Research On Security Models Based On Trust Management

With the rapid development of network technology, providing a unified, opencomputing and information service environment has become a trend. In the openInternet, all kinds of resources and environments have the characteristics ofheterogeneity, dynamics and distribution. Resource entities often belong to differentmanagement institutions, which proposes new challenges for traditional securitymethods and defense mechanisms. Trust management provides a new solution forestablishing and maintaining the trust relationships among different managementdomains and entities, and promoting their mutual cooperation based on the trustrelationships. In this paper, the security models based on trust management arediscussed in various network scenarios. The author’s major contributions are outlined asfollows:1) With a profound analysis of the four critical issues affecting trust evaluation inpeer-to-peer network environment, inspired by the group management and groupcooperation in the human society, a P2P self-contained trust model based on group isput forward in which the nodes in the P2P network is divided into several groupsaccording to certain strategies. Through theoretical analysis and validation of simulationtools, the results show that the proposed model has advantages in successful request rate,suppression of malicious nodes and system overhead over the previous P2P non-groupand group trust models.2) Geographical routing in wireless sensor networks is vulnerable to multiplesecurity threats such as false routing information, selective forwarding and the Sybil. Atrust based model is put forward for defending against above-mentioned attacks. For thenature of sesor nodes’ resource constraint, trust values of neighboring nodes on therouting path can be calculated by the Dirichlet distribution, which is based on datapackets’ acknowledges in a certain period instead of the energy-consuming monitoring.Trust is combined with the cost of geographic and energy aware routing for selecting thenext hop of routing. Meanwhile, the initial trust is dynamically determined, inaccordance with the trust value service levels are divided to restrict malicious nodes’requirements, and explioting the trust evolution weakens the influence of nodes’mobility.3) A trust-based secure routing model is put forward for defending against theselective forwarding attack on routing in cognitive radio networks. Based on monitoringresults of nodes’ forwarding behavior, trusts are built in order to identify malicious nodes. For the characteristic that routing selection must be closely collaborative withspectrum allocation, a route request piggybacking available spectrum opportunities issent to non-malicious nodes during the routing discovery phase, and routing decisionsare performed according to delays and available paths’ trusts calculated from nodes’trusts during the routing selection phase. At the same time, different responses are madeto service requests from nodes in different trust levels, and more severe penalties aretaken for malicious behavior from non-trusted nodes, which can promote nodes’cooperation in routing.4) To cope with malicious behavior in cognitive radio networks such as providingfalse spectrum information and seizing spectrum resources, this paper proposes areliable spectrum sensing and spectrum allocation model based on the fuzzy theory.With spectrum sensing behavior and spectrum utilization behavior as two evaluationfactors, this model implements nodes’ trust evaluation using the fuzzy comprehensiveevaluation and decision method based on subjectivity and uncertainty of trust. Incooperative spectrum sensing, this model identifies malicious nodes based on the resultof comprehensive evaluation to eliminate false feedback. In spectrum allocation, thismodel uses the definition of lattice degree of nearness between fuzzy sets to calculatethe difference between the actual comprehensive evaluation set and the idealcomprehensive evaluation set, and thereby quantifies the trustworthiness ofnon-malicious nodes, and combining with the multi-target optimization algorithm,determines the spectrum resources to be allocated to these nodes. This mechanisminhibits malicious behavior while encouraging cooperative behavior of nodes, thusachieving a joint design for spectrum sensing at the physical layer and spectrumallocation at the MAC layer.