Intrusion Tolerance Mechanism Based On The Trust Relationship Between The Ip Network Fault-tolerant

Nowadays, IP networks are suffering many faults and malicious attacks whichgreatly threaten their security and survivability. So it is an important issue that how tomake the IP networks to be more robust under faults and attacks, i.e., to improve theirtolerance abilities for both faults and intrusions. However recently, most of theresearches focus on only one of them, and decouple the survivability and security eachother. Based on above, many scholars begin enhangcing the survivability for IPnetworks using the trust model, which borrowing from the human society. The trustmodel has made some achievements, but it is still has a long way to go. Under suchbackground, studies have been made on trust model and its routing application toenhance the abilities of fault-tolerance and intrusion-tolerance for IP networks.The contributions of this thesis are as follows:Firstly, a study has been made on an efficient scheme which is resilient to bothfaults and intrusions based on trust relationship for IP networks. This scheme not onlyborrows the trust rating from the social links, but also qualitatively describes therelationships between the trust rating and the network behavior. Also, it analyses thescheme how to tolerate three known malicious behaviors, viz., self-faults, bad mouthattacks and conflict behavior attacks. Analyses and simulations all prove that thescheme can detect the malicious nodes fast and prevent these malicious behaviors in IPnetworks, which also make contribution to the separating and recovering strategieswhich will be developed in our future works.Secondly, a study has been made on a trust-based two stages fault-tolerant andintrusion-tolerant routing scheme for IP networks. This scheme is consisted of twostages: the first stage is route discovering, viz., discovering multiple trust routes; thesecond stage is selecting the optimal route(s), viz., selecting the optimal route(s) in thediscovered routes. At the first stage, it utilizes a trust relationship evaluating methodwhich be called mixture of multiplication and addition method. This method canenhance the performance of fault-tolerance and intrusion-tolerance of routing in IP networks. At the second stage, users are always routing with the optimal route(s) by thestrategy of grading to the routes and can prevent multiple attacks which aim at theroutes.Thirdly, according to the theories of the game theory, trust scheme and the smallworld theory in complex networks, a study has been made on a game theory and trustrelationship based inter-domain routing scheme for IP networks. It is the extension andapplication of chapter three and chapter four. This scheme not only enhancesconnectedness, but also increases inter-domain's fault-tolerant and intrusion-tolerantabilities for IP networks by sharing trust information with trust domains. Also, itdeploys the Byzantine scheme in the border gateway routers, which enhances the borderrouters'survivability. Also, this scheme can be as a method for testing the networks'performance.Finally, concludes the thesis and indicates the future works.