Trustee: A Trust Management System for Fog-enabled Cyber Physical Systems

In this paper, we propose a lightweight trust management system (TMS) for fog-enabled cyber physical systems (Fog-CPS). Trust computation is based on multi-factor and multi-dimensional parameters, and formulated as a statistical regression problem which is solved by employing random forest regression model. Additionally, as the Fog-CPS systems could be deployed in open and unprotected environments, the CPS devices and fog nodes are vulnerable to numerous attacks namely, collusion, self-promotion, badmouthing, ballot-stuffing, and opportunistic service. The compromised entities can impact the accuracy of trust computation model by increasing/decreasing the trust of other nodes. These challenges are addressed by designing a generic trust credibility model which can countermeasures the compromise of both CPS devices and fog nodes. The credibility of each newly computed trust value is evaluated and subsequently adjusted by correlating it with a standard deviation threshold. The standard deviation is quantified by computing the trust in two configurations of hostile environments and subsequently comparing it with the trust value in a legitimate/normal environment. Our results demonstrate that credibility model successfully countermeasures the malicious behaviour of all Fog-CPS entities i.e. CPS devices and fog nodes. The multi-factor trust assessment and credibility evaluation enable accurate and precise trust computation and guarantee a dependable Fog-CPS system

Quality of Information in Mobile Crowdsensing: Survey and Research Challenges

Smartphones have become the most pervasive devices in people's lives, and are clearly transforming the way we live and perceive technology. Today's smartphones benefit from almost ubiquitous Internet connectivity and come equipped with a plethora of inexpensive yet powerful embedded sensors, such as accelerometer, gyroscope, microphone, and camera. This unique combination has enabled revolutionary applications based on the mobile crowdsensing paradigm, such as real-time road traffic monitoring, air and noise pollution, crime control, and wildlife monitoring, just to name a few. Differently from prior sensing paradigms, humans are now the primary actors of the sensing process, since they become fundamental in retrieving reliable and up-to-date information about the event being monitored. As humans may behave unreliably or maliciously, assessing and guaranteeing Quality of Information (QoI) becomes more important than ever. In this paper, we provide a new framework for defining and enforcing the QoI in mobile crowdsensing, and analyze in depth the current state-of-the-art on the topic. We also outline novel research challenges, along with possible directions of future work.Comment: To appear in ACM Transactions on Sensor Networks (TOSN

The Meeting of Acquaintances: A Cost-efficient Authentication Scheme for Light-weight Objects with Transient Trust Level and Plurality Approach

Wireless sensor networks consist of a large number of distributed sensor nodes so that potential risks are becoming more and more unpredictable. The new entrants pose the potential risks when they move into the secure zone. To build a door wall that provides safe and secured for the system, many recent research works applied the initial authentication process. However, the majority of the previous articles only focused on the Central Authority (CA) since this leads to an increase in the computation cost and energy consumption for the specific cases on the Internet of Things (IoT). Hence, in this article, we will lessen the importance of these third parties through proposing an enhanced authentication mechanism that includes key management and evaluation based on the past interactions to assist the objects joining a secured area without any nearby CA. We refer to a mobility dataset from CRAWDAD collected at the University Politehnica of Bucharest and rebuild into a new random dataset larger than the old one. The new one is an input for a simulated authenticating algorithm to observe the communication cost and resource usage of devices. Our proposal helps the authenticating flexible, being strict with unknown devices into the secured zone. The threshold of maximum friends can modify based on the optimization of the symmetric-key algorithm to diminish communication costs (our experimental results compare to previous schemes less than 2000 bits) and raise flexibility in resource-constrained environments.Comment: 27 page

CRM: a new dynamic cross-layer reputation computation model in wireless networks

This is the author accepted manuscript. The final version is available from University Press (OUP) via the DOI in this record.Multi-hop wireless networks (MWNs) have been widely accepted as an indispensable component of next-generation communication systems due to their broad applications and easy deployment without relying on any infrastructure. Although showing huge benefits, MWNs face many security problems, especially the internal multi-layer security threats being one of the most challenging issues. Since most security mechanisms require the cooperation of nodes, characterizing and learning actions of neighboring nodes and the evolution of these actions over time is vital to construct an efficient and robust solution for security-sensitive applications such as social networking, mobile banking, and teleconferencing. In this paper, we propose a new dynamic cross-layer reputation computation model named CRM to dynamically characterize and quantify actions of nodes. CRM couples uncertainty based conventional layered reputation computation model with cross-layer design and multi-level security technology to identify malicious nodes and preserve security against internal multi-layer threats. Simulation results and performance analyses demonstrate that CRM can provide rapid and accurate malicious node identification and management, and implement the security preservation against the internal multi-layer and bad mouthing attacks more effectively and efficiently than existing models.The authors would like to thank anonymous reviewers and editors for their constructive comments. This work is supported by: 1. Changjiang Scholars and Innovative Research Team in University (IRT1078), 2. the Key Program of NSFC-Guangdong Union Foundation (U1135002), 3. National Natural Science Foundation of China (61202390), 4. Fujian Natural Science Foundation：2013J01222, 5. the open research fund of Key Lab of Broadband Wireless Communication and Sensor Network Technology (Nanjing University of Posts and Telecommunications, Ministry of Education)

A Survey on Trust Computation in the Internet of Things

Internet of Things defines a large number of diverse entities and services which interconnect with each other and individually or cooperatively operate depending on context, conditions and environments, produce a huge personal and sensitive data. In this scenario, the satisfaction of privacy, security and trust plays a critical role in the success of the Internet of Things. Trust here can be considered as a key property to establish trustworthy and seamless connectivity among entities and to guarantee secure services and applications. The aim of this study is to provide a survey on various trust computation strategies and identify future trends in the field. We discuss trust computation methods under several aspects and provide comparison of the approaches based on trust features, performance, advantages, weaknesses and limitations of each strategy. Finally the research discuss on the gap of the trust literature and raise some research directions in trust computation in the Internet of Things

Malicious vehicle detection based on beta reputation and trust management for secure communication in smart automotive cars network

High reliance on wireless network connectivity makes the vehicular ad hoc network (VANET) vulnerable to several kinds of cyber security threats. Malicious vehicles accessing the network can lead to hazardous situation by disseminating misleading information or data in the network or by performing cyber-attacks. It is a requirement that the information must be originated from the authentic and authorized vehicle and confidentiality must be maintained. In these circumstances, to protect the network from malicious vehicles, reputation system based on beta probability distribution with trust management model has been proposed to differentiate trustworthy vehicles from malicious vehicles. The trust model is based on adaptive neuro fuzzy inference system (ANFIS) which takes trust metrics as input to evaluate the trustworthiness of the vehicles. The simulation platform for the model is in MATLAB. Simulation results show that the vehicles need at least 80% trustworthiness to be considered as a trusted vehicle in the network

Towards Secure Blockchain-enabled Internet of Vehicles: Optimizing Consensus Management Using Reputation and Contract Theory

In Internet of Vehicles (IoV), data sharing among vehicles is essential to improve driving safety and enhance vehicular services. To ensure data sharing security and traceability, highefficiency Delegated Proof-of-Stake consensus scheme as a hard security solution is utilized to establish blockchain-enabled IoV (BIoV). However, as miners are selected from miner candidates by stake-based voting, it is difficult to defend against voting collusion between the candidates and compromised high-stake vehicles, which introduces serious security challenges to the BIoV. To address such challenges, we propose a soft security enhancement solution including two stages: (i) miner selection and (ii) block verification. In the first stage, a reputation-based voting scheme for the blockchain is proposed to ensure secure miner selection. This scheme evaluates candidates' reputation by using both historical interactions and recommended opinions from other vehicles. The candidates with high reputation are selected to be active miners and standby miners. In the second stage, to prevent internal collusion among the active miners, a newly generated block is further verified and audited by the standby miners. To incentivize the standby miners to participate in block verification, we formulate interactions between the active miners and the standby miners by using contract theory, which takes block verification security and delay into consideration. Numerical results based on a real-world dataset indicate that our schemes are secure and efficient for data sharing in BIoV.Comment: 12 pages, submitted for possible journal publicatio

Recommendation based trust model with an effective defence scheme for MANETs

YesThe reliability of delivering packets through multi-hop intermediate nodes is a significant issue in the mobile ad hoc networks (MANETs). The distributed mobile nodes establish connections to form the MANET, which may include selfish and misbehaving nodes. Recommendation based trust management has been proposed in the literature as a mechanism to filter out the misbehaving nodes while searching for a packet delivery route. However, building a trust model that relies on the recommendations from other nodes in the network is vulnerable to the possible dishonest behaviour, such as bad-mouthing, ballot-stuffing, and collusion, of the recommending nodes. . This paper investigates the problems of attacks posed by misbehaving nodes while propagating recommendations in the existing trust models. We propose a recommendation based trust model with a defence scheme that utilises clustering technique to dynamically filter attacks related to dishonest recommendations within certain time based on number of interactions, compatibility of information and node closeness. The model is empirically tested in several mobile and disconnected topologies in which nodes experience changes in their neighbourhoods and consequently face frequent route changes. The empirical analysis demonstrates robustness and accuracy of the trust model in a dynamic MANET environment