A Trust Evaluation Method for Node Cooperation in Mobile Ad Hoc Networks

Kun Wang Meng Wu Subin Shen College of Computer, Nanjing University of Posts and Telecommunications, Nanjing, China

skydondon@gmail.com, wum@njupt.edu.cn, shensb@njupt.edu.cn.

Abstract

In Ad Hoc networks, node misbehaviors due to

selfish or malicious reasons can significantly degrade the performance of ad hoc networks. Previously, we proposed a trust-based incentive model on a self-policing mechanism to make nodes evaluate the trust of their neighbor locally [1]. That approach can mitigate contamination by direct observation and the use of second-hand information available. However, one situation hasn’t been considered that the secondhand information can be spurious, which raises the questions of how to incorporate it in a safe way and whether to propagate it. In this study, we adopt a trust evaluation method with a trust scaling factor on that trust-based incentive model to relieve the influence of fake second-hand information on the accuracy of trust value. Performance by simulation reveals that in the case of existing malicious nodes, the enhanced trusted Dynamic Source Routing (ET-DSR) with proposed trust evaluation method performs better than T-DSR in terms of packet successful delivery ratio and mean number of packets dropped. Meanwhile, ET-DSR is more suitable for large scale networks than T-DSR due to the introduction of trust scaling factor. 1. Introduction

Ad Hoc network [2] is a multi-hop wireless network independently of any base station or fixed infrastructure. In ad hoc network, all networking functions must be performed by the nodes themselves. Due to lack of routing infrastructure, they have to cooperate to communicate. Nodes are rational; their actions are strictly determined by self interest. Therefore, misbehavior exists. Malicious nodes are the nodes that join the network with the intent of harming it by causing network partitions, denial of service, etc. While selfish nodes are the nodes that utilize services provided by others but do not reciprocate to preserve

resources. In game theoretic terms [5], cooperation in ad hoc networks poses a dilemma [6]. To save battery and bandwidth, nodes should not forward packets for others. If this dominant strategy is adopted, however, all nodes are worse off. Therefore, an ideal scheme is needed to give nodes an incentive to cooperate.

Roughly, the proposed incentive approaches can be classified into reputation-based and market-based schemes. In reputation-based systems, nodes observe the behavior of other nodes and act accordingly by rewarding cooperative behavior and punishing uncooperative behavior. The typical model of this scheme includes “watchdog” and “pathrater” [3], CONFIDANT [4], CORE [7], etc. Another approach to creating incentives for packet relaying is the market-based approach, as is shown in Nuglets [8], Micro-Payment [9], SPRITE [10], etc. In such systems, nodes receive a micro-payment for every packet that they relay; in return, nodes can use these payments to send their own traffic. In addition, recent incentive schemes for nodes cooperation in multi-hop cellular networks have been researched, such as STUB AD HOC [11], which is beyond the range of this study.

CONFIDANT is a reputation system containing detection, trust evaluation and trust refreshment. Aiming at the drawback of CONFIDANT [1], we have proposed a trust-based incentive model on a self-policing mechanism to make nodes evaluate the trust of their neighbor locally. However, we haven’t considered that the secondhand information can be spurious, which raises the questions of how to incorporate it in a safe way and whether to propagate it. Hence, we use a trust scaling factor (TSF) [13] to shrink the impact of fake secondhand information.

2. Related works

The proposed trust model is based on CONFIDANT, and the definitions of model are as follows [1].

Fifth International Conference on Information Technology: New Generations

978-0-7695-3099-4/08 $25.00 © 2008 IEEEDOI 10.1109/ITNG.2008.43

1001

Fifth International Conference on Information Technology: New Generations

978-0-7695-3099-4/08 $25.00 © 2008 IEEEDOI 10.1109/ITNG.2008.43

1001

Fifth International Conference on Information Technology: New Generations

978-0-7695-3099-4/08 $25.00 © 2008 IEEEDOI 10.1109/ITNG.2008.43

1000

Fifth International Conference on Information Technology: New Generations

978-0-7695-3099-4/08 $25.00 © 2008 IEEEDOI 10.1109/ITNG.2008.43

1000

Fifth International Conference on Information Technology: New Generations

978-0-7695-3099-4/08 $25.00 © 2008 IEEEDOI 10.1109/ITNG.2008.43

1000

2.1. Trust Model

Trust value of N i to N j is:

Ti, j = a Fi, j + b Si, j

({Ti, j, Fi, j, Si, j }�(0,1), { a, b }�(0,1)) (1)

Where Fi, j and Si, j are N i’s trust values to N j by self-detection and by other nodes’ information about N j, respectively;

a and b are weight value parameters, and the weighty of Fi, j and Si, j in computing the trust to N j can be changed by adjusting a and b. Besides, trust between N i and N j is independent and non-symmetric, that is, Ti, j doesn’t equal to Tj, i [14].

Fi, j is N i’s trust value to N j by directly detecting. If N i is in the radio range of N j (assuming that N i is the neighbor of N j), N i can obtain Fi, j by self-computation. Fi, j is defined as:

Fi, j �(�1 �2 �3 �4) (2)

Where � is a ratio function of monitored traffic statistics pertaining to traffic volume; �1 is the number of incoming packets on the monitored N j; �2 is the number of outgoing packets from the monitored N j; �3 is the number of packets from source N j to destination N i, �4 is the number of packets from source N i to destination N j [14,15].

According to the parameters above, � is defined as:

� 2 3

1 4

� �

� �� (3)

Si, j is N i’s trust value to N j by N x (N x is also the neighbor of N j) monitoring N j. Initially, when N i enters into network, it doesn’t have the monitoring information of N j from N x, at this time, Si, j equals to zero, i.e., Ti, j equals to Fi, j. we define other as the set of other nodes: other ={� N x � other � � Ti, x s. t. Ti,x � TH }

(4) Where, TH is a threshold of trust [14].

These three definitions are the main trust values of our trust model. In the former work, we used the weighted average [16] of Ti, x over all the nodes in other to define Si, j as:

Si, j , ,

,

×O th e r

O th e r

i x x jx

i xx

T T

T�

�

(5)

Where Ti, x in the numerator and Tx, j are the trust values of N j on N x and N x on N j, respectively; Ti, x on denominator is a weighting parameter. So in this study,

we will use TSF to modify Si, j to reduce the impact of fake secondhand information.

2.2. Trust evaluation process

Described trust evaluation process is classified into

three phases: initial phase, update phase and re-establish phase [14], as shown in figure 1. Trust is depicted into three domains: nodes in the “High” domain are highly trusted by their neighbors, and their trust values will be utilized to compute Si, j; nodes in the “Medium” domain are those with intermediate trust values, and they are not utilized in computing Si, j; and the nodes in the “Low” domain are those marked as un-trusted malicious nodes.

Figure 1. Trust Evaluation Process

Trust Initial Phase: When a new node joins a

network which already exists, other nodes in this network have no traffic statistics about this new node. As a result, the new node does not have any trust information about its neighbors and vice-versa. We can see in Fig.1, there is a scenario that a new node N j joins the network. Then N j is given a trust value TM, and it starts being monitored by its neighbor N i, as is shown in AB. At this time, N i doesn’t have the monitoring information of N j from N x, so Si, j equals to zero, i.e. Ti, j equals to Fi, j. N i computes Fi, j by equation (2). If N j is not a malicious node, the trust value of N i on N j will reach TH in some time, represented by BC, after which N i can computes Ti, j by equation (1) till the trust value of N i on N j reaches TMAX, as the curve CD. As long as N j doesn’t depart from the network, i.e., N i is all along the neighbor of N j, the detection of N i to N j and trust computation will be carried out continuously. Similarly, if there is no misbehavior on N j all the time, the trust will keep to TMAX, as the curve DE.

Trust Update Phase: When N j left the scope of

detection of N i (i.e., N j is no longer the neighbor of N i) at t1 due to node’s mobility and now are back in radio range again, the weighting parameter a in equation (1) will fade during �t (�t t2 t1). Here, it decays exponentially as:

10021002100110011001

a = tca e � � � � (6)

Where c is a decay factor; is a constant. If the trust value fades to the value above TH at the

time t2, Ti, j equals to TH, as the curve EFG; if it fades to TX below TH (TL

�TX

�TM), Ti, j equals to TX, as the curve

EH. TH and TX are the trust values that N i keeps on N j after N j is out of the scope of detection of N i.

When N j are back in N i’s radio range again (i.e., N j becomes the neighbor of N i again), N i computes Ti, j at TH or TX, but not at TM, as the curve GIJK or HLJK.

Trust Re-establish Phase: Some nodes will be

defined as malicious nodes because of the linking errors or the battery exhausting. Therefore, a redemption mechanism is needed for “malicious” nodes to regain the trust of other nodes. According to the value Ti, j, N i won’t choose N j as its forwarding node when N j, whose trust value is in “Low” domain, intends to establish trust with its neighbor N i. Consequently, the trust value needs increasing periodically to TM, which is the re-establishment process for nodes’ trust, as represented by MNOPQR. The re-establishment function T’i, j (TY � T’i, j � TM) is defined as:

3

3

,

, '

, Y

i jY

T t tT

T k t t t

��

� � �

���

( 0< Y LT T� ) (7)

Where k is an incremental slope, which decides the rate of re-establishment process, that is, the redemption rate, TY is N i’s trust value on N j at the time t3.

When T’i, j reaches TM, N i computes the trust value on N j by equation (1).

3. Trust evaluation method base on TSF 3.1. Trust evaluation rules

Trust Discounting: As the trust value is determined by direct interactions, trust propagation results in the discounting of trust values [17]. Suppose N i has trust value 'p' on N x , and N x has a trust value 'q' on N j . Then N i trusts N j by a value 'pq'. This is shown in figure 2.

Figure 2. Trust Discounting Rule

The above rule can be extended to unlimited number of intermediaries.

Trust Enhancing: However, if we get two or more

secondhand information from different disjoint paths, then trust propagation results in enhancing trust value [17]. Suppose N i has got recommendation trust 'p' about N j through one path and 'q' through another

disjoint path. Then N i trusts N j by a value '1 - (l-p) (1-q)'. This is shown in figure 3.

Figure 3. Trust Enhancing Rule

Again the above rule can be extended to any number of disjoint paths.

Trust Scaling: It is impossible to find disjoint path between two nodes while evaluating trust as suggested in [18], it is shown in figure 4.

Figure 4. Trust Scaling Figure 5. Explaining Trust

Rule Scaling Factor

Suppose N i is computing trust for N j, and if we follow [18] we must choose either N n or N m. If we choose agent N m, this is just like ignoring the opinion of N n on N j in community, which is logically incorrect. To solve above mentioned problem, we introduce a trust scaling factor (TSF=�<1). While evaluating trust for N j using [19], we convert the above network into parallel network by making two copies of N x as shown below in figure 5. In this case, N x is making two kinds of secondhand information, so its opinion 'p' should be scaled down to get more realistic trust value for agent N j. A simple thumb rule may be just give (50%) weight to N x 's opinion so �=1/2 in this case and then treat the two paths 'ixnj' and 'ixmj' as disjoint paths by enhancing trust. 3.2. TSF algorithm 1) Decide the indegree Xin and outdegree Xout of every intermediate node N x; 2) For any link in network excluding destination node N j, remove those links with trust reliability Tx, j < TH (the threshold of trust value); 3) If all N x have Xin = Xout =1, the topology must be parallel network and the procedure terminates; 4) For every intermediate node N x between source node N i and the last intermediate nodes N j-1, if N x has Xin >1 or Xout >1, then form as many as Xin Xout parallel paths through a copy of N x. Consequently, referral network between N i and N j-1will become a parallel topology graph [19]; 5) Count the total number of the last intermediate node N x (Ntotal) for the same destination before N j-1, by each intermediate node N x, use

10031003100210021002

�x = [1/ ]totalN conscons

� (8)

as TSF, where cons is a constant and set according to the value of Ntotal [13], which is related with the network size; 6) Using trust discounting and enhancing rules to compute Si, j.

Here, let us take figure 6 for an example to illustrate this algorithm. Suppose that T1,3 < TH, we can see that figure 7 is the parallel network topology of figure 6.

Figure 6. Original Network Figure 7. Parallel Topology Topology after TSF

From figure 7, we know Ntotal is 3, so we set cons

to 10.According to equation (8), �x should be 0.4.we can find that the error value is much larger. Hence, theoretically, the more the number of node is, the more precise the value of �x is. In this way, Si, j in path “124” will be

Si, j(124) = Si, j(124) =�(124)(Ti,1×T1,2 ×T2,4× T4, j) (9)

and according to figure 3, the total Si, j will be Si, j =1-(1- Si, j(124))(1- Si, j(15))(1- Si, j(3)) (10)

4. Performance analysis

In this section, we present the simulation of Enhanced T-DSR (ET-DSR) with a new trust evaluation method, compared with the T-DSR in our former work. We implemented our protocol using NS 2 (version 2.29) with CMU wireless extension [20]. The common parameters for all the simulation runs are the same as T-DSR listed in TABLE 1 [1].

TABLE 1 SIMULATION SETTINGS

Parameters Value Parameters Value Simulation Area

1000units×1000units

MAC Protocol

IEEE 802.11

Transmission Range

200units Linking Capacity

2Mbps

Traffic Source

CBR Packer Size 64 bytes

Mobility Model

Random Way Point Simulation Duration

800s

Sending rate 0.5 pkt/s Node Speed [0,20]units/s

We also utilized two parameters to illustrate the

performance of ET-DSR, just as T-DSR.

1) Packet successful delivery ratio (PDR), data packets delivered to the destination

PDR=data packets generated by the CBR sources

2) Mean Number of Packets Dropped (MNPD), n-1

i=0MNPD= (data packets generated -data packets received

1 )n

Due to the parameter cons in computing �x, we cannot change the network size in the same experiment by a large degree, for the choice of cons follows the network size. If cons is inconsistent in the experiment, the results are confused. So we firstly set the same number of malicious nodes in network with the same total number of nodes, and analyzed what impact the node mobility (change of pause time) on PDR and MNPD, as well as the comparison of ET-DSR and T-DSR. Then we varied the number of malicious nodes in the same network to observe the two protocols. Subsequently, we considered the main parameters a, b, c and k is set to 1 to analyze the effects on above two parameters. We need to point out that the cons is fixed in the experiments above. At last, we largely changed the network size, i.e., set different cons to analyze the influence of cons on network performance. The results are demonstrated in figure 8 to figure 16.

We fixed the parameters a b 0.5, c 1, k0.005. The network size was set to 60, in which there were 20 malicious nodes. By doing this, cons should be chosen by 100, according to equation (8). The PDR and MNPD of T-DSR and ET-DSR varying the pause time are shown in figure 8 and 9. We can see that the PDR of ET-DSR and T-DSR are almost the same, while the MNPD of T-DSR is much greater than that of ET-DSR, which means ET-DSR effectively stimulates the nodes cooperation. On the other hand, pause time has little influence on MNPD, especially in DSR. However, with the increment of node mobility, T-DSR is a little more affected, since malicious nodes have more opportunities to be forwarding nodes, which enlarges the MNPD.

Figure 8. PDR VS Pause Time Figure 9. MNPD VS Pause Time

10041004100310031003

The MNPD and PDR of two compared protocols with the change of number of malicious nodes are depicted in figure 10 and figure 11, respectively when pause time was set to zero and network size to 60. As is shown in figure 10, during the time when the number of malicious nodes increases to 10, MNPD of ET-DSR and T-DSR are almost the same, after which MNPD of ET-DSR increases more slowly than that of T-DSR. It is indicated that ET-DSR can allow the existence of a little more number of malicious nodes. In figure 11, we can find that the PDR of ET-DSR is a little greater than that of T-DSR.

Figure 10. MNPD VS Figure 11. PDR VS

Number of Malicious Nodes Number of Malicious Nodes

Subsequently, we gave thought to the influence on PDR by the main parameters a, b, c and k in ET-DSR. As described above, we fixed network size at 60, and the number of malicious nodes at 20, with the variant pause time. The results are shown in figure 12, 13 and 14. It can be seen in figure 12 that the monitoring information (second-hand information) other nodes provide is in favor of discovering malicious nodes more quickly, which makes cooperation between nodes intensified. If secondhand information is out of use, that is a 1, b 0, PDR will obviously decline. On the other hand, we also find that the PDR of ET-DSR is lager than that of T-DSR [1] due to the relief of influence from fake secondhand information. In figure 13 we can see that if there is no fading in nodes’ trust, i.e., c 0, nodes cooperation will inevitably weaken, since those nodes whose trust reach top will alternatively refuse to forward packets. Figure 14 denotes that the redemption rate (value of k) of malicious nodes will impact on nodes cooperation as well. Providing that redemption rate is excessively fast (see k ), likewise, malicious nodes can rejoin in network quickly, which will be bound to affect PDR, while slow redemption rate can make network operate in safer environment with fewer malicious nodes.

Figure 12. c 1, k 0.005, Figure 13. a=b=0.5, k 0.005, PDR VS Pause Time PDR VS Pause Time

Figure 14. a=b=0.5, c 1, PDR VS Pause Time

Finally, we largely changed the network size, i.e.,

set different cons to analyze the influence of cons on network performance. Like the first experiment, we fixed the parameters a b 0.5, c 1, k 0.005. The network size was set to 240, 60 and 15, in which there were 80, 20 and 5 malicious nodes, respectively (the ratio of malicious nodes to the network is fixed to 1/3). Therefore, according to the network size, the cons should be selected as 1000, 100 and 10, respectively. The MNPD and PDR of ET-DSR varying the pause time are shown in figure 15 and 16. These two figures reveal that the network size has much connection with network performance. Meanwhile, by introducing TSF, our trust evaluation method is more suitable for large scale networks.

Figure 15. MNPD VS Pause Time Figure 16. PDR VS Pause Time 5. Conclusions

10051005100410041004

By the analysis of our former work, a trust evaluation method on a self-policing mechanism is proposed to enhance the performance of proposed trust model. The proposed trust evaluation approach can relieve the influence of fake second-hand information on the accuracy of trust value. From the simulations we can reveals that in the case of existing malicious nodes, the ET-DSR with proposed trust evaluation method performs better than T-DSR in terms of packet successful delivery ratio and mean number of packets dropped. Meanwhile, ET-DSR is more suitable for large scale networks than T-DSR due to the introduction of trust scaling factor. Though the case of spurious secondhand information is under control, the reputation systems still face several security problems [21]. Hence, the same security issues on this trust model deserve to be attached further importance to, which is also our following target. 6. Acknowledgments

This work is supported by National "863" High Technology Research and Development Program Foundation of China (No.2006AA01Z208); Six Talented Eminence Foundation of Jiangsu Province, China; Natural Science Foundation of Jiangsu Province, China (No.BK2007236). 7. References [1] W. Kun, and W. Meng, “A Trust Approach for Node Cooperation in MANET,” 3rd International Conference on Mobile Ad-hoc and Sensor Network, LNCS 4864, pp. 481–491, 2007. [2]R. David, and G.N Ignas, “Ad Hoc networking in future wireless communications,” Computer Communications, Vol. 26, 2003, pp.36-40.[3] S. Marti, T.J. Giuli, and K. Lai, “Mitigating routing misbehavior in mobile MANET networks,” 6th International Conference of Mobile Computer Networks, Boston, MA, 2000, pp.255--265. [4] S. Buchegger, and J.Y. Le Boudec, “Performance Analysis of the CONFIDANT Protocol (Cooperation of Nodes-Fairness in Dynamic Ad-Hoc NeTworks),” 3rd ACM International Symposium of Mobile MANET Networking and Computing, 2002, pp.80—91. [5] D. Fudenbery, and J. Tirole, “Game Theory,” Cambridge, MA , 1991. [6] A Rapaport., and A.M. Chammah, “The Prisoner’s Dilemma: A study in conflict and cooperation,” University of Michigan Press, 1965.

[7] P. Michiardi, and R. Molva, “Core: A COllaborative REputation mechanism to enforce node cooperation in Mobile Ad Hoc Networks,” IFIP - Communication and Multimedia Security Conference, pp.107-121, 2002. [8] L. Buttyan, and J.P. Hubaux, “Nuglets: a virtual currency to stimulate cooperation in self-organized MANET networks,” Technical Report DSC/2001/001, Swiss Federal Institute of Technology, Lausanne, 2001. [9] M. Jakobsson, J.P. Hubaux, and L. Buttyan, “A Micro-Payment Scheme Encouraging Collaboration in Multi-Hop Cellular Networks,” 7th International Financial Cryptography Conference, Berlin, Germany, 2003, pp. 15-33. [10] S. Zhong, J Chen., and Y.R. Yan, “Sprite: a simple, cheat-proof, credit-based system for mobile ad-hoc networks,” IEEE Conference on Computer Communications, San Francisco, CA, 2003. pp.1987-1997. [11] B. Lamparter, K. Paul, and D. Westhoff, “Charging Support for MANET Stub Networks,” Computer Communications, Vol. 26, 2003, pp.1504-1514. [12] S. Buchegger, and J.Y. Le Boudec, “A Robust Reputation System for Peer-to-Peer and Mobile Ad Hoc Networks,” 2nd Workshop on the Economics of Peer-to-Peer Systems. Harvard Univ., Cambridge, MA, 2004. [13] M.H. Durad, C. Yuanda, and Z. Liehuang, “Two Novel Trust Evaluation Algorithms,” International Conference on Communications, Circuits and Systems Proceedings, Guilin, China, 2006, pp. 1641-1646. [14] V. Mohit, J. Murtuza, and C. Madhusudhanan, “Quantifying Trust in Mobile Ad-Hoc Networks,” IEEE International Conference on Integration of Knowledge Intensive Multi-Agent Systems, Waltham, MA, USA, 2005, pp.65-70. [15] Y. Huang, and W. Lee, “A Cooperative Intrusion Detection System for Ad Hoc Networks,” ACM Workshop on Security of Ad Hoc and Sensor Networks, Fairfax VA, 2003, pp.135-147. [16] The weighted average definition, http://www.mathwords.com/w/weighted_average. htm [17] R. Levien, and A. Aiken, “Attack-resistant trust metrics for public key certification,” 7th USENIX Security Symposium, San Antonio, TX, 1998, pp 229-242. [18]S. Lee, R. Sherwood, and B. Bhattacharjee, “Cooperative Peer Groups in NICE,” 22nd IEEE International Conference on Computer Communications, San Francisco, USA, 2003, pp. 1272-1282. [19] L. Mui, “Computational models of trust and reputation: agents, evolutionary game, and social networks,” Ph.D Thesis, MIT, Massachusetts, 2003. [20] The Vint Project, “The ns-2 network simulator,” http://www.isi.edu/nanam/ns [21] S. Buchegger, and J.Y. Le Boudec, “Self-policing Mobile Ad Hoc Networks by Reputation Systems,” IEEE Communications, 2005, pp. 101-107.

10061006100510051005