Mitigating service-oriented attacks using context-based trust for smart cities in IoT networks

https://doi.org/10.1016/j.sysarc.2021.102028Get rights and content

Abstract

Smart City technology is an attempt to improve the quality of life of its citizens by providing promising smart solutions for multiple applications. These applications include healthcare monitoring, resource utilization, city resource management, and various public services. Internet of Things (IoT) enables smart city applications to collect data from various sensors and process it for providing numerous smart services to the end-users with improved performance. The diverse nature of IoT network requires the use of multiple types of sensors which produce a huge amount of data. This data is highly vulnerable to multiple service-oriented attacks; therefore, it must be protected during the communication of IoT nodes. This research work has focused on the identification and detection of malicious nodes causing service-oriented attacks in smart city applications and networks. The direct experience of communicating nodes and recommendations from neighboring nodes are collected to formulate a total trust score. The adaptive weights assigned to direct observations and indirect recommendations ensure the effectiveness of the Context-Based Trust Evaluation System Model (CTES) in detecting On–Off attacks. Moreover, context similarity measure calculations filter out those bad nodes which are posing a Sybil Attack. The proposed CTES has also been simulated on Contiki Cooja. The results also validate the effectiveness of CTES in detecting the bad behavior of malicious nodes.

Introduction

Technology is being leveraged to manage the rising urban population where cities are struggling to become smarter to keep up. Smart City technology is an attempt to improve the quality of life of its citizens with information and communication technologies. Smart cities are providing promising smart solutions through operational efficiency, safe communities, effective resource utilization, and a sustainable environment to improve the quality of services and citizen welfare. A Smart city infrastructure uses a combination of technologies such as Internet of Things (IoT) devices and objects, User Interfaces (UI), and communication networks. However, the first and foremost reliance of a smart city depends on efficient IoT infrastructure [1]. Internet of Things (IoT) is a network of devices such as sensors, appliances, and vehicles that enable the smart cities to collect the data and to process them for infrastructure improvement and so for many other city services. IoT is considered to be technology-oriented while on the other side smart cities are user-oriented which are driven by the IoT devices [2], [3].

Smart cities’ municipalities are becoming more connected with the help of IoT technology advancements to increase the efficiency of infrastructure installations, improve the responsiveness of services, and reduce costs [4]. Many smart city ideas are using IoT solutions for the market. IoT applications are being used for public services in a smart city such as the environmental monitoring process, smart grid, smart health, and waste management [5]. According to a study [6], traffic congestion and crime rate are two major issues that can be tackled as an energy-efficient solution in smart city applications using IoT devices. To do that, some other collaborative technologies such as Big Data and cloud computing are being used [7]. However, with the proliferation of connected IoT devices in smart city infrastructure, inherent security and trust risks could potentially lead to loss of crucial data [8].

Currently, smart city initiatives involve technology vendors, urban planners, and team leaders to accommodate people with required services. With the central focus around technology, building trust in smart cities should also be placed as an important factor. Since smart city projects demand a lot of stakeholders, and team members, they must put their faith in a smart city to make it work. Building trust in a smart city means that the concept will work as it is expected in favor of all involved parties such as citizens, service providers, stakeholders, team leaders, etc. When people put their trust in smart cities, they are concerned about trust more than cyber-security [9] and privacy because they need a trustworthy and well-functioning ecosystem that can help them in their daily tasks without any fear of data and information loss. To establish a trustworthy ecosystem, solution providers and smart city builders are looking beyond privacy and cyber-security [10], [11]. For trustworthy communication among devices, a study [12] proposed an IoT edge computing-based trust management system for smart cities with an intelligent device selective recommendation mechanism is proposed. This procedure works while considering blacklist devices out of the network for safe communication in smart cities.

To evaluate and maintain trust among nodes, it is imperative to keep an eye on the interference of outside malicious nodes and their possible attacks. It also requires some suitable mechanisms to prevent and detect malicious nodes because these nodes can disturb the network and its trustworthiness. Comprehensive solutions for privacy in smart cities are necessary for safe and trustworthy communication in smart devices [13]. We have proposed a Context-Based Trust Evaluation System Model (CTES) to detect malicious nodes posing Sybil and On–Off attack. CTES is simulated and verified in smart city applications. The objective of this study is to provide a context-based TMS which uses direct interactions and indirect recommendations of various users to calculate the trustworthiness of service providers while avoiding the bad behavior of neighbor nodes.

The main contributions of this research are as follows.

  • 1.

    Proposed a context-based adaptive IoT trust model for the detection of malicious nodes.

  • 2.

    Developed an adaptive calculation mechanism for allocating weights to direct trust and indirect observations based upon the current user experience while considering the context.

  • 3.

    Evaluated and analyzed the effectiveness of CTES in detecting bad nodes for smart city applications.

The paper is organized into the following sections. The introduction section is followed by Section 2 which highlights the research contributions of this paper and compares it with existing studies for the On–Off attack and Sybil attack and discusses the research gap in terms of the malicious environment. Section 3 discusses the basic applications that are used in smart cities for better resource utilization and the overall architecture has been discussed. The next Section 4 CTES model is discussed with the help of algorithms. A case study is used to discuss the working of CTES for the recommended trust calculation process in Section 5. Section 7 represents the simulation setup for the On–Off attack and Sybil attack along with their working. CTES is compared with other service-oriented trust models in Section 9. The discussion and findings are presented in Section 8 to move for a conclusion. Finally, the last Section 10 concludes the paper.

Section snippets

Related work and motivation

An IoT infrastructure is connected with heterogeneous devices and a huge number of data and instructions are transmitted all the time over the network [14], therefore “Trust” is a valuable factor to build successful communication among nodes and service providers. Trust computation is an essential part of the Trust Management System (TMS). It is used to calculate the uncertainty level between client and service provider [15], [16]. As the communicating devices increase and the entry of a new

Smart city applications

A smart city is meant to be equipped with IoT sensors and smart devices to engage with citizens to provide services more effectively and actively. The basic ingredients/ factors of a city that make it more progressive are healthcare facilities, transport systems, energy facilities, industry, retail system, and home infrastructure [39]. To make a successful smart city, Fig. 1 shows the depiction of solutions for all these necessities such as smart retail system, smart home controlled with

Context-based trust evaluation system model

The proposed CTES model [41] calculates the trust level between IoT nodes communicating in smart city applications. The CTES model is based on its direct observations and indirect recommendations to trust or distrust the neighbor nodes for service acquisition in an IoT infrastructure. Based upon the dynamically assigned weights towards direct communication and the recommendations of the neighbor node, the requesting node takes decision [42]. The CTES has already been validated for an adaptive

Case study: The working flow of recommendation based indirect trust calculation

The trust calculation process can be better understood by using a case study for communication between Alice and available servers to get any specific service. The process is illustrated in Fig. 3. This figure shows the communication between Alice for taking services from available servers. According to this specific case study, Alice wants to get the service ‘a’ from server C. Initially, Alice will get the service ‘a’ from server C and calculate its trust score. It is assumed that Alice gets

Trust metrics for iot based smart city to detect service-oriented attacks

This section provides the details for various trust parameters which provides the base to detect multiple service-oriented attacks. The description of these trust metrics is as follows.

Attack model simulation

This section presents the simulated attacked model and the assumptions we are taking to configure the attacks. We have considered four different service-oriented attacks on our trust model i-e On–Off attack and Sybil attack. This section discusses the environment where these attacks are launched, and it shows the effectiveness of CTES under attack and malicious environments.

This setup includes simulation environments in the Cooja platform included in the Contiki OS. The simulated network

Result and discussions

This section presents the simulation results and analysis of the proposed trust model CTES. The aim is to present the resiliency of the model against the On–Off attack and Sybil attack. The simulation analysis is conducted in three different On–Off attack scenarios and the effectiveness of the model is presented in these situations which demonstrate the efficiency of the model to mitigate the service-oriented attacks.

Comparative analysis

This section compares the resiliency of the proposed CTES model against service attacks with EigenTrust [38], ServiceTrust [49] and ServiceTrust ++ [37]. We have considered a combined threat scenario where malicious nodes pose a number of service attacks in the form of two groups. First group provide honest rating to well behaved nodes to boost up their overall trust. This group acts as a malicious spy and increases the trust rank of the other malicious group which provides bad services,

Conclusion and future work

This research is concluded by verifying the effectiveness of CTES under a malicious environment to mitigate the On–Off attack and Sybil attack. The smart city application objects needed to communicate with each other for requesting or providing services. They can calculate trust score by, first, trusting service providers and secondly, by avoiding bad nodes in the neighborhood. The similarity measure adapted in proposed CTES is used to avoid the nodes which are changing their identity and

Declaration of Competing Interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Acknowledgment

This research is supported by the Higher Education Commission (HEC), Pakistan through its initiative of National Center for Cyber Security for the affiliated lab National Cyber Security Auditing and Evaluation Lab (NCSAEL), Grant No: 2(1078)/HEC/M&E/2018/707.

Ayesha Altaf received her Bachelor degree in Computer Science from COMSATS Institute of Information Technology, Lahore in 2006. She received her MS Degree in Information Security from National University of Sciences and Technology, Pakistan in 2009 and continuing her Ph.D. Degree in Information Security from National University of Sciences and Technology, Pakistan. Her research interests include Internet of Things security, Trust Modeling and Information Security.

References (49)

  • GuraniP. et al.

    IOT smart city: Introduction and challenges

    J. Econ. Soc. Dev.

    (2017)
  • Marko MijacR.P.

    Smart city services driven by IoT: A systematic review

    Int. J. Recent Technol. Eng.

    (2019)
  • LimaE.G. et al.

    Smart and sustainable cities: The main guidelines of city statute for increasing the intelligence of Brazilian cities

    Sustainability

    (2020)
  • WangB. et al.

    A reliable IoT edge computing trust management mechanism for smart cities

    IEEE Access

    (2020)
  • EckhoffD. et al.

    Privacy in the smart city—Applications, technologies, challenges, and solutions

    IEEE Commun. Surv. Tutor.

    (2018)
  • KumarN. et al.

    Bayesian coalition game for the Internet of Things: An ambient intelligence-based evaluation

    IEEE Commun. Mag.

    (2015)
  • BordelB. et al.

    Detecting malicious components in large-scale internet-of-things systems and architectures

  • LiuY. et al.

    Trust control in heterogeneous networks for Internet of Things

  • D. Chen, G. Chang, D. Sun, J. Li, J. Jia, X. Wang, TRM-IoT : A Trust Management Model Based on Fuzzy Reputation for...
  • SamailaM.G. et al.

    Security Challenges of the Internet of Things

    (2017)
  • HarelY. et al.

    Cyber security and the role of intelligent systems in addressing its challenges

    ACM Trans. Intell. Syst. Technol.

    (2017)
  • LiW. et al.

    Policy-based secure and trustworthy sensing for Internet of Things in smart cities

    IEEE Internet of Things J.

    (2018)
  • SaiedY.B. et al.

    Trust management system design for the Internet of Things: A context-aware and multi-service approach

    Comput. Secur.

    (2013)
  • L.C.V. et al.

    Mitigating on-off attacks in the Internet of Things using a distributed trust management scheme

    Int. J. Distrib. Sens. Netw.

    (2015)
  • Cited by (22)

    • A computational trust model for social IoT based on interval neutrosophic numbers

      2022, Information Sciences
      Citation Excerpt :

      They modeled the trust decay and maturity for updating trust values during a time window as their primary contribution. Elsewhere, using a context-based IoT trust model, Altaf et al. represented a method for detecting IoT nodes performing Sybil or on-off attacks [42]. They created a trust score by combining information from IoT nodes and recommendations from peers.

    • A trusted proof mechanism of data source for smart city

      2022, Future Generation Computer Systems
      Citation Excerpt :

      Yang et al. [5] built a user audit model based on attribute measurement and similarity measurement, and used a hierarchical decision model to construct judgment matrices to analyze user attribute data. The above-mentioned work [3–5] evaluate the security of IoT nodes from aspects of user attributes, user behavior, experience value or context information. In addition, Zeeshan et al. [6] were committed to efficient and energy-saving trusted management, which reduces the energy consumption of intrusion detection as much as possible through active channel monitoring based on trust and subjective logic; Amouri et al. [7] and others used machine learning methods to detect malicious nodes.

    View all citing articles on Scopus

    Ayesha Altaf received her Bachelor degree in Computer Science from COMSATS Institute of Information Technology, Lahore in 2006. She received her MS Degree in Information Security from National University of Sciences and Technology, Pakistan in 2009 and continuing her Ph.D. Degree in Information Security from National University of Sciences and Technology, Pakistan. Her research interests include Internet of Things security, Trust Modeling and Information Security.

    Haider Abbas is currently heading the National Cyber Security Auditing and Evaluation Lab (NCSAEL) at MCS NUST. He is a Cyber Security professional, academician, researcher and industry consultant who took professional trainings and certifications from Massachusetts Institute of Technology (MIT), United States; Stockholm University, Sweden; Stockholm School of Entrepreneurship, Sweden; IBM, USA and EC-Council. He received his MS in Engineering and Management of Information Systems (2006) and Ph.D. in Information Security (2010) from KTH — Royal Institute of Technology, Stockholm, Sweden. His professional career consists of activities ranging from R&D and Industry Consultations (Government & Private), through multi-national research projects, research fellowships, doctoral studies advisory services, International Journal Editorships, Conferences/Workshops Chair, Invited/Keynote Speaker, Technical Program Committee Member and reviewer for several international journals and conferences. In recognition of Dr. Abbas excellence in professional standing, he has been awarded one of the youngest Fellows of The IET, UK; a Fellow of The British Computer Society (BCS), UK and a Fellow of The IST, UK. He has also been elected to the grade of Senior Member of IEEE, USA and has been appointed as Distinguished Speaker by the ACM, USA.

    Faiza Iqbal received the M.S. and Ph.D. degrees in software engineering from National University of Sciences and Technology (NUST), Islamabad, Pakistan, in 2009 and 2015 respectively. She received Pakistan’s Higher Education Commission Indigenous Scholarship for M.S. leading to the Ph.D. She has been associated with the Department of Computer Science, Quaid-i-Azam University, Islamabad as Assistant Professor. Currently, she is working as Assistant Professor in the Department of Software Engineering, The University of Lahore, Lahore. Her current research interests are knowledge based systems, network optimization modeling, and high performance protocol design.

    Malik Muhammad Zaki Murtaza Khan completed his Ph.D. (Computer Science) and Masters in Science (Computer Science) from University of Southern California, Los Angeles in 2012. He completed his Postdoc (High-Performance Computing) from Norges Teknisk-Naturvitenskapelige Universitet – NTNU – Trondheim, Norway in 2018.

    Abdul Rauf graduated from the National University of Sciences and Technology (NUST), Pakistan in 1998 in Electrical Engineering (Telecommunication) and joined NUST in 1999. He did his M.Sc. from Technical University of Denmark (DTU), Denmark in 2004 in Telecommunication Engineering and completed his Ph.D. from University of Sheffield, UK in Sep 2011. He also holds Postgraduate Certificate in Teaching in Higher Education from the University of Sheffield, UK and is Certified Secure Computer User (CSCU) by EC Council, USA. He has a long continuous affiliation with NUST and is part of NUST Faculty since 1999. He has a rich experience of teaching, research and academic management. He additionally held various positions of academic management at NUST including, Head of Department (EE) (Jul 2012–Dec 2014) and Head of Faculty (Engineering) (Oct 2015–Aug 2018).

    Tehsin Kanwal is working for her Ph.D. in computer science department, CIIT Islamabad. Her research interests include security & privacy issues in distributed Networks. She is actively involved in research, and development activities since last 8 year.

    View full text