STRUDEL: Supporting Trust in the Dynamic Establishment of peering coaLitions

STRUDEL: STRUDEL: Supporting Trust Supporting Trust

in the Dynamic Establishmentin the Dynamic Establishmentof peering coaLitionsof peering coaLitions

April 2006

Daniele Quercia, Manish Lad,

Stephen Hailes, Licia Capra,

and Saleem Bhatti

CS departmentUniversity College London{d.quercia}@cs.ucl.ac.uk

SAC

Daniele Quercia

SAC

STRUDEL: Supporting Trust in the Dynamic Establishment of peering coaLitions

22

Outline

Novel and existing mechanisms to support those features

To avoid tragedy, STRUDEL supports 4 features

Mesh Net and its tragedy

How STRUDEL supports them? State machine

One experiment & Conclusion

Daniele Quercia

33

Mesh net and its tragedy

Mesh nodes form a peering coalition

Result:

SAC


Free-riders join the coalition

Result:

Bandwidth sharing

Tragedy (of the commons)

Daniele Quercia

44

To avoid tragedy, STRUDEL supports 4 Features

SAC


STRUDEL needs distributed mechanisms to:

form peering coalitions;

detect free-riders;

manage (trust) info;

decide such that free-riders excluded.

Daniele Quercia

55

Novel and existing work to support...

SAC


form detect

manage decide

Daniele Quercia

66SAC


STRUDEL needs to form peering coalitions. How? Common (Connection sharing in MANETs): Each device in turn acts as a gateway

form detect

manage decide

px

py

pz

Daniele Quercia

77SAC


Novel (Connection sharing in Mesh Nets) : Devices share multiple connections simultaneously

form detect

manage decide

px

py

pz

CPD

M. Lad, S. Bhatti, S. Hailes, and P. Kirstein. Enabling Coalition-Based Community Networking. In Proc. of the London Communications Symposium. 2005.

Daniele Quercia

88SAC


STRUDEL needs to detect free-riders. How?

2-ACK scheme:

form detect

manage decide

px py pzOne-hop ACK Two-hop ACK

Two-hop ACK

packet packet

If px does not receive:

one-hop ACK retransmits

two-hop ACK is suspicious about py

Daniele Quercia

99SAC


STRUDEL needs to manage trust info. How?

form detect

manage decide

Existing distributed

trust management

Fine-grained

trust metric

2+ Trust Sources

Time Formalization

Abdul-Rahmal [2] X XConfidant [4] X

?

Daniele Quercia

1010SAC


form detect

manage decide

How ? Fine-grained

trust metric

2+ Trust Sources Time Formalization

B-trust n-level

Direct experiences

& Recommendations

Aging

Bayesian

Quercia; Hailes; CapraB-trust: Bayesian Trust Framework for Pervasive ComputingProceedings of the 4th International Conference on Trust Management. LNCS. 2006.

Daniele Quercia

1111SAC


Upon trust info, STRUDEL (px) needs to decide whether

to exclude (cooperate). How? For each next-hop py, px has a table:

form detect

manage decide

Quercia ; Hailes Risk Aware Decision Framework for Trusted Mobile InteractionsProceedings of the 1st IEEE SECOVAL Workshop (in conjunction with SECURECOMM).

(b) py’s actions

Send now

Send

Don’t send

Send Just-in-time

Send Out-of-time

Sent Sent just-in-time

Sent out-of-time

Not sent(a)

px’

s ac

tions

(c) Expected Outcomes

Daniele Quercia

1212SAC


CPD 2-ACK

B-trust Utility

Support of the 4 Features

How ?

Daniele Quercia

1313SAC


How? State Machine!

Wait Ready

Next Hop: px selects whether to send packets and, if so, chooses its next-hop

Update:px updates its direct trust and recommended trust in its next-hops

WAIT

RESEND

SLOWSTART

MALIC. AVOIDANCE

SEND

NEXT HOP

IDLEADVAGREEMENT

Send(ADV

,-)

{no

hop

}{a

bove

tru

st

thre

sho

ld}

{qu

it C

PD

}

{update complete}

RCV(JR, p Y)

{miss 2 ACK}

{miss 1 ACK}

{miss 1ACK}

{above benevolence threshold}

{below trust threshold}

{mar

k

unre

spon

sive}

{burst losses}

{mis

s 2

AC

K}

Rcv(RA,pY)

Send(RD,pY) {Out CPD}

Send(RD,p Y)

{In CPD}

Sen

d(R

A,p

Y)

{bandwidth change}

T

ADV

{ pkt to be sent}

UPDATE

Daniele Quercia

1414SAC


How? State MachineSend: px sends packets without 2-ACK scheme;

Slow Start: px sends q packets (initially, q=1).If it receives 2-hop ACK, px increases its sending window by q.

Maliciousness avoidance:px increases linearly its sending window

WAITUPDATE

RESEND

SEND

NEXT HOP

IDLEADVAGREEMENT

Send(ADV

,-)

{no

hop

}{a

bove

tru

st

thre

sho

ld}

{qu

it C

PD

}

{update complete}

RCV(JR, p Y)

{miss 2 ACK}

{miss 1 ACK}

{miss 1ACK}

{above benevolence threshold}

{below trust threshold}

{mar

k

unre

spon

sive}

{burst losses}

{mis

s 2

AC

K}

Rcv(RA,pY)

Send(RD,pY) {Out CPD}

Send(RD,p Y)

{In CPD}

Sen

d(R

A,p

Y)

{bandwidth change}

T

ADV

{ pkt to be sent}

SLOWSTART

MALIC. AVOIDANCE

Daniele Quercia

1515SAC


One experimentWhen using STRUDEL, px successfully sent

. 67% of the packets on average (if n=2),

. 84% (if n=4),

in contrast to 42% when using random selection.

px

fm

m

b

fb

100%

70%

30%

15%

Daniele Quercia

1616SAC


Conclusion

STRUDEL forms peering coalitionsdetects free-ridersmanages trust info, upon which itteams up only with trustworthy peers

Future work:

Fully implement STRUDEL

Documents

STRUDEL: Supporting Trust in the Dynamic Establishment of peering coaLitions