Sage Journals: Discover world-class research

Abstract

With the rapid development of wireless sensor networks (WSNs), the security of WSNs is an important issue in this field because of their vulnerabilities to attacks. Designing a reasonable trust management scheme that can evaluate the trust relationships among sensor nodes accurately is a challenging but meaningful task. In this paper, a credible Bayesian-based trust management scheme (BTMS) is proposed. The overall trust value is aggregated by both direct and indirect trust information. The former is calculated by a modified Bayesian equation and updated by a sliding window. The latter is computed by recommendations from a third party. Moreover, the indirect trust computation is invoked conditionally according to the uncertainty of direct trust calculated via Entropy Theory and malicious feedbacks are excluded. Meanwhile, different recommendations are appropriately weighted in light of the trust levels of recommenders. Simulations are conducted and the results show that, compared with existing approaches, the proposed trust model performs better in defeating attacks.

1. Introduction

Wireless sensor networks (WSNs) consist of thousands of nodes which are small-sized, capable of sensing, and resource-constrained [1]. In the past few years, WSNs have proven to be one of the most useful technologies and attracted more and more research attention. With the capability of acquiring, processing, and transmitting data, WSNs have been employed in many application scenarios such as environment monitoring, battlefield detection, industry security surveillance, and medical care. However, sensor nodes are vulnerable to attacks due to the unattended and harsh deployment environment. In many applications, sensor nodes are always at risk of being compromised by adversaries who may capture nodes' cryptographic keys [2]. As a result, the adversary nodes may be taken as normal ones in the network, which makes it possible for the adversaries to intercept, delete, or insert information. Once a node is compromised, the availability and integrity of the whole network can be destroyed. In addition, attacks may occur at any time and are difficult to be predicted. Thus, network security is a vital issue needed to be addressed to guarantee correct operation of the whole network.

In the field of network security, asymmetry cryptographic protection is widely used to deal with external attacks in Internet, Peer-to-Peer, and Ad Hoc networks. Unfortunately, due to the complexity and huge computing memory, encryption algorithms are not suitable for processing capability constrained and energy limited sensor nodes. Furthermore, security mechanisms based on encryption can only solve external security problems and are incapable of coping with internal attacks. The special characteristics of nodes make WSNs different from other networks. Nodes may refuse to cooperate with service requester on the purpose of saving resource and this kind of nodes is called selfish nodes. Although they do not attack the network actively, a number of selfish nodes can cause serious consequences in the network. Nonetheless, the existing cryptographic protection is unable to identify the risk caused by authenticated selfish nodes. Therefore, an effective scheme needs to be established to settle those problems.

Trust management can be used as a natural way to achieve the privacy and security of entities in WSNs [3]. Trust relationship is one of the most complex concepts in WSNs because of its uncertainty, asymmetry, and context independence [4]. Inherited from [5], trust is defined as the confidence of a node that another node will perform as expected. A virtuous trust relationship enables a node to predict and evaluate the interaction security to prevent itself from being attacked before the interactions actually take place. If a node is always willing to forward the received data packets, it will be considered trustworthy and holds a good reputation, where, as a consequence, its requests will be more possible to be satisfied. The basic idea of trust management scheme is to quantify trust to describe the trustworthiness, reliability, or competence of individual nodes [6]. To the best of our knowledge, lots of state-of-the-art models [3, 7–21] have been proposed in this field. Undoubtedly, the present achievements have greatly promoted related research. Nevertheless, some limitations still remain to be solved. For instance, many studies pay little attention to recommendation selection or distribute weights to trust decision factors subjectively, both of which lead to inaccurate trust evaluation. Hence, it is necessary to come up with a reasonable and credible trust management scheme.

Aimed at the former problems, we put forward a Bayesian-based trust management scheme, short for BTMS. This paper refines our previous work [22]. In this proposal, we use both direct and indirect trust to obtain the overall trust and improve the algorithm to make it more adaptive and credible. Firstly, with the interaction records, direct trust values are computed based on Bayesian Theory. Secondly, indirect trust is calculated only when the direct trust is highly uncertain and the Entropy Theory is used to evaluate the uncertainty. The recommendations received from highly reputed nodes are given more weights. By doing this, the defect of usual practice in which weights are assigned subjectively is overcome. Finally, a self-confidence factor is introduced when establishing the overall trust.

The remainder of this paper is organized as follows. Section 2 provides related works about trust management. In Section 3, BTMS is introduced in detail and Section 4 shows the simulation results and security analysis. Last, we conclude the paper in Section 5.

2. Related Works

Up to the present, typical trust management methods include Bayesian trust model, Entropy trust model, Fuzzy logic trust model, D-S Evidence trust model, and Game Theory trust model [23]. Bayesian methodology, in which trust calculation is based on nodes' history behavior records, enriches the comprehension of trust in a probabilistic view [24]. Entropy is used to evaluate the randomness in a signal or event [11]. Thus, with uncertainty in it, trust can be expressed with entropy. Instead of giving a precise value, Fuzzy logic model estimates trust with an approximate set with the usage of natural language. D-S Evidence Theory can extend to subjective logic trust model and the judgment of event uncertainty degree is denoted by subjective logic. Game Theory model tries to detect and exclude selfish nodes by means of game playing.

Bayesian Theory is a widely used tool in trust evaluation. Ganeriwal et al. [12] came up with a classical reputation-based framework for sensor networks (RFSN) where nodes use reputation to evaluate others' trustworthiness. In this model, a beta reputation system of sensor networks (BRSN) was presented. Also, researchers reached a conclusion that the distribution of reputation fitted beta function well and they used mathematical expectation as nodes' trust value. However, only good reputation of a node is allowed to be propagated, which leads to the consequence that trust information about malicious or misbehavior nodes cannot be transmitted in time.

Mejia et al. [13] proposed a completely distributed trust model based on a noncooperative game that utilized a bacterial-like algorithm to let the nodes quickly learn the appropriate cooperation behavior. However, Game Theory is a suggestion for how game players ought to behave instead of a predictive tool. Therefore, Game Theory is not so appropriate to resolve trust problems in WSNs. Tian and Yang [14] presented $R^{2}$ Trust, which was a robust reputation and risk evaluation based trust management model. The model evaluated trust values in the view of both reputation and risk with direct interactions and peers' referrals. However, it is essential to study how dynamic behaviors impact the trust value. In [15], Bao et al. came up with a hierarchical dynamic trust management protocol for cluster-based wireless sensor networks, which considered two aspects of trust degree: social trust and QoS trust, respectively. Intimacy and honesty were taken into account to measure social trust whereas energy and unselfishness were chosen to measure QoS trust. However, the update interval may impact the protocol performance. Anita et al. [16] presented a trust prediction model for routing based on Fuzzy Theory. In this model, only recommendations from a certain subset of neighbors with maximum number of interactions were adopted. Based on the historical behavior, fluctuations in trust value within a period of time, and recommendation inconsistency, the model could predict the future behaviors of neighbors. But the application of Fuzzy Theory may yield information loss and inaccurate result. Aivaloglou and Gritzalis [17] proposed a hybrid trust and reputation management which combined aspects from certificate-based and behavior-based approaches. This model exploited predeployment knowledge on network topology and information flows to support the needs of nodes with highly diverse network roles. However, it is difficult to get predeployment information. Combining fuzzy sets and grey theory, Wu et al. [18] presented an incentive trust model to evaluate each node's reliability based on both direct and indirect relationship. Only those held higher trust values were allowed to forward data packets. Besides, a time slice scheme was introduced to ensure enough time for a node to enjoy its service. However, the computation is complex for nodes with limited processing ability. Zhang et al. [19] proposed a multiple-level trust management framework called ML-TRUST. In this framework, three levels of trust, namely, subjective belief, objective reputation, and recommendation trust, were introduced to establish trustworthy relationships among nodes for their cooperation. However, this model does not include trust sharing and renewal mechanism.

3. BTMS Algorithm

In this paper, we define trust as the probability that node A holds on node B to perform as expected [5]. The overall trust is established by direct and indirect trust according to interaction history. Firstly, both direct trust and indirect trust value are calculated on the basis of Bayesian Theory and the indirect trust computation will be invoked only when the uncertainty of direct trust, which is calculated according to the Entropy Theory, is high. Secondly, the trust level of recommenders is applied to assign weights to different recommendations. Finally, the overall trust value is aggregated by introducing self-confidence factor. In this model, nodes communicate via a shared bidirectional wireless channel and operate in the promiscuous mode.

3.1. Direct Trust Evaluation

3.1.1. The Entropy Theory

Entropy Theory is a concept in the realm of thermodynamics, statistics, and information theory. It is the measurement of uncertainty or information quantity in a random signal or event [20]. The entropy of a random variable X is defined as

\begin{matrix} H (X) = - \sum_{i = 1}^{n} P (x_{i}) \log_{2} P (x_{i}) . \end{matrix}

(1)

Here, $P (X)$ is the probability density function of variable X. If X is binary, (1) can be written as

\begin{array}{l} H (X) \\ = - P (x_{i}) \log_{2} P (x_{i}) - [1 - P (x_{i})] \log_{2} [1 - P (x_{i})] . \end{array}

(2)

According to (1), the coordinate plot of entropy is given in Figure 1. As shown, the entropy function is a strictly convex function in its definition domain $[0,1]$ . Taking $P (x_{i})$ as the probability with which an event $x_{i}$ will happen, the entropy function is symmetry using $P (x_{i}) = 0.5$ as symmetry axis and $0 \leq H (X) \leq 1$ . When $P (x_{i}) = 0.5$ , $H (X)$ reaches the maximum, which means that whether the event will occur is completely uncertain under this scenario. On the contrary, when $P (x_{i}) = 1$ (or $P (x_{i}) = 0$ ), $H (X) = 0$ , which means that the event will (or will not) take place without uncertainty.

Figure 1

Function plot of $H (X)$ .

3.1.2. Direct Trust Value Calculation

The direct trust, denoted by ${D T}_{i j}$ , is derived from the direct observations of node i on node j. Here, the evaluating node i and evaluated node j are denoted by $N_{i}$ and $N_{j}$ , respectively.

Due to its flexibility and simplicity as well as strong foundations on the theory of statistics, beta distribution is employed as the prior distribution of interactions among nodes. Assuming that the way of future interaction is the same as that of the previous, the desired value of ${D T}_{i j}$ can be represented by the mathematical expectation of beta distribution as follows:

\begin{matrix} {D T}_{i j} = \frac{α_{i j} + 1}{α_{i j} + β_{i j} + 2} . \end{matrix}

(3)

Here, we define

(α_{i j}, β_{i j})

as the interaction record between

N_{i}

and

N_{j}

, where

α_{i j}

and

β_{i j}

are the number of successful and unsuccessful interactions, respectively. As is well known, trust is dynamic and related to risk. Hence, we modify (3) as follows:

\begin{matrix} {D T}_{i j} = \frac{α_{i j} + 1}{α_{i j} + β_{i j} + 2} * (1 - \frac{β_{i j}}{W}) . \end{matrix}

(4)

In (4), W is the total number of effect interaction records and the expression $(1 - β_{i j} / W)$ is called punishment factor. With the increase of $β_{i j}$ , $(1 - β_{i j} / W)$ decreases correspondingly. We introduce the punishment factor which shows strict punishment to nodes' misbehaviors for three reasons. First, a malicious node can cooperate with others to accumulate good reputation and then choose not to cooperate to launch attacks. If a highly reputed node launches attacks or suffers network failures such as link failure or running out of energy, its direct trust value will decline rapidly because of the effect of punishment factor. Second, risk exists during interaction. So, it is of necessity to illustrate interaction security level. As the expression $(β_{i j} / W)$ can partly signify the risk of interaction, the punishment factor indicates the security level when $N_{i}$ interacts with $N_{j}$ . Third, as the direct trust value is a ratio in our previous work [22], short-term and long-term experiences of interactions may lead to the same trust level. For example, with 5 successful interactions and 1 unsuccessful interaction, or 59 successful interactions and 19 unsuccessful interactions, the direct trust value is 0.75 according to [22]. But in this proposal, if W is 150, the direct trust values are 0.745 and 0.655, respectively. So, the punishment factor indicates nodes' action stability and punishes those who misbehave.

3.1.3. Updating of Direct Trust

Trust value is obtained based upon history interaction records and changes dynamically with time. It is intuitive that old experience has less contribution and new experience has more influence on trust decision. In this paper, trust is updated by a sliding window W. Only interaction records within the sliding window are valid; that is to say, the maximum number of effective interaction records is W. The length of sliding window W, which reflects evaluator's emphasis on history information, is preset according to application environment.

As Figure 2 depicts, each sliding window keeps a record of the latest W interactions and is divided into q slots which are marked $q, q - 1, q - 2, \dots, 2,1$ from right to left. A social phenomenon is that while it takes long-term consistent cooperative behavior to gain good reputation, only a few misbehaviors can ruin it, which implies that reputation is easy to lose and hard to get. Inspired by this, we introduce an adaptive forgetting factor $θ_{l}$ to set weights to different slots:

\begin{matrix} θ_{l} = 1 - D_{i j}^{l}, l = 1,2, \dots, q . \end{matrix}

(5)

In (5),

D_{i j}^{l}

is the direct trust value at the end of lth slot. Equation (5) demonstrates that bad behavior is remembered for a longer time.

Figure 2

Sliding window.

For slot l, where $l = 1,2, \dots, q - 1, q$ , $N_{i}$ monitors $N_{j}$ 's behavior and counts the number of successful interactions $α_{i j} (l)$ and unsuccessful interactions $β_{i j} (l)$ at the end of this slot. Thus, the update of trust is equivalent to updating the value of the two parameters $α_{i j}$ and $β_{i j}$ in the following method:

\begin{matrix} α_{i j}^{n e w} = \sum_{l = 1}^{q} α_{i j} (l) * θ_{l}^{q - l}, l = 1,2, \dots, q - 1, q, \\ β_{i j}^{n e w} = \sum_{l = 1}^{q} β_{i j} (l) * θ_{l}^{q - l}, l = 1,2, \dots, q - 1, q . \end{matrix}

(6)

The updated direct trust value can be represented as

\begin{matrix} {D T}_{i j} = \frac{α_{i j}^{n e w} + 1}{α_{i j}^{n e w} + β_{i j}^{n e w} + 2} * (1 - \frac{β_{i j}^{n e w}}{W}) . \end{matrix}

(7)

The sliding window is a FIFO queue and simulates the decaying process of interaction history. The targeted updating scheme has the following advantages. For one thing, the window abandons old records and incorporates new experiences as time elapses, which improves the adaptability and saves nodes' memory. For another, this updating method clearly reflects the character that trust relationship decays over time and enhances the accuracy of trust quantification. Moreover, the updating method is also a kind of redemption mechanism. On account of environment change, link mistake, battery draining, or some other system faults, a good entity may behave abnormally. Those ones may be taken as malicious or even expelled from network. As the sliding window moves forward, the proposed update model can remove the effect yielded by accident.

3.1.4. Judgment of Direct Trust

The traditional way, where both direct and indirect trust are considered when computing the overall trust value, costs more energy and makes the load of resource-constrained sensor nodes heavy. In [22], we use confidence level to decide whether the direct trust is credible enough. However, the accuracy of interval estimation and confidence level are two tradeoff factors, which means they cannot be increased together. In an interaction, whether a node will act as expected or not is indeterminate. Inspired by human experience, if this kind of unsureness goes down to a certain degree, there is no more need to consider the recommendation from others. In other words, direct observation is sufficient to run the trust evaluation. Hence, suppose $H ({D T}_{i j})$ is the entropy of direct trust and h is the threshold of uncertainty; if $h \leq H ({D T}_{i j}) \leq 1$ , which means that the uncertainty of direct trust is high and more information is needed, then the indirect trust computation is invoked; otherwise, the overall trust ${O T}_{i j}$ that $N_{i}$ holds about $N_{j}$ is simply set to direct trust value; that is, ${O T}_{i j} = {D T}_{i j}$ .

By this means, the energy consumption is reduced and the calculation process agrees more with human cognition.

3.2. Indirect Trust Evaluation

3.2.1. Recommendation Trust Calculation

When a node is considered “uncertain,” the recommendation trust is needed. The evaluating node i acquires the recommendation about node j through their common neighbor nodes k, symbolized as $N_{k}$ . $N_{i}$ has prior reputation information $(α_{i k}, β_{i k})$ about $N_{k}$ already. $N_{i}$ broadcasts a query command to its neighbors and the common neighbors shared by $N_{i}$ and $N_{j}$ send back their interaction records with $N_{j} (α_{k j}, β_{k j})$ in response. This process is shown in Figure 3. The red and blue dashed circles represent communication range of $N_{i}$ and $N_{j}$ , respectively.

Figure 3

The transmission path of recommendation.

Suppose the recommendation provided by $N_{k}$ is $R_{i j}^{k}$ . Given $(α_{i k}, β_{i k})$ and $(α_{k j}, β_{k j})$ , the recommendation trust value is computed in the following way, where $({R α}_{i j}^{k}, {R β}_{i j}^{k})$ is the recommendation interaction record:

\begin{array}{l} {R α}_{i j}^{k} = \frac{2 * α_{i k} * α_{k j}}{(β_{i k} + 2) * (α_{k j} + β_{k j} + 2) + 2 * α_{i k}}, \\ {R β}_{i j}^{k} = \frac{2 * α_{i k} * β_{k j}}{(β_{i k} + 2) * (α_{k j} + β_{k j} + 2) + 2 * α_{i k}}, \\ R_{i j}^{k} = E [B e t a ({{R α}_{i j}^{k} + 1, R β}_{i j}^{k} + 1)] \\ = \frac{{R α}_{i j}^{k} + 1}{{R α}_{i j}^{k} + {R β}_{i j}^{k} + 2} . \end{array}

(8)

3.2.2. Judgment of Recommender

Due to the existence of malicious nodes, not all recommendations are reliable and undependable feedbacks result in false outcome. In this work, we judge the credibility of recommenders to ensure accuracy when calculating indirect trust. Only recommendations from trustworthy entities are accepted. The trust degree of $N_{i}$ towards recommender k, notated by $T_{i k}$ , is derived from the following equation:

\begin{matrix} T_{i k} = \frac{α_{i k} + 1}{α_{i k} + β_{i k} + 2} . \end{matrix}

(9)

Suppose there are n recommenders and their trust values held by $N_{i}$ are notated as $T_{i 1}, T_{i 2}, \dots, T_{i (n - 1)}, T_{i n}$ . If $T_{i k} \geq γ (k = 1,2, \dots, n)$ , where γ is a preset threshold and $0 \leq γ \leq 1$ , the recommendation from $N_{k}$ is accepted. Otherwise, it will be totally neglected.

3.2.3. Weight Assignment

In the targeted trust management scheme, the weights of each recommendation need to be computed. In some exiting works, weights are set in subjective ways which lack adaptability and cannot reflect the proportion of each recommendation correctly. Intuitively, $N_{i}$ should give more weight to recommendations from recommenders with high reputation. Hence, we allocate weights based on the trust degree of recommenders to avoid individual preference. The following approach is taken to calculate the weight of $R_{i j}^{k}$ :

\begin{matrix} ω_{k} = \frac{T_{i k}}{\sum_{k = 1}^{m} T_{i k}}, k = 1,2, \dots, m . \end{matrix}

(10)

Here,

ω_{k}

is the weight of

R_{i j}^{k}

and m is the number of accepted recommendations. Apparently,

0 \leq ω_{k} \leq 1

and

\sum_{k = 1}^{m} ω_{k} = 1

. Finally, the indirect trust value, denoted by

{I T}_{i j}

, is obtained:

\begin{matrix} {I T}_{i j} = \sum_{k = 1}^{m} ω_{k} * R_{i j}^{k} . \end{matrix}

(11)

3.3. Overall Trust Aggregation

The overall trust value ${O T}_{i j}$ , which node i holds about node j, is established via the following formula:

\begin{array}{l} {O T}_{i j} \\ = \{\begin{cases} {D T}_{i j} & 0 \leq H ({D T}_{i j}) < h \\ λ * {D T}_{i j} + (1 - λ) * {I T}_{i j} & h \leq H ({D T}_{i j}) \leq 1 . \end{cases} \end{array}

(12)

In (12), λ is referred to as self-confidence factor and calculated as follows:

\begin{matrix} λ = 1 - ρ^{t}, ρ \in (0,1) . \end{matrix}

(13)

In (13), t represents the number of direct interactions between $N_{i}$ and $N_{j}$ . ρ takes value in the range $(0,1)$ and varies according to different application environment. Obviously, the weight of ${D T}_{i j}$ increases with the rise of direct interaction records t, which indicates that $N_{i}$ is more willing to believe its own direct judgment. Importing self-confidence factor λ not only defenses the false recommendation from malicious entity but is consistent with human interaction habit.

4. Simulations

In this section, performance and security assessments are conducted on Matlab platform. We compare BTMS model with our previous proposal, LTMBE in [22], and existing trust management schemes, typically RFSN. The results demonstrate that BTMS has a powerful capability of trust estimation and attack resistance.

4.1. Trust Evaluation for Normal Nodes

In this section, we assess the overall trust of normal nodes. It is assumed that a normal node always chooses to cooperate. As depicted in Figure 4, the overall trust increases with the increase of successful interactions. Because a normal node always cooperates, the overall trust value approaches 1.

Figure 4

The overall trust of normal nodes.

4.2. Rationality of Importing Punishment Factor

The punishment factor is exploited to show strict punishment to nodes' misbehavior. In this subsection, we analyze the rationality of importing punishment factor. Here, we set the maximum valid historical record W to be 150. As Figure 5 shows, the increase of number of unsuccessful interactions results in sharp decrease of direct trust value because misbehaviors are punished. W varies according to application environment. The smaller W is, the more attention the latest records receive and the more severe the punishment is.

Figure 5

The rationality of importing punishment factor.

As interaction goes on, nodes may get the same direct trust value in different phases in LTMBE. In Table 1 and Figure 6, an example is given to demonstrate the function of differentiating nodes' action stability of punishment factor.

Table 1

An example for rationality of punishment factor in direct trust calculation.

$α_{i j}$	$β_{i j}$	Direct trust in LTMBE	Direct trust in BTMS
4	2	0.6250	0.6167
29	17	0.6250	0.5542
34	20	0.6250	0.5417
54	32	0.6250	0.4917
79	47	0.6250	0.4292
89	53	0.6250	0.4042

Figure 6

Punishment to nodes.

In Figure 6, the direct trust of target nodes obtained by LTMBE remains almost the same, whereas that obtained by BTMS decreases with the effect of punishment because nodes with more unsuccessful interaction records are punished. Consequently, their direct trust values are lower. In this way, BTMS can differentiate the action stability of target nodes that maintain the same direct trust value and punish those who behave abnormally.

4.3. On-Off Attack

Adversaries can launch on-off attack whereby nodes behave well or badly alternatively trying to remain undetected while causing damage [21]. To defend against this kind of attack, we adopt adaptive forgetting factor to weight corresponding records. Suppose that an attacker behaves well in the first 30 interactions to build up good reputation but behaves badly in the next 30 rounds. After that, it behaves well continuously. Here, we set the fixed forgetting factor to be 0.7.

We can see intuitively from Figure 7 that, in RFSN, albeit the trust value drops fast when the malicious node launches on-off attack, it can regain trust simply by cooperating a few times. Although the trust value in LTMBE tracks the node's current status, its effectivity is constrained. Conversely, in BTMS, the trust value keeps up with the node's current status much better than LTMBE. More importantly, a node can recover its trust value but this recovery needs more good actions and much longer time. We can come to a conclusion that BTMS outperforms RFSN and LTMBE in inhibiting on-off attack.

Figure 7

Direct trust value under on-off attack with adaptive forgetting factor.

4.4. Bad Mouthing Attack and Ballot Stuffing Attack

Reputation-based systems are highly susceptible to false recommendation which is originated from dishonest recommender. Specifically, false recommendation can be classified into bad mouthing attack and ballot stuffing attack. In bad mouthing attack, malicious nodes collude to provide unfairly negative ratings about normal nodes [23].

Rather, in ballot stuffing attack, also called false praising attack, the compromised nodes propagate unfairly positive information about malicious nodes [2]. To defeat bad mouthing attack and ballot stuffing attack, we introduce recommendation selection scheme, where recommendations from untrustworthy nodes will be rejected, and self-confidence factor when synthesizing trust values.

In the first place, the damage caused by poorly reputed malicious recommenders will be removed by our recommendation selection scheme. As Figure 8 shows, the trust value of a malicious node decreases fast and becomes very small due to improper performance. Once its trust degree falls below the threshold γ, recommendation from this node will be completely disregarded.

Figure 8

The trust value of malicious recommenders.

To further show the effectiveness of recommendation selection scheme, we compare our model with RFSN and LTMBE under bad mouthing attack and ballot stuffing attack when the direct interaction between the evaluating node and the evaluated node is 150. Here, we set $γ = 0.3$ and the experiment results are shown in Figure 9.

Figure 9

The trust value at different proportion of malicious nodes when poorly reputed nodes launch bad mouthing attack and ballot stuffing attack.

As RFSN only propagates good reputation, it performs well when a malicious node launches bad mouthing attack, but RFSN cannot deal with ballot stuffing attack well and establishes relative high trust value for the evaluated node. LTMBE also suffers from the two kinds of attacks even though it assigns low weights to false recommendations, which cannot completely remove the negative impact. In addition, both RFSN and LTMBE do not include independent judgment of recommender. On the contrary, the advantage of adopting recommendation selection scheme is obvious. Under both attacks, no matter what the proportion of untrustworthy recommenders is, BTMS establishes almost the same overall trust value as that when there are no malicious recommenders. So, BTMS is resilient and functions well when poorly reputed recommenders launch bad mouthing attack and ballot stuffing attack.

Although we disregard recommendations from attackers with bad reputation, highly reputed attackers who behave well aiming at remaining undetected may still exist. This kind of attackers destroys the network more secretly. RFSN eliminates this potential threat by simply prohibiting bad reputation disseminating. However, the attack resistance comes at the cost of system accuracy as no nodes are allowed to share their bad experience with others. The ability of LTMBE to resist these attacks under this situation is limited as the false recommendations are still taken into consideration. BTMS excludes these potential threats via utilizing self-confidence factor. As the direct interaction increases, the evaluating node gives more weight to direct trust which reflects real status of evaluated node. Thereby, the damage resulting from false recommendations provided by highly reputed dishonest recommenders is mitigated. We repeat the experiment when highly reputed recommenders launch bad mouthing attack and ballot stuffing attack. The results are shown in Figure 10. It is obvious that when highly reputed recommender launches bad mouthing attack or ballot stuffing attack, RFSN can only cope with bad mouthing attack well. Trust values obtained by LTMBE are still affected by both of the attacks no matter how many times the evaluating node directly interacts with the evaluated node. As anticipated, the more direct interactions there are, the more the overall trust values get close to true trust values in BTMS.

Figure 10

The trust value when highly reputed nodes launch bad mouthing attack or ballot stuffing attack.

With the previous analysis, we can conclude that BTMS can withstand bad mouthing attack and ballot stuffing attack effectively, no matter whether the recommenders are trustworthy or not.

5. Conclusions

In this paper, a credible Bayesian-based trust management scheme, BTMS for short, is proposed. First of all, direct trust is built on the basis of Bayesian Theory and updated by an adaptive forgetting factor to enhance flexibility. The punishment factor is introduced to show strict punishment to misbehavior and differentiates nodes holding the same direct trust value. The calculation of indirect trust is invoked conditionally and the recommendation information is selected when computing indirect trust. Moreover, defect caused by allotting weights subjectively is overcome by distributing weights according to trust level of recommenders. Afterwards, we use self-confidence factor to establish overall trust. Simulation results indicate that, compared with RFSN and LTMBE, BTMS is of great help in defending against on-off attack, bad mouthing attack, and ballot stuffing attack.

Trust mechanism provides security service for upper layer network application, such as secure routing, secure data fusion, access control, and topology control [23]. Take secure routing for example. A routing protocol with trust calculation inevitably consumes more energy than those without any trust mechanism. In our future work, we would like to focus on the application of trust mechanism and find a tradeoff between security and energy saving.

Footnotes

Conflict of Interests

The authors declare that there is no conflict of interests regarding the publication of this paper.

Acknowledgment

The authors are grateful to the anonymous reviewers for their insightful comments.

References

Zhu

W. T.

Zhou

Deng

R. H.

Bao

Detecting node replication attacks in wireless sensor networks: a survey

Journal of Network and Computer Applications 2012 35 3 1022 1034

10.1016/j.jnca.2012.01.002

2-s2.0-84862786551

Khalid

Khan

S. U.

Madani

S. A.

Hayat

Khan

M. I.

Min-Allah

Kolodziej

Wang

Zeadally

Chen

Comparative study of trust and reputation systems for wireless sensor networks

Security and Communication Networks 2013 6 6 669 688

10.1002/sec.597

2-s2.0-84876783129

Denko

M. K.

Sun

Woungang

Trust management in ubiquitous computing: a Bayesian approach

Computer Communications 2011 34 3 398 406

10.1016/j.comcom.2010.01.023

2-s2.0-78751649542

X.-Y.

Zhou

Yang

X.-D.

Developing dynamic P2P trust model using theory of entropy-based multi-source information fusion

International Journal of Innovative Computing, Information and Control 2011 7 2 777 790

2-s2.0-79251495745

Trakadas

Maniatis

Karkazis

Zahariadis

Leligou

H. C.

Voliotis

A novel flexible trust management system for heterogeneous wireless sensor networks

Proceedings of the International Symposium on Autonomous Decentralized Systems (ISADS '09)

March 2009

Athens, Greece

IEEE

1 6

10.1109/isads.2009.5207367

2-s2.0-70449650404

Sun

Y. L.

Han

Liu

K. J. R.

Defense of trust management vulnerabilities in distributed networks

IEEE Communications Magazine 2008 46 2 112 119

10.1109/mcom.2008.4473092

X. Y.

Zhou

J. P.

LDTS: a lightweight and dependable trust system for clustered wireless sensor networks

IEEE Transactions on Information Forensics and Security 2013 8 6 924 935

10.1109/tifs.2013.2240299

2-s2.0-84878297450

Qureshi

Min

G. Y.

Kouvatsos

A distributed reputation and trust management scheme for mobile peer-to-peer networks

Computer Communications 2012 35 5 608 618

10.1016/j.comcom.2011.07.008

2-s2.0-84857057712

Chen

Chang

G. R.

Sun

D. W.

J. J.

Jia

Wang

X. W.

TRM-IoT: a trust management model based on fuzzy reputation for internet of things

Computer Science and Information Systems 2011 8 4 1207 1228

10.2298/csis110303056c

10.

Y. L.

K. Q.

Zhou

W. L.

Trust mechanisms in wireless sensor networks: attack analysis and countermeasures

Journal of Network and Computer Applications 2012 35 3 867 880

10.1016/j.jnca.2011.03.005

2-s2.0-84858038684

11.

Luo

Tao

J. M.

Sun

Entropy-based trust management for data collection in wireless sensor networks

Proceedings of the 5th International Conference on Wireless Communications, Networking and Mobile Computing (WiCOM '09)

September 2009

Beijing, China

3171 3174

10.1109/wicom.2009.5302823

2-s2.0-73149111986

12.

Ganeriwal

Balzano

L. K.

Srivastava

M. B.

Reputation-based framework for high integrity sensor networks

ACM Transactions on Sensor Networks 2008 4 3, article 15

10.1145/1362542.1362546

2-s2.0-44849093503

13.

Mejia

Peña

Muñoz

J. L.

Esparza

Alzate

M. A.

A game theoretic trust model for on-line distributed evolution of cooperation in MANETs

Journal of Network and Computer Applications 2011 34 1 39 51

10.1016/j.jnca.2010.09.007

2-s2.0-78649325432

14.

Tian

C. Q.

Yang

B. J.

R² Trust, a reputation and risk based trust management framework for large-scale, fully decentralized overlay networks

Future Generation Computer Systems 2011 27 8 1135 1141

10.1016/j.future.2011.03.006

2-s2.0-79960474025

15.

Bao

F. Y.

Chen

I.-R.

Chang

M. J.

Cho

J.-H.

Hierarchical trust management for wireless sensor networks and its applications to trust-based routing and intrusion detection

IEEE Transactions on Network and Service Management 2012 9 2 169 183

10.1109/tcomm.2012.031912.110179

2-s2.0-84862138560

16.

Anita

Bhagyaveni

M. A.

Manickam

J. M. L.

Fuzzy-based trust prediction model for routing in WSNs

The Scientific World Journal 2014 2014 11

480202

10.1155/2014/480202

17.

Aivaloglou

Gritzalis

Hybrid trust and reputation management for sensor networks

Wireless Networks 2010 16 5 1493 1510

10.1007/s11276-009-0216-8

2-s2.0-77954087803

18.

G. W.

Y. B.

Jung

Fiore

Yim

K. B.

A dynamic trust model exploiting the time slice in WSNs

Soft Computing 2014 18 9 1829 1840

10.1007/s00500-014-1377-7

19.

Zhang

Huang

Z. H.

Xiang

A novel multiple-level trust management framework for wireless sensor networks

Computer Networks 2014 72 45 61

10.1016/j.comnet.2014.06.015

20.

Hongjun

Zhiping

Xiaona

An entropy-based trust modeling and evaluation for wireless sensor networks

Proceedings of The International Conference on Embedded Software and Systems (ICESS ’08)

July 2008

Sichuan, China

27 34

10.1109/icess.2008.31

2-s2.0-52049115824

21.

Dong

Guan

J. F.

Xue

X. P.

Wang

H. C.

Attack-resistant trust management model based on beta function for distributed routing in Internet of Things

China Communications 2012 9 4 89 98

2-s2.0-84866163989

22.

Che

S. Y.

Feng

R. J.

Liang

Wang

A lightweight trust management based on Bayesian and Entropy for wireless sensor networks

Security and Communication Networks 2015 8 2 168 175

10.1002/sec.969

23.

Kumar

G. E. P.

Titus

Thekkekara

S. I.

A comprehensive overview on application of trust and reputation in wireless sensor network

Proceedings of the International Conference on Modelling Optimization and Computing (ICMOC '12)

April 2012

2903 2912

10.1016/j.proeng.2012.06.339

2-s2.0-84880237145

24.

Momani

Challa

Alhmouz

Bayesian fusion algorithm for inferring trust in wireless sensor networks

Journal of Networks 2010 5 7 815 822

2-s2.0-78651544367

A Credible Bayesian-Based Trust Management Scheme for Wireless Sensor Networks

Abstract

1. Introduction

2. Related Works

3. BTMS Algorithm

3.1. Direct Trust Evaluation

3.1.1. The Entropy Theory

3.1.2. Direct Trust Value Calculation

3.1.3. Updating of Direct Trust

3.1.4. Judgment of Direct Trust

3.2. Indirect Trust Evaluation

3.2.1. Recommendation Trust Calculation

3.2.2. Judgment of Recommender

3.2.3. Weight Assignment

3.3. Overall Trust Aggregation

4. Simulations

4.1. Trust Evaluation for Normal Nodes

4.2. Rationality of Importing Punishment Factor

4.3. On-Off Attack

4.4. Bad Mouthing Attack and Ballot Stuffing Attack

5. Conclusions

Footnotes

Conflict of Interests

Acknowledgment

References