A resilient Trust Management framework towards trust related attacks in the Social Internet of Things
Introduction
The Social Internet of Things (SIoT) paradigm corresponds to an evolutionary Internet of Things (IoT) where objects are transformed from classical smart devices to social objects, which are able to autonomously interact with their social environment [1] in order to produce wealthier and more varied data for more complex services. In this environment, SIoT objects can be either trustworthy by producing good services, or untrustworthy by producing poor services. This refers basically to the vulnerability of easily accessible objects in unprotected zones to various attacks. In fact, some of nodes try to produce misbehaving behaviors to damage the system performance. Thus, they introduce various types of cybersecurity attacks called : Distributed denial of services (DOS), malicious control, wrong, data type probing, malicious operation, etc. For this reason, humans remain careful and cautious of the disclosure of their data [2], [3]. Thus, to ensure user’s satisfaction and boost SIoT system performance, it is crucial for nodes to evaluate one another before exchanging services. In this case, the issue of Trust Management (TM) solutions for SIoT system becomes intrinsic.
So far, the works carried out in the field of trust have whetted a special interest in the elaboration of TM systems for tackling related security problems [4], [5], [6]. It allows humans to face and overcome their fears as well as uncertainties about the use of SIoT applications. To ensure reliable services, numerous studies handling trust mechanisms have been elaborated in various areas such as: peer-to-peer (P2P) [7], [8], Social Network (SN) [9], [10], [11], Cloud [12], [13], [14] and IoT [15], [16], [17], [18]. However, each of them has its limitations (lack of consideration for nodes’ social features, neglect of service exchange constraints between nodes, etc.), which makes it not efficient enough to be applied into the SIoT systems. Within this framework, several works have been oriented to resolving these gaps. As a matter of fact, they subsequently introduced different TM models that are mainly dedicated to SIoT systems. They considered different features and methods to compute the trust in order to identify which nodes represent the best service providers (SP).
Unlike cybersecurity attacks, attackers nodes resort to propagate other forms of attack called “Trust Related Attacks” TRAs to fake the assessed trust [1]. They aim to share fake recommendations and fake quality service to increase or decrease the trust value for its own benefit so as to enhance their chance to be chosen as good SPs. Basically, most of the proposed TM models are interested in producing a trust score to rank the network node in order to identify trusted ones.
However, in some cases, this score cannot be reliable when it is the result of certain malicious behaviors “TRA”. Therefore, it is crucial to identify untrustworthy nodes owing to the fact that some nodes resort to misbehaving collaborations in order to disrupt the TM system functionality [19].
To this end, some of the existing works in this field [16], [20], [21], [22], [23], proposed different metrics and strategies to handle malicious trust attacks. They focused on identifying malicious attackers nodes in the network to ensure trustworthy communications and qualified services. However, we note that researchers tackling this problem statement did not consider all forms of TRA that can be launched in a SIoT network. This is quite critical as each TRA can be more malicious to another, especially in a collaborative network such as SIoT where trust is based on exchanged recommendations and services.
Based on these limitations, we propose to define a resilient TM model for the SIoT which allows us to detect and identify the various dangerous behaviors resulting in TRA that may occur in the SIoT network, as well as offer relevant trust metrics for detecting them. Unlike other works, we are interested in our model in both attack detection and nodes rating with a trust score to ensure safe communications.
These metrics permit not only to detect and identify TRA, but also to rate SIoT nodes based on a trust score. Unlike other works, we attempt to deal with all the existing TRA that can occur in a SIoT network as each attack can be more threatening than the other one. Thus, our contributions can be summarized as follows:
- 1.
The computation of trust SIoT nodes’ score which is based on multiple metrics defined in the trust composition step deriving from social and quality of service nodes’ descriptions.
- 2.
The development of the proposed model of Magdich et al. [24] which rests on adding an attack detection module which allows not only the discovery of malicious collaborations, but also the identification of the kind of the performed attack in order to handle them in the future. The identification of malicious TRA is based on node behaviors analysis grounded on Machine Learning algorithm.
- 3.
The isolation and the avoidance of misbehaving collaborations which relies on providing users with a SIoT nodes classification into : trustworthy, untrustworthy (while producing unqualified service) and attacker ; to enact a reliable system.
- 4.
The simulation of the different SIoT environment, which involves several types of exchange TRA, based on different real social datasets, while overcoming the limits of available SIoT dataset available.
This paper is laid out in the following. In Section 2, we exhibit most of the proposed works focusing on TM to clarify the problem statement. Section 3 displays how trust is computed and managed between peers and clarifies in details the different steps as well as features managed by the attack detection module to analyze malicious behaviors of such SIoT nodes. Section 4 identifies the experiments settings to assess our method referring to state-of-the-art works. Finally, Section 5 wraps up the conclusion.
Section snippets
Related works
The safety between two nodes in the SIoT network can be evaluated through the notion of trust. Trust stands for a measure that assesses the trustworthiness, between at least two agents in the network the trustor and the trustee, based on several attributes [1], [19]. Attributes are selected based on authors’ requirements aiming uniquely to identify the best SP for the required service without considering features of malicious nodes which carry out TRA. Since the reliability of a trust system is
The social IoT nodes’ score
Our main objective in this work is to set forward a TM model allowing to estimate and compute the degree of trustworthiness that can be inserted in a given node. This assessment allows the SP to be classified, assisting the SR in selecting the best service for their needs. Thus, to shun the risk that this whole process is under the control of one entity which can be malicious, we propose to exploit an SIoT decentralized trust propagation architecture, where all SIoT nodes are responsible for
Attack detection process
A great number of security threatening attacks in computer systems and networks have been highlighted in literature to tackle the problem of an outsider trying to transgress the system and gain unauthorized access [36]. However, a malicious node can act as a good SP to hide its malicious reputation in order to disrupt the system performance. It aims to produce good/bad quality services to avoid being labeled as an untrustworthy SP and to have always the chance to launch services; or to
Simulation and experimental results
In this section, experiments are conducted to examine the efficiency of the proposed trust solution. They are carried out based on three main steps: data collection, features pre-processing and processing.
Conclusion
The central target of this research work lies in providing an efficiently trustworthy decision solution, relevant to the Social Internet of Things “SIoT” systems, which assists users in a highly distributed network so as to avoid malicious interactions. In the position of a service provider, a node can behave in an untrustworthy way by generating poor services or sharing malicious behaviors called Trust Related Attacks “TRA”, which harm the trust system. Thus, we assume that applying such an
Declaration of Competing Interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Acknowledgment
The research leading to these results has received funding from the Ministry of Higher Education and Scientific Research of Tunisia under the grant agreement number LR11ES48.
References (47)
- et al.
Spear siem: A security information and event management system for the smart grid
Comput. Netw.
(2021) - et al.
A trust management scheme to secure mobile information centric networks
Comput. Commun.
(2020) - et al.
Logittrust: A logit regression-based trust model for mobile ad hoc networks
- et al.
Management and applications of trust in wireless sensor networks: A survey
J. Comput. System Sci.
(2014) - et al.
A dynamic algorithm for stochastic trust propagation in online social networks: Learning automata approach
Comput. Commun.
(2018) - et al.
A trust management framework for clouds
Comput. Commun.
(2019) - et al.
A survey of trust computation models for service management in internet of things systems
Comput. Commun.
(2017) - et al.
Discrimination-aware trust management for social internet of things
Comput. Netw.
(2020) - et al.
Trust management in social internet of things: A taxonomy, open issues, and challenges
Comput. Commun.
(2020) - et al.
Cooperative trust relaying and privacy preservation via edge-crowdsourcing in social internet of things
Future Gener. Comput. Syst.
(2019)
Robust decentralised trust management for the internet of things by using game theory
Inf. Process. Manage.
Distributed attack detection scheme using deep learning approach for internet of things
Future Gener. Comput. Syst.
A hybrid trust management framework for a multi-service social iot network
Comput. Commun.
Clarifying trust in social internet of things
IEEE Trans. Knowl. Data Eng.
A novel attack detection scheme for the industrial internet of things using a lightweight random neural network
IEEE Access
Trust management in social internet of things: a survey
A survey of trust management in the internet of vehicles
Electronics
Peertrust: Supporting reputation-based trust for peer-to-peer electronic communities
IEEE Trans. Knowl. Data Eng.
An efficient distributed trust model for wireless sensor networks
IEEE Trans. Parallel Distrib. Syst.
A trust management framework for cloud computing platforms
Enhanced qos-based model for trust assessment in cloud computing environment
IEEE Access
Scalable, adaptive and survivable trust management for community of interest based internet of things systems
Trust-based service management for social internet of things systems
IEEE Trans. Dependable Secure Comput.
Cited by (16)
A blockchain-assisted security management framework for collaborative intrusion detection in smart cities
2023, Computers and Electrical EngineeringTrust management in social Internet of Things across domains
2023, Internet of Things (Netherlands)A systematic literature review on attacks defense mechanisms in RPL-based 6LoWPAN of Internet of Things
2023, Internet of Things (Netherlands)STSIR: An individual-group game-based model for disclosing virus spread in Social Internet of Things
2023, Journal of Network and Computer ApplicationsSocial Internet of Things: Ethical AI Principles in Trust Management
2023, Procedia Computer ScienceA survey on IoT trust model frameworks
2024, Journal of Supercomputing