An Efficient Dynamic Trust Evaluation Model for Wireless Sensor Networks

Trust evaluation is an effective method to detect malicious nodes and ensure security in wireless sensor networks (WSNs). In this paper, an efficient dynamic trust evaluation model (DTEM) for WSNs is proposed, which implements accurate, efficient, and dynamic trust evaluation by dynamically adjusting the weights of direct trust and indirect trust and the parameters of the update mechanism. To achieve accurate trust evaluation, the direct trust is calculated considering multitrust including communication trust, data trust, and energy trust with the punishment factor and regulating function. The indirect trust is evaluated conditionally by the trusted recommendations from a third party. Moreover, the integrated trust is measured by assigning dynamic weights for direct trust and indirect trust and combining them. Finally, we propose an updatemechanismby a slidingwindowbased on induced ordered weighted averaging operator to enhance flexibility. We can dynamically adapt the parameters and the interactive history windows number according to the actual needs of the network to realize dynamic update of direct trust value. Simulation results indicate that the proposed dynamic trust model is an efficient dynamic and attack-resistant trust evaluationmodel. Compared with existing approaches, the proposed dynamic trust model performs better in defending multiple malicious attacks.


Introduction
Nowadays, technology development in the fields of microelectromechanical system (MEMS) and wireless communication has facilitated the extensive distribution of WSNs.WSNs are composed of a large number of sensor nodes.In general, sensor nodes are reliable, accurate, flexible, inexpensive, and easy to deploy.Some areas and industries that are subject to environmental constraints rely on WSNs for data collection and monitoring [1].They are widely used in many applications such as emergency response [2], healthcare monitoring [3], military, agriculture [4], environmental monitoring, and smart power grid [5].However, due to the characteristics of working environments (usually deployed in remote and unattended) and the way of wireless communication, WSNs are prone to sudden accidents failures and suffer from attacks of malicious nodes.Once a node is compromised, the availability and integrity of the network can be destroyed.In addition, it is difficult to predict the malicious attacks.Hence, network security is a vital issue, which needs to be addressed to guarantee correct operation of the whole network.
Recently, in the security field of wireless network, a great deal of research [6][7][8] has been carried out commonly using cryptography, authentication, and hash functions to improve the security of network.Undoubtedly, the present achievements have greatly promoted related research in improving security of network, especially the confidentially, integrity, authentication, availability, and no-repudiation of data in the network.But in the security field of WSNs, the above traditional security mechanisms such as cryptography and authentication are not mostly suitable for processing capability constrained and energy limited WSNs due to the complexity and huge computing memory [9].Furthermore, the traditional security mechanisms are widely and availably used to deal with external attacks but cannot solve insider or node misbehavior attacks effectively which are caused by the captured nodes [10].In pursuit of the security of WSNs, trust and reputation mechanisms have proven to be more resilient against insider or node misbehavior attacks [10,11].
Trust in the field of wireless communication networks may be defined as the degree of belief on the future behavior of other nodes, which is based on past experience and observations of the nodes' action [11].So, we give the definition of trust in WSNs as follows: node 's trust in node  describes the belief or expectation or assurance of sincerity, competence, and integrity of node 's future action/behavior [12].The basic idea of trust based scheme is to quantify trust to describe the trustworthiness, reliability, or competence of individual nodes [5].Trust management system can be implemented in various applications for security management such as secure protocol [8], secure data aggregation [13], trusted routing [14], and intrusion detection system [15].In recent years, lots of state-of-the-art models [5,[12][13][14][15][16][17][18][19][20][21][22][23][24][25][26][27][28][29][30][31] have been proposed in this field.Undoubtedly, the present achievements have greatly promoted related research in improving security of WSNs.Even so, trust evaluation in WSNs is still a challenging issue.Some limitations are exhibited which need more attention to be solved.
Considerable research has been done on modeling and managing trust and reputation in WSNs.Many current studies [18][19][20] have been done for trust establishment just only based on the communication interaction records between nodes without considering the data consistency, so they cannot be against attacks on data.While other studies [25][26][27][28] combine multifactors to calculate the trust value, the multitrust sums up in weighted manner to compute the integrated trust.But the weights are obtained by expert opinion method or average weight method.The results of the prediction are subjective, which affect the scientific and flexibility of the trust decision.In addition, trust evaluation is a dynamic phenomenon and changes with time and environment condition.In many current trust models [23,24], the trust value is updated by a sliding time window using forgetting or aging mechanism.But the number of sliding windows is defined by expert opinion method.Once the number of the sliding time windows is confirmed, it is difficult to change.It makes the trust models unable to adapt to the dynamic changes of the network environment, which affects the accuracy of the result.To our knowledge, there is no literature that can dynamically adjust the number of the sliding time windows and the parameters to achieve a dynamic update mechanism.Moreover, some existing trust models [18,23,27] rarely consider the influence of the energy consumption.Due to these reasons, there is a growing demand for adequate provision of an efficient dynamic trust evaluation model for WSNs; it can achieve accurate trust evaluation dynamically according to the environment and requirements and can realize the identification and defense of various types of malicious attack.
In this paper, an efficient dynamic trust evaluation model (DTEM) for WSNs is proposed that aims to address the above problems.In the proposed trust model, the trust value is calculated considering multitrust factors; it can achieve accurate trust evaluation.Moreover, DTEM can dynamically adjust the weights of direct trust and indirect trust.It reflects the dynamic adaptability of the trust computing.It also can dynamically adjust the parameters of the update mechanism to update the trust value to meet the actual needs of the network environment.The DTEM can be against various types of malicious attack and can be configured and effectively applied to different environments with different requirements.The major contributions of this paper are listed as follows: (1) To improve the accuracy of trust evaluation, against attacks on data, the trust value is calculated considering direct trust and indirect trust.The direct trust is calculated considering multitrust including communication trust, data trust, and energy trust with the punishment factor and regulating function to meet the following: character "trust is hard to acquire and easy to lose."The indirect trust is evaluated conditionally by the trusted recommendations from a third party.
(2) To ensure that the trust model makes a decision more scientifically, dynamically, and adaptively, we define a dynamic balance weight factor function which is changed dynamically with the number of communication interactions.The adaptive dynamic balance weight factor dynamically adjusts the weight of the direct trust and indirect trust.
(3) To make sure that the proposed trust model can be configured and effectively applied to different environments with different requirements and against on-off attack, we give an update mechanism by a sliding time window based on induced ordered weighted averaging operator (IOWA) to enhance flexibility.We can dynamically adapt the parameters and the interactive history windows number to change the weight sequence to update the trust value to adapt with different environments and requirements.Meanwhile, on-off attacks can be handled efficiently.
At last, compared to the existing trust models (RFSN [18] and BTMS [24]), simulation results show that the proposed trust model has remarkable enhancements in the accuracy of trust decision and has a better capability to capture dynamic malicious nodes behaviors.
The remainder of this paper is organized as follows.Section 2 gives an overview of related works.Network model and attack model are described in Section 3. Section 4 gives the overview and process of the DTEM.Section 5 discusses trust model and trust evaluation mechanism in DTEM.In Section 6, the experiment is made under simulative environments and the performance of the DTEM is evaluated.Section 7 concludes this paper.

Related Works
In most current trust model researches focus on sensor radio communication behaviors.Sensor nodes build node trust model through wireless radio transaction with neighboring nodes.Ganeriwal and Srivastava [18] first proposed a reputation based framework for sensor networks (RFSN) where nodes used reputation to evaluate other's trustworthiness.The framework uses watchdog mechanism to monitor communication behavior of neighboring nodes and represents node reputation distribution using Beta distribution.Then the trust value is figured out according to the statistical expectation of the probability reputation distribution.The trust framework is good robustness and very classic.But the recommendation trust is not considered; it cannot resist various internal attacks.In [19], an agent-based trust model was proposed in WSNs (ATSN); agent node was used to monitor behaviors of sensor nodes and classify the behaviors into good or bad ones.Agent nodes count all the number of good behaviors and malicious behaviors, respectively, and save the results into a three-tuple.ATSN scheme uses agent which can save the computational resources and energy consumption.However, in ATSN, only the direct trust value is calculated while the recommendation trust is ignored.In addition, the updating process of the trust value is not considered.Shaikh et al. [20] proposed a new lightweight group-based trust management scheme (GTMS) for clustered WSNs.The trust value is obtained through the communication behavior of neighboring nodes.It works on trust at three levels: the node level, the cluster head level, and the base station level.The model establishes trust mechanism from the above aspects to resist the attack of malicious nodes, respectively.GTMS can effectively resist the attacks of malicious nodes, and it does not require large data storage and complex computations.However, only observing the number of successful and unsuccessful interactions cannot reflect soundest trust value.Song et al. [21] proposed a dynamic trust evaluation method based on multifactor.The nodes' trustworthiness is measured by combining direct trust with indirect trust dynamically.Besides, both the involved classification standard and dynamic weight assignment are dependent on the interaction times between nodes, which are put forward under the background of Hoeffding's Inequality in Probability Theory.The simulation results show that this method is sensitive to multiple attacks.But the updating process of the trust value is not considered.Li et al. [22] proposed a lightweight and dependable trust system for the clustered WSNs.The trust decision-making scheme is proposed based on the nodes' roles in clustered WSNs.They improve system efficiency by canceling feedback between cluster members or between cluster heads.The trust scheme also defines a self-adaptive weighted method for trust aggregation at cluster head level.This approach surpasses the limitations of traditional weighting methods for trust factors, in which weights are assigned subjectively.In [23], He et al. defined an attack-resistant and lightweight trust management scheme called ReTrust.This system is oriented to medical sensor network and based on hierarchical architecture, comprised of master nodes and sensor nodes.ReTrust uses sliding time window and aging factor to identify and eliminate the onoff attack.Bad-mouthing attack is avoided by eliminating outliers after collecting recommendations.It is resistant to bad-mouthing and on-off attacks.However, the drawback of this scheme is that master nodes must have abundant storage and energy.Feng et al. [24] proposed a credible Bayesian-based trust management scheme (BTMS).The trust management scheme takes the direct and indirect trust into account.The direct trust is calculated by a modified Bayesian equation with punishment factor and updated by a sliding window using an adaptive forgetting factor.Moreover, the indirect trust computation is invoked from a third party.BTMS performs better in resisting attacks.
While in above-mentioned trust models data security is neglected, in existing trust models many of them focus on the trust of data as the main work.In [25], Zhan et al. proposed a resilient trust model with a focus on data integrity and sensor node trust for hierarchical WSNs.The sensor node current trust level is evaluated through the past history and recent risk.And then it employs Gaussian model to rate data integrity in a fine-grained style.The model is proven to be resilient against faulty data and malicious data manipulation.But the energy consumption on node is not considered.In [26], a wireless sensor network based on multiangle trust of node was proposed.The method considers the sensing data and the node's energy in the factors of trust assessment; the integrated trust value is calculated through the average weight of the communication trust, energy trust, and data trust.It is more reliable and effective against Dos attack and data forgery attack.But the trust update mechanism is ignored.Jiang et al. [27] proposed an efficient distributed trust model (EDTM) for wireless sensor networks.In EDTM, the direct trust and recommendation trust are selectively calculated according to the number of packets received by sensor node.The direct trust value is calculated through the average weight of the communication trust, energy trust, and data trust.In addition, trust reliability and trust familiarity are defined to improve recommendation accuracy.EDTM can evaluate trustworthiness of sensor nodes more precisely and identify the malicious nodes more effectively.In [28], a consensus-aware sociopsychological trust model for WSNs was proposed.The trust model uses the concept of consensus and consistency in understanding the behavior of the sensor nodes for detecting fraudulent nodes in WSN.The factors of ability, benevolence, and integrity are used for the computation of trust.The approach can deal even in the presence of higher number of fraudulent nodes than benevolent nodes.It is more reliable and effective against attacks on data in WSNs.But, communication faults that delay the rate at which packets are sent are not considered.
Recently, several techniques are used in computing the trust of sensor nodes, such as the fuzzy logic approach, the Bayesian network approach, the game theoretic approach, swarm intelligence, and the cloud method.In [29], Feng et al. first established various trust factors depending on the communication behaviors to evaluate the trustworthiness of sensor nodes.The direct and indirect trust are obtained through calculating weighted average of trust factors.Meanwhile, the fuzzy set method is applied to measure how much the trust value of node belongs to each trust degree.And then the evidence difference is calculated between the direct and indirect trust, which links the revised D-S evidence combination rule to finally synthesize integrated trust value of nodes.Zhang et al. [30] proposed a trust evaluation method for clustered wireless sensor networks based on cloud model.The method considers multifactors including communication factor, message factor, and energy factor to get factor trust cloud.And the trust cloud is calculated by assigning weights for each factor trust cloud and combining them.The final trust cloud is measured by synthesizing the recommendation trust cloud and immediate trust cloud and is converted to trust grade by trust cloud decision-making.The method can detect malicious nodes according to different secure requirements under different WSNs applications, which provides a safe running environment for different applications.Shen et al. [31] studied the trust decision and its dynamics that played a key role in stabilizing the whole network using evolutionary game theory.The evolutionary game theory is used for the area of trust evolution in WSNs.It sets up a WSNs trust game concerning the dynamics of trust evolution during sensor node's decision-making.When sensor nodes are making their decisions to select action trust or mistrust, a WSNs trust game is created to reflect their utilities.It can find out the conditions that will lead sensor nodes to choose action trust as their final behavior to ensure WSNs' security and stability.
Our work is partly motivated by those related works above; however, there are some distinctions compared with them.In our trust model, the trust value is calculated considering multitrust factors including communication trust, data trust, and energy trust.Not like the works in [18][19][20], the trust values are just only based on the communication interaction records, so they cannot be against attacks on data.While other studies [25][26][27][28] combine multifactors to calculate the trust value, they do not consider the following character: "trust is hard to acquire and easy to lose."In our proposed trust model, we add the punishment factor and regulating function to realize the punishment and adjustment of trust value against bad-mouth attack and collusion attack.Then, in most trust models such as in [18,[25][26][27][28], the direct trust and indirect trust sum up in weighted manner to compute the integrated trust.But the weights are obtained by expert opinion method or average weight method in [25][26][27][28].In our proposed trust model, we define an adaptive dynamic balance weight function to dynamically adjust the weight of the direct trust and indirect trust.Although the works in [21,22] have given various computation methods of the dynamic balance weight, the trust decision of our proposed trust model is more scientific and flexible.Furthermore, the most important thing is the dynamic of the trust evaluation model.In many current trust models [23,24], the trust value is updated by a sliding time window using forgetting or aging mechanism against on-off attack and other malicious attacks, but the number of sliding time windows is predefined.Once the number of the sliding time windows is confirmed, it is difficult to adapt to the dynamic changes of the network.In our proposed trust model, we centrally focus on setting up a dynamic update mechanism.To our knowledge, there is no literature that can dynamically adjust the number of the sliding time windows and the parameters to achieve a dynamic update mechanism.In our proposed efficient dynamic trust model, an update mechanism is defined by a sliding time window based on induced ordered weighted averaging operator (IOWA) to enhance flexibility.We can dynamically adapt the parameters and the interactive history windows number to change the weight sequence to meet the actual needs of the network.Based on the above analysis, the proposed trust model can be dynamically adjusted according to the environment and requirements to achieve accurate trust evaluation and can realize the identification and defense of various types of malicious attack.It has a powerful capability of the trust estimation for WSNs.

Network Model and Attack Model
3.1.Network Model.In this paper, we consider a scenario in which all the sensor nodes are randomly deployed in a twodimensional space.Nodes are neither added nor removed from network after deployment.It assumes that sensor nodes have the same capabilities of computing, communicating, and storing, initial energy level, and communication range, only when the two nodes enter the communication range of each other to start communication.Based on these assumptions, WSNs can be abstracted as a graph  = (, ), where  is the set of all nodes and  is the set of all edges.Each edge (, ) ∈  denotes that the two nodes are located within each other's transmission range.Each node keeps a list of neighboring nodes which stores their unique ID, communication information, and trust relationship.It assumes that neither the source nor the destination is malicious.Malicious nodes do not collude themselves and all communication links are bidirectional.And the communication channel is secure.

Attack Model for WSNs.
With the open and remote deployment environment, WSNs are generally susceptible to various internal attacks, including black hole attack, wormhole attack, Sybil attack, and grey-hole attack.The attack behavior of those malicious nodes shows diversity [6], such as discarding routing packets, injecting large amounts of redundant information and error information, maliciously modifying data packets, and providing unreal recommendation trusted data information.According to the attack behavior and target of malicious attack, we divide the various attacks into three categories: attacks on routing protocols in WSNs [32,33], attacks on communications data or messages, and attacks on trust models in WSNs [34].The target of the first kind of malicious attack is the routing protocol.The malicious attack behavior of this type discards all the routing packets or drops part of the routing packets, which makes the data packets unable to be forwarded properly between nodes.This type of attack includes black hole attack, greyhole attack, and wormhole attack.Due to the vulnerability of the wireless communication channel, the second type of malicious attack is that the malicious nodes can easily capture transmitting data information through a wireless link.The target of this type of malicious attack is communications data or messages.The transmitting data can be easily conducted with eavesdropping, forgery, and tamper.This type of attack includes Dos attack and message tampering attack.The third type of malicious attack is a special kind of attack, whose target is the trust management.This type of malicious attack can destroy the trust model by providing false information.This type of attack includes on-off attack, conflicting behavior, selfish attack, and bad-mouthing attack.As we know, trust management system can deal with most of the existing attacks and improve the security of the network.However, it is difficult to detect these malicious nodes completely by conventional trust model.The proposed DTEM can evaluate trustworthiness of sensor nodes more precisely and identify the different malicious nodes more effectively.

Overview of the Efficient Dynamic Trust Evaluation Model
To efficiently compute the trust values on sensor nodes, we first need a clear understanding of the trust model process.
The DTEM runs at the middleware of every sensor node.Every node maintains the trust value about other nodes; there is no central repository for storing trust values of every entity in the system.The process of DTEM is shown in Figure 1; the direction of the arrow represents the flow of information between them.And the specific process is as follows.
(1) Information gathering: we use watchdog mechanism to monitor neighboring nodes' activities periodically as RFSN [18] to collect evidence information.The available neighbor nodes' information is stored in the routing table of the node.
(2) Trust value calculation: in the proposed trust models, when a subject node wants to obtain the trust value of an object, it first checks its recorded list of neighbor nodes.The direct trust and recommendation are used to evaluate the trustworthiness of sensor nodes based on the recorded list.The direct trust is directly calculated based on the communication, data consistency, and energy.However, due to malicious attacks, using only direct trust to evaluate sensor nodes is not accurate.Thus, the recommendation from other sensor nodes is needed to improve the trust evaluation.Due to the dynamic behavior of WSNs and the impact of some special malicious attacks like on-off attack, the calculation of trust value should be based upon history interaction records and updated periodically.(3) Trust value integration: to ensure that the trust model makes a decision more scientifically, dynamically, and adaptively, we define a dynamic balance weight factor to realize the integration trust value of direct trust and indirect trust.
Trust evaluation process is a complex process.The information on a sensor node's prior behavior is one of the most important aspects in trust model.Hence

Select trusted recommendation nodes
The joint neighbors between the evaluation node and the evaluated node the process of the trust model is periodic.The evaluation results of trust values depend on historical records of each node.

The Efficient Dynamic Trust Evaluation Model
In this section, we present the composition of the proposed efficient dynamic trust evaluation model and the calculation procedure of trust in detail.

The Composition of the Efficient Dynamic Trust Evaluation
Model.The efficient dynamic trust model proposed in this paper consists of the following four modules: direct trust module, indirect trust module, integrated trust module, and trust update module.The direct trust is calculated based on the Beta trust model.The direct trust value of sensor node is calculated by taking communication trust, data trust, and energy trust into account.The indirect trust is evaluated based on the trusted recommendations from a third party.And then the integrated trust is calculated by assigning adaptive dynamic balance weights for direct trust and indirect trust and combining them.Finally, we give an update mechanism by a sliding time window based on IOWA to complete the updating of direct trust value according to historical interaction records.The relationship among the four modules is shown in Figure 2.And the specific implementation process is as follows.

The Calculation of Direct
Trust.As we know, the evaluation of trust in WSNs is a complex process, which includes a lot of factors.In the proposed trust model, the direct trust value is calculated by taking communication trust, data trust, and energy trust into account.The communication trust measures whether sensor nodes can cooperatively perform the intended protocol.The data trust measures the trust of data created and manipulated by sensor node, which can assess the fault tolerance and consistency of data.The energy trust measures whether a node has enough residual energy to complete new communications and data processing tasks.We consider the communication behavior and data consistency to establish a trust environment against errors and attacks and combine the energy factor to prevent the low competitive nodes from participating in the network operation to ensure network security and reliable operation.Next, we give the detailed calculation procedure of direct trust.

The Communication Trust Based on Data Consistency.
We assume that a node can monitor neighboring nodes' activities within its communication range using watchdog mechanism [18].For example, a node can monitor its neighbors' transmissions, and in this way we can detect whether the node is forwarding or dropping the packets.In most current trust models, they define trust as the probability that node  holds on node  to perform as expected [24].Assume that Beta distribution is employed as the prior distribution of interactions among sensor nodes.They monitor the communication interaction record information based on watchdog mechanism to count the number of well behaviors or malicious behaviors between nodes to calculate the trust value.The trust model at every node uses Beta probability density function [35] to evaluate expected probability of well behavior of neighboring nodes because trust modeling problem is characterized by uncertainty.And the Beta probability density function can be represented as where 0 ≤  ≤ 1,  > 0,  > 0, and  and  are two indexed parameters.
If the number of successful (well behavior) outcomes is represented by  and  represents the number of unsuccessful (malicious behavior) outcomes between nodes, the probability for outcomes can be obtained by setting the values for  and  as follows: The probability expectation value for Beta probability density function is defined as Equation ( 3) can be used for the computation of the probability expectation of successful outcomes between nodes.The probability expectation value is defined as the trust value.
Based on the above discussion, we assume that the way of future interaction is the same as that of the previous one; the probability expectation function can be represented by the mathematical expectation of Beta distribution as the communication trust.In our proposed model, the communication trust, denoted by   (), is derived from the direct observations of node  on node  at time , which is defined as where  and  denote the total amount of successful and unsuccessful interactions between nodes  and  during , respectively.But they are different from the above discussion that just considered whether the node is forwarding or dropping the packets.In (4), the node's successful or unsuccessful interaction is accessed by communication behavior and data consistency together.The expression (1 − /) [24] is called punishment factor, where  is the total number of effect interaction records.The punishment factor punishes trust value by the dynamic change of the number of malicious behaviors between nodes.The expression (1 − 1/( + )) is called regulating function, which approaches 1 rapidly with the increasing of the number of successful interactions, where  is a positive constant that can be tuned to control the speed of reaching 1.It would take longer time for a node to increase its trust value for another node.The detailed realization of each part is as follows.
In (4), successful or unsuccessful communication between nodes is judged by the communication behaviors and data consistency together.The successful communication means that a node not only forwards the packets to its next hop neighbor but also requires forwarding the packets reliably in its true form.Otherwise, it will be considered as unsuccessful communication.The evaluated node forwards the packets to its next hop successfully based on the watchdog monitored [18].The data consistency based on the detection algorithm is as follows.
Following the idea introduced in [36], the data trust affects the trust of the sensor nodes that created and manipulated the data.The data packets have spatial correlation in WSNs; that is, the packets sent among neighboring nodes are always similar in the same area.And the difference among nodes is reduced to zero.In our proposed paper, we use the detection algorithms [37] to assort abnormal and honest data in the network.The detection algorithm compares a localized threshold   () to the difference produced by each node data and its neighbors.The node  makes a measurement independently and transfers the measurement data value   () to its neighboring node .Then, node  compares the data value   () to its neighbor's node 's value   ().It is denoted as normal if |  () −   ()| <   () is satisfied, and else if |  () −   ()| ≥   () is satisfied, it is denoted as abnormal.According to commutation behavior and data consistency, we can get  and , which denote the total amount of successful and unsuccessful interactions between nodes during , respectively.
Considering that the malicious node injection false data has a large deviation from the sensing data of authentic nodes, we can detect the attacker by comparing the threshold with the difference between the neighbors and the node .The equation of the threshold   () of each node  as follows: where   represents the neighbor set of node .The number of element in   is denoted by |  |.In (4), the punishment function shows strict punishment to trust value according to the number of malicious behaviors.Once the number of misbehavior behaviors increases, the trust value drops rapidly.It reflects the following trust character: "trust is easy to lose."It can quickly and accurately identify the malicious behavior.
We choose the regulating function in (4) instead of a linear function since such a function would approach very slowly to 1 with the increasing of successful interactions which is similar to literature [20].According to the regulating function, it would take longer time for a node to increase one's trust value.This design can effectively restrain the trust value rapidly increasing with the sudden increasing number of successful communication interactions.It reflects the following trust character: "trust is hard to acquire."It can restrain the collusion or on-off attack.

The Energy Trust.
The energy trust is introduced mainly to complete the assessment on the performance of a node itself.By introducing the energy factor, we can effectively avoid the low competitiveness of nodes participating in network operation.When the energy consumption of a node is lower than a certain energy threshold  th , the node can only complete simple basic operation to prolong the network lifetime and balance energy consumption between nodes.The energy trust is defined as where  res represents the residual energy of a node. th represents the energy threshold.

The Direct Trust.
Based on the communication trust   () and the energy trust   (), we can obtain the direct trust between two neighbor nodes as

The Calculation of Indirect
Trust.Similar to most existing related works, we also consider the indirect trust to evaluate the trust value in the proposed trust model.The indirect trust value is evaluated by the recommendations from a third party.The recommendations are composed of the common neighboring node  of node  and node , symbolized as   .
As we know, trust has the property of transitivity.In the most existing trust models, the trust value  V  from node  to node  is calculated by the recommendation  V ( V ∈   ) and is notated as where  V  is the trust value of node  to node V to node . V is the direct trust value of node  to the common neighbor node  V ;  V is the direct trust value of the common neighbor node  V to .But not all the recommendations are reliable.How to detect and get rid of malicious recommendations is important since it has great impact on the calculation of trust.In order to judge the credibility of recommendations to calculate indirect trust more accurately, it needs to detect dishonest recommendations and exclude them before recommendation aggregation.In our proposed model, we only choose the recommendation whose trustworthiness is higher than the specified trust threshold  (0 ≤  ≤ 1).Suppose there are  recommendations and their direct trust values held by node  are notated as  1 ,  2 , . . .,   , . . .,  (−1) ,   .If   ≥  ( = 1, 2, . . ., ), the recommendation from   is accepted.Otherwise, it will be totally neglected.Due to the above discussion, we can get the trusted recommendations.In our trust model, we assign different weights to the selected recommendations by their direct trust.Intuitively, we should give more weight to the selected recommendation from recommenders with high reputation.Hence, we allocate weights based on the trust degree of the recommenders to avoid individual preference.The following approach is taken to calculate the weight   of the selected recommendation   : where   is the direct trust value of node  to the common neighbor node   , and  is the number of the selected recommendations.And 0 ≤   ≤ 1 and ∑  =1   = 1.Finally, the indirect trust value, denoted by   (), is obtained: where   is the weight of    .   is obtained using (8), which represents the trust value from node  to node  calculated by the recommendation   .

The Integration of Trust
Value.The integrated trust value   (), which node  holds about node  at time , is established via the following formula: where  is the balance weight factor, which is referred to as self-confidence factor and  ∈ [0, 1].The value of  is the degree of recognition of the direct trust and indirect trust of  to .  is defined using a dynamic function; the function introduced in the literature [38] is given as where the balance weight factor  is changed dynamically with the number of communication interactions  to defect caused by allotting weights subjectively. is the maximum interaction between  and .The specific value is determined according to the network environment and the specific requirement.COM th is the threshold of communication interactions.When the communication interactions between evaluation node and evaluated node are higher than the threshold COM th , the weight factor becomes much more and the integrated trust value is more dependent on the direct trust value.Otherwise, the communication interactions between neighbor nodes are too small; it is difficult to decide whether the evaluated node is good or bad, and the integrated trust value is more dependent on the indirect trust value.We can dynamically adjust the importance of direct trust and indirect trust according to the dynamic weight factor function.
In the process of the integrated trust quantitative calculation, we introduce a dynamic balance weight factor to solve the weight problem of direct trust and indirect trust.The balance weight is changed dynamically with the number of communication interactions, which reflects the dynamic adaptability of the trust computing.

The Update of the Direct Trust.
In our proposed model, we use a sliding time window to update the trust value [20], which can reflect the extent of variation of the trust value in a particular time interval.
The sliding time window is used to update the direct trust value.It consists of several time slots; each slot is a cycle time.Only interactive records within the sliding time windows are valid.We define the length of sliding window as , which reflects evaluator's emphasis on historical records.As Figure 3 shows, each sliding time window is divided into  slots from left to right.The update process of the trust value can be shown as  1 ,  2 , . . .,  −1 ,   ;  2 ,  3 , . . .,   ,  +1 ;  3 ,  4 , . . .,  +1 ,  +2 .However, it is intuitive that old historical record has less contribution and new historical record has more influence on trust decision.We give an update mechanism using a sliding time window based on induced ordered weighted averaging operator (IOWA) [39] to solve the problem of trust update.We use the IOWA operator to obtain the weight of each time window, which can give more accurate evaluation of the direct trust in DTEM.
From (13), we can know that the value of  1 ,  2 , . . .,   corresponds to the order in which the induced values of V 1 , V 2 , . . ., V  in descending sorting are ordered weighted averages; the weight coefficient  *  has nothing to do with the size and position of   but is related to the location of the induced value V  .Hence, the model can be used to sort the historical trust value according to the time of occurrence, and the sliding time window is used as the induced value of the IOWA operator, and the IOWA operator is completely used to update the trust value.
In accordance with the occurrence time, the trust evaluation sequence of nodes  on the node  is expressed as follows:  = { 1 ,  1 , . . .,   , . . .,   }, 0 ≤   ≤ 1, 1 ≤  ≤ , in which  is the trust evaluation sequence based on the sliding time window.Each value corresponds to a child window, and the time parameter is added to each of the  elements: ⟨ 1 ,  1 ⟩, ⟨ 2 ,  2 ⟩, . . ., ⟨  ,   ⟩, and the two-dimensional trust sequence is defined as the induced value based on the time sliding window.The trust update depends on both real-time and historical windows to complete the updating operation.It means that we know ⟨ 1 ,  1 ⟩, ⟨ 2 ,  2 ⟩, . . ., ⟨  ,   ⟩, obtaining ⟨ +1 ,  +1 ⟩, and this is what IOWA can solve.The definition can be expressed as where  *  represents the importance of the trust value of the th child window, and the key problem of the updating mechanism of trust model is how to find the classification weight of each window.
Let  * = ( * 1 ,  * 2 , . . .,  *  )  be the ordered weighted vector of any IOWA operator.The perfect method of the weighted vector is based on the maximum degree of dispersion [35], which can make full use of all the data information under given and/or degree [40].We can get the weight vector as follows: In addition, the relationship of trust has time decay.In the trust sequence of ⟨ 1 ,  1 ⟩, ⟨ 2 ,  2 ⟩, . . ., ⟨  ,   ⟩, the element of ⟨  ,   ⟩ has the greatest influence on ⟨ +1 ,  +1 ⟩, and the longer the time, the smaller the influence on trust decision.In (18), we can know that the calculation of the weight coefficient vector is mainly determined by two parameters: the parameters  and the number of interactive history windows .According to the literature [41], we know that when  ∈ [0.5, 1], the distribution of the weight coefficients satisfies the characteristic of time decay.The corresponding weight sequences in different  and  are shown in Table 1.It can be seen from Table 1 that the value of the parameter  reflects the forgetting degree of the history interactive experience in trust model.When  is larger, the historical experience is easier to forget.And if  = 1, the previous history is completely forgotten.So, we can dynamically adjust  to meet the different needs of the trust model.The value of parameter  responds to the number of windows of historical experience.When  is larger, the trust value is obtained more accurately.But it requires more energy consumption and storage space.So, the determined parameter  requires a combination of the actual demand and considers the restriction of WSNs in accordance with the requirements definition.

Simulation Results and Analysis
Our experiments are performed using Matlab to analyze the performance of the proposed algorithm similar to the literature [25,29].The concrete simulation scene is set to be 100 m × 100 m, with 50 randomly deployed nodes.Some parameters vary with the scenes and the purposes of experiment and will be explained in detail.The other default simulation parameters that we have chosen are summarized in Table 2.
In this section, the simulations can be divided into two parts.First, we analyze the performance of the DTEM, which includes the effect of dynamic weight value on integrated trust value and the direct trust value update mechanism.Then, we compare DTEM with the existing trust models, typical RFSN [18], and BTMS [24].The results demonstrate that the DTEM has a powerful capability of the trust estimation.

The Performance of the DTEM.
In this section, we analyze the dynamic performance of the DTEM.

The Effect of Dynamic Weights on Integrated Trust Value.
The value of  is the degree of recognition of the direct trust and indirect trust of  to .The relationship between the dynamic weight of  and the number of interaction times is shown in Figure 4.As shown in Figure 4, in the early stage of trust measurement, when the number of interactions is less than COM th , the trust calculation is much more dependent on the indirect trust value.With the increasing of the number of interactions, when the number of interactions is greater than COM th , the node  is more willing to believe their direct interactive experience, and the weight  of direct trust will become much larger.Hence, the weight factor  is dynamically changed with the interaction times.And the value of COM th can be adjusted according to the actual demand of the network to achieve a more reasonable distribution of the weights between direct trust and indirect trust.In this paper, we give  = 1200, and COM th = /3.And giving  = 0.1, 0.5, 0.9 and the dynamic value, the effect of  on the integrated trust value is shown in Figure 5, respectively.As shown in Figure 5, at the beginning, the interactions between nodes are very few; the effect of dynamic weight  on integrated trust value is relatively close to  = 0.1.That notes when the number of interactions between nodes is less, the trust value is more dependent on the indirect trust, and with the increasing of interaction times, the effect of dynamic weight  on integrated trust value slowly trends towards  = 0.9.That means with the increasing of the number of interactions between nodes, the integrated trust value metric measure is more dependent on direct trust.The results obtained are in agreement with the previous theoretical analysis.The weight factor  can be dynamically adjusted according to the number of the interactions between nodes, which can better ensure the accuracy of trust measurement.

The Effect of Update Mechanism on Direct Trust Value.
From the analysis in Table 1, we can see that the IOWA operator is determined by  and .In this section, the effect of different  and  on the direct trust value is realized.Figure 6 shows the effect of the different  on the update trust value when  = 4.As shown in Figure 6, with the increasing of , the update trust values are much closer to the trust value without update, which shows that the greater  is, the less  dependent the update trust value is on historical experience.Figure 7 shows the effect of the different  on the update trust value when  = 0.7.As shown in Figure 7, with the increasing of , the updated trust value is more accurate, which shows that the update trust value is more dependent on the historical experience.According to dynamic adjusting of  and , we can effectively control the impact of historical interactions on trust value and enhance the accuracy of trust value.for WSNs; the latter is one of the representative classical trust schemes.

The Trust Evaluation.
In this section, we assess the integrated trust of normal node and malicious node, respectively.It is assumed that a normal node always chooses to cooperate, and a malicious node always chooses not to cooperate.The target of this kind of attack is the routing protocol.As depicted in Figure 8, the integrated trust increases with the increasing of successful interactions among normal nodes and decreases with the increasing of unsuccessful interactions among malicious nodes in RFSN, BTMS, and DTEM.On the one hand, we can see intuitively that, for the integrated trust between normal nodes, the trust value increases faster than the other two algorithms in RFSN.In BTMS, the trust value increases more slowly than the other two algorithms because of the effect of the punishing factor at the beginning.
In our proposed model in DTEM, the trust value changes with the increasing number of the interaction rounds.At the beginning, the trust value increases faster than BTMS and more slowly than the RFSN.After a few rounds, the increasing of the trust value becomes the slowest.On the other hand, for the integrated trust between malicious nodes in DTEM, the integrated trust value decreases fastest in all the algorithms.From the above analysis, we can get that the DTEM reflects the following character: "trust is hard to acquire and easy to lose."Having compared RFSN, BTMS, and DTEM, DTEM evaluates the trust more accurately among normal nodes.It reflects nodes' commutation behavior changing acutely and has more sensitive changing of the malicious actions, which can effectively identify routing attacks.fake data attacks together against the normal data.Firstly, we generate random data at randomly selected sensor nodes, but it does not affect the data communication.This means that although the sensor node sends false data, it can be considered as successful communication.Running RFSN, BTMS, and DTEM in this scene, the result is shown in Figure 9.As shown in Figure 9, in BTMS and RFSN, the trust value does not make any change.It is shown that these two algorithms do not consider the consistency of the data; they just only consider communication behaviors between nodes to calculate the trust value.In DTEM, the trust value decreases sharply, and then with the increasing of the number of interaction rounds, the trust value increases, but the trust value is always lower than 0.5.The result indicates that the resilience of DTEM is very good, which can fast and accurately identify the faulty data manipulation of malicious node.It is more sensitive in order to identify data information attacks compared with RFSN and BTMS.

The On-Off Attack.
In this section, we analyze the efficacy of DTEM against the on-off attack.This type of malicious attack is a special kind of attack, whose target is the trust management.The on-off attack malicious node alternates its behavior from malicious to normal and from normal to malicious so it remains undetected while causing damage [42].In this paper, we suppose that an on-off attacker behaves well in the first 30 interaction rounds to build up good reputation but behaves badly in the next 30 rounds.After that, it behaves well continuously.The result is shown in Figure 10.It is not difficult to see that the trust value increases in the first 30 interaction rounds, and the malicious node does nothing or only performs well.But in the next 30 rounds the trust value drops when the malicious node launches attacks.Having compared RFSN, BTMS, and DTEM, the DTEM can acutely reflect nodes' changing and sensitively detect  on-off malicious attack.And more importantly, an on-off malicious node recovers its trust value more slowly and much longer.We can come to a conclusion that DTEM outperforms RFSN and BTMS against on-off attack.Meanwhile, the simulation result again verifies the character "trust is hard to acquire and easy to lose" in DTEM.This is because the trusted recommendation node selection mechanism and dynamic update mechanism are added to the process of trust evaluation, which makes the evaluation of trust between nodes more objective and accurate.It can effectively identify trust model attacks such as on-off attack and bad-mouth attack.6.2.4.The Detection Rate.In this section, the simulated malicious attacks are selective forwarding attack, on-off attack, conflicting behavior attack, data forgery attack, and data tampering attack.We vary the percentage of malicious nodes from 10 to 50 percent with a 10 percent increment.As shown in Figure 11, which gives the detection rate in different trust model, we can see that the performance of the DTEM is better than RFSN and BTMS.RFSN and BTMS are vulnerable against data forgery attack and data tampering attack.So, with the increasing of the number of malicious nodes, the detection rate decreases rapidly, but the DTEM keeps high detection rate.Hence, the DTEM is an efficient trust evaluation model which can identify different kinds of malicious nodes and can be dynamically adjusted according to the specific requirements of the network.
In order to better illustrate the operation mechanism and performance of DTEM, Table 3 shows the comparison of state of the art in terms of trust estimation method, direct trust factors, indirect trust module, integrated trust module, trust update module, and considered attacks.Through the above proof and analysis of the experiment, we can know that DTEM is an efficient dynamic trust evaluation model for WSNs.It can effectively identify various malicious attacks.

Conclusion
In this paper, we propose an efficient dynamic trust evaluation model for WSNs.It includes the direct trust module with multiple trust factors, the trusted recommendation trust module, the dynamic trust integration module, and the adjustable trust update module.In the course of the calculation of direct trust, we take the communication trust, data consistency, and energy trust into account; it can achieve accurate trust evaluation against routing attacks and data information attacks.The punishment factor and regulating function are introduced based on the character "trust is hard to acquire and easy to lose."The calculation of indirect trust is invoked conditionally in order to enhance the accuracy of trust value, which can be against the trust model attacks such as bad-mouth attack.Moreover, in the process of the integrated trust quantitative calculation, we define a dynamic balance weight factor function to overcome the defect caused by allotting weights subjectively.Afterwards, we give the update mechanism based on IOWA to enhance flexibility.During this process, we can dynamically adapt the parameters to change the weight sequence to meet the actual needs of the network.The proposed dynamic trust model enables dynamic, accurate, and objective evaluation of trust between nodes based on the behavior of nodes.
We have performed several tests to validate the proposed trust model.Simulation results indicate that DTEM is an efficient dynamic and attack-resistant trust evaluation model.It can dynamically evaluate the reputation among nodes based on the communication behavior, data consistency, and energy consumption of nodes.And having compared RFSN, BTMS, and DTEM, DTEM is of great help in defending against routing attacks, data information attacks, and trust model attacks.It can effectively identify various malicious attacks.
The traditional security mechanisms (cryptography, authentication, etc.) are widely used to deal with external attacks.Trust model is a useful complement to the traditional security mechanism, which can solve insider or node misbehavior attacks.Hence, trust model is important to providing security service for upper layer network application in WSNs, such as secure routing and secure data fusion.In our future work, we would like to focus on the application of trust model in routing and data fusion for WSNs.

Figure 1 :
Figure 1: The process of the proposed trust model.

Figure 2 :
Figure 2: The relationship among the four modules.

Figure 3 :
Figure 3: The sliding time window.

Figure 4 :
Figure 4: The dynamic weights of the direct values  and 1 − .

Figure 5 :
Figure 5: The effect of dynamic weights on integrated trust value.

Figure 6 :
Figure 6: The effect of the parameter  under  = 4.

Figure 8 :
Figure 8: Comparison of the trust value of the normal node and malicious node.

Figure 9 :
Figure 9: Comparison of the trust value under data attack.

Figure 10 :
Figure 10: Comparison of the direct trust value under on-off attack.

Figure 11 :
Figure 11: Comparison of the detection rate.
, every node maintains the trust value about other nodes in routing table;

Table 1 :
The weight sequence in different m and .

Table 3 :
Comparison of state-of-the-art trust model.