Border Gateway Protocol(BGP),as the standard inter-domain routing protocol,is a distance-vector dynamic routing protocol used for exchanging routing information between distributed Autonomous Systems(AS).BGP nodes,com...Border Gateway Protocol(BGP),as the standard inter-domain routing protocol,is a distance-vector dynamic routing protocol used for exchanging routing information between distributed Autonomous Systems(AS).BGP nodes,communicating in a distributed dynamic environment,face several security challenges,with trust being one of the most important issues in inter-domain routing.Existing research,which performs trust evaluation when exchanging routing information to suppress malicious routing behavior,cannot meet the scalability requirements of BGP nodes.In this paper,we propose a blockchain-based trust model for inter-domain routing.Our model achieves scalability by allowing the master node of an AS alliance to transmit the trust evaluation data of its member nodes to the blockchain.The BGP nodes can expedite the trust evaluation process by accessing a global view of other BGP nodes through the master node of their respective alliance.We incorporate security service evaluation before direct evaluation and indirect recommendations to assess the security services that BGP nodes provide for themselves and prioritize to guarantee their security of routing service.We forward the trust evaluation for neighbor discovery and prioritize the nodes with high trust as neighbor nodes to reduce the malicious exchange routing behavior.We use simulation software to simulate a real BGP environments and employ a comparative experimental research approach to demonstrate the performance evaluation of our trust model.Compared with the classical trust model,our trust model not only saves more storage overhead,but also provides higher security,especially reducing the impact of collusion attacks.展开更多
Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers' identity privacy is important, it may conflict with trustworth...Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers' identity privacy is important, it may conflict with trustworthiness that is based on the knowledge related to the peer's identity, while identity privacy is usually achieved by hiding such knowledge. A trust model based on trusted computing (TC) technology was proposed to enhance the identity privacy of peers during the trustworthiness evaluation process between peers from different groups. The simulation results show that, the model can be implemented in an efficient way, and when the degree of anonymity within group (DAWG) is up to 0.6 and the percentage of malicious peers is up to 70%7 the service selection failure rate is less than 0.15.展开更多
Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing pl...Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing platform is preferable,while the shortcomings are obvious simultaneously.A new star-style trust model with the ability of data recovery is proposed in this paper.The model can enhance the hardware-based root of trust in platform measurement,reduce the loss of trust during transfer process,extend the border of trust flexibly,and have the ability of data backup and recovery.The security and reliability of system is much more improved.It is proved that the star-style trust model is much better than the liner-style trust model in trust transfer and boundary extending etc.using formal methods in this paper.We illuminate the design and implementation of a kind of trusted PDA acting on star-style trust model.展开更多
To improve the accuracy of node trust evaluation in a distributed network, a trust model based on the experience of individuals is proposed, which establishes a new trust assessment system by introducing the experienc...To improve the accuracy of node trust evaluation in a distributed network, a trust model based on the experience of individuals is proposed, which establishes a new trust assessment system by introducing the experience factor and the comparative experience factor. The new evaluation system considers the differences between individuals and interactive histories between nodes, which solves the problem that nodes have inaccurate assessments due to the asymmetry of nodes to a certain extent. The algorithm analysis indicates that the new model uses different deviating values of tolerance evaluation for different individuals and uses different updating values embodying node individuation when updating feedback credibility of individuals, which evaluates the trust value more reasonably and more accurately. In addition, the proposed algorithm can be used in various trust models and has a good scalability.展开更多
The core missions of IoT are to sense data,transmit data and give feedback to the real world based on the calculation of the sensed data.The trust of sensing source data and transmission network is extremely important...The core missions of IoT are to sense data,transmit data and give feedback to the real world based on the calculation of the sensed data.The trust of sensing source data and transmission network is extremely important to IoT security.5G-IoT with its low latency,wide connectivity and high-speed transmission extends the business scenarios of IoT,yet it also brings new challenges to trust proof solutions of IoT.Currently,there is a lack of efficient and reliable trust proof solutions for massive dynamically connected nodes,while the existing solutions have high computational complexity and can't adapt to time-sensitive services in 5G-IoT scenarios.In order to solve the above problems,this paper proposes an adaptive multi-dimensional trust proof solution.Firstly,the static and dynamic attributes of sensing nodes are metricized,and the historical interaction as well as the recommendation information are combined with the comprehensive metric of sensing nodes,and a multi-dimensional fine-grained trusted metric model is established in this paper.Then,based on the comprehensive metrics,the sensing nodes are logically grouped and assigned with service levels to achieve the screening and isolation of malicious nodes.At the same time,the proposed solution reduces the energy consumption of the metric process and optimizes the impact of real-time metrics on the interaction latency.Simulation experiments show that the solution can accurately and efficiently identify malicious nodes and effectively guarantee the safe and trustworthy operation of 5G-IoT nodes,while having a small impact on the latency of the 5G network.展开更多
As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure ...As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure the security of cloud computing.But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing.In cloud computing environment,only when the security and reliability of both interaction parties are ensured,data security can be effectively guaranteed during interactions between users and the Cloud.Therefore,building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment.Combining with Trust Management(TM),a mutual trust based access control(MTBAC) model is proposed in this paper.MTBAC model take both user's behavior trust and cloud services node's credibility into consideration.Trust relationships between users and cloud service nodes are established by mutual trust mechanism.Security problems of access control are solved by implementing MTBAC model into cloud computing environment.Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.展开更多
Based on fuzzy set theory, a fuzzy trust model is established by using membership function to describe the fuzziness of trust. The trust vectors of subjective trust are obtained based on a mathematical model of fuzzy ...Based on fuzzy set theory, a fuzzy trust model is established by using membership function to describe the fuzziness of trust. The trust vectors of subjective trust are obtained based on a mathematical model of fuzzy synthetic evaluation. Considering the complicated and changeable relationships between various subjects, the multi-level mathematical model of fuzzy synthetic evaluation is introduced. An example of a two-level fuzzy synthetic evaluation model confirms the feasibility of the multi-level fuzzy synthesis evaluation model. The proposed fuzzy model for trust evaluation may provide a promising method for research of trust model in open networks.展开更多
Container virtual technology aims to provide program independence and resource sharing.The container enables flexible cloud service.Compared with traditional virtualization,traditional virtual machines have difficulty...Container virtual technology aims to provide program independence and resource sharing.The container enables flexible cloud service.Compared with traditional virtualization,traditional virtual machines have difficulty in resource and expense requirements.The container technology has the advantages of smaller size,faster migration,lower resource overhead,and higher utilization.Within container-based cloud environment,services can adopt multi-target nodes.This paper reports research results to improve the traditional trust model with consideration of cooperation effects.Cooperation trust means that in a container-based cloud environment,services can be divided into multiple containers for different container nodes.When multiple target nodes work for one service at the same time,these nodes are in a cooperation state.When multi-target nodes cooperate to complete the service,the target nodes evaluate each other.The calculation of cooperation trust evaluation is used to update the degree of comprehensive trust.Experimental simulation results show that the cooperation trust evaluation can help solving the trust problem in the container-based cloud environment and can improve the success rate of following cooperation.展开更多
With the rapid development of the sixth generation(6G)network and Internet of Things(IoT),it has become extremely challenging to efficiently detect and prevent the distributed denial of service(DDoS)attacks originatin...With the rapid development of the sixth generation(6G)network and Internet of Things(IoT),it has become extremely challenging to efficiently detect and prevent the distributed denial of service(DDoS)attacks originating from IoT devices.In this paper we propose an innovative trust model for IoT devices to prevent potential DDoS attacks by evaluating their trustworthiness,which can be deployed in the access network of 6G IoT.Based on historical communication behaviors,this model combines spatial trust and temporal trust values to comprehensively characterize the normal behavior patterns of IoT devices,thereby effectively distinguishing attack traffic.Experimental results show that the proposed method can efficiently distinguish normal traffic from DDoS traffic.Compared with the benchmark methods,our method has advantages in terms of both accuracy and efficiency in identifying attack flows.展开更多
In big data of business service or transaction,it is impossible to provide entire information to both of services from cyber system,so some service providers made use of maliciously services to get more interests.Trus...In big data of business service or transaction,it is impossible to provide entire information to both of services from cyber system,so some service providers made use of maliciously services to get more interests.Trust management is an effective solution to deal with these malicious actions.This paper gave a trust computing model based on service-recommendation in big data.This model takes into account difference of recommendation trust between familiar node and stranger node.Thus,to ensure accuracy of recommending trust computing,paper proposed a fine-granularity similarity computing method based on the similarity of service concept domain ontology.This model is more accurate in computing trust value of cyber service nodes and prevents better cheating and attacking of malicious service nodes.Experiment results illustrated our model is effective.展开更多
It is necessary to construct an effective trust model to build trust relationship between peers in peer-to-peer (P2P) network and enhance the security and reliability of P2P systems. The current trust models only fo...It is necessary to construct an effective trust model to build trust relationship between peers in peer-to-peer (P2P) network and enhance the security and reliability of P2P systems. The current trust models only focus on the consumers' evaluation to a transaction, which may be abused by malicious peers to exaggerate or slander the provider deliberately. In this paper, we propose a novel trust model based on mutual evaluation, called METrust, to suppress the peers' malicious behavior, such as dishonest evaluation and strategic attack. METrust considers the factors including mutual evaluation, similarity risk, time window, incentive, and punishment mechanism. The trust value is composed of the direct trust value and the recommendation trust value. In order to inhibit dishonest evaluation, both participants should give evaluation information based on peers' own experiences about the transaction while computing the direct trust value. In view of this, the mutual evaluation consistency factor and its time decay function are proposed. Besides, to reduce the risk of computing the recommendation trust based on the recommendations of friend peers, the similarity risk is introduced to measure the uncertainty of the similarity computing, while similarity is used to measure credibility. The experimental results show that METrust is effective, and it has advantages in the inhibition of the various malicious behaviors.展开更多
Large-scale mobile social networks(MSNs)facilitate communications through mobile devices.The users of these networks can use mobile devices to access,share and distribute information.With the increasing number of user...Large-scale mobile social networks(MSNs)facilitate communications through mobile devices.The users of these networks can use mobile devices to access,share and distribute information.With the increasing number of users on social networks,the large volume of shared information and its propagation has created challenges for users.One of these challenges is whether users can trust one another.Trust can play an important role in users'decision making in social networks,so that,most people share their information based on their trust on others,or make decisions by relying on information provided by other users.However,considering the subjective and perceptive nature of the concept of trust,the mapping of trust in a computational model is one of the important issues in computing systeins of social networks.Moreover,in social networks,various communities may exist regarding the relationships between users.These connections and communities can affect trust among users and its complexity.In this paper,using user characteristics on social networks,a fuzzy clustering method is proposed and the trust between users in a cluster is computed using a computational model.Moreover,through the processes of combination,transition and aggregation of trust,the trust value is calculated between users who are not directly connected.Results show the high performance of the proposed trust inference method.展开更多
In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks,the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed ...In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks,the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed Distance-Based LAR.The improved Secure Trust-based Location-Aided Routing algorithm utilizes direct trust and recommendation trust to prevent malicious nodes with low trust values from joining the forwarding.Simulation results reveal that ST-LAR can resist attacks by malicious nodes effectively;furthermore,it also achieves better performance than DBLAR in terms of average end-to-end delay,packet delivery success ratio and throughput.展开更多
Dispersed computing is a new resourcecentric computing paradigm.Due to its high degree of openness and decentralization,it is vulnerable to attacks,and security issues have become an important challenge hindering its ...Dispersed computing is a new resourcecentric computing paradigm.Due to its high degree of openness and decentralization,it is vulnerable to attacks,and security issues have become an important challenge hindering its development.The trust evaluation technology is of great significance to the reliable operation and security assurance of dispersed computing networks.In this paper,a dynamic Bayesian-based comprehensive trust evaluation model is proposed for dispersed computing environment.Specifically,in the calculation of direct trust,a logarithmic decay function and a sliding window are introduced to improve the timeliness.In the calculation of indirect trust,a random screening method based on sine function is designed,which excludes malicious nodes providing false reports and multiple malicious nodes colluding attacks.Finally,the comprehensive trust value is dynamically updated based on historical interactions,current interactions and momentary changes.Simulation experiments are introduced to verify the performance of the model.Compared with existing model,the proposed trust evaluation model performs better in terms of the detection rate of malicious nodes,the interaction success rate,and the computational cost.展开更多
The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding...The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding a reliable method is an important factor in improving communication security.For further enhancement of protected communication,we suggest a trust cluster based secure routing(TCSR)framework for wireless sensor network(WSN)using optimization algorithms.First,we introduce an efficient cluster formation using a modified tug of war optimization(MTWO)algorithm,which provides loadbalanced clusters for energy-efficient data transmission.Second,we illustrate the optimal head selection using multiple design constraints received signal strength,congestion rate,data loss rate,and throughput of the node.Those parameters are optimized by a butterfly optimal deep neural network(BO-DNN),which provides first-level security towards the selection of the best head node.Third,we utilize the lightweight signcryption to encrypt the data between two nodes during data transmission,which provides second-level security.The model provides an estimation of the trust level of each route to help a source node to select the most secure one.The nodes of the network improve reliability and security by maintaining the reliability component.Simulation results showed that the proposed scheme achieved 45.6%of delivery ratio.展开更多
Software systems in distributed environment are changing from a close and relatively static form, whose users are familiar with each other, to an open and highly dynamic mode, which can be visited by public. In such c...Software systems in distributed environment are changing from a close and relatively static form, whose users are familiar with each other, to an open and highly dynamic mode, which can be visited by public. In such circumstance, trust evaluation model becomes focus of intense research at current time. Trust evaluation model establishes a management framework of trust relationship between entities, involving expression and measurement of trust, comprehensive calculation of direct trust value and recommended trust value, and recognition of malicious entities and recommendations. Based on the analysis of several typical trust evaluation models, the classification of trust evaluation ideas and modes is discussed, the questions existing in current research and the directions of future research are pointed out.展开更多
Smart city refers to the information system with Intemet of things and cloud computing as the core tec hnology and government management and industrial development as the core content,forming a large scale,heterogeneo...Smart city refers to the information system with Intemet of things and cloud computing as the core tec hnology and government management and industrial development as the core content,forming a large scale,heterogeneous and dynamic distributed Internet of things environment between different Internet of things.There is a wide demand for cooperation between equipment and management institutions in the smart city.Therefore,it is necessary to establish a trust mechanism to promote cooperation,and based on this,prevent data disorder caused by the interaction between honest terminals and malicious temminals.However,most of the existing research on trust mechanism is divorced from the Internet of things environment,and does not consider the characteristics of limited computing and storage capacity and large differences of Internet of hings devices,resuling in the fact that the research on abstract trust trust mechanism cannot be directly applied to the Internet of things;On the other hand,various threats to the Internet of things caused by security vulnerabilities such as collision attacks are not considered.Aiming at the security problems of cross domain trusted authentication of Intelligent City Internet of things terminals,a cross domain trust model(CDTM)based on self-authentication is proposed.Unlike most trust models,this model uses self-certified trust.The cross-domain process of internet of things(IoT)terminal can quickly establish a trust relationship with the current domain by providing its trust certificate stored in the previous domain interaction.At the same time,in order to alleviate the collision attack and improve the accuracy of trust evaluation,the overall trust value is calculated by comprehensively considering the quantity weight,time attenuation weight and similarity weight.Finally,the simulation results show that CDTM has good anti collusion attack ability.The success rate of malicious interaction will not increase significantly.Compared with other models,the resource consumption of our proposed model is significantly reduced.展开更多
To keep open network more efficacious and secure, it is necessary that a nice trust model and method of trust management must be developed. The reason why traditional trust models are incomplete in their function to m...To keep open network more efficacious and secure, it is necessary that a nice trust model and method of trust management must be developed. The reason why traditional trust models are incomplete in their function to manage trust is explained, and a general model based on hybrid trust model and introducer protocol is provided. The hybrid model is more flexible and efficacious to manage trust compared with hierarchy model and Web model. The introducer protocol is a better solution to build, maintain and refresh the trust relationship in open network environment.展开更多
Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for s...Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.展开更多
In the open network environment, malicious attacks to the trust model have become increasingly serious. Compared with single node attacks, collusion attacks do more harm to the trust model. To solve this problem, a co...In the open network environment, malicious attacks to the trust model have become increasingly serious. Compared with single node attacks, collusion attacks do more harm to the trust model. To solve this problem, a collusion detector based on the GN algorithm for the trust evaluation model is proposed in the open Internet environment. By analyzing the behavioral characteristics of collusion groups, the concept of flatting is defined and the G-N community mining algorithm is used to divide suspicious communities. On this basis, a collusion community detector method is proposed based on the breaking strength of suspicious communities. Simulation results show that the model has high recognition accuracy in identifying collusion nodes, so as to effectively defend against malicious attacks of collusion nodes.展开更多
基金funded by the National Natural Science Foundation of China,grant numbers(62272007,62001007)the Natural Science Foundation of Beijing,grant numbers(4234083,4212018)The authors also extend their appreciation to King Khalid University for funding this work through the Large Group Project under grant number RGP.2/373/45.
文摘Border Gateway Protocol(BGP),as the standard inter-domain routing protocol,is a distance-vector dynamic routing protocol used for exchanging routing information between distributed Autonomous Systems(AS).BGP nodes,communicating in a distributed dynamic environment,face several security challenges,with trust being one of the most important issues in inter-domain routing.Existing research,which performs trust evaluation when exchanging routing information to suppress malicious routing behavior,cannot meet the scalability requirements of BGP nodes.In this paper,we propose a blockchain-based trust model for inter-domain routing.Our model achieves scalability by allowing the master node of an AS alliance to transmit the trust evaluation data of its member nodes to the blockchain.The BGP nodes can expedite the trust evaluation process by accessing a global view of other BGP nodes through the master node of their respective alliance.We incorporate security service evaluation before direct evaluation and indirect recommendations to assess the security services that BGP nodes provide for themselves and prioritize to guarantee their security of routing service.We forward the trust evaluation for neighbor discovery and prioritize the nodes with high trust as neighbor nodes to reduce the malicious exchange routing behavior.We use simulation software to simulate a real BGP environments and employ a comparative experimental research approach to demonstrate the performance evaluation of our trust model.Compared with the classical trust model,our trust model not only saves more storage overhead,but also provides higher security,especially reducing the impact of collusion attacks.
基金The National High-Tech Research and Development (863) Program of China (No. 2005AA145110, No. 2006AA01Z436) The Natural Science Foundation of Shanghai (No. 05ZR14083) The Pudong New Area Technology Innovation Public Service Platform of China (No. PDPT2005-04)
文摘Trust is one of the most important security requirements in the design and implementation of peer-to-peer (P2P) systems. In an environment where peers' identity privacy is important, it may conflict with trustworthiness that is based on the knowledge related to the peer's identity, while identity privacy is usually achieved by hiding such knowledge. A trust model based on trusted computing (TC) technology was proposed to enhance the identity privacy of peers during the trustworthiness evaluation process between peers from different groups. The simulation results show that, the model can be implemented in an efficient way, and when the degree of anonymity within group (DAWG) is up to 0.6 and the percentage of malicious peers is up to 70%7 the service selection failure rate is less than 0.15.
基金Supported by the National Natural Science Foundation of China(61303024)the Natural Science Foundation of Hubei Province(2013CFB441)+1 种基金the Foundation of Science and Technology on Information Assurance Laboratory(KJ-13-106)the Natural Science Foundation of Jiangsu Province(BK20130372)
文摘Varieties of trusted computing products usually follow the mechanism of liner-style chain of trust according to the specifications of TCG.The distinct advantage is that the compatibility with the existing computing platform is preferable,while the shortcomings are obvious simultaneously.A new star-style trust model with the ability of data recovery is proposed in this paper.The model can enhance the hardware-based root of trust in platform measurement,reduce the loss of trust during transfer process,extend the border of trust flexibly,and have the ability of data backup and recovery.The security and reliability of system is much more improved.It is proved that the star-style trust model is much better than the liner-style trust model in trust transfer and boundary extending etc.using formal methods in this paper.We illuminate the design and implementation of a kind of trusted PDA acting on star-style trust model.
文摘To improve the accuracy of node trust evaluation in a distributed network, a trust model based on the experience of individuals is proposed, which establishes a new trust assessment system by introducing the experience factor and the comparative experience factor. The new evaluation system considers the differences between individuals and interactive histories between nodes, which solves the problem that nodes have inaccurate assessments due to the asymmetry of nodes to a certain extent. The algorithm analysis indicates that the new model uses different deviating values of tolerance evaluation for different individuals and uses different updating values embodying node individuation when updating feedback credibility of individuals, which evaluates the trust value more reasonably and more accurately. In addition, the proposed algorithm can be used in various trust models and has a good scalability.
基金supported by National Key R&D Program of China (2019YFB2102303)National Natural Science Foundation of China (NSFC61971014,NSFC11675199)+2 种基金Beijing Postdoctoral Research Foundation (2021-ZZ-079)Young Backbone Teacher Training Program of Henan Colleges and Universities (2021GGJS170)Henan Province Higher Education Key Research Project (23B520014)。
文摘The core missions of IoT are to sense data,transmit data and give feedback to the real world based on the calculation of the sensed data.The trust of sensing source data and transmission network is extremely important to IoT security.5G-IoT with its low latency,wide connectivity and high-speed transmission extends the business scenarios of IoT,yet it also brings new challenges to trust proof solutions of IoT.Currently,there is a lack of efficient and reliable trust proof solutions for massive dynamically connected nodes,while the existing solutions have high computational complexity and can't adapt to time-sensitive services in 5G-IoT scenarios.In order to solve the above problems,this paper proposes an adaptive multi-dimensional trust proof solution.Firstly,the static and dynamic attributes of sensing nodes are metricized,and the historical interaction as well as the recommendation information are combined with the comprehensive metric of sensing nodes,and a multi-dimensional fine-grained trusted metric model is established in this paper.Then,based on the comprehensive metrics,the sensing nodes are logically grouped and assigned with service levels to achieve the screening and isolation of malicious nodes.At the same time,the proposed solution reduces the energy consumption of the metric process and optimizes the impact of real-time metrics on the interaction latency.Simulation experiments show that the solution can accurately and efficiently identify malicious nodes and effectively guarantee the safe and trustworthy operation of 5G-IoT nodes,while having a small impact on the latency of the 5G network.
基金ACKNOWLEDGEMENT This paper is supported by the Opening Project of State Key Laboratory for Novel Software Technology of Nanjing University, China (Grant No.KFKT2012B25) and National Science Foundation of China (Grant No.61303263).
文摘As a new computing mode,cloud computing can provide users with virtualized and scalable web services,which faced with serious security challenges,however.Access control is one of the most important measures to ensure the security of cloud computing.But applying traditional access control model into the Cloud directly could not solve the uncertainty and vulnerability caused by the open conditions of cloud computing.In cloud computing environment,only when the security and reliability of both interaction parties are ensured,data security can be effectively guaranteed during interactions between users and the Cloud.Therefore,building a mutual trust relationship between users and cloud platform is the key to implement new kinds of access control method in cloud computing environment.Combining with Trust Management(TM),a mutual trust based access control(MTBAC) model is proposed in this paper.MTBAC model take both user's behavior trust and cloud services node's credibility into consideration.Trust relationships between users and cloud service nodes are established by mutual trust mechanism.Security problems of access control are solved by implementing MTBAC model into cloud computing environment.Simulation experiments show that MTBAC model can guarantee the interaction between users and cloud service nodes.
文摘Based on fuzzy set theory, a fuzzy trust model is established by using membership function to describe the fuzziness of trust. The trust vectors of subjective trust are obtained based on a mathematical model of fuzzy synthetic evaluation. Considering the complicated and changeable relationships between various subjects, the multi-level mathematical model of fuzzy synthetic evaluation is introduced. An example of a two-level fuzzy synthetic evaluation model confirms the feasibility of the multi-level fuzzy synthesis evaluation model. The proposed fuzzy model for trust evaluation may provide a promising method for research of trust model in open networks.
基金This research work was supported by the National Natural Science Foundation of China(Grant No.61762031)Guangxi Key Research and Development Plan(No.2017AB51024)Guangxi key Laboratory of Embedded Technology and Intelligent System,Guangxi Fundamental Laboratory for Embedded Technology and Intelligent Systems.
文摘Container virtual technology aims to provide program independence and resource sharing.The container enables flexible cloud service.Compared with traditional virtualization,traditional virtual machines have difficulty in resource and expense requirements.The container technology has the advantages of smaller size,faster migration,lower resource overhead,and higher utilization.Within container-based cloud environment,services can adopt multi-target nodes.This paper reports research results to improve the traditional trust model with consideration of cooperation effects.Cooperation trust means that in a container-based cloud environment,services can be divided into multiple containers for different container nodes.When multiple target nodes work for one service at the same time,these nodes are in a cooperation state.When multi-target nodes cooperate to complete the service,the target nodes evaluate each other.The calculation of cooperation trust evaluation is used to update the degree of comprehensive trust.Experimental simulation results show that the cooperation trust evaluation can help solving the trust problem in the container-based cloud environment and can improve the success rate of following cooperation.
基金This work was supported in part by the National Key R&D Program of China under Grant 2020YFA0711301in part by the National Natural Science Foundation of China under Grant 61922049,and Grant 61941104in part by the Tsinghua University-China Mobile Communications Group Company Ltd.,Joint Institute.
文摘With the rapid development of the sixth generation(6G)network and Internet of Things(IoT),it has become extremely challenging to efficiently detect and prevent the distributed denial of service(DDoS)attacks originating from IoT devices.In this paper we propose an innovative trust model for IoT devices to prevent potential DDoS attacks by evaluating their trustworthiness,which can be deployed in the access network of 6G IoT.Based on historical communication behaviors,this model combines spatial trust and temporal trust values to comprehensively characterize the normal behavior patterns of IoT devices,thereby effectively distinguishing attack traffic.Experimental results show that the proposed method can efficiently distinguish normal traffic from DDoS traffic.Compared with the benchmark methods,our method has advantages in terms of both accuracy and efficiency in identifying attack flows.
文摘In big data of business service or transaction,it is impossible to provide entire information to both of services from cyber system,so some service providers made use of maliciously services to get more interests.Trust management is an effective solution to deal with these malicious actions.This paper gave a trust computing model based on service-recommendation in big data.This model takes into account difference of recommendation trust between familiar node and stranger node.Thus,to ensure accuracy of recommending trust computing,paper proposed a fine-granularity similarity computing method based on the similarity of service concept domain ontology.This model is more accurate in computing trust value of cyber service nodes and prevents better cheating and attacking of malicious service nodes.Experiment results illustrated our model is effective.
基金supported by National Natural Science Foundation of China (No.60873231)Research Fund for the Doctoral Program of Higher Education (No.20093223120001)+2 种基金Science and Technology Support Program of Jiangsu Province (No.BE2009158)Natural Science Fund of Higher Education of Jiangsu Province(No.09KJB520010)Special Fund for Fast Sharing of Science Paper in Net Era by CSTD (No.2009117)
文摘It is necessary to construct an effective trust model to build trust relationship between peers in peer-to-peer (P2P) network and enhance the security and reliability of P2P systems. The current trust models only focus on the consumers' evaluation to a transaction, which may be abused by malicious peers to exaggerate or slander the provider deliberately. In this paper, we propose a novel trust model based on mutual evaluation, called METrust, to suppress the peers' malicious behavior, such as dishonest evaluation and strategic attack. METrust considers the factors including mutual evaluation, similarity risk, time window, incentive, and punishment mechanism. The trust value is composed of the direct trust value and the recommendation trust value. In order to inhibit dishonest evaluation, both participants should give evaluation information based on peers' own experiences about the transaction while computing the direct trust value. In view of this, the mutual evaluation consistency factor and its time decay function are proposed. Besides, to reduce the risk of computing the recommendation trust based on the recommendations of friend peers, the similarity risk is introduced to measure the uncertainty of the similarity computing, while similarity is used to measure credibility. The experimental results show that METrust is effective, and it has advantages in the inhibition of the various malicious behaviors.
文摘Large-scale mobile social networks(MSNs)facilitate communications through mobile devices.The users of these networks can use mobile devices to access,share and distribute information.With the increasing number of users on social networks,the large volume of shared information and its propagation has created challenges for users.One of these challenges is whether users can trust one another.Trust can play an important role in users'decision making in social networks,so that,most people share their information based on their trust on others,or make decisions by relying on information provided by other users.However,considering the subjective and perceptive nature of the concept of trust,the mapping of trust in a computational model is one of the important issues in computing systeins of social networks.Moreover,in social networks,various communities may exist regarding the relationships between users.These connections and communities can affect trust among users and its complexity.In this paper,using user characteristics on social networks,a fuzzy clustering method is proposed and the trust between users in a cluster is computed using a computational model.Moreover,through the processes of combination,transition and aggregation of trust,the trust value is calculated between users who are not directly connected.Results show the high performance of the proposed trust inference method.
基金supported by National Key Basic Research Program(973 Program) under Grant No.2011CB302903National Natural Science Foundation under Grant No.60873231+1 种基金Key Program of Natural Science for Universities of Jiangsu Province under Grant No.10KJA510035Scientific Research Foundation of NJUPT under Grant No.NY209016,China
文摘In view of the security weakness in resisting the active attacks by malicious nodes in mobile ad hoc networks,the trust metric is introduced to defend those attacks by loading a trust model on the previously proposed Distance-Based LAR.The improved Secure Trust-based Location-Aided Routing algorithm utilizes direct trust and recommendation trust to prevent malicious nodes with low trust values from joining the forwarding.Simulation results reveal that ST-LAR can resist attacks by malicious nodes effectively;furthermore,it also achieves better performance than DBLAR in terms of average end-to-end delay,packet delivery success ratio and throughput.
基金supported in part by the National Science Foundation Project of P.R.China (No.61931001)the Fundamental Research Funds for the Central Universities under Grant (No.FRFAT-19-010)the Scientific and Technological Innovation Foundation of Foshan,USTB (No.BK20AF003)。
文摘Dispersed computing is a new resourcecentric computing paradigm.Due to its high degree of openness and decentralization,it is vulnerable to attacks,and security issues have become an important challenge hindering its development.The trust evaluation technology is of great significance to the reliable operation and security assurance of dispersed computing networks.In this paper,a dynamic Bayesian-based comprehensive trust evaluation model is proposed for dispersed computing environment.Specifically,in the calculation of direct trust,a logarithmic decay function and a sliding window are introduced to improve the timeliness.In the calculation of indirect trust,a random screening method based on sine function is designed,which excludes malicious nodes providing false reports and multiple malicious nodes colluding attacks.Finally,the comprehensive trust value is dynamically updated based on historical interactions,current interactions and momentary changes.Simulation experiments are introduced to verify the performance of the model.Compared with existing model,the proposed trust evaluation model performs better in terms of the detection rate of malicious nodes,the interaction success rate,and the computational cost.
文摘The mobile transient and sensor network’s routing algorithm detects available multi-hop paths between source and destination nodes.However,some methods are not as reliable or trustworthy as expected.Therefore,finding a reliable method is an important factor in improving communication security.For further enhancement of protected communication,we suggest a trust cluster based secure routing(TCSR)framework for wireless sensor network(WSN)using optimization algorithms.First,we introduce an efficient cluster formation using a modified tug of war optimization(MTWO)algorithm,which provides loadbalanced clusters for energy-efficient data transmission.Second,we illustrate the optimal head selection using multiple design constraints received signal strength,congestion rate,data loss rate,and throughput of the node.Those parameters are optimized by a butterfly optimal deep neural network(BO-DNN),which provides first-level security towards the selection of the best head node.Third,we utilize the lightweight signcryption to encrypt the data between two nodes during data transmission,which provides second-level security.The model provides an estimation of the trust level of each route to help a source node to select the most secure one.The nodes of the network improve reliability and security by maintaining the reliability component.Simulation results showed that the proposed scheme achieved 45.6%of delivery ratio.
基金the National Natural Science Foundation of China (60503020, 60503033, 60703086)the Natural Science Foundation of Jiangsu Province(BK2006094)+2 种基金the Opening Foundation of Jiangsu Key Labo-ratory of Computer Information Processing Technology in Soochow Univer-sity(KJS0714)the Research Foundation of Nanjing University of Posts and Telecommunications (NY207052,NY207082, NY207084)Microsoft Re-search Asia Internet Services Theme 2008
文摘Software systems in distributed environment are changing from a close and relatively static form, whose users are familiar with each other, to an open and highly dynamic mode, which can be visited by public. In such circumstance, trust evaluation model becomes focus of intense research at current time. Trust evaluation model establishes a management framework of trust relationship between entities, involving expression and measurement of trust, comprehensive calculation of direct trust value and recommended trust value, and recognition of malicious entities and recommendations. Based on the analysis of several typical trust evaluation models, the classification of trust evaluation ideas and modes is discussed, the questions existing in current research and the directions of future research are pointed out.
基金This paper was sponsored in part by Beijing Postdoctoral Research Foundation(No.2021-ZZ-077,No.2020-YJ-006)Chongqing Industrial Control System Security Situational Awareness Platform,2019 Industrial Internet Innovation and Development Project-Provincial Industrial Control System Security Situational Awareness Platform,Center for Research and Innovation in Software Engineering,School of Computer and Information Science(Southwest University,Chongqing 400175,China)Chongqing Graduate Education Teaching Reform Research Project(yjg203032).
文摘Smart city refers to the information system with Intemet of things and cloud computing as the core tec hnology and government management and industrial development as the core content,forming a large scale,heterogeneous and dynamic distributed Internet of things environment between different Internet of things.There is a wide demand for cooperation between equipment and management institutions in the smart city.Therefore,it is necessary to establish a trust mechanism to promote cooperation,and based on this,prevent data disorder caused by the interaction between honest terminals and malicious temminals.However,most of the existing research on trust mechanism is divorced from the Internet of things environment,and does not consider the characteristics of limited computing and storage capacity and large differences of Internet of hings devices,resuling in the fact that the research on abstract trust trust mechanism cannot be directly applied to the Internet of things;On the other hand,various threats to the Internet of things caused by security vulnerabilities such as collision attacks are not considered.Aiming at the security problems of cross domain trusted authentication of Intelligent City Internet of things terminals,a cross domain trust model(CDTM)based on self-authentication is proposed.Unlike most trust models,this model uses self-certified trust.The cross-domain process of internet of things(IoT)terminal can quickly establish a trust relationship with the current domain by providing its trust certificate stored in the previous domain interaction.At the same time,in order to alleviate the collision attack and improve the accuracy of trust evaluation,the overall trust value is calculated by comprehensively considering the quantity weight,time attenuation weight and similarity weight.Finally,the simulation results show that CDTM has good anti collusion attack ability.The success rate of malicious interaction will not increase significantly.Compared with other models,the resource consumption of our proposed model is significantly reduced.
文摘To keep open network more efficacious and secure, it is necessary that a nice trust model and method of trust management must be developed. The reason why traditional trust models are incomplete in their function to manage trust is explained, and a general model based on hybrid trust model and introducer protocol is provided. The hybrid model is more flexible and efficacious to manage trust compared with hierarchy model and Web model. The introducer protocol is a better solution to build, maintain and refresh the trust relationship in open network environment.
基金This work was partly supported by the Institute of Information&Communications Technology Planning&Evaluation(IITP)grant funded by the Korea Government(MSIT),(No.2020-0-00952,Development of 5G edge security technology for ensuring 5G+service stability and availability,50%)the Institute of Information and Communications Technology Planning and Evaluation(IITP)grant funded by the MSIT(Ministry of Science and ICT),Korea(No.IITP-2022-2020-0-01602,ITRC(Information Technology Research Center)support program,50%).
文摘Nowadays,with the significant growth of the mobile market,security issues on the Android Operation System have also become an urgent matter.Trusted execution environment(TEE)technologies are considered an option for satisfying the inviolable property by taking advantage of hardware security.However,for Android,TEE technologies still contain restrictions and limitations.The first issue is that non-original equipment manufacturer developers have limited access to the functionality of hardware-based TEE.Another issue of hardware-based TEE is the cross-platform problem.Since every mobile device supports different TEE vendors,it becomes an obstacle for developers to migrate their trusted applications to other Android devices.A software-based TEE solution is a potential approach that allows developers to customize,package and deliver the product efficiently.Motivated by that idea,this paper introduces a VTEE model,a software-based TEE solution,on Android devices.This research contributes to the analysis of the feasibility of using a virtualized TEE on Android devices by considering two metrics:computing performance and security.The experiment shows that the VTEE model can host other software-based TEE services and deliver various cryptography TEE functions on theAndroid environment.The security evaluation shows that adding the VTEE model to the existing Android does not addmore security issues to the traditional design.Overall,this paper shows applicable solutions to adjust the balance between computing performance and security.
基金supported by the National Natural Science Foundation of China(6140224161572260+3 种基金613730176157226161472192)the Scientific&Technological Support Project of Jiangsu Province(BE2015702)
文摘In the open network environment, malicious attacks to the trust model have become increasingly serious. Compared with single node attacks, collusion attacks do more harm to the trust model. To solve this problem, a collusion detector based on the GN algorithm for the trust evaluation model is proposed in the open Internet environment. By analyzing the behavioral characteristics of collusion groups, the concept of flatting is defined and the G-N community mining algorithm is used to divide suspicious communities. On this basis, a collusion community detector method is proposed based on the breaking strength of suspicious communities. Simulation results show that the model has high recognition accuracy in identifying collusion nodes, so as to effectively defend against malicious attacks of collusion nodes.
