- Email: [email protected]
Trusted GPSR protocol without reputation faking in VANET
The Journal of China Universities of Posts and Telecommunications October 2015, 22(5): 22–31 www.sciencedirect.com/science/journal/10058885
http://jcupt.xsw.bupt.cn
Trusted GPSR protocol without reputation faking in VANET Xiao Ya, Zheng Shihui (
), Sun Bin
School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China
Abstract In vehicular ad hoc network (VANET), misbehaviors of internal nodes, such as discarding packets, may lead to a rapid decline in packet delivery ratio. To solve this problem, an improvement of greedy perimeter stateless routing (GPSR) protocol is presented. In the new protocol, trustworthiness is considered in the route selection process. The trustworthiness is measured by an objective trust model based on the subjective trust model DyTrust. And the reputation value which reflects the trustworthiness of each node is calculated and broadcasted by the intersection nodes. Specially, besides resisting the packet-discarding behavior of selfish nodes, this protocol also includes a location detection process to resist the location-faking behavior of malicious nodes. As a result, the selfish nodes and the malicious nodes can be excluded from the network. In addition, compared with improved GPSR protocol, the presented one is able to resist one kind of reputation-faking attack and has better performance in simulation. Keywords trusted routing protocol, reputation model, vehicular ad hoc network (VANET), greedy perimeter stateless routing (GPSR), selfish nodes, malicious nodes
1 Introduction The VANET [1] is a special mobile ad hoc network (MANET) which is composed of the vehicles at high speed and the wired infrastructures locating at the intersections of roads. In some typical routing protocols, nodes need to store routing tables to choose next hop nodes, such as destination-sequenced distance-vector (DSDV) routing protocol, ad hoc on-demand distance vector (AODV) routing protocol, dynamic source routing (DSR) protocol. However, the topology of VANET changes so fast that the routing tables need to be updated frequently, which may lead to flooding congestion of the network. Therefore, these routing protocols are not suitable for VANET. GPSR protocol [2–3] is based on current location information of vehicle nodes. The current routing node chooses a neighbor node which is nearest to the destination node as the next routing node in greedy mode. If the nearest node is itself, the greedy mode fails. Then, the node chooses next routing node according to right hand rule in perimeter mode. Received date: 10-06-2015 Corresponding author: Zheng Shihui, E-mail: [email protected] DOI: 10.1016/S1005-8885(15)60676-8
The current security mechanism of VANET mainly aims to resist the attacks from the nodes without legitimate identities, but it cannot identify or exclude selfish nodes or malicious nodes which are legitimate internal nodes (also called member nodes). Therefore, trust model is introduced to measure the behavior tendency of nodes and exclude selfish nodes and malicious nodes [4]. In 1994, Stephen [5] formalized the concept of trust for the first time. In 2001, Aberer et al. introduced trust model into P2P network [6]. Then, a number of trust models in P2P network were presented [7], such as trust model in eBay system (TMBS), eigen trust, power trust etc. Moreover, in 2004, Xiong et al [8] presented a trust model called peer trust, and an improvement named DyTrust was put forward by Chang et al [9] in 2006. DyTrust has outstanding dynamic adaptability and does well in defensing strategically altering behavior of some malicious nodes. There are many results about trust models in AODV protocol and DSR protocol [10], like trusted routing protocols AER-AODV [11], AOTDV [12], RTDSR [13] and FTDSR [14] etc. However, relevant research results in GPSR protocol are rare. In 2011, Li [15] presented a trusted routing protocol named improved GPSR by
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
introducing a special trust model, i.e., reputation model, into GPSR protocol. It focuses on the selfish nodes which discard data packets rather than forward them. In this protocol, a routing node monitors its next hop node to decide if the packet has been forwarded by the next hop node and gives the corresponding feedback value. The next hop node then updates the reputation value of itself based on the received feedback values. Meanwhile, the route selection rule is changed. The current routing node chooses the node with highest reputation value from the neighbor nodes that are nearer to the destination node than itself as the next routing node. As a result, the selfish nodes with low reputation values are excluded from the network. However, in the above reputation model, the reputation value of a node is computed and broadcasted by the node itself. The malicious nodes may deliberately broadcast fake high reputation values and thus they can be chosen as the next hop nodes. Therefore, these nodes cannot be distinguished from good nodes properly. This paper proposes a trusted routing protocol called Rep GPSR which introduces a reputation model based on DyTrust into GPSR protocol. The reputation values are computed by the intersection nodes so the threat of faking reputation value in Ref. [15] can be eliminated. Moreover, compared with improved GPSR, it reduces the number of feedback packets in each communication and optimizes the route selection algorithm to improve efficiency of communications. In addition, in GPSR protocol, a malicious node can fake a more advantageous location to greatly improve the chance of being selected as the routing node by its neighbors. Hence, Rep GPSR takes consideration of resisting this attack called black hole attack which does great harm to the network. It detects nodes conducting this attack through the location detection algorithm and then decreases their reputation values significantly through the reputation model. So the location-faking malicious nodes can be distinguished from good nodes, and the packet delivery ratio can be maintained at a high level.
2 Related knowledge Trust model is an evaluation system for the behavior of entities. It inputs the feedbacks according to behaviors between entities, and outputs the metrics of nodes’ trustworthiness. At present, trust models can be divided into two categories, i.e. subjective models and objective
23
models. In the subjective trust model, every node has different trust values seen from different other nodes. In the objective trust model, every node has only one unified trust value seen from all other nodes. The objective trust model can also be called reputation model and the unified trust value can be called reputation value. DyTrust model is a subjective trust model. In this model, every node i has a trust value Tijn to other node j. Here, superscript n represents the n-th time-frame. Tijn
is
defined by the direct trust value of node i to node j, denoted as Dijn , and the recommendation trust value to j from all the other nodes which has interacted with j. The trust metrics in DyTrust model are updated based on time-frames, thus DyTrust has outstanding dynamic adaptability to the changes of trust values. However, in VANET, node i and j have high probability of never encountering before, so there is no direct trust value Dijn . Moreover, it is too costly for node i to obtain the recommendation trust value from every other node. For this reason, the model presented in this paper is changed to an objective trust model which is called reputation model (see Sect. 3.2) in the rest of this paper.
3 Rep GPSR protocol Firstly, we give some assumptions of VANET. 1) In VANET, the intersection nodes are widespread and reliable. Meanwhile, they have enough capacity to calculate and store data. In addition, the adjacent intersection nodes can exchange data with each other by means of wired communication. 2) In VANET, every road is under the charge of a certain intersection node. 3) Every vehicle node is equipped with a GPS device and a map, so the vehicle node can get the twodimensional geographic coordinates of itself. 4) The signal sending devices of all vehicle nodes use the same power to send the signals and the receiving devices record the power of the received signals. Thus through the above two parameters, the receiver can calculate the distance between the sender and itself. 3.1
Framework of Rep GPSR
The new routing protocol is called Rep GPSR. The framework of Rep GPSR is shown in Fig. 1.
24
The Journal of China Universities of Posts and Telecommunications
2014
changed according to the network status. When the percentage of misbehaving nodes in the network is low, the value of ω can be set smaller. Otherwise, ω can be set larger to assure that the reputation value plays a more important role in the route selection. However, it should be smaller than 0.5 to assure that the location parameter is always playing the dominant role in the route selection.
(a) Framework of GPSR
3.2
Reputation model
The reputation model includes four phases: the initialization phase, the feedback values generation phase, the feedback values collection and reputation values calculation phase, the reputation values broadcast phase. Below, we first introduce the key algorithm in the third phase. 3.2.1
Fig. 1
There are three reputation metrics of the reputation model, i.e., short time reputation value RSnj , long time
(b) Framework of Rep GPSR Frameworks of GPSR and Rep GPSR
reputation value RLnj and misusing reputation accumulation
In Fig. 1(a) is the framework of GPSR protocol. Fig. 1(b) shows the framework of Rep GPSR. The route selection module input not only the location parameters L from the location notification module but also the reputation values R from the reputation model (see Sect. 3.2) to select a comprehensive optimal node i. Then, there is a location detection process (see Sect. 3.3) to the node i. If passing the detection, node i becomes the next routing node. Otherwise, the detection node sends a bad feedback to the reputation model and the route selection is executed again. The location parameter of node i, denoted as Li , is defined as follows: S − Si Li = max ; S max − Smin ≠ 0 Smax − S min
value RAn j . The smaller one of RSnj and RLnj is selected as the reputation value of j, denoted as R nj . RAn j is used in the update algorithm in the (n+1)-th time-frame. The metrics are updated in every time-frame based on a parameter named time-frame reputation value RTnj . 1) Time-frame reputation value RTnj calculation
Dijn in our model still represents the direct trust value of i to j. In the n-th time-frame, suppose that node i has interacted with node j m times. Dijn is defined as follows: m
∑e
n ijr
(1)
Si denotes the distance between node i and the destination node. Smax and Smin denote the longest and the shortest distances to the destination node among all the neighbor nodes, respectively. The decision parameter of i is denoted as Ci . The node with highest decision parameter is selected as the comprehensive optimal node. Ci is defined as follows:
Ci = ω Ri + (1 − ω ) Li
Reputation value update algorithm
(2)
Here, ω is a constant representing the weight of the reputation value, Ri ∈ [0,1] . The value of ω should be
n ij
D =
r =1
(3) m eijrn ∈ [0,1] denotes the feedback value from node i on
node j based on the r-th interaction in the n-th time-frame. Then, a set of nodes that have interaction with node j in the n-th time-frame is denoted as P(j). The time-frame reputation value of j is calculated by all the Dijn (i ∈ P(j)) as follows:
∑
n Tj
R =
Dijn
i∈P ( j )
| P( j) |
(4)
|P(j)| denotes the number of the members in set P(j). Through Eq. (4), it can be known that RTnj is the average
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
value of all the Dijn . 2) Reputation metrics update At the end of the n-th time-frame, the reputation metrics of this model are updated based on time-frame reputation value RTnj . If node j has no interaction with others in this time-frame, j’s reputation metrics remain unchanged. Otherwise, short time reputation value RSnj and long time reputation value RLnj are updated firstly. Then, reputation value
R nj
is updated accordingly. Finally, misusing
reputation accumulation value RAn j is updated. a) Short time reputation value RSnj reflects the behavior tendency of node j within a short time. It is calculated as follows: (5) RSnj = (1 − ρ ) RSnj−1 + ρRTjn Here,ρis the reputation learning factor. Its value is determined as follows: α ; RTnj − RSnj−1≥0 ρ= (6) β ; others β denotes the reputation dropping learning factor. It is a constant which is preset when the reputation model is initialized. αdenotes the reputation rising learning factor which is a variable and may decrease in the subsequent time-frames according to RAn j which is introduced below. The initial value of αis preset in the initial state and satisfies α<β. In this way, the effect that reputation values drop fast but rise slowly is ensured. b) Long time reputation value RLnj shows node j’s behavior tendency in a long time period. It is the average value of all the time-frame reputation values for n time-frames: RLnj−1 ( n − 1) + RTnj RLnj = (7) n c) Reputation value R nj is the smaller one of RSnj and
RLnj : R nj = min ( RSnj , RLnj )
(8)
In this way, some strategic behavior attacks can be resisted successfully. Specifically, if a malicious node j with long-run misbehaviors wants to pretend to be a good node by performing good behaviors in a short run, the result shows that RSnj ascends rapidly while RLnj still remains low. So, R nj remains low as well. In another case, a malicious node j hopes to accumulate high reputation
25
value through long-run good behaviors, followed by the implementation of malicious behavior attacks in a short run. However, the result manifests a high RLnj but a low
RSnj . So, R nj is also low. d) Misusing reputation accumulation value RAn j is the reputation metric which reflects the swing behavior attack that nodes are very rapid cycling between good and bad behaviors. It is defined as follows: n −1 n −1 n n −1 n R + R j − RTj ; R j − RTj > ε (9) RAn j = An j−1 RAj ; others The initial value RAj0 is preset as 0 and ε is the misusing accumulation threshold. If the result of R nj −1 − RTnj is greater than the threshold ε , the node is considered to have the suspicion of having conducted swing behavior attack. It results in a larger RAn j . The value of reputation rising learning factor α used in (n+1)-th time-frame is adjusted as follows: c (10) α =α0 c + RAn j Here, c is the penalty factor and α 0 is the initial value of α. If RAn j keeps the value 0, α remains unchanged. If
RAn j
increases, the value of α
decreases. In the
subsequent time-frames, it becomes more difficult to improve the reputation value of the node with a lower α . 3.2.2 Process of the reputation model The process of the reputation model is showed below. Step 1 The initialization of nodes In order to become legitimate internal nodes, the new nodes need to pass the authentication process to get the public and private key pairs from the authentication center. Meanwhile, the authentication center gives the initial reputation value to every new node. Because the range of the reputation value is [0,1], the initial reputation value is set as 0.5, which shows the uncertainty of the node’s behavior tendency. Step 2 The feedback values generation Feedback values are the input of the reputation model. Here, we simplify them to two fixed values, i.e., good feedback with value 1 and bad feedback with value 0. After a successful communication, the destination node gives good feedbacks on all the routing nodes in this communication. The destination nodes are the only sources
26
The Journal of China Universities of Posts and Telecommunications
of good feedbacks. The bad feedbacks should be generated according to misbehaviors. There are two kinds of misbehaviors we consider: faking location and discarding packets. For the location-faking behavior of malicious nodes, the location detection node works through the location detection algorithm (see Sect. 3.3) to judge whether a node has faked its location parameter. If the detected node is founded having faked location, a bad feedback is generated by the detection node. If the detected node is considered to be honest, the detection node does nothing. That is to say, there isn’t a good feedback about it. For the packet-discarding behavior of selfish nodes, due to the difficulties in detecting this kind of behavior, this scheme doesn’t detect it or send bad feedback according to it. However, the reputation values of selfish nodes remain unchanged all the time. So, selfish nodes can also be distinguished from good nodes. Step 3 The feedback values collection and the reputation values calculation The member node that gives the feedbacks generated in Step 2 should send its feedback values to the intersection node. It sends the feedback packet when entering the communication range of the intersection node. Since the member node has the public and private key pair generated in Step 1, the feedback values should be sent together with a signature. When the intersection node receives the feedback packet, it verifies the identity of the sender. If the sender is confirmed as a member node, the feedback values are accepted. Otherwise, the feedback values are invalid. The intersection node exchanges the accepted feedback values with the adjacent intersection nodes. Then, the intersection node calculates the reputation values of the vehicle nodes on the roads under its management according to the reputation update algorithm described in Sect. 3.2.1. Step 4 The reputation values broadcast The intersection node gathers all the reputation values updated by its adjacent intersection nodes and itself to form a reputation list and signs it with the secret key. Then, the intersection node broadcasts the reputation list together with the signature. When a vehicle node passes by the intersection node, it can receive the reputation list and verify it. If the sender is confirmed as this intersection node, the vehicle node accepts this reputation list and stores it until receiving a new one from another intersection node at the next intersection.
3.3
2014
Location detection algorithm
To suppress the location-faking behavior, this model introduces a location detection process to the selected comprehensive optimal node in the route selection process. The basis of the detection algorithm is the path loss formula of signal strength, as follows: (11) L p = Ad α A and α denote the propagation constant and the path loss coefficient separately and they are constants that can be obtained by experiments on the relevant devices. L p is the path loss of the signal, which can be calculated by the transmit power of the sender and the received power. d represents the distance between the sender and the receiver. Obviously, the distance d can be calculated according to Eq. (11). Let the nodes i, j, k are three vehicle nodes which can communicate directly with each other. Node i is the comprehensive optimal node selected by node j in the route selection process, the location detection process is described as follows: Step 1 Node j calculates the distance between i and j which is denoted as dij by its location and i’s claimed location. Then, node j obtains the path loss L p by accessing the receiving device and calculates the real distance denoted as dij′ according to Eq. (11). When
σ = d ij′ / d ij − 1 ≤0.05 , the detection goes into Step 2. Otherwise, node i is considered to have faked location information. Step 2 Node j requests the common neighbor k of i and itself to help with the detection. After receiving the request from j, k searches its neighbor list to find i’s claimed location and verifies it according to Step1. If i passes successfully, k does nothing. Otherwise, k broadcasts a warning message. Step 3 When j sends the request to k, j sets a detection time t and starts a countdown clock. Before the end of the countdown clock, if j receives the warning broadcast, it considers i as a malicious node. Otherwise j considers i as an honest node.
4 Simulation 4.1
Experimental environment
This simulation constructs a traffic network including 12
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
roads which are 2 km long and 12 intersection nodes (as Fig. 2).
27
ni (12) N Here, ni and N represent the number of successful
E ( ∆t ) =
interactions and the number of total interactions of node i in the t-th ∆ separately. Ti (t ) denotes the reputation value of i at the end of the t-th ∆ : (13) Ti ( t ) = Ti ( t − 1) 1 + Ei ( ∆t ) − Ei ( ∆ ( t − 1) ) However, the initial values Ti ( 0 ) and Ei (∆0) are not given in Ref. [15]. According to the Eq. (13), Ti ( 0 ) must be a nonzero value. The initial reputation value of Rep GPSR is 0.5, so we preset Ti ( 0 ) as 0.5 for the convenience of Fig. 2
Network topology
Simulation settings is showed below: OS: Windows 7 Platform: eclipse Language: Java The number of vehicle node: 600 Communication raduis: 304 m speed of vehicles: 10 m/s~20 m/s data packet size: 512 byte bandwidth: 2 Mbit/s Location notification interval: 0.1 s Reputation update interval: 1 s Simulation time: 60 s Intensity of communication: 30 times/s Parameters in Rep GPSR is showed below: Initial reputation value R0: 0.5 Initial short time reputation value RS0 : 0.5 Initial long time reputation value RL0 : 0.5 Reputation rising learning factor α 0 : 0.2 Reputation dropping learning factor β : 0.3 Misusing accumulation threshold ε : 0.05 Punishment control factor c: 0.1 Weight of reputation value ω : 0.3—0.5 Improved GPSR protocol in Ref. [15] distinguishes selfish nodes from good nodes by a reputation model. However, some initial parameters of the experiments are not given in Ref. [15]. In order to compare it with Rep GPSR presented in this paper, we discuss the preset values of Ei (∆t ) and Ti (t ) . In the t-th time interval ∆ , a parameter named trusted experience of node i is denoted as Ei (∆t ) . It is calculated as follows:
comparison. Then, we assign the value of Ei ( ∆0 ) as 0, 0.5 and 1 separately. The results show when Ei ( ∆0 ) is set as 1, the reputation values of good nodes don’t rise all the time but decline occasionally, which is detrimental to packet delivery ratio. However, when the value is 0.5 or 0, packet delivery ratio is higher. Therefore, in the following simulation we preset Ei ( ∆0 ) as 0 for simplicity. Moreover, when node i has no interaction with others in t-th ∆ , i.e. ni =N= 0, Ei ( ∆0 ) is not defined in Ref. [15]. We discuss the following two situations. If the value of Ei (∆t ) is set as 0, the reputation values of these good nodes decline sharply and near to 0 , which leads to very low packet delivery ratio. If the value of Ei ( ∆0 ) is set as a nonzero value, like 0.5 or 1, the reputation values of selfish nodes may rise sometimes, which is unreasonable. Consequently, the best choice is to keep the reputation value of the node which has no interaction unchanged. 4.2
Comparative analysis
The simulation in this section is carried out under two conditions. Condition 1: The senders and the receivers of communications are chosen randomly. Condition 2: The simulation is carried out under the selfish nodes which discard packets and the percentage of the selfish nodes ranges from 0 to 10%. The following data derives from the average value of 10-times results. 1) Packet delivery ratio Packet delivery ratio is an important index to measure
28
The Journal of China Universities of Posts and Telecommunications
the effectiveness of a routing protocol. As shown in Fig. 3, the packet delivery ratio in GPSR declines significantly when the percentage of selfish nodes increases from 0 to 10%. However, in Rep GPSR and improved GPSR, the decrease is slight. The results are benefited from the reputation models introduced into those routing protocols.
GPSR. In addition, the normalized routing load in GPSR shows a significant rise. It results from the sharp decline in the number of successful communications but the number of routing control packets doesn’t rise.
Fig. 4 Fig. 3
Packet delivery ratio
2) Normalized routing load Generally, the reputation model brings more cost to the network. Normalized routing load is commonly used to measure the routing load. It is defined as follows: N + N fc Lnr = sc (14) N com Where Lnr
denotes normalized routing load, N sc
denotes the times of routing control packets being sent and N fc denotes the times of routing control packets being forwarded,
N com
denotes the number of successful
communications. In GPSR protocol, the routing control packets are the location notification packets broadcasted regularly. In improved GPSR, the routing control packets contain the feedback packets and the location notification packets in which the reputation values can also be attached. In Rep GPSR presented in this paper, the routing control packets contain the location notification packets, the feedback packets and the reputation lists. As illustrated in Fig. 4, the normalized routing load in Rep GPSR is always smaller than in improved GPSR with the increase of the number of selfish nodes. This can be attributed to the fact that only one feedback packet which includes all feedback values on every routing node is sent after one successful communication in Rep GPSR, while in improved GPSR, every routing node sends a feedback packet on its next hop. Consequently, the number of feedback packets in Rep GPSR is fewer than in improved
2014
Normalized routing load
3) Average number of hops of communications When the time complexity of route selection of different routing protocols is similar, the number of hops of a communication is the major factor in the end-to-end time delay. In these experiments, the average number of hops of successful communications is counted. As illustrated in Fig. 5, the average number of hops in Rep GPSR is always fewer than in improved GPSR. This is because that the route selection algorithm of Rep GPSR considers location parameter as a major factor while in improved GPSR, nodes select routing nodes totally on the basis of better reputation value, which results in an obvious increase of the number of communication hops.
Fig. 5
Average number of hops of communications
What’s more, the average number of hops in GPSR declines sharply with the increase of the number of selfish nodes. The reason is that the communications which need more hops are more sensitive to the increase of the number of selfish nodes. When the number of selfish nodes
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
increases, the number of failed communications which need more hops increases more rapidly. The failed communications are not counted to calculate the average number of hops. 4) Participation ratio and distinguishing ratio of good nodes Participation ratio of good nodes represents the percentage that good nodes selected as routing nodes accounts for of total good nodes. In a network with balanced load, the probability of being chosen for every good node should be almost the same. Under the condition 1, the participation ratio of good nodes after enough communications can be predicted as close to 1. Fig. 6 shows the participation ratio of good nodes in the three protocols.
misbehaving nodes. So, the value of distinguishing ratio of good nodes equals to the value of participation ratio of good nodes. A good reputation model should have high distinguishing ratio of good nodes. As shown in Fig. 7, the distinguishing ratio of good nodes in Rep GPSR is always more than 90%. However, it is below 70% all the time in improved GPSR. This shows a bad ability of distinguishing. In addition, Fig. 7 also shows that the distinguishing ratio of good nodes in improved GPSR rises a little when the number of selfish nodes increases. This is only because that the total number of good nodes decreases. However, the number of good nodes which have been distinguished from misbehaving nodes doesn’t rise anyway.
Fig. 7 Fig. 6
Participation ratio of good nodes
As shown in Fig. 6, the participation ratio of good nodes in GPSR is almost 1 all the time and the participation ratio of good nodes in Rep GPSR is also higher than 90%. However, there are more than 30% good nodes which are always excluded from the interaction in improved GPSR. This result suggests a very unbalanced load. It results from the dominant role of the reputation value in the route selection process. Obviously, in improved GPSR, nodes have the same reputation values in the initial state. When the network starts to work, the reputation values of some good nodes that have been selected as routing nodes at first are improved. Compared with other nodes, these good nodes have higher reputation values and have the absolute advantage of being selected as routing nodes continually. As a result, there are a number of good nodes that have never been selected. Distinguishing ratio of good nodes represents the percentage that good nodes which are distinguished from misbehaving nodes accounts for of total good nodes. If a good node has participated in communication and its reputation value has risen, it is distinguished from
29
4.3
Distinguishing ratio of good nodes
Simulation under malicious nodes
Considering the importance of location information in GPSR, the malicious nodes have a great probability of faking the location notification in black hole attack. When malicious node k notices that its neighbor node i has forwarded a packet to its neighbor node j, node k will pretend to be the optimal next hop of j by broadcasting the fake location notification. If k is selected as the next routing node by j, k can eavesdrop, falsify and discard the packet. In this simulation, we suppose that the location-faking malicious node k will discard the packet after receiving it. As shown in Fig. 8, GPSR cannot resist location-faking attack, so the packet delivery ratio declines significantly. In Rep GPSR, these malicious nodes can be found by means of the location detection algorithm. Furthermore, their reputation values are decreased by reputation model and they are excluded from the network. Hence, the packet delivery ratio in Rep GPSR is maintained at a high level.
30
The Journal of China Universities of Posts and Telecommunications
2014
4.5 Simulation under a large number of selfish nodes and malicious nodes
Fig. 8 Packet delivery ratio under malicious nodes
Overall effectiveness under selfish nodes and 4.4 malicious nodes The experiments under 2% selfish nodes and 2% malicious nodes are carried out to show the overall effectiveness. Fig. 9 shows the change trends of the average reputation values of the three kinds of nodes in 60 s. Obviously, most of malicious nodes and selfish nodes can be easily distinguished from good nodes.
Fig. 9
The above experiments show the better performance of Rep GPSR compared with GPSR and improved GPSR under a small amount of misbehaving nodes. When the number of misbehaving nodes increases, the effectiveness of Rep GPSR deteriorates. To show this trend, the following experimental results are counted. 1) The distinguishing effect According to the different reputation values, selfish nodes and malicious nodes can be distinguished from good nodes. The experimental result under 50% selfish nodes and 50% good nodes is showed in Fig. 11(a). The experimental result under 50% malicious nodes and 50% good nodes is showed in Fig. 11(b). As shown in Fig. 11(a), when selfish nodes are numerous, the average reputation value of good nodes has a slow rise while the average reputation value of selfish nodes remains unchanged. In Fig. 11(b), when malicious nodes are numerous, the average reputation value of good nodes also rises slowly while the average reputation value of malicious nodes faces a violent drop.
Average reputation values of three kinds of nodes
The packet delivery ratio in Rep GPSR and GPSR is counted to show the overall effectiveness of the new protocol. As shown in Fig. 10, the packet delivery ratio in Rep GPSR rises to about 87% with the simulation time increasing while the packet delivery ratio in GPSR is always about 55%.
Fig. 10 Packet delivery ratio under selfish nodes and malicious nodes
(a)
Fig. 11 Average misbehaving nodes
(b) reputation
value
under
numerous
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
However, the reputation values of selfish nodes and malicious nodes still show different change trends from the reputation values of good nodes. Hence, they can still be distinguished from good nodes in this situation. 2) The effectiveness of the trusted routing protocol Although the misbehaving nodes can still be distinguished clearly from good nodes by the different reputation values, the effectiveness of Rep GPSR has a sharp decline because of the numerous misbehaving nodes. Below, the packet delivery ratio and the normalized routing load of Rep GPSR under selfish nodes or malicious nodes ranging from 10%~50% are counted. When the proportion of selfish nodes increases from 10% to 30%, the packet delivery ratio decreases slowly. However, when the proportion exceeds 30%, the packet delivery ratio drops dramatically. When selfish nodes account for half of total nodes, the packet delivery ratio is below 50%. Normalized routing load is the result of the times routing control packets being sent and forwarded divided by the number of successful communications. Therefore, the sharp decline in successful communications also leads to a rapid rise in the normalized routing load. As shown in Table 1, it rises rapidly when selfish nodes exceeds 30%. In this case, the network status becomes awful. Table 1 Packet delivery ratio and normalized routing load of Rep GPSR under numerous selfish nodes Percentage of selfish nodes 10% 20% 30% 40% 50%
Packet delivery ratio 0.841 1 0.805 1 0.741 6 0.584 9 0.403 5
Normalized routing load 241.9 268.4 295.7 375.3 566.5
Table 2 shows the performance of Rep GPSR under malicious nodes. The change trends of the performance are similar to the change trends when selfish nodes involved. When the percentage of malicious nodes exceeds 30%, the performance suffers from serious deterioration. Table 2 Packet delivery ratio and normalized routing load of Rep GPSR under numerous malicious nodes Percentage of malicious nodes 10% 20% 30% 40% 50%
Packet delivery ratio 0.885 6 0.821 8 0.749 7 0.621 3 0.441 5
Normalized routing load 246.0 290.5 352.5 508.1 663.0
In addition, compared with the situation under selfish nodes, the normalized routing load rises more sharply
31
because of the numerous extra feedback packets on the location-faking nodes.
5 Conclusions A reputation model is presented by transforming the subjective model DyTrust into an objective one. It distinguishes selfish nodes and malicious nodes from good nodes through the different change trends of the reputation values. In the route selection process of Rep GPSR, the reputation value is considered as a minor factor to exclude selfish nodes and malicious nodes. The simulation indicates that Rep GPSR has a good effect of assuring high packet delivery ratio and maintaining good performance. Moreover, Rep GPSR prevents a kind of reputation-faking attack existing in improved GPSR by using the intersection nodes to calculate and broadcast the reputation values. However, it brings the hidden problem of single node invalidation. In other words, if an intersection node doesn’t work, the reputation values of vehicle nodes on this road are unavailable. Furthermore, this scheme lacks the mechanism to prevent dishonest feedbacks from internal nodes. If there are numerous these dishonest feedback nodes, it will cause great harm to the reputation model. This problem is also an open problem. Acknowledgements This work is supported by the National Natural Science Foundation of China (61502048), 242 Foundation (2015A071, 2015A136).
References 1. Tyagi P, Dembla D. Investigating the security threats in vehicular ad hoc networks (VANETs): Towards security engineering for safer on-road transportation. Proceedings of the 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI’14), Sept 24−27, 2014, New Delhi, India. Piscataway, NJ, USA: IEEE, 2014: 2084−2090 2. Karp B, Kung H T. GPSR: Greedy perimeter stateless routing for wireless networks. Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MOBICOM’00), Aug 6−11, 2000, Boston, MA, USA. New York, NY, USA: ACM, 2000: 243−254 3. Tu H Y, Peng L, Li H Y, et al. GSPR-MV: A routing protocol based on motion vector for VANET. Proceedings of the 12th International Conference on Signal Processing (ICSP’14), Oct 19−23, 2014, Hangzhou, China. Piscataway, NJ, USA: IEEE, 2014: 2354−2359 4. Bao F Y, Chen I R, Chang M J, et al. Hierarchical trust management for wireless sensor networks and its applications to trust-based routing and intrusion detection. IEEE Transactions on Network and Service Management, 2012, 9(2): 169−183
To p. 55
Issue 5
of
China
Huang Yu, et al. / Electromagnetic effects of nearby NaCl solution on RFID tags based on dynamic…
(61475071);
(BK20141032);
the
Jiangsu
China
Natural
Science
Foundation
Postdoctoral
Science
Foundation
(2013M531363); the Postdoctoral Science Foundation of Jiangsu
5.
Province (1202020C); the Science and Technology Project of General Administration of Quality Supervision, Inspection and
6.
Quarantine of China (2013QK194); the Science and Technology Project of Quality and Technical Supervision of Jiangsu Province
7.
(KJ133818).
References 1. Koo T W, Kim D, Ryu J I, et al. Design of a label-typed UHF RFID tag antenna for metallic objects. IEEE Antennas and Wireless Propagation Letters, 2011, 10: 1010−1014 2. Moradi E, Björninen T, Ukkonen L, et al. Characterization of embroidered dipole-type RFID tag antennas. Proceedings of the 2012 IEEE International Conference on RFID-Technologies and Applications (RFID-TA’12), Nov 5−7, 2012, Nice, France. Piscataway, NJ, USA: IEEE, 2012: 248−253 3. Virtanen J, Björninen T, Ukkonen L, et al. Passive UHF inkjet-printed narrow-line RFID tags. IEEE Antennas and Wireless Propagation Letters, 2010, 9: 440−443 4. Wu D, Wang D. Experimental study of UHF RFID performance in liquid
8. 9.
10.
11. 12.
55
environment. Proceedings of the 2011 IEEE International Conference on Intelligent Computing and Intelligent Systems (ICIS’11), Nov 18−20, 2011, Guangdong, China. Piscataway, NJ, USA: IEEE, 2011: 493−496 Griffin J D, Durgin G D. Complete link budgets for backscatter-radio and RFID systems. IEEE Antennas and Propagation Magazine, 2009, 51(2): 11−25 Nikitin P V, Rao K V S . Theory and measurement of backscattering from RFID tags. IEEE Antennas and Propagation Magazine, 2006, 48(6): 212−220 Koski E, Bjorninen T, Ukkonen L, et al. Radiation efficiency measurement method for passive UHF RFID dipole tag antennas. IEEE Transactions on Antennas and Propagation, 2013, 61(8): 4026−4035 Dobkin D M. The RF in RFID: Passive UHF RFID in practice. Amsterdam, Netherland: Elsevier, 2008 Mo L F, Zhang H J, Zhou H L. Analysis of dipole-like ultra high frequency RFID tags close to metallic surfaces. Journal of Zhejiang University: Science A, 2009, 10(8): 1217−1222 Yu X L. RFID anti-collision and reading distance measurement system of multi-tag under gate entrance environment. China Patent. ZL 201320196269.2. Apr 18, 2013 (in Chinese) Dean J A. Lang's handbook of chemistry. 2nd ed. Beijing, China: Science Press, 2003: 8.156−8.168 Griffin J D, Durgin G D, Haldi A, et al. RF tag antenna performance on various materials using radio link budgets. IEEE Antennas and Wireless Propagation Letters, 2006, 5(1): 247−250
(Editor: Lu Junqiang)
From p. 31 5. Stephen M. Formalising trust as a computational concept. Ph D Thesis. Stirling, UK: University of Stirling, 1994 6. Aberer K, Despotovic Z. Managing trust in a peer-2-peer information system. Proceedings of the 10th International Conference on Information and Knowledge Management (CIKM’01), Nov 5−10, 2001, Atlanta, GA, USA. New York, NY, USA: ACM, 2001: 310−317 7. Kun H, Lu W. Research of trust model based on peer-to-peer network security. Proceedings of the 2013 International Conference on Information Technology and Applications (ITA’13), Nov 16−17, 2013, Chengdu, China. Piscataway, NJ, USA: IEEE, 2013: 126−129 8. Xiong L, Liu L. Peertrust: Supporting reputation-based trust for peer-to-peer electronic communities. IEEE Transactions on Knowledge and Data Engineering, 2004,16(7): 843−857 9. Chang J S, Wang H M, Yin G. DyTrust: A time-frame based dynamic trust model for P2P systems. Chinese Journal of Computers, 2006, 29(8):1301−1307 (in Chinese) 10. Thorat S A, Kulkarni P J. Design issues in trust based routing for MANET. Proceedings of the 2014 International Conference on Computing,
11.
12. 13.
14.
15.
Communication and Networking Technologies (ICCCNT’14), Jul 11−13, 2014, Hefei, China. Piscataway, NJ, USA: IEEE, 2014:7p Mukherjee S, Chattopadhyay M, Chattopadhyay S. A novel encounter based trust evaluation for AODV routing in MANET. Proceedings of the 2015 International Conference on Applications and Innovations in Mobile Computing (AIMoC’15), Feb 12−14, 2015, Kolkata, India. Piscataway, NJ, USA: IEEE, 2015:141−145 Li X, Jia Z, Zhang P, et al. Trust-based on-demand multipath routing in mobile ad hoc networks. IET Information Security, 2010,4(4): 212−232 Laidoui F, Bouabana-Tebibel T. Reinforcement of trust in DSR. Proceedings of the IEEE 14th International Conference on Information Reuse and Integration (IRI’13), Aug 14−16, 2013, San Francisco, CA, USA. Piscataway, NJ, USA: IEEE, 2013: 708−711 Xia H, Jia Z, Ju L, et al. Trust management model for mobile ad hoc network based on analytic hierarchy process and fuzzy theory. IET Wireless Sensor Systems, 2011,1(4): 248−266 Li J M. New trusted routing protocol in vehicular ad hoc network. Journal of Jilin University: Engineering and Technology Edition, 2011, 41(1): 198−202 (in Chinese)
(Editor: Lu Junqiang)
http://jcupt.xsw.bupt.cn
Trusted GPSR protocol without reputation faking in VANET Xiao Ya, Zheng Shihui (
), Sun Bin
School of Computer Science, Beijing University of Posts and Telecommunications, Beijing 100876, China
Abstract In vehicular ad hoc network (VANET), misbehaviors of internal nodes, such as discarding packets, may lead to a rapid decline in packet delivery ratio. To solve this problem, an improvement of greedy perimeter stateless routing (GPSR) protocol is presented. In the new protocol, trustworthiness is considered in the route selection process. The trustworthiness is measured by an objective trust model based on the subjective trust model DyTrust. And the reputation value which reflects the trustworthiness of each node is calculated and broadcasted by the intersection nodes. Specially, besides resisting the packet-discarding behavior of selfish nodes, this protocol also includes a location detection process to resist the location-faking behavior of malicious nodes. As a result, the selfish nodes and the malicious nodes can be excluded from the network. In addition, compared with improved GPSR protocol, the presented one is able to resist one kind of reputation-faking attack and has better performance in simulation. Keywords trusted routing protocol, reputation model, vehicular ad hoc network (VANET), greedy perimeter stateless routing (GPSR), selfish nodes, malicious nodes
1 Introduction The VANET [1] is a special mobile ad hoc network (MANET) which is composed of the vehicles at high speed and the wired infrastructures locating at the intersections of roads. In some typical routing protocols, nodes need to store routing tables to choose next hop nodes, such as destination-sequenced distance-vector (DSDV) routing protocol, ad hoc on-demand distance vector (AODV) routing protocol, dynamic source routing (DSR) protocol. However, the topology of VANET changes so fast that the routing tables need to be updated frequently, which may lead to flooding congestion of the network. Therefore, these routing protocols are not suitable for VANET. GPSR protocol [2–3] is based on current location information of vehicle nodes. The current routing node chooses a neighbor node which is nearest to the destination node as the next routing node in greedy mode. If the nearest node is itself, the greedy mode fails. Then, the node chooses next routing node according to right hand rule in perimeter mode. Received date: 10-06-2015 Corresponding author: Zheng Shihui, E-mail: [email protected] DOI: 10.1016/S1005-8885(15)60676-8
The current security mechanism of VANET mainly aims to resist the attacks from the nodes without legitimate identities, but it cannot identify or exclude selfish nodes or malicious nodes which are legitimate internal nodes (also called member nodes). Therefore, trust model is introduced to measure the behavior tendency of nodes and exclude selfish nodes and malicious nodes [4]. In 1994, Stephen [5] formalized the concept of trust for the first time. In 2001, Aberer et al. introduced trust model into P2P network [6]. Then, a number of trust models in P2P network were presented [7], such as trust model in eBay system (TMBS), eigen trust, power trust etc. Moreover, in 2004, Xiong et al [8] presented a trust model called peer trust, and an improvement named DyTrust was put forward by Chang et al [9] in 2006. DyTrust has outstanding dynamic adaptability and does well in defensing strategically altering behavior of some malicious nodes. There are many results about trust models in AODV protocol and DSR protocol [10], like trusted routing protocols AER-AODV [11], AOTDV [12], RTDSR [13] and FTDSR [14] etc. However, relevant research results in GPSR protocol are rare. In 2011, Li [15] presented a trusted routing protocol named improved GPSR by
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
introducing a special trust model, i.e., reputation model, into GPSR protocol. It focuses on the selfish nodes which discard data packets rather than forward them. In this protocol, a routing node monitors its next hop node to decide if the packet has been forwarded by the next hop node and gives the corresponding feedback value. The next hop node then updates the reputation value of itself based on the received feedback values. Meanwhile, the route selection rule is changed. The current routing node chooses the node with highest reputation value from the neighbor nodes that are nearer to the destination node than itself as the next routing node. As a result, the selfish nodes with low reputation values are excluded from the network. However, in the above reputation model, the reputation value of a node is computed and broadcasted by the node itself. The malicious nodes may deliberately broadcast fake high reputation values and thus they can be chosen as the next hop nodes. Therefore, these nodes cannot be distinguished from good nodes properly. This paper proposes a trusted routing protocol called Rep GPSR which introduces a reputation model based on DyTrust into GPSR protocol. The reputation values are computed by the intersection nodes so the threat of faking reputation value in Ref. [15] can be eliminated. Moreover, compared with improved GPSR, it reduces the number of feedback packets in each communication and optimizes the route selection algorithm to improve efficiency of communications. In addition, in GPSR protocol, a malicious node can fake a more advantageous location to greatly improve the chance of being selected as the routing node by its neighbors. Hence, Rep GPSR takes consideration of resisting this attack called black hole attack which does great harm to the network. It detects nodes conducting this attack through the location detection algorithm and then decreases their reputation values significantly through the reputation model. So the location-faking malicious nodes can be distinguished from good nodes, and the packet delivery ratio can be maintained at a high level.
2 Related knowledge Trust model is an evaluation system for the behavior of entities. It inputs the feedbacks according to behaviors between entities, and outputs the metrics of nodes’ trustworthiness. At present, trust models can be divided into two categories, i.e. subjective models and objective
23
models. In the subjective trust model, every node has different trust values seen from different other nodes. In the objective trust model, every node has only one unified trust value seen from all other nodes. The objective trust model can also be called reputation model and the unified trust value can be called reputation value. DyTrust model is a subjective trust model. In this model, every node i has a trust value Tijn to other node j. Here, superscript n represents the n-th time-frame. Tijn
is
defined by the direct trust value of node i to node j, denoted as Dijn , and the recommendation trust value to j from all the other nodes which has interacted with j. The trust metrics in DyTrust model are updated based on time-frames, thus DyTrust has outstanding dynamic adaptability to the changes of trust values. However, in VANET, node i and j have high probability of never encountering before, so there is no direct trust value Dijn . Moreover, it is too costly for node i to obtain the recommendation trust value from every other node. For this reason, the model presented in this paper is changed to an objective trust model which is called reputation model (see Sect. 3.2) in the rest of this paper.
3 Rep GPSR protocol Firstly, we give some assumptions of VANET. 1) In VANET, the intersection nodes are widespread and reliable. Meanwhile, they have enough capacity to calculate and store data. In addition, the adjacent intersection nodes can exchange data with each other by means of wired communication. 2) In VANET, every road is under the charge of a certain intersection node. 3) Every vehicle node is equipped with a GPS device and a map, so the vehicle node can get the twodimensional geographic coordinates of itself. 4) The signal sending devices of all vehicle nodes use the same power to send the signals and the receiving devices record the power of the received signals. Thus through the above two parameters, the receiver can calculate the distance between the sender and itself. 3.1
Framework of Rep GPSR
The new routing protocol is called Rep GPSR. The framework of Rep GPSR is shown in Fig. 1.
24
The Journal of China Universities of Posts and Telecommunications
2014
changed according to the network status. When the percentage of misbehaving nodes in the network is low, the value of ω can be set smaller. Otherwise, ω can be set larger to assure that the reputation value plays a more important role in the route selection. However, it should be smaller than 0.5 to assure that the location parameter is always playing the dominant role in the route selection.
(a) Framework of GPSR
3.2
Reputation model
The reputation model includes four phases: the initialization phase, the feedback values generation phase, the feedback values collection and reputation values calculation phase, the reputation values broadcast phase. Below, we first introduce the key algorithm in the third phase. 3.2.1
Fig. 1
There are three reputation metrics of the reputation model, i.e., short time reputation value RSnj , long time
(b) Framework of Rep GPSR Frameworks of GPSR and Rep GPSR
reputation value RLnj and misusing reputation accumulation
In Fig. 1(a) is the framework of GPSR protocol. Fig. 1(b) shows the framework of Rep GPSR. The route selection module input not only the location parameters L from the location notification module but also the reputation values R from the reputation model (see Sect. 3.2) to select a comprehensive optimal node i. Then, there is a location detection process (see Sect. 3.3) to the node i. If passing the detection, node i becomes the next routing node. Otherwise, the detection node sends a bad feedback to the reputation model and the route selection is executed again. The location parameter of node i, denoted as Li , is defined as follows: S − Si Li = max ; S max − Smin ≠ 0 Smax − S min
value RAn j . The smaller one of RSnj and RLnj is selected as the reputation value of j, denoted as R nj . RAn j is used in the update algorithm in the (n+1)-th time-frame. The metrics are updated in every time-frame based on a parameter named time-frame reputation value RTnj . 1) Time-frame reputation value RTnj calculation
Dijn in our model still represents the direct trust value of i to j. In the n-th time-frame, suppose that node i has interacted with node j m times. Dijn is defined as follows: m
∑e
n ijr
(1)
Si denotes the distance between node i and the destination node. Smax and Smin denote the longest and the shortest distances to the destination node among all the neighbor nodes, respectively. The decision parameter of i is denoted as Ci . The node with highest decision parameter is selected as the comprehensive optimal node. Ci is defined as follows:
Ci = ω Ri + (1 − ω ) Li
Reputation value update algorithm
(2)
Here, ω is a constant representing the weight of the reputation value, Ri ∈ [0,1] . The value of ω should be
n ij
D =
r =1
(3) m eijrn ∈ [0,1] denotes the feedback value from node i on
node j based on the r-th interaction in the n-th time-frame. Then, a set of nodes that have interaction with node j in the n-th time-frame is denoted as P(j). The time-frame reputation value of j is calculated by all the Dijn (i ∈ P(j)) as follows:
∑
n Tj
R =
Dijn
i∈P ( j )
| P( j) |
(4)
|P(j)| denotes the number of the members in set P(j). Through Eq. (4), it can be known that RTnj is the average
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
value of all the Dijn . 2) Reputation metrics update At the end of the n-th time-frame, the reputation metrics of this model are updated based on time-frame reputation value RTnj . If node j has no interaction with others in this time-frame, j’s reputation metrics remain unchanged. Otherwise, short time reputation value RSnj and long time reputation value RLnj are updated firstly. Then, reputation value
R nj
is updated accordingly. Finally, misusing
reputation accumulation value RAn j is updated. a) Short time reputation value RSnj reflects the behavior tendency of node j within a short time. It is calculated as follows: (5) RSnj = (1 − ρ ) RSnj−1 + ρRTjn Here,ρis the reputation learning factor. Its value is determined as follows: α ; RTnj − RSnj−1≥0 ρ= (6) β ; others β denotes the reputation dropping learning factor. It is a constant which is preset when the reputation model is initialized. αdenotes the reputation rising learning factor which is a variable and may decrease in the subsequent time-frames according to RAn j which is introduced below. The initial value of αis preset in the initial state and satisfies α<β. In this way, the effect that reputation values drop fast but rise slowly is ensured. b) Long time reputation value RLnj shows node j’s behavior tendency in a long time period. It is the average value of all the time-frame reputation values for n time-frames: RLnj−1 ( n − 1) + RTnj RLnj = (7) n c) Reputation value R nj is the smaller one of RSnj and
RLnj : R nj = min ( RSnj , RLnj )
(8)
In this way, some strategic behavior attacks can be resisted successfully. Specifically, if a malicious node j with long-run misbehaviors wants to pretend to be a good node by performing good behaviors in a short run, the result shows that RSnj ascends rapidly while RLnj still remains low. So, R nj remains low as well. In another case, a malicious node j hopes to accumulate high reputation
25
value through long-run good behaviors, followed by the implementation of malicious behavior attacks in a short run. However, the result manifests a high RLnj but a low
RSnj . So, R nj is also low. d) Misusing reputation accumulation value RAn j is the reputation metric which reflects the swing behavior attack that nodes are very rapid cycling between good and bad behaviors. It is defined as follows: n −1 n −1 n n −1 n R + R j − RTj ; R j − RTj > ε (9) RAn j = An j−1 RAj ; others The initial value RAj0 is preset as 0 and ε is the misusing accumulation threshold. If the result of R nj −1 − RTnj is greater than the threshold ε , the node is considered to have the suspicion of having conducted swing behavior attack. It results in a larger RAn j . The value of reputation rising learning factor α used in (n+1)-th time-frame is adjusted as follows: c (10) α =α0 c + RAn j Here, c is the penalty factor and α 0 is the initial value of α. If RAn j keeps the value 0, α remains unchanged. If
RAn j
increases, the value of α
decreases. In the
subsequent time-frames, it becomes more difficult to improve the reputation value of the node with a lower α . 3.2.2 Process of the reputation model The process of the reputation model is showed below. Step 1 The initialization of nodes In order to become legitimate internal nodes, the new nodes need to pass the authentication process to get the public and private key pairs from the authentication center. Meanwhile, the authentication center gives the initial reputation value to every new node. Because the range of the reputation value is [0,1], the initial reputation value is set as 0.5, which shows the uncertainty of the node’s behavior tendency. Step 2 The feedback values generation Feedback values are the input of the reputation model. Here, we simplify them to two fixed values, i.e., good feedback with value 1 and bad feedback with value 0. After a successful communication, the destination node gives good feedbacks on all the routing nodes in this communication. The destination nodes are the only sources
26
The Journal of China Universities of Posts and Telecommunications
of good feedbacks. The bad feedbacks should be generated according to misbehaviors. There are two kinds of misbehaviors we consider: faking location and discarding packets. For the location-faking behavior of malicious nodes, the location detection node works through the location detection algorithm (see Sect. 3.3) to judge whether a node has faked its location parameter. If the detected node is founded having faked location, a bad feedback is generated by the detection node. If the detected node is considered to be honest, the detection node does nothing. That is to say, there isn’t a good feedback about it. For the packet-discarding behavior of selfish nodes, due to the difficulties in detecting this kind of behavior, this scheme doesn’t detect it or send bad feedback according to it. However, the reputation values of selfish nodes remain unchanged all the time. So, selfish nodes can also be distinguished from good nodes. Step 3 The feedback values collection and the reputation values calculation The member node that gives the feedbacks generated in Step 2 should send its feedback values to the intersection node. It sends the feedback packet when entering the communication range of the intersection node. Since the member node has the public and private key pair generated in Step 1, the feedback values should be sent together with a signature. When the intersection node receives the feedback packet, it verifies the identity of the sender. If the sender is confirmed as a member node, the feedback values are accepted. Otherwise, the feedback values are invalid. The intersection node exchanges the accepted feedback values with the adjacent intersection nodes. Then, the intersection node calculates the reputation values of the vehicle nodes on the roads under its management according to the reputation update algorithm described in Sect. 3.2.1. Step 4 The reputation values broadcast The intersection node gathers all the reputation values updated by its adjacent intersection nodes and itself to form a reputation list and signs it with the secret key. Then, the intersection node broadcasts the reputation list together with the signature. When a vehicle node passes by the intersection node, it can receive the reputation list and verify it. If the sender is confirmed as this intersection node, the vehicle node accepts this reputation list and stores it until receiving a new one from another intersection node at the next intersection.
3.3
2014
Location detection algorithm
To suppress the location-faking behavior, this model introduces a location detection process to the selected comprehensive optimal node in the route selection process. The basis of the detection algorithm is the path loss formula of signal strength, as follows: (11) L p = Ad α A and α denote the propagation constant and the path loss coefficient separately and they are constants that can be obtained by experiments on the relevant devices. L p is the path loss of the signal, which can be calculated by the transmit power of the sender and the received power. d represents the distance between the sender and the receiver. Obviously, the distance d can be calculated according to Eq. (11). Let the nodes i, j, k are three vehicle nodes which can communicate directly with each other. Node i is the comprehensive optimal node selected by node j in the route selection process, the location detection process is described as follows: Step 1 Node j calculates the distance between i and j which is denoted as dij by its location and i’s claimed location. Then, node j obtains the path loss L p by accessing the receiving device and calculates the real distance denoted as dij′ according to Eq. (11). When
σ = d ij′ / d ij − 1 ≤0.05 , the detection goes into Step 2. Otherwise, node i is considered to have faked location information. Step 2 Node j requests the common neighbor k of i and itself to help with the detection. After receiving the request from j, k searches its neighbor list to find i’s claimed location and verifies it according to Step1. If i passes successfully, k does nothing. Otherwise, k broadcasts a warning message. Step 3 When j sends the request to k, j sets a detection time t and starts a countdown clock. Before the end of the countdown clock, if j receives the warning broadcast, it considers i as a malicious node. Otherwise j considers i as an honest node.
4 Simulation 4.1
Experimental environment
This simulation constructs a traffic network including 12
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
roads which are 2 km long and 12 intersection nodes (as Fig. 2).
27
ni (12) N Here, ni and N represent the number of successful
E ( ∆t ) =
interactions and the number of total interactions of node i in the t-th ∆ separately. Ti (t ) denotes the reputation value of i at the end of the t-th ∆ : (13) Ti ( t ) = Ti ( t − 1) 1 + Ei ( ∆t ) − Ei ( ∆ ( t − 1) ) However, the initial values Ti ( 0 ) and Ei (∆0) are not given in Ref. [15]. According to the Eq. (13), Ti ( 0 ) must be a nonzero value. The initial reputation value of Rep GPSR is 0.5, so we preset Ti ( 0 ) as 0.5 for the convenience of Fig. 2
Network topology
Simulation settings is showed below: OS: Windows 7 Platform: eclipse Language: Java The number of vehicle node: 600 Communication raduis: 304 m speed of vehicles: 10 m/s~20 m/s data packet size: 512 byte bandwidth: 2 Mbit/s Location notification interval: 0.1 s Reputation update interval: 1 s Simulation time: 60 s Intensity of communication: 30 times/s Parameters in Rep GPSR is showed below: Initial reputation value R0: 0.5 Initial short time reputation value RS0 : 0.5 Initial long time reputation value RL0 : 0.5 Reputation rising learning factor α 0 : 0.2 Reputation dropping learning factor β : 0.3 Misusing accumulation threshold ε : 0.05 Punishment control factor c: 0.1 Weight of reputation value ω : 0.3—0.5 Improved GPSR protocol in Ref. [15] distinguishes selfish nodes from good nodes by a reputation model. However, some initial parameters of the experiments are not given in Ref. [15]. In order to compare it with Rep GPSR presented in this paper, we discuss the preset values of Ei (∆t ) and Ti (t ) . In the t-th time interval ∆ , a parameter named trusted experience of node i is denoted as Ei (∆t ) . It is calculated as follows:
comparison. Then, we assign the value of Ei ( ∆0 ) as 0, 0.5 and 1 separately. The results show when Ei ( ∆0 ) is set as 1, the reputation values of good nodes don’t rise all the time but decline occasionally, which is detrimental to packet delivery ratio. However, when the value is 0.5 or 0, packet delivery ratio is higher. Therefore, in the following simulation we preset Ei ( ∆0 ) as 0 for simplicity. Moreover, when node i has no interaction with others in t-th ∆ , i.e. ni =N= 0, Ei ( ∆0 ) is not defined in Ref. [15]. We discuss the following two situations. If the value of Ei (∆t ) is set as 0, the reputation values of these good nodes decline sharply and near to 0 , which leads to very low packet delivery ratio. If the value of Ei ( ∆0 ) is set as a nonzero value, like 0.5 or 1, the reputation values of selfish nodes may rise sometimes, which is unreasonable. Consequently, the best choice is to keep the reputation value of the node which has no interaction unchanged. 4.2
Comparative analysis
The simulation in this section is carried out under two conditions. Condition 1: The senders and the receivers of communications are chosen randomly. Condition 2: The simulation is carried out under the selfish nodes which discard packets and the percentage of the selfish nodes ranges from 0 to 10%. The following data derives from the average value of 10-times results. 1) Packet delivery ratio Packet delivery ratio is an important index to measure
28
The Journal of China Universities of Posts and Telecommunications
the effectiveness of a routing protocol. As shown in Fig. 3, the packet delivery ratio in GPSR declines significantly when the percentage of selfish nodes increases from 0 to 10%. However, in Rep GPSR and improved GPSR, the decrease is slight. The results are benefited from the reputation models introduced into those routing protocols.
GPSR. In addition, the normalized routing load in GPSR shows a significant rise. It results from the sharp decline in the number of successful communications but the number of routing control packets doesn’t rise.
Fig. 4 Fig. 3
Packet delivery ratio
2) Normalized routing load Generally, the reputation model brings more cost to the network. Normalized routing load is commonly used to measure the routing load. It is defined as follows: N + N fc Lnr = sc (14) N com Where Lnr
denotes normalized routing load, N sc
denotes the times of routing control packets being sent and N fc denotes the times of routing control packets being forwarded,
N com
denotes the number of successful
communications. In GPSR protocol, the routing control packets are the location notification packets broadcasted regularly. In improved GPSR, the routing control packets contain the feedback packets and the location notification packets in which the reputation values can also be attached. In Rep GPSR presented in this paper, the routing control packets contain the location notification packets, the feedback packets and the reputation lists. As illustrated in Fig. 4, the normalized routing load in Rep GPSR is always smaller than in improved GPSR with the increase of the number of selfish nodes. This can be attributed to the fact that only one feedback packet which includes all feedback values on every routing node is sent after one successful communication in Rep GPSR, while in improved GPSR, every routing node sends a feedback packet on its next hop. Consequently, the number of feedback packets in Rep GPSR is fewer than in improved
2014
Normalized routing load
3) Average number of hops of communications When the time complexity of route selection of different routing protocols is similar, the number of hops of a communication is the major factor in the end-to-end time delay. In these experiments, the average number of hops of successful communications is counted. As illustrated in Fig. 5, the average number of hops in Rep GPSR is always fewer than in improved GPSR. This is because that the route selection algorithm of Rep GPSR considers location parameter as a major factor while in improved GPSR, nodes select routing nodes totally on the basis of better reputation value, which results in an obvious increase of the number of communication hops.
Fig. 5
Average number of hops of communications
What’s more, the average number of hops in GPSR declines sharply with the increase of the number of selfish nodes. The reason is that the communications which need more hops are more sensitive to the increase of the number of selfish nodes. When the number of selfish nodes
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
increases, the number of failed communications which need more hops increases more rapidly. The failed communications are not counted to calculate the average number of hops. 4) Participation ratio and distinguishing ratio of good nodes Participation ratio of good nodes represents the percentage that good nodes selected as routing nodes accounts for of total good nodes. In a network with balanced load, the probability of being chosen for every good node should be almost the same. Under the condition 1, the participation ratio of good nodes after enough communications can be predicted as close to 1. Fig. 6 shows the participation ratio of good nodes in the three protocols.
misbehaving nodes. So, the value of distinguishing ratio of good nodes equals to the value of participation ratio of good nodes. A good reputation model should have high distinguishing ratio of good nodes. As shown in Fig. 7, the distinguishing ratio of good nodes in Rep GPSR is always more than 90%. However, it is below 70% all the time in improved GPSR. This shows a bad ability of distinguishing. In addition, Fig. 7 also shows that the distinguishing ratio of good nodes in improved GPSR rises a little when the number of selfish nodes increases. This is only because that the total number of good nodes decreases. However, the number of good nodes which have been distinguished from misbehaving nodes doesn’t rise anyway.
Fig. 7 Fig. 6
Participation ratio of good nodes
As shown in Fig. 6, the participation ratio of good nodes in GPSR is almost 1 all the time and the participation ratio of good nodes in Rep GPSR is also higher than 90%. However, there are more than 30% good nodes which are always excluded from the interaction in improved GPSR. This result suggests a very unbalanced load. It results from the dominant role of the reputation value in the route selection process. Obviously, in improved GPSR, nodes have the same reputation values in the initial state. When the network starts to work, the reputation values of some good nodes that have been selected as routing nodes at first are improved. Compared with other nodes, these good nodes have higher reputation values and have the absolute advantage of being selected as routing nodes continually. As a result, there are a number of good nodes that have never been selected. Distinguishing ratio of good nodes represents the percentage that good nodes which are distinguished from misbehaving nodes accounts for of total good nodes. If a good node has participated in communication and its reputation value has risen, it is distinguished from
29
4.3
Distinguishing ratio of good nodes
Simulation under malicious nodes
Considering the importance of location information in GPSR, the malicious nodes have a great probability of faking the location notification in black hole attack. When malicious node k notices that its neighbor node i has forwarded a packet to its neighbor node j, node k will pretend to be the optimal next hop of j by broadcasting the fake location notification. If k is selected as the next routing node by j, k can eavesdrop, falsify and discard the packet. In this simulation, we suppose that the location-faking malicious node k will discard the packet after receiving it. As shown in Fig. 8, GPSR cannot resist location-faking attack, so the packet delivery ratio declines significantly. In Rep GPSR, these malicious nodes can be found by means of the location detection algorithm. Furthermore, their reputation values are decreased by reputation model and they are excluded from the network. Hence, the packet delivery ratio in Rep GPSR is maintained at a high level.
30
The Journal of China Universities of Posts and Telecommunications
2014
4.5 Simulation under a large number of selfish nodes and malicious nodes
Fig. 8 Packet delivery ratio under malicious nodes
Overall effectiveness under selfish nodes and 4.4 malicious nodes The experiments under 2% selfish nodes and 2% malicious nodes are carried out to show the overall effectiveness. Fig. 9 shows the change trends of the average reputation values of the three kinds of nodes in 60 s. Obviously, most of malicious nodes and selfish nodes can be easily distinguished from good nodes.
Fig. 9
The above experiments show the better performance of Rep GPSR compared with GPSR and improved GPSR under a small amount of misbehaving nodes. When the number of misbehaving nodes increases, the effectiveness of Rep GPSR deteriorates. To show this trend, the following experimental results are counted. 1) The distinguishing effect According to the different reputation values, selfish nodes and malicious nodes can be distinguished from good nodes. The experimental result under 50% selfish nodes and 50% good nodes is showed in Fig. 11(a). The experimental result under 50% malicious nodes and 50% good nodes is showed in Fig. 11(b). As shown in Fig. 11(a), when selfish nodes are numerous, the average reputation value of good nodes has a slow rise while the average reputation value of selfish nodes remains unchanged. In Fig. 11(b), when malicious nodes are numerous, the average reputation value of good nodes also rises slowly while the average reputation value of malicious nodes faces a violent drop.
Average reputation values of three kinds of nodes
The packet delivery ratio in Rep GPSR and GPSR is counted to show the overall effectiveness of the new protocol. As shown in Fig. 10, the packet delivery ratio in Rep GPSR rises to about 87% with the simulation time increasing while the packet delivery ratio in GPSR is always about 55%.
Fig. 10 Packet delivery ratio under selfish nodes and malicious nodes
(a)
Fig. 11 Average misbehaving nodes
(b) reputation
value
under
numerous
Issue 5
Xiao Ya, et al. / Trusted GPSR protocol without reputation faking in VANET
However, the reputation values of selfish nodes and malicious nodes still show different change trends from the reputation values of good nodes. Hence, they can still be distinguished from good nodes in this situation. 2) The effectiveness of the trusted routing protocol Although the misbehaving nodes can still be distinguished clearly from good nodes by the different reputation values, the effectiveness of Rep GPSR has a sharp decline because of the numerous misbehaving nodes. Below, the packet delivery ratio and the normalized routing load of Rep GPSR under selfish nodes or malicious nodes ranging from 10%~50% are counted. When the proportion of selfish nodes increases from 10% to 30%, the packet delivery ratio decreases slowly. However, when the proportion exceeds 30%, the packet delivery ratio drops dramatically. When selfish nodes account for half of total nodes, the packet delivery ratio is below 50%. Normalized routing load is the result of the times routing control packets being sent and forwarded divided by the number of successful communications. Therefore, the sharp decline in successful communications also leads to a rapid rise in the normalized routing load. As shown in Table 1, it rises rapidly when selfish nodes exceeds 30%. In this case, the network status becomes awful. Table 1 Packet delivery ratio and normalized routing load of Rep GPSR under numerous selfish nodes Percentage of selfish nodes 10% 20% 30% 40% 50%
Packet delivery ratio 0.841 1 0.805 1 0.741 6 0.584 9 0.403 5
Normalized routing load 241.9 268.4 295.7 375.3 566.5
Table 2 shows the performance of Rep GPSR under malicious nodes. The change trends of the performance are similar to the change trends when selfish nodes involved. When the percentage of malicious nodes exceeds 30%, the performance suffers from serious deterioration. Table 2 Packet delivery ratio and normalized routing load of Rep GPSR under numerous malicious nodes Percentage of malicious nodes 10% 20% 30% 40% 50%
Packet delivery ratio 0.885 6 0.821 8 0.749 7 0.621 3 0.441 5
Normalized routing load 246.0 290.5 352.5 508.1 663.0
In addition, compared with the situation under selfish nodes, the normalized routing load rises more sharply
31
because of the numerous extra feedback packets on the location-faking nodes.
5 Conclusions A reputation model is presented by transforming the subjective model DyTrust into an objective one. It distinguishes selfish nodes and malicious nodes from good nodes through the different change trends of the reputation values. In the route selection process of Rep GPSR, the reputation value is considered as a minor factor to exclude selfish nodes and malicious nodes. The simulation indicates that Rep GPSR has a good effect of assuring high packet delivery ratio and maintaining good performance. Moreover, Rep GPSR prevents a kind of reputation-faking attack existing in improved GPSR by using the intersection nodes to calculate and broadcast the reputation values. However, it brings the hidden problem of single node invalidation. In other words, if an intersection node doesn’t work, the reputation values of vehicle nodes on this road are unavailable. Furthermore, this scheme lacks the mechanism to prevent dishonest feedbacks from internal nodes. If there are numerous these dishonest feedback nodes, it will cause great harm to the reputation model. This problem is also an open problem. Acknowledgements This work is supported by the National Natural Science Foundation of China (61502048), 242 Foundation (2015A071, 2015A136).
References 1. Tyagi P, Dembla D. Investigating the security threats in vehicular ad hoc networks (VANETs): Towards security engineering for safer on-road transportation. Proceedings of the 2014 International Conference on Advances in Computing, Communications and Informatics (ICACCI’14), Sept 24−27, 2014, New Delhi, India. Piscataway, NJ, USA: IEEE, 2014: 2084−2090 2. Karp B, Kung H T. GPSR: Greedy perimeter stateless routing for wireless networks. Proceedings of the 6th Annual International Conference on Mobile Computing and Networking (MOBICOM’00), Aug 6−11, 2000, Boston, MA, USA. New York, NY, USA: ACM, 2000: 243−254 3. Tu H Y, Peng L, Li H Y, et al. GSPR-MV: A routing protocol based on motion vector for VANET. Proceedings of the 12th International Conference on Signal Processing (ICSP’14), Oct 19−23, 2014, Hangzhou, China. Piscataway, NJ, USA: IEEE, 2014: 2354−2359 4. Bao F Y, Chen I R, Chang M J, et al. Hierarchical trust management for wireless sensor networks and its applications to trust-based routing and intrusion detection. IEEE Transactions on Network and Service Management, 2012, 9(2): 169−183
To p. 55
Issue 5
of
China
Huang Yu, et al. / Electromagnetic effects of nearby NaCl solution on RFID tags based on dynamic…
(61475071);
(BK20141032);
the
Jiangsu
China
Natural
Science
Foundation
Postdoctoral
Science
Foundation
(2013M531363); the Postdoctoral Science Foundation of Jiangsu
5.
Province (1202020C); the Science and Technology Project of General Administration of Quality Supervision, Inspection and
6.
Quarantine of China (2013QK194); the Science and Technology Project of Quality and Technical Supervision of Jiangsu Province
7.
(KJ133818).
References 1. Koo T W, Kim D, Ryu J I, et al. Design of a label-typed UHF RFID tag antenna for metallic objects. IEEE Antennas and Wireless Propagation Letters, 2011, 10: 1010−1014 2. Moradi E, Björninen T, Ukkonen L, et al. Characterization of embroidered dipole-type RFID tag antennas. Proceedings of the 2012 IEEE International Conference on RFID-Technologies and Applications (RFID-TA’12), Nov 5−7, 2012, Nice, France. Piscataway, NJ, USA: IEEE, 2012: 248−253 3. Virtanen J, Björninen T, Ukkonen L, et al. Passive UHF inkjet-printed narrow-line RFID tags. IEEE Antennas and Wireless Propagation Letters, 2010, 9: 440−443 4. Wu D, Wang D. Experimental study of UHF RFID performance in liquid
8. 9.
10.
11. 12.
55
environment. Proceedings of the 2011 IEEE International Conference on Intelligent Computing and Intelligent Systems (ICIS’11), Nov 18−20, 2011, Guangdong, China. Piscataway, NJ, USA: IEEE, 2011: 493−496 Griffin J D, Durgin G D. Complete link budgets for backscatter-radio and RFID systems. IEEE Antennas and Propagation Magazine, 2009, 51(2): 11−25 Nikitin P V, Rao K V S . Theory and measurement of backscattering from RFID tags. IEEE Antennas and Propagation Magazine, 2006, 48(6): 212−220 Koski E, Bjorninen T, Ukkonen L, et al. Radiation efficiency measurement method for passive UHF RFID dipole tag antennas. IEEE Transactions on Antennas and Propagation, 2013, 61(8): 4026−4035 Dobkin D M. The RF in RFID: Passive UHF RFID in practice. Amsterdam, Netherland: Elsevier, 2008 Mo L F, Zhang H J, Zhou H L. Analysis of dipole-like ultra high frequency RFID tags close to metallic surfaces. Journal of Zhejiang University: Science A, 2009, 10(8): 1217−1222 Yu X L. RFID anti-collision and reading distance measurement system of multi-tag under gate entrance environment. China Patent. ZL 201320196269.2. Apr 18, 2013 (in Chinese) Dean J A. Lang's handbook of chemistry. 2nd ed. Beijing, China: Science Press, 2003: 8.156−8.168 Griffin J D, Durgin G D, Haldi A, et al. RF tag antenna performance on various materials using radio link budgets. IEEE Antennas and Wireless Propagation Letters, 2006, 5(1): 247−250
(Editor: Lu Junqiang)
From p. 31 5. Stephen M. Formalising trust as a computational concept. Ph D Thesis. Stirling, UK: University of Stirling, 1994 6. Aberer K, Despotovic Z. Managing trust in a peer-2-peer information system. Proceedings of the 10th International Conference on Information and Knowledge Management (CIKM’01), Nov 5−10, 2001, Atlanta, GA, USA. New York, NY, USA: ACM, 2001: 310−317 7. Kun H, Lu W. Research of trust model based on peer-to-peer network security. Proceedings of the 2013 International Conference on Information Technology and Applications (ITA’13), Nov 16−17, 2013, Chengdu, China. Piscataway, NJ, USA: IEEE, 2013: 126−129 8. Xiong L, Liu L. Peertrust: Supporting reputation-based trust for peer-to-peer electronic communities. IEEE Transactions on Knowledge and Data Engineering, 2004,16(7): 843−857 9. Chang J S, Wang H M, Yin G. DyTrust: A time-frame based dynamic trust model for P2P systems. Chinese Journal of Computers, 2006, 29(8):1301−1307 (in Chinese) 10. Thorat S A, Kulkarni P J. Design issues in trust based routing for MANET. Proceedings of the 2014 International Conference on Computing,
11.
12. 13.
14.
15.
Communication and Networking Technologies (ICCCNT’14), Jul 11−13, 2014, Hefei, China. Piscataway, NJ, USA: IEEE, 2014:7p Mukherjee S, Chattopadhyay M, Chattopadhyay S. A novel encounter based trust evaluation for AODV routing in MANET. Proceedings of the 2015 International Conference on Applications and Innovations in Mobile Computing (AIMoC’15), Feb 12−14, 2015, Kolkata, India. Piscataway, NJ, USA: IEEE, 2015:141−145 Li X, Jia Z, Zhang P, et al. Trust-based on-demand multipath routing in mobile ad hoc networks. IET Information Security, 2010,4(4): 212−232 Laidoui F, Bouabana-Tebibel T. Reinforcement of trust in DSR. Proceedings of the IEEE 14th International Conference on Information Reuse and Integration (IRI’13), Aug 14−16, 2013, San Francisco, CA, USA. Piscataway, NJ, USA: IEEE, 2013: 708−711 Xia H, Jia Z, Ju L, et al. Trust management model for mobile ad hoc network based on analytic hierarchy process and fuzzy theory. IET Wireless Sensor Systems, 2011,1(4): 248−266 Li J M. New trusted routing protocol in vehicular ad hoc network. Journal of Jilin University: Engineering and Technology Edition, 2011, 41(1): 198−202 (in Chinese)
(Editor: Lu Junqiang)