to autonomously complete a trust
self-organized network, the following steps need to be taken
assessment of all other n − 1 nodes, including the collection
in the process of indirect trust assessment of B by A. A first
of network state data and the results of other node trust
obtains direct trust assessment data DT from nodes other
assessments.
than itself and B. After getting DT, A needs to rely on the
indirect trust correction function itcðÞ according to the trust-
3.1.1. Direct Trust Assessment. As part of the trust model, the
worthiness of the data source to correct the DT passed by the
direct trust assessment corresponds to the trust calculation
node. A simple itcðÞ can be expressed as
based on the network state data described above; to complete
this computational process, this paper designs a direct trust
DTiB T B
evaluation function dtaðpÞ to quantify the network behavior itcðDT, T Þ = : ð2Þ
of the target node. Suppose there are two network nodes A ∑in−2 T i
and B in a self-organizing network, and node A has to per-
form a direct trust assessment on node B. In this process, Also, node A needs to rely on the indirect trust validity
node A needs to obtain the following data: the list of network function itvðÞ to evaluate the data validity of the data source
4 Wireless Communications and Mobile Computing

node. For example, a simple itvðÞ based on the distance of the ted by node A needs to pass through the A-B-C transmission
network topology can be expressed in the following form: path. In this scheme, when A sends a data frame X with des-
tination address C to B, the data sending status SS = fAs ,
itvðDT, pi , pB Þ = DTiB Disði, BÞ, ð3Þ Ad , H, S, T send g needs to be recorded, where As is the source
address and Ad is the destination address, H is the data check
where the result of Disði, BÞ is the value corresponding to the value, and S is the data frame load size and stores each
distance from i to B in the standardized vector of the inverse recorded SS in a data send status list Lss . The state informa-
correlation dataset of topological distances. Although both tion used for trust assessment is thus obtained through main-
itcðÞ and itvðÞ are used to calibrate the acquired DTs, itcðÞ tenance of the Lss in two main ways: one of them is the
primarily deals with the node’s level of trust, i.e., the effect timeout record, where A deletes the timeout record and
of the node’s past behavior on the validity of its DT data, records it as a data transfer timeout event by scanning the
while itvðÞ is used to balance the computational bias of the Lss at regular intervals and calculating the difference between
data affected by the validity of the original data itself used the current time and T send and comparing it with the preset
by the source node to compute the direct trust. Together, timeout threshold T ′ . Its second is forwarding confirmation
the calculations of itcðÞ and itvðÞ determine the weight of B, which operates normally during the usual data transfer,
the different sources of direct trust in the final indirect trust and should forward X to C after receiving X. Since the data
value. In summary, the function of indirect trust assessment is transmitted wirelessly, A, which is also in the transmission
of node A on node B in a self-organizing network containing range of B, will receive an X from B as well. At this point,
n nodes is described as node A does not directly discard X but records the received
information RS = fAs , Ad , H, S, T reci g about X again. After
n−2 completing the recording of the RS, A cross-referenced the
IT = itaðpB Þ = 〠 itvðitcðDTiB , T B Þ, pi , pB Þ: ð4Þ RS with the SS in Lss . If no corresponding entry is deleted,
i=1 and if it exists, the difference between T reci and T send is
recorded as the transmission delay for this data transfer. A
The calculation of the indirect trust value reduces the successful data transfer event is recorded and the corre-
large fluctuations of the trust assessment results within self- sponding entry in Lss is deleted.
organized networks at low data traffic, while resisting some For another part of the data, such as the routing informa-
trust spoofing. tion of neighboring nodes and the transmission bandwidth of
Composite trust calculation value of nodes T c = W d DT the data link, limitations due to issues such as network trans-
+ W i IT. mission efficiency cannot be obtained through active condi-
tion monitoring or operational testing. However, if their
3.2. Trust Data Acquisition. The trust model, as an important data changes are used as some kind of security event trigger-
basis for trust assessment, establishes uniform standards and ing mechanism, an incident response mechanism can be
methods for assessing trust and determines the mode of reached despite the inability to identify the specific source
operation of the trust assessment. However, status data itself of the problem. On this premise, it is only necessary to estab-
still remains an important factor in determining the validity lish a secure information sharing mechanism within the self-
of trust assessment results. The ability to obtain more valu- organized network and use signature authentication for key
able data during the operation of a self-organizing network information, where the signature authentication only needs
determines the outcome of the trust assessment and the sub- to ensure security in a short period of time due to the high
sequent correctness of route establishment. The value timeliness of the state information; in the event of a security
referred to here includes attributes such as timeliness, truth- incident, information can be shared and cross-referenced to
fulness, and objectivity of the data. The present scheme identify the problem and then traced back to the source of
therefore devises a number of methods in the trust data the problem based on data signatures.
acquisition section to assess the above attributes in addition
to methods for obtaining relevant data for trust assessment. 3.3. Trust Maintenance. The scheme uses a dual event- and
Since this paper focuses on the route establishment prob- time-driven trust update model. In the general mode, the
lem during data transmission, this scheme chooses wireless trust value is updated periodically based on the results of sta-
transmission as the main way for self-organizing nodes to tistical analysis of data and historical data within a certain
obtain state data. The wireless data transmission process period of time, and at the same time, a number of self-
can be described simply as a node listening for data frames organized network management events will trigger the trust
in the wireless medium, retaining the data to be processed update, in order to respond effectively in the event of rela-
and discarding other data frames. The scheme builds on this tively specific network security events.
process by performing further analytical processing of data Time-driven periodic trust updates in the scheme are
frames that should have been discarded to obtain basic net- used as a routine maintenance method for the self-
work state data. The acquisition process can be described as organized network trust status, and their main task is to
follows. Suppose there are nodes A, B, and C in a self- assess the impact of recent network behavior of self-
organized network, and node A and node C need to complete organizing equipment within a specific time frame and in
data transmission through node B due to wireless data prop- accordance with the design requirements. The main assess-
agation distance limitation. In this process, the data transmit- ment functions include the following: Node Trust Update
Wireless Communications and Mobile Computing 5

Periodic Function ucðÞ, Node Trust Update Function tuðÞ, node and the gateway node to find transmission breakpoints
and parameter selection functions for trust updates. ucðÞ and adjust their trust state as well as the data records in the
describes the process of calculating the trust update cycle associated node.
UC and, to some extent, reflects the effective time of the cur- Trust threshold events are initiated by each node itself.
rent trust state. The calculation needs to correlate the current For a node based on the preset node direct trust thresholds,
overall trust, the raw data, and the previous update interval. when the node is found to exist in the operation of a section
The function is described as follows: UC = ucðT cur , T his , UCÞ of the direct trust, the calculation value is lower than the pre-
= W T ðT cur − T his Þ/UC + UCb . Adjust the size of the trust set value (including the direct trust caused by the communi-
update interval based on trust trends to balance the overhead cation changes in monitoring the decline in trust) for a
caused by trust updates with the corresponding delays. The number of parameters and data related to trust calculations,
Node Trust Update Function focuses on the relationship including W d , W i , and other trust weights and calculated
between the current trust value and the historical trust value. values in HD to be corrected, and triggers a trust update.
Based on the trust update interval, the effective time of the
historical trust value can be used as its impact weight on
the current trust state when calculating a new trust value to 4. Route Establishment
avoid sharp fluctuations in the trust value. Trust assessment 4.1. Routing Algorithm. The routing establishment process in
results this scheme takes the comprehensive trust value output from
the trust model as the main parameter, and each sensor node
len
UCi T i within the self-organized network takes its own direct route
T = tuðHD, T n Þ = W h 〠 + WnT n: ð5Þ as the information basis. The scope of the routing table is
i=1 UCt
gradually extended by exchanging routing information
between nodes several times and eventually reaching full
W h and W i are the weights of the historical trust value reachability with the internal self-organizing network.
and the current trust value, respectively. The historical trust Self-organized networks are described in the scheme as a
value HD consists of several sets of historical trust value graphical data structure G = ðV, E, WÞ. The routing model
records and a composite value for the corresponding update
G ′ = ðV, ER , TÞ, which is built on top of the network topol-
interval. Here, the update interval is not the actual update
ogy, is a directed graph belonging to G. V is the set of points
interval time but a calculated value maintained by the trust
update module in relation to the actual update interval. This of G ′ , a collection of nodes in a self-organizing network,
computed value gradually decreases with each trust update p1 ⋯ pn ∈ V. ER is the edge set of G ′ , which is every
event until it falls below a preset threshold and is removed single-hop routing path in the routing model Rða, bÞ ∈ ER ,
from the computed sequence. a ∈ V, b ∈ V, a ≠ b. T is the edge weight of G ′ , which is
The scheme also includes a trust update mechanism with the path selection weight computed in the routing model
security event triggers on top of the periodic updates. As based on node trust, path state, and so on. On this basis,
mentioned in the periodic update, the scheme designs corre- a trusted route path can be described by an ordered set of
lation functions for reducing the additional overhead caused nodes LN = ½p1 , p2 , ⋯, pn  between the starting node and
by large fluctuations in trust during system operation, but the target node. The process of establishing such a trusted
this also reduces the responsiveness of the model. Due to routing path is based on the calculation and selection of
slower trust changes, it may take longer to dispose of the path selection weights T. The calculation of T has been
anomalous behavior nodes when they appear in the system. described in the trust model in Section 3. Each node needs
In order to reduce such occurrences, there is a need to a route score Rs , which is calculated by combining the T,
establish additional trust renewal mechanisms that are trig- route distance, and other factors of the path nodes, as the
gered by unforeseen events. The scheme monitors both basis for route selection. The route scoring function rscðÞ
communication changes and trust threshold events in its is as follows: Rs = rscðT, L, DÞ = wt T + wL L + wd D. It can
implementation. be seen that Rs is calculated from the weighted sum of node
Communication change monitoring is achieved by mon- trust value T, route distance score L, and transmission
itoring changes in data traffic. As the data production side, delay score D. The routing distance and transmission delay
the self-organizing gateway will receive relatively stable data are statistical quantities that require a scoring function such
uploads from all other nodes in the self-organizing network as L = ðRl w + w2 Þ/Rl to unify with the T numerical standard.
during the effective operation of the self-organizing network. The calculation weights wt , wL , wd need to be set according
Therefore, when a gateway node finds that a sensor node has to the needs of the route calculation process. Higher values
not uploaded data for a long period of time, there is a high of wt increase the sensitivity of the route establishment pro-
probability that the node data transmission will be inter- cess to changes in self-organized network security conditions
rupted or the node will go offline in the network. The pro- and maintain good data transmission quality. A higher value
gram responds in the following ways. First, it will confirm of wL can reduce the number of forwardings per unit of data
whether the target node is out of the current self-organized in a self-organized network, which helps to reduce the overall
network by collecting direct route information for each node data transmission overhead in the network and extend the
and stop responding if the node is normally offline. Other- effective running time. And for wd , this scheme already
wise, data transfer tests will be conducted between the target includes an evaluation of the transmission delay in the
6 Wireless Communications and Mobile Computing

A E

B G
D

Figure 1: Network topology.

calculation of T. Here, wd is added only as a run parameter ing node. First, A obtains a comprehensive trust
that is closely associated with the routing process, in order assessment T B of B from the trust data and then uses
to reduce the coupling of the dynamic configuration of the the path length of the route entry R of B as the path
route selection and trust evaluation process and to increase trust weight and combines the route trust value in R
the flexibility of the scheme configuration. wd can be set to with T B to obtain the route trust value T for A
a lower value if there are no special requirements for data through B to F. The new route distance and delay
transmission delay. are also calculated accordingly. Finally, node A calcu-
lates the route score through B to F based on the
4.2. Route Establishment Process. The route establishment newly acquired T, L, and D.
process described in this paper proceeds on the basis of a
hypothetical network topology. Suppose there are 7 nodes (4) When node A receives all of the rer response data, it
in the self-organized network, and the network topology is records the route path with the route score and
shown in Figure 1. Assume that the self-organized network selects the route entry with the high route score as
has been running for some time and that each node in the the path to send data to F to complete the route estab-
network has the list of self-organized nodes and the com- lishment, as shown in Figure 4. Further screening
puted trust list. At this point, node A in the network is send- conditions may need to be established during the
ing data to node F. The route selection process is described as selection process to improve the quality of network
follows: data transmission. As in this scheme, if the allowable
lower limit of the route trust value is set, this route
(1) A finds out if there is a route entry to F in the list of path is directly discarded when the T-value of the
existing routes and selects the path with the best existing route entry is below a preset threshold to
route score to send if the corresponding route entry avoid the security risk associated with a low-trust
exists. If it does not exist, A needs to send a route path.
establishment request rer to its neighbor nodes (i.e.,
all nodes that can establish a direct route). The rer 4.3. Route Maintenance during Data Transmission. Once the
includes the necessary data such as source node A route list is established, the node already has the ability to
and destination node F, and the transmission path complete the data transfer, but as with the trust evaluation
is shown in Figure 2. process, the node’s route list is also time-sensitive. Therefore,
a route maintenance and update mechanism is necessary to
maintain the trusted state of the route. Route maintenance
in this scheme relies on the triggering of routing-related state
(2) The node receiving the rer responds to the request changes, specifically trust state changes, route path changes,
and looks up the route entry to node F in the local and relay node state changes.
route list. If present, it sends the corresponding route
entry to the rer source and ends the response. If not, it 4.3.1. Trust State Changes. Trust state changes are routing
sends the rer in the same manner as in (1). Note that updates that result after a periodic or event-triggered change
nodes responding to rer need to avoid responding in a node’s trust value. In this case, the node needs to correct
repeatedly to the same source node and destination the current route list based on the new trust data for the
node rer to avoid possible routing loop problems. route’s trust value and composite score and reselect the pre-
Figure 3 shows the response of the rer sent by node C. ferred route.

4.3.2. Route Path Changes. Route path changes are routing


updates that result when a node’s direct route changes, where
(3) After the node receives a response from a neighbor the change can be a direct route change due to a neighbor
node, it needs to perform the following calculations: node going offline or a route change due to path blocking
let A be the sending node of rer and B be the respond- triggered by a trust value below a threshold.
Wireless Communications and Mobile Computing 7

A E

B G
D

rer:

Figure 2: rer transmission path.

A E

B G
D

rer:
rer response:

Figure 3: rer response.

A E

B G
D

Route A to F

Figure 4: Route path.

4.3.3. Relay Node State Changes. Relay node state changes are 5. Performance
the routing updates that result from changes in the routing
list of a relay node. After a node within the self-organized In this section, the actual performance of the proposed
network (set this node to A) updates its route list, A broad- scheme is tested, including the execution of the model under
casts this route change to its neighbor nodes. If the node B different parameters and the performance of the model
that receives the information meets the following conditions, against different forms of network attacks. The experimental
the routing table contains the route through A and when environment and data settings other than those described
other alternative routes exist in the routing table. B needs to within this section are based on the results of runs of other
recalculate the route scores for routes passing through A associated experiments in the laboratory, and a detailed
and update the routing table if a route entry priority change description of these is of little relevance to the main content
occurs. of this paper and can be considered as initial run parameters
8 Wireless Communications and Mobile Computing

1 1
Receive rate

Receive rate
0.8
0 50 100 150 200
Ticks 0.8
0 50 100 150 200
w1 = 0.7 w2 = 0.3 Ticks
w1 = 0.5 w2 = 0.5
w1 = 0.3 w2 = 0.5 Response conditions 1
Response conditions 2
Figure 5: Different W d and W i . Response conditions 3

Figure 6: Different response conditions.


set randomly within a certain range, with no significant effect
on the experimental results. 0.9
Figure 5 shows the effect of direct and indirect trust on 0.8
the change in the overall receive rate of the network during 0.7
the composite trust calculation process. w1 and w2 corre-
Average node trust

spond to the direct trust value weights W d and indirect trust 0.6
value weights W i , respectively, in the trust model when cal- 0.5
culating T c . Based on the analysis of the changing patterns 0.4
of the receive rate curves under different parameter configu-
0.3
rations, it can be concluded that the higher the direct trust
value weights the faster the corresponding rate of composite 0.2
trust, but the slower trust propagation will lead to a lower rate 0.1
of its long-term receive rate increase, holding all other 0
parameters constant. The higher the indirect trust value, 0 100 200 300 400
the faster the trust spreads, but a more severe reduction in Ticks
receive rate may occur in the short term.
Figure 6 shows the trend of network data transmission Normal node
Misbehaving node
rates for different response conditions. The response condi-
tions are of a relatively simple threshold type, where the three Figure 7: Message alteration attacks.
curves correspond to the overall data transmission rate from
within the group network at threshold values of 0.4, 0.3, and
0.25. By comparison, it can be intuitively understood that the means that Response conditions 3 have paid a lot of comput-
higher the threshold, the more likely the security response is ing cost but have no actual effect compared with Response
to be triggered, which also makes the node faster to respond conditions 2. Therefore, it can be understood that the
to unexpected security events accordingly. The lower the response condition setting needs to be adjusted according
threshold, the more difficult it is to trigger a security response to the basic operation of the network, and too high or too
and the slower the node’s corresponding response to unex- low of the trigger conditions will cause the efficiency and
pected security events. However, it should be noted that if stability of the network to decline.
we take the curve of Response conditions 2 as a reference, Figure 7 shows the trend of trust changes when the
the corresponding curve of Response conditions 3 is not scheme responds to message alteration attacks, where the
much different from Response conditions 2 in speed com- vertical coordinate is the mean of the composite trust value
pared with Response conditions 1, but the number of emer- for the corresponding type of node in the self-organized net-
gency responses triggered by Response conditions 3 is work and the horizontal coordinate is the time passed since
much higher than that triggered by Response conditions 2 the attack occurred in the self-organized network. From the
because it is closer to the initial value of the node trust, which change of the two lines corresponding to the normal node
Wireless Communications and Mobile Computing 9

0.9 changes its own behavior, causing confusion in the node trust
0.8 assessment process. It can be seen that the network’s receive
rate drops within a short period of time after an attack is
0.7
developed but then rises rapidly when other nodes respond
Average node trust

0.6 accordingly. This makes low-frequency attacks have less


0.5 impact on the overall operation of the network, while high-
0.4 frequency attacks are distinguished as misbehaving nodes
0.3 and isolated, thus limiting the effectiveness of on-off attacks.
0.2
6. Conclusion
0.1
0 In sensor self-organized networks, the lack of high-
0 50 100 150 200 250 300 350 400 performance base station nodes and the performance limita-
Ticks tions of each network node make it impossible to effectively
Normal node implement information security techniques that rely on
Misbehaving node encryption and signatures. It is necessary to provide security
to the sensor nodes with minimal reliance on encryption and
Figure 8: Badmouth attack. decryption operations. The trust-based trusted routing
scheme designed in this paper establishes a more compre-
1 hensive and effective trust evaluation system within the
self-organizing network through distributed trust evaluation.
In terms of energy consumption, the distributed trust evalu-
ation and the passive data collection approach share the con-
sumption of trust computation among the self-organizing
network nodes while reducing the additional overhead
incurred in the trust evaluation phase. And the mode of
Receive rate

adjusting the path selection based on node energy consump-


tion also partially achieves load balancing of data transmis-
sion among the self-organizing network nodes. And the
effectiveness of the attack form of trust spoofing is reduced
by an integrated trust computation with multiple trust
sources. The trust and routing distance based routing scheme
allows self-organizing networks to efficiently perform the
0.8 discovery and isolation process on misbehaving nodes
0 150 300 450 600 completely autonomously, achieving automatic response
Ticks and effective disposal of multiple forms of network attacks.
Nevertheless, the lightweight design of this solution provides
Figure 9: On-off attack. limited protection against Blackhole, Sybil, and other forms
of attacks on the sensor self-organizing network.
and the misbehaving node, we can see that after the misbe-
having node in a self-organized network attacks and affects Data Availability
the data transmission in the network, the trust evaluation of
other nodes in the self-organized network decreases rapidly, Data sharing is not applicable to this article as no new data
which is significantly different from the trust value of other were created or analyzed in this study.
normal nodes.
Figure 8 shows the trend of trust changes in the pro- Conflicts of Interest
gram’s response to the badmouth attack. The model’s trust
assessment produces large fluctuations when there are mis- The authors declare that there are no conflicts of interest
behaving nodes in the self-organizing network that provide regarding the publication of this paper.
erroneous trust data. However, through the handling of the
trust model in the scheme, this trust fluctuation does not Acknowledgments
affect the distinction between misbehaving nodes and normal
nodes when the number of misbehaving nodes in the net- This work was supported by the National Key Research and
work is not dominant. Development Project under grant 2019YFB2102303.
Figure 9 shows the trend in the receipt rate of the pro-
gram in response to an on-off attack, where the vertical coor- References
dinate is the receive rate of the overall data from the self-
organized network and the horizontal coordinate is the time [1] “Cisco annual internet report (2018–2023) white paper,”
since the attack occurred. The misbehaving node periodically https://www.cisco.com/c/en/us/solutions/collateral/executive-
10 Wireless Communications and Mobile Computing

perspectives/annual-internet-report/white-paper-c11-741490 Conference on Privacy, Security, Risk and Trust and 2011 IEEE
.html. Third International Conference on Social Computing, pp. 418–
[2] R. Mehta, J. Sahni, and K. Khanna, “Internet of things: vision, 424, Boston, MA, USA, 2011.
applications and challenges,” Procedia Computer Science, [18] W. Sherchan, S. Nepal, and C. Paris, “A survey of trust in social
vol. 132, pp. 1263–1269, 2018. networks,” ACM Computing Survey, vol. 45, no. 4, 2013.
[3] A.-S. K. Pathan, Z. M. Fadlullah, S. Choudhury, and [19] S. Yi, P. Naldurg, and R. Kravets, “A security-aware routing
M. Guerroumi, “Internet of things for smart living,” Wireless protocol for wireless ad hoc networks,” in Stochastic Analysis
Networks, 2019. in Discrete and Continuous Settings, Springer, 2002.
[4] R. Ande, B. Adebisi, M. Hammoudeh, and J. Saleem, “Internet [20] A. Tajeddine, A. Kayssi, A. Chehab, I. Elhajj, and W. Itani,
of things: evolution and technologies from a security perspec- “CENTERA: a centralized trust-based efficient routing proto-
tive,” Sustainable Cities and Society, vol. 54, 2020. col with authentication for wireless sensor networks,” Sensors,
[5] The Hacker News, “Dark Nexus: a new emerging IoT botnet vol. 15, no. 2, pp. 3299–3333, 2015.
ma l w a r e s p o t te d i n t h e w i l d , ” A p r i l 2 0 2 0 , h t t p s : / /
thehackernews.com/2020/04/darnexus-iot-ddos-botnet.html.
[6] G. J. Chen, Mobile Internet of Things: Business Model and Case
Analysis and Practical Application, Post & Telecom Press,
China, 2016.
[7] J. Cordasco and S. Wetzel, “Cryptographic versus trust-based
methods for MANET routing security,” Electronic Notes in
Theoretical Computer Science, vol. 197, no. 2, pp. 131–140,
2008.
[8] K. Govindan and P. Mohapatra, “Trust computations and
trust dynamics in mobile adhoc networks: a survey,” IEEE
Communication Surveys and Tutorials, vol. 14, no. 2,
pp. 279–298, 2012.
[9] Y. Yu, K. Li, W. Zhou, and P. Li, “Trust mechanisms in wire-
less sensor networks: attack analysis and countermeasures,”
Journal of Network and Computer Applications, vol. 35, no. 3,
pp. 867–880, 2012.
[10] J. Guo, I.-R. Chen, and J. J. P. Tsai, “A survey of trust compu-
tation models for service management in Internet of things
systems,” Computer Communications, vol. 97, pp. 1–14, 2017.
[11] J.-H. Cho, A. Swami, and I.-R. Chen, “A survey on trust man-
agement for mobile ad hoc networks,” IEEE Communications
Surveys & Tutorials, vol. 13, no. 4, pp. 562–583, 2011.
[12] F. Li and J. Wu, “Uncertainty modeling and reduction in
MANETs,” IEEE Transactions on Mobile Computing, vol. 9,
no. 7, pp. 1035–1048, 2010.
[13] W. Li, A. Joshi, and T. Finin, “Coping with node misbehaviors
in ad hoc networks: a multi-dimensional trust management
approach,” in 2010 Eleventh International Conference on
Mobile Data Management, pp. 85–94, Kansas City, USA, 2010.
[14] M. Raya, P. Papadimitratos, V. D. Gligor, and J.-P. Hubaux,
“On data-centric trust establishment in ephemeral ad hoc net-
works,” in IEEE INFOCOM 2008 - The 27th Conference on
Computer Communications, pp. 1238–1246, Phoenix, AZ,
USA, 2008.
[15] P. B. Velloso, R. P. Laufer, D. de O. Cunha, O. C. M. B. Duarte,
and G. Pujolle, “Trust management in mobile ad hoc networks
using a scalable maturity-based model,” IEEE Transactions on
Network and Service Management, vol. 7, no. 3, pp. 172–185,
2010.
[16] S. Adali, R. Escriva, M. K. Goldberg et al., “Measuring behav-
ioral trust in social networks,” in 2010 IEEE International Con-
ference on Intelligence and Security Informatics, pp. 150–152,
Vancouver, BC, Canada, 2010.
[17] T. DuBois, J. Golbeck, and A. Srinivasan, “Predicting trust and
distrust in social networks,” in 2011 IEEE Third International

You might also like