Biblio

In response to the vulnerabilities in traditional perimeter-based network security, the zero trust framework is a promising approach to secure modern network systems and address the challenges. The core of zero trust security is agent-centric trust evaluation and trust-based security decisions. The challenges, however, arise from the limited observations of the agent's footprint and asymmetric information in the decision-making. An effective trust policy needs to tradeoff between the security and usability of the network. The explainability of the policy facilitates the human understanding of the policy, the trust of the result, as well as the adoption of the technology. To this end, we formulate a zero-trust defense model using Partially Observable Markov Decision Processes (POMDP), which captures the uncertainties in the observations of the defender. The framework leads to an explainable trust-threshold policy that determines the defense policy based on the trust scores. This policy is shown to achieve optimal performance under mild conditions. The trust threshold enables an efficient algorithm to compute the defense policy while providing online learning capabilities. We use an enterprise network as a case study to corroborate the results. We discuss key factors on the trust threshold and illustrate how the trust threshold policy can adapt to different environments.

The randomness, ambiguity and some other uncertainties of trust relationships in Wireless Sensor Networks (WSNs) make existing trust management methods often unsatisfactory in terms of accuracy. This paper proposes a trust evaluation method based on cloud model for malicious node detection. The conversion between qualitative and quantitative sensor node trust degree is achieved. Firstly, nodes cooperate with each other to establish a standard cloud template for malicious nodes and a standard cloud template for normal nodes, so that malicious nodes have a qualitative description to be either malicious or normal. Secondly, the trust cloud template obtained during the interactions is matched against the previous standard templates to achieve the detection of malicious nodes. Simulation results demonstrate that the proposed method greatly improves the accuracy of malicious nodes detection.

As a supplement to the cloud computing model, the edge computing model can use edge servers and edge devices to coordinate information processing on the edge of the network to help Internet of Thing (IoT) data storage, transmission, and computing tasks. In view of the complex and changeable situation of edge computing IoT scenarios, this paper proposes a multi-dimensional trust evaluation factor selection scheme. Improve the traditional trusted modeling method based on direct/indirect trust, introduce multi-dimensional trusted decision attributes and rely on the collaboration of edge servers and edge device nodes to infer and quantify the trusted relationship between nodes, and combine the information entropy theory to smoothly weight the calculation results of multi-dimensional decision attributes. Improving the current situation where the traditional trusted assessment scheme's dynamic adaptability to the environment and the lack of reliability of trusted assessment are relatively lacking. Simulation experiments show that the edge computing IoT multi-dimensional trust evaluation model proposed in this paper has better performance than the trusted model in related literature.

The acceleration of extending popularity of Online Social Networks (OSNs) thanks to various services with which they provide people, is inevitable. This is why in OSNs security as a way to protect private data of users to be abused by unauthoritative people has a vital role to play. Trust evaluation is the security approach that has been utilized since the advent of OSNs. Graph-based approaches are among the most popular methods for trust evaluation. However, graph-based models need to employ limitations in the search process of finding trusted paths. This contributes to a reduction in trust accuracy. In this investigation, a learning-based model which with no limitation is able to find reliable users of any target user, is proposed. Experimental results depict 12% improvement in trust accuracy compares to models based on the graph-based approach.

As the increasing demands of social services, unmanned aerial vehicles (UAVs)-assisted networks promote the promising prospect for implementing high-rate information transmission and applications. The sensing data can be collected by UAVs, a large number of applications based on UAVs have been realized in the 5G networks. However, the malicious UAVs may provide false information and destroy the services. The 5G UAV communication systems face the security threats. Therefore, this paper develops a novel trust-based security scheme for 5G UAV communication systems. Firstly, the architecture of the 5G UAV communication system is presented to improve the communication performance. Secondly, the trust evaluation scheme for UAVs is developed to evaluate the reliability of UAVs. By introducing the trust threshold, the malicious UAVs will be filtered out from the systems to protect the security of systems. Finally, the simulation results have been demonstrated the effectiveness of the proposed scheme.

Consensus-based distributed microgrid energy management system is one of the most used distributed control strategies in the microgrid area. To improve its cybersecurity, the system needs to evaluate the trustworthiness of the participating agents in addition to the conventional cryptography efforts. This paper proposes a novel augmented reputation metric to evaluate the agents' trustworthiness in a distributed fashion. The proposed metric adopts a novel augmentation method to substantially improve the trust evaluation and attack detection performance under three typical difficult-to-detect attack patterns. The proposed metric is implemented and validated on a real-time HIL microgrid testbed.

More and more organizations and individuals start to pay attention to real-time threat intelligence to protect themselves from the complicated, organized, persistent and weaponized cyber attacks. However, most users worry about the trustworthiness of threat intelligence provided by TISPs (Threat Intelligence Sharing Platforms). The trust evaluation mechanism has become a hot topic in applications of TISPs. However, most current TISPs do not present any practical solution for trust evaluation of threat intelligence itself. In this paper, we propose a graph mining-based trust evaluation mechanism with multidimensional features for large-scale heterogeneous threat intelligence. This mechanism provides a feasible scheme and achieves the task of trust evaluation for TISP, through the integration of a trust-aware intelligence architecture model, a graph mining-based intelligence feature extraction method, and an automatic and interpretable trust evaluation algorithm. We implement this trust evaluation mechanism in a practical TISP (called GTTI), and evaluate the performance of our system on a real-world dataset from three popular cyber threat intelligence sharing platforms. Experimental results show that our mechanism can achieve 92.83% precision and 93.84% recall in trust evaluation. To the best of our knowledge, this work is the first to evaluate the trust level of heterogeneous threat intelligence automatically from the perspective of graph mining with multidimensional features including source, content, time, and feedback. Our work is beneficial to provide assistance on intelligence quality for the decision-making of human analysts, build a trust-aware threat intelligence sharing platform, and enhance the availability of heterogeneous threat intelligence to protect organizations against cyberspace attacks effectively.

Evaluating user behavior in cloud computing infrastructure is important for both Cloud Users and Cloud Service Providers. The service providers must ensure the safety of users who access the cloud. User behavior can be modeled and employed to help assess trust and play a role in ensuring authenticity and safety of the user. In this paper, we propose a User Behavior Trust Model based on Fuzzy Logic (UBTMFL). In this model, we develop user history patterns and compare them current user behavior. The outcome of the comparison is sent to a trust computation center to calculate a user trust value. This model considers three types of trust: direct, history and comprehensive. Simulation results are included.

In open network environments, since there is no centralized authority to monitor misbehaving entities, malicious entities can easily cause the degradation of the service quality. Trust has become an important factor to ensure network security, which can help entities to distinguish good partners from bad ones. In this paper, trust in open network environment is regarded as a self-organizing system, using self-organization principle of human social trust propagation, a genetic trust evaluation method with self-optimization and family attributes is proposed. In this method, factors of trust evaluation include time, IP, behavior feedback and intuitive trust. Data structure of access record table and trust record table are designed to store the relationship between ancestor nodes and descendant nodes. A genetic trust search algorithm is designed by simulating the biological evolution process. Based on trust information of the current node's ancestors, heuristics generate randomly chromosome populations, whose structure includes time, IP address, behavior feedback and intuitive trust. Then crossover and mutation strategy is used to make the population evolutionary searching. According to the genetic searching termination condition, the optimal trust chromosome in the population is selected, and trust value of the chromosome is computed, which is the node's genetic trust evaluation result. The simulation result shows that the genetic trust evaluation method is effective, and trust evaluation process of the current node can be regarded as the process of searching for optimal trust results from the ancestor nodes' information. With increasing of ancestor nodes' genetic trust information, the trust evaluation result from genetic algorithm searching is more accurate, which can effectively solve the joint fraud problem.

The performance of the trust evaluation strategy depends on the accuracy and rationality of the trust evaluation weight system. Trust is a difficult to accurate measurement and quantitative cognition in the heart, the trust of the traditional evaluation method has a strong subjectivity and fuzziness and uncertainty. This paper uses the AHP method to determine the trust evaluation index weight, and combined with grey system theory to build trust gray evaluation model. The use of gray assessment based on the whitening weight function in the evaluation process reduces the impact of the problem that the evaluation result of the trust evaluation is not easy to accurately quantify when the decision fuzzy and the operating mechanism are uncertain.

Trust management issue in cloud domain has been a persistent research topic discussed among scholars. Similar issue is bound to occur in the surfacing fog domain. Although fog and cloud are relatively similar, evaluating trust in fog domain is more challenging than in cloud. Fog's high mobility support, distributive nature, and closer distance to end user means that they are likely to operate in vulnerable environments. Unlike cloud, fog has little to no human intervention, and lack of redundancy. Hence, it could experience downtime at any given time. Thus it is harder to trust fogs given their unpredictable status. These distinguishing factors, combined with the existing factors used for trust evaluation in cloud can be used as metrics to evaluate trust in fog. This paper discusses a use case of a campus scenario with several fog servers, and the metrics used in evaluating the trustworthiness of the fog servers. While fuzzy logic method is used to evaluate the trust, the contribution of this study is the identification of fuzzy logic configurations that could alter the trust value of a fog.

We propose a distributed and adaptive trust evaluation algorithm (DATEA) to calculate the trust between nodes. First, calculate the communication trust by using the number of data packets between nodes, and predict the trust based on the trend of this value, calculate the comprehensive trust by combining the history trust with the predict value; calculate the energy trust based on the residual energy of nodes; calculate the direct trust by using the communication trust and energy trust. Second, calculate the recommendation trust based on the recommendation reliability and the recommendation familiarity; put forward the adaptively weighting method, and calculate the integrate direct trust by combining the direct trust with recommendation trust. Third, according to the integrate direct trust, considering the factor of trust propagation distance, the indirect trust between nodes is calculated. Simulation experiments show that the proposed algorithm can effectively avoid the attacks of malicious nodes, besides, the calculated direct trust and indirect trust about normal nodes are more conformable to the actual situation.

Mobile Ad Hoc Network (MANET) is a multi-hop temporary and autonomic network comprised of a set of mobile nodes. MANETs have the features of non-center, dynamically changing topology, multi-hop routing, mobile nodes, limited resources and so on, which make it face more threats. Trust evaluation is used to support nodes to cooperate in a secure and trustworthy way through evaluating the trust of participating nodes in MANETs. However, many trust evaluation models proposed for MANETs still have many problems and shortcomings. In this paper, we review the existing researches, then analyze and compare the proposed trust evaluation models by presenting and applying uniform criteria in order to point out a number of open issues and challenges and suggest future research trends.

Cloud Computing has emerged as a paradigm to deliver on demand resources to facilitate the customers with access to their infrastructure and applications as per their requirements on a subscription basis. An exponential increase in the number of cloud services in the past few years provides more options for customers to choose from. To assist customers in selecting a most trustworthy cloud provider, a unified trust evaluation framework is needed. Trust helps in the estimation of competency of a resource provider in completing a task thus enabling users to select the best resources in the heterogeneous cloud infrastructure. Trust estimates obtained using the AHP process exhibit a deviation for parameters that are not in direct proportion to the contributing attributes. Such deviation can be removed using the Fuzzy AHP model. In this paper, a Fuzzy AHP based hierarchical trust model has been proposed to rate the service providers and their various plans for infrastructure as a service.