Border Gateway Protocol(BGP),as the standard inter-domain routing protocol,is a distance-vector dynamic routing protocol used for exchanging routing information between distributed Autonomous Systems(AS).BGP nodes,com...Border Gateway Protocol(BGP),as the standard inter-domain routing protocol,is a distance-vector dynamic routing protocol used for exchanging routing information between distributed Autonomous Systems(AS).BGP nodes,communicating in a distributed dynamic environment,face several security challenges,with trust being one of the most important issues in inter-domain routing.Existing research,which performs trust evaluation when exchanging routing information to suppress malicious routing behavior,cannot meet the scalability requirements of BGP nodes.In this paper,we propose a blockchain-based trust model for inter-domain routing.Our model achieves scalability by allowing the master node of an AS alliance to transmit the trust evaluation data of its member nodes to the blockchain.The BGP nodes can expedite the trust evaluation process by accessing a global view of other BGP nodes through the master node of their respective alliance.We incorporate security service evaluation before direct evaluation and indirect recommendations to assess the security services that BGP nodes provide for themselves and prioritize to guarantee their security of routing service.We forward the trust evaluation for neighbor discovery and prioritize the nodes with high trust as neighbor nodes to reduce the malicious exchange routing behavior.We use simulation software to simulate a real BGP environments and employ a comparative experimental research approach to demonstrate the performance evaluation of our trust model.Compared with the classical trust model,our trust model not only saves more storage overhead,but also provides higher security,especially reducing the impact of collusion attacks.展开更多
The core missions of IoT are to sense data,transmit data and give feedback to the real world based on the calculation of the sensed data.The trust of sensing source data and transmission network is extremely important...The core missions of IoT are to sense data,transmit data and give feedback to the real world based on the calculation of the sensed data.The trust of sensing source data and transmission network is extremely important to IoT security.5G-IoT with its low latency,wide connectivity and high-speed transmission extends the business scenarios of IoT,yet it also brings new challenges to trust proof solutions of IoT.Currently,there is a lack of efficient and reliable trust proof solutions for massive dynamically connected nodes,while the existing solutions have high computational complexity and can't adapt to time-sensitive services in 5G-IoT scenarios.In order to solve the above problems,this paper proposes an adaptive multi-dimensional trust proof solution.Firstly,the static and dynamic attributes of sensing nodes are metricized,and the historical interaction as well as the recommendation information are combined with the comprehensive metric of sensing nodes,and a multi-dimensional fine-grained trusted metric model is established in this paper.Then,based on the comprehensive metrics,the sensing nodes are logically grouped and assigned with service levels to achieve the screening and isolation of malicious nodes.At the same time,the proposed solution reduces the energy consumption of the metric process and optimizes the impact of real-time metrics on the interaction latency.Simulation experiments show that the solution can accurately and efficiently identify malicious nodes and effectively guarantee the safe and trustworthy operation of 5G-IoT nodes,while having a small impact on the latency of the 5G network.展开更多
Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers' identity privacy is important, it may conflict with trustworth...Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers' identity privacy is important, it may conflict with trustworthiness that is based on the knowledge related to the peer's identity, while identity privacy is usually achieved by hiding such knowledge. A trust model based on trusted computing (TC) technology was proposed to enhance the identity privacy of peers during the trustworthiness evaluation process between peers from different groups. The simulation results show that, the model can be implemented in an efficient way, and when the degree of anonymity within group (DAWG) is up to 0.6 and the percentage of malicious peers is up to 70%7 the service selection failure rate is less than 0.15.展开更多
Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing pl...Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing platform is preferable,while the shortcomings are obvious simultaneously.A new star-style trust model with the ability of data recovery is proposed in this paper.The model can enhance the hardware-based root of trust in platform measurement,reduce the loss of trust during transfer process,extend the border of trust flexibly,and have the ability of data backup and recovery.The security and reliability of system is much more improved.It is proved that the star-style trust model is much better than the liner-style trust model in trust transfer and boundary extending etc.using formal methods in this paper.We illuminate the design and implementation of a kind of trusted PDA acting on star-style trust model.展开更多
The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding...The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding a reliable method is an important factor in improving communication security.For further enhancement of protected communication,we suggest a trust cluster based secure routing(TCSR)framework for wireless sensor network(WSN)using optimization algorithms.First,we introduce an efficient cluster formation using a modified tug of war optimization(MTWO)algorithm,which provides loadbalanced clusters for energy-efficient data transmission.Second,we illustrate the optimal head selection using multiple design constraints received signal strength,congestion rate,data loss rate,and throughput of the node.Those parameters are optimized by a butterfly optimal deep neural network(BO-DNN),which provides first-level security towards the selection of the best head node.Third,we utilize the lightweight signcryption to encrypt the data between two nodes during data transmission,which provides second-level security.The model provides an estimation of the trust level of each route to help a source node to select the most secure one.The nodes of the network improve reliability and security by maintaining the reliability component.Simulation results showed that the proposed scheme achieved 45.6%of delivery ratio.展开更多
Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for s...Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.展开更多
Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits s...Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.展开更多
Internet of Things(IoT)networks are characterized by a multitude of wireless,interconnected devices that can dynamically join or exit the network without centralized administration or fixed infrastructure for routing....Internet of Things(IoT)networks are characterized by a multitude of wireless,interconnected devices that can dynamically join or exit the network without centralized administration or fixed infrastructure for routing.While multipath routing in IoT networks can improve data transmission reliability and load balancing by establishing multiple paths between source and destination nodes,these networks are susceptible to security threats due to their wireless nature.Traditional security solutions developed for conventional networks are often ill-suited to the unique challenges posed by IoT environments.In response to these challenges,this paper proposes the integration of the Ad hoc On-demand Multipath Distance Vector(AOMDV)routing protocol with a trust model to enhance network performance.Key findings from this research demonstrate the successful fusion of AOMDV with a trust model,resulting in tangible improvements in network performance.The assessment of trustworthiness bolsters both security and routing capabilities in IoT networks.The trust model plays a crucial role in mitigating black hole attacks in IoT networks by evaluating the trustworthiness of nodes and helping in the identification and avoidance of malicious nodes that may act as black holes.Simulation results validate the efficacy of the proposed trust-based routing mechanism in achieving its objectives.Trust plays a pivotal role in decision-making and in the creation of secure distribution systems.By assessing the trustworthiness of nodes,both network security and routing efficiency can be enhanced.The effectiveness of the proposed trust-based routing mechanism is scrutinized through simulations,offering insights into its potential advantages in terms of improved network security and routing performance in the context of the IoT.展开更多
In enterprise operations,maintaining manual rules for enterprise processes can be expensive,time-consuming,and dependent on specialized domain knowledge in that enterprise domain.Recently,rule-generation has been auto...In enterprise operations,maintaining manual rules for enterprise processes can be expensive,time-consuming,and dependent on specialized domain knowledge in that enterprise domain.Recently,rule-generation has been automated in enterprises,particularly through Machine Learning,to streamline routine tasks.Typically,these machine models are black boxes where the reasons for the decisions are not always transparent,and the end users need to verify the model proposals as a part of the user acceptance testing to trust it.In such scenarios,rules excel over Machine Learning models as the end-users can verify the rules and have more trust.In many scenarios,the truth label changes frequently thus,it becomes difficult for the Machine Learning model to learn till a considerable amount of data has been accumulated,but with rules,the truth can be adapted.This paper presents a novel framework for generating human-understandable rules using the Classification and Regression Tree(CART)decision tree method,which ensures both optimization and user trust in automated decision-making processes.The framework generates comprehensible rules in the form of if condition and then predicts class even in domains where noise is present.The proposed system transforms enterprise operations by automating the production of human-readable rules from structured data,resulting in increased efficiency and transparency.Removing the need for human rule construction saves time and money while guaranteeing that users can readily check and trust the automatic judgments of the system.The remarkable performance metrics of the framework,which achieve 99.85%accuracy and 96.30%precision,further support its efficiency in translating complex data into comprehensible rules,eventually empowering users and enhancing organizational decision-making processes.展开更多
To improve the accuracy of node trust evaluation in a distributed network, a trust model based on the experience of individuals is proposed, which establishes a new trust assessment system by introducing the experienc...To improve the accuracy of node trust evaluation in a distributed network, a trust model based on the experience of individuals is proposed, which establishes a new trust assessment system by introducing the experience factor and the comparative experience factor. The new evaluation system considers the differences between individuals and interactive histories between nodes, which solves the problem that nodes have inaccurate assessments due to the asymmetry of nodes to a certain extent. The algorithm analysis indicates that the new model uses different deviating values of tolerance evaluation for different individuals and uses different updating values embodying node individuation when updating feedback credibility of individuals, which evaluates the trust value more reasonably and more accurately. In addition, the proposed algorithm can be used in various trust models and has a good scalability.展开更多
Blockchain with these characteristics of decentralized structure, transparent and credible, time-series and immutability, has been considering as a promising technology. Consensus algorithm as one of the core techniqu...Blockchain with these characteristics of decentralized structure, transparent and credible, time-series and immutability, has been considering as a promising technology. Consensus algorithm as one of the core techniques of blockchain directly affects the scalability of blockchain systems. Existing probabilistic finality blockchain consensus algorithms such as PoW, PoS, suffer from power consumptions and low efficiency;while absolute finality blockchain consensus algorithms such as PBFT, HoneyBadgerBFT, could not meet the scalability requirement in a largescale network. In this paper, we propose a novel optimized practical Byzantine fault tolerance consensus algorithm based on EigenTrust model, namely T-PBFT, which is a multi-stage consensus algorithm. It evaluates node trust by the transactions between nodes so that the high quality of nodes in the network will be selected to construct a consensus group. To reduce the probability of view change, we propose to replace a single primary node with a primary group. By group signature and mutual supervision, we can enhance the robustness of the primary group further. Finally, we analyze T-PBFT and compare it with the other Byzantine fault tolerant consensus algorithms. Theoretical analysis shows that our T-PBFT can optimize the Byzantine fault-tolerant rate,reduce the probability of view change and communication complexity.展开更多
As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure ...As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure the security of cloud computing.But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing.In cloud computing environment,only when the security and reliability of both interaction parties are ensured,data security can be effectively guaranteed during interactions between users and the Cloud.Therefore,building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment.Combining with Trust Management(TM),a mutual trust based access control(MTBAC) model is proposed in this paper.MTBAC model take both user's behavior trust and cloud services node's credibility into consideration.Trust relationships between users and cloud service nodes are established by mutual trust mechanism.Security problems of access control are solved by implementing MTBAC model into cloud computing environment.Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.展开更多
This paper summarizes the state of art in quantum communication networks and trust management in recent years.As in the classical networks,trust management is the premise and foundation of quantum secure communication...This paper summarizes the state of art in quantum communication networks and trust management in recent years.As in the classical networks,trust management is the premise and foundation of quantum secure communication and cannot simply be attributed to security issues,therefore the basic and importance of trust management in quantum communication networks should be taken more seriously.Compared with other theories and techniques in quantum communication,the trust of quantum communication and trust management model in quantum communication network environment is still in its initial stage.In this paper,the core technologies of establishing secure and reliable quantum communication networks are categorized and summarized,and the trends of each direction in trust management of quantum communication network are discussed in depth.展开更多
Based on fuzzy set theory, a fuzzy trust model is established by using membership function to describe the fuzziness of trust. The trust vectors of subjective trust are obtained based on a mathematical model of fuzzy ...Based on fuzzy set theory, a fuzzy trust model is established by using membership function to describe the fuzziness of trust. The trust vectors of subjective trust are obtained based on a mathematical model of fuzzy synthetic evaluation. Considering the complicated and changeable relationships between various subjects, the multi-level mathematical model of fuzzy synthetic evaluation is introduced. An example of a two-level fuzzy synthetic evaluation model confirms the feasibility of the multi-level fuzzy synthesis evaluation model. The proposed fuzzy model for trust evaluation may provide a promising method for research of trust model in open networks.展开更多
To describe the dynamic propcrty of trust relationship, wt propose atime-related trust model and extend Joang's subjective logic to fit for time-related trust model.The extension includes prepositional conjunction...To describe the dynamic propcrty of trust relationship, wt propose atime-related trust model and extend Joang's subjective logic to fit for time-related trust model.The extension includes prepositional conjunction, disjunction and negation for traditional logic anddiscounting and consensus operators that are evidential operators specially designed for thepropagation and computation of trust relationships. With the extension of subjective logic fortime-related trust, our time-related trust modelis suitable to model the dynamic trust relationshipin practice. Finally an example of reputation assessment is offered to demonstrate the usage of ourtrust model.展开更多
Container virtual technology aims to provide program independence and resource sharing.The container enables flexible cloud service.Compared with traditional virtualization,traditional virtual machines have difficulty...Container virtual technology aims to provide program independence and resource sharing.The container enables flexible cloud service.Compared with traditional virtualization,traditional virtual machines have difficulty in resource and expense requirements.The container technology has the advantages of smaller size,faster migration,lower resource overhead,and higher utilization.Within container-based cloud environment,services can adopt multi-target nodes.This paper reports research results to improve the traditional trust model with consideration of cooperation effects.Cooperation trust means that in a container-based cloud environment,services can be divided into multiple containers for different container nodes.When multiple target nodes work for one service at the same time,these nodes are in a cooperation state.When multi-target nodes cooperate to complete the service,the target nodes evaluate each other.The calculation of cooperation trust evaluation is used to update the degree of comprehensive trust.Experimental simulation results show that the cooperation trust evaluation can help solving the trust problem in the container-based cloud environment and can improve the success rate of following cooperation.展开更多
With the rapid development of the sixth generation(6G)network and Internet of Things(IoT),it has become extremely challenging to efficiently detect and prevent the distributed denial of service(DDoS)attacks originatin...With the rapid development of the sixth generation(6G)network and Internet of Things(IoT),it has become extremely challenging to efficiently detect and prevent the distributed denial of service(DDoS)attacks originating from IoT devices.In this paper we propose an innovative trust model for IoT devices to prevent potential DDoS attacks by evaluating their trustworthiness,which can be deployed in the access network of 6G IoT.Based on historical communication behaviors,this model combines spatial trust and temporal trust values to comprehensively characterize the normal behavior patterns of IoT devices,thereby effectively distinguishing attack traffic.Experimental results show that the proposed method can efficiently distinguish normal traffic from DDoS traffic.Compared with the benchmark methods,our method has advantages in terms of both accuracy and efficiency in identifying attack flows.展开更多
In big data of business service or transaction,it is impossible to provide entire information to both of services from cyber system,so some service providers made use of maliciously services to get more interests.Trus...In big data of business service or transaction,it is impossible to provide entire information to both of services from cyber system,so some service providers made use of maliciously services to get more interests.Trust management is an effective solution to deal with these malicious actions.This paper gave a trust computing model based on service-recommendation in big data.This model takes into account difference of recommendation trust between familiar node and stranger node.Thus,to ensure accuracy of recommending trust computing,paper proposed a fine-granularity similarity computing method based on the similarity of service concept domain ontology.This model is more accurate in computing trust value of cyber service nodes and prevents better cheating and attacking of malicious service nodes.Experiment results illustrated our model is effective.展开更多
Large-scale mobile social networks(MSNs)facilitate communications through mobile devices.The users of these networks can use mobile devices to access,share and distribute information.With the increasing number of user...Large-scale mobile social networks(MSNs)facilitate communications through mobile devices.The users of these networks can use mobile devices to access,share and distribute information.With the increasing number of users on social networks,the large volume of shared information and its propagation has created challenges for users.One of these challenges is whether users can trust one another.Trust can play an important role in users'decision making in social networks,so that,most people share their information based on their trust on others,or make decisions by relying on information provided by other users.However,considering the subjective and perceptive nature of the concept of trust,the mapping of trust in a computational model is one of the important issues in computing systeins of social networks.Moreover,in social networks,various communities may exist regarding the relationships between users.These connections and communities can affect trust among users and its complexity.In this paper,using user characteristics on social networks,a fuzzy clustering method is proposed and the trust between users in a cluster is computed using a computational model.Moreover,through the processes of combination,transition and aggregation of trust,the trust value is calculated between users who are not directly connected.Results show the high performance of the proposed trust inference method.展开更多
This paper proposes a trust ant colony routing algorithm by introducing a node trust evaluation model based on the D-S evidence theory into the ant colony routing protocol to improve the security of wireless sensor ne...This paper proposes a trust ant colony routing algorithm by introducing a node trust evaluation model based on the D-S evidence theory into the ant colony routing protocol to improve the security of wireless sensor networks. To reduce the influence of conflict evidences caused by malicious nods, the consistent intensity is introduced to preprocess conflict evidences before using the D-S combination rule to improve the reliability of the D-S based trust evaluation. The nodes with high trust values will be selected as the routing nodes to insure the routing security, and the trust values are used as heuristic functions of the ant colony routing algorithm. The simulation tests are conducted by using the network simulator NS2 to observe the outcomes of performance metrics of packets loss rate and average end-to-end delay etc. to indirectly evaluate the security issue under the attack of inside malicious nodes. The simulation results show that the proposed trust routing algorithm can efficiently resist malicious attacks in terms of keeping performances of the average end-to-end delay, the throughtput and the routing packet overhead under attacking from malicious nodes.展开更多
基金funded by the National Natural Science Foundation of China,grant numbers(62272007,62001007)the Natural Science Foundation of Beijing,grant numbers(4234083,4212018)The authors also extend their appreciation to King Khalid University for funding this work through the Large Group Project under grant number RGP.2/373/45.
文摘Border Gateway Protocol(BGP),as the standard inter-domain routing protocol,is a distance-vector dynamic routing protocol used for exchanging routing information between distributed Autonomous Systems(AS).BGP nodes,communicating in a distributed dynamic environment,face several security challenges,with trust being one of the most important issues in inter-domain routing.Existing research,which performs trust evaluation when exchanging routing information to suppress malicious routing behavior,cannot meet the scalability requirements of BGP nodes.In this paper,we propose a blockchain-based trust model for inter-domain routing.Our model achieves scalability by allowing the master node of an AS alliance to transmit the trust evaluation data of its member nodes to the blockchain.The BGP nodes can expedite the trust evaluation process by accessing a global view of other BGP nodes through the master node of their respective alliance.We incorporate security service evaluation before direct evaluation and indirect recommendations to assess the security services that BGP nodes provide for themselves and prioritize to guarantee their security of routing service.We forward the trust evaluation for neighbor discovery and prioritize the nodes with high trust as neighbor nodes to reduce the malicious exchange routing behavior.We use simulation software to simulate a real BGP environments and employ a comparative experimental research approach to demonstrate the performance evaluation of our trust model.Compared with the classical trust model,our trust model not only saves more storage overhead,but also provides higher security,especially reducing the impact of collusion attacks.
基金supported by National Key R&D Program of China (2019YFB2102303)National Natural Science Foundation of China (NSFC61971014,NSFC11675199)+2 种基金Beijing Postdoctoral Research Foundation (2021-ZZ-079)Young Backbone Teacher Training Program of Henan Colleges and Universities (2021GGJS170)Henan Province Higher Education Key Research Project (23B520014)。
文摘The core missions of IoT are to sense data,transmit data and give feedback to the real world based on the calculation of the sensed data.The trust of sensing source data and transmission network is extremely important to IoT security.5G-IoT with its low latency,wide connectivity and high-speed transmission extends the business scenarios of IoT,yet it also brings new challenges to trust proof solutions of IoT.Currently,there is a lack of efficient and reliable trust proof solutions for massive dynamically connected nodes,while the existing solutions have high computational complexity and can't adapt to time-sensitive services in 5G-IoT scenarios.In order to solve the above problems,this paper proposes an adaptive multi-dimensional trust proof solution.Firstly,the static and dynamic attributes of sensing nodes are metricized,and the historical interaction as well as the recommendation information are combined with the comprehensive metric of sensing nodes,and a multi-dimensional fine-grained trusted metric model is established in this paper.Then,based on the comprehensive metrics,the sensing nodes are logically grouped and assigned with service levels to achieve the screening and isolation of malicious nodes.At the same time,the proposed solution reduces the energy consumption of the metric process and optimizes the impact of real-time metrics on the interaction latency.Simulation experiments show that the solution can accurately and efficiently identify malicious nodes and effectively guarantee the safe and trustworthy operation of 5G-IoT nodes,while having a small impact on the latency of the 5G network.
基金The National High-Tech Research and Development (863) Program of China (No. 2005AA145110, No. 2006AA01Z436) The Natural Science Foundation of Shanghai (No. 05ZR14083) The Pudong New Area Technology Innovation Public Service Platform of China (No. PDPT2005-04)
文摘Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers' identity privacy is important, it may conflict with trustworthiness that is based on the knowledge related to the peer's identity, while identity privacy is usually achieved by hiding such knowledge. A trust model based on trusted computing (TC) technology was proposed to enhance the identity privacy of peers during the trustworthiness evaluation process between peers from different groups. The simulation results show that, the model can be implemented in an efficient way, and when the degree of anonymity within group (DAWG) is up to 0.6 and the percentage of malicious peers is up to 70%7 the service selection failure rate is less than 0.15.
基金Supported by the National Natural Science Foundation of China(61303024)the Natural Science Foundation of Hubei Province(2013CFB441)+1 种基金the Foundation of Science and Technology on Information Assurance Laboratory(KJ-13-106)the Natural Science Foundation of Jiangsu Province(BK20130372)
文摘Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing platform is preferable,while the shortcomings are obvious simultaneously.A new star-style trust model with the ability of data recovery is proposed in this paper.The model can enhance the hardware-based root of trust in platform measurement,reduce the loss of trust during transfer process,extend the border of trust flexibly,and have the ability of data backup and recovery.The security and reliability of system is much more improved.It is proved that the star-style trust model is much better than the liner-style trust model in trust transfer and boundary extending etc.using formal methods in this paper.We illuminate the design and implementation of a kind of trusted PDA acting on star-style trust model.
文摘The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding a reliable method is an important factor in improving communication security.For further enhancement of protected communication,we suggest a trust cluster based secure routing(TCSR)framework for wireless sensor network(WSN)using optimization algorithms.First,we introduce an efficient cluster formation using a modified tug of war optimization(MTWO)algorithm,which provides loadbalanced clusters for energy-efficient data transmission.Second,we illustrate the optimal head selection using multiple design constraints received signal strength,congestion rate,data loss rate,and throughput of the node.Those parameters are optimized by a butterfly optimal deep neural network(BO-DNN),which provides first-level security towards the selection of the best head node.Third,we utilize the lightweight signcryption to encrypt the data between two nodes during data transmission,which provides second-level security.The model provides an estimation of the trust level of each route to help a source node to select the most secure one.The nodes of the network improve reliability and security by maintaining the reliability component.Simulation results showed that the proposed scheme achieved 45.6%of delivery ratio.
基金This work was partly supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea Government(MSIT),(No.2020-0-00952,Development of 5G edge security technology for ensuring 5G+service stability and availability,50%)the Institute of Information and Communications Technology Planning and Evaluation(IITP)grant funded by the MSIT(Ministry of Science and ICT),Korea(No.IITP-2022-2020-0-01602,ITRC(Information Technology Research Center)support program,50%).
文摘Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.
基金the National Natural Science Foundation of China,GrantNumbers(62272007,62001007)the Natural Science Foundation of Beijing,GrantNumbers(4234083,4212018)The authors also acknowledge the support from King Khalid University for funding this research through the Large Group Project under Grant Number RGP.2/373/45.
文摘Border Gateway Protocol(BGP)is a standard inter-domain routing protocol for the Internet that conveys network layer reachability information and establishes routes to different destinations.The BGP protocol exhibits security design defects,such as an unconditional trust mechanism and the default acceptance of BGP route announcements from peers by BGP neighboring nodes,easily triggering prefix hijacking,path forgery,route leakage,and other BGP security threats.Meanwhile,the traditional BGP security mechanism,relying on a public key infrastructure,faces issues like a single point of failure and a single point of trust.The decentralization,anti-tampering,and traceability advantages of blockchain offer new solution ideas for constructing secure and trusted inter-domain routing mechanisms.In this paper,we summarize the characteristics of BGP protocol in detail,sort out the BGP security threats and their causes.Additionally,we analyze the shortcomings of the traditional BGP security mechanism and comprehensively evaluate existing blockchain-based solutions to address the above problems and validate the reliability and effectiveness of blockchain-based BGP security methods in mitigating BGP security threats.Finally,we discuss the challenges posed by BGP security problems and outline prospects for future research.
文摘Internet of Things(IoT)networks are characterized by a multitude of wireless,interconnected devices that can dynamically join or exit the network without centralized administration or fixed infrastructure for routing.While multipath routing in IoT networks can improve data transmission reliability and load balancing by establishing multiple paths between source and destination nodes,these networks are susceptible to security threats due to their wireless nature.Traditional security solutions developed for conventional networks are often ill-suited to the unique challenges posed by IoT environments.In response to these challenges,this paper proposes the integration of the Ad hoc On-demand Multipath Distance Vector(AOMDV)routing protocol with a trust model to enhance network performance.Key findings from this research demonstrate the successful fusion of AOMDV with a trust model,resulting in tangible improvements in network performance.The assessment of trustworthiness bolsters both security and routing capabilities in IoT networks.The trust model plays a crucial role in mitigating black hole attacks in IoT networks by evaluating the trustworthiness of nodes and helping in the identification and avoidance of malicious nodes that may act as black holes.Simulation results validate the efficacy of the proposed trust-based routing mechanism in achieving its objectives.Trust plays a pivotal role in decision-making and in the creation of secure distribution systems.By assessing the trustworthiness of nodes,both network security and routing efficiency can be enhanced.The effectiveness of the proposed trust-based routing mechanism is scrutinized through simulations,offering insights into its potential advantages in terms of improved network security and routing performance in the context of the IoT.
文摘In enterprise operations,maintaining manual rules for enterprise processes can be expensive,time-consuming,and dependent on specialized domain knowledge in that enterprise domain.Recently,rule-generation has been automated in enterprises,particularly through Machine Learning,to streamline routine tasks.Typically,these machine models are black boxes where the reasons for the decisions are not always transparent,and the end users need to verify the model proposals as a part of the user acceptance testing to trust it.In such scenarios,rules excel over Machine Learning models as the end-users can verify the rules and have more trust.In many scenarios,the truth label changes frequently thus,it becomes difficult for the Machine Learning model to learn till a considerable amount of data has been accumulated,but with rules,the truth can be adapted.This paper presents a novel framework for generating human-understandable rules using the Classification and Regression Tree(CART)decision tree method,which ensures both optimization and user trust in automated decision-making processes.The framework generates comprehensible rules in the form of if condition and then predicts class even in domains where noise is present.The proposed system transforms enterprise operations by automating the production of human-readable rules from structured data,resulting in increased efficiency and transparency.Removing the need for human rule construction saves time and money while guaranteeing that users can readily check and trust the automatic judgments of the system.The remarkable performance metrics of the framework,which achieve 99.85%accuracy and 96.30%precision,further support its efficiency in translating complex data into comprehensible rules,eventually empowering users and enhancing organizational decision-making processes.
文摘To improve the accuracy of node trust evaluation in a distributed network, a trust model based on the experience of individuals is proposed, which establishes a new trust assessment system by introducing the experience factor and the comparative experience factor. The new evaluation system considers the differences between individuals and interactive histories between nodes, which solves the problem that nodes have inaccurate assessments due to the asymmetry of nodes to a certain extent. The algorithm analysis indicates that the new model uses different deviating values of tolerance evaluation for different individuals and uses different updating values embodying node individuation when updating feedback credibility of individuals, which evaluates the trust value more reasonably and more accurately. In addition, the proposed algorithm can be used in various trust models and has a good scalability.
基金supported by Nature Key Research and Development Program of China (2017YFB1400700)the National Natural Science Foundation of China (61602537, U1509214)+1 种基金the Central University of Finance and Economics Funds for the Youth Talent Support Plan (QYP1808)First-Class Discipline Construction in 2019,open fund of Key Laboratory of Grain Information Processing and Control (KFJJ-2018-202)
文摘Blockchain with these characteristics of decentralized structure, transparent and credible, time-series and immutability, has been considering as a promising technology. Consensus algorithm as one of the core techniques of blockchain directly affects the scalability of blockchain systems. Existing probabilistic finality blockchain consensus algorithms such as PoW, PoS, suffer from power consumptions and low efficiency;while absolute finality blockchain consensus algorithms such as PBFT, HoneyBadgerBFT, could not meet the scalability requirement in a largescale network. In this paper, we propose a novel optimized practical Byzantine fault tolerance consensus algorithm based on EigenTrust model, namely T-PBFT, which is a multi-stage consensus algorithm. It evaluates node trust by the transactions between nodes so that the high quality of nodes in the network will be selected to construct a consensus group. To reduce the probability of view change, we propose to replace a single primary node with a primary group. By group signature and mutual supervision, we can enhance the robustness of the primary group further. Finally, we analyze T-PBFT and compare it with the other Byzantine fault tolerant consensus algorithms. Theoretical analysis shows that our T-PBFT can optimize the Byzantine fault-tolerant rate,reduce the probability of view change and communication complexity.
基金ACKNOWLEDGEMENT This paper is supported by the Opening Project of State Key Laboratory for Novel Software Technology of Nanjing University, China (Grant No.KFKT2012B25) and National Science Foundation of China (Grant No.61303263).
文摘As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure the security of cloud computing.But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing.In cloud computing environment,only when the security and reliability of both interaction parties are ensured,data security can be effectively guaranteed during interactions between users and the Cloud.Therefore,building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment.Combining with Trust Management(TM),a mutual trust based access control(MTBAC) model is proposed in this paper.MTBAC model take both user's behavior trust and cloud services node's credibility into consideration.Trust relationships between users and cloud service nodes are established by mutual trust mechanism.Security problems of access control are solved by implementing MTBAC model into cloud computing environment.Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.
基金This work is supported by the National Natural Science Foundation of China(No.61572086)the Innovation Team of Quantum Security Communication of Sichuan Province(No.17TD0009)+1 种基金the Academic and Technical Leaders Training Funding Support Projects of Sichuan Province(No.2016120080102643)the Application Foundation Project of Sichuan Province(No.2017JY0168).
文摘This paper summarizes the state of art in quantum communication networks and trust management in recent years.As in the classical networks,trust management is the premise and foundation of quantum secure communication and cannot simply be attributed to security issues,therefore the basic and importance of trust management in quantum communication networks should be taken more seriously.Compared with other theories and techniques in quantum communication,the trust of quantum communication and trust management model in quantum communication network environment is still in its initial stage.In this paper,the core technologies of establishing secure and reliable quantum communication networks are categorized and summarized,and the trends of each direction in trust management of quantum communication network are discussed in depth.
文摘Based on fuzzy set theory, a fuzzy trust model is established by using membership function to describe the fuzziness of trust. The trust vectors of subjective trust are obtained based on a mathematical model of fuzzy synthetic evaluation. Considering the complicated and changeable relationships between various subjects, the multi-level mathematical model of fuzzy synthetic evaluation is introduced. An example of a two-level fuzzy synthetic evaluation model confirms the feasibility of the multi-level fuzzy synthesis evaluation model. The proposed fuzzy model for trust evaluation may provide a promising method for research of trust model in open networks.
文摘To describe the dynamic propcrty of trust relationship, wt propose atime-related trust model and extend Joang's subjective logic to fit for time-related trust model.The extension includes prepositional conjunction, disjunction and negation for traditional logic anddiscounting and consensus operators that are evidential operators specially designed for thepropagation and computation of trust relationships. With the extension of subjective logic fortime-related trust, our time-related trust modelis suitable to model the dynamic trust relationshipin practice. Finally an example of reputation assessment is offered to demonstrate the usage of ourtrust model.
基金This research work was supported by the National Natural Science Foundation of China(Grant No.61762031)Guangxi Key Research and Development Plan(No.2017AB51024)Guangxi key Laboratory of Embedded Technology and Intelligent System,Guangxi Fundamental Laboratory for Embedded Technology and Intelligent Systems.
文摘Container virtual technology aims to provide program independence and resource sharing.The container enables flexible cloud service.Compared with traditional virtualization,traditional virtual machines have difficulty in resource and expense requirements.The container technology has the advantages of smaller size,faster migration,lower resource overhead,and higher utilization.Within container-based cloud environment,services can adopt multi-target nodes.This paper reports research results to improve the traditional trust model with consideration of cooperation effects.Cooperation trust means that in a container-based cloud environment,services can be divided into multiple containers for different container nodes.When multiple target nodes work for one service at the same time,these nodes are in a cooperation state.When multi-target nodes cooperate to complete the service,the target nodes evaluate each other.The calculation of cooperation trust evaluation is used to update the degree of comprehensive trust.Experimental simulation results show that the cooperation trust evaluation can help solving the trust problem in the container-based cloud environment and can improve the success rate of following cooperation.
基金This work was supported in part by the National Key R&D Program of China under Grant 2020YFA0711301in part by the National Natural Science Foundation of China under Grant 61922049,and Grant 61941104in part by the Tsinghua University-China Mobile Communications Group Company Ltd.,Joint Institute.
文摘With the rapid development of the sixth generation(6G)network and Internet of Things(IoT),it has become extremely challenging to efficiently detect and prevent the distributed denial of service(DDoS)attacks originating from IoT devices.In this paper we propose an innovative trust model for IoT devices to prevent potential DDoS attacks by evaluating their trustworthiness,which can be deployed in the access network of 6G IoT.Based on historical communication behaviors,this model combines spatial trust and temporal trust values to comprehensively characterize the normal behavior patterns of IoT devices,thereby effectively distinguishing attack traffic.Experimental results show that the proposed method can efficiently distinguish normal traffic from DDoS traffic.Compared with the benchmark methods,our method has advantages in terms of both accuracy and efficiency in identifying attack flows.
文摘In big data of business service or transaction,it is impossible to provide entire information to both of services from cyber system,so some service providers made use of maliciously services to get more interests.Trust management is an effective solution to deal with these malicious actions.This paper gave a trust computing model based on service-recommendation in big data.This model takes into account difference of recommendation trust between familiar node and stranger node.Thus,to ensure accuracy of recommending trust computing,paper proposed a fine-granularity similarity computing method based on the similarity of service concept domain ontology.This model is more accurate in computing trust value of cyber service nodes and prevents better cheating and attacking of malicious service nodes.Experiment results illustrated our model is effective.
文摘Large-scale mobile social networks(MSNs)facilitate communications through mobile devices.The users of these networks can use mobile devices to access,share and distribute information.With the increasing number of users on social networks,the large volume of shared information and its propagation has created challenges for users.One of these challenges is whether users can trust one another.Trust can play an important role in users'decision making in social networks,so that,most people share their information based on their trust on others,or make decisions by relying on information provided by other users.However,considering the subjective and perceptive nature of the concept of trust,the mapping of trust in a computational model is one of the important issues in computing systeins of social networks.Moreover,in social networks,various communities may exist regarding the relationships between users.These connections and communities can affect trust among users and its complexity.In this paper,using user characteristics on social networks,a fuzzy clustering method is proposed and the trust between users in a cluster is computed using a computational model.Moreover,through the processes of combination,transition and aggregation of trust,the trust value is calculated between users who are not directly connected.Results show the high performance of the proposed trust inference method.
基金supported by the National Natural Science Foundation of China(NSFC)under Grant No.61373126the Natural Science Foundation of Jiangsu Province of China under Grant No.BK20131107the Fundamental Research Funds for the Central Universities under Grant No.JUSRP51510
文摘This paper proposes a trust ant colony routing algorithm by introducing a node trust evaluation model based on the D-S evidence theory into the ant colony routing protocol to improve the security of wireless sensor networks. To reduce the influence of conflict evidences caused by malicious nods, the consistent intensity is introduced to preprocess conflict evidences before using the D-S combination rule to improve the reliability of the D-S based trust evaluation. The nodes with high trust values will be selected as the routing nodes to insure the routing security, and the trust values are used as heuristic functions of the ant colony routing algorithm. The simulation tests are conducted by using the network simulator NS2 to observe the outcomes of performance metrics of packets loss rate and average end-to-end delay etc. to indirectly evaluate the security issue under the attack of inside malicious nodes. The simulation results show that the proposed trust routing algorithm can efficiently resist malicious attacks in terms of keeping performances of the average end-to-end delay, the throughtput and the routing packet overhead under attacking from malicious nodes.
