Trust Management in Wireless Networks

1
Trust Management in Wireless Networks

• Presented by
• Sherif Khattab
• Joint work with
• Subrata Acharya, Daniel Mossé, and José
  Brustoloni
• Department of Computer Science
• University of Pittsburgh
• S-CITI Workshop
• May 31st, 2005

2
Trust Theory

• Socio-cognitive model from T3 Group
• Cognitive agent X trust in agent Y is the result
  of a complex mental attitude of X towards Y about
  an action/behavior A relative to some result/goal
  G.
• X decides to delegate A to Y according to
• Beliefs/expectations
• Internal
• external
• Risk analysis
• Trust environment

3
Trust Theory (contd.)
Rely upon Y
4
Trust Theory (contd.)

• Sources of trust
• Direct experience
• Reasoning
• e.g., categorization
• Reputation

5
Challenges in Wireless Networks

• Resource constrained
• PKI for Wireless Sensor Networks is difficult
• Nodes can be compromised
• Efficient and scalable revocation
• Decentralized operation
• Dynamic topology
• Mobility
• intermittent connectivity
• Shared medium
• No point-to-point relationships

6
Example Scenario Leader Election

• Necessary for group communication and management
  in distributed wireless networks
• key distribution
• route coordination
• sensor co-ordination
• general control
• Secure leader election essential

7
AEFA (Asynchronous Extrema-Finding Algorithm)
Election Ack Probe/Reply Child
Beacon
Support for network partition/merge
8
Secure AEFA

• PKI
• public/private key pair
• Two certificates signed by
• Trust Authority (long-term)
• Group Authority (short-term)
• Exception messages
• If wrong leader detected

9
Our approach

• Security Analysis
• For each message
• Inject/Alter
• Delay (block)
• Rush
• Damage
• Extra overhead
• No/wrong leader

10
Our Approach (contd.)

• Multi-Path Routing
• Trust instead of heavy-weight PKI

11
Methodology

• NS-2 Simulation
• Attack
• message blocking
• Compared Schemes
• Vanilla AEFA implemented by Chris and Brian
  (Prof. Brustolonis students)
• Secure AEFA (with exception messages)
• Multi-path AEFA
• Metrics
• Energy consumption
• Vulnerability Period ( of time there is no/wrong
  leader)

12
Summary

• Design and use of a trust model is necessary
• Encryption not enough (e.g., compromised nodes)
• Encryption cannot be afforded
• Address the vulnerabilities of a leader election
  algorithm
• Modeling the attacks
• Multi-path routing

13
References

• T3 group http//www.istc.cnr.it/T3/index.html
• AEFA
• Sudarshan Vasudevan, Jim Kurose and Don Towsley.
  Design and Analysis of a Leader Election
  Algorithm for Mobile, Ad Hoc Networks, ICNP
  2004
• Sudarshan Vasudevan, Brian DeCleene, Neil
  Immerman, Jim Kurose and Don Towsley. Secure
  Leader Election Algorithms for Wireless Ad Hoc
  Networks, DISCEX 2003

14

• Questions ?

15
Trust Theory

• An approach to specify and interpret security
  policies, credentials, relationships which allow
  direct authorization of security-critical
  actions.
• Key Trust metrics are
• Predictability
• Value Exchange
• Delayed Reciprocity
• Exposed Vulnerability

16
Trust Theory in Security

• A basic concept of Security is the ability of
  parties to trust one another.
• This amounts to the ability to rely on the
  Availability of the trusted party
• The Integrity of the information provided by
  the trusted party
• The Confidentiality of sensitive information

17
Characteristics of Wireless Networks

• Limited radio spectrum
• Shared Medium (collisions)
• Limited energy available at the nodes
• Limited computation power
• Limited storage memory
• Unreliable network connectivity
• Dynamic topology
• Need to enforce fairness

18
Vulnerabilities of the Present Approach
ELECTION
19
Contd
ACK (Not child / Value)
20
Contd
Probe / Reply
21
Contd
Leader (Result, Merging)
22
Contd
BEACON
23
Contd
HELLO