1 / 47

Agenda

Motivation & Goals. Background. Bio-inspired trust models. Trust models taxonomy. Security threats. Trust models simulator. Conclusions & future work. Agenda. Motivation. Internet and WWW have changed our lives. Despite their several advantages, there are also many security risks.

mili
Télécharger la présentation

Agenda

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Motivation & Goals Background Bio-inspired trust models Trust models taxonomy Security threats Trust models simulator Conclusions & future work Agenda

  2. Motivation • Internet and WWW have changed our lives • Despite their several advantages, there are also many security risks • Traditional security solutions are very effective but not always applicable • Trust and reputation management has been proposed as an accurate alternative • Oneself can make his/her own opinion about how trustworthy or reputable another member of the community is • Increases the probability of a successful transaction while reducing the opportunities of being defrauded • European Union supported this research field in several projects

  3. Goals • Analyse the current state of the art • Identify possible deficiencies • Design and suggest innovative and original alternatives • Propose and develop our own trust models • Make an analysis of the intrinsic nature of these models • Study those threats specifically applicable in these systems • Develop a tool to implement trust and reputation models • Compare our alternatives with other representative models • Survey some real and final scenarios

  4. Background • Lack of mature bio-inspired approaches • Lack of taxonomy analysis • Lack of security threats study • Lack of generic testing tools

  5. Trust and Reputation Management in Distributed and Heterogeneous Systems Bio-inspired TRM Trust Models Taxonomy Security Threats Simulator Application Scenarios

  6. Bio-inspired Trust and Reputation Models • TACS • META-TACS • BTRM-WSN Bio-inspired TRM Trust Models Taxonomy Security Threats Simulator Application Scenarios

  7. Ant Colony System • Optimisation algorithm • Problems represented as graphs (like TSP) • Quite accurate and efficient  Stop condition  Ants transition  Pheromone updating  Path quality evaluation  Reward/punish

  8. TACS, Trust Model for P2P Networks • Aimed to work in P2P networks • A client applies for a certain service • There are benevolent and malicious service providers • Ants find the most trustworthy server offering the requested service • Pheromone traces represent the credibility of finding such server

  9. TACS, Trust Model for P2P Networks • TACS adaptation • Pheromone updating • Path quality evaluation • Ants transition and stop condition • Reward • Punishment

  10. Static networks Dynamic networks Oscillating networks TACS, Trust Model for P2P Networks • Experiments carried out • Over static networks • Over dynamic networks • Over oscillating networks • Capability of managing multi-service networks • Sourceforge project

  11. META-TACS: a Trust Model Demonstration of Robustness through a Genetic Algorithm • TACS had several parameters • Was it too complex? • Was it too dependent?

  12. META-TACS: a Trust Model Demonstration of Robustness through a Genetic Algorithm • Search for the optimal parameters configuration • Genetic algorithm CHC

  13. META-TACS: a Trust Model Demonstration of Robustness through a Genetic Algorithm • Not one unique optimal parameters configuration • Each parameter had a wide range of values • Demonstration of robustness against parameters initialisation

  14. BTRM-WSN, Bio-inspired Trust and Reputation Model for Wireless Sensor Networks • Application to WSNs • Enhancements with regard to TACS • Several clients management • Enhanced pheromone updating • Enhanced punish & reward • Two proposed models • Multi-service • Not multi-service

  15. BTRM-WSN, Bio-inspired Trust and Reputation Model for Wireless Sensor Networks • Experiments Static Networks Dynamic Networks Oscillating Networks Collusion Networks Accuracy Path length

  16. Trust Models Taxonomy Bio-inspired TRM Trust Models Taxonomy Security Threats Simulator Application Scenarios

  17. Trust Models Taxonomy • Generic steps • Generic interfaces • Generic data structures

  18. Trust Models Taxonomy • 10 design advices • Anonymous recommendations • Higher weight to more recent transactions • Recommendations subjectivity • Redemption of past malicious entities • Opportunity to participate for benevolent newcomers • Avoid abuse of a high achieved reputation • Benevolent nodes should have more opportunities than newcomers • Different trust/reputation scores for different services • Take into account bandwidth, energy consumption, scalability... • Consider the importance or associated risk of a transaction

  19. Trust Models Security Threats Bio-inspired TRM Trust Models Taxonomy Security Threats Simulator Application Scenarios

  20. Trust Models Security Threats • Commonly neglected issue • Lack of a comprehensive analysis • 9 studied threats • Malicious spies • Spies may achieve a high reputation • Manage recommenders reliability • More difficult to distinguish malicious peers and malicious spies • Sybil attack • Underestimated but great risk • One single entity generates a disproportionate number of identities • Associate a cost to the generation of new identities • Malicious collectives with camouflage • Resilience mostly depends on malicious peers behavioral patterns • Not always considered as a threat • Manage recommenders reliability • Keep a transactions history to detect and punish variable behavior

  21. Trust Models Security Threats • Security threats taxonomy • Attack intent • Targets • Required knowledge • Cost • Algorithm dependence • Detectability • Tackling summary • EigenTrust • PeerTrust • BTRM-WSN • PowerTrust • ATSN • DWTrust

  22. Simulator Bio-inspired TRM Trust Models Taxonomy Security Threats Simulator Application Scenarios

  23. Simulator • Generic tool • Easy to implement and add new models • V0.4 includes 5 models • BTRM-WSN • EigenTrust • PeerTrust • PowerTrust • LFTM • Sourceforge project • + 2300 downloads • World wide interest • Models comparison

  24. Conclusions • Distributed and heterogeneous systems are nowadays developing very quickly, leading to new unresolved security risks • Trust and reputation management has been proposed in this PhD Thesis as an effective solution in certain environments • Our original bio-inspired trust and reputation models have been proved to have a high performance, while solving some of the previous issues • Taxonomy and design advices & security threats analysis might be quite helpful for future researchers • Extensible and easy to use simulator, enabling models comparison • Appealing field with much more to do

  25. Future Work • Ongoing work • Trust and reputation models comparison • Real scenarios • Identity Management Systems • Wireless Sensors and Actuators Networks • Fuzzy logic, fuzzy sets and linguistic labels • Future work • Improve TRMSim-WSN • New Trust & Reputation models • New security threats • Vehicular-to-Vehicular (V2V) • Internet of Things (IoT)

  26. Publications derived from the PhD Thesis

  27. Publications derived from the PhD Thesis • Book chapters • Félix Gómez Mármol, Gregorio Martínez Pérez, “State of the art in trust and reputation models in P2P networks”, Handbook of Peer-to-Peer Networking, Eds: X. Shen, H. Yu, J. Buford, M. Akon, Publisher: Springer, ISBN: 978-0-387-09750-3, pp 761-784, 2010 http://dx.doi.org/10.1007/978-0-387-09751-0 26

  28. Publications derived from the PhD Thesis • International conferences • Félix Gómez Mármol, Gregorio Martínez Pérez, "Providing Trust in Wireless Sensor Networks using a Bio-inspired Technique", Networking and Electronic Commerce Research Conference (NAEC 08), pp. 415-430, ISBN: 978-0-9820958-0-5, Lake Garda, Italy, 25-28 September 2008 • Journals with impact factor (included in the JCR) • Félix Gómez Mármol, Gregorio Martínez Pérez, Antonio F. Gómez Skarmeta, “TACS, a Trust Model for P2P Networks”, Wireless Personal Communications, vol. 51, no. 1, pp 153-164, 2009 http://dx.doi.org/10.1007/s11277-008-9596-9 • Félix Gómez Mármol, Gregorio Martínez Pérez, Javier Gómez Marín-Blázquez, “META-TACS: a Trust Model Demonstration of Robustness through a Genetic Algorithm”, Intelligent Automation and Soft Computing (Autosoft) Journal, 2010 (in press) • Félix Gómez Mármol, Gregorio Martínez Pérez, “Providing Trust in Wireless Sensor Networks using a Bio-Inspired Technique”, Telecommunication Systems Journal, vol. 46, no. 2, 2010 (in press) http://dx.doi.org/10.1007/s11235-010-9281-7

  29. Publications derived from the PhD Thesis • Journals with impact factor (included in the JCR) • Félix Gómez Mármol, Gregorio Martínez Pérez, “Towards Pre-Standardization of Trust and Reputation Models for Distributed and Heterogeneous Systems”, Computer Standards & Interfaces, Special Issue on Information and Communications Security, Privacy and Trust: Standards and Regulations, vol. 32, no. 4, pp. 185-196, 2010 http://dx.doi.org/10.1016/j.csi.2010.01.003

  30. Publications derived from the PhD Thesis • Journals with impact factor (included in the JCR) • Félix Gómez Mármol, Gregorio Martínez Pérez, “Security Threats Scenarios in Trust and Reputation Models for Distributed Systems”, Elsevier Computers & Security, vol. 28, no. 7, pp. 545-556, 2009 http://dx.doi.org/10.1016/j.cose.2009.05.005

  31. Publications derived from the PhD Thesis • International conferences • Félix Gómez Mármol, Gregorio Martínez Pérez, “TRMSim-WSN, Trust and Reputation Models Simulator for Wireless Sensor Networks”, IEEE International Conference on Communications (IEEE ICC 2009), Communication and Information Systems Security Symposium, Dresden, Germany, 14-18 June 2009 http://dx.doi.org/10.1109/ICC.2009.5199545

  32. Publications derived from the PhD Thesis • International conferences • Félix Gómez Mármol, Javier Gómez Marín-Blázquez, Gregorio Martínez Pérez, "Linguistic Fuzzy Logic Enhancement of a Trust Mechanism for Distributed Networks", Third IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP-10), Bradford, UK, June 29-July 1, 2010 • Journals with impact factor (included in the JCR), under review • Félix Gómez Mármol, Gregorio Martínez Pérez, “Trust and Reputation Models Comparison”, submitted to Emerald Internet Research on the 16th of August, 2009 • Félix Gómez Mármol, Joao Girao , Gregorio Martínez Pérez, “TRIMS, a Privacy-aware Trust and Reputation Model for Identity Management Systems”, submitted to Elsevier Computer Networks on the 15th of December, 2009(currently in a 2nd revision) • Félix Gómez Mármol, Joao Girao , Gregorio Martínez Pérez, “Identity Management: In privacy we trust”, submitted to IEEE Internet Computing Magazine on the 15th of February, 2010 • Félix Gómez Mármol, Christoph Sorge, Osman Ugus, Gregorio Martínez Pérez, “WSANRep, WSAN Reputation-Based Selection in Open Environments”, submitted to IEEE Wireless Communications Magazine on the 21st of January, 2010

  33. Publications derived from the PhD Thesis • Summary • Book chapters: 1 • Journals with impact factor: 9 (5 published and 4 under current review) • International conferences: 3 • Open-source software projects protected with IPR: 2 • Patent applications: 1

  34. Static networks Dynamic networks Oscillating networks TACS, Trust Model for P2P Networks • Experiments carried out • Over static networks • Over dynamic networks • Over oscillating networks • Capability of managing multi-service networks

  35. TACS, Trust Model for P2P Networks 1. Client C executes TACS in order to find the most trustworthy server S offering the service s 2. TACS launches the ACS algorithm and ants modify the pheromone traces of the network 3. TACS finishes, having selected the “optimum” path to server S' 4. TACS informs the client C that the most trustworthy server found is S' 5. Client C requests service s to the server S' 6. Server S' provides service s' to the client C 7. Client C evaluates his satisfaction with the received service s' 8. If client C is not satisfied with the received service s', he punishes the server S' evaporating the pheromone of the edges that lead from C to S'

  36. Trust Models Taxonomy • Anonymous recommendations • Hiding real-world identities behind pseudonyms • Cryptographically generated unique identifiers • Secure hardware modules • Higher weight to more recent transactions • Redemption of past malicious entities • Recommendations subjectivity

  37. Trust Models Taxonomy • Opportunity to participate for benevolent newcomers • Avoid abuse of a high achieved reputation • Benevolent nodes should have more opportunities than newcomers

  38. Trust Models Taxonomy • Different trust/reputation scores for different services • Take into account bandwidth, energy consumption, scalability... • Wireless Sensor Networks • Consider the importance or associated risk of a transaction • Transaction importance  Punish/Reward

  39. Trust Models Security Threats • Individual malicious peers • Simplest threat • Decrease trust in malicious peers • Malicious collectives • Collusion is often an important risk • Manage recommenders reliability • Malicious collectives with camouflage • Resilience mostly depends on malicious peers behavioral patterns • Not always considered as a threat • Manage recommenders reliability • Keep a transactions history to detect and punish variable behavior

  40. Trust Models Security Threats • Malicious spies • Spies may achieve a high reputation • Manage recommenders reliability • More difficult to distinguish malicious peers and malicious spies • Sybil attack • Underestimated but great risk • One single entity generates a disproportionate number of identities • Associate a cost to the generation of new identities • Man in the middle attack • Traditionally not associated with trust and reputation management • Authenticate each peer through cryptographic mechanisms • Solution not always feasible

  41. Trust Models Security Threats • Driving down the reputation of a reliable peer • A benevolent peer may be isolated forever • Manage recommenders reliability • Partially malicious collectives • One peer might be benevolent providing a certain service, but malicious provisioning a different service • Different trust scores for different services • Malicious pre-trusted peers • Only applicable in some trust models • Not always easy to find peers to be pre-trusted • Dynamically select the set of pre-trusted peers

  42. Trust models comparison Static networks Dynamic networks Oscillating networks Collusion networks

  43. TRIMS, a Privacy-aware Trust and Reputation Model for Identity Management Systems • Several domains • Users identity information exchange • Application of a reputation mechanism • Preservation of recommenders privacy • WSC provides the requested service • WSP provides user identity information • IdPs act as recommendation aggregators • Developed during 1st NEC internship • Led to an international patent

  44. WSANRep, WSAN Reputation-Based Selection in Open Environments • Mobile users looking for services • Several WSAN offering such services • Application of a reputation mechanism • Users form groups to preserve their privacy • FP acts as recommendations aggregator • One RP per group storing recommendations • Developed during 2nd NEC internship

  45. Linguistic Fuzzy Logic Enhancement of a Trust Mechanism for Distributed Networks • Fuzzy sets, fuzzy logic and linguistic labels • Enhanced interpretability • Improved accuracy

More Related