Sage Journals: Discover world-class research

Abstract

Accurate prediction of the trust relationship is the basis for trusted access and secure interaction between Internet of things nodes. To evaluate the degree of trust, a trust metric is assigned to every node depending on its several attributes. Normal nodes in Internet of things tend to suffer collusion attacks from malicious nodes; thus, the accuracy of the trust measurement decreases. To enhance the security of interaction between massive Internet of things nodes, we propose a multidimensional attribute trust model and a dynamic maintenance mechanism of a trusted group. The proposed model provides a reference for the selection and evaluation of node multidimensional attribute factors to adapt to different Internet of things application scenarios. The dispersion of satisfaction records is used to discover abnormal data and weaken its influence on the calculation of the node’s comprehensive trust evaluation. The construction of trusted groups provides an architectural foundation for the application of group signature that maintains low network overhead. The performance of multidimensional attribute trust model and dynamic maintenance mechanism is verified using Netlogo. Simulation results show the efficiency of the proposed model to classify the malicious nodes and honest nodes, as well as to build a trusted group that could ensure honest nodes occupy the major proportion.

Keywords

Internet of things trusted group trust evaluation multidimensional attribute feedback control

Introduction

IoT (Internet of things) consists of multiple information sensors. These entities interact with others to implement intelligent perception, recognition, and management of objects and process through various network access. It covers scenes in Smart Cyber-Physical Systems¹ that require high connection density such as Smart Transportation², Smart City³, Smart Grid⁴, etc. IoT meets people’s needs for digital society and will further open the era of “Internet of Everything.”

Security is one of the main concerns in IoT. The IoT contains terminal devices that have strict requirements on network delay. These devices are related to personal safety, such as a wearable sphygmomanometer connected to the hospital. Attacks on IoT will endanger the personal safety and cause serious consequences. The focus of relevant research about security is mainly divided into two aspects: privacy preservation mechanism and trust evaluation scheme. For the former, scholars have proposed algorithms to conceal the physical status⁵ while maintaining a low resource consumption⁶. As for the latter, an efficient and comprehensive interaction mechanism for trusted access of IoT nodes needs to be considered in a targeted manner.

Trusted access depends on an accurate prediction of the trust relationship. Researchers in related fields use different trust metric approaches to quantify the degree of trust between nodes as trust value. Trust value is mainly calculated with either direct or indirect evaluation. Behavioral attributes and weighting factors are considered to ensure the robustness of the trust computing process. Realistic application scenarios require to shorten the recommended trust chain and reduce the cost of trust assessment, and then enable efficient determination of node properties and interactive decision as well.

Trust model can be divided into two types of architectures: centralized and distributed frameworks. The centralized trust model delegated a central node to calculate trust value and manage other nodes. For the distributed trust model, each node completes the trust evaluation of other entities independently. Each node can be both a truster and a trustee. Considering the actual application situation, the trust model is required to minimize the operator’s security management costs and improve access efficiency. However, the evaluation factors of traditional trust models are less considered. Their limitations are greater and result in a greatly reduced practicality. A security strategy that provides corresponding security protection under low latency constraints and has less impact on its performance is required. Therefore, massive IoT nodes require more efficient, fine-grained, and reliable trust modeling. This has become a huge challenge for the security of trust access in IoT.

This article focuses on the multiple environments of IoT and proposes a fine-grained trust model. Also, we comprehensively consider the impact of malicious node attacks and camouflage behavior and the occasional abnormal behavior of normal nodes. The proposed trust model implements efficient prediction as well as interactive decision and management of trust relationships between entities.

There is a contradiction between network security performance and network energy consumption, and the computing and storage capabilities of nodes are limited. The approach to finding a balance between security and energy consumption to ensure the coexistence of performance advantages and security of the IoT requires further research. Considering that certain nodes among the massive IoT nodes of the same nature belong to a group and the group restricts individuals, it is possible to formulate individual trust evaluation rules by introducing group trust specifications. This method of constructing trust groups could also provide new ideas for fast and reliable access between massive IoT nodes. The main contributions of this article are as follows:

We propose a multidimensional attribute factor selection and evaluation method to provide a more comprehensive reference for trust evaluation. Then we adopt the dispersion-based anomaly metric identification method to weaken the impact of the attack on the comprehensive credibility calculation and improve the success rate of node interaction.

We propose a multidimensional attribute trust model (MATM) that combines centralized and distributed trust management to accurately measure the credibility of nodes.

We provide a feasible trustworthy division scheme for massive IoT nodes. Through building a trustworthy group, we could reduce the cost of security verification. We also propose a dynamic maintenance mechanism (DMM) for trusted groups to further ensure reliability and effectiveness.

The rest of the article is organized as follows. Section “Related work” presents some existing related works. Section “Proposed trust model” details the proposed Trust Model. Section “Trusted group” shows the steps to build and maintain a trusted group. In section “Simulated results,” simulation results evaluate the performance of our trustworthy division scheme. The conclusion is given in section “Conclusion.”.

Related work

In this section, we review the existing trust models and observe their limitations and advantages. Trust is a concept derived from human sociology. In recent years, researchers in related research fields have given a variety of trust cognition modeling methods. Mike et al.⁷ correlated trust with risks and threats and established a direct link between trust and risk through trust research in multiple contexts.

Researchers built the trust model through their trust cognition and quantification; thus, the models reflected a different performance. Xie and Wei⁸ proposed a node dynamic trust evaluation method (IDTEM) for the IoT, characterized node behavior, and suppressed malicious recommendations. But IDTEM requires a detailed distinction between the cooperation modes of devices in specific application scenarios and has poor versatility. Ye et al.⁹ expressed the trust relationship between workers and requesters by constructing a crowdsourcing trust network CTN and analyzing threat patterns in the trust vector Worker Trust Vector (WTV) as a global trust score. Hu et al.¹⁰ added the core behavior to describe the behavior characteristics of the entity, and the risk evaluation factor is added during the calculation process, but the semantic model large-scale distributed system trust model (LSDM) proposed in the article does not completely cover the concept of the trust model and gradually falls as the number of nodes increases. Pawar et al.¹¹ proposed a reputation mechanism for computing cloud service providers, and trust uncertainty is more accurately described based on evidence.

The trust model is designed to complete the framework of trust evaluation. The trust model aims to solve internal attacks and to identify the malicious nodes and improve the reliability of the system. The focus of the research is the approach to improve the trust model on their performance. Based on the model responsible for trust computing and management tasks, the trust model is classified into centralized and distributed. We are going to discuss the limitations and advantages of both.

Centralized trust model

The centralized trust model includes a reputation center (certification center/trust center). Niu et al.¹² proposed a trust model based on the cloud model which unifies the randomness and uncertainty of the trust description and can efficiently carry out trust propagation and merge operations, but the trust cloud synthesis algorithm among them has high computational complexity and low scalability. Mohsenzadeh et al.¹³ proposed a trust model based on fuzzy mathematics according to the success and failure interactions between cloud entities based on trust attributes and semantics. This model has a certain capability of collaborative deception identification and tolerance, but the accuracy of discrimination between honest and malicious entities is relatively low. As an extension of cloud computing, fog computing is considered to be a relatively more secure and efficient environment. Therefore, scholars have designed new trust evaluation scheme for the fog computing environment. Al-khafajiy et al.¹⁴ proposed a fog COMputIng Trust manageMENT (COMITMENT) approach to manage the trust level of nodes in fog computing environment, and the approach were able to reduce the malicious attacks.

At present, there are few studies on the centralized trust model, mainly due to its two serious shortcomings:

Poor scalability: Centralized trust assessment requires an authentication mechanism that causes huge overhead and results in a decrease in performance.

Single point of failure: The idea of the centralized trust model is concise, but it depends too much on the reliability and efficiency of the reputation center.

Distributed trust model

A distributed network is a robust mesh network composed of nodes distributed in different locations. Compared with a centralized network, it can effectively avoid single-point failures of important nodes.

Li et al.¹⁵ proposed an opportunistic network safe routing decision method based on trust mechanism, which relies on message carrying to realize the collection of evidence chain and uses trust vectors with signatures and timestamps to effectively feed back the trust degree of nodes. Wu et al.¹⁶ proposed a blockchain-based peer-to-peer (P2P) network trust model. The weight of the indirect trust degree is determined according to the reliability of the indirect trust degree of the evaluation node in the network. It has high flexibility and universality, but the model granularity is relatively coarse. You et al.¹⁷ revised the reliability of the recommended node based on the interaction satisfaction feedback, but its evaluation process relies heavily on local storage and cannot be effectively applied to scenarios where there is no local storage such as cross-domain and strange node interaction.

The trust model has multiple application scenarios. Ma and Li¹⁸ proposed an edge node credibility evaluation model based on integrated trust. This model can realize efficient edge calculation based on integrated trust and effectively process the massive data generated by network edge devices, but it lacks an accurate trust calculation process. Hasrouny et al.¹⁹ proposed a hybrid trust model (HTM) and a malicious behavior detection system (MDS). Based on vehicle behavior, trust measurement can effectively distinguish between malicious vehicles and honest vehicles, but this model is only applicable to VANET and is difficult to transplant. Jiang et al.²⁰ proposed a trust model for distributed wireless sensor networks. In the calculation process of direct trust, various factors such as communication trust, energy trust, and data trust are considered to define trust reliability and familiarity. However, the model’s weight judgment on direct trust and recommended trust has certain limitations.

Moreover, there are several improvement methods to the existing trust model. The EigenTrust model²¹ is optimized using evolutionary game theory to model peer entities, and trading behaviors more accurately reflect the actual situation. Cho and Chen²² proposed a data-driven method used to reduce the resource consumption when selfish or malicious nodes exist. And the proposed trust framework is evaluated using random Petri nets, which makes the framework achieve a better node trust assessment accuracy and can be effectively used in delay-tolerant networks. Wang and Liu²³ proposed a Bayesian modeling method aimed at the online detection of fault-tolerant dynamic event areas in wireless sensor networks. The concepts of virtual community and trust index can be used as a reference for the construction of trusted groups in this article. Tariq et al.²⁴ proposed an energy-efficient, software-defined-network-based Mobile Code-driven Trust Mechanism (MCTM) in order to solve the trust evaluation problems on Software-Defined Network (SDN) for SNs.

As the trust model continues to evolve, more factors are considered in the trust evaluation. This finally constitutes a trust framework with a mixture of multiple mechanisms. GeTrust²⁵ is a P2P network trust model based on guarantee; the service node selects the guarantee node and provides reputation mortgage for the service. It combines the incentive mechanism and anonymous reputation management strategy and effectively improves the transaction success rate. Jayasinghe et al.²⁶ proposed an effective modular hybrid trust framework, establishing trust based on entity reputation. Truong et al.²⁷ used third-party opinions, experience, and direct observation as three trust indicators. It can clarify the concept of trust in the social IoT ecosystem and establish a reliable social network between the entities based on the owner, but it lacks practicality.

Table 1 shows the comparison between different trust models in related works and the properties of our proposed model.

Table 1.

Comparison between different trust models in related works.

	Classifications	Related works	Proposed model
Architecture	Centralized	12–13
	Distributed	15–18, 20–25
	Integrated	19	x
Trust evaluation factors	Coarse-grained	16, 21, 25, 27
	Fine-grained	14, 20, 22, 24, 26	x
Trust modeling based	Cloud model	12, 13
	Direct/indirect trust calculation	14, 16, 17, 19, 20, 24	x
	Bayes	23
Feedback control		16, 17, 19, 20, 25	x

Research on IoT is mainly focused on the development of communication transmission technology or trust modeling of specific networks and lacks trust models designed for the access characteristics of massive IoT nodes. The consideration of the attributes, factors, and weights that affect trust is incomplete. Hence, trust evaluation, trust management, social community construction, and feedback control are integrated to realize a comprehensive consideration and evaluation of trust. Based on the trust value calculation and with the concept of the trusted group, there is a flexible approach to finish the dynamic trust evaluation of massive IoT nodes. The approach should fasten the ability of trusted access and real-time autonomous feedback, which also provides new ideas for the research on the security solutions of massive IoT nodes. This will help to promote the stable operation of IoT and have important theoretical and practical significance for the development of IoT applications.

Proposed trust model

In this article, we propose an MATM to cover various IoT scenes and enhance the reliability of trust evaluation results. The description of related notations is shown in Table 2.

Table 2.

Notations in the trust model.

$P_{i}$	Subject node in interaction
$P_{j}$	Object node in interaction
$Ω E$	L-dimensional trust evaluation result set based on the node’s computing environment
$E v_{e}$	Trust level of communication process
$Ω B$	M-dimensional trust evaluation result set based on the node’s behavior
$Ω O$	N-dimensional trust evaluation result set based on the node’s other attributes
$S_{c}^{ij}$	Interaction satisfaction of nodes $P_{i}$ to $P_{j}$
$S_{hvec}^{ij}$	Historical interaction satisfaction record vector
$h (i)$	Time decay function
$T_{h}^{ij}$	Historical trust value
$T_{D}^{ij}$	Direct trust value of $P_{i}$ to $P_{j}$
$ρ_{ij}$	Dispersion of direct trust value relative to historical interaction satisfaction
$T_{message}^{ij}$	Proof of trust
$T_{I}^{ij}$	Recommend trust value from neighbors
$ρ_{ij}^{*}$	Dispersion of recommend trust value
$T_{total}^{j}$	Total trust value of $P_{j}$
$T_{global}^{j}$	Global trust value of $P_{j}$
$θ_{0}$	Threshold of trusted group
$ν_{i}$	Trust degree attenuation factor
$E (h (θ \| α, β))$	Historical statistics value based on the node’s feedback behavior
$P u_{i}$	Trust degree punishment factor
$R_{i}$	Trust degree reward factor

Direct trust value

Suppose that $P_{1}, P_{2}, . . ., P_{N}$ are IoT nodes that interact in the network environment. The direct trust value of the node is the quantitative value of the trust evaluation calculated by the subject node with reference to the interaction result; the latter is based on the aggregation of multidimensional trust evaluation factor.

Multidimensional trust evaluation factor selection

The multidimensional trust evaluation result set of an IoT node can be described as a triple

Ω = (Ω E, Ω B, Ω O)

(1)

Among them, $Ω E$ is an l-dimensional trust evaluation based on the node computing environment, which can be described as follows

Ω E = ({Ev}_{e}^{1}, {Ev}_{e}^{2}, . . ., {Ev}_{e}^{l})

(2)

where $E v_{e}$ reflects the trust level of the subject node based on the node computing environment to the object node. After the connection is established, suppose that the communication process between $P_{i}$ and $P_{j}$ is $co m_{1}, co m_{2}, . . ., co m_{q}$ ( $co m_{1}, co m_{2}, . . ., co m_{x}$ belongs to $P_{i}$ , $co m_{x + 1}, co m_{x + 2}, . . ., co m_{q}$ belongs to $P_{j}$ ). The set of permissions required to complete the interaction $co m_{x + 1}, co m_{x + 2}, . . ., co m_{q}$ is ${p s_{x + 1}, p s_{x + 2}, . . ., p s_{q}}$ . The access permission of external nodes to interact with the node $P_{i}$ is $pa$ , and then the trust level of the communication process $E v_{e}$ can be described as

E v_{e} (i, j) = \frac{1}{q - x - 1} \sum_{i = x + 1}^{q} p s_{i} \land pa

(3)

Similarly, suppose that the access permission granted by the node $P_{j}$ from an external node process is $pb$ , and the evaluation function of the two-dimensional trust level of the node is

E v_{e} (i, j) = {\begin{matrix} {Ev}_{e}^{ij} = \frac{1}{q - x - 1} \sum_{i = x + 1}^{q} p s_{i} \land pa \\ {Ev}_{e}^{ji} = \frac{1}{x} \sum_{i = 1}^{x} p s_{i} \land pb \end{matrix}

(4)

where ${Ev}_{e}^{ij}$ and ${Ev}_{e}^{ji}$ are the trust evaluation of $P_{i}$ to $P_{j}$ and $P_{j}$ to $P_{i}$ .

Among the triples, $Ω B$ is the m-dimensional trust evaluation based on node behavior, which can be described as

Ω B = ({Ev}_{b}^{1}, {Ev}_{b}^{2}, . . ., {Ev}_{b}^{m})

(5)

The m-dimensional trust evaluation based on node behavior can include the following parameters:

Identity verification: Whether the node has completed identity verification.

Data packet forwarding rate: During the interaction, the terminal node $P_{i}$ requests N data packets from the node $P_{j}$ , and the node $P_{j}$ forwards n (n ≤ N) data packets. After receiving the data packet, the node $P_{i}$ evaluates the node’s behavior based on the data packet forwarding rate. The trust evaluation on the number of forwarded packets is proportional to the data packet forwarding amount.

Data packet repetition rate: The data packet repetition rate is also an important reference indicator for judging whether the node’s behavior is abnormal. When the data packet repetition rate is low, the node tends to be credible, and its satisfaction in forwarding data packet repetition rate will increase as the repetition rate decreases. As the repetition rate gradually approaches and exceeds the threshold of the service’s tolerable repetition rate, the more likely the node to behave abnormally, the more likely it will be considered as a malicious node.

Packet content: The behavior of a node is monitored by its neighbors, so the phenomenon observed by the monitoring node can be deduced, that is, whether the node has tampered with the contents of the data packet. If the node does take malicious actions and illegally steals or tampers with information, it should reduce its credibility accordingly.

Transmission delay: The transmission delay should fluctuate within the minimum range allowed by the network architecture. If the transmission delay of the node $P_{j}$ forwarding data packets to the node $P_{i}$ is less than the critical value specified by the system, the trust evaluation of node $P_{j}$ in transmission delay is considered to be a fine level. As the transmission delay exceeds the threshold and continues to rise, the node $P_{j}$ tends to cause a malicious attack.

Residual energy: Due to the resource limitation of the IoT node itself, the node may not be able to provide effective forwarding services because it has consumed all the energy. To avoid determining such normal nodes as malicious nodes, the impact of the remaining energy of the node on the ability to forward data packets should be considered. The node detects its remaining energy and records, as well as sends the node’s maximum energy and remaining energy to its neighbors. The influence of the remaining energy of the node will be quantified as the remaining energy influence factor.

Life cycle: The subject node collects the most recent moments of neighboring nodes joining and exiting the system. Also, it calculates the survival time of each neighbor and the trust quantization value of the target node’s lifetime.

The n-dimensional trust evaluation of other attributes in the triple is determined according to the actual application scenario and can be described as

Ω O = ({Ev}_{o}^{1}, {Ev}_{o}^{2}, . . ., {Ev}_{o}^{n})

(6)

This can include the following:

Activeness: Periodically calculate the number of messages received from a node according to system attributes. The number should be equal to 1. If the number of messages sent during this period is greater than 1, it is required to consider whether it is a malicious node attack (Denial of Service (DoS) or other). If the number of messages is 0, consider whether it is marked as an inactive node (denying service or leaving the transmission radius).

Signal strength: Signal strength helps to determine the location of the node.

Direction: The direction of node movement is used to judge the tendency of a node to enter or leave a group.

The number of trusted neighbor nodes: The number of neighbor nodes whose global trust value has achieved a certain threshold within the transmission radius of the node.

In practical applications, considering the network overhead and node energy constraints, the above attribute factors should be selected for evaluation according to the specific preferences of the network.

Interaction satisfaction calculation

Interaction satisfaction refers to the evaluation made by the subject node according to the multidimensional attribute factors of the object node after interaction. According to the source of satisfaction data during trust calculation, it is divided into subjective service satisfaction and historical service satisfaction. Satisfaction value ranges from [0,1]. 0 means entirely dissatisfied and 1 means absolutely satisfied.

The interaction satisfaction of the terminal node $P_{j}$ with the terminal node $P_{i}$ is $S_{c}^{ij}$ , and its calculation method is the weighted sum of the multidimensional trust evaluation results. Referring to the work of Bullen,²⁸ the interaction satisfaction will be calculated as follows

S_{c}^{ij} = {[Π_{k = 1}^{n} w_{k} E v_{k}]}^{1 / n}

(7)

Considering that the node has certain self-interest preferences, the evaluation value of each trust aspect has a different impact on the overall trust evaluation. The weight coefficient $w_{i}$ represents the interest preference level in the $k th$ trust aspect. The weight coefficient is described as

\begin{matrix} w = (w_{1}, w_{2}, . . ., w_{l + m}) \\ \sum_{k = 1}^{l + m} w_{k} = 1 \end{matrix}

(8)

History interaction satisfaction

After the interaction satisfaction calculation is completed, the node will store the calculated interaction satisfaction and update the historical interaction satisfaction record vector, which is described as

S_{hvec}^{ij} = (〈 t_{1}, S_{c}^{i j^{(1)}} 〉, 〈 t_{2}, S_{c}^{i j^{(2)}} 〉, . . ., 〈 t_{n}, S_{c}^{i j^{(n)}} 〉)

(9)

where $t_{m}$ is the interactive service timestamp, and $S_{c}^{i j^{(m)}}$ is the subjective satisfaction record of the last interactive service in $t_{m}$ .

According to the cognitive habits in human psychology, trust relationships are time-sensitive, and their credibility dynamically decays with time. In the locally stored historical trust record vector $S_{hvec}^{ij}$ , the time weighting coefficient is defined as

\begin{matrix} w^{*} = (w_{1}^{*}, w_{2}^{*}, . . ., w_{n}^{*}) \\ w_{i}^{*} = h (t_{i} - t_{0}) = h (i) \end{matrix}

(10)

where $h (t - t_{0})$ is the time decay function, $h (i) \in [0, 1]$ . The time decay function can give the trust metric reasonable weight coefficients at different time points. The interaction satisfaction obtained by the newly generated interaction behavior should reflect the trust status of the node more than the old interaction satisfaction, so the time decay function can be defined as

h (i) = {\begin{matrix} 1 & i = n \\ h (i - 1) = h (i) - \frac{1}{n}, & 1 \leq i \leq n \end{matrix}

(11)

The historical trust value is derived from the historical satisfaction record vector $S_{hvec}^{ij}$

T_{h}^{ij} = \sum_{k = 1}^{n} \frac{w_{k}^{*}}{\sum_{l = 1}^{n} w_{l}^{*}} \times S_{c}^{i j^{(k)}}

(12)

Direct trust value and dispersion

The direct trust value represents the evaluation of the subject node’s credibility based on the interaction result with the object node, generally based on the comprehensive consideration of the interaction satisfaction and historical interaction satisfaction. The node-to-node direct trust value is calculated by the following equation

T_{D}^{ij} = γ S_{c}^{ij} + (1 - γ) T_{h}^{ij}

(13)

where $γ$ is the weight coefficient of satisfaction for this interaction ( $0.5 \leq γ \leq 1$ ). We determine the specific value according to the discrete degree of the interaction satisfaction and the historical interaction satisfaction or the actual network environment application requirements; it generally takes 0.5.

Nodes may provide unstable services. Therefore, after calculating the direct trust value, the dispersion direct trust value relative to historical interaction satisfaction should also be calculated. These are used as the trust evaluation made by the subject node for itself and as the reference of subsequent reward and punishment mechanism. Referring to the work of You et al.,¹⁷ the dispersion could be calculated as

ρ_{ij} = \frac{1}{\sqrt{\frac{1}{n - 1} \sum_{k = 1}^{n - 1} {(T_{c}^{i j^{(k)}} - T_{D}^{ij})}^{2}} + 1}

(14)

The structure of the database table where the principal node is stored locally is shown in Table 3:

Table 3.

Local storage database table structure.

Node ID	Timestamp	Historical interaction satisfaction vector	Direct trust value	Dispersion
j	t	$S_{hvec}^{ij}$	$T_{D}^{ij}$	$ρ_{ij}$

Proof of trust

After the end of the trust evaluation calculation process, the subject node generates a trust certificate about the object node and broadcasts it to the neighbor nodes. The proof of trust is expressed as

T_{message}^{ij} = (I d_{i}, I d_{j}, T s_{ij}, T_{D}^{ij}, ρ_{ij}, D s_{ij})

(15)

Among them, $I d_{i}$ and $I d_{j}$ are the unique identity of node i and node j, respectively. $T s_{ij}$ is the timestamp generated for the proof of trust, $T_{D}^{ij}$ is the direct trust value, $ρ_{ij}$ is the evaluation of the reliability of the direct trust value by the subject node, and $D s_{ij}$ is the digital signature information. Through verifying the digital signature, we can guarantee the authenticity of the trust certificate.

Recommend trust value

After the initialization is completed, the interaction between nodes needs to calculate the recommended trust value based on the direct trust value provided by the neighbors. At the same time, the dispersion of the recommended trust value is calculated to assign the weight of the direct trust value and the recommended trust value, and the interactive decision is made according to the result

T_{I}^{ij} = \frac{1}{N} \sum_{k = 1}^{N} T_{D}^{kj}

(16)

Similarly, we calculate the dispersion of the recommended trust value to evaluate the reliability of the recommended trust value. Determine the proportion of the direct trust value and the recommended trust value in the comprehensive calculation

ρ_{ij}^{*} = \frac{1}{\sqrt{\frac{1}{n - 1} \sum_{k = 1}^{n - 1} {(T_{D}^{kj} - T_{I}^{ij})}^{2}} + 1}

(17)

Total trust value

The node’s total trust value is the judgment basis for the interactive decision between nodes, which is calculated by the following equation

T_{total}^{j} = β T_{D}^{ij} + (1 - β) T_{I}^{ij}

(18)

where

β = \frac{ρ_{ij}}{ρ_{ij} + ρ_{ij}^{*}}

(19)

The subject node comprehensively calculates the total trust value of the object node based on the interaction history record stored by itself and the recommended trust value sent by the neighbor nodes. This value determines whether to interact with the node.

Global trust value

We screen the feedback behavior of malicious nodes and collect the direct trust value data of other nodes to the target node. The global trust value of the node could be calculated as follows

T_{global}^{j} = \sum_{c \in C}^{C} \frac{ρ_{cj}}{\sum_{k \in C}^{C} ρ_{kj}} \times T_{D}^{cj}

(20)

When the global trust value $T_{global}^{j}$ of the target node reaches the threshold $θ_{0}$ of the trusted group, it is marked as a trusted node and admitted to the trusted group. The nodes in the trusted group still need to update the feedback of the direct trust value based on the behavior of other nodes to correct the credibility of the node in real time.

This model introduces multidimensional attribute factors and evaluates trust by service satisfaction, dispersion of direct trust value, and total trust value of nodes based on users’ behaviors. These factors are used to fine-grain the trust measurement of nodes. This model is designed to improve the trust access efficiency of massive IoT nodes and the trusted group. This approach is able to adapt to dynamic network changes and make up for the limitations and deficiencies of the traditional trust model.

Trusted group

The trusted group in IoT is a collection of nodes that satisfy certain rules. The user nodes in the network can be regarded as the mapping of creatures in nature. Creatures with certain properties will form a group. In the community, the default rules regulate the behavior of the individual. The individual should not disturb the normal survival order of the community because of their own interests. Otherwise, they will be punished by the community or directly expelled from the community. Following this mode, the trusted group is built based on the result of trust modeling. Arbitrary operations are banned in the trusted group. User nodes are required to output under the constraints of the group. Once the trusted group builds, the group will use a DMM to ensure the credibility of group members.

The process of establishing a trusted group in this article could be summarized as follows:

Evaluates the node and calculates the direct trust value by calculating the service satisfaction based on the multidimensional attribute evaluation factor.

Collects the direct trust value of the neighboring node to calculate the global trust value of the node.

Follows the group access limitation and constraints on individual nodes and maintains the dynamic credibility of the entire group.

Construction of a trusted group

The node enters the system and obtains an initial trust value of 0.5 (i.e. it cannot be judged as trustworthy or untrustworthy). Every node that enters the system must try to become a member of a trusted group. When nodes a, b become neighbors, according to their credibility, it is verified by the system to form a trusted group within a certain transmission radius if their global trust value achieves the group threshold $θ$ . Node a becomes the GL (Group Leader) of the group, and b becomes the candidate GL.¹⁹ Node a will be responsible for the management of other neighboring nodes joining the group. When the GL leaves the trusted group transmission radius or leaves the group for other reasons, the most trusted node in the group becomes the new GL and manages the group members.

Trust evaluation is the foundation for the establishment of a trusted group. As shown in Figure 1, nodes obtain feedback on their trust value through interaction. The trusted group initialization node collects trust data and calculates its total trust value to determine whether to allow a new member to join.

Figure 1.

Trust evaluation process.

When there enters a new member, the initialization node gives its group signature key. When an old member in the group exits, the initialization node generates a new group public key and broadcasts it to the group members. The members of the group use the same group public key to verify the signature generated by any group member using the group signature key, reducing the verification delay and overhead while also ensuring anonymity.

The construction of the trusted group satisfies the needs of massive IoT nodes to reduce verification overhead. It provides new ideas for fast trusted access between massive nodes.

DMM of the trusted group

Trust value decay mechanism

When the target node does not have any activity within a certain time window $ϕ$ (including requesting, providing services, and giving feedback), its trust value decay factor is calculated periodically according to the time difference $t - t'$ . $t$ is the current time and $t'$ is the last activity time of the node. $κ$ is a parameter to control the decay rate. The credibility attenuation factor is expressed as

ν_{i} = {\begin{matrix} 0, & if t - t' > ϕ \\ e^{- (t - t') / κ}, & otherwise \end{matrix}

(21)

Historical statistics based on node feedback behavior

When the error of the recommended trust value feedback by the node is beyond the set threshold $ξ$ , the node’s feedback behavior is considered abnormal this time. Otherwise, the feedback behavior is considered normal.

We use the beta probability density function to represent the posterior probability of binary events

\begin{matrix} h (θ | α, β) = \frac{Γ (α + β + 2)}{Γ (α + 1) + Γ (β + 1)} \cdot θ^{α} \cdot (1 - θ)^{β} \\ (θ \in [0, 1], α \geq 0, β \geq 0) \end{matrix}

(22)

where $α$ and $β$ represent the number of occurrences of normal behavior and abnormal behavior, respectively. The mathematical expectation of the node’s historical behavior statistics (i.e. the probability of normal behavior in the future when feedback) is

E (h (θ | α, β)) = \frac{α + 1}{α + β + 2}

(23)

Reward and punishment mechanism

Let $ρ_{kj}$ as the dispersion between the trust value feed back from the current node and the trust value of other nodes. When $ρ_{kj}$ is within the tolerance threshold $λ$ , it reveals that the feedback is a normal trust assessment, and then accept the direct trust value of its feedback. When $ρ_{kj} \in (λ, 1]$ , it reveals that the deviation is too large. The evaluation value may be due to the exaggeration/defamation attack behavior of malicious nodes.

Effective feedback behavior is required to ensure that the dispersion of the trust value is within the tolerance threshold. Referring to the work of You et al.,¹⁷ the punishment factor according to the specific conditions of its feedback could be calculated as follows

P u_{i} = p \times E (h (θ | α, β)) \times ρ_{kj}

(24)

where $p$ is the penalty control factor, and $E (h (θ | α, β))$ is the historical statistics based on node feedback behavior. If the effective proportion of the node’s historical recommendation behavior is high, then a mistake will not cause the node’s credibility to be greatly reduced. But if the percentage of invalid feedback becomes higher, it will be difficult for nodes to improve their credibility in future feedback behaviors. We calculate the dispersion of the feedback value after a certain interaction accumulation. The greater the dispersion $ρ_{kj}$ , the greater the deviation from other users’ trust evaluation of the target node, and the reliability of the node itself will be affected accordingly.

When the direct trust value returned by the node is valid ( $ρ_{kj} \in [0, λ)$ , where $λ$ is the tolerance threshold), the credibility reward is given to this node, and the reward factor is calculated based on equation (25)

R_{i} = \frac{υ^{t}}{q}, υ > 1, q > 1

(25)

where $1 / q$ is the reward parameter for trust; by adjusting the value of this parameter, we could control the influence of reward mechanism on trust value. $υ$ is the base of the trust reward and t is the safe operating cycle for nodes. We set the above three parameters according to the actual needs of the network application.

DMM algorithm

To ensure the real-time credibility of the group, the above-mentioned time decay mechanism and the reward/punishment mechanism constitute a dynamic maintenance mechanism of the trusted group.

The DMM algorithm is as follows:

$\begin{matrix} Algorithm GroupMemberDecision (j) : \\ T \leftarrow global trust value of node j \\ if j is inactive, then \\ compute ν as the trust degree attenuation factor \\ T \leftarrow ν * T \\ end if \\ d \leftarrow dispersion of the latest feedback trust value \\ if d > threshold of tolerance, then \\ compute P as the trust degree punishment factor \\ T \leftarrow P * T \\ else \\ compute R as the trust degree reward factor \\ T \leftarrow R * T \\ end if \\ if T < threshold of the trusted group, then \\ drive out j from the trusted group \\ else \\ keep j in this trusted group \\ end if \end{matrix}$

Through the above mechanism, the global trust value of the group members in the trusted group can be updated in real time. This mechanism effectively removes the member nodes with bad behavior and ensures the validity and correctness of the trusted group.

Simulated results

To prove the correctness of the model mentioned in this article, based on the research in the previous section, a virtual network environment was constructed using the simulation software Netlogo. In the simulation process, the node interaction behavior is simulated first, and a trusted group is constructed. When the initialization is successful, the node interaction result evolution simulation is performed according to the trust model.

Experimental environment and settings

There are three types of nodes in the network:

Honest nodes: Always provide high-quality services and correct feedback as much as possible.

Malicious nodes: Always provide low-quality services and exaggerated feedback value to members of the malicious team. For the nodes outside the team (honest nodes and dynamic nodes), the value of trust is defamatory.

Dynamic nodes: The quality of service provided by such nodes dynamically changes with time and may act as honest nodes. The behavior of this type of nodes may be like malicious or honest. At the same time, correct feedback is made.

In detail, malicious nodes not only provide low-quality services, which interferes with the normal operation of the system as well as the feedback information. The feedback trust value of malicious nodes to the member of their malicious team is always 1. The feedback trust value to the members outside the malicious team is 0. The dispersion of feedback of the direct trust value is always submitted as 1 by the malicious node.

Honest nodes always provide high-quality services as much as possible and give correct feedback to interactive nodes when interacting.

The dynamic node will randomly behave like a malicious node or an honest node and will not be regarded as a part of the team by the malicious node. The existence of dynamic nodes will make the simulation experiment environment closer to the actual application environment.

Table 4 shows the parameter settings of the simulation experiment.

Table 4.

Simulation experiment parameter setting.

Parameter	Value	Description
N	300	Number of nodes
T	100	Total time steps
Malicious%	10%, 15%, 20%, 25%, 30%, 40%	Proportion of malicious nodes

Simulation results

Interaction success rate

The success rate of node interaction is an important indicator for evaluating the performance of a trust model. To verify the effectiveness of our proposed model (MATM), the IDTEM model of the recent research literature⁸ and the classic EigenTrust model²⁹ were subjected to the same simulation experiment. The experimental results are shown in Figure 2.

Figure 2.

Node interaction success rate changes with the proportion of malicious nodes.

As shown in Figure 2, the EigenTrust model is a classic trust management model and is a lack of consideration of other influencing factors, thus has the poorest performance on interaction success rate among the three models. The IDTEM model aims to suppress the malicious recommendation, and the interaction success rate results in a gentle decline. The proposed model in this article comprehensively evaluates the trust of nodes by

Multidimensional attribute;

Dispersion of trust value;

Time decay.

Our trust model has significant advantage on interaction success rate, especially in low percentage of malicious nodes. As the proportion of malicious nodes increases, the impact of the exaggerated collaborative attacks and defamation attacks on the network environment is more obvious. These attacks result in the decline of the interaction success rate with the increase in the proportion of malicious nodes. However, our proposed trust model MATM still maintains the highest success rate among the compared models.

The efficiency of the proposed model

Since the global trust value of a node is the main basis for judging the identity of a node, the simulation makes a statistical calculation of the average global trust value of various nodes, as shown in Figure 3.

Figure 3.

The average global trust value of honest, malicious, and dynamic nodes when N = 300: (a) malicious nodes account for 10%, (b) malicious nodes account for 20%, (c) malicious nodes account for 30%, and (d) malicious nodes account for 40%.

The average global trust value is unified as a value from 0 to 1. It can be seen from Figure 3 that in the case where the malicious nodes account for a relatively low percentage (10%, 20%), the average global trust value of honest nodes is the highest, the value maintained above 0.8 after stabilization. Because of the instability of dynamic nodes, the average global trust value of dynamic nodes is below 0.7. As for the malicious nodes, the value is at a low level below 0.2, indicating the correctness of the trust assess method and the interactive decision of MATM.

When the malicious nodes account for 30%, the average global trust value of honest nodes will reduce to 0.7 due to the exaggeration/collaborative attacks and defamation attacks of malicious nodes. As for the dynamic nodes, they are greatly affected and entering a low trust value of 0.1–0.2. The average global trust value of malicious nodes has increased slightly, but it remains within the low trust value range of 0.2–0.3. In the case where malicious nodes account for 40%, the average global trust value of honest nodes remains above 0.55, while the value of malicious nodes is stable at 0.3–0.4. Dynamic nodes have their own behavior and are attacked by malicious nodes, resulting in the lowest average value.

Simulation results show that after a certain round of interaction, the credibility of various nodes will tend to be stable. At the same time, when the proportion of malicious nodes continues to increase, this model can still ensure that the average global trust value of honest nodes is above 0.5. It tends to be trusted as the average global trust value of malicious nodes is below 0.5.

The efficiency of the trusted group

To verify the validity of the trusted group, we also output the identification of members in the trusted group. As shown in Figure 4, malicious nodes account for 10%, 20%, 30%, and 40% of all nodes (N = 300), respectively.

Figure 4.

The proportion of malicious and honest nodes in the trusted group when N = 300: (a) malicious nodes account for 10%, (b) malicious nodes account for 20%, (c) malicious nodes account for 30%, and (d) malicious nodes account for 40%.

Figure 4 demonstrates the correlation of the proportion of malicious nodes and the group composition. When the proportion of malicious nodes is relatively low (10%, 20%), more than 90% of the trusted group members are honest nodes. As the proportion of malicious nodes increases, the coordinated attacks of malicious nodes interfered with the acceptance of the trusted group. But the trusted group can still maintain more than 75% of the honest nodes. It illustrated that the trusted group has the effectiveness of application in the system.

Conclusion

We proposed an MATM for the IoT trustworthiness relationship depending on the associate attributes of nodes. The trust relationship prediction is based on the trust value provided by nodes in a certain transmission radius. We adopted trust value dispersion in trust computing to protect normal nodes from collusion attacks by malicious nodes. According to the trust degree computed by the trust modeling process, we built the trusted group and selected the TL for the trust group to support the management of nodes. We designed a DMM that includes time decay, reward, and punishment strategies to update the trusted group with comprehensive trust status. This mechanism effectively guarantees the reliability and stability of trusted groups. Simulation results show that MATM could effectively screen malicious nodes from normal nodes, as well as respond to invalid feedback from malicious nodes. Compared with some existent trust model, our proposed model has better performance in interaction success rate. We also showed by simulation the efficiency of the trusted group and ensure that the honest nodes account for the majority of the trusted group. This article aims at resolving problems about incomplete consideration and large overhead under the traditional IoT security strategy.

Future work will distinguish the behavior of malicious nodes in detail and improve the performance of our proposed trust model. The selection of trusted group management nodes in the network environment and the calculation of comprehensive credibility will be further optimized to improve the trust evaluation scheme for trusted groups.

Footnotes

Handling Editor: Peio Lopez Iturri

Declaration of conflicting interests

The author(s) declared no potential conflicts of interest with respect to the research, authorship, and/or publication of this article.

Funding

The author(s) disclosed receipt of the following financial support for the research, authorship, and/or publication of this article: This research was supported by National Key Research and Development Project (2019YFB2102303), National Natural Science Foundation of China (61971014) and Henan Key Research and Development Project (202102310522).

ORCID iD

Jinghan Chen

References

Cai

Zheng

. A private and efficient mechanism for data uploading in smart cyber-physical systems. IEEE Trans Netw Sci Eng (TNSE) 2020; 7(2): 766–775.

Kaminaris

Tripolitakis

Stavrakakis

, et al. An intelligent data acquisition and transmission platform for the development of voyage and maintenance plans for ships. In: The fifth international conference on information, intelligence, systems and applications (IISA 2014), Chania, Crete, Greece, 7–9 July 2014. IEEE.

Pan

Deng

Shen

. Credit distribution for influence maximization in online social networks with time constraint. In: Proceedings of 2015 IEEE International Conference on Smart City/SocialCom/SustainCom, Chengdu, China, 19–21 December 2015, pp. 255–260. Piscataway, NJ: IEEE.

Deng

, et al. A reliable QoS-aware routing scheme for neighbor area network in smart grid. Peer Peer Netw Appl 2016; 9(4): 616–627.

Zheng

Cai

. Privacy-preserved data sharing towards multiple parties in industrial IoTs. IEEE J Sel Areas Commun (JSAC). 2020; 38(5): 968–979.

Zheng

Cai

. Data linkage in smart IoT systems: a consideration from privacy perspective. IEEE Commun Mag. 2018; 56(9): 55–61.

Mike

Gianluca

Ken

, et al. Trust Modelling in 5G mobile networks. In: Proceedings of the 2018 workshop on security in softwarized networks: prospects and challenges (SecSoN’ 18), Budapest, Hungary, 20–24 August 2018, pp. 14-19. New York: ACM.

Xie

Wei

RX.

A dynamic trustworthiness assessment method for Internet of Things nodes. Comput Appl 2019; 3: 2597–2603.

Wang

Liu

Crowd defense: a trust vector-based threat defense model in crowdsourcing environments. In: Proceedings of the 2017 IEEE international conference on web service, Honolulu, HI, 25-30 June 2017, pp. 245-252. New York: IEEE.

10.

Yang

Jia

ZJ.

A semantic trust model of large-scale distributed system based on Ontology. In: Proceedings of the 30th Chinese control and decision conference, Shenyang, China, 9-11 June 2018, pp. 1738-1743. New York: IEEE.

11.

Pawar

Rajarajan

Nair

, et al. Trust model for optimized cloud services. In: Proceedings of the Ifip international conference on trust management, Surat, India, 21-25 May 2012, paper no. 374, pp. 97–112. Berlin: Springer.

12.

Niu

You

Tang

, et al. 5G network slice security trust degree calculation model. In: Proceedings of the IEEE international conference on computer and communications (ICCC), Chengdu, China, 13–16 December 2017, pp. 1150-1157. New York: IEEE.

13.

Mohsenzadeh

Motameni

MJ.

Retraction note to: a new trust evaluation algorithm between cloud entities based on fuzzy mathematics. Int J Fuzzy Syst 2019; 18: 659–672.

14.

Al-khafajiy

Baker

Asim

, et al. COMITMENT: a fog computing trust management approach. J Parallel Distr Comput 2020; 137: 1–16.

15.

Shi

Chen

, et al. A trust-based approach to secure routing decisions for networks of opportunity. Softw J 2018; 29: 2829–2843.

16.

, et al. A peer-to-peer network trust model based on blockchain. Comput Sci 2019; 46: 138–147.

17.

You

Shangguan

, et al. Distributed dynamic trust management model based on trust reliability. J Softw 2017; 28: 2354–2369.

18.

. Trust evaluation model in edge computing based on integrated trust. In: Proceedings of the 2018 international conference on algorithms, computing and artificial intelligence (ACAI’18), (paper no. 26), Sanya, China, December 2018, pp. 1–6. New York: ACM. https://doi.org/10.1145/3302425.3302491

19.

Hasrouny

Samhat

Bassil

, et al. Trust model for secure group leader-based communications in VANET. Wireless Netw 2019; 25: 4639–4661.

20.

Jiang

Han

Wang

, et al. An efficient distributed trust model for wireless sensor networks. Parallel Distrib Syst 2015; 26: 1228–1237.

21.

Wang

An EigenTrust dynamic evolutionary model in P2P file-sharing systems. Peer Peer Netw Appl 2016; 9: 599–612.

22.

Cho

Chen

IR.

PROVEST: provenance-based trust model for delay tolerant network. IEEE Trans Dependable Secure Comput 2018; 99: 151–165.

23.

Wang

Liu

Online fault-tolerant dynamic event region detection in sensor networks via trust model. In: Proceedings of the 2017 IEEE wireless communications and networking conference (WCNC), San Francisco, CA, 19–22 March 2017, pp. 1-6. New York: IEEE.

24.

Tariq

Asim

Maamar

, et al. A mobile code-driven trust mechanism for detecting internal attacks in sensor node-powered IoT. J Parallel Distrib Comput 2019; 134: 198–206.

25.

Meng

Liu

. GeTrust: a guarantee-based trust model in chord-based P2P networks. IEEE Trans Dependable Secure Comput 15(1): 54–68. DOI: 10.1109/TDSC.2016.2530720.

26.

Jayasinghe

Otebolaku

, et al. Data centric trust evaluation and prediction framework for IoT. In: Proceedings of the 2017 ITU kaleidoscope: challenges for A Data-driven Society, Nanjing, China, 27–29 November 2017, pp. 1-7. New York: IEEE.

27.

Truong

Zhou

, et al. From personal experience to global reputation for trust evaluation in the social internet of things. In: Proceedings of the global communication (GLOBECOM), Singapore, 4–8 December 2017, pp. 1-7. New York: IEEE.

28.

Bullen

PS.

Handbook of means and their inequalities. Berlin: Springer Netherlands2003.

29.

Kamvar

Schlosser

Garcia -Molina

. The EigenTrust algorithm for reputation management in P2P networks. In: Proceedings of the 12th international conference on world wide web, Budapest, Hungary, May 2003, pp. 640-651. New York: ACM.

Construction of Internet of things trusted group based on multidimensional attribute trust model

Abstract

Keywords

Introduction

Related work

Centralized trust model

Distributed trust model

Proposed trust model

Direct trust value

Multidimensional trust evaluation factor selection

Interaction satisfaction calculation

History interaction satisfaction

Direct trust value and dispersion

Proof of trust

Recommend trust value

Total trust value

Global trust value

Trusted group

Construction of a trusted group

DMM of the trusted group

Trust value decay mechanism

Historical statistics based on node feedback behavior

Reward and punishment mechanism

DMM algorithm

Simulated results

Experimental environment and settings

Simulation results

Interaction success rate

The efficiency of the proposed model

The efficiency of the trusted group

Conclusion

Footnotes

Declaration of conflicting interests

Funding

ORCID iD

References