SECURITY BREACHES IN TRUST MANAGEMENT SCHEMES IN MOBILE AD-HOC NETWORKS.

. In MANET, a malicious node can cause significant data damage and adversely influence the quality of the data. Thus, trust level analysis of a device can impact the certainty with which a device conducts data exchange with other device. The uncertainty and incompleteness of the trust evidence can be derived due to the dynamic characteristics of MANET. This paper is intended to pioneer the benefits of trust in MANET, investigate the various trust management schemes developed for MANET putting forward the summary of these techniques and the vulnerabilities associated with the trust management. The paper highlights the potential attacks and their impact on trust management in MANET.

A Mobile Ad-Hoc Network allows distributed decision making by letting every node to take part in a routing decision. In this decision making the trust can play an important role. Establishing a trust among nodes is considered to be an influential tool to protect the wireless network. The nodes in the network can communicate with each other by building an acceptable level of trust relationships among themselves. But the trust management schemes themselves can be vulnerable to attacks. Trust Propagation and trust management in order to establish a trust, update a trust and revocation the trust is more challenging in a resource constrained MANET as compared to other traditional communication networks due to the dynamic topology change, mobility, conditions of propagation channels. In MANET, a malicious node can cause significant data damage and adversely influence the quality of the data. Thus, trust level analysis of a device can impact the certainty with which a device conducts data exchange with other device. The uncertainty and incompleteness of the trust evidence can be derived due to the dynamic characteristics of MANET. This paper is intended to pioneer the benefits of trust in MANET, investigate the various trust management schemes developed for MANET putting forward the summary of these techniques and the vulnerabilities associated with the trust management. The paper highlights the potential attacks and their impact on trust management in MANET.

…………………………………………………………………………………………………….... Introduction:-
Mobile Ad-Hoc Network (MANET) is a resource constrained network. The devices are mobile and having limited bandwidth, computing power, memory. Besides this the network is having dynamic characteristics such as dynamic topology change, node failure, node mobility. Due to these characteristics, designing a security protocol is a challenging task in MANET for the security protocol Designers. Trust plays an important role to provide security to the network. Establishing a trust among nodes is considered to be an influential tool to protect the wireless network.

ISSN: 2320-5407
Int. J. Adv. Res. 5 (6), 405-412 406 The nodes in the network can communicate with each other by building an acceptable level of trust relationships among themselves. The notion of "Trust" initially gain attention from the social sciences and is delineated as the measure of belief about the behaviors of an independent entity. Blaze et al. [9] initially define the "Trust Management" and recognized it as a component of security in networks. There is a requirement of Trust propagation and management in MANETs is required whenever a node wants to interact with another node, and there is no previous interaction with that node. Initially the nodes formed a network with an adequate level of trust relationships among themselves. The trust management plays a significant role in many situations where decision has to take such as ensuring authentication, providing access control [ 28,45], and effective routing [22,30]. The tasks involved in the Trust management are forming of trust level, propagating and updating the trust, and trust revocation. Managing & propagating the trust is more exigent task in MANET than in the networks having centralized environment. Node"s mobility and dynamic change in the network affects the collection and propagation of trust information. In another case, due to the constraints of resources, the computation of the trust is based only on local information leads to the fact that establishing the trust can be relied on deficient and inaccurate information [11]. So the main aim of this paper is to study the vulnerabilities associated with the trust management in MANET. The paper is intended to define the trust in the wireless communication, to study the present techniques for trust management intended for MANETs, and to analyze the vulnerabilities that are associated with these techniques.
The paper is dividing in to 5 sections. In Section 2, trust is defined in context with wireless communication. Section 3 is presenting the various trust management schemes and the section 4 is analyzing the possible attacks that can breach the security. Section 5 is concluding the paper and presenting future directions.

Trust in Context of Wireless Communication:-
The trust can be defined in a different way in different fields. The section is presenting how a trust can be applied in a field of wireless communication.

Trust:-
There are multiple definitions of trust [13,19,49,31]. In context of wireless networks Eschenauer et al. [11] defines the trust as "a set of relations among entities that participate in a protocol. These relations are based on the evidence generated by the previous interactions of entities within a protocol. In general, if the interactions have been faithful to the protocol, then trust will accumulate between these entities." Trust can also be described as the degree of belief about the actions of other nodes.
All the data regarding the trust relationships is stored in a trust record. Relationship is set between two entities for a specific act. One entity builds a trust on another entity to perform an action. The first entity is considered as the subject and the second entity as the agent. Trust relationship can be represented by a notation: {subject: agent, action}. The level of trust is represented by the trust values associated with these trust relationship. The trust can be of two types: First, subject builds a direct trust after observing the behavior of the agent. Direct Trust is built if the interaction between the subject and the agents are successful. And second, when the subject has no direct relationship with the agent and the subject builds a trust on agent by getting the recommendations from other entities, called the indirect trust.
Direct trust is measured by beta distribution function [2] as: DT= s/(s+f) Where"s" is number of successful interactions between subject and the agent and "f" is number of failed interactions. Indirect Trust is building a trust using third parties. For example, if A has established trust on B and B trusts C, and then indirectly A builds a trust on C to a certain degree upon the recommendation of B. This phenomenon is called trust propagation. The propagation path can be single hop A-B-C or it can be multiple hops A-B-X-Y---C. It depend on the trust model how we calculate the indirect trust.
407 Figure 1:-Relationship between trust blocks. Properties of Trust:-Three major properties of trust are subject by Golbeck [15]: transitivity, asymmetry, and personalization. Transitivity: First property says that the trust is not completely transitive in terms of mathematical logic. It says if A has established a trust on B and B has trust on A then it is not guaranteed that A has trust on C. Asymmetry: Second property says that trust is not necessarily symmetric. It means trust is not identical to each other. This can be understood through the example of a trust relationship between a manager and an employee. A manager trusts an employee but it is not necessary that employee also trusts manager. Personalization: Third property says that trust is inherently a personal opinion. The two entities can have different trust opinion on a particular entity.

Characteristics of Trust in MANETs:-
Trust can be characterized carefully in MANET due to its dynamic nature, unique and the inborn unreliability of the wireless medium. The main Characteristics of can be defines as [2,10,11,23,39]: 1. Trust evaluation method to build a trust against an entity should be fully distributed because there is no centralized entity in MANET. 2. Due to the resource constraints in MANET, the Trust should be evaluated without putting excessive computation and communication load. 3. The trust computation should not assume that the nodes will always be cooperative. The cooperation in MANET is not always necessary. In a resource constrained environment, nodes can acts selfishly in order to save the resources like battery and computation power. 4. Trust is not static, can change over time. 5. Trust is subjective. 6. Trust is context-dependent. A may trust B as a programmer but not as a designer. Like in MANETs, A having high computational power can be trusted by B because the task requires high computational power, while C having low computational power but not malicious can be distrusted.

Trust Management in MANET:-
This section is presenting the current techniques for trust management developed for MANET environments. Some of the trust management techniques have been proposed in order to present a general structure for distribution of trust evidence and trust evaluation in MANETs. Jiang and Baras [40] proposed an approach named ABED (Ant-Based trust Evidence Distribution) for trust distribution. The approach is based on highly distributed swarm intelligence model. The swarm intelligence concept is extensively used in the optimization problems that are dynamic in nature. (e.g. routing in wireless communication). The key principle behind the concept is stigmergy i.e. communicating indirectly through the environment. In ABED, the nodes can find the optimal path for gathering the trust evidence with the help of the information deposited by agents called "ants"" But the scheme does not consider any specific attacks.
Theodorakopoulos and Baras [41] proposed a technique for assessment of trust evidence in MANETs. The assessment procedure is formed as a path problem in a directed graph where nodes and trust relationships among them are represented by entities and edges. The theory of Semirings is used to depict how the trust can be established between without previous direct interactions. GP web of trust is used to depict a trust model based on Recently Buckerche and Ren [42] proposed a scheme for distributed reputation evaluation named GRE (Generalized Reputation Evaluation) to efficiently avert the malevolent nodes from entering the trusted network. However, no specific attack model was addressed.
Marti et al [43] introduced an approach reputation-based trust management based on a watchdog that observes the node"s actions and a route that gather reputation and get reply actions (e.g. finding malicious nodes as an outcome of misbehavior detection).
Michiardi et al [44] have given the proposal of a scheme named CORE (Collaborative Reputation) having a monitoring method with a reputation functionality that distinguish among direct reputation, indirect reputation, and functional reputation. The approach is built to formulate decision about consideration or separation of a node. He et al. [45] introduced a trust management method based on trust management using an incentive mechanism, called SORI (Secure and Objective Reputation-based Incentive). This method support packet forwarding and discourage selfish behaviors based on quantified objective measures and reputation propagation by a one-way hash chain based authentication.
Nekkanti and Lee [46] extended AODV (Ad-hoc On-demand Distance Vector) by introducing trust aspect and security level at every node. In traditional AODV, routing information is encrypted which leads to huge overheads; the scheme use different stages of encryption based on the trust factor of a node, thus overhead is reduced.
Li et al. [47] also extended AODV and implemented a trust model to protect against malicious behaviors of nodes. In this scheme trust is represented as opinion. The opinion reflects the characteristics of trust in MANETs, particularly dynamicity.

Vulnerabilities Associated With Trust Management in MANET:-
Trust computation plays an important role in decision making, thus Trust evaluation, propagation and management playa are the major intention for the attackers. The section is analyzing vulnerabilities that are associated with attack then specifying the trust management schemes vulnerable to these attacks. 1. Denial of service attack (DOS): In order to consume the huge quantity of computing resources, the attacker sends large number of trust recommendation [53]. Thus as a result the target node enables to compute the trust value. 2. Bad mouthing attack (BMA): In Bad Mouthing attack, an intruder node give dishonest recommendations about the particular node and thus makes that node distrusted [54]. 3. On-off attack (OOA): In this type of attacks, the malicious nodes act good and bad alternatively, in order to remain unnoticed while causing harms to the other nodes [55]. 4. Conflicting behavior attack (CBA): In this attack, malevolent nodes act in a different way towards different nodes. The nodes can act inconsistently in different user domain causing confusion to the trust evaluation system. For example, a node can behave well with one group of nodes and badly with another group of nodes [56]. 5. Sybil attack (SA): In this attack a malevolent entity forms many fake IDs. These IDs take the blame of being malicious, al malevolent node remains undetected [57], [58]. If the centralized entity is not there for authorization then it is easy to introduce Sybil attack in the network [59]. 6. Camouflage attack (CA): In this attack, the malicious entity behave as per the majority entity and build trust.
When they build enough trust, then they behave badly for specific tasks. 7. Collusion attack (CoA): In this attack, two or three malicious nodes can collaboratively give bad recommendation about the honest nodes and thus make the node distrusted. 8. Newcomer attacks (NCA): In the Newcomer attack, the intruder abscond the network and connect for a second time to wash out the prior corrupt record and to gain new trust [60].
The above mentioned vulnerabilities are associated with the trust management schemes. The table 1 is describing the trust management techniques and the vulnerable situation that these techniques not cater. The table is concluding that the trust management schemes in applicable in MANET are vulnerable to various security attacks. Although the schemes are securing the networks against some of the attacks but the application of these scheme also vulnerable to the various security breaches.

Conclusion:-
Trust management is a stimulating field of research. The eminent researcher"s work moving around trust indicates its importance in MANET. Trust as a paradigm has an extensive variety of applications. The Main aim of this paper is to endow with MANETs designers with different perspectives of trust, its various properties and characteristics. The paper was started with the definition of trust in context with the wireless communication. Then, it presented the various existing trust evaluation and trust management schemes. And the analysis is done covering the vulnerabilities associated with trust management schemes. And during the analysis it was found that the trust management schemes are vulnerable to many attacks that can be considered in future to work upon. There are schemes that cater some of the attacks. But a complete solution is missing to provide a strong secure system.