Trust correlation of mobile agent nodes with a regular node in a Adhoc network using decision-making strategy

ABSTRACT


INTRODUCTION
The mobile Adhoc network (MANET) is distributed network of moving nodes without having any access point in its deployment, where the participating nodes collaborate itself to the neighbour nodes whose physical distance is lower than the communication ranges of the nodes [1]. In the post PC-era, various independent or a sub-system of Internet of Things (IoT) based applications requires a infrastructure less wireless network, where MANET plays an important role [2]. The MANET working group, many academician and industrial researchers contributed to evolve many proactive and reactive routing protocols to makes the success of the network performance in terms of the data delivery and achieve any source to any destination kind of the communication [3][4][5].
Since MANET is a resource constraints network of mobile nodes with limited power as operated by battery and bandwidth, a non-optimal or un-balance usages of these resources drastically reduces the network performance as well the resource utilization is exponential to the number of nodes, as O (n2) that makes its limited uses where scalability is in demand [6]. The various such issues like scalability and associated congestion problem, link failures due to obstacles etc, the concept of self-configurable mobile agent is used [7][8][9][10][11]. Though there are enormous benefits of adopting additional nodes in a MANET as a mobile agent which can facilitates large scale routing and ensure to enhance the network performance but since many of the attacks takes place in the MANET are by introducing malicious nodes by exploiting the vulnerabilities due to of the self-configuration characteristics [12]. It is an open research issues to find the reliability in terms of trust by the regular MANET nodes with the mobile-agent nodes, which ensures the degree of security to establish route in the MANET with mobile-agent nodes. The initial approaches for finding the node trust level were adopted at the local layer of the nodes that limits the auditing accuracy and capacity to identify the types of attacks [13]. The further evolution in the direction of the node trust determination, the methods uses the local level capacity along with cooperative mechanisms to detect the various kinds of the attacks, but these approaches poses additional overhead as many control messages are required to be imposed to exchanges the updated information at both local level as well as in collaborative communication that leads it to work in a cluster [14][15]. The methodologies for the security aspects in terms of identifying the malicious nodes implanted or participated into the MANET is given to a particular node in a cluster that minimizes overheads to an extend but due to distributed and highly dynamic nature of the network it poses again polynomial complexities when it is a large-scale network.
The approach of additional methods like signature, anomaly engine etc were developed to mark a suspicious node as malicious and avoid it from the routing but it makes the iterative network partition which is not a perfect solution to balance the requirement of the balance between the security and the network performance [16]. Thus, inspite of a control mechanism for the attacks and threats due to malicious node a method of mitigating the effect is adopted based on the strategic decision made by the nodes and the mobile agents that ensure a balance between the minimization of loss due to security threats and maximization of the network performance QoS parameters balancing both resources even in the large network which a demand of the future applications. This paper presents a mathematical model of a decision-making strategy among the regular-manet nodes and the mobile-agent nodes to establish a trust for the reliable communications. The organization of the proposed manuscript is as follows: Section 1 discusses about the background of the existing studies associated with agent based solution toward security, security briefs of research problems identified and highlights about the research methodology adopted for solving the problems of existing security issues in MANET. Section 2 presents an illustrative discussion of system design followed by discussion of the result analysis in Section 3. Finally, the conlusion of the proposed system is briefed in Section 4.
There is absolutely no doubt of presence of archives of massive literature highlighting about the techniques required for securing the MANET system. The most recent study carried out by Wang and Li [17] have presented a secure communication mechanism that selects the agent nodes which contructing routes. These techniques ensure reliable delivery of packet between the agent nodes. Another recent work of Shehada et al. [18] has adopted trust based scheme along with reputation in order to model a mobile agent focusing on social network. The technique uses an adaptive process in order to evolve up with a decision makig system. Agent-based approaches are also used by Harrabi et al. [19] where the authors have used it over vehicular network. The work carried out by Rohankar [20] throws an interesting usage of agent-based approach over wireless adhoc network using predictive approachover conventional MANET routing scheme.

1563
The significant research problems are as follows: -None of the existing agent-based scheme has addressed the complex security problems in MANET or likewise scenario. -The adversaries are well defined in existing security schemes that uses mobile agents and hence they are not applicable if the adversary tactics changes. -Developing intrusion detection system using mobile agent in presence of dynamic adversary is not much emphasized in existing system. -There are no benchmarked studies focusing on solving the critical security problems in case the mobile agents are compromised. Therefore, the problem statement of the proposed study can be stated as "It is quite a challenging task to construct a framework capable of identifying the discrete behaviour of mobile agents such that agent-based communication system can be further boosted for MANET communication" The proposed system is implemented using analytical research methodology where the prime focus is offered towards constructing a secured scheme to offer selection of trusted mobile agents in MANET. Basically, mobile agents assist in multiple ways to bridge the communication demands in MANET but are highly vulnerable to security threats. Therefore, proposed system considers a presence of adversarial model where there is no apriori information about the criticality of attack in MANET by malicious mobile agents. The scheme adopted as a solution is showcased in Figure 1  The above Figure.1 exhibits that the proposed system considers modeling mobile agents with inclusion of two types of task to be executed by them. Owing to presence of common task, it is highly challenging to distinguish regular node from malicious mobile agent. Although, there are distinct charecteristics too, but they are rarely expected to be exhibited by malicious mobile agent in order to resist the chances to get entrapped by the security system.Therefore, the proposed model constructs a simplified mathematical modeling on the basis of probability theory in order to evolve up in a potential and reliable decision making system. The core components of the proposed mathematical modeling are trust evaluation, decision making, and fairness communication. A novel concept of trio communication policy has been constructed which governs all the possibilities of communication behaviour of both the type of nodes. The next section illustrates about the system design and implementation.

SYSTEM IMPLEMENTATION
The complete target of the system design is to construct a mechanism that offers enhanced capability to identify the malicious intention of mobile agent. The outcome of the implementation is mainly focused on quarantining such adversary node to participate in communication process. The backbone concept of system implementation is to construct a reliable intrusion detection system mainlyover MANET. These section briefs of complete information associated with the system implementation.

Modelling assumptions
The primary assumption of the proposed system is that there is no apriori information associated with the identity of the adversary node. This assumption will offer evidence of resistivity capability of regular node against malicious node. The secondary assumption of the proposed system is that adversary will always target mobile agents as their initial source of launching attack. The rationae behind this assumption is that network resource used for compromising a regular node is more than that of mobile agent. If one mobile agent is compromised than the attack will spread exponentially because one mobile agent assists in communication for multiple neighboring nodes. The tertiary assumption is that there are possibilities of slight variation in observation for adversarial mobile agent; however, study considers such probability to be very low. This justification behind this assumption is that the proposed system performs intrusion detection system on the basis of monitoring of neighboring mobile agents. Owing to inclusion of dynamic topology in MANET, there are some possibilities that a good malicious node could be declared as adversary or viceversa. This challenge is addressed by using a threshold-based evaluation system which reduces such chances.

Mathematical model
Probability-based modeling has been used for construction the mathematical framework of proposed system for assessing the trust factor from the mobile agents. The proposed study considers that there are two kinds of mobile agents i.e. regular mobile agent and malicious mobile agent. An adversarial modeling is carried out by considering correlated trust parameter and uncorrelated trust parameters represented as, The correlated trust parameter λct will mean a set of certain task executed by mobile agents, which are found correlated in both regular and adversary mobile agents. The study considers Fp (forward packet) and Rj (reject packet) which can be carried out by both regular and adversary mobile agent, which makes it hard to distinguish them in intrusion detection system. The uncorrelated trust parameter λuct will mean certain distinct task explicit to node type viz. i) the proposed study consider Cn (compromize / launch malicious code) to be executed by adversary only while Dnt (declare node trust) is explicitely a task carried out by regular mobile agent. These operations can only distinguise if the mobile agent is malicious or non-harmful. The essential components of the proposed mathematical modeling are as follows: -Trust Evaluation: The proposed system performs three types of trust evaluation in order to ascertain the trust worthiness of the communicating mobile agent using two parameters viz. i) Q1(computing frequencies of Fp) and ii) Q2 (computing frequencies of Rj). The first trust evaluation factor TR is termed as regular trust and is computed as Q1/(Q1+Q2) while the second trust evaluation factor TM is termed as malicious trust and is computed as Q2/(Q1+Q2). The third trust evaluation Tam is termed as ambiguous trust and is computed as following: In the above mathematical expression, the variable c is network constant while the variable τ1 is scalar product of TR and TM. The variable τ2 is computed as scalar squared product and summation of Q1 and Q2 respectively. -Decision Making: In order to make a decision, it is essential for the proposed system to observe the trend of communication for all the mobile agents. For this purpose, the proposed system considers little more parametric computation associated with profit and number of resources being used by mobile agents. This behavioural trend will offer more inclusive disclosure of their malicious intention. The initial decision making towards capturing malicious intention of mobile agent will be seen from the trend of ambiguous trust Tam values (2). Normally, a declining trend of numerical value of ambiguous trust Tam will show concrete case of adversary while a regular node will never be shown to be has declining trend owing to the usage of cut-off Thr which can be given as per the demand of security. Apart from this, a second layer of cut-off is used in order to prevnt any possibility of outliers in declaration of regular mobile agent to malicious one. -Fairness Communication: As the proposed system is designed on the basis of neighboring mobile agent behavioural monitoring system, there are chances that certain numerical evaluation could lead to wrong misinterpretation of mobile agents to be malicious. This situation is avoided in following manner.
The proposed system develops a concept of fairness to both malicious and regular mobile agent in order to ensure that the system can still identify the malicious behaviour in case of ambiguous decision making. According to this fairness concept, the regular mobile agent is considered to more inclination towards identifying and updating the threat (i.e. Dnt) whereas the malicious node will be more inclined towards launching malicious codes to the neighboring mobile nodes in MANET. This situation makes the communication more challenging as both the agent types will try to gain more fairness. This situation is solved by following when the regular mobile agent evaluates the trust of neighboring mobile agents; it reconfirms the malicious intention by checking the trust value of the target mobile agent from its neighboring nodes. That trust is then compared with the second layer of trust cut-off to finally declare the target node to be malicious.

Execution flow
The proposed system initiates with the configuraton of deployment region D, number of mobile agents n, and proportion of the intruder node inode. Apart from this variable, the proposed system also performs initialization of few more parameters e.g. P(Fp) profit allocated to agent for performing Fp, γ(FP) number of resourced involved in performing FP, P(Cn) profit allocated to agent for performing Cn. The next part of the implementation is carried out for estimating Q1, Q2, pa, and Tam for all the mobile agents present in deployment region D. The proposed system implements three different communication policies as a part of contribution for assisting in better decision making as well as mapping with real-world greedy scenario of the mobile agents. The three communication policies are as follows: -Communication Policy-1 (CP1): According to this policy, the current mobile agents will have complete information about the next task to be executed by the mobile agent and vice-versa. -Communication Policy-2 (CP2): In this policy, a probability is assigned to each undertaking of CP1 thereby allowing the mobile agents to arbitrarily opt for CP1. As there are infinite number between the probability limits so there is massive number of combination of CP1 for each mobile agent. -Communication Policy-3 (CP3): In this policy, the current mobile agents don't have complete or has fuzzy information about the communication policy of target mobile agents. One interesting fact of this communication policy is that tactic adopted by the mobile agent gives indication about the trust factor on the basis of historical information. All the above communication policies are constructed on the basis of various tasks i.e. FP, Cn, RJ, and Dnt. The proposed system is then assessed on the basis of combination of all three communication policies adopted by regular and malicious mobile agents. The assessment is carried out by selecting a source mobile agent and destination node. This principle is used for identification of the malicious mobile agents whose algorithmic steps is shown as below: Algorithm for Identification of Malicious Agent Input: n, ψ, Thr, pa Output: F Start 1. For i=1:n 2. While ψ<Thr 3.

End End
The above algorithm takes the input of n (total number of mobile agents), ψ (selected trust), Thr (cut-off trust), and pa (probability of adversary node) that after processing yields and outcome of F (Declaring Adversary Node). According to the above mentioned algorithm, the computation towards the identification of the malicious agents is carriedout considering all the agents n (Line-1). The complete algorithm considers CP3 as the tactic adopted for mobile agent of unknown trust nature (which is under observation). Under this scheme, the source mobile agent performs evaluation of the target mobile agents in order to conclude if they the regular or malicious mobile agents. This evaluation is carried out by a variable ψ representing probability of vulnerable mobile agents and is computed by scalar product of probability of adversary node pa and (1-Tam), where the later variable represents residual trust ambiguity (Line-2). It will therefore mean that if the variable ψ is found more than cut-off Thr than it will just mean that the target node doesn't have malicious intention. However, it still doesn't give a confirmation that the target node is 100% regular mobile agent. For this purpose, it performs further assessment. The system compares probability of adversary node pa with conditional parameter cond1. The computation of the conditional parameter is carried out by using probability where the variable cond1 represents favorable chances of data forwarding by target mobile agent divided by total chances of both data forwarding and launching attack. The estimation of first parameter is carried out by P(FP)-γ(FP) while the later parameter is estimated as P(FP)+P(Cn). A closer look into the formation of the variable cond1 will show that it represents the best chances of data forwarding by the mobile agent in present of all the probabilities connected with both data forwarding and launching attack. Therefore, the conditional statement in Line-2 represents that probability that the target mobile agent is an adversary and that is found less than conditional parameter cond1. In such positive case, it will mean that the target mobile node could be malicious but it doesn't have any harmful action to be launched at that time.
Hence, there are good chances that target mobile node will perform data packet forwarding with higher probability prob1 (Line-4). However, if the condition found to be Pa greater than it will mean that there are some good chances to confirm that the target node has malicious intention which can be calculated by different probability i.e. prob2 (Line-6). The value of prob1 is 1 as it is higher probability score while the second probability prob2 is estimated as favorable chances of attack (γ(Cn)-γ(FP)) divided by total attack chances (P(Cn)). Finally, the system retains the latest value of Q1, Q2, and pa and transmits to all neighboring mobile agents about the conclusion it draws from evaluation of target mobile agent in terms of flag message F (Line-9). Therefore, the proposed algorithm allows the source mobile agents / nodes in MANET to make use of probability on the basis of few operational parameters (Q1, Q2, and pa) to estimate the malicious intention of the target mobile agent. The strength of this algorithm is that it offers multi-tier checks for the trust factor associated with the target mobile agents where trust score is extracted directly as well as from the neighboring nodes of the target mobile agents. Another interesting part of this algorithm is that even if the target mobile agent is not 100% confirmed tobe malicious, but if itscurrent intention is just to forward data packet than it is permitted to do so.
The logic behind this operation is thata malicious node will try to bypass all security system in MANET as the network is highly dynamic order and chances of using distributed security protocols are usually high. Therefore, in order to resist disclosure of the malicious intention of an adversary they will act as a friendly node by participating as relay or intermediate mobile agents. An adversary will continue to do this until and unless they get an appropriate opportunity to launch malicious codes. Another interesting point of this algorithm is its incorporation of the fairness concept for both regular and malicious mobile agents. Usually, a malicious mobile agent will continue forwarding the packet as that is not their main intention; however, they will need to do so for not getting themselves catured by the security system. As it will require consumption of resources which is actually destined for launching an attack, so a threshold value can be selected for this. For an example, a malicious node cannot use 50% of their resources just to do FP operation as they also require retaining resources for Cn operation. This concept is used in proposed system which can identify malicious mobile agent to a large extent. However, if their action is found to be within a tolerable cut-off of threshold, it will eventually mean that probability of launching attack is less by the malicious node and there is no harm allowing them in data packet forwarding.
Adopting this mechanism, all the target node is under consistent observation. Apart from this, there is also possibility about the wrong judgement about the legitimacy of the target mobile agent in communication region. For this purpose, the proposed system should first check if the anticipated value of the Dnt is found to be more than maximum score of probability of FP and Cn. In such condition, it will mean that there are partial changes of outliers too. This problem is solved by assesing the variability of the probability score. A penalty factor is allocated in case of violation of the fairness factor by the regular malicious agent. Hence, irrespective of slight chances that some target nodes by misjudged, but in majority of cases the judgement is correct as the trust computation is carried out considering local and global trust factor. One of the interesting effectiveness of this security protocol is that it drains out the resources of the malicious nodes as neither it allows to participate in routing process (as long as their probability of launching attack is not found defined under existing communication policy) nor it allows to launch an attack. Hence, the proposed system offers a significant cost control by avoiding usage of any comlex encryption algorithm in order to resist any possibilities of intrusion.

RESULT ANALYSIS
The scripting of the proposed security scheme has been carried out over MATLAB. The analysis considers that is maximum loss could occur to a regular node if they generate falsified report. Therefore the cut-off value of the trust could be considered to be somewhat ideally between 0.4-0.5 and simulation area considered is 1000x1200m 2 . The assessment of proposed study was carried out by comparing its performance 1567 with existing security scheme e.g. SAODV [31] and SLSP [32] with respect to multiple performance parameters e.g. latency, overhead, throughput, and processing time. Figure 2 highlights the graphical outcome of comparative analysis that shows proposed system offers better performance in every aspect in comparison to existing system. The prime reason behind this are existing security schemes offers protection by assuming that the adversary is well known and all its actions are very much well defined. This is highly unpractical scenario and MANET when integrated with IoT can invoke adversary with exponentially high dynamicity. On the other hand, proposed system is capable to identify the malicious intention without even knowing exact specification of the adversary. The complete simulation is carried out considering that specific number of mobile agents where a both good and rogue agent exists in number but not in terms of identity. Hence, the proposed scheme supports faster updating process resulting in lower latency as shown in Figure 2 (a) and faster processing time Figure 2 (d).
Apart from this, owing to the adoption of the fairness concept, it was seen that proposed system even exploits malicious nodes if they make themselves available for data forwarding. Therefore, a higher controllable environment is developed which ensures that malicious mobile agent doesn't invoke attack and permits them to forward a data packet, This is also a good prevention approach as malicious node will soon drain out of energy which was primarlity destined for launching attack. This causes non-significant effect on the throughput resulting in a good balance between the security enhancement and data communication performance as shown in Figure 2(c). Apart from this the updating of the trust factor of the regular or malicious node is carried out only for the communicating nodes and neighboring nodes. This causes highly reduced overhead effect on the communication in MANET system. Therefore, the proposed system can be claimed of offering simplified solution towards upgrading security features for evaluating trust for mobile agents in MANET.