Upload
zia-talley
View
23
Download
0
Embed Size (px)
DESCRIPTION
Conceptual Framework for Dynamic Trust Monitoring and Prediction. Olufunmilola Onolaja Rami Bahsoon Georgios Theodoropoulos School of Computer Science The University of Birmingham, UK. Outline. Definitions Reputation systems Collusion attack Background - PowerPoint PPT Presentation
Citation preview
Conceptual Framework for Dynamic Trust Monitoring and Prediction
Olufunmilola OnolajaRami Bahsoon
Georgios Theodoropoulos
School of Computer ScienceThe University of Birmingham, UK
2/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Outline
Definitions Reputation systems Collusion attack Background DDDAS Conceptual
framework Summary
3/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
DefinitionsTrust Social perspective. Gambetta (1988) stated that when a node is trusted, it
implicitly means that the probability that it will perform an action that is beneficial is high enough to consider engaging in some form of cooperation with the node.
Reputation The opinion of an entity about another. Synonymous to trust?
Misbehaviour Behavioural expectation. The deviation from the expected behaviour of nodes in
a network. Collusion attack.
4/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Reputation and Trust Based Systems Provide mechanisms to produce a metric
encapsulating reputation for a given domain for each identity in a system.
They aim to Provide information to distinguish untrustworthy
entities, Encourage members to be trustworthy, Discourage the participation of malicious entities, Isolate, deny service and punish malicious entities.
5/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Reputation and Trust Based Systems
Cooperation Enforcement Schemes
Incentive Based Schemes (virtual currency)
Integrity Based Framework Credit Based Reputation Models
This mechanism has a weakness of failing to detect misbehaving nodes in the case of collusion.
Recommendations provided by individual nodes in the network are used in deciding the reputation of other nodes.
Watchdog is resident on each node that monitors and gathers information based on promiscuous observation.
6/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
The problem of collusion is very important because its effects Can considerably affect
network performance and May hinder
communication vital to fulfilling of the mission of the network.
e.g. Military application, motes, battlefield.
Collusion Attack
Suppose node A forwards a packet P through B to D. Node C can decide to misbehave and colludes with B.
With the watchdog mechanism, it is possible that B does not report to A when C modifies the packet to P#.
B C DA
P P P#
B C
7/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Why DDDAS? Measurement, simulation, feedback and
control
Reputation is not static but dynamic, computation of trust should be equally dynamic.
Dynamic approach to identifying and isolating misbehaving (group of) nodes.
Online rating (Trust values TVs), using data provided from the network – past and present data.
Simulation improves prediction – future data. The predictions help to focus on areas of uncertainty or
risk.
More accurate analysis, prediction.
8/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Framework
Predictions to update network
Agent-based
simulation
Data
Data requests and updates
Update TVs
Raw data
Controller
Tru
st value
calculator
Data
transform
ation
Aggregation
Node
Cluster head
Communication
Data flow
Regions of trust
Online data
Historical data
Simulation Prediction Feedback
Physical system
9/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Framework Components
Physical system Nodes, cluster head
Controller Aggregator
Data collection, relevant data Data transformer
Observations - captured, quantified and numerically represented
Qualitative data to quantitative value – trust value 0 ≤ trust value ≤ 5
Trust value calculator Available information to useable metric
Data repository Online and historical data
10/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Framework Components
Properties – internal or external
Changes to properties influenced by logic/external entity
SimulationInternal properties
External properties
Messages
In-built logic
Probabilities of collusion and misbehaviour
Behavioural rules incorporated into nodes, predicted trust values change using probabilities of collaboration
11/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Trust values
1
... )1()3()2()1()(
i
tvtvtvtvtv
innnni
h
Time intervals j = (1, 2, ..., i-1) i - current time, (i-1) - time of last snapshot tvo, tvn , tvh - online, new and historical trust
values
oh
ioohhi
n
tvtvtv
)(
Weights o and h - factors for the online and historical TVs
[o,h]>0 and o>h , more emphasis on recent behaviour
Intoxication attack
12/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Trust valuesTrust table showing the degrees of trust and corresponding
regions of risk.Trust Value Meaning Description Region
5 Complete trust
Trusted node with an excellent reputation
Low risk
4 Good trust level Very reliable node Low risk
3 Average trust level
Average value and somewhat reliable
node
Medium risk
2 Average trust level
Average value but questionable node
Medium risk
1 Poor trust level
A questionable node
High risk
0 Complete distrust
Malicious node with a bad reputation
High risk
Focus
13/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
nodetype = malicious; badtend = true;
tvh = 2; tvn= 0 nodetype = suspect; badtend = true;
tvh = 4; tvn= 2
Repast simulation toolkit, nodes belong to a context, and interaction is defined within the context.
Context-sensitive behaviour is implemented in the simulation by triggers created in nodes.
Scenario
At 9 ticks
nodetype = trusted; badtend = true; tvo = 4
After 18 ticks
nodetype = suspect; badtend = true; tvo = 2
14/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Summary
DDDAS framework has the potential of providing a high level of dynamism to trust and reputation systems allowing for more accurate analysis of the system and enabling predictions.
Collusion attack is not possible because trust decisions are not made using node recommendations.
Current status TV computation, simulator
Future challenges Data (sources, aggregation and transformation) Definition of regions of trust Validation Evaluation of performance
15/15Olufunmilola Onolaja, Rami Bahsoon, Georgios Theodoropoulos
ICCS2010
Thank you. Questions???
Funmi Onolaja