A Lightweight Trust Design for IoT Routing - IEEE Xplore

2016 IEEE 14th Intl Conf on Dependable, Autonomic and Secure Computing, 14th Intl Conf on Pervasive Intelligence and Computing, 2nd Intl Conf on Big Data Intelligence and Computing and Cyber Science and Technology Congress

A Lightweight Trust Design for IoT Routing David Airehrour, Jairo Gutierrez

Sayan Kumar Ray

School of Engineering, Computer and Mathematical Sciences Auckland University of Technology Auckland, New Zealand {david.airehrour, jairo.gutierrez}@aut.ac.nz [email protected]

Faculty of Business and Information Technology Manukau Institute of Technology Auckland, New Zealand [email protected]

Abstract—This research proposes a conceptual framework for achieving a secure Internet of Things (IoT) routing that will enforce confidentiality and integrity during the routing process in IoT networks. With billions of IoT devices likely to be interconnected globally, the big issue is how to secure the routing of data in the underlying networks from various forms of attacks. Users will not feel secure if they know their private data could easily be accessed and compromised by unauthorized individuals or machines over the network. It is within this context that we present the design of SecTrust, a lightweight secure trust-based routing framework to identify and isolate common routing attacks in IoT networks. The proposed framework is based on the successful interactions between the IoT sensor nodes, which effectively is a reflection of their trustworthy behaviour.

ranging from device integration, heterogeneity, scalability, mobility, routing, security etc. need addressing [2]. Our interest in this work is routing in IoT networks. Routing involves the way traffic routes are built, transmitted and controlled within the network enabling a seamless transition of packets from source to final destination. Furthermore, with the interconnectivity among the billions of devices in the network, the big issue is how to secure the IoT network from various attacks such as Rank, Selective Forwarding, Sinkhole, Hello Flooding, Wormhole, Denial-ofService, Blackhole, Version Number, Sybil and Clone ID attacks. These attacks have the propensity of destabilizing the topology and routing paths in IoT networks. The design seeks to address the following attacks including, Rank attacks, Blackhole attacks, Sybil and Selective Forwarding attacks as they prove to be extremely dangerous to the stability of IoT networks [27]. We present here the preliminary design of SecTrust, a lightweight secure trust-based routing framework for IoT sensor nodes. The design incorporates the concept of trust among different IoT sensor nodes and minimizes resource impact on the nodes within the network. Trust is an attribute that shows the level of belief one node has towards another and the expectation that it will perform as desired. The SecTrust framework with its design and metrics attempts to identify and isolate the four routing attacks listed above in IoT networks.

Keywords— IoT; Routing; Trust; Trust Models; SecTrust; Secure Framework

I. INTRODUCTION The Internet of Things (IoT) has in the last few years, become a topical issue in academia and the information technology industry. IoT, while becoming increasingly ubiquitous, supports a comprehensive representation of the physical environment and a good level of interaction with the physical world [1, 2]. Today, the plethora of interconnected IoT devices (physical objects fitted with sensor nodes which feature IP addresses for internet connectivity and communication with other devices) find many promising areas of application that includes commercial (oil well sensing, intelligent vehicular transportation system, gaming, agriculture), smart homes, wearables, healthcare, automotive industries and the power smart grid system. These are but a few instances of conceivable application fields where this novel paradigm is likely to gain high recognition.

Trust management in IoT devices becomes a veritable tool for secure routing considering that, these nodes have no previous interactions and have a requirement to establish an acceptable level of trust relationships for effective routing among themselves (IoT nodes). These nodes are heterogeneous in nature and will be required to traverse heterogeneous networks. Our design utilizes the successful and unsuccessful node interaction among IoT nodes to evaluate a neighbour’s trustworthiness while maintaining other standard IETF metrics such as the rank and expected transmission count (metrics used in routing) and battery energy. The different computed values (with certain reliable thresholds) will be used to make secure routing decisions among the IoT nodes. The remaining unreliable routes, signifying possible compromises, will thus be isolated. The proposed design will help to identify some IoT routing attacks that seek to compromise confidentiality and integrity. It is noteworthy that our proposed design may classify few normal behaving nodes as untrusted owing to lossy network links or low battery power causing their trust

The security of the networks is of great importance in IoT especially when packets are routed through diverse networks of smart nodes to a server on the internet. With the varying and vulnerable topologies across the multiple underlying networks, routing and addressing are the two important issues in IoT networks that need attention [28]. Moreover, maintaining uniformity across the different networks for the proper end-toend routing of packets between IoT devices also depends significantly on the routing and addressing issues. Undeniably, to maintain the ubiquitous functioning of the millions and even billions of IoT devices worldwide, a plethora of challenges 978-1-5090-4065-0/16 $31.00 © 2016 IEEE DOI 10.1109/DASC-PICom-DataCom-CyberSciTec.2016.105

550 552

are considered critical in the development of trust relationships among participating nodes as these determine the scalability, survivability, dependability and secure operations of the network.

values to reduce. However, in such cases, the design inherently implements a recovery period for such nodes to recuperate their trust affiliation with others. The motivation for this study is to design a conceptual framework for a secure IoT routing which isolates routing attacks by enhancing the confidentiality and integrity of the underlying IoT routing protocol.

1) Trust Models: Trust modelling is the practice of using trust in the evaluation of a system. It pinpoints the concerns that could affect the trust of a system while helping to identify areas where a low value of trust could degrade a system’s operational efficiency and usability. Trust modelling assists in developing functional measures, which could be adopted in a system in order to make it more trustworthy for users. Various trust models have been proposed and covered in several literatures [5, 6].

The rest of the paper is structured as follows. Section II explores various trust-based models implemented for the Internet of Things. Section III introduces the SecTrust routing framework with its design and the performance metrics associated with it. Section IV concludes the paper by providing an overview of the planned future work to test and validate this design. II. RELATED STUDIES

2) Quantifying Trust in Internet of Things: Trust can be employed to play an important role in the development of a stable and secure IoT system. Large scalable networks are likely to be formed with thousands of nodes making it extremely challenging to manage them in cases when nodes become faulty. In such situations, trust among the nodes can facilitate a stable functioning of IoT networks. With the huge number of active nodes in IoT networks, it is pertinent that the formation, operation, administration and subsistence of such networks will be dependent upon the interrelationship and trusting capabilities of these nodes. This underscores the fact that trust formation among these nodes becomes imperative. The use of cryptography to create trust confirmation and form trust and traditional protocols to exchange and distribute keys have been shown to be computationally expensive tasks on these IoT nodes which are resource constrained [7]. Therefore, the need for novel and innovative ways of securing route information among IoT nodes becomes very necessary. Trust as a method for securing IoT networks has not been researched upon thoroughly and this highlights a very important and challenging area for further research.

A. Introduction The security of information has always been an issue for mankind. The key question remains as to how we could effectively protect information and prevent its misuse. Unlike, in the early days when steganography was employed to hide important information [3], today, in the age of sophisticated computers and networks, the necessity to provide security of information has taken a whole new dimension and its importance cannot be overemphasized. High-speed data transmission takes place over long distances by means of wired and wireless technologies and information protection over the network through various approaches (procedures and algorithms) has evolved accordingly. With the introduction of IoT, the volume of diversified data that will be exchanged between the billions of devices worldwide through the increasing range of underlying heterogeneous networks, and the provision of security of information will be highly challenging. B. Trust and Trust Models Trust between individuals sets the level of confidence felt by a person towards another. If Mr. A does not trust Mr. B, then Mr. A may not feel safe in the company of Mr. B. Likewise, these terms could also hold in the case of computing and communications systems. It is of note that trust and security are quite interrelated in human endeavors. Trust could be defined as the affiliation between two parties, where one party (trustor) is ready to rely on the (expected) actions performed by the second party (trustee). In other words, the trustee is evaluated by the trustor (who acts as the evaluator) to determine its trust level. In the social sciences, trust could be attributed to relationships between individuals and an object or action, or within and between social groups (family, companies, countries etc.). Whereas, in computer sciences and particularly in sensor networks, trust is a complex term with reference to the confidence, belief and expectation about the reliability, integrity, security, dependability and character of a sensor node where the reputation of a node is a quantifiable limit of the observable experience one node has with its neighbour, either directly or indirectly. This decides the trust limit that a node may have towards its neighbour [4]. Trust in networking is a complicated but attractive topic and could be embedded in protocol designs. Cooperation and collaboration

The authors [5, 6] emphasized on trust level evaluation of IoT objects. The authors assume that most smart objects are human-aided or human-related objects, which are visible to the public, and this makes them vulnerable to hackers. They remarked that smart objects are diverse in features and need to collaborate to work together. The communal relationships considered were friendship, ownership and community, which define the friendship in a social network system (friendship), the people who own the gadgets (ownership) and the gadgets that are a part of some organization (community). Malicious nodes (hackers) target the basic functionality of IoT networks using some trust-related attacks including: good-mouthing and bad-mouthing. The trust system for IoT discussed in [5] is distributed, encounter-based and transaction-based. Two IoT nodes communicating with each other can directly evaluate each other and exchange trust values regarding each other thus, they perform an indirect assessment of one another (recommendation-based trust). The authors specified the reference parameters for trust evaluation as collaboration, honesty, and communal interest. In [8], the authors proposed a system based on node behaviour and anomaly detection. The system routinely

553 551

evaluates the nodes based on recommendations, history, and statistical trust. The Bayes theorem is then applied to generate the trust value that is applied to the node in order to determine the node’s trust level.

in sensor nodes (including IoT nodes) from a communication perspective. These distinct features (time-based successful and unsuccessful node transactions, feedback and historical observation of nodes) shall be key metrics in our research, which we will focus on while modelling, and calculating trust between IoT sensor nodes. Table I provides a summary of various trust management models, metrics employed and the attacks they addressed.

In conclusion, most research work on trust management embarked upon have been based on successful and unsuccessful node transactions, feedback and historical observation of nodes and this has led to the modelling of trust TABLE I.

Trust Models Dynamic Trust Management for IoT Applications [5]

Trust Management for the Internet of Things and Its Application to Service Composition [6] Distributed Trust Management Mechanism for the Internet of Things [9] Trust management system design for the Internet of Things: A context-aware and multi-service approach [10]

A Fuzzy Approach to Trust Based Access Control in Internet of Things [11] Trust management mechanism for Internet of Things [12] TRM-IoT: A Trust Management Model Based on Fuzzy Reputation for Internet of Things [13] A dynamic trust model exploiting the time slice in WSNs [14]

SUMMARY OF SOME TRUST SYTEM MODELS IN IOT

Metrics Employed x Honesty x Cooperativeness x Community interest x Node recommendation x Honesty x Cooperativeness x Community-interest x Service x Decision-making x Self-organising x Service: Service for which the node provided assistance; Capability: Capability of node when assisting the x Service; Note: Node capability, Score given by the requester x node to for evaluating the offered service; x Time: Time at which the service was obtained. x Node recommendation Knowledge about neighbour nodes x x Node experience x Self-organization policy x Multi-service x Routing across the IoT layers x x x x x x x

Successful node interaction with neighbour nodes Energy level of node Packet forwarding behavior of node Success rate of exchanging The probability of successful interactions Packet loss rate Energy

Attacks Addressed Self-promoting attacks, good- and bad-mouthing attacks.

Self-promoting attacks, good-mouthing and bad-mouthing attacks. No specific attacks addressed but a general framework presented as reference model. On-off attack, bad-mouthing attack, selective behaviour attack

No attacks specified but energy consumption was efficient. No specific attacks addressed but a universal framework is presented for the integration of mature IoT trust models. Node selfish behavior Routing information attack Selfish node attack and improved network performance

performance metrics have been introduced in various literatures (as discussed in Section II) and a summary is presented in Table I. From the table, we identify and adopt few important metrics, which shall be incorporated into the development of the SecTrust framework and we present the metrics here below:

III. SECTTRUST: A SECURE TRUST ROUTING FRAMEWORK Here we introduce SecTrust, a lightweight secure trust routing framework for Internet of Things that identifies and isolates common routing attacks. A node’s trustworthiness, in SecTrust, is characterized by the evaluation from its neighbouring nodes while providing service (recommendations and indirect trust values) to other nodes. This trustworthiness reflects the level of trust that other peer nodes in the network have on the given node based on their past experiences (e.g., node satisfaction with neighbour), past interactions with other nodes (e.g., successful packet exchange between nodes), positive packet acknowledgements and observed behaviours of linked nodes.

x

Prospect of positive interactions between nodes: This is the likelihood of successful interactions between nodes in order to determine a node’s packet forwarding behaviour towards its neighbours [15]. We represent the formula as given in equation 1 below.

(1) A node Ni, keeps three records of every neighbour node which includes PSij(t), the total number of packets sent to Nj by Ni at time t and PFji(t), the total number of packets forwarded by Nj on behalf of Ni at time t. t is the

A. Performance Metrics for SecTrust Many performance metrics have been employed for trust evaluation in Wireless Sensor Networks and these metrics find relevance for adoption among IoT sensor nodes. Some of these

554 552

energy model is employed. We represent εfs and εmp as the energy required by the amplifier in the free space and in the multipath option. We also assume that αtx and αrx represent the energy expended in sending and receiving one bit of information.

given time during evaluation of node j. Therefore, the likelihood of positive interactions between Ni and Nj, is given by DT(Ni,Nj), which evaluates whether Nj will be sufficiently truthful to forward packets on behalf of Ni. β defines the penalty weight attached to any misbehaving node. A higher value of β depicts a higher penalty for any misbehaving node.

B. Description of SecTrust Framework The proposed SecTrust framework constitutes of five major processes: trust calculation process, trust monitoring process, trust checksum process, trust rating process and trust backup/recuperation process. In this SecTrust framework, every node calculates the trust values of its direct neighbours based on the metrics outlined in the previous section. Neighbours with values greater than the set threshold trust values are chosen for secure routing while nodes with lower trusts values are categorised either as malicious, compromised, or perhaps selfish nodes that seek to preserve their battery life. We provide below a description of the processes and a flowchart in Fig. 1 of the SecTrust process flow.

x Node satisfaction (experience) with neighbour node: This highlights effective packet interchanges between neighbouring nodes [16] and this is depicted in equation 2 below.

(2) Cij represents the number of requests sent from node i (Ni) to node j (Nj) while Sij represents the number of successful packet exchanges between Ni and Nj. A basic assumption here is that Ni keeps track of its neighbours and packets transmitted to them. For every request sent to Nj by Ni, Cij is incremented by one. x Checksum value: This is employed to protect the confidentiality and integrity of control and routing information such that even if malicious nodes compromise the routing information, this situation can be detected from the altered checksum value. This way it is possible to identify and likely omit any compromised node. We use the one’s complement addition checksum because it is a lightweight checksum system and is able to detect more error bits in comparison to the Exclusive Or (XOR) checksum at half the checksum size for random independent bit errors [17]. Moreover, one’s complement has a lower probability of undetected errors in comparison to the two’s complement addition checksum [17]. x Node energy level: IoT nodes are energy constrained and hence using an energy-conserving scheme is beneficial to the operating nodes. This energy model is a metric for consideration in our trust model. The current work adopts the energy scheme proposed in [18] where both the free space and multi-path fading channels contingent upon the distance between the transmitting and receiving nodes are considered. The equation is represented in 3 below:

(3) From equation 3, D(i, j) represents the distance between node i and j while the energy spent in receiving β-bit of data by node j is specified by equation 4. (4) The free-space (fs) energy model is utilized where the distance between the transmitter and receiver is less than a specified value d0, otherwise the multi-path (mp)

555 553

x

Trust calculation process: Based on the detailed trust values gathered for each node, this routine computes and evaluates the real time trusts between nodes.

x

Trust monitoring process: In this process, a node gathers the trust information of their immediate and distant neighbours based on (a) direct and indirect relationships and (b) recommendation between the nodes.

x

Trust checksum process: In some routing attacks, control and route information in IoT sensor nodes are compromised. The lightweight trust checksum process (one’s complement routine) helps to take care of such problems.

x

Trust rating process: After determining the trust values, for better judgement, we further adopt a trust rating process to rank the trust values obtained in order of trust magnitude (from highest to lowest trust values). This helps in not only identifying the highly rated (trusted) nodes for the purpose of secure routing but also detecting and isolating misbehaving nodes that may seek to adjust their trust values maliciously (e.g. blackhole, greyhole attacks).

x

Trust backup / recuperation process: It is likely that few nodes may suffer from the following peculiar problems, e.g. battery depletion, collision and signal interferences, temporary network link loss. In such cases, the trust system may list them as malicious and/or insecure even though they are trustworthy nodes. They may behave selfishly either due to loss of link or due to the fact that they are trying to preserve their batteries. This could lead to the nodes having low trust values and hence, isolated from secure routing. However, to address this concern, the trust backup/recuperation process gives a period for the nodes to recover and boost their trust values in order to be considered for secure routing. Otherwise, such nodes with their trust values remaining low are

Trust maintenance database

Run trust calculation routines

Trust monitoring and observation

Trust backup/recovery routine

Yes

energy_level >= energy_threshold

Trust monitoring system

Compute and get checksum value

Trust rating routine

Forward trusted nodes for routing decision

Transmit trusted nodes

Fig. 1. SecTrust process framework

routing in IoT networks. As part of what we plan to develop and examine multiple scenarios to realise and test the trust systems against different types of routing attacks. Finally, we expect the proposed framework to be both lightweight and comprehensive in securing IoT routing operations.

considered insecure and are thus isolated and not considered for secure routing among the trusted nodes. IV. CONCLUSION AND FUTURE WORK This paper presents the design of the SecTrust framework to provide a secure trust-based routing for the Internet of Things. The work reviews the security issues in IoT routing and examines, in particular, the countermeasures based on trust models. The proposed SecTrust framework is based on the successful interactions between the IoT sensor nodes, which effectively is a reflection of their trustworthy behaviour.

REFERENCES [1] [2] [3]

The next step of the research involves the evaluation of the SecTrust framework based on the following aspects: 1) Evaluating SecTrust’s accuracy: Evaluating the performance of the proposed system under various attacks and comparing the results with standard IoT protocols. 2) Evaluating SecTrust’s effectiveness under various attacks: Examining SecTrust’s effectiveness in combatting malicious attacks under various environmental settings. 3) The mobility effect: Examining if the performance of SecTrust is affected by the mobility of the IoT nodes when used in a mobile environment. We plan to develop the SecTrust framework using the Contiki / Cooja IoT simulation platform.The broad aim of this project work is to implement a secure trust management framework for

[4]

[5]

[6] [7]

556 554

L. Atzori, A. Iera, and G. Morabito, "The Internet of Things: A survey," Computer Networks, vol. 54, pp. 2787-2805, 10/28/ 2010. L. Atzori, A. Iera, and G. Morabito, "The Internet of Things: A survey," Computer Networks, vol. 54, pp. 2787-2805, 10/28/ 2010. J. Gubbi, R. Buyya, S. Marusic, and M. Palaniswami, "Internet of Things (IoT): A vision, architectural elements, and future directions," Future Generation Computer Systems, vol. 29, pp. 1645-1660, 9// 2013. N. Islam and Z. A. Shaikh, "Security Issues in Mobile Ad Hoc Network " in Wireless Networks and Security: Issues, Challenges and Research Trends, S. Khan and A.-S. K. Pathan, Eds., ed Heidelberg, Germany: Springer-Verlag Berlin Heidelberg, 2013, pp. 49-56. Z. Yan, P. Zhang, and A. V. Vasilakos, "A survey on trust management for Internet of Things," Journal of Network and Computer Applications, vol. 42, pp. 120-134, 2014. F. Bao and I.-R. Chen, "Dynamic trust management for internet of things applications," 2012, pp. 1-6. B. Fenye and C. Ing-Ray, "Trust management for the internet of things and its application to service composition," in World of Wireless, Mobile

[8]

[9]

[10]

[11]

[12]

[13] [14]

[15]

[16]

[17]

[18]

[19]

[20]

[21] [22]

[23] [24] [25]

[26] [27]

[28]

and Multimedia Networks (WoWMoM), 2012 IEEE International Symposium on a, 2012, pp. 1-6. M. G. Rashed, S. E. Ullah, and R. Yasmin, "Secured message data transactions with a Digital Envelope (DE)-A higher level cryptographic technique," in International Conference on Engineering Research, Innovation and Education 2013, 2013. Y. B. Liu, X. H. Gong, and Y. F. Feng, "Trust system based on node behavior detection in Internet of Things," Tongxin Xuebao/Journal on Communications, vol. 35, pp. 8-15, 2014. J. P. Wang, S. Bin, Y. Yu, and X. X. Niu, "Distributed Trust Management Mechanism for the Internet of Things," Applied Mechanics and Materials, vol. 347-350, pp. 2463-2467, Aug., 2013. Y. Ben Saied, A. Olivereau, D. Zeghlache, and M. Laurent, "Trust management system design for the Internet of Things: A context-aware and multi-service approach," Computers & Security, vol. 39, Part B, pp. 351-365, 11// 2013. P. N. Mahalle, P. A. Thakre, N. R. Prasad, and R. Prasad, "A fuzzy approach to trust based access control in internet of things," in Wireless Communications, Vehicular Technology, Information Theory and Aerospace & Electronic Systems (VITAE), 2013 3rd International Conference on, 2013, pp. 1-5. L. Gu, J. Wang, and B. Sun, "Trust management mechanism for Internet of Things," Communications, China, vol. 11, pp. 148-156, 2014. D. Chen, G. Chang, D. Sun, J. Li, J. Jia, and X. Wang, "TRM-IoT: A trust management model based on fuzzy reputation for internet of things," Computer Science and Information Systems, vol. 8, pp. 12071228, 2011. G. Wu, Z. Du, Y. Hu, T. Jung, U. Fiore, and K. Yim, "A dynamic trust model exploiting the time slice in WSNs," Soft Computing, vol. 18, pp. 1829-1840, 2014/09/01 2014. J. Luo, X. Liu, and M. Fan, "A trust model based on fuzzy recommendation for mobile ad-hoc networks," Computer Networks, vol. 53, pp. 2396-2407, 9/18/ 2009. X. Li and L. Ling, "PeerTrust: supporting reputation-based trust for peer-to-peer electronic communities," IEEE Transactions on Knowledge and Data Engineering, vol. 16, pp. 843-857, 2004. T. C. Maxino and P. J. Koopman, "The Effectiveness of Checksums for Embedded Control Networks," Dependable and Secure Computing, IEEE Transactions on, vol. 6, pp. 59-72, 2009. W. R. Heinzelman, A. Chandrakasan, and H. Balakrishnan, "Energyefficient communication protocol for wireless microsensor networks," in System Sciences, 2000. Proceedings of the 33rd Annual Hawaii International Conference on, 2000, p. 10 pp. vol.2. G. Eason, B. Noble, and I.N. Sneddon, “On certain integrals of Lipschitz-Hankel type involving products of Bessel functions,” Phil. Trans. Roy. Soc. London, vol. A247, pp. 529-551, April 1955. (references) J. Clerk Maxwell, A Treatise on Electricity and Magnetism, 3rd ed., vol. 2. Oxford: Clarendon, 1892, pp.68-73. I.S. Jacobs and C.P. Bean, “Fine particles, thin films and exchange anisotropy,” in Magnetism, vol. III, G.T. Rado and H. Suhl, Eds. New York: Academic, 1963, pp. 271-350. K. Elissa, “Title of paper if known,” unpublished. R. Nicole, “Title of paper with only first word capitalized,” J. Name Stand. Abbrev., in press. Y. Yorozu, M. Hirano, K. Oka, and Y. Tagawa, “Electron spectroscopy studies on magneto-optical media and plastic substrate interface,” IEEE Transl. J. Magn. Japan, vol. 2, pp. 740-741, August 1987 [Digests 9th Annual Conf. Magnetics Japan, p. 301, 1982]. M. Young, The Technical Writer’s Handbook. Mill Valley, CA: University Science, 1989. S. Raza, L. Wallgren, and T. Voigt, "SVELTE: Real-time intrusion detection in the Internet of Things," Ad Hoc Netw., vol. 11, pp. 26612674, 2013. D. Giusto, The Internet of things: 20th Tyrrhenian workshop on digital communications. New York: Springer, 2010.

557 555