Sage Journals: Discover world-class research

Abstract

Mobile agent is a kind of program which can transfer via asynchronous mode independently in the sensor network with outstanding prospects in application. However, due to the openness of the sensor network, mobile agents are facing the threat of security, such as being stolen and modified. How to protect sensors from attacks of malicious mobile agents becomes an important issue in the field. Traditional access control strategies such as hybrid encryption mechanism, partial results of the package, and other methods have some defects in the application. We design a multisensor interaction trust model with complete β distribution and introduce incomplete β distribution to optimize the trust model according to the actual situation of detection data loss for mobile agent system in the wireless sensor networks. In addition, the introduction of the malicious behavior feedback mechanism ensures the security of sensors in the mobile agent system. The experimental results show that the reputation model of incomplete β distribution can simulate the actual situation well, resist the attacks of malicious agents, and ensure the security of sensors in the system.

Keywords

Mobile agent trust model malicious sensor detection behavior decision

Introduction

In recent years, with the rapid development of sensor network technology, the information on the Internet is growing rapidly, and the structure of the network is more and more complex. The demand for sensor network technology is growing, which promotes the development of distributed technology. In this context, the mobile agent technology, which combines the advantages of the traditional distributed computing model and the agent technology, makes a significant contribution to the progress of the network technology.

Mobile agent is a program that can carry the code, data, and the implementation of the state. It migrates in accordance with the established route between the sensors in the network. The mobile agent can move from one sensor node to another, and it can continue to execute from the breakpoint in a new location. As a new distributed computing model, mobile agent can effectively improve sensor network performance, reduce network traffic, and improve the utilization of resources. The transmission mechanism of the code to the data transfer is adapted to the development of the existing network technology and the demand of the network application.

With the emergence of each new network technology, people consider the issue of its security first. As a new computing model, mobile agent is widely used in the field of distributed computing, distributed information inquiry, and electronic commerce. Although it has advanced features and broad application prospects, security has become one of the most important factors that hinder its further development.

The security of mobile agent technology is mainly in the following aspects:

Mobile agent server security;

Security of mobile agent in transmission;

Security of mobile agent in mobile agent server;

According to the security threats of mobile agent server, researchers put forward some solutions, such as code signing,¹ state verification,² historical path recording method,³ and sandbox mechanism⁴. In the security of mobile agent transfer process, researchers put forward some solutions, such as asymmetric encryption method,⁵ a mixed variety of encryption mechanisms,⁶ and pretty good privacy (PGP) encryption algorithm⁷. In the security of mobile agent in mobile agent server, solutions are partial results encapsulation mechanism,⁸ hardware protection strategy,⁹ the black box method,¹⁰ and so on.

To ensure the security of mobile agent system, the ideal situation is to achieve a complete trust relationship between the mobile agent and the agent running environment. The agent servers accept the interactive application of mobile agents with the relatively high degree of trust.

Therefore, this article introduces a trust mechanism with incomplete β distribution to enhance the security of the mobile agent system in WSNs. The β distribution is a density function as the conjugate prior distribution for binomial distribution and Bernoulli distribution. Its parameters can be seen as pseudo count, which can be directly reflected in the interaction results of the reputation model. However, the malicious actions of sensors can result in incomplete data. Therefore, the traditional β distribution is not suitable for establishing credit model. So we improved mobile agent reputation system using the incomplete β distribution for those incomplete conditions. We detected for malicious sensor nodes with time degradation characteristics. In the simulation, the accuracy of agent selection and failed interaction times are both improved.

The rest of this article is organized as follows. Section “Related work” is about related works of mobile agent, server, and transmission security. Section “Mobile agent reputation system” describes a reputation model for mobile agent. Section “Improved trust model of mobile agent based on incomplete β distribution” improves trust model of mobile agent based on incomplete β distribution. Section “Malicious sensor detection mechanism based on incomplete β distribution” is simulation analysis and section “Simulation and result analysis” draws conclusions.

Related work

Mobile agent technology has been derived from artificial intelligence. Since then, the academic community began the research work of mobile agents.

Research on security of mobile agent server

Researchers have put forward some kind of solutions.

Code signing

Mobile agent server needs to carry out a series of security operations, such as access control, privilege allocation. These measures are based on the identity verification mechanism, and the code signature proposed by Stoopman et al.¹ is the most common method. This method is that the owners of the mobile agent make the digital signature in the mobile agent information and code.

State verification

Mobile agent is in urgent need of a state monitoring mechanism to protect its own security. The state verification method is put forward in Walton et al.² The running state of the mobile agent is identified by the state identification function. The execution status of the mobile agent is abnormal, and then the corresponding access rights are assigned by agent status and execution status. However, this method is appropriate for the mobile agent server with complete access control mechanism. The target server is utilized to monitor the running state of the mobile agent and to combine the type of mobile agent to allocate the corresponding access rights.

Historical path recording method

In the paper, the method of historical path record is put forward, which is commonly used in Yuan et al.³ The method records the information of the mobile agent during the migration process. The target node can decide whether to grant the mobile agent access rights by viewing the historical information. Then the method needs to verify the information of the entire historical platform.

Sandbox mechanism

In addition, a sandbox mechanism is proposed in the literature.⁴ The mechanism enhances the security of the server nodes by limiting the authority of the mobile agent. However, some needed resources cannot be used by mobile agents for the limit of operation authority.

Research on transmission security of mobile agent

Asymmetric encryption method

An asymmetric encryption method is proposed in the literature.⁵ This method is based on the public key and private key encryption and decryption, which are used in the field of information security currently. The disadvantage of the non-symmetric encryption method is that the encryption and decryption speed is slow, and it is not suitable for the encryption of a large amount of data.

Mixed variety of encryption mechanisms

A variety of encryption mechanisms are combined in Chen et al.⁶ This method has been used to solve the security problem of mobile agent in a certain degree.

PGP encryption algorithm

In the paper,⁷ an algorithm using PGP is proposed to encrypt the mobile agent. PGP technology is a kind of encryption algorithms based on RSA (RSA algorithm proposed by Ron Rivest, Adi Shamir and Leonard Adleman) public key encryption, which can improve the transmission efficiency and improve the information security. But it is not easy to use the PGP algorithm to encrypt the mobile agent.

Research on security of mobile agent in mobile agent server

Partial results encapsulation mechanism

Partial results encapsulation mechanism is presented in Dechthummarong et al.,⁸ whose main idea is to encapsulate the implementation results of mobile agents in different nodes in order to check whether the mobile agent is tempered by malicious sensor in future. According to different types of mobile agents, different packaging mechanisms, such as the use of an encryption mechanism, the digital signature mechanism for mobile agents, the contents of the package include the mobile agent in the various nodes of the various operations, operating results.

Hardware protection strategy

The hardware protection strategy is proposed in the literature.⁹ The most common is the use of Java Card and software to ensure the security of mobile agents. Java Card protection mechanism can effectively ensure the data integrity and privacy of mobile agents. However, the hardware protection strategy is dependent on hardware, so it is difficult to use in large scale. And tamper resistant hardware can only provide limited resources, which limits the efficiency of mobile agents.

Black box method

Black box method is proposed in the article.¹⁰ Black box is usually used to package mobile agent information, including encapsulation data of mobile agent, codes and execution states. Mobile agent is just a black box by looking from outside and the sensor node can only get the input or output information of mobile agent. The mobile agent can resist the attacks of malicious sensors through the black box method. However, in the process of input and output, the black box method cannot protect mobile agent security. Security risks still exist.

Research on reputation system

In recent years, the research on reputation system has attracted many attentions, and some trust management models have been proposed. In 1996, Blaze et al.¹¹ first proposed the concept of trust management. “Authorisation delegation” is used to solve the “stranger” licensing issues. FAPtrust model¹² is composed of four parts, which includes direct trust, recommendation trust, incentive function, and active degree. Direct trust is evaluated based on the historical performance of the node. Recommendation reputation is evaluated from the third node. The weight of these factors is set up using fuzzy analytic hierarchy process theory based on entropy weight method.

Pirzada and Mcdonald¹³ propose a trust model based on analyzing network packet data and an aggregation mechanism, where nodes calculate trust according to multiple observed events, including passive acknowledgements, packet precision, salvaging information, gratuitous route replies, and black-lists.

A trust model based on the recommendation trust was introduced in Wang et al.¹⁴ It can prevent a node with higher service trust value to defame a normal node by distinguish between the service trust value and recommendation trust value.

Mobile agent reputation system

The reputation system of β distribution-based mobile agent

Reputation formal model description

The mobile agent reputation system is used for the mobile agent to initiate an interactive application to the sensor. The sensor determines whether the mobile agent is credible according to the reputation system and decides whether to accept the interaction with the agent. Main process includes establishing reputation model based on β distribution, reputation updating reputation integration, and behavior decision. All the relevant symbols and variables are described in Table 1.

Table 1.

Signification of variables in this article.

Variables and symbols	Definition
a b c d e f i j x y z t	Mobile agent or sensor
X_ij	Reputation distribution of the mobile agent (or sensor) j saved by the sensor i, is a random variable
(X_ij)_D	Reputation distribution of the mobile agent (or sensor) j from direct evaluation by sensor i
(X_ij)_1D	One-degree indirect reputation distribution of mobile agent (or sensor) j in sensor i
(X_ij)_2D	Two-degree indirect reputation distribution of mobile agent (or sensor) j in sensor i
T_ij	The trust value of the mobile agent (or sensor) j saved by the sensor i, is the mathematical expectation of the X_ij, is a numeric value
a ₁ a ₂	Coefficient variable
A_ij	Judgement result of agent j in sensor i
θ	The threshold of trust value
H ₁ H ₂ …H_n	Division of the sample space
Ω	The entire sample space
R	The successful interaction times between agent (or sensor) and sensor
s	The failed interaction times between agent (or sensor) and sensor
$r_{t}^{x}$	The successful interaction times between agent (or sensor) x and sensor t
$s_{t}^{x}$	The failed interaction times between agent (or sensor) x and sensor t
$r_{t}^{x : a, y}$ $s_{t}^{x : a, y}$ $r_{t}^{x : y}$ $s_{t}^{x : y}$	The successful or failed interaction times in one-degree or two-degree indirect reputation
B, D, U	The probability of trust, distrust, uncertainty between a sensor node and other sensor node (or a mobile agent)
r′	Successful times integration of direct reputation and indirect reputation
s′	Failed times integration of direct reputation and indirect reputation
$B_{t}^{x : a, y}$ $D_{t}^{x : a, y}$ $U_{t}^{x : a, y}$ $B_{a}^{x}$ $D_{a}^{x}$ $U_{a}^{x}$	The probability of trust, distrust, uncertainty between a sensor node and other sensor node (or a mobile agent) in direct reputation or indirect reputation
Δt	Fixed length time of updating data
t₁, t₂,…, t_m	Time sequence
rⁱ, sⁱ	Successful times and failed times in the period of t_i
$r_{1}^{i}$	Malicious access in the period t_i
$s_{1}^{i}$	Failing access for normal agents’ application in the period t_i
I	Credit rate for a sensor
F	Initial credit rate value
µ	Coefficient of time influence factor
Δ	The difference between direct trust value of agent in intermediate sensors and the expected value
Δ′	The difference between trust value of a sensor node to a certain intermediate sensor node and the average trust value of intermediate sensor nodes

Definition 1 (reputation)

Mobile agent is a kind of program that can transfer in the network with established routes independently. As shown in Figure 1, (a, b, c, d, i, f) is a set of sensor nodes. a-b-c-d-i is the established route for the agent j. After running on the sensors a-b-c-d, the agent j applies interaction to the sensor i. And the sensor i makes decision according to the reputation of agent j. Reputation is evaluation of an agent or a sensor by a other sensor, considered as a probability distribution. Reputation is divided into direct and indirect reputation. Direct reputation refers to the sensor i getting the direct evaluation of an agent j according to the reputation of the system, expressed by (X_ij)_D.

Figure 1.

Route of mobile agent and trust model.

If it just relies on direct supervision to establish the reputation of information algorithm, the convergence time will be very large, and it will consume a lot of resources. Using indirect reputation solves the above problems. If the sensor i gets the reputation evaluation of agent j by another sensor d, with (X_ij)_1D to express, it is called one-degree indirect reputation. If a sensor i gets the reputation evaluation of an agent j through sensor f and sensor b with (X_ij)_2D to express, it is called two-degree indirect reputation. And so on, in the whole model, there is three-degree indirect reputation, four-degree indirect reputation, and so on. Mobile agent transfer process with the security problem occurs frequently; hence, the value of the information is not high. Therefore, we only consider the one-degree and two-degree indirect reputation. The comprehensive reputation of a mobile agent is derived from the direct reputation and indirect reputation weighted sum, as shown in formula (1). a₁ and a₂ are the correlation coefficients, a₁ + a₂ = 1. They can be set according to different network environments

X_{ij} = (X_{ij})_{D} + a_{1} * (X_{ij})_{1 D} + a_{2} * (X_{ij})_{2 D}

(1)

Definition 2 (trust)

Trust T_ij is a kind of subjective expectation of sensor (or agent) j’s behavior in the future in sensor i. It is the statistical expectation of the probability distribution of the reputation. T_ij indicates the trust of sensor i to agent (or sensor) j. Different from reputation, trust is a numerical value, as shown in formula (2)

T_{ij} = E [X_{ij}]

(2)

Definition 3 (judge)

When an agent launches an interactive application to a sensor, the sensor will determine the reputation of the agent. The determining behavior A_ij depends on the trust value of j in i. In this article, we use variable reputation threshold to decide the value of A_ij

A_{ij} = {\begin{matrix} trusted & \forall T_{ij} \geq θ \\ untrusted & \forall T_{ij} < θ \end{matrix}}

(3)

When A_ij is trusted, the sensor agrees the application of the interactive agent; on the contrary, the application is rejected. The specific calculation method of $θ$ will be described detail in the following.

Definition of reputation model

This section describes an example of a basic system based on a Bayesian formula. The system is designed for the mobile agent reputation. First of all, take a brief description of the Bayesian formula and then describe the mobile agent reputation system based on the β distribution.

Bayesian formula¹⁵ is used to calculate the probability of the reputation. According to the principle of probability theory, the expression of Bias formula is as follows

P (H_{j} | A) = \frac{P (H_{j}) P (A | H_{j})}{\sum_{i = 1}^{n} P (H_{i}) P (A | H_{i})} (j = 1, 2, \dots, n)

(4)

H₁, H₂,…, H_n is a division of the sample space. $H_{1} \cup H_{2} \cup \dots H_{n} = Ω$ , Ω is the entire sample space, and P(H_i) > 0. A is an event for any in the sample space. P(H_j) is prior probability, which is a judgment on the probability of H_j before the A event occurs. P(H_j|A) is called the posterior probability, which is the evaluation of the probability of H_j after the A event occurs.

P(A|H_j)/total probability is called Likelihood, which is an adjustment factor making the estimated probability closer to the true probability. In the trust model, in the period t, take the prior probability $X_{ij}^{t - 1}$ and posterior probability $X_{ij}^{t}$ into equation (4), get the posterior probability formula (5)

X_{ij}^{t} = \frac{X_{ij}^{t - 1} \times P (E_{ij}^{t} | X_{ij}^{t - 1})}{total probability}

(5)

Many distributions, such as β distribution, Gauss distribution, Poisson distribution, Dirichlet distribution, can be expressed in reputation system.¹⁶ Our reputation system is based on the β probability density function which can be used to represent probability distributions of binary events.¹⁷ The mathematical analysis leading to the expression for posteriori probability estimates of binary events can be found in many text books on probability theory¹⁸ and we will only present the results here. Posteriori probabilities of binary events can be represented as β distributions. The β-family of probability density functions is a continuous family of functions indexed by the two parameters a and b.

The β distribution is denoted as β(a, b), which is usually introduced by γ function

\begin{matrix} β (a, b) = \frac{γ (a + b)}{γ (a) γ (b)} p^{a - 1} (1 - p)^{b - 1} \\ \forall 0 < p < 1, a > 0, b > 0 \end{matrix}

(6)

$γ (n + 1) = n!$ is a factorial function. Using the β distribution can define the reputation function. When x represents an agent, let $r_{t}^{x}$ and $s_{t}^{x}$ denote success times and failure times, respectively, of the agent x interaction with the target sensor t.

When x represents a sensor, and t represents another sensor, $r_{t}^{x}$ represents the successful interaction numbers with sensor t for an agent that has interacted with sensor x successfully. $s_{t}^{x}$ represents the failed numbers for an agent interacting with the sensor t, which has run on the sensor x successfully. And according to law of Laplace smoothing,¹⁹ taking $a = r_{t}^{x} + 1$ and $b = s_{t}^{x} + 1$ into formula (6) can get reputation function

ϕ (p | r_{t}^{x}, s_{t}^{x}) = \frac{γ (r_{t}^{x} + s_{t}^{x} + 2)}{γ (r_{t}^{x} + 1) γ (s_{t}^{x} + 1)} p^{r_{t}^{x}} (1 - p)^{s_{t}^{x}}

(7)

If an agent has not requested interaction, the value of $r_{t}^{x}$ and $s_{t}^{x}$ will be zero. The expectation value of the credit function that is the value of trust²⁰ is as follows

T_{t x} = E (ϕ (r_{t}^{x}, s_{t}^{x})) = \frac{r_{t}^{x} + 1}{r_{t}^{x} + s_{t}^{x} + 2}

(8)

Improved trust model of mobile agent based on incomplete β distribution

Trust model based on incomplete β distribution

We previously established the reputation model of mobile agent based on β distribution, and defined the reputation function and trust. And we given credit to update, integration, and decision-making behavior of specific methods. But in the testing process of mobile agent, the $r_{t}^{x}$ and $s_{t}^{x}$ of agent or sensor is defined in the ideal case in which the sensor can get all the success and failure interactions times, namely $r_{t}^{x} + s_{t}^{x}$ is equal to the total number of interactions.

But, in actual cases, due to some special reasons, for example, malicious sensors, the destruction of the agent or the data in the sensor may be lost, so $r_{t}^{x} + s_{t}^{x}$ is less than the total number of interactions.

Therefore, the traditional β distribution is not suitable to establish the credit model. In this chapter, according to the principle of the Bayesian formula and distribution, the improvement of mobile agent reputation system was established based on incomplete β distribution, which is a generalization of the β function. The definite integral of the β function is replaced by an indefinite integral. Incomplete β function is as follows

β (a, b) = \int_{λ_{1}}^{λ_{2}} p^{a - 1} {(1 - p)}^{b - 1} dp

(9)

λ₁, λ₂ are called incomplete parameters, among them 0 < λ₁ < λ₂ < 1. Function values can be checked in this article.²¹

If λ₁ = 0 and λ₂ = 1, then formula (9) is β function. The reputation function equation (7) can also be expressed as following based the other form of β function

ϕ (p | r_{t}^{x}, s_{t}^{x}) = \frac{p^{r_{t}^{x}} {(1 - p)}^{s_{t}^{x}}}{\int_{0}^{1} p^{r_{t}^{x}} {(1 - p)}^{s_{t}^{x}} dp}

(10)

According to formula (10), we defined reputation function based on the incomplete β distribution as follows

\begin{matrix} ϕ (p | r_{t}^{x}, s_{t}^{x}) = \frac{p^{r_{t}^{x}} {(1 - p)}^{s_{t}^{x}}}{\int_{λ_{1}}^{λ_{2}} p^{r_{t}^{x}} {(1 - p)}^{s_{t}^{x}} dp} \\ 0 < λ_{1} < λ_{2} < 1 \end{matrix}

(11)

Practical sensor agent detection may not fully record the success and failure times. According to the principle of probabilistic, examining the successful interaction probability between sensor and agent, we can get

R = \frac{the number of success}{the number of interaction}

Because $r_{t}^{x}$ is less than the actual number of successful interaction, R is less than the actual value. At this point, we consider 0 <= R <= 1. Let λ₁ = 0, λ₂ < 1, then we can detect sectional data, which is a simulation of the real situation of data lost. And the value is in accordance with the specific circumstances of the network. The parameters can be substituted into formula (11) to obtain the final reputation functions.

Obtain its expected value as following

T_{tx} = E_{(0, λ_{2})} = \int_{0}^{λ_{2}} p \times ϕ (p | r_{t}^{x}, s_{t}^{x}) dp = \frac{\int_{0}^{λ_{2}} p^{r_{t}^{x} + 1} {(1 - p)}^{s_{t}^{x}} dp}{\int_{0}^{λ_{2}} p^{r_{t}^{x}} {(1 - p)}^{s_{t}^{x}} dp}

(12)

The reputation model based on incomplete β distribution applies to the real interaction scenarios of sensors and mobile agents, which can calculate mobile agent credibility more accurately and identify malicious agents.

However, how to set the value of λ₂ to adapt to the dynamic network environments needs further study in incomplete β distribution. Under normal circumstances, if the sensor agent network does not suffer large-scale attacks or data loss, we believe that the sensor can record times of successful interaction and failed interaction completely and build reputation system with complete β distribution model improving the efficiency of the network.

Reputation update

When agent x interacts with sensor t, sensor t decides whether to accept the application by calculating the x agent reputation value. The reputation value is obtained by direct reputation and indirect reputation. The direct reputation can be obtained by mathematical expectation of reputation function of agent x on sensor t. For the mobile agent reputation system of indirect reputation, we mainly consider the one-degree indirect reputation and the two-degree indirect reputation. One-degree indirect reputation refers to the reputation value of agent x for sensor t getting from sensor y. The one-degree indirect reputation has been analyzed and demonstrated in detail in the literature²⁰ as formula (13), so we will focus on the derivation of two-degree indirect reputation in the following

{\begin{matrix} r_{t}^{x : y} = \frac{2 r_{t}^{y} r_{y}^{x}}{(s_{t}^{y} + 2) * (r_{y}^{x} + s_{y}^{x} + 2) + 2 r_{t}^{y}} \\ s_{t}^{x : y} = \frac{2 r_{t}^{y} s_{y}^{x}}{(s_{t}^{y} + 2) * (r_{y}^{x} + s_{y}^{x} + 2) + 2 r_{t}^{y}} \end{matrix}

(13)

$r_{t}^{x : a, y}$ represents the successful interaction times in the indirect reputation function. $s_{t}^{x : a, y}$ represents the failed interaction times in the indirect reputation function. According to the definition of two-degree indirect reputation, we assume sensor t gets the reputation of agent x through sensor y and sensor a, as shown in Figure 2.

Figure 2.

The two-degree indirect reputation.

Same to the one-degree indirect reputation, B, D and U represent the probability of trust, not trust, and uncertainty, respectively.²² $B_{t}^{x : a, y}$ represents the probability of trust relationship between sensor t and agent x through a and y in the two-degree indirect reputation system. Similarly, $D_{t}^{x : a, y}$ is the probability of untrusted relationship between sensor t and agent x, and $U_{t}^{x : a, y}$ represents the probability of uncertainty relationship. These three variables satisfy B + D + U = 1 in the reputation system. According to Figure 2, it can be obtained

{\begin{matrix} B_{t}^{x : a, y} = B_{a}^{x} B_{y}^{a} B_{t}^{y} \\ D_{t}^{x : a, y} = D_{a}^{x} B_{y}^{a} B_{t}^{y} \\ U_{t}^{x : a, y} = D_{t}^{y} + B_{t}^{y} D_{y}^{a} + B_{t}^{y} B_{y}^{a} U_{a}^{x} + B_{t}^{y} U_{y}^{a} + U_{t}^{y} \end{matrix}

(14)

Then, according to the metric map,²² the above parameters are mapped to the reputation system

{\begin{matrix} B = \frac{r}{r + s + 2} \\ D = \frac{s}{r + s + 2} \\ U = \frac{2}{r + s + 2} \end{matrix}

(15)

The r and s are the parameters in the reputation model, which represent the successful interaction times and failed interaction times, respectively.

Taking formula (15) into formula (14) can get the two-degree indirect reputation

{\begin{matrix} r_{t}^{x : a, y} = \frac{2 r_{t}^{y} r_{y}^{a} r_{a}^{x}}{(r_{a}^{x} + s_{a}^{x} + 2) [s_{y}^{a} (r_{t}^{y} + 2) + s_{t}^{y} (r_{y}^{a} + 2) + r_{y}^{a} (s_{t}^{y} + 2) + 4] + 2 r_{t}^{y} r_{y}^{a}} \\ s_{t}^{x : a, y} = \frac{2 r_{t}^{y} r_{y}^{a} s_{a}^{x}}{(r_{a}^{x} + s_{a}^{x} + 2) [s_{y}^{a} (r_{t}^{y} + 2) + s_{t}^{y} (r_{y}^{a} + 2) + r_{y}^{a} (s_{t}^{y} + 2) + 4] + 2 r_{t}^{y} r_{y}^{a}} \end{matrix}

(16)

Reputation integration

Sensors need to verify the mobile agent through the direct and indirect reputation. Updating reputation based on β distribution or incomplete β distribution is equivalent to updating two parameters.²¹ From formulas (1), (13), and (16), we can get the reputation integration formula

{\begin{matrix} {r'}_{t} = r_{t}^{x} + a_{1} \times r_{t}^{x : y} + a_{2} \times r_{t}^{x : ay} \\ {s'}_{t} = s_{t}^{x} + a_{1} \times s_{t}^{x : y} + a_{2} \times s_{t}^{x : ay} \end{matrix}

(17)

$r'_{T}$ is integrated parameter of successful interaction times. $s'_{T}$ is integrated parameter of failed interaction times. Comprehensive reputation degree is equal to the sum of direct reputation and the one-degree indirect reputation and the two-degree indirect reputation. a₁, a₂ is the scale factor, in this article, a₁ = 0.7, a₂ = 0.3.

Sensor behavior decision

Through the definition of the reputation model, the reputation updating and integration, sensors get the trust value of the mobile agents. By comparing the trust value with the threshold value, sensors determine whether the mobile agent is credible and decide whether to accept the interaction with the agent. The judgement rule is as formula (3). And in this article, we use the variable reputation threshold $θ$ . An initial threshold $θ$ is set for each sensor, which is related to specific network. The threshold of the military network should be relatively high; it can be $θ = 0.9$ . And the common network can be set up to 0.6, and in this article, the threshold is set to 0.6. The traditional fixed threshold cannot be changed after generation, which is not appropriate for the constantly updating network of sensor agent. Accordingly, in this article, the concept of the credit rate of the network is presented, and then the formula of variable reputation threshold is obtained.

We assume that an agent accessed to the sensor with r times successfully and s times unsuccessfully in a period time Δt. Successful accesses indicate that the sensor believes that the agent is trusted. But it cannot rule out the error or malicious agent sneaking successfully. We assume that there are r₁ times of malicious access in r times of access. Similarly, there are s₁ times of failed access for normal agents’ application. Rejected agents run properly on a subsequent sensor, which indicates that the agents are normal.

We assume data will be updated after each period time Δt. We also consider the period of time m*Δt. The time sequence is denoted as (t₁, t₂,…, t_m). t₁ is the latest time period, and t_m is the earliest time period. Times of malicious access can be denoted as $r_{1}^{i}$ in the period of time t_i, and the rejected times of normal agents is $s_{1}^{i}$ in the period of time t_i. And the total application times of agents is (sⁱ + rⁱ) in t_i. As network for every sensor is different, we introduce the concept of personalized variable threshold to the sensor network. So the concept of the credit rate is introduced as shown in formula (18)

I = F + \frac{\sum_{i = 1}^{m} (r_{1}^{i} + 1) - \sum_{i = 1}^{m} (s_{1}^{i} + 1)}{\sum_{i = 0}^{m} (r^{i} + s^{i} + 1)}

(18)

F is the initial credit rate value, and its value should be set based on the specific environmental needs. We set F = 0.5 in this article. Credit rate reflects the reputation level of agents which apply for interaction to the sensor in the system. When the value of $r_{1}^{i}$ is greater than $s_{1}^{i}$ , the credit rate increases with providing feedback to the reputation system. It shows that the success probability of interaction application for malicious agents is high. The system should enhance the credibility threshold. On the contrary, when the value of $s_{1}^{i}$ is greater than $r_{1}^{i}$ , it shows the probability that the interaction requests from the normal agents are blocked is high. The credit rate will be reduced, and the reputation system threshold value should be reduced. After the concept of the credit rate, the threshold value is as follows

θ = I \times \frac{\sum_{i = 1}^{m} e^{- μ \times Δ t \times i} \frac{\sum_{j = 1}^{r^{i} - r_{1}^{i}} T_{ij}}{r^{i} - r_{1}^{i}}}{\sum_{i = 1}^{m} e^{- μ \times Δ t \times i}}

(19)

In the threshold iterative algorithm, the threshold is expressed as the product of the change of the credit and the historical reputation of agents successfully interactive with the sensor. And the weight of the historical reputation is the factor of time. The influence factor of time is denoted as $e^{- μ \times Δ t \times i}$ , and the value of µ depends on the value of Δt and specific situation of network. We set Δt = 2 s, it means that data will be updated after each 2 s, and µ = 0.05. T_ij represents reputation value of jth normal agent accessing successfully to the sensor in period t_i. It means that the change of each threshold value is based on the historical environment and the current demand for the threshold value of the dynamic changes. And we define $0 \leq θ \leq 1$ .

This method can change the reputation threshold according to the network conditions for every sensor to guarantee that the threshold setting is more reasonable and the sensor is more accurate to the agent’s trust behavior in a period of time.

Malicious sensor detection mechanism based on incomplete β distribution

For the reputation model proposed in this article, when the agent applies to a sensor for interaction, the sensor considers the agent’s direct reputation and recommendation reputation from other sensors to make decisions. The recommended reputation is from other sensors in the network. There are some malicious sensors inevitably resulting in the recommendation reputation unbelievable. In this section, a malicious sensor detection mechanism is presented.

As shown in Figure 3, execution path of mobile agent x is a-b-c-d-z. Agent x has executed on the sensors a, b, c, d, and applies for interaction to the sensor z. Sensor z has direct reputation with sensors b and d.

Figure 3.

Reputation relationship between sensors and agent.

Consequently, sensors b and d can provide recommendation reputation about agent x to the sensor z. Similarly, we assume that there are number of intermediate (sensors) (Y₁Y₂…Y_i…Y_m) that can provide recommendation about agent x to the sensor z. There are direct trust relationships between sensor z and the intermediate sensors, and intermediate sensors also have direct trust relationships with agent x.

The direct trust value of intermediate sensor node Y_i to agent x is T_Yix. The expected value of direct trust value of agent x in all intermediate sensors is as follows

\bar{T_{Y_{i} x}} = \frac{\sum_{i = 1}^{m} T_{Y_{i} x}}{m} = \frac{\sum_{i = 1}^{m} \frac{\int_{0}^{λ_{2}} p^{r_{Y_{i}}^{x} + 1} {(1 - p)}^{s_{Y_{i}}^{x}} dp}{\int_{0}^{λ_{2}} p^{r_{Y_{i}}^{x}} {(1 - p)}^{s_{Y_{i}}^{x}} dp}}{m}

(20)

In the absence of malicious recommendation or a small amount of malicious sensors, the expected value is a good reaction of the real trust value of agent x. The difference between direct trust value of agent x in sensor Y_i and the expected value is

Δ = | T_{Y_{i} x} - \bar{T_{Y_{i} x}} |

(21)

If Δ is large, it indicates that the trust value of agent x in the sensor Y_i departs from actual values. Expectation of trust value of intermediate sensor nodes in sensor z is

\bar{T_{z Y_{i}}} = \frac{\sum_{i = 1}^{m} T_{z Y_{i}}}{m}

(22)

The difference between trust value of sensor z to a certain sensor node Y_i and the above expectation is

Δ' = | T_{z Y_{i}} - \bar{T_{z Y_{i}}} |

(23)

Δ′ is the difference value between the trust value for the intermediate sensor node Y_i in sensor z and the average trust value for all the intermediate sensor nodes. If Δ′ meets the following inequality, then the x might be malicious

\frac{Δ}{\bar{T_{Y_{i} x}}} > \frac{Δ'}{\bar{T_{z Y_{i}}}}

(24)

In the above equation, $Δ / \bar{T_{Y_{i} x}}$ is the deviation of trust value of intermediate sensor node Y_i to agent x. $Δ' / \bar{T_{z Y_{i}}}$ is the different values between the trust value of the intermediate sensor node Y_i and the average trust value in sensor z. The intermediate sensor nodes that meet formula (24) are considered to recommend agent x maliciously, or to defame the agent x. So the sensor Y_i is determined as a malicious sensor node, and recommendation of Y_i is limited.

Simulation and result analysis

In an open network, there will be malicious agents or sensors and false recommendation or malicious service inevitably. In this regard, the reputation value of malicious sensor nodes will be correspondingly reduced as punishment, which makes these sensor nodes become untrusted or lose the opportunity to be selected at a later interaction, and encourages honest and reliable service.

In the following comparison algorithms, we selected two algorithms FAPtrust¹² and SWRT trust.¹⁴ The trust model of FAPtrust consists of four parts, which are direct trust, recommendation trust, incentive function, and active degree. Direct trust is evaluated based on the historical performance of the agent. Recommendation reputation is evaluated from third-party sensor nodes. The incentive function is the punishment mechanism of malicious sensor nodes. The active degree represents the interaction frequency of sensor nodes recently. The value of trust in the SWRT trust reputation model is divided into two parts: direct reputation and recommended reputation value. Direct reputation value is the experience of the sensor to the assessment agency. Recommended reputation consists of recommendation value by a third party to the assess sensor node and the trust value of the third party in the sensor. A third-party recommendation value is decided by two factors: the similarity degree between sensors and the third-party sensor nodes; the historical recommendation reliability of the third-party sensor nodes.

The algorithm in this article also uses the direct trust and recommended trust of third parties. The difference is that this article is based on incomplete β distributed trust model, which is a kind of good simulation to the actual probability distribution. We consider not only the direct trust value but also the one-degree indirect trust and the two-degree indirect trust. A rigorous evaluation of the intermediate sensors is carried out to enhance the tolerance to dynamic changes in the network.

The proposed model is implemented on the simulation platform NS-2 (Network Simulator, version2). Sensor nodes communicate with each other using ZigBee protocol.

The number of sensors is 20, and the number of mobile agents is 50 in the network. The initial threshold value is set to 0.6. There is no malicious sensor in the network. We detect the reputation of mobile agents in the network using different algorithms, such as incomplete β distribution, SWRT trust model, FAPtrust, and traditional β distribution. In the case of different proportions of malicious agents, the accuracies of agent selection using different algorithms are shown in Figure 4. Times of transactions failed are shown in Figure 5.

Figure 4.

Accuracy of agent selection and percentage of malicious agent.

Figure 5.

Times of failed interaction and percentage of malicious agent.

As shown in Figure 4, horizontal ordinate represents the percentage of malicious agents in the scene. The ordinate represents the accuracy of selection. Accepting normal agents and rejecting malicious agents are correct selections. The opposite are wrong choices. So the ordinate is the metric of sensor nodes’ selection for mobile agents. There is no data loss in this scene, so the effectiveness of incomplete β distribution algorithm and the β distribution algorithm is quite similar. It is clear that the accuracy of incomplete β distribution algorithm is better than SWRT trust model. With the gradually increasing proportion of malicious agents, accuracy of FAPtrust algorithm decreases rapidly but the accuracy of incomplete β distribution algorithm is relatively high, more than 85% when the proportion of malicious agents is 40%, which shows that the incomplete β distribution is still useful in the case of a lot of malicious agents existing.

In Figure 5, the horizontal ordinate represents the percentage of malicious agents in the scene. The ordinate represents the times of failed interaction. Failed interaction means a sensor accepts malicious agent’s application.

According to Figures 4 and 5, it can be seen that with the number of malicious agents increasing, there is a reduction in the number of transaction failures in the incomplete beta distribution and beta distribution model. The reason is the introduction of the variable threshold. When the number of malicious agents is large, the threshold also increases accordingly, and the sensor can be effectively protected against attacks by malicious agents. However, in the FAP and SWRT trust model, when the proportion of malicious agents is increased, sensor security is under great threat.

The initial set has 10 normal agents and 10 malicious agents interacting with the sensors, and initial trust value of all sensors and agents is 0.6. Every 10 s, there are 10 new normal agents and 10 malicious agents joining. Interaction frequency of agents with the sensors is 1 times per second. During this time, trust values of malicious agents and normal agents interacting with sensors are shown in Figure 6. If malicious attacks and interference that leads to data loss do not happen in the outside, we set λ₁ = 0, λ₂ = 1 in the incomplete beta distribution.

Figure 6.

Average trust value of normal agents and malicious agents over time.

In Figure 6, the ordinate represents the trust value of agents. For agents continuing to interact with the sensors, successful continuing interaction makes the trust value of the agents increase. For the malicious agents, continued lower level of trust makes its trust value decrease with time.

It can be seen from Figure 6 that the reputation accumulation of normal agents and the reputation punishment of malicious agents are relatively slow in the SWRT trust algorithm. The accumulation of reputation is not uniform in FAPtrust algorithm. After the first successful interaction, the trust value has considerable changes. In reputation model of incomplete β distribution, the reputation value of each agent changes more smoothly because of variable threshold, which reduces the probability of sudden change of reputation.

At the start of interaction, based on initial test results, we set the initial trust of all sensors and agents value to 0.66. And every agent interacts with sensors 10 times in accordance with the established route. With the increase of the normal transaction number, the agents will gradually gain trust accumulation. Because of the malicious behavior in the fourth and seventh interactions, trust value has decreased. And it may be a deliberate act of agents. The agent obtains a higher value of trust by the start of normal interaction and then implements a malicious attack on the sensor.

Reputation accumulation of normal agents and the reputation reduction of malicious agents are relatively slow in SWRT trust model. From Figure 7, we can see each agent’s reputation value fluctuation is small in the SWRT trust algorithm, and punishment for the malicious behavior of the malicious agent is not serious. It means that it can not avoid continuous attack of malicious agents. In FAPtrust model, the trust value rise too fast after the first normal interaction, so malicious behaviors are likely to succeed in the next interactions. Here, the malicious behavior is punished more severely in the incomplete β distribution reputation model, and it is relatively stable in the accumulation of the normal agents’ reputation, which effectively reduces the threat of malicious agents. And it can effectively prevent the harm caused by malicious behaviors on the sensor, while the accumulation of reputation does not change too fast to prevent malicious agents from gaining high reputation accumulation through the deliberate acts.

Figure 7.

Trust value of agents with time.

There are 50 sensors and 50 mobile agents in the network, in which the number of malicious agents is 10, and the proportion of malicious sensors gradually increased. Agents interact with sensors 10 times according to an established route. The initial trust value is set to 0.67, and the threshold value is set to 0.6. The data record is not complete. When the proportion of malicious sensor increases the accuracy of agent selection is as Figure 8.

Figure 8.

Accuracy of agent selection with malicious sensors.

As Figure 8 shows, it is easy to suffer from malicious recommendation from malicious sensors without malicious sensor detection mechanism. With the rise of malicious sensors percentage, accuracy of mobile agent selection rapidly declines. In the incomplete β distribution, we can adjust the value of λ₂ according to the incomplete data recording, λ₂ = 0.5, so that the reputation distribution is more close to the actual situation. And detecting the malicious sensors excludes interference of malicious sensors, and kicks out these sensors from mobile agent tour route, which enhances the security in mobile agents.

There are 50 sensors and 50 mobile agents in the network. Malicious agents and malicious sensors exist in the network, and there is a case of data loss. We set λ₁ = 0, λ₂ = 0.8 in the incomplete β distribution model. Also the initial threshold is set to 0.6, and the initial trust value of mobile agents is 0.66. With the proportion of malicious agents and malicious sensors gradually increasing, the accuracy of agent selection and failed transaction times includes cases that normal sensors are attacked and normal agent accesses malicious sensor, are as Figures 9 and 10, respectively.

Figure 9.

Accuracy of agent selection and percentage of malicious sensor nodes and agents.

Figure 10.

Times of failed interaction and percentage of malicious agents and sensors.

In the case of the presence of malicious agents and malicious sensors in the network, the network status of mobile agents becomes more complex. With the increasing proportion of malicious sensors and malicious agents, malicious sensors recommend malicious agents, so that the selection accuracy of FAP and SWRT model is rapidly declining.

Due to the addition of the malicious sensor detection mechanism. In the β distribution and incomplete β distribution that will detect the malicious recommendation of sensors, the normal agents will remove malicious sensors from its tour route, which reduces the number of failed transactions greatly.

Conclusion

In increasingly complex network environment, the security of mobile agent system has become increasingly important. The formal reputation model is introduced into the interactive environment of mobile agents, and the results performed well. In this article, according to incomplete data records in the actual scene, a reputation model based on incomplete β distribution is proposed, and the value of the parameter needs to be studied further. In the mobile agent system, not only the reputation value of the agent is considered, but also the detection mechanism for potentially malicious sensors and the feedback mechanism are introduced, which makes the mobile agent system run more safely, and protects the system from the risk of attack.

Footnotes

Academic Editor: Juan Cano

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: This work was supported by NSFC (61372108, 61401033), and National Science and Technology Pillar Program Project (2015BAI11B01).

References

Stoopman

Liu

Visser

. Codesign of electrically short antenna–electronics interfaces in the receiving mode. IEEE T Circuits: II 2015; 62(7): 711–715.

Walton

Longstaff

Linger

. Computational evaluation of software security attributes. In: Proceedings of the 42nd Hawaii international conference on system sciences, Waikoloa, HI, 5–8 January 2009, pp.1–10. New York: IEEE.

Yuan

Wang

Zhou

. Information security of power corporations and its reinforcement measures. In: Proceedings of the China international conference on electricity distribution, Shanghai, China, 10–14 September 2012, pp.1–7. New York: IEEE.

Ahmed

. Generate sub-agent mechanism to protect mobile agent privacy. In: Proceedings of the IEEE symposium on computers & informatics (ISCI), Penang, Malaysia, 18–20 March 2012, pp.86–91. New York: IEEE.

Alkady

Habib

Rizk

. A new security protocol using hybrid cryptography algorithms. In: Proceedings of the 2013 9th international computer engineering conference, Giza, 28–29 December 2013, pp.109–115. New York: IEEE.

Chen

Yao

. Design of encryption algorithm of data security for Wireless Sensor Network. In: Proceedings of the international conference on electrical and control engineering, Yichang, China, 16–18 September 2011, pp.2983–2986. New York: IEEE.

Kurniawan

Albone

Rahyuwibowo

. The design of mini PGP security. In: Proceedings of the international conference on electrical engineering and informatics, Bandung, Indonesia, 17–19 July 2011, pp.1–4. New York: IEEE.

Dechthummarong

Chenvidhya

Jivacate

. Experiment and simulation impulse partial discharge behavior in dielectric encapsulations of field-aged PV modules. In: Proceedings of the 37th IEEE photovoltaic specialists conference, Seattle, WA, 19–24 June 2011, pp.3109–3112. New York: IEEE.

Drzevitzky

Platzner

. Achieving hardware security for reconfigurable systems on chip by a proof-carrying code approach. In: Proceedings of the international workshop on reconfigurable communication-centric systems-on-chip, Montpellier, 20–22 June 2011, pp.1–8. New York: IEEE.

10.

Channappagoudar

Venkataram

. Performance evaluation of mobile agent based resource management protocol for MANETs. Ad Hoc Netw 2016; 36(P1): 308–320.

11.

Blaze

Feigenbaum

Lacy

. Decentralized trust management. Piscataway, NJ: Center for Discrete Mathematics & Theoretical Computer Science, 1996.

12.

Xia

Jia

Sha

. Research of trust model based on fuzzy theory in mobile ad hoc networks. IET Inform Secur 2014; 8(2): 88–103.

13.

Pirzada

Mcdonald

. Trust establishment in pure ad-hoc networks. Wireless Pers Commun 2006; 37(1): 139–168.

14.

Wang

Zhang

. Research of P2P network trust model. In: Proceedings of the 5th international conference on intelligent human-machine systems and cybernetics, Hangzhou, China, 26–27 August 2013, pp.70–73. New York: IEEE.

15.

Rajabalinejad

Mahdi

T-F

. The inclusive and simplified forms of Bayesian interpolation for general and monotonic models using Gaussian and Generalized Beta distributions with application to Monte Carlo simulations. Nat Hazards 2010; 55(1): 29–49.

16.

Bouguila

Ziou

. A Dirichlet process mixture of generalized Dirichlet distributions for proportional data modeling. IEEE T Neural Networ 2010; 21(1): 107–122.

17.

. A secure localization algorithm based on beta reputation system. J Inform Comput Sci 2015; 12(7): 2889–2899.

18.

Fang

Zhang

Shi

. Binomial-based trust management system in wireless sensor networks. Chin J Sens Actuat 2015; 28(5): 703–708.

19.

Gerlach

Huang

. Exponentially smoothing the skewed Laplace distribution for value-at-risk forecasting. J Forecasting 2013; 32(6): 534–550.

20.

Chen

Dong

. Research on beta trust model of wireless sensor networks based on energy load balancing. Wirel Sens Netw 2010; 2(5): 373–380.

21.

Pearson

. Tables of the incomplete beta function. Technometrics 1934; 10(4): 879–880.

22.

Kumar

. Classification and review of security schemes in mobile computing. Wirel Sens Netw 2010; 2(6): 419–440.

Reputation detection based on incomplete β distribution for mobile agent in wireless sensor networks

Abstract

Keywords

Introduction

Related work

Research on security of mobile agent server

Code signing

State verification

Historical path recording method

Sandbox mechanism

Research on transmission security of mobile agent

Asymmetric encryption method

Mixed variety of encryption mechanisms

PGP encryption algorithm

Research on security of mobile agent in mobile agent server

Partial results encapsulation mechanism

Hardware protection strategy

Black box method

Research on reputation system

Mobile agent reputation system

The reputation system of β distribution-based mobile agent

Reputation formal model description

Definition 1 (reputation)

Definition 2 (trust)

Definition 3 (judge)

Definition of reputation model

Improved trust model of mobile agent based on incomplete β distribution

Trust model based on incomplete β distribution

Reputation update

Reputation integration

Sensor behavior decision

Malicious sensor detection mechanism based on incomplete β distribution

Simulation and result analysis

Conclusion

Footnotes

Declaration of conflicting interests

Funding

References