Lightweight novel trust based framework for IoT enabled wireless network communications

Received Jun 12 th , 201x For IoT enabled networks, the security and privacy is one of the important research challenge due to open nature of wireless communications, especially for the networks like Vehicular Ad hoc Networks (VANETs). The characteristics like heterogeneity, constrained resources, scalability requirements, uncontrolled environment etc. makes the problems of security and privacy even more challenging. Additionally, the high degree of availability needs of IoT networks may compromise the integrity and confidentially of communication data. The security threats mainly performed during the operations of data routing, hence designing the secure routing protocol main research challenge for IoT networks. In this paper, to design the lightweight security algorithm the use of Named Data Networking (NDN) which provides the benefits applicable for IoT applications like built-in data provenance assurance, stateful forwarding etc. Therefore the novel security framework NDN based Cross-layer Attack Resistant Protocol (NCARP) proposed in this paper. In NCARP, we designed the cross-layer security technique to identify the malicious attackers in network to overcome the problems like routing overhead of cryptography and trust based techniques. The parameters from the physical layer, Median Access Control (MAC) layer, and routing/network layer used to compute and averages the trust score of each highly mobility nodes while detecting the attackers and establishing the communication links. The simulation results of NCARP is measured and compared in terms of precision, recall, throughput, packets dropped, and overhead rate with state-of-art solutions. Keyword:


Introduction
Despite different researches on Intent of Things (IoT), its definition remains fuzzy.The IoT is the collection of physical devices that are connected to the Internet.With the advancement in mobile computing and wireless communications, a new paradigm known as the Internet of Things (IoT) is swiftly generating a lot of research interest and industrial revolution [1].Users will feel insecure about their private data if they are vulnerable to attacks from unauthorized individuals or machines over the network.Thus security is by far one of the biggest challenges in IoT networks [3].Most of security threats are performing at the routing layer, it means during the data transmission process, thus the addressing strong security against such threats will be depends on the security mechanism designed in routing functionality.However, the cross-layer attacks also increasing now-a-days to disturb the communication networks at large extend.Thus, making the process of secure communications in IoT is even more challenging.This imperative need for securing the routing process between numerous IoT devices across multiple heterogeneous networks needs significant research contributions [4] [5].To mitigate the challenges of secure routing in IoT enabled networks, there are various solutions designed at routing layer since from last decade.The security solutions designed to detect and mitigate the security threat such as botnets, Denial-of-Service (DoS), malware, Distributed Denial-of-Service (DDoS), Man-In-Middel (MIM) attacks, jamming attacks etc.In this paper, we focused on.The smart cities consist of large number of IoT physical devices deployed in a range of settings from individual homes to critical infrastructure, potentially in a very dense deployment.The intelligent traffic monitoring is one of the most important and challenging part of IoT based smart cities in which the vehicles with high mobility needs to monitor effectively.The Vehicular Ad hoc Networks (VANETs) consist of large number of vehicles in city roads which needs the strong guarantees of security as the sensitive information circulated by the vehicles to monitor the conditions like traffic jam, accidents etc.Thus it is required to have end-to-end security and privacy mechanism in the networks like IoT enabled VANET.In this paper, our aim is to design robust solution which is takes the advantages of NDN mechanism and cross-layer technique to secure the IoT enabled wireless network communications [6].As observed in recent woks, the Information Centric Networking (ICN) technology is superior to Internet Protocol (IP) technology while working with the IoT networks [7].The NDN is significantly stronger for the efficient and scalable smart city applications using the features like in-network caching and stateful forwarding [8].In literature, various ICN based IoT instalments proposed, but there is no holistic NDN based IoT architecture yet proposed [9]- [11].Basically, the current works neglects the security concerns related to the on-boarding and secure routing.In this paper, we exploit the benefits of NDN architecture over the IP architecture while performing the routing in IoT enabled VANETs.The NDN based secure cross-layer trust based communication protocol designed called NCARP.The proposed NCARP protocol is trust based approach in which the trust of vehicular nodes computed using different layers parameters such as physical, MAC, and routing layer to detect the node as malicious or attacker.In section II, the brief review various security methods presented.In section III, the proposed model of NCARP technique with parameters used for the trust computation presented.In section IV, the simulation and evaluations of NCARP with recent methods presented.In section V, the conclusion and future direction based on the simulation outcomes disclosed.

Related Works
This section we present the review of different security solutions for wireless communications.As the proposed framework is based on cross-layer and trust based approach, we majorly reviewed such methods.In networks like VANET, the aim of trust based approaches to assess the behaviours of the wireless nodes and build the reputation of every node according to their behaviour scores.In [12]- [21], various trust based security methods presented for VANET communications.
The proposed work in this paper is different and based on NDN architecture where we utilized the three layers parameters to evaluate the trust of high mobility nodes.To the best of our knowledge this is first approach that covers the cross-layer architecture for IoT enabled VANETs as well as NDN architecture to achieve the more reliable and robust communications with minimum routing overhead.The NDN approach recently designed in [32].In [32], the recent NDN based security approach proposed IoT networks.Scalability is achieved through a hierarchical network design, and very little cryptographic or computational burden.However the work at just initial stage and failed to handle the problem of nodes mobility and overhead reduction.

Methodology
As described above, the NCARP protocol proposed in this paper to achieve the reliable and secure communications in IoT enabled VANETs with minimum overhead.We mainly focused on using the ICN based NDN architecture over the IP.To establish the reliable links, the cross-layer trust score computed to evaluate the trustworthiness of vehicles.In this section we first take the overview of NDN approach used in NCARP, and then present the cross-layer framework for network security and reliability.

A. NDN Framework
The "slight abdomen" of the Named Data Networking (NDN) stack, as the name infers, is Named Data.In the NDN model, each piece of information has a novel Name, like a Uniform Resource Identifier (URI); the substance related with each Name is ordinarily viewed as unchanging.To recover a specific substance object, a requester sends an Interest parcel into the system.
Router: Every switch in NDN keeps up three information structures: a Pending Interest Table (PIT), a Forwarding Information Base (FIB), and a Content Store (CS).The sending methodology for the two Interests and Data are based around these tables.The switch at that point includes another PIT section demonstrates that the Interest was sent.
Data Forwarding: Information parcels are basically sent after the invert way as demonstrated by coordinating PIT passages.Note that the configurability of the sending technique is a significant element for the utilization of NDN in IoT.We utilized the NDN based correspondence engineering and expect that the supporting layers, for example, MAC, Physical, information connection layers depend on NDN design in this work.The NCARP protocol is designed to efficiently detect the malicious node in network according to the trust values from physical layer, MAC layer, and network layer.The IoT enabled VANET network deployed with N number of vehicles in network.After the deployment we initiated the trust computation for each node in network at different layers.At physical layer we compute the number of message received from the Vehicle Node (VN).At the MAC layer, we mainly focused on VN Packet Forwarding Probability (PFP) which is based on number of re-transmission factor as well.Finally, the network layer, to select the VN as forwarder node, we must compute its current mobility speed and the load intensity value.Finally, the overall trust value of any VN is computed as the addition of all layers trust value of VN at time t.After computation of overall trust value of VN, that value is compared with pre-defined threshold value to detect and inform the malicious node in network.The parameters used to compute at each layer are elaborated below.

A.
MAC Layer Trust: In networks like VANET, due to the higher mobility, there are several other reasons behind the packet drops in network.While transmitting packets though the hops, if next hop is goes out of range due to mobility then it leads to packet loss.The MAC layer information is one of the most important parameters in order to analyze the possible causes for packet loss between two nodes.In this paper, to compute the MAC layer trust we measure the PFP between two nodes P and Q.In this case, the node P measures the probability of successfully packet transmission to node Q by observing the link layer quality between P and Q using HELLO messages.This MAC layer trust value is represented as for the VN.The PFD at MAC layer between two VNs computed as at time t: ( Where and total number of HELLO packets received and expected number of HELLO packets during the time interval .Higher the value of , better the chances of node k marked as legitimate node.

B.
Network Layer: At network layer, routing is major task to deal with malicious attackers and to prevent the packet losses.In highly dynamic networks, the node with sever mobility and traffic load is consider as the malicious or unreliable node for the data forwarding.Thus, to compute the trust at network layer we computed the load intensity and mobility speed of the VN.

Load Intensity:
In IoT enabled VANETs, queues may overflow due to the multiple simultaneous roles that nodes have, such as being routers and terminals as well as multi-hop forwarding nodes, and to the frequent transmission of topology messages..We compute the load intensity based trust value for each VN in network. (2)

Where
is the length of interference queue of node k.The is average traffic load at the node k at time t.Using the above value, we finally compute the trust score of load intensity parameter for node k as: (3) Node Mobility: Another very important parameter to select the more stable and reliable VN as forwarder in V2V communications.We measure the current moving speed of the vehicle in this paper and compute its probability value.(4) Where, is the link arrival rate and is the link breakage rate of node k.By using the Eq. ( 4), the mobility based trust score is computed as: (5) By considering both load intensity and node mobility, the network layer trust score for each VN computed for the VN as at time t: (6) Higher the value of , better the chances of node k marked as legitimate node.

C. Physical Layer Trust:
In networks like IoT enabled VANET, the common security problem is jamming the network attack in which the attacker or malicious vehicle frequently transmits the short range signals which creates the network congestion.Due to this network congestion, the normal vehicle remains busy in receiving such signals and rejects the other application needs.Therefore, Number of Received Messages (NRM) is used to evaluate the trustworthiness of vehicles in network at physical layer.The monitoring VN collects the observations of NRM from its neighbor VNs at every time period t.The recommendations of NRM values generated by the direct observations of neighbor nodes n with the monitored VN.The trust value based on above computations at physical layer for the VN is computed as: (7) Higher the value of , better the chances of node k marked as legitimate node.Thus, the overall trust of VN at time t is computed as: (8) Where , , and are weight parameters and whose sum ( .The value of these weight parameters should in range of (0, 1).F FOR k= 1: N 2.
Averaging the trust value: using Eq. ( 8 END FOR

Simulation Results
In this section, our objective is to design the proposed NCARP protocol and two recent methods those are based on trust based concept and Cryptography base concept for secure VANET communications.The methods such as RealAlert [18] which is trust based security method for vehicular networks and cryptography based method reported in [17], we called this method as MANEL (the name of author).Table 1 demonstrate the other simulation parameters used.The performance of these methods measured in terms of precision rate, recall rate, average throughput, number of packets dropped, and communication overhead.The precision and recall rates estimate the accuracy of malicious nodes detection.The average throughput, number of packets dropped, and communication overhead demonstrates the QoS performance.The throughput performance of MANEL is poor among all the three methods as it based on only the network layer cryptography solution to establish the secure communication among the nodes.The REALALERT computes the trust of the vehicles and then establish the path for data transmission at network layer, but in NCARP the cross-layer architecture assist to establish the more reliable and stable paths for data transmission in IoT enabled networks.The NCARP shows the improved throughput performance for each network.The routing overhead is another concern for the security methods in wireless communications.Figure 5 demonstrates the performance analysis of routing overhead.As observed in figure, as the number of nodes increasing the routing overhead increases.The more number of vehicles in network leads the extra burden of computing the nodes trust as well as cryptography operations while establishing the links.The NCARP performance outperformed the existing methods in routing overhead along with the precision, recall, average throughput, and routing overhead.

B. Attackers Variations
As observed in table 2, we investigate the performance of varying the number of attackers in network.The precision and recall rates performances observed in figures 6 and 7 respectively.As observed in figures, the precision rate and recall rates becomes less for the large number of attackers in network.The proposed NCARP achieved the better detection accuracy compared to both existing methods due the reasons disclosed in above section.Figures 8 and 9 demonstrate the outcomes of average throughput and routing overhead respectively.The proposed approach always delivered the optimized results under lower to higher number of attackers.

Conclusion and Future Work
For the IoT enabled wireless communications, the privacy preserving and secure communications is important research problems since from the last decade.In this work, we proposed the novel solution to secure the IoT enabled wireless communications based on higher mobility and network dynamics (e.g.VANET) using the NDN architecture rather than IP based networks and the trust based cross-layer architecture called NCARP.The design of NCARP presented in this paper which is further simulated and compared with the two recent solutions.The performance shows that NCARP achieved the significant improvement in malicious nodes detection and network QoS performance with minimum routing overhead.The future work we suggest is related to real time IoT based deployment of NCARP protocol.

Figure 1
Figure 1 demonstrates the architecture of proposed NCARP protocol.

Algorithm 1 :
Trust based attack detection Inputs N: number of vehicles S: source node δ=0.45: threshold value Output: V: detected attackers node list 1.

Figure 4 .
Figure 4. Performance analysis of average throughput

Table 1 .
Table 2 demonstrate the another network scenario where we kept number of vehicle fixed and vary the percentage of malicious nodes in network.IoT enabled VANET design parameters (density variations)