Trust Management for Defending On-Off Attacks

A trust management scheme can be used to aid an automated decision-making process for an access control policy. Since unintentional temporary errors are possible, the trust management solution must provide a redemption scheme to allow nodes to recover trust. However, if a malicious node tries to disguise its malicious behaviors as unintentional temporary errors, the malicious node may be given more opportunities to attack the system by disturbing the redemption scheme. Existing trust management schemes that employ redemption schemes fail to discriminate between temporary errors and disguised malicious behaviors in which the attacker cleverly behaves well and badly alternatively. In this paper, we present the vulnerabilities of existing redemption schemes, and describe a new trust management and redemption scheme that can discriminate between temporary errors and disguised malicious behaviors with a flexible design. We show the analytical results of the trust management scheme, and demonstrate the advantages of the proposed scheme with simulation conducted in a Wireless Sensor Network.