A Study on Trust Management Algorithms for the Social Internet of Things

XIE YINAN

SCHOOL OF COMPUTER SCIENCE AND ENGINEERING

2016

A Study on Trust Management Algorithms for the

Social Internet of Things

XIE YINAN SCHOOL OF COMPUTER SCIENCE AND ENGINEERING

A DISSERTATION SUBMITTED IN PARTIAL FULFILMENT OF THE REQUIREMENT FOR THE DEGREE OF MASTER OF SCIENCE IN

DIGITAL MEDIA TECHNOLOGY

2016

Contents

Abstract ............................................................................................................................ III

Acknowledgements .......................................................................................................... IV

Acronyms .......................................................................................................................... V

List of Figures .................................................................................................................. VI

List of Tables ................................................................................................................. VII

1. Introduction ................................................................................................................ 1

2. Previous Works .......................................................................................................... 4

2.1 WSN and MANET ................................................................................................... 4

2.2 Challenges of IoT Trust Management...................................................................... 5

2.3 Trust Attack Model .................................................................................................. 7

2.4 IoT Trust Management Model ................................................................................. 8

2.4.1 Trust Composition ............................................................................................. 9

2.4.2 Trust Propagation .............................................................................................. 9

2.4.3 Trust Aggregation .............................................................................................. 9

2.4.4 Trust Update .................................................................................................... 10

2.4.5 Trust Formation ............................................................................................... 10

3. IoT Trust Management Algorithm ........................................................................... 11

3.1 TRM-IoT [21] ........................................................................................................ 11

3.1.1 Introduction ..................................................................................................... 11

3.1.2 Main Theory .................................................................................................... 11

3.2 Dynamic Trust Management for IoT Applications [22] ........................................ 12

3.2.1 Introduction ..................................................................................................... 12

3.2.2 Main Theory .................................................................................................... 13

3.3 Trust Management for SOA-based IoT [23] .......................................................... 14

3.3.1 Introduction ..................................................................................................... 14

3.3.2 Main Theory .................................................................................................... 15

3.4 A Context-Aware and Multi-Service Approach [24] ............................................. 16

I

3.4.1 Introduction ..................................................................................................... 16

3.4.2 Main Theory .................................................................................................... 16

3.4.3 Conclusion ....................................................................................................... 17

4. IoT Simulation Tools Selection ................................................................................ 18

4.1 IoT Simulation Tools Requirements ...................................................................... 18

4.2 IoT Simulation Tools Comparison ......................................................................... 19

5. Simulation ................................................................................................................ 23

5.1 Simulation Workflow ............................................................................................. 23

5.2 Simulation Result ................................................................................................... 25

5.2.1 Protection against Bad-Mouthing Attack ........................................................ 28

5.2.2 Protection against On-Off Attack .................................................................... 29

5.2.3 Protection against Opportunistic Service Attack ............................................. 31

5.2.4 Protection against Self-Promoting Attack ....................................................... 31

6. Conclusions and Future Work .................................................................................. 33

6.1 Conclusion.............................................................................................................. 33

6.2 Recommendations for Further Research ................................................................ 33

References ........................................................................................................................ 35

Appendix A ...................................................................................................................... 38

II

Abstract The Internet of Things (IoT) has started to gain new momentum in recent years. Things

like Smart City, Smart Health Devices, WSN, and MANET are only a small part of it. A

large number of applications and services for IoT have emerged into markets in various

areas, such as healthcare, transport, food safety, and remote control. While applying these

applications, large sensitive data are exposed. It is necessary to consider security problems

for IoT such as malicious attacks which would threaten personal privacy and important

information. A trust management model is considered as a method to defend IoT system

against malicious attacks and provide reliable data transmission.

In this dissertation, I investigate the challenges of IoT trust management system and then

I provide an overview and comparison of prevalent trust management algorithms for social

Internet of Things. Four papers which use dynamic weighted trust models are discussed

in details for case studies. Besides, I briefly mention the evaluation of various simulation

tools that are appropriate for new IoT requirements. Furthermore, I implement the selected

algorithms on OMNeT ++ platform and compare the simulation results such as the trust

convergence, accuracy and robustness on different sets of simulations. In addition, I will

talk about the future directions of IoT trust management system at the end.

Index Terms—Internet of Things, Trust Management, Simulation, Evaluation

III

Acknowledgements Thanks for my supervisor, Assoc. Prof. Zhang Jie for providing me this topic and his

continuous support of my M Sc. Dissertation. His guidance and advice helped me in all

time of research, helped me make a better plan and pushing me to learn new technologies.

In addition, I must acknowledge the teaching team of Digital Media Technology course. I

appreciate Assoc. Prof. HE Ying and Zheng Jianmin for their lectures and project on

advanced computer graphics and image processing which help me review the C++

programming and math. They have helped me understand the concepts and apply them in

this thesis. Furthermore, I appreciate the help from Wang Chengxin for helping me make

the right choice while implementing the algorithm.

Last but not the least, I would like to thank my parents for constantly supporting me in my

studies.

XIE YINAN

IV

Acronyms IoT Internet of Things

SOA Service Oriented Architecture

WSN Wireless Sensor Networks

VANET Vehicular Ad-hoc Networks

MANET Mobile Ad-hoc Networks

QR Quality of Recommendation

OOA On-Off Attack

BMA Bad-Mouthing Attack

BSA Ballot-Stuffing Attack

OSA Opportunistic-Service Attack

SPA Self-Promoting Attack

V

List of Figures Figure 1. Social Structures of IoT ...................................................................................... 2

Figure 2. Trust Computation Classification Tree .............................................................. 8

Figure 3. Direct Observation Trust .................................................................................. 13

Figure 4. Indirect Recommendation Trust ....................................................................... 14

Figure 5. Context-Aware Trust Model Phases................................................................. 16

Figure 6. Features of Current Testbeds towards Experimental Requirements ................ 22

Figure 7. Local IoT Infrastructure ................................................................................... 24

Figure 8. Trust Management Simulation Workflow ........................................................ 25

Figure 9. Node’s Trust Value without Transactions ........................................................ 27

Figure 10. Trust Value Evolution in Presence of BMA .................................................. 28

Figure 11. Context-Aware Trust QR Value Evolution in Presence of BMA .................. 29

Figure 12. Trust Value Evolution in Presence of OOA ................................................... 30

Figure 13. SOA-based Trust Management with Different PM ........................................ 30

Figure 14. Malicious Node Trust Value Evolution in Presence of OSA ......................... 31

Figure 15. Malicious Node Trust Evolution in Presence of SPA .................................... 32

Figure 16. Model Structure in OMNeT++ ....................................................................... 38

Figure 17. Definition and Structure of IoTNode ............................................................. 39

VI

List of Tables Table 1. Network Simulation Availability ....................................................................... 20

Table 2. Network Simulation Properties.......................................................................... 20

Table 3. Fuzzy Trust Parameters ..................................................................................... 26

Table 4. SOA-based Trust Parameters ............................................................................. 26

Table 5. Context-Aware Trust Parameters ...................................................................... 27

VII

1. Introduction

OT is the internet that makes each device, thing and each person become a locatable,

addressable, and readable counterpart. In this internet, virtual entities can produce and

consume services and cooperate for a similar goal. IoT is regarded as the next-generation

networking paradigm and service infrastructure. A large number of applications and

services for IoT have emerged into markets in various areas, such as healthcare, transport,

food safety, and remote control, which benefit people a lot. However, without developing

security and privacy mechanisms, malfunctions and attacks will overshadow it as well [1].

The IoT’s highly distributed nature and the limitation of the devices make malicious

entities have the opportunity to hack in. Easily accessible objects in city streets or other

unprotected zones are also vulnerable against attacks [1]. So security plays an important

role in IoT.

In order to facilitate IoT entities to detect malfunctions and establish proper collaboration,

trust management is considered as a key technique in IoT for providing qualified services,

enhancing user privacy and information security [2]. Trust is a complicated concept

containing not only security, but also strength, goodness, reliability and other properties

of an entity. Gambetta defines the trust in IoT as: "trust (or, symmetrically, distrust) is a

particular level of the subjective probability with which an agent assesses that another

agent or group of agents will perform a particular action, both before he can monitor such

action (or independently of his capacity ever to be able to monitor it) and in a context in

which it affects his own action (...)." [3]. Based on this definition, several trust

management systems try to give a measurement of the trust on the agent. And almost all

the systems utilize a scalar range from 0 to 1 to measure the trustworthiness, where 0

means no trustworthiness and 1 means complete trustworthiness. Reputation is another

most commonly used concept in the trust management system and it is usually achieved

by the accumulation of trustworthiness from the directed or indirect agents in the past

transaction.

I

1

In recent years, the idea that adds social networking elements into the IoT trust evaluation

becomes more and more popular. Social features allow different devices automatically

establish social connections and its aim is expected to make the discovery, selection,

cooperation of services, information provided by distributed objects and networks that

mentioned in [4], [5], [6] and [7] more clearly. Many researchers propose trust

management systems for the social IoT so that the new systems are able to react from

nodes’ past behaviors to finish different cooperative services. Social structures of the IoT

can be seen in the Figure1.

Figure 1. Social Structures of IoT , sourced from Bao, 2012

In this dissertation, trust management system for social IoT will be discussed in details.

By adding social features to IoT, trust value could be derived from their social

relationships. Besides, the evaluation of IoT simulation tools will be mentioned. At the

end of the dissertation, further trends of IoT trust model will be discussed. The

organization of this dissertation will be divided into 6 parts:

(1) Chapter 1 gives an introduction to the importance of IoT trust management.

2

(2) Chapter 2 covers the thorough literature review in IoT trust management, including

the challenges of the IoT trust management and the summary of existing trust models and

attack models.

(3) Chapter 3 introduces four typical trust models for social IoT.

(4) Chapter 4 briefly illustrates the evaluation of IoT simulation tools.

(5) Chapter 5 provides the experimental analysis and comparison of different dynamic

weighted trust algorithms for social IoT.

(6) Chapter 6 concludes the entire dissertation and provides an outlook for the future study.

3

2. Previous Works

This chapter firstly introduces two important networks, WSN and MANET, which are

highly related to IoT. Then, comparing to WSN and MANET, I derive the challenges of

IoT trust models. Finally, I summarize the IoT trust models and attack models of recent

literatures.

2.1 WSN and MANET

Wireless sensor network (WSN) is a network used for monitoring and recording the

communication infrastructure at different locations. The sensor network is comprised of

sensor nodes, also known as detection station, each of which is small, lightweight and

portable. Each sensor node is provided with a sensor, a microcomputer, a transceiver and

a power source. Mobile ad hoc networking (MANET) is a type of ad hoc network that can

change locations and configure itself on the air. They use wireless connections such as

WI-FI, cellular or satellite transmission to log into various networks. VANET is a type of

MANET that allows vehicles to communicate with roadside equipment.

In the WSN and MANET security field, it has been widely studied in trust and reputation

management. Both of the WSN and MANET can manage a practical model for trust

management, and the refinement is still being proposed such as the hierarchical POMDP

based approach [8] and watchdog optimization[9] etc. As for the VANET, it ([10]) has

represented a secure and efficient scheme that is proved to be robust and fault tolerant

against temporary unavailability of the central server. And from another survey of

VANET [11], we can also find other trust management system that has achieved

robustness.

WSN and VANET are considered to be key technologies for several IoT application

domains in smart cities [12]. These two networks do have similar challenges of IoT trust

management. For example, sensor devices are usually equipped with a constrained battery

4

and work in an unattended mode to adapt various harsh environments such as the deep

desert and ocean abyss for a long period of time [9]. Energy consumption should be an

important issue in IoT, because we need to monitor them almost every second. Watchdog

systems have been widely used in WSNs systems, and there are several ways to solve the

restricted energy and limited storage such as [8], [9] and [13]. The nature of VANET

environments, which are large, decentralized, open, sparse and highly dynamic could also

be found in IoT system. There is also research on merging this two kind of network

together.

2.2 Challenges of IoT Trust Management

However, existing WSN and MANET are inadequate for IoT. IoT actually expands on

WSN and VANET requirements, which could be concluded as wider architectures, more

heterogeneous, inconstant resource capabilities and increased autonomy. The IoT trust

management must have strong security assurance for all IoT nodes at all circumstances,

from the identification of objects to the provisioning of services, from the acquisition of

data to the governance of the entire infrastructure. This kind of security mechanism should

take services into consideration from the very beginning of that entity’s life cycle. The

challenges of IoT trust management are as follows:

Heterogeneity

The Internet of Things interacts with the physical world with a large number of different

things which only have an interface in common in order to transmit. The differences

between those things can be the operating system, connectivity, I/O channels, and

performance. A cause for these differences may be the hardware of the things which may

lead to different computational power, storage capacity and energy consumption [3].

Everything connecting into IoT could be viewed as a node, which could be locatable,

addressable, and they may use different protocols and various data structures to

communicate. Therefore, security protocols that connect all these nodes into IoT should

be light-weighted and have good transformation property.

5

Scalability

Things connecting to the Internet of Things keep increasing would lead to countless

numbers of communication, transactions of information. Trust management system should

be robust enough to handle the sudden increasing data transaction using load balance

algorithms or other well-designed structures to alleviate the traffic jam. We need to keep

enough numbers of devices that are runnable in order to stay fully functional.

Data and Privacy

In terms of IoT, millions of data will flow into this highly automatic network. In this kind

of internet, one could get the profile of other persons without his/her permission. Data

privacy is one of the most sensitive subjects not only in IoT but also in all kinds of

information transaction systems. In addition， in IoT environment, the elements are

highly heterogeneous, the mechanism or the security protocol should consider the

properties of the IoT entities that many nodes do not have sufficient space or computation

ability to handle all the request that a server asks it to do. Therefore, single data

management may not be available to handle such diverse mechanisms. To manage such

big amount of data, we need the mechanism has the ability to deal with the transactions,

interpreting, and optimally balance all the rules.

Identity

Identity management is an important aspect of the internet of things which must be taken

into account by trust and reputation systems. Nodes in IoT may have a core identity and

several further identities and it is possible that node hides its true identity. Identity

management pays attention to authorization as well. Authentication and authorization

have some open research issues at the same time. The issues aims at how to balance the

system between the centralized and distributed way to cope with the trusted delivery.

Trust and governance

Trust is more than helping the IoT nodes to find a better trustee to contact with, or reducing

the uncertainty while they are interacting. Such mechanism could be well designed in

order to not only find the partner for meeting the needs but should also understand what

6

it means while providing the trust services. Governance helps to strengthen confidence on

the Internet.

2.3 Trust Attack Model

Besides the above mentioned challenges of IoT infrastructure, malfunctions and attacks

are also a big issue for developing IoT environment. Generally speaking, an agent in a

network would suffer communication protocol attacks that could interfere with the

network operations. I assume that these attacks have already handled by intrusion

detection techniques [14], [15], and will not be considered in this dissertation. In social

IoT, only trust-related attacks will be discussed in disrupting the trust management system.

A malicious node in IoT can perform the following attacks:

On-Off Attack (OOA)

OOA could be viewed as a random attack, just like its name, a malicious node could turn

on or turn off its switch to serve useful services. With this mechanism, the node will not

get low trust value and could perform an attack before the trust system being aware of.

With its feature of randomness, this attack is the hardest to be detected.

Opportunistic Service Attack (OSA)

Like the On-Off Attack could behave bad or good at different time, a malicious node

carries OSA could perform good service for one kind of service and misbehave for another

service. It is also known as a selective behavioral attack.

Self-Promotion Attack (SPA)

This kind of attack seems like bragging itself to gain more trust from the peers in order to

be selected as a service point, but then they will perform bad services.

Bad-Mouthing Attack (BMA)

The bad nodes make other well-behaved nodes lose high reputation by providing them

7

bad trust evaluation in order to decrease their chance to be selected as serving nodes. This

mechanism would increase other bad nodes to be selected and mess up the normal services

so that qualified services would not be done in an efficient way.

Ballot-Stuffing Attack (BSA)

The bad nodes collide with each other and intentionally vote for one of their peers in order

to increase the opportunity of the malicious node being selected as a recommended node.

2.4 IoT Trust Management Model

In order to design a trust model for IoT, which could handle the above mentioned

challenges and attack models, several IoT trust management systems have been generated,

and the trust computation almost falls into the classification in Figure 2. Five design

dimensions are introduced in the classification: trust propagation, trust composition, trust

update, trust aggregation and trust formation. The most commonly used methods are

marked with red color, and then the yellow ones, the blue ones mean the fewest visited

methods.

Figure 2. Trust Computation Classification Tree

8

2.4.1 Trust Composition

Trust composition determines which kind of trust values should be taken into

consideration. Usually, the QoS (quality of service) and social trust are two main

components. QoS trust means that the performance of an IoT node could serve. It is

usually measured by packet delivery ratio, load balance, energy consumption etc. Social

trust is the evaluation of social contact, the social relationship is divided by community of

interest (CoI). When a node has several choices, it would first select those nodes who have

social connections rather than unrelated devices.

2.4.2 Trust Propagation

In general, centralized and distributed systems are prevalent methods used in IoT trust

system. Distributed trust propagation defines that IoT devices store trust observations

towards their peer nodes without the use of a centralized server. The nodes in a distributed

system using their constrained storage space to restore historical transaction information

and handle the forwarding packages. Centralized trust propagation refers to those models

which need unified services to deal with the entity requesting and a centralized entity to

restore the trust values. The trust could only be acquired from the central server and the

server is well assigned according to different communities.

2.4.3 Trust Aggregation

Trust aggregation provides a concept that gathers all the feedback from directed or

undirected peer observation of the trust evaluation. Weighted sum method [16], [17], as

the prevalent technique to be used, refers to add weights to direct or indirect trust. It could

be developed in both fixed and dynamic way. Belief theory method [18], known as

Dempster–Shafer theory as well, is a framework used for balancing uncertainty. It could

also serve as connected to other probability theories frameworks. Bayesian inference [19]

becomes a popular trust computation model because of it's easy to implementation and

well statistical basis. With Bayesian inference, parameters in the model with a probability

distribution are updated upon new events. Regression Analysis [20] is a statistical way to

estimate relationships between trust and a set of variables characterizing the behavior of

a node.

9

2.4.4 Trust Update

In general, there are two schemes involving the trust model: time-driven scheme and

event-driven scheme. The time-driven scheme decreased the importance of trust reports

that were made a long time ago. Usually, the latest evaluated trustworthiness get bigger

weights. Event-driven scheme refers to a node’s trustworthiness get updated after an event

or transaction is made. We can also combine these two methods into one equation by

assigning different weights or coefficients.

2.4.5 Trust Formation

Trust formation provides the scheme to form the overall trust by using different trust

criteria. Single trust refers to the scheme that only one trust property is involved in a trust

protocol. For example, quality of services is considered the single most important metric

in social IoT. Dynamic trust implements the common belief that trust evaluation should

be multidimensional. Various trust properties such as intimacy, honesty, unselfishness and

competence should be deemed to assess the overall trust value of a node.

10

3. IoT Trust Management Algorithm

In this chapter, I choose four papers to give an overview of dynamic weighted trust

algorithms for social IoT. The first paper gives the basic human-assisted dynamic

weighted trust management to evaluate the trustworthiness with fuzzy reputation. The

second paper proposes a dynamic trust management for a community-based social IoT

environment by considering multiple social relationships among device owners. The third

paper introduces social relationships into the system and uses mean square error to decide

the weights of directed trust and indirect trust. The third paper provides an optimization

method towards the second one. The last paper proposes an automatic way to update trust

evaluation to defense various attacks.

3.1 TRM-IoT [21]

3.1.1 Introduction

The author proposes a trust model called TRM-IoT in order to enhance communications

among different devices in IoT based on their behaviors. This paper concerns about the

performance of WSNs in IoT system. After a wide set of simulation on NS-3 simulator,

accuracy, robustness and lightness of the proposed model are also validated.

3.1.2 Main Theory

The author proposes a fuzzy trust and reputation management algorithm upon a

community of sensor nodes in IoT. First, preprocessing step let nodes to make transactions

with each other and their behavior will be recorded. Second, the system evaluates the

performance of each node. Third, the model combines the directed and indirect trust

evaluation using given weights. This model is designed to help a sensor node which

requests a specific service to find the most trustworthy assisting node. In the fuzzy trust

model description, the author provides the reputation evaluation metrics as follows: (1)

EPFR. It focuses on End-to-end packet forwarding ratio. (2) AEC. It concerns about the

11

energy consumption. (3) PDR. The package delivery ratio. Here the malicious nodes will

intently drop the packets. The combined reputation with above three factors is computed

by the following equation:

In the next part, the author provides the trust evaluation formula combined with fuzzy

elements as follows

While , 𝐹𝐹𝑖𝑖𝑖𝑖denotes the times of positive transaction and 𝑅𝑅𝐹𝐹𝑖𝑖𝑖𝑖 denotes the

times of successful transactions. 𝐶𝐶𝑡𝑡ℎ𝑟𝑟𝑟𝑟𝑟𝑟ℎ𝑜𝑜𝑜𝑜𝑜𝑜 denotes the threshold of times of successful

transactions, since we cannot simply calculate the trust value through a few arbitrary

transaction, only if the successful transaction times have exceeded this 𝐶𝐶𝑡𝑡ℎ𝑟𝑟𝑟𝑟𝑟𝑟ℎ𝑜𝑜𝑜𝑜𝑜𝑜 can it

be calculated using the equation . It also provides a similar way to evaluate

recommendation 𝑇𝑇𝑖𝑖𝑖𝑖𝑟𝑟 . Here, I represent the recommendation as R while directed trust

evaluation as D. If we choose n witness nodes to evaluate the trustworthiness, the fuzzy

membership function can be defined as the following equation.

3.2 Dynamic Trust Management for IoT Applications [22]

3.2.1 Introduction

This paper proposes a trust management protocol based on a social trust in a community-

based social IoT environment and update trust value using both direct observations and

indirect recommendations. The author provides various indicators such as the

convergence, accuracy, and resiliency properties to validate the trust model.

12

3.2.2 Main Theory

The trust valueT𝑖𝑖𝑖𝑖𝑋𝑋(𝑡𝑡) is a certain number in [0, 1]. When node i finish the transaction with

node k at time t, node i will update its trust assessment T𝑖𝑖𝑖𝑖𝑋𝑋(𝑡𝑡) as follow：

T𝑖𝑖𝑖𝑖𝑋𝑋(𝑡𝑡)= (1 − 𝛼𝛼)T𝑖𝑖𝑖𝑖𝑋𝑋(𝑡𝑡 − ∆𝑡𝑡) + 𝛼𝛼T𝑖𝑖𝑖𝑖𝑋𝑋,𝑜𝑜𝑖𝑖𝑟𝑟𝑟𝑟𝑑𝑑𝑡𝑡(𝑡𝑡), 𝑖𝑖𝑖𝑖 𝑗𝑗 == 𝑘𝑘;

X = honesty, cooperativeness, or community-interest

Direct trust observations

T𝑖𝑖𝑖𝑖ℎ𝑜𝑜𝑜𝑜𝑟𝑟𝑟𝑟𝑡𝑡𝑜𝑜,𝑜𝑜𝑖𝑖𝑟𝑟𝑟𝑟𝑑𝑑𝑡𝑡 refers to honesty value based on the direct observation of node j to node

i. T𝑖𝑖𝑖𝑖𝑑𝑑𝑜𝑜𝑐𝑐𝑟𝑟𝑟𝑟𝑐𝑐𝑡𝑡𝑖𝑖𝑐𝑐𝑟𝑟𝑜𝑜𝑟𝑟𝑟𝑟𝑟𝑟,𝑜𝑜𝑖𝑖𝑟𝑟𝑟𝑟𝑑𝑑𝑡𝑡 gives the degree of cooperativeness of node j and i based on direct

observations over the range of [0, t]. The Figure4 indicates the process of how node i

evaluates node j with directed observation and past experiences.

Figure 3. Direct Observation Trust

Indirect recommendations

Γ= 𝛽𝛽T𝑖𝑖𝑖𝑖𝑋𝑋 (𝑡𝑡)

1+𝛽𝛽T𝑖𝑖𝑖𝑖𝑋𝑋 (𝑡𝑡)

, T𝑖𝑖𝑖𝑖𝑋𝑋(𝑡𝑡) = (1 − 𝛾𝛾)T𝑖𝑖𝑖𝑖𝑋𝑋(𝑡𝑡 − ∆𝑡𝑡) + 𝛾𝛾T𝑘𝑘𝑖𝑖𝑋𝑋,𝑟𝑟𝑟𝑟𝑑𝑑𝑜𝑜𝑟𝑟(𝑡𝑡), 𝑖𝑖𝑖𝑖 𝑗𝑗! = 𝑘𝑘;

T𝑖𝑖𝑘𝑘𝑋𝑋 provides the trust value of recommendation of node k towards node i. The

13

contribution of recommended trust increases proportionally as either T𝑖𝑖𝑘𝑘𝑋𝑋 or β increases.

The Figure5 indicates the process of how node i evaluates node j with recommendation

and past experiences.

Figure 4. Indirect Recommendation Trust

3.3 Trust Management for SOA-based IoT [23]

3.3.1 Introduction

In this paper, the author introduces similar levels of friendship, social relations, and social

interests into an IoT trust model. It uses dynamic weights to adaptively balance direct trust

and indirect trust. A dynamic reduction of convergence time and trust estimation bias is

used to mitigate the existence of malicious nodes in the service and their bad behaviors.

In trust composition, it takes QoS and social trust into consideration. In trust propagation,

this model is based on a distributed system and each node collects trust information

automatically through the network. It could both be trustee and trustor upon request. In

trust aggregation, it uses Bayesian inference and self-observation to form the direct trust

value, the social similarity is used as a weighted sum to aggregate into indirect trust value.

As for trust update, it utilizes both time-driven and event-driven scheme. When the trust

value is outdated, it also takes trust decay into consideration. As for the resilience against

14

the malicious nodes, OOA is not well detected. Aggregation in direct trust and indirect

trust with dynamically updated weights helps to prevent the OSA. By using social

similarity as a part of recommending criteria, BMA and BSA are adaptively filtering. SPA

is well detected during the trust propagation. This paper is actually an optimization of the

second case [22].

3.3.2 Main Theory

Firstly, the author mentions the similarity metrics and the formulas are similar to the

cosine of the angle between the friendship vectors (VF), F denotes the friends list. The

formula is shown as follow:

sim�𝑢𝑢𝑥𝑥,𝑢𝑢𝑜𝑜� =VF𝑥𝑥�������⃗ ∗ VF𝑜𝑜�������⃗

�VF𝑥𝑥�������⃗ ��VF𝑜𝑜�������⃗ �=

�F𝑥𝑥 ∩ F𝑜𝑜�

�|F𝑥𝑥| ∗ �F𝑜𝑜�

Then, the author uses the similarity metrics to add weights to the direct trust and redirect

trust value. By using the mean square measurement, the weights of the formula are

calculated by solving the following equation. 𝑡𝑡𝑥𝑥,𝑖𝑖𝑜𝑜 denotes the direct trust value, 𝑡𝑡𝑥𝑥,𝑖𝑖

𝑟𝑟

denotes the indirect trust value, 𝑎𝑎𝑎𝑎𝑎𝑎 𝑖𝑖𝑥𝑥,𝚤𝚤(𝑜𝑜𝑟𝑟𝑛𝑛)�������� is the most recent direct user satisfaction

experiences within the last trust update ∆t which is also called the ground trust value:

MSE(µ) = � (𝜇𝜇 ∗𝑖𝑖

𝑡𝑡𝑥𝑥,𝑖𝑖𝑜𝑜 + (1 − 𝜇𝜇) ∗ 𝑡𝑡𝑥𝑥,𝑖𝑖

𝑟𝑟 − 𝑖𝑖𝑥𝑥,𝚤𝚤(𝑜𝑜𝑟𝑟𝑛𝑛)��������)2

By calculating the derivative of the formula aforesaid, we could find the best solution to

maximize the protocol performance meanwhile, minimize the trust bias. Then the author

mentions the storage management, which uses the max-min-median heap to store the trust

value. Thus , the query for extreme numbers can be done in O(1) constant time, while all

other operations such as searching, insertion and deletion can be achieved in O(log n)

logarithmic time.

15

3.4 A Context-Aware and Multi-Service Approach [24]

3.4.1 Introduction

In this paper, to overcome the limitation of IoT architecture, such as heterogeneity,

capabilities, and services, paper designs a context-aware and multi-service trust

management system with trust values updated by events and time.

3.4.2 Main Theory

The paper firstly gives a description of their model, the overall progress shows in Figure

3. The model consists of a circular continuous operation: 1) Trust manager to obtain the

trust management information, 2) A requesting node post the request to the trust

management system to ask for an assistant agent, 3) Trust manager filter the qualified

agent according to the past transaction reports and the reputation of different nodes , 4)

The requesting node report the trust value of every assistance agent based on their service

quality and 5) Update the trustworthiness recursively.

Figure 5. Context-Aware Trust Model Phases

As for phase 2) Entity selection, when a node asks for assistance, the trust manager returns

16

a list of trustworthy assisting nodes. Five steps are provided to filter the possible nodes. 1)

Restrict the set of proxies pi 2) Restrict the set of reports for each proxy 3) Compute

weights for each report 4) Compute trust value for each proxy 5) Provide requestor with

a list of best-suited proxies. To restrict the report, the paper proposes the context similarity

(1), (2) which is calculated by contextual distance.

dS𝑖𝑖 = �𝑆𝑆𝑇𝑇𝑐𝑐𝑟𝑟𝑇𝑇𝑟𝑟𝑡𝑡 − 𝑆𝑆𝑖𝑖� (1)

dC𝑖𝑖 = �𝐶𝐶𝑇𝑇𝑐𝑐𝑟𝑟𝑇𝑇𝑟𝑟𝑡𝑡 − 𝐶𝐶𝑖𝑖� (2)

(for reports carrying a positive evaluation)

The result of 𝑎𝑎𝑖𝑖𝑖𝑖 is used to solve the weight, which is determined by contextual distance

(𝑎𝑎𝑖𝑖𝑖𝑖) and age.

𝑎𝑎𝑖𝑖𝑖𝑖

= 𝑚𝑚𝑖𝑖𝑎𝑎��(𝑎𝑎𝑆𝑆𝑟𝑟𝑐𝑐𝑥𝑥2 ) ∗ (𝑎𝑎𝐶𝐶𝑟𝑟𝑐𝑐𝑥𝑥

2 ) ∗ �𝑎𝑎𝑆𝑆𝑖𝑖2

𝑎𝑎𝑆𝑆𝑟𝑟𝑐𝑐𝑥𝑥2 +

𝑎𝑎𝐶𝐶𝑖𝑖2

𝑎𝑎𝐶𝐶𝑟𝑟𝑐𝑐𝑥𝑥2 ��

∗ �(𝑎𝑎𝑆𝑆𝑟𝑟𝑐𝑐𝑥𝑥2 ) ∗ (𝑎𝑎𝐶𝐶𝑟𝑟𝑐𝑐𝑥𝑥

2 ) ∗ ���𝑆𝑆𝑟𝑟𝑐𝑐𝑥𝑥 − 𝑆𝑆𝑖𝑖�

𝑆𝑆𝑟𝑟𝑐𝑐𝑥𝑥 − (𝑆𝑆𝑟𝑟𝑐𝑐𝑥𝑥 − 𝜇𝜇)�2

+ �𝐶𝐶𝑖𝑖

�𝐶𝐶𝑡𝑡𝑐𝑐𝑟𝑟𝑇𝑇𝑟𝑟𝑡𝑡 + 𝜇𝜇��2

�

In the learning phase, author firstly updates witness nodes' qualities of recommendation

(QR) and then update from assisting nodes' reputation levels. QR plays an important role

in defending the system against various attacks. Author Combines QR and service ratings

on a time-based weighting factor.

3.4.3 Conclusion

From my point of view, the main contribution of this paper are what follows:

1) This model presented generic, context-aware trust management model for IoT

2) Dynamic trust scores assigned to nodes based on node status and required function

3) Independent score is given for Quality of Recommendation

17

4) QR score is adjusted through learning phase

5) System withstands several classes of attacks

4. IoT Simulation Tools Selection

In order to address the challenges and achieve efficiently, we need to test and improve the

research algorithms before they are exposed to the reality. In the field of IoT research,

establishing a network of IoT in the real scene is very difficult, a single test bed takes up

a lot of time and costs. Fortunately, with the help of simulation tools, we can easily get

the analysis, monitor the process and evaluate the security and safety of a trust model.

Researchers could easily deploy, layout and configure the nodes through writing scripts.

However, different simulation tools have different properties. Hence, how to choose a

simulation tool is always a question.

4.1 IoT Simulation Tools Requirements

Increasing heterogeneous devices and technologies require the simulation tools should

take into account the fact that interoperability at different layers of the communication

stack for resource-constraint devices [15]. According to the challenges that I discuss in

Chapter 2, the simulation environment should not only satisfy the new features but also

need to be close to real time scenario. There are various criteria which could help users to

select the simulation tools. The criteria are as follows:

Scale: According to the large scale of IoT, compared to other networks, IoT

experiments require the simulation tools which could run hundreds or even larger

number of agents simultaneously.

Heterogeneity: Things interact with the physical world with a large number of

different things, which only have an interface in common in order to communicate.

The remaining components used hardware of the things, which lead to different

computational power, storage capacity and energy consumption. Therefore,

18

simulation tools need to satisfy devices heterogeneity and underlying solutions

demands. The gateway devices should be an active part and the tools should provide

effective configuration. Besides, simulators should support diverse execution

environments by easing programmability.

Repeatability: It means repeated experiments within and across the different emulators.

Simulation tools should provide adequate packaging test specifications, marks, and

the results, so user can easily redo comparison across different sets of simulations.

Experimentation (learnability, GUI): In user view, the tools and services of simulation

tools have to provide a platform to ease the design and interaction so that researchers

could intuitive to take in hand. The applications with detailed documentations and

specific instructions always give better user experiences. Besides, the visualization is

another important part of the experimentation. Better GUI provides a clear way for

user to test and monitor their experiment.

Mobility: Many entities are human-carried devices, thus many devices move around

in the simulated environment. Therefore, addressing mobility and dynamics are also

significant to exploit and control the mobility realistic during the experiment.

User involvement: Automatic detections with feedback when a user directly affects

the effectiveness of data collection and provides an efficient mechanism for the users.

4.2 IoT Simulation Tools Comparison

When building an IoT simulation, first thing taken into consideration is its scope. In terms

of the technological scope, a simulation tool can be single-domain if it could provide only

a particular type of IoT technology [25]. Almost all of the simulation tools in IoT area are

designed specifically for wireless sensor network or RFID devices. There are few tools

could combine multiple techniques that used in IoT.

Here I list several network simulators that can be used to simulate IoT environment or

related networks in Table 1.

19

Table 1. Network Simulation Availability

Name of Network Simulator

Free Availability(site)

NS2 YES http://www.isi.edu/nsnam/ns NS3 YES http://www.nsnam.org/ns-3-24 OPNET NO http://www.riverbed.com/sg/products/steelcentral/opnet.html?r

edirect=opnet NetSim NO http://www.ssfnet.org/download OMNeT++ YES http://www.omnetpp.org/component/docma

/cat_view/17-downloads REAL YES http://www.cs.cornell.edu/skeshav/real

J-Sim YES https://sites.google.com/site/jsimofficial/downloads Cooja YES http://www.contiki-os.org

Familiar programming languages may benefit the implementation of the simulation in

term of users. Good GUI support may give users an intuitive analysis of the result and

better experience. In Table 2, I listed several network simulator properties to facilitate

choices in simulation tools. Table 2. Network Simulation Properties

Name of Network Simulator

language platform GUI support

NS2 C++,Otcl Unix/windows Poor NS3 C++, Python Linux monitoring of simulation flow OPNET C (C++) Windows excellent NetSim java Windows poor OMNeT++ C++ Windows/linux monitoring of simulation

flow, C++ development, topology definition, result analysis

REAL C Unix J-Sim Java, Tcl Windows/linux good QualNet C++ Linux excellent cooja java Virtual Machine monitoring of simulation

flow, result visualization

20

Here I recommend 4 simulator tools according to the frequency that is used in other IoT

simulation experiments, the user-friendly GUI and Operability.

NS3: As the most frequently used simulation tool, NS-3 is often used to construct a

model of the raffic generator with computer network simulation, channels, such as

Wi-Fi devices and protocol such as TCP / IP. The results are well collected and can

be visualized.

OMNeT++: It is developed by C++. Specifically designed for discrete event

simulation for communication networks modeling, multiprocessors and other

distributed or parallel systems. OMNeT++ is a modular, extensible, C++ simulation

library as well as a framework. It is designed for network simulators building and

offering IDE based on Eclipse, host of other tools and graphical runtime environment.

It could provide technology support through connecting to different frameworks and

simulation models and at the same time provide several ten thousand or more network

nodes.

QualNet: QualNet is utilized to simulate thousands of mobile nodes, through the

multi-hop ground, aircraft, and satellite media connect with different communication

capabilities and large cables and wireless networks.

Contiki Cooja: Cooja is a flexible java based simulator and it is designed for

simulating networks of sensors running the Contiki operating system. It is said the

operating system is designed for IoT, and motes can allow precise inspection of the

system behavior, or at a less detailed level, which is faster and allows the simulation

of larger networks.

According to the experimental requirements mentioned in section 4.1, I draw the Figure

6 to give an intuitive result of these four simulation tools. In our experiments, 200 IoT

nodes would be sufficient, so no higher criteria are needed. Once the node scale could

achieve 200, it means that the simulation could be run fluently without memory overflow.

Although the Contiki cooja could apply 200 nodes at the beginning, it could not handle

the memory issue well during the experiments. 4 levels of heterogeneity: 1. Homogeneous

21

2. A mix of motes 3. A mix of devices 4. A mix of technologies. The 3 levels of learnability:

1. Difficult 2. Fair 3. Easy. The 4 level of GUI: 1.No GUI 2. Plug-in 3. Good GUI 4.

Excellent GUI. The 4 levels of user involvement: 1. No 2. Passive collection 3.

Participatory sensing 4. Active user feedback. 4 levels of mobility: 1.No 2. Emulated 3.

User-implemented 4. Robot control.

Figure 6. Features of Current Testbeds towards Experimental Requirements

In the simulation analysis part, I choose to use OMNeT ++ as simulation tools.

22

5. Simulation In this section, I will explain the main workflow of the simulation and compare the result

after implementing the three papers’ algorithms [21], [23], [24] in section 3.

5.1 Simulation Workflow

Since I want to compare the result of these three algorithms, there exists some

modification on three algorithms. First of all, I need to add a centralized trust authority

which is known as a trust manager in the scenario like Figure 7 shows. Trust manager

helps to record the transaction history. Secondly, while IoT nodes request assisting for

accomplishing a service, trust manager runs the algorithm with the past trust data which

stored in it to help the requesting IoT nodes to select the suitable nodes. After the nodes

to finish the transaction, there will be a report sent by two nodes. The report contains the

result of the quality of service and the evaluation of recommendation nodes. For example,

while the assisting node is a malicious node, most of the time it leads to a negative result

(-1or 0) and the recommendation node will get a (-1 or 0) in their quality of

recommendation (QR). If the reported quality of service is good, the QR is also a positive

value.

23

Figure 7. Local IoT Infrastructure

According to the above assumption, the workflow of running the algorithm shows as the

Figure 8.

At the beginning of the simulation, OMNeT++ will automatically initialize the module,

in this stage, I arrange the node kinds in order to divide nodes into different groups and

assign social relationship. I also arrange the malicious attributes to different nodes. After

the initialization, each node will get a chance to ask another node to assist in finishing a

transaction periodically. Each traversal of the IoT nodes is called a transaction period.

Then, the request will be sent to the trust manager. The trust manager will operate the

algorithm according to direct reports and indirect recommendations in order to select the

best assisting node. After finishing the transaction, the quality of service will be

evaluated and sent back to trust manager. This process will not end until the simulation

time runs out.

24

Figure 8. Trust Management Simulation Workflow

5.2 Simulation Result

The simulation tool in this paper is OMNeT ++. Each run is implemented with randomly

selected IP source and destination pairs. Malicious nodes and the attacked nodes are

selected specifically to facilitate the observation. I build communication and

retransmission upon UDP. The OMNeT ++ setup parameters and configuration details are

listed in the following tables. For the first paper [21], denotes as Fuzzy Trust. The

configuration is in Table3.

25

Table 3. Fuzzy Trust Parameters

parameter value

Simulator OMNeT++ 4.1

Nodes number 200

Malicious nodes [20,60]

Node placement(x, y) 600,400

Packet size 1024bytes

MAC Layer IEEE 802.11

ζ 0.7

α 0.75

λ 4.6

𝐶𝐶𝑡𝑡ℎ𝑟𝑟𝑟𝑟𝑟𝑟ℎ𝑜𝑜𝑜𝑜𝑜𝑜 12

𝐶𝐶𝑅𝑅𝑡𝑡ℎ𝑟𝑟𝑟𝑟𝑟𝑟ℎ𝑜𝑜𝑜𝑜𝑜𝑜 12

For the third paper [23], denotes as SOA-based Trust, the parameters are listed in the

Table4. Table 4. SOA-based Trust Parameters

parameter value

Nodes number 200

Malicious nodes [20,100]

Node placement(x,y) 600,400

Packet size 1024bytes

𝛺𝛺 0.5

σc 0.01

𝜑𝜑 0.001

𝜆𝜆 10-20s

26

For the forth paper [24], denotes as Context-Aware Trust. The parameters are listed in the following Table5.

Table 5. Context-Aware Trust Parameters

parameter value

Nodes number 200

Malicious nodes [20,60]

Node placement(x,y) 600,400

Packet size 1024bytes

Initial QR 1

Service kinds 6

Preparing step of IoT nodes transaction seems like constructing the past memory of each

node, during this section, the transaction reports will be recorded in order to be used in

future trades. The preparation period is implemented by a random algorithm. The Figure

9 shows the trust value after this period. We can find Fuzzy Trust overlaps the Context-

Aware Trust while SOA-based Trust remains the trust around 0.835. Y-axis denotes the

trust value of the attacked node and the x-axis denotes the transaction period numbers.

Figure 9. Node’s Trust Value without Transactions

27

5.2.1 Protection against Bad-Mouthing Attack

In this section, I test the three algorithms’ reaction in presence of the BMA, and after the

first attack, no transaction will happen to this attacked node. Y-axis denotes the trust value

of the attacked node and the x-axis denotes the transaction period numbers. We can find

Fuzzy Trust has no changes since this algorithm updates the trust value based on events,

if no events happen, the trust value will not be updated. SOA-based Trust gets back to

normal trust level more quickly compared with other two. Context-Aware Trust falls down

quickly and once it finds the malicious recommendation value, the attacked node’s trust

value will quickly get renounced. Figure 10 displays the trust value evolution of the

attacked node.

Figure 10. Trust Value Evolution in Presence of BMA

QR is a key concept that used in Context-Aware Trust. By checking the consistency the

QR reports, we could find the misbehaved recommendation and it also indirectly affects

the recommended nodes or attacked nodes. Here I check the trust value in the condition

of with or without QR in the presence of Bad-Mouthing Attack. According to Figure 11,

we can find QR helps the trust manager to find the malicious reports and increase the

trust value of the appropriate nodes that have been attacked.

28

Figure 11. Context-Aware Trust QR Value Evolution in Presence of BMA

5.2.2 Protection against On-Off Attack

In this section, I test the three algorithms’ reaction to the OOA, and after the first attack,

the attack will happen periodically. According to Figure 12, we can find Fuzzy Trust get

good value while there’s no attack and get decreased trust value while malicious node

behaves badly. The Fuzzy Trust value changes obviously at the beginning phases

according to the behavior of the malicious node. However, because of its algorithm, the

more transaction happens, the less trust value will be affected. SOA-based Trust will

regain its normal trust value after a certain time and it doesn’t perceive the attacks. And

Context-Aware Trust falls down quickly and needs a long time to regain its high trust

value.

29

Figure 12. Trust Value Evolution in Presence of OOA

Here I test the convergence speed of the SOA-based Trust while PM means the proportion

of the malicious node. The results can be seen from Figure 13. The initial configuration is

10%, while in the below experiments, I compare it with 30% PM. We can find the recovery

speed after suffering a bad mouthing attack has slowed down.

Figure 13. SOA-based Trust Management with Different PM

30

5.2.3 Protection against Opportunistic Service Attack

In this section, I investigate the protection of three algorithms against OSA. After a long

time cumulative good behavior, the malicious node has gained high reputation by offering

one kind of good service and then misbehave by providing bad service. The result has

been shown in Figure 14. As for Fuzzy Trust, the more the transaction happens, the less

influence the attack has. The Context-Aware Trust and SOA-based Trust have positive

actions against this attack and the former one has better reaction.

Figure 14. Malicious Node Trust Value Evolution in Presence of OSA

5.2.4 Protection against Self-Promoting Attack

In this section, I investigate the protection of three algorithms against SPA. All the three

algorithms have detected this attack. The results have been shown in Figure 15.

31

Figure 15. Malicious Node Trust Evolution in Presence of SPA

32

6. Conclusions and Future Work

This chapter provides an overall conclusion and recommendations for further research.

6.1 Conclusion

After studying on IoT trust management system, it is not difficult to find there is little trust

management system work and when we talk about the resiliency to different trust attacks,

the approaches are quite similar. In Chapter 5, the selected algorithms have been

implemented on OMNeT++ and the simulation results have shown in different figures.

Fuzzy Trust algorithm can only detect the self-promoting attack and Context-Aware Trust

has positive reactions against all the attacks except for on-off attack. SOA-based Trust

provides the best convergence speed. According to the trust convergence, accuracy and

resiliency against malicious trust-related attacks, Context-Aware Trust gives the best

results.

6.2 Recommendations for Further Research

Based on the investigation, trust management for social IoT still have large spaces to be

improved. In recent researches, trustworthiness can only be used in the limited community

in which IoT nodes interact with similar services. However, the situation when a node

enters a new community, just like a person immigrate to other countries, its

trustworthiness in a new area has not been considered yet. According to the challenges

that have been discussed in Chapter 2 and above mentioned issues, we could expand on

research direction as follows: 1) The first research direction is to explore advanced trust

aggregation techniques such as brief theory and regression analysis based on the existing

model. 2) The second research direction is to try out innovative trust evaluation methods

in new architecture such as machine learning, data mining and find the efficient way to

add them into IoT trust evaluation. 3) The third research direction is to update existing

trust model that is resilient against all attacks. 4) The fourth direction is to extend the use

of the trust formation methods, for example, we could use a weighted sum as the main

33

trust value without aggregating all the other trust properties into one, but serves as an

assistant value. 5) Last but not least, the 5th direction is to design a trust transformation

method that could handle the immigration of the nodes from a different community.

34

References

[1] Roman R, Najera P, Lopez J. Securing the internet of things [J]. Computer, 2011,

44(9): 51-58.

[2] Yan Z, Zhang P, Vasilakos A V. A survey on trust management for Internet of Things

[J]. Journal of network and computer applications, 2014, 42: 120-134.

[3] Eder T, Nachtmann D, Schreckling D. Trust and Reputation in the Internet of Things

[J].

[4] Atzori L, Iera A, Morabito G, et al. The social internet of things (siot)–when social

networks meet the internet of things: Concept, architecture and network

characterization [J]. Computer Networks, 2012, 56(16): 3594-3608..

[5] E. A. K. amd, N. D. Tselikas, and A. C. Boucouvalas, “Integrating RFIDs and smart

objects into a unified Internet of things architecture,” Adv. Internet Things, vol. 1, no.

1, pp. 5–12, 2011.

[6] L. Atzori, A. Iera, and G. Morabito, “SIoT: Giving a social structure to the Internet

of things,” IEEE Commun. Lett., vol. 15, no. 11, pp. 1193–1195, Nov. 2011.

[7] M. Nitti, R. Girau, L. Atzori, A. Iera, and G. Morabito, “A subjective model for

trustworthiness evaluation in the social Internet of things,” in Proc.IEEE 23rd Int.

Symp. PIMRC, Sydney, NSW, Australia, 2012, pp. 18–23.

[8] Irissappane A A, Zhang J, Oliehoek F A, et al. Secure routing in wireless sensor

networks via POMDPs[C]//Proceedings of the 24th International Joint Conference on

Artificial Intelligence (IJCAI). 2015: 2617-2623..

[9] Zhou P, Jiang S, Irissappane A, et al. Toward Energy-Efficient Trust System Through

Watchdog Optimization for WSNs[J]. Information Forensics and Security, IEEE

Transactions on, 2015, 10(3): 613-625.

[10] Li Q, Malik A, Martin K M, et al. A reputation-based announcement scheme for

VANETs [J]. Vehicular Technology, IEEE Transactions on, 2012, 61(9): 4095-4108.

35

[11] Zhang J. A survey on trust management for vanets [C]//Advanced Information

Networking and Applications (AINA), 2011 IEEE International Conference on. IEEE,

2011: 105-112.

[12] Bellavista P, Cardone G, Corradi A, et al. Convergence of MANET and WSN in IoT

urban scenarios [J]. Sensors Journal, IEEE, 2013, 13(10): 3558-3567.

[13] Alcaraz C, Najera P, Lopez J, et al. Wireless sensor networks and the internet of

things: Do we need a complete integration [C]//1st International Workshop on the

Security of the Internet of Things (SecIoT’10). 2010.

[14] J.H. Cho, et al., “Effect of Intrusion Detection on Reliability of Mission-Oriented

Mobile Group Systems in Mobile Ad Hoc Networks,” IEEE Trans. on Reliability, vol.

59, 2010, pp. 231-241.

[15] R. Mitchell and I.R. Chen, “A Survey of Intrusion Detection Techniques in Cyber

Physical Systems,” ACM Computing Sur-vey, vol. 46, no. 4, article 55, March 2014,

29 pages.

[16] M. Nitti, R. Girau, and L. Atzori, "Trustworthiness Management in the Social

Internet of Things," IEEE Transactions on Knowledge and Data Management, vol.

26, no. 5, 2014, pp. 1253-1266.

[17] I.R. Chen, J. Guo, F. Bao, “Trust Management for SOA-based IoT and Its

Application to Service Composition”, IEEE Transactions on Service Computing,

2015.

[18] B. Yu, M.P. Singh, "An evidential model of distributed reputation management", 1st

ACM Int. Joint Conference on Autonomous Agents and Multiagent Systems, July

2002.

[19] A. Jøsang et al., “The Beta Reputation System,” Proc. 15th Bled Electronic

Commerce Conf., 2002, pp. 1-14.

[20] Y. Wang, Y.C. Lu, I.R. Chen, J.H. Cho, and A. Swami, "LogitTrust: A Logit

Regression-based Trust Model for Mobile Ad Hoc Networks," 6th ASE International

Conference on Privacy, Security, Risk and Trust, Boston, MA, Dec. 2014.

36

[21] Chen, D., Chang, G., Sun, D., Li, J., Jia, J., Wang, X.: TRM-IoT: A Trust

Management Model Based on Fuzzy Reputation for Internet of Things. Computer

Science and Information Systems, Vol. 8, No. 4, 1207-1228. (2011)

[22] Bao F, Chen I R. Dynamic trust management for internet of things

applications[C]//Proceedings of the 2012 international workshop on Self-aware

internet of things. ACM, 2012: 1-6.

[23] I. R. Chen; J. Guo; F. Bao, "Trust Management for SOA-based IoT and Its

Application to Service Composition," in IEEE Transactions on Services Computing ,

vol.PP, no.99, pp.1-1 doi: 10.1109/TSC.2014.2365797.

[24] Saied Y B, Olivereau A, Zeghlache D, et al. Trust management system design for the

internet of things: a context-aware and multi-service approach [J]. Computers &

Security, 2013, 39: 351-365.

[25] Varga A, Hornig R. An overview of the OMNeT++ simulation

environment[C]//Proceedings of the 1st international conference on Simulation tools

and techniques for communications, networks and systems & workshops. ICST

(Institute for Computer Sciences, Social-Informatics and Telecommunications

Engineering), 2008: 60.

37

Appendix A

Figure 16. Model Structure in OMNeT++

OMNeT++ applies kinds of models and each of them consists of component architectures.

The large components and models are consisted through components using NED (a high-

level language) and programming in C++. This makes sure the designed models could

achieve free reuse. Besides, OMNeT++ provides the extension of GUI support. Its

modular architecture offers an easy way for the user application to embed the simulation

kernel as well as models. OMNeT++ is a framework approach which provides the basic

machinery and tools instead of directly providing the simulation components. Figure 4

shows the model structure of OMNeT++.

In Figure 16, the boxes represent simple modules (thick border), and compound modules

(thin border). Arrows connecting small boxes represent connections and gates. OMNeT++

provides interfaces which make it is easy to be extended.

38

Figure 17. Definition and Structure of IoTNode

Figure 17 shows the definition and structure of IoTNode, which is the module used in

implementation. IotNode inherits the wirelessNode of INet Framework. Here I put my

trust management protocol upon udpApp, and the mobility is implemented by

MassMobility. IP address and packet forwarding of each node are automatically

configurable according to XML.

39

40