A Credible Routing Based on a Novel Trust Mechanism in Ad Hoc Networks

Many existing routing protocols in Mobile Ad hoc Networks (MANETs) focus on finding paths in dynamic networks without considering security. In this paper, we propose a trust model which evaluates neighbours' direct trust by factors of encounter time, mobility, and successful cooperation frequency. The revised D-S evidence theory is used to combine multiple recommended pieces of evidence and obtain the recommended trust value. Then based on the novel trust mechanism, we propose a trusted routing protocol named TDS-AODV protocol by extending the AODV protocol. In this protocol, a node makes a routing decision according to the trust values of its neighbour nodes. Finally, two routes are built: the main route with highest route trust value in the candidate routes and a backup route. Simulation results reveal that TDS-AODV can eliminate malicious nodes effectively when building the route; furthermore, it also achieves better performance than TAODV and AODV in terms of throughput, packet delivery ratio, and average end to end delay.


Introduction
The past decade has witnessed tremendous research efforts devoted to Mobile Ad hoc Networks (MANETs).MANETs are temporary autonomous systems with the special characteristics of dynamic network topology, limited computational abilities, and continuously changing scale.Due to its flexibility, a MANET is attractive for applications, such as disaster relief, military service, and robot networks [1].However, this flexibility also causes security problems.Routing security is one of the challenging issues in current research.
Traditional MANET routing protocols, such as destination-sequenced distance vector routing (DSDV) [2], dynamic source routing (DSR) [3], and ad hoc on-demand distance vector routing (AODV) [4], assume that all nodes in the network work in a benevolent manner and no predefined trust exists between communication partners.However, the fact is that malicious behavior among nodes exists; for example, selfish nodes deny relaying the packets of other nodes, and malicious nodes perform impersonation, fabrication, or modification attacks against the network traffic [5].Hence, it is necessary to incorporate security mechanisms into MANET routing protocols to mitigate the impairment from malicious nodes.However, the security mechanism basing on the traditional cryptosystem is used to resist external attacks, but it cannot effectively solve the internal attacks by malicious nodes [6].Therefore, the trust mechanism which is considered to be an effective measure to solve those questions has recently been studied.
In our trust mechanism, the successful cooperation frequency factor is considered in direct trust evaluation to guarantee the security of network.It is calculated according to its accumulated observations using the Bayesian inference which adopts Beta distribution.Unlike most trust mechanisms [7][8][9][10][11][12] that focus on trust evaluation without considering performance of the network, we take other two factors (factors of encounter time and mobility) into account.A good network performance can help save nodes' limited resources and prolong the network lifetime, which is very important in MANET.The network topology in MANET is dynamic; hence, the next hop of a node may not be its next hop the next moment.To create a relatively stable network topology as much as possible, we propose two factors, nodes' average encounter time and mobility, when calculating nodes' direct trust value.The two factors make the trust mechanism more suitable for resource-restricted MANET.D-S evidence International Journal of Distributed Sensor Networks theory, which was first introduced by statistician of Dempster [13] and extended by Shafer [14], is used to calculate direct trust value, integrate indirect evidence, and obtain the overall trust value.We choose D-S evidence here because it does well in dealing with the uncertainty of trust value.
Based on the novel trust mechanism, we put forward a trusted routing protocol, by extending the AODV protocol in MANETs, TDS-AODV for short.In this protocol, a node evaluates its neighbours' trust value according to the trust model and selects reliable nodes as its next-hop nodes.A source can establish multiple reliable paths to a destination in one route discovery process.We consider the number of hops as well as the trust value of paths to the destination.A destination will respond with three shortest paths as candidates and the path trust will be calculated during the process of Route Reply () Message delivery.The one with maximum path trust will be selected as the forwarding route and the second reliable one will be regarded as the backup route.We perform some simulations to compare the performance of TAODV, AODV, and TDS-AODV on Matlab platform.Simulation results show that our method is practical to detect malicious nodes and outperform TAODV and AODV in throughput, packet delivery ratio, and average end to end delay.
The rest of this paper is organized as follows.Section 2 summarizes the related work on trust evaluation and trustbased routing protocols.Section 3 presents the novel trust evaluation mechanism.Section 4 describes TDS-AODV in detail.Section 5 provides the simulation studies.Finally, we conclude this paper in Section 6.

Related Works
Researchers are becoming more and more interested in integrating trust into a MANET and have proposed numerous works.In this section, we first focus our attention on trust evaluation models in MANETs and then discuss the trust based routing protocols in MANETs.

Trust Evaluation.
Peng et al. [7] assessed the subjective trust of nodes through the Bayesian method, but they were not able to detect dishonest recommendations.Zouridaki et al. [8] chose to determine the node trustworthiness with respect to reliable packet forwarding by combining first-hand trust and second-hand trust information.However, the trust calculation in unsupervised ad hoc environment involved complex aspects such as availability and mobility.besides packet forwarding.Omar et al. [9] sought to establish a fully distributed trust model based on trust graphs and threshold cryptography.
At present, most of the trust evaluation literatures ignore the uncertainty of trust value.To deal with this problem, some researchers [10][11][12] resort to D-S evidence theory.D-S evidence theory has the capacity of expressing directly for "uncertain, " which makes it suitable to calculate the trust value in MANETs.Xie et al. [10] proposed a trust model for MANETs based on D-S evidence theory.The model can be a good solution for the combination of pieces of evidence, but it failed in addressing the issues concerning conflicting recommendation pieces of evidence.In this paper, we adopt the revised D-S combination rule which includes a consistent intensity to calculate nodes' trust value.[15] introduced the trust metric which depended on network traffic statistics to evaluate the trust and then loaded the trust model on the previously proposed distance-based locationaided routing (LAR).The algorithm utilized direct trust and recommendation trust to prevent malicious nodes from joining the forwarding.Li et al. [16] built a simple trust model to evaluate neighbours' behaviours forwarding packets and proposed a trust-based reactive multipath routing protocol extending from AODV.Peng et al. [17] incorporated a new dynamic trust mechanism which was based on multiple constraints and collaborative filtering into the extending DSR.Narula et al. [18] selected soft encryption systems and implemented them in conjunction with a trust-based reputation system and a multipath routing to provide a secure routing scheme.The implementation of this trustbased approach using DSR was then discussed.Sirotheau and Sousa [19] proposed an evaluation mechanism that aimed to mitigate routing misbehavior and other network failures.Four attributes of the routes were considered: level of activity, trust, mobility, and number of hops.

Trust-Based Routing Protocols. Wang and Wu
When transmitting a packet to a given destination, a node may have two routes: one is short but incredible while the other is long but credible.One of our main aims is to design a rational strategy which involves both hop counts and trust values in making decisions.The detailed implementation of our scheme is a secure extension of the AODV.Because of its ability to cope with network dynamic changes and repair broken links in routes, AODV is one of the promising protocols for deployment in a MANET.

Trust Model Based on D-S Evidence Theory
Trust model essentially performs trust derivation, computation, and application [20].Trust applications including trustbased route discovery and route selection will be discussed in the next section.
The difference between Belief and Plausibility is referred to as Belief Interval.It is represented by the range of maximum uncertainty.The relationship of Belief and Plausibility is shown in Figure 1.

Trust Factors.
The definition of "Trust" in this paper refers to the confidence that node  has on node  about the ability to forward packets successfully.Nodes tend to select the neighbour that has higher trust value as the intermediate node.In general, the trust between nodes only has some connection with malicious behaviors; however, we should consider more factors that depend on the interactions between neighbour nodes in a MANET due to its flexibility.

Factor of Average
Encounter Time  , .The concept of average encounter time does well in quantifying node's encounter history record.Encounter means that two nodes enter each other's wireless transmission range.The larger the ACF , is, the more possibly node  chooses node  as the next hop.The ACF , during period  is calculated by the following equation If two nodes enter each other's wireless transmission range  , = 1, else  , = 0.For example, in Figure 2, node  and node  encounter three times during period ; the ACF , is: Once node  behaves badly,  , will increase and SCF , will decrease, which leads to the decrease of the possibility that node  chooses node  as the next hop.
where 0 <   < 1,  = 1,2,3,   are determined by specific application environment, usually as security is more important.Furthermore, the direct trust value is recalculated in accordance with history records.Assuming the direct trust value of latest cycle is HDT , , the update of direct trust value is calculated as follows: where DT , is the direct trust value of subject node  on object node  in current cycle, parameter  is the adaptive time factor used to weigh history experience against current information.To keep  preferably dynamic characteristic, it is satisfied as where 0 <   <   < 1, the parameter   , ({}) and   , ({}) represent the trust components of CDT , and HDT , , respectively.

Recommendation Trust Evaluation
3.4.1.Trust Transitivity.Suppose the recommended trust value of node  on node  can be obtained through  different paths, and the number of recommendation paths  depends on nodes' distribution and communication radius.In order to avoid trust recycle recursion and decrease network communication payload, the recommendation values are confined to direct trust value of the common neighbours owned by both node  and node .As shown in Figure 3, node  can get the trust recommendation of node  from  1 ,  2 ,  3 , . . .,   .
RT 1 , denotes the recommended trust value of node  on node  through recommendation path pt1 = {1}.The vector forms of RT 1  , , DT , 1 , DT  1 , are as follows: Let us set Θ = {{}, {, −}, {−}}, ,  and  ⊆ Θ.Then, the RT 1 , is calculated as follows: Using the symbol ⊗ to denote this operation, we get To vividly show the process of trust transitivity, we resort to Figure 4.It is obvious to see that as long as one of DT , 1 and DT  1 , is distrust, then RT 1 , is distrust.Extending the above transitivity to multihop, we can get recommended trust through complex recommendation paths with many middle nodes where the symbol • indicates anonymous nodes in recommendation path.
Then, node  would aggregate these pieces of evidence to get a consensus on node .Due to the existence of malicious nodes that may offer false recommendation, we introduce the revised D-S combination rule which adopts a consistent intensity to adjust weights of recommended trust values.The integration process is described in detail as follows.
Firstly, we compute the corresponding average weight denoted as   .The consistent intensity between RT  , and RT V , is defined as follows [21]: where , ⟩ is the inner product of ⃗  V , and ⃗   , .The difference between two pieces of recommended trust evidence increases with the reduction of consistent intensity.The lower the consistent intensity is, the more probably false trust recommendation may occur.
Furthermore, the matrix of consistent intensity composed of all the recommended trust values is defined as follows: Through summation in row and normalization, the totally consistent intensity of recommended trust RT  , , which is equal to the average weight   , is computed by Then, the basic reliability function  of every recommended trust evidence is amended by   as follows: Next, we apply the amended basic trust reliability function  to D-S combination rule.Assume that Bel 1 and Bel 2 are two trust degree functions that are on the same identification frame Ω; their basic reliability degree functions are  1 and  2 .And , the basic trust reliability function of Bel, can be expressed as follows: where ⊕ is called "Direct Sum, " representing the combinatorial operation between pieces of evidence.Extending to  independent pieces of evidence which belongs to the same identification frame Ω, we can get At last, the consistent recommended trust RT  , is obtained.

Overall Trust Value
Algorithm 1 shows the process that subject node  judges whether node  is "Trust", "Distrust" or "Uncertain".The threshold values  and  are determined by specific application environment; here, we define  = 0.4 and  = 0.1.If the trust component is the biggest and the uncertain component is smaller than , node  regards node  as "Trust." If the distrust component is the biggest and the uncertain component is smaller than , node  regards node  as "Distrust." Otherwise, node  regards node  as "Uncertain".

Trust-Based Routing Protocol
In this section, we extend the AODV protocol to which can establish trusted route with minimum hops and maximum International Journal of Distributed Sensor Networks (1)  path trust based on trust mechanism denoted by TDS-AODV.The differences between AODV and TDS-AODV are listed as follows.
(1) We append the model of trust computation and fields including ACF , , MOL , , SCF , , and OT , in the neighbour table of each node.(2) Every node maintains a local black list.
(3) We append  route field in the route reply message and  route denotes the accumulated route trust.
(4) We set backup route to avoid initiating the route discovery frequently.

Route Discovery.
During the process of route discovery, when node  chooses another node  to forward a packet, node  may suffer some attacks from node , such as black hole attack.Thus, it is important to choose a reliable next hop node.The process of judging whether node  can be the next hop of node  is as follows.
Step 1. Node  checks whether it has the trust value of node  (OT , ); if it has, turn to Step 5, else turn to Step 2.
Step 2. Node  computes  , according to ( 6)-( 8) and broadcasts a   message to the common neighbours denoted as node .
Step 5. Whether node  is reliable can be estimated using Algorithm 1.If node  is trusted, node  will update OT , and regards node  as its credible next hop node, else node  will not choose node  to transmit packets and move node  into its local black list as a malicious node.
Once a node is in a black list, it will neither receive packets from its neighbour nor have its packets forwarded.That is, a malicious node in a black list is excluded by its neighbours.
When a node exists in the black lists of all its neighbours, it will be excluded from the local network.
Sending packets by the trusted route will decrease the probability of malicious attacks and improve the survivability of MANETs.We evaluate the trustworthiness of a route by the trust value of nodes along the route, denoted by  route [16]  route = ∏  , ({}) , where   and   are any two adjacent nodes among the route;   is the destination node in the route;   →   means that   is the next hop node of   ;   ̸ =   means that the destination node   should not forward the packets for itself and  , ({}) is not used to calculate the path trust to node   .
In our trusted routing mechanism, the route discovery includes three processes: (i) Route Request () Message Delivery; (ii) Route Reply () Message Delivery; and (iii) route selection.
When the source node  needs to send data to the destination node , it first checks whether there is a feasible path found between  and .If so,  sends the data to ; otherwise,  will broadcast a  to start a route discovery.
When any reliable intermediate node  whose authentication process was discussed before receives a  packet from a neighbour , it deals with the request according to the following steps.
Step 1.It checks whether one copy of the same  has been received according to the .If so and the later copy has greater , the  will be discarded and the procedure ends; otherwise, go to Step 2. Step 2. If node  is not the source, node  creates a reverse route to  using the previous hop (node ) of the  as the next hop.
Step 3.  checks whether there is a valid route to the destination.If so and the  of the route is greater than that in the ,  unicasts a Route Replay () message to  via  through the reverse route; otherwise, go to Step 4.
Step 4.  increases  by one and propagates the  to all its neighbours.
The pseudocode of the  is shown in Algorithm 2.

𝑅𝑅𝐸𝑃
Delivery.An  packet contains the following information: ⟨, , , , , , ℎ⟩.When  receives the  packet, it deals with the request according to the following steps.
Step 1.If it is the first time for  to receive a  packet, then  sets a timer window   and records the route of  in its cache and go to Step 6, otherwise go to Step 2.
Step 2. If   expires, it discards the follow-up  packets, otherwise go to Step 3.
Step 3. If there are less than three routes in the cache of , then add the new route in its cache and go to Step 6, otherwise go to Step 4.
Step 4.  compares the hop count of the new route with that of the route which owns the maximum hop count in its cache (denoted as route ).If the former is more than or equal to the latter,  discards the new , otherwise turn to Step 5.
Step 5.  uses the new route to substitute route  and then turns to Step 6.
Step 6.  sets  route and then unicasts the  packets with  route to the intermediate node.
After receiving a  packet, the intermediate node computes  route according to (21) and updates the field of  route then it forwards the  packet with  route .The pseudo code of  delivery algorithm is shown in Algorithm 3.

Route Selection.
When  receives the  packet, if the timer window   does not expire, it needs to update the  route field of this message according to (21).Otherwise,  discards follow-up  packets and picks the one with largest  route as its main route.The route with second largest  route is regarded as backup route which aims at avoiding initiating the route discovery frequently.The pseudo code of route selection algorithm is shown in Algorithm 4.

Route Maintenance.
After each successful route discovery takes place,  can deliver its data to  through a route.However, the route may break at any time instant due to the mobility of nodes or attacks.In order to maintain a stable and secure network connection, route maintenance is necessary to ensure the system survivability.AODV protocol designed two types of route maintenance mode one is a local repair mechanism and the other is that  reestablishes the route.Detailed process is discussed as follows.
Once the route is found, each node along the route periodically sends  messages to its neighbour node for link failure detection.Link failure occurs when the neighbour node does not reply to the  messages after a period of time.When a node  detects a link failure, it first sends a Route Error () message to .  checks whether there is a backup route; if a backup route is found,  replaces the failure route with the backup and sends a  message to .Otherwise  sends a  message to  and then  starts a local repair mechanism. broadcasts a  message to find an alternative route between  and .If no route is found, the system resorts back to another mechanism of sending a  message upstream to , starting a new route discovery.
In TDS-AODV, besides link failure, if  route <  thr ,  will also perform route maintenance which works as follows.During the transmission, if  finds the trust of a route has decreased, it sends a route check message along the route to check the route status and sets a timeout period to wait for the route check message from .When  receives the reply, it will update the  route and judge whether  route is larger than  thr .If  route <  thr ,  resorts to the backup route and updates the path trust of the backup route (denoted as  rb ).If  rb >  thr ,  discards the main route and uses the backup route to send packets.Otherwise, a new route discovery is triggered.

Simulation Studies
To evaluate the performance of TDS-AODV, we use the simulation tool MATLAB.In our simulation, fifty nodes at first are randomly placed in a specific field (100 m × (1) when source node receives the , checks the   ; (2) if   does not expire then (3) updates the  route (4) else (5) discards the follow-up ; selects the route with the largest as its main route; picks the route with second largest  route as its backup routes; (6) end if Algorithm 4: The route selection algorithm.100 m) and move to another random position with a speed chosen between 0 to 30 m/s.The malicious nodes randomly drop data packets based on their trust value.The simulation parameters are listed in Table 1.

Performance Metrics.
To measure the performance of our proposed TDS-AODV, we identify three metrics: (i) throughput: the number of packets transmitted per unit time from the source node to the destination node; (ii) packet delivery ratio: the ratio of the number of packets received to the total number of packets; and (iii) average end to end delay: the average delay between the sending of the packets by the source node and its receipt at the destination node.
The network topology of TDS-AODV was compared with that of TAODV [22] and AODV in this paper.We also carried out three simulations in terms of the maximum node speed and the proportion of malicious nodes to compare the above three performances of two protocol.7 and 8 are the network topology of TDS-AODV and AODV with 20% malicious nodes.It is obvious to see that our method can avoid malicious nodes becoming the next hop effectively while in AODV malicious nodes can be selected as the next hop.The reason is that TDS-AODV takes nodes' trust value into account.

Simulation Results and Analysis. Figures
Figure 9 shows the average routing hop of TDS-AODV and AODV with different numbers of malicious nodes.when the number of malicious nodes accounts for a certain proportion of the number of total nodes, the average route hop of TDS-AODV is a little higher than that of AODV, because nodes would rather choose a relative longer path than choose malicious nodes as the next hop nodes in TDS-AODV.Although the path of TDS-AODV may be a little longer, the performance of TDS-AODV is still better than that of AODV as it eliminates malicious nodes out of the routing paths, which will be proven by the following simulation experiments.
Figures 10 and 11 depict the throughput of TDS-AODV, TAODV, and AODV.The routing throughput of TDS-AODV is averagely 29.60% lower than that of AODV and 21.27% lower than that of TAODV in Figure 10.This is because that our method can detect malicious nodes effectively and thus prevent the channel congestion.The throughput changes little  at different maximum speed which indicates our method has excellent dynamic.As shown in Figure 11, the throughput rises slowly with the increase in the number of malicious nodes.Besides, TDS-AODV rises more slowly than TAODV and AODV as it prevents the malicious nodes from becoming the next hop and affects less by malicious nodes.
The packet delivery ratio of TDS-AODV, TAODV, and AODV is shown in Figures 12 and 13 that TDS-AODV outperforms TAODV and AODV in the packet delivery ratio because of the fact that in TDS-AODV intermediate nodes make routing selection considering hop count and trust value.It shows the packet delivery ratio of TDS-AODV is averagely 46.24% higher than that of AODV and 17.18% higher than that of TAODV in Figure 12. Figure 13 indicates that TDS-AODV has better fault tolerance as its packet delivery ratio declines slowly with the increase in the number of malicious nodes.We give the average end to end delay comparisons of TDS-AODV, TAODV, and AODV in Figures 14 and 15.As shown in Figure 14, the average end-to-end delay of three schemes rises very slowly with the increase in the maximum speed.However, the average delay of AODV is 18.73% higher than that of TDS-AODV and the average delay of TAODV is 7.74% higher than that of TDS-AODV in Figure 14 due to the

Conclusions
In this paper, we propose a novel trust mechanism after investigating on trust models of ad hoc networks and routing in current researches.In this trust mechanism, direct trust value on each neighbour node is calculated by using trust factors of average encounter time, mobility, and successful cooperation frequency, which are defined according to node International Journal of Distributed Sensor Networks behaviors.Meanwhile, the revised D-S evidence theory is used to combine multiple recommended pieces of evidence and obtain the recommended trust value.Then, a trusted routing protocol based on the novel trust mechanism, by extending the AODV protocol is presented.In this protocol, a source establishes a main path and a backup path which are evaluated by two aspects: hop counts and trust values.At last, we validate the correctness and effectiveness of TDS-AODV by comparing its performance with TAODV and AODV on Matlab platform.Simulation results show that TDS-AODV is able to eliminate malicious nodes effectively when building the route and achieves an improvement in throughput, packet delivery ratio, and average end-to-end delay.
In our future work, we will conduct extensively simulation and rigorous analysis to quantify and evaluate the tradeoff between the security and the nodes' energy consumption.In addition, a comprehensive performance evaluation will be conducted to compare TDS-AODV with other routing protocols (e.g., DSR).

Figure 3 :
Figure 3: Recommendation relationship between subject node  and object node .

Figure 4 :
Figure 4: The process of trust transitivity.

8 Figure 5 :Figure 6 :
Figure 5: Path trust computation of a single path.

Figure 10 :Figure 11 :
Figure 10: Performance of network throughput at different maximum speed.

Figure 12 :
Figure 12: Performance of packet delivery ratio at different maximum speed.

Figure 13 :
Figure 13: Performance of packet delivery ratio with different number of malicious nodes.

Figure 14 :Figure 15 :
Figure 14: Performance of average delay at different maximum speed.
Factor of Successful Cooperation Frequency  , .Node  has a detection mechanism to obtain its interaction results record , = ( , ,  , ) with node . , and  , , respectively, denote the number of successful cooperation and unsuccessful cooperation about node  observed by node .Suppose SCF , can be easily expressed by beta distribution, that is, SCF , ∼ Beta( , ,  , ).The factor SCF , where  , denotes the distance between node  and node  at time , (  (),   ()) and (  (),   ()) are the coordinates of node  and node  at time , respectively.3.2.3. is constructed as SCF, =  , , +  , .
3.4.2.Dynamic Aggregation of Recommended Trust.On the basis of trust transitivity, node  obtains recommended trust values on node  through  recommendation paths, namely,