论文研究 Autonomous Trust Construction Based on Local Reputation in Wireless Sensor
基于局部信誉的无线传感器网络的自治信任机制,徐媛,蒋嶷川,安全可靠的信任机制对于随机部署在一个开放、不安全环境中的传感器网络非常重要。通常,信任机制的建立是通过密码学或者证书交换国武技论文在线http:/www.paper.edu.cnand travel over the entire network in fact there are no mobile agents to travel over the entirenetwork in WSNS. Tanveer A Zia [6 proposes a desirable trust construction based on reputationthat refers to the rank of neighbors in terms of a trust vote. He addresses that vote value ofb in Awill be plus if the message sent from node b is the same as message sent from node a to B, andthe higher vote value, the better is the trust value. But the messages will not the same in twotransmission processes for time delay and interference with environments so that vote valuebecome inaccurateTherefore, we propose an autonomous trust construction based on local reputation(ATLr) forWSNS. In our mechanism, no centralized repository is required. Trust is established dependent onthe reputations of two interactive nodes. The reputation is closely associated with the number oftrust relationships. Each nodc manages and updates its trust relationships. Our mcthod avoids thcfederal fraud through recommendation by a node in [6, l l], and also reduces trouble to establishtrust via certificates exchangeThey must construct a reliable trust relationship that N; trusts N; when node i interacts withN. In this section, we will present how we construct trust relationshipsWe model wSNs as a directed multi-graph G(N,E), where N is a set of nodes and e is asct of labeled cdgs. Wc will makc somc dcfinition as followsNode Trust Sub-Graph NTGnod i denotes the trust relationships contained insense range of Ni in wireless sensor network. NTGrod i =Ni, Enod i'i, whereN;C N, which is a set of sensor nodes which have trust relationships with node Ni in itssense rangeEnod. i'C E, which denotes the relationships among the nodes in the Ni, and Enod i=N, Ndenotes that node m trusts node n in wireless sensor networkTrust Information TInod i is the information about trust relalionships owned bynode Ni. Tlnod i=(Tli.act, Tlipass , whereTli ac denotes thc activc information on trust relationships that N; trusts othcr nodcs activelyTipass denotes the passive information on relationships that N; is trusted by other nodespassivelyTInod denotes trust information of a node, which is associated with relationships establishedpreviously. It varies with the time. Tlnod is sparse and simple in the initial phase of the systemEach node stores its own Tlnod. TInod i is detained from NTGnod For example, we see that node nsonly memorizes the nodes which is in its area in Tlnods from NTGnodi. s, such as N4, No and N7 fromFig. 1. A node only constructs trust with nodes which is within its range and other nodes out ofrange will interact with it through multi-hopsFig 1. an instruction of area in which nodes construct trust and NTGnod in WSNs3国武技论文在线http:/www.paper.edu.cnTInod. i consists of Tliact and Ipass. So that reputation is associated with active and passivetrust relationships. In other words, the reputation of a node is connected with its in-degrees andout-degrees, which in-degree is equal to passive trust relationship in G(N, E). The number ofdegrees(in-degrees and out-degrees) immediately impacts on the reputation which is either highor low. So we define different definitions for them like trust degree and cooperation degree asTrust Degree TDnod i denotes in-degrees of node N; that is trusted by othenodes; it can be obtained from the NTGnod i, which also relate to the number of relationships inTI nass. TDnod i varies with time. TDalculated at time t as folloTDPnum. it is thc numbcr of in-dcgrccs owncd by nodc /i at timc t In othcr words, thcrc arc Tnum.i. tnodes to trust node Ni at that time. If we let Aset i t denote the set of nodes that trust the node ni, andBsetit be the set of nodes thal node N; trusts, A set ii l=Tum. i s which Aset. i I is the length of Aset iProd. i t is the probability of reliability that node Ni is trusted by other nodes in Ase i t at time t.There are many unsafe attacks in the WSNS, since node is deployed in open environments. If wedcfinc refk vi t as a rcflcctivc function of Ni, dcscribcd as followsrelL1, node N, is friendly in Ak→i:一t0, node ni is malicious in aMk∈Ais calculated as followsAset. rek→!Tnum L. ref k→Pnodi.‖AaWe reveal that the higher of pnod. i t, the better honorary of node N; owns from above equationmood.i, is the ratio of Tum it Lo all quantities ofrelationships in TInd i; so mnod it is denoted asfollows7‖Aa,‖+|B.e. i/In cquation (4), din. it denotes in-dcgrcc of nodc Ni, and dout. i t dcnotcs out-dcgrcc of m; attime t in Nl Gnod. i; moreover, din. i t=Ase i = mum, i t and dout. i t=Bsel.it=Cnum i.t. Equation(4 also can be written as followsnu.I.c.+Tnu.I.One node has already held its trust degrees when the network is initialized. However, wemake pnod 1.0=1 because we dont know which node is malicious initially. If we do not know themalicious node all the time TDnod i in equation( 1) is written as followTD-nod.TDnod. i is a factor of Ni reputation lo construct trust and stored in NTGnod i. With largerTDnod, it demonstrates that node has been trusted by more nodes; as a result it holds a highreputation and an important status in thc systcm. For its high reputation, othcr nodes trust it casilyTherefore, it has a higher probability to establish successfully trust relationships than one witheveCooperation Degree CDnod i is another factor of reputation, which denotesout-degrees of node Ni that trusts other nodes; it can be obtained from the NTGnodi t and also relateto the number of relationships in Tli act. CDnod i is diverse with time since Tli. act varies with timeCDnod. i at time t is denoted by CDnod i t as follows4国武技论文在线http:/www.paper.edu.cnCDp nod. inod. ic(7)Cumi, is the number of trust relationships in Tliact at time t, that is, there are Cnum.it nodes tobe trusted by node Ni at that time. If we also assume that Ase i. denotes the set of nodes that trustNi, and that Bser, i. r denotes the set of nodes that N trusts, Bset. i ,= Cnum.i similar to As e: iiITnum. i. shown in equation (1)Weo'nodit is the probability that nodc N is not dcccived by its cooperators in Bset.i t at timc tdefine refi-it as feedback of N/in Bset.i t, denoted as followsnode N is friendly in BmtMm: lir: imus n2p飞(8)Here. NICBset i t. nod. it is calculated as follows2l ret,ir→)i.1PetIInnod.i. is the ratio of Cnum. it in Bset.i. to all number of relationships in TInod i and denoted asfollowsB(10)Sincc Aset. i t= Tnum. i t and Bset.it=Mum.i 4, nnod. i. is also written as followsnrurn. tWe call it CDnod i because node Ni trusts others actively. It is asserted that plenty of nodeshavc bcen alrcady trusted by N; with largc CDnod i. In othcr word, N; has trusted a numbcr of nodesWith its large CDnod. i, N; would be deemed to no opinion so that it is able to trust other nodeseasily. CDuod has already stored in NTGnod when WSNS are initialized, along with Aset. i t and Bsel. i.We also make pnod. i 0=1 for no feedback of malicious nodes initiallyWe assume that node ni would like to interact with Ni: so Ni must be trustworthy We see thedirection of trust rclationship is that Ni trusts Nj in both NTGnod i and NTGnod Howcvcr, whatcondition is the trust relationship taken to construct successfully? Reputation consists of TDnod andCDnod, so that this relationship reputation is closely related lo CDnod i and TDnod j. We will delinea confidence function as the reputation criterion by CDnod and TDnod of nodesWe let Confidence function fi_i(t) denote the trust value of Ni about the relationship at time tthat N trusts N; fi, t) is dcfincd asf,()=F(CDm,(),TDm,()(12CDnod. i (t) and TDnod ( o) arc cquivalent of CDnod it and T/nod. i t as dcfinition 4 has dcfincdfi,(t)is also described as follows, according to definition 3 and definition 4I Beti()llAx.、(t)‖(13)1→,(t)=padA()|+‖B.a(t)‖+Pm‖Aa,()+1B1()Aset. i(t)is equivalent of Aset. it in f(0), similar to Bset. i(o, Aset. j(t)and Bset j( fi-(t) is savedby both active node N; and passive node N N saves the copy value as the verification to judgmentmalicious nodes later. We also call fi-iO confidence for short. Confidence fi+i(t) consists of twoparts. The first part is cooperation degree of Ni. N, trusts other nodes actively. So we only considerits CDnod. The second part is the trust degree of node Nj. Since Nj is trusted by Ni, we only need tocalculate its trust degrees inf(t)国武技论文在线http:/www.paper.edu.cnWe reveal that CDnod i and TDnod i denote the local reputation of node Ni. But the confidencefi t) denotes the reputation of two nodes, so that it is stored by both of nodes. However, in orderto have trust relationships built successfully, a trust threshold must be cautiously chose. We deemtrust relationships valid between the node N; and N. when fi;(t)2/. Obviously, the higherconfidence fi-(o) indicates that Ni is more trustworthy, and that trust relationship is easier to beestablish successfullyMorc trust relationships arc constructed successfully as long as we choose a propcr trustthreshold. When the wireless sensor networks are located initially, each node has already held itsown trust relationships and updates its informalion. At time t, therefore, we choose mean value ashe trust threshold for the herd mentality of each node, denoted by f. fi is calculated by the sinknodc and sent to cach nodc managcmcnt. TD and cD arc the avcragc of trust dcgrccs andcooperation degrees for the whole network. We assume that there are N(N>1) nodes deployedinitially, and at time t, TD and CD are calculated respectively as followsTDTD(1CD(15)The trust thres hold is calculated as followsf(t)=2 CD +TD CD,+TDWe deduce that TD=CD at the same time t, because the whole trust relationships in modelmeet Kirchhoffs law. Then trust threshold is written as follows(17Thus, trust relationship will be successful that node N; trusts N;, when f i-((>f (t)at time t(CDnod, TDnnd●N:(CDnt,IDmtAeat B(CIrca. 8Ase z Bser. 7)BNNIo(CDnod 10. TDnod '0ageistNg(CRedo. tdgN,(DAud. 6, TDnAselg Be9)Asez,, Bset 3)Act6 BFig. 2. an example of initialized sensor network that every node holds its own trust relationships that it trusts or istrustedFig 2 is a typical sensor network which has been initialized. Each node owns its TInod thatconsists of Tlact and Tlpass cxccpt for Ns and Ng. TInod s consists of Ti5 pass, So Ns has largccooperation degree. Similarly, Tnod s consists of Tl8act, thus Ns has the larger trust degree thanother nodes. And we calculate that TD=CD-1.6, as a result the trust threshold fo=0.8.We deduce that the NTGnod i contains all that are associated with reputation information, suchas:(CDnod i, TDnod i, Aset. i, Bse. i;. The local reputation of node Ni is denoted by its CDnod i and国武技论文在线http:/www.paper.edu.cnTDod. i, and the confidence f is also obtained from NTGS. Every node stores its respective TInod andfwhen the network is initialized. Trust relationship is constructed when f>/. And trust is onlyconstructed once and not reconstructed again when needed next time for the autonomy Each nodeconstructs trust with its neighbors on and on; therefore the global trust can be achieved finallHowever, the reputation and the relationships on one node elapse too, when it elapses fromthe networks. The associated confidence value stored by related nodes is set 0, too. Other nodesirrelevant to the lost node, can keep operation and construct the new global trust finallyNow, autonomous trust construction based on local reputation can be seen in Algorithm 1process of trust relation construction7) initialize the networksan interactive reguirement arriveget the two associated nodes N;, N that are about to2 establish trust relationship5) check the distance of two nodes diS: denotes the perception range of N;Get TInod. CDnoa i, TDod i, Asat. i, Bse, i/, anaNodi Clnod. j,Agct jthere has been a direct relation10)hold this relationshipcalculate trust threshold fget the Tlnod of the two associated nodes13lculate f()-F(CDnod i (t), TDnodi lt))construct the trust relationship16)17)construct trust via certificates exchangeupdate tlnodconstruct trust within each hop between Ni and20)N as the method we proposed222Trust construction is completed one by one; there is an interval between two relationshipsconstructed. Here we will define duration as time interval as followsDuration Dt is timc interval which starts at timc t when we build a rclationshipand ends at the time tt At before next relationship is established. The length of Dt, Dt, is equalto At; and Dt can be denoted by time interval (t, t+AtThe process to construct trust relation is a process of markov processWe assume that node n wants to construct trust with n at the moment t+At. therelevant parameters of node Ni and N; are CDnodi(t) TD,od. i(t), CDnod. t) and TDnod (t)at timeWe also assume that Xnod i(t)is the increment of TDnod. (t) and Nod. i (t)is the increment of CDnod (t)during Dt; similarly, Xnod. (4)and Nod t)are the increment of CDnod (t)and TDnod ( t) for node NiTherefore, the trust function fiit+Ar) for next time t+At can be written as belowf-(t+△1)=F(TDmd(t+△,CDad(t+△)(1We get TDrod i and CDnod; at moment t t At from above as followsTDnod. i ((+ At)-TDnod i (t)+ Nod. r)(19)CDnod (t+Ar)=CDnod (0)+Ynodit(20)Consequently, the equation(13 )can be written like thatfi=(t+At)=F(CDnod (t)+Nod O), IDnodi0+Xnod. t)(21)We see that from this equation (21) the confidence f-i at moment tt At has some to do with国武技论文在线http:/www.paper.edu.cntime t, rather than the time before t. As a result, the process to construct trust relation meets theMarkov processWe know that there has been a relationship constructed during Dt. TInod consists of Tact andTlpass so that the information status for node N; consists of two parts in Dt, denoted by S; and Si.inthe network as follows0de trusts w(22)some nodes (rustd hy N1, some nodes are trusted by NStatus owned by Node N; is either S; or Si during Dt. a trust relationship in Dt is one of statuscombinations of two nodes. If N; is expected to trust N;, the confidence fi(t+At)varies withdiverse combinations of S; and S; at moment t like [;=l, S;1), S;=1,S,=0, S=0, S;=1)iS =0, S=o). We know that some node is trusted by Ni at time t when Si-l, and also some nodetrusts N; as S;=l from expression(22)and (23). If some node is either Ni or Ni, there is no need toreinstitute trust relationship since they have constructed trust. But for N; or N, another node hasconstructed trust relation with N; (), rather than N,(N,). We will calculate confidence fi-i(+Ar)as followsfi (+Ar)=f (t+At)(Si, S;)=CD() Si+ TD()S(24)We assume that node nk has constructed trust relationship with N; at moment t; we only needto compare TDrod ((+At) with TDuod (0), because CDnod. t+At> CDnod (4), as S=l. AndTDnod (t+Ar)=TDnod DI S;, so that we only compare TDnod A(t) with TD(o according to S:. Thetrust is constructed successfully when TDnod. OS;> TDnod.(O; it can also be taken as a fastjudgment of trust constructionWhen Node n establish trust relationships with Ni, the confidence f(t is stored by both ofthem so that the confidence value is the same in node m, and w. However if either m or N; ismalicious to tamper fi, ( t)stored in it, their confidences are no longer equal to each other. Withthese trust confidence value. we can detect who and where the malicious node is. Hence. wepropose a fccdback mcchanism to judge whether or not a nodc is a malicious nodcWe assume that trust confidences of all nodes were zero when sensor network was initializedWe detect all the confidence of nodes which have established trust relationships with node ni andN. It is deemed to be malicious for node m if there have been no malicious node in allrelationships of N; except for node Ni. Similarly, Ni is also deemed to be malicious while therehave been no malicious node in all relationships of N; except for node Ni. If it does not meetsituations of the above two kinds, there are two possibilities here: one is that they were allmalicious; the other is either of which is malicious, and the number of malicious nodes in Aset orBser is more than one, that have constructed trust relationship with it. In this case, we use evidencein the contrary way to derive the node whether it is a malicious node. We take node ni asmalicious, if there is a non-malicious node in Aset. i t or Bset.i t, whose confidences are not equal tothe value of the node mWe remove the malicious node when it is Tound. and then we make its conlidence value iszero. The associated confidence of other related nodes is cleared away and then taken as zero. As aresult, the trust relationship of malicious node is ineffectually constructed.If there has been already a trust relationship indirectly between two nodes, we may also8国武技论文在线http:/www.paper.edu.cnconstruct a trust relation again when they need. Therefore, there are many redundant relationshipsas the above method. In order to reduce redundant trust relationships and further the cost requiredduring constructing, we propose a reduction model. In this model, we find a trust path to replace anew relationship construction, which looks like Koenigsberg Seven Bridge Problem discovered byeulerIn graphics, two nodes, without direct connection, are able to construct a connected path bytransition if we find a connected road between them. Our reduction model is made use of graphicsshown as Fig3 and Fig 4. We assume that there have been n(n>1) relationships existing betweennode Ni and N. N and N; construct trust relationship by indirect trust relationships like Fig 3However, if there is no connected path between nodes Ni and n it deduces that it cannot get thetrust rclation by trust reputation transition like Fig 4A瓜NfMr●Fig 3. An example of successful and indirect trust construction by a connected path between N and mNfifN●↓●Fig. 4. An cxamplc of failure of a trust rclationship by a connccted path bctwccn N; and NBefore presenting reduction model, we will first introduce a definition about the reputationconnected path as followsdenotes the reputation information along the path N, to N. RCPy( Ny, Ryb, where.to n whichReputation Connected Path rCPi is a connected path from node Ni to ni, whichN 'C N, which is a set of sensor nodes owned by the path from node Ni to N; in thewireless sensor nctworkRi=rik denotes the reputations along the path from N; to Ni, and rik=i Ni, N, denotesthe reputation, that is confidence value, between N, and its neighbor Nk.If we find an RCPi; andf (t)>f:, we make RCPi as a new relationship. we take fi forfii(t)and/ for ft, then confidence value f will be denoted as follows in Fig 3f=f·J…fWc assumc that thcrc arc n-1 (n> 2)nodes bctwccn nodc Ni and Nj. Each confidence ofadjacent node is not less than trust threshold f in RCPi, so that this equation can also be describedas followsf=fk·f…fWe know that the trust is constructed whenfi2/and each confidence value of adjacent nodein(25) is not less than trust threshold f. But how much is the confidence value in every adjacentnode? It is important for successful trust construction. To answer the question, we make Lemma 2s followsAn rCpi can he taken as relation ship between two nodes when trust threshold f>1( is a positive real numberWe assume that there are n-1(n22) nodes between Ni and Ni, and that we find anRCP between N; and Ni like Fig 3. We also assume that there is a function f that is defined asF=(f)”-f2The differential equation of function F is described asdF=(n*(°)1-1)·d9国武技论文在线http:/www.paper.edu.cna The valuc of is cqual to l/Vn, lager than zero, when wc makc diffcrcntial cquation(3 1)bcdenoted by dF/df as followdEWe deduce that FC=1/ n) is the minimum value, and that dF/dr>0 when f'1/mVn. Hence, F(>lian)> F(=1/n), as>1/nHowever, there are only two roots, 0 and 1, to make F=0; i.e. F(=0)=0 and FC=1)=0SoF(1)≥0, SInce1/"vhn≤1,(n≥2);ie.f"1 to make()≥f; as a resul., we obtain thatf≥1 when fa≥(f°)"≥f; that is, fel if trust relation is successfully constructed in RCPWe know that a trust relationship can be constructed as lonng as trust thresholds no less than1. From the proof, we also obtain a corollary as followsEvery confidence value f> 1 between two nodes in a reputation connected path, ifa trust relationship is successfully constructed in the pathFrom the proof of lemma 2, we see that if a trust relationship is successfullyconstructed in the path, trust threshold/21. And every confidence fin the RCPi is that fz.Asa result, every confidence value f> 1 between two nodes in a reputation connected path, when atrust relationship is constructed in the path successfullyUnfortunately, there arc more than onc rCPi betwcen Ni and Ni. morcovcr, cost of trustconstruction is critical problem in designing the sensor network, so that we must try our best toreduce the cost. It takes costs to construct trust relationships and transmits reputation in RCPi. Irthere are v(an integer, and v>1)RCPi s between Ni and Ni, they will be denoted by RCPi lRCPi2,., RCPiv. We will define a function associated with fi, denoted f as follows(fn≥f,1≤≤v)f-maxif(31)fi is the confidence value of RCPinu and hi is the hops of rcPiu between Ni and NjTherefore, we choose an RCPik(k Ev) with fi that meets (/ hi )=max v3Fig 5 is an example, in which we see that node N wants to establish trust with node Ns. Wefirst check whether there has been an indirect trust path between them. We are able to find twoRCPs, one RCP RI=N, N2, N9, N5) and another R2=N1, N3, N, N5. We assume that anyconfidence fi and f2, that fi ERl, f2 ER2, mcct corollary to makc the trust availablc. Wc dcduccthat fR=f12>f29 f9s and fR2=f13*34 45, and the hops of ri, hRl, is that hri=hr2. If /R1
用户评论
