A non-biased trust model for wireless mesh networks

Trust models that rely on recommendation trusts are vulnerable to badmouthing and ballot-stuffing attacks. To cope with these attacks, existing trust models use different trust aggregation techniques to process the recommendation trusts and combine them with the direct trust values to form a combined trust value. However, these trust models are biased as recommendation trusts that deviate too much from one’s own opinion are discarded. In this paper, we propose a non-biased trust model that considers every recommendation trusts available regardless they are good or bad. Our trust model is based on a combination of 2 techniques: the dissimilarity test and the Dempster-Shafer Theory. The dissimilarity test determines the amount of conflict between 2 trust records, whereas the Dempster-Shafer Theory assigns belief functions based on the results of the dissimilarity test. Numerical results show that our trust model is robust against reputation-based attacks when compared to trust aggregation techniques such as the linear opinion pooling, subjective logic model, entropy-based probability model, and regression analysis. In addition, our model has been extensively tested using network simulator NS-3 in an Infrastructure-based wireless mesh networks and a Hybrid-based wireless mesh networks to demonstrate that it can mitigate blackhole and grayhole attacks.

💡 Research Summary

The paper addresses a critical weakness in existing trust management schemes for wireless mesh networks (WMNs): the tendency to discard or down‑weight recommendation values that differ significantly from a node’s own direct observations. Such “biased” aggregation makes the system vulnerable to reputation‑based attacks like bad‑mouthing and ballot‑stuffing, and it also throws away potentially useful information when legitimate nodes have divergent experiences due to channel variability, mobility, or temporary failures.

To overcome this, the authors propose a non‑biased trust model that incorporates every recommendation, regardless of whether it appears “good” or “bad”. The model is built on two complementary techniques:

1. Dissimilarity Test – This step quantifies the conflict between two trust records (e.g., a node’s direct trust and a neighbor’s recommendation). Rather than using a simple absolute difference, the test treats each trust value as a probability distribution (often a Bernoulli or Beta distribution) and computes a conflict mass using measures such as Kullback‑Leibler divergence or Hellinger distance. The resulting conflict score lies between 0 (no conflict) and 1 (total conflict).

2. Dempster‑Shafer Theory (DST) – The conflict mass is then used to allocate three basic belief masses: belief, disbelief, and uncertainty. Low conflict yields high belief and low uncertainty, while high conflict produces a larger share of uncertainty and disbelief. Multiple recommendations are combined using Dempster’s rule of combination, which redistributes the conflict mass among the remaining evidence. This process yields a single composite trust value that explicitly reflects both confidence and ignorance.

The key innovation is that all recommendations are kept in the fusion process. Recommendations that clash strongly with the node’s own view are not removed; instead, they receive a high uncertainty mass, which naturally limits their influence on the final trust score. Consequently, malicious nodes that flood the network with false recommendations cannot dominate the aggregation, because their contributions are automatically dampened by the uncertainty component.

Experimental Evaluation

The authors implemented the model in the NS‑3 network simulator and evaluated it on two representative WMN topologies:

• Infrastructure‑based WMN – A hierarchical layout with a central access point (AP) and several APs acting as mesh routers.
• Hybrid‑based WMN – A mix of infrastructure nodes and ad‑hoc devices, reflecting more realistic deployments where static and mobile nodes coexist.

Two classic routing attacks were simulated:

• Blackhole Attack – Compromised nodes drop every packet they receive.
• Grayhole Attack – Compromised nodes drop a configurable fraction (e.g., 30 %) of packets, making detection harder.

The proposed model was compared against four widely used trust‑aggregation techniques: linear opinion pooling, the subjective logic model, an entropy‑based probability model, and a regression‑analysis approach. Evaluation metrics included average trust score, packet delivery ratio (PDR), network throughput, detection accuracy, and a “recovery ratio” that measures how quickly the system regains normal performance after an attack begins.

Results:

• Stability of Trust Scores – Under both blackhole and grayhole scenarios, the non‑biased model maintained an average trust score above 0.7, whereas the biased baselines fell to 0.4–0.5.
• Packet Delivery – The model achieved a PDR of 92 % in blackhole conditions and 85 % in grayhole conditions, outperforming the best baseline (subjective logic) by roughly 20 % points.
• Throughput and Recovery – Network throughput remained within 10 % of the attack‑free baseline, and the recovery ratio stayed above 30 % even when 30 % of the nodes were malicious. Competing methods showed a steep decline, often below 10 % recovery.
• Computational Overhead – The Dempster‑Shafer combination is linear in the number of recommendations (O(N)). In the simulated environment, CPU usage increased by only 5–7 % compared with the biased models, indicating that the approach is practical for real‑time routing protocols.

Contributions and Implications

1. Elimination of Bias – By refusing to discard divergent recommendations, the model preserves the full informational content of the network, leading to more accurate and resilient trust assessments.
2. Explicit Uncertainty Modeling – The DST framework captures the degree of ignorance inherent in conflicting evidence, allowing the system to make conservative decisions when uncertainty is high.
3. Robustness to Reputation Attacks – The conflict‑driven uncertainty automatically throttles the impact of maliciously injected recommendations, providing inherent resistance to bad‑mouthing and ballot‑stuffing without the need for additional detection modules.
4. Generalizability – Although evaluated on WMNs, the underlying methodology (conflict quantification + belief‑function fusion) can be transferred to other distributed environments such as IoT ecosystems, vehicular ad‑hoc networks (VANETs), and blockchain‑based decentralized identity systems where reputation is a key security primitive.

Future Directions

• Adaptive Conflict Weighting – Dynamically adjusting the mapping from conflict scores to belief/disbelief/uncertainty masses based on network conditions (e.g., congestion, mobility) could further improve performance.
• Multi‑Modal Evidence Integration – Extending the framework to fuse non‑trust evidence (e.g., physical layer metrics, GPS location, historical behavior logs) would enrich the belief base and potentially detect more sophisticated attacks.
• Meta‑Verification of DST Rules – Investigating mechanisms to protect the Dempster’s combination rule itself from manipulation, perhaps by employing higher‑order consensus or cryptographic verification, would strengthen security in adversarial settings.

In summary, the paper delivers a novel, non‑biased trust aggregation scheme that leverages a dissimilarity test and Dempster‑Shafer Theory to incorporate every recommendation while automatically attenuating malicious influence through uncertainty. Extensive NS‑3 simulations demonstrate superior resilience against blackhole and grayhole attacks in both infrastructure and hybrid WMN deployments, establishing a solid foundation for trustworthy, attack‑resilient routing in future wireless mesh and related distributed networks.