The main design task is to discriminate between temporary errors and disguised malicious
behaviors in which the attacker cleverly behaves well and badly alternatively. Here describe a
new trust management and redemption scheme that can discriminate between temporary errors
and disguised malicious behaviors [1]. With help of a sliding window the behavior of nodes in
a system can be well analyzed thus according to the nature of behavior the node can be categorized as normal or malicious. The goals of the work are threefold [10]. The first goal is that
the source node detects On-off attack nodes by employing a new type of trust and management
scheme. The second goal is that the badly reputed node would have a second opportunity for
preventing the faulty detections. The last goal is that we design an efficient and flexible scheme
of the new management scheme.
Trust management schemes aim to improve collaboration between the entities in a distributed system by predicting future behaviors of peers based on their previous behaviors [11],
[12]. A trust management scheme typically does this using the following steps. First , Each
node observes and stores the neighbouring nodes behaviors. Second, each node collects and
stores the warnings or reports from other nodes about its neighbouring nodes [13] . Third, each
node calculates the trust based on the behavior information collected and stored for each neighbouring node. Last, based on the trust and the policies that use the trust, each node decides the
best node or group of nodes with which to collaborate. Trust redemption schemes fail to discriminate between an On-off attack and temporary errors, if attackers behaviour is good. Scope
of the topic is to detect and prevent on-off attacks in various systems or working organization
etc [14]. Here present a new efficient and flexible trust management scheme that detects and
defends against On-off attacks. Trust management framework relies on two key concepts-
• Predictability Trust
• Sliding Windows.
Jyothi Engineering College, Cheruthuruthy Dept. of CSE, May 2016
On-Off Attack Management Based on Trust 17
Figure 4.1: Framework
4.1.1 On- Off Attack
An attacker can attempt to disturb a trust management scheme by behaving well
and badly alternatively. This type of attack is referred to as an On-off attack. Most trust
schemes fail to effectively discriminate between an On-off attack and temporary errors
[9] . When the majority of the attackers behavior is good, it is difficult to identify. Therefore, an attacker may be able to remain active in the system by disguising the attacks as
temporary errors [8]. In general, if the node performs m good behaviors and n bad behaviors alternating, we refer to this as an mG-nB On-off attack. 4G-1B attack node means
the node behaves well four times and behaves badly one time alternatively. Attacking
model of On-Off attack is shown in following figure.
Jyothi Engineering College, Cheruthuruthy Dept. of CSE, May 2016
On-Off Attack Management Based on Trust 18
Figure 4.2: On -Off Attack Model
4.1.2 Predictability Trust
Here present a new efficient and flexible trust management scheme that detects and
defends against On-off attacks. Trust management framework relies on two key concepts:
Predictability Trust and Dynamic Sliding Windows. Predictability Trust helps to detect
On-off attacks [9]. It uses sliding windows (SWs) to keep track of previous behaviors
of node. Predictability trust can be computed as the ratio of good behavior to the total
behavior which is either good or bad. On-off attackes can not detected in a short time. It
will take a long time to collect enough evidence to mark a node as a malicious node and
the problem exists in many trust-based schemes. There are there are two ways to address
this problem. First way is to give more opportunities to low-trust nodes to act. The next
way is to adjust the method of evidence collection based on the predictability trust, using
the Sliding Windows.
4.1.3 Sliding Windows
The main aim of a Sliding Window is to keep track of the past behaviors of each
node. It will be good if observe the entire history of each node, but this is unattainable
when a system has limited storage and processor speed, Here implemented a Sliding
Windows to allow a certain number of behaviors to be stored for obtaining the trust. A
Sliding Window updates and stores the latest behavior history. When an event is observed
and if the SW is full, then the SW removes the oldest behavior from its memory and
then stores the latest behavior. Here use two types of SW in the trust computation as a
fixed sliding window for good behaviors (GBW) and a dynamic sliding window for bad
behaviors (BBW).
Jyothi Engineering College, Cheruthuruthy Dept. of CSE, May 2016
On-Off Attack Management Based on Trust 19
Figure 4.3: Sliding Window Architecture
4.1.4 Good Behavior Window
The aim of the GBW is to count the number of good behaviors among the most
recent behaviors. It stores both good and bad behaviors, but it counts only the good
behaviors.
4.1.5 Bad Behavior Window
Here more interested in the analysis of bad behaviors than the good behaviors because they are harmful to the system, and the primary aim of PT is to isolate malicious
nodes. However, to avoid problems in labeling nodes as malicious, need to be cautious
in discriminating the malicious nodes. For these reasons, here developed a BBW that
allows to observe more previous bad behaviors depending on the current trust value. So
that whenever as trust decreases the size of BBW increases. The BBW stores good behaviors and bad behaviors, but counts only the bad behaviors. The size of the window
changes dynamically as the trust of the node changes, and a system designer has ability
to set a maximum window size for the BBW.
4.2 Secure Adaptive Routing Protocols
Trust evaluations can also be disrupted. When a node monitors the forwarding performance of its neighbouring node, network fault may cause the packets to be lost on
their way to the monitoring node even if the all of the packets were successfully delivered to the forwarding node. An indirect observation can be disrupted by bad mouthing.
An attack node may frame other normal nodes to make them look like malicious nodes,
Jyothi Engineering College, Cheruthuruthy Dept. of CSE, May 2016
On-Off Attack Management Based on Trust 20
or may recover the trust of a malicious node by reporting false praises. To avoid faulty
detections, direct observation can employ a trust redemption scheme, and indirect evaluation minimizes the influences of the warning messages or reports [15] .SARP is a trust
evaluation mechanism that can adapt to dynamic changes in the trust values of nodes
in the network to route data from a source to a destination and enhance the security by
defending with attacks [16].
SARP helps to choose the most trusted node among neighboring nodes to route
data through towards the nodes [1] . The mechanism can be applicable to various routing
schemes. The working principle is based on trust. The Good behaviours (GBs) and the
Bad behaviours (BBs) are accumulated to two variables for each trust. The ratio of these
values provide the trust factor. For instance, we can consider the Forwarding Trust, which
evaluates a node on how well it forwards packets [10] . If we assume that the source node
recognized a neighbour node forwarded 7 packets out of 10 packets sent, the How Good
is 7, and the How Bad is 3.