Research on Secure Localization Model Based on Trust Valuation in Wireless Sensor Networks

Secure localization has become very important in wireless sensor networks. However, the conventional secure localization algorithms used in wireless sensor networks cannot deal with internal attacks and cannot identify malicious nodes. In this paper, a localization based on trust valuation, which can overcome a various attack types, such as spoofing attacks and Sybil attacks, is presented. The trust valuation is obtained via selection of the property set, which includes estimated distance, localization performance, position information of beacon nodes, and transmission time, and discussion of the threshold in the property set. In addition, the robustness of the proposedmodel is verified by analysis of attack intensity, localization error, and trust relationship for three typical scenes.The experimental results have shown that the proposed model is superior to the traditional secure localization models in terms of malicious nodes identification and performance improvement.


Introduction
WSNs (wireless sensor networks) are composed of a large number of static or mobile sensors.Positioning technologies based on WSN [1] estimate the current location of unknown nodes using the cooperation of position nodes and localization algorithm.In the locating, the nodes whose positions are known are called anchor nodes, while the nodes whose positions are unknown are called unknown nodes.The information on distance of anchor nodes and unknown nodes can be obtained via cooperation.Afterwards, that information and the localization algorithm are used to determine the positions of unknown nodes.
Due to random deployment and network topology dynamicity, the locating in the WSN is more vulnerable to various attacks [2,3].On this basis, the secure localization algorithms are widely used.Namely, they can be divided into three categories [4]: (1) secure localization algorithms based on robust observation; (2) secure localization algorithms based on isolation of malicious beacon node; and (3) secure localization algorithms based on localization verification.In the first group, the upper-bound limitation of the nodes' distance disables the attack node to reduce the measure distance.In the second group, the beacon nodes are used as checkpoints for mutual monitoring, in order to prevent the false localization.In the third group, a predetermined deployment location combined with a set of neighbor nodes is used to determine whether the localization process is attacked or not.However, these algorithms have different shortcomings [5].The first group's algorithms are unable to resist to the attack, which causes the increase of the measured distance.In addition, the algorithms can only roughly confirm whether the unknown node is in certain area or not.The second group relies too much on the base station node, which might cause the base station overload during the processing of a large amount of node information.Namely, the base station becomes the bottleneck of algorithm performance.The third group's defense capability is greatly influenced by deployment of the nodes.In order to compensate the inadequacy of the above algorithms and to improve their resistance to various attacks, a secure localization model based on trust valuation is designed.
The remainder of the paper is organized as follows.Section 2 introduces related work.In Section 3, we detail the 2 Security and Communication Networks secure localization model and give the formal description.Section 4 makes some simulation and analysis on secure localization model based on trust valuation.Section 5 concludes the paper.

Related Works
According to the usage of distance in the positioning, the positioning technologies can be divided into two main categories: distance-based (range-based) positioning technologies and distance-independent (range-free) positioning technologies.In the distance-based positioning algorithms, the absolute distance, or angle, between anchor node and unknown node is required.On the other hand, in distanceindependent localization algorithms, there is no need to obtain the exact distance between anchor and unknown nodes.The distance-based localization algorithms usually consist of two steps: firstly, the distance (or angle) is measured, and, secondly, the measured distance is used to calculate the coordinates of unknown node.The distance measurement methods can be divided into following categories: methods based on time, methods based on signal arrival angle, and methods based on received signal strength.
The principle of distance-independent localization is simple and easy to implement, and it has advantages in terms of cost and power consumption.Besides, its performance is not affected by environmental factors.These algorithms can be divided into four categories: APTI algorithm, DV-Hop algorithm [6], Amorphous algorithm [7], and N-hop algorithm.
In the WSN, the localization algorithm can be attacked in many ways.The attacks can be divided into two categories: internal attacks and external attacks.Four types of external attacks are concerned: Sybil attack [8], selective forwarding attack, wormhole attack, and node capture attack [9][10][11].
Due to limitation on sensor nodes, it is impossible to have a well-integrated defense system in the traditional WSN.The secure localization algorithms intended for WSN need to balance availability and integrity.According to that, the security localization algorithms can be divided into three categories: secure localization algorithms based on robust observation, secure localization algorithms based on isolation of malicious beacon node, and secure localization algorithms based on localization verification.
The gradual application of WSN localization caused the appearance of various attack methods [12].Nowadays, the main secure localization algorithm in the WSN has no ability to deal with the internal attacks and to identify the malicious nodes.Moreover, in the case of nodes compromising, the secure localization cannot be achieved.Thus, the trust management, which has been widely studied in various network environments, is considered as an effective complement to the traditional localization.
In 1994, Marsh proposed a model of trust and cooperation for the first time, which has been regarded for a long time as a scope of sociology and psychology.In addition, Marsh introduced the concept of trust relationship formalization.In 1996, Blaze et al. proposed the concept of trust model in order to solve the complex security problems in the Internet [13].
The trust management models can be roughly divided into two categories: objective trust management models and subjective trust management models.The objective trust management models abstract the trust value into Boolean value; thus, there are only two possibilities for trust value.Due to the aforementioned, the commonly used trust management models are subjective trust management models.The most popular subjective trust management models are presented in the following.
(1) Pervasive Trust Management.Pervasive Trust Management (PTM) represents a subresearch project of the UBISEC project, which defines a dynamic trust model based on a pervasive environment.The method of average weight is used for trust evaluation, and the evaluation result for two interactive entities can be expressed as where  represents the trust value,  + indicates that trust increases when feedback is positive, and  − indicates that trust decreases when feedback is negative.
The disadvantage of this model is that the arithmetic mean is used to calculate the indirect trust degree.In addition, this method processes data roughly and cannot accurately reflect the characteristics of the fuzzy trust value.
(2) Hassan's Model.Hassan's model is based on vector mechanism.If there are  entities, namely,  1 ,  2 ,  3 , . . .,   , then, the relationship between entity   and other entities can be represented as a trust vector: The disadvantage of this model is that it is not resistant to the collusion attacks.Namely, malicious nodes can give each other a high trust value.
(3) Sun's Model.Sun's model is based on entropy; namely, it uses  to express trust relationship, while  represents the probability that the agent nodes take action to the target nodes.The calculation process of trust value used in Sun's model is shown as where () = − log represents the entropy function.Then, the trust value is defined by where   represents the trust degree of node  to node ,   denotes direct trust value of node  to node , and   denotes the recommendation trust value of node  to node .
The convergence rate of Sun's model is limited by the length of trust chain, and it is difficult to get the trust value when the trust chain length increases.

Secure Localization Model Based on
Trust Valuation where  and  represent weight coefficients of direct and recommended trust values, respectively, and  represents the comprehensive trust value.The frame diagram of trust validation is shown in Figure 1.

Direct Trust.
According to the multidimensional decision theory [14], the direct trust of source node for target node consists of  attributes that form a set of attributes  = { 1 ,  2 , . . .,   , . . .,   } (0 ≤   ≤ 1).Each attribute value has different influence on calculation of direct trust value; thus, the weight vector is defined as . Moreover, the time decay function, (), defined by (5), is used to calculate the direct trust value: −1 Based on the above function, the th calculation of direct trust value is obtained.The direct trust value function is defined by All previous direct trust values are combined in order to obtain the final result: where   indicates the direct trust value of the source node  for target node .The difference between direct trust values of attack node and normal node is enlarged by this calculation method.In case of attack, the node is close to zero according to the calculated  (,V)  value, and the node will be abandoned.

Indirect Trust and Recommended
Trust.The trust model is composed of three types of nodes, the source node, the target node, and the recommended node, which form the trust chain as shown in Figure 2.
In Figure 2, , , and  represent the source node, the recommended node, and the target node, respectively, while  and  indicate the recommended trust value and the direct trust value, respectively.
Received Signal Strength Indicator (RSSI) represents the strength of the received signal [15], with the RSSI signal attenuation model in WSN defined by where RSSI() represents the signal strength at distance  from the transmitter,  0 indicates the signal strength reference value from the transmitter, and  denotes the path loss factor.Due to the influence of environmental noise, there may be errors when measuring RSSI.Thus, (8) can be modified to where the measurement error  follows the normal distribution defined by where  is random variable changes depending on the existing environment [16].Some experiments were carried out in article [17], in order to describe the relationship between the RSSI error and the corresponding distance.It adopts regular pattern as the communication model, and the communication radius of the nodes is 20 m.The distance between two nodes is fixed and RSSI values are observed 100 times.It repeats the observation of RSSI value as the distance between two nodes increases; it comes to the conclusion as shown in Figure 3.
As can be seen from Figure 3, the error of RSSI gradually increases with the increasing of distance within communication range.However, the error decreases gradually when distance is beyond the scope of communication.Since the distance is calculated according to the RSSI value, the variation law of distance error is coincident with RSSI error.Thus we get Theorem 8. [18].

Theorem 8. The error, that is, the difference between measured and actual distance values, increases with the increase of distance between nodes
According to Theorem 8, three anchor nodes that are closest to the target node will be selected as recommended nodes and labeled as   ,   , and   .Recommendation trust value is then defined as where  denotes the total number of nodes that participate in the trust calculation and   represents the Boolean value that indicates whether the node is being trusted in calculation of direct trust.The initial value of the recommended trust value is 1/2.After a certain period, the value fluctuates due to performance of recommended node.Finally, the indirect trust value is obtained by 3.1.4.Comprehensive Trust.Based on direct and indirect trust values, the comprehensive trust value of the source node for the target node is obtained, namely,  =  + .Similar to that in the ordinary trust valuation,  and  are generally considered as fixed values; thus, the trust model has no dynamic adaptability.Therefore, an adjustment method based on information entropy theory [19] is proposed.
In the calculation of comprehensive trust value, the information entropy of direct trust value is defined by Similarly, the information entropy of indirect trust value is defined by Through the calculation of direct and indirect trust values of information entropy, the certain information can be acquired.The weight distribution is obtained as

Attribute Set Selection
(1) Distance Measurement.The difference between measured and actual distances in the WSN positioning obeys to the normal distribution [20].Therefore, the error function can be defined by where   () refers to the Gaussian function of distance .
When  =  0 , the measurement error reaches its maximal value.In summary, the  1 attribute of the measured distance value is defined as (2) Localization Performance Definition 9.The unknown node's location reference set is defined as  = {( 1 , where  and  represent the measured coordinates of unknown node,   , and   denote the coordinates of anchor node, and   is measured distance between beacon node  and unknown node. In (18), the coordinates  and  are obtained by the least square method and the least squares regression model [21,22], while the estimation function is defined by where  is the measurement error and  ∼ (−, ) [23], while  is the maximal measurement error defined as The residuals are used to indicate the degree of each node's deviation from its true location.The mean residual error is defined as where  represents the number of anchor nodes involved in positioning.In order to define a threshold, value of  is needed.When the mean residual error is smaller than the threshold value, the localization result is considered as consistent.Otherwise, the presence of malicious nodes is indicated.The attribute value of localization performance  2 is defined as (3) Detection of Anchor Node Position.Based on (22), the major attacks can be filtered by comprehensive trust value.Nevertheless, in the case of Sybil attack, the above attribute value is not enough to fight against the attack.
Definition 11.The concept of Sybil attack in the WSN indicates that a single node has a multiple identity.
The RSSI signal attenuation model in WSN environment is defined by (8).
According to the attenuation model, the distance ratio can be deduced as where    is the distance between receiver and transmitter.From (23), it can be concluded that the distance ratio is related only to the RSSI difference.Therefore, (23) can be rewritten as Based on the above analyses, we know that if the distance between receiver and transmitter is constant, the RSSI difference is stable.The positioning in the case of Sybil attack is presented in Figure 4.In Figure 4,  is an unknown node,  is an auxiliary judgment node, and  1 ,  2 ,  3 , and  4 denote the false localization information, while the anchor node  is the attacked node.The RSSI value is affected by environment; thus, the measured distance between node  and node  will change according to the RSSI fluctuation.Therefore, the auxiliary node  is introduced.According to the above analysis, the difference between RSSI(   ) and RSSI(   ) is stable.Thus, according to (23), the value of    /   remains stable.

Security and Communication Networks
The coordinates of  are (  ,   ), the coordinates of  are (  ,   ), and the coordinates of  are (  ,   ).
(1) When  = ±1, (26) can be simplified as (23).According to the form of ( 27), it can be concluded that the equation represents a straight line.
When  ̸ = ±1, the result is always greater than zero.In summary, the trajectory of  is a circle or a straight line.
According to the above conclusions, the difference of RSSI is stable only when the faked nodes are distributed strictly in standard circle or straight line.Therefore the difference between RSSI(   ) and RSSI(   ) can be used against the witch attack.
At time moment  1 , node  is an unknown node, nodes  and  are the auxiliary nodes, and nodes ,  are the anchor nodes.In the following moments,  2 and  3 , RSSI is detected by these values.
Thus, the definition of attribute value  3 is defined as (30).
(4) Transit Time Detection.As it is well known, there are many attacks in the WSN [24,25], which mainly consist of replayed attacks, Sybil attacks, and wormhole attacks.In these attacks, the certain time is needed to tamper the information.As a result, the time used for positioning will increase.Figure 5 represents the node communication process.Node  is the source node, while node  is the target node.The observation time of the target node is  =  3 −  2 .Before positioning, the  group of experiment were conducted.In the experiments, a set of times  was obtained.The maximum value  max was selected from the set.
Based on the experimental results, the definition of attribute value  is obtained by 3.2.2.Discussion on Threshold.In Section 3.2.1, the attribute set selection and calculation processes are presented.Equations (20), (21), and.( 26) are all crucial for the threshold.
According to (20), the threshold  and the maximal measurement error should be discussed.
In the environment without obstacles, according to Definition 9, the localization error follows the normal distribution defined by The second parameter of normal distribution is determined in the literature [26].The relationship between the parameter  and the distance  can be fitted into the Gaussian function shown as According to the above analysis, when distance between unknown node and anchor node is  0 , the standard deviation of the distance error reaches the maximum.Therefore, the maximal deviation value between measured and calculated distances can be used as a threshold.The positioning in the presence of obstacles is presented in Figure 6.
In Figure 6,  represents an obstacle between the anchor node  3 and the unknown node .According to the trilateral localization algorithm principle, when the RSSI is much smaller than the normal value, the localization fails.
If  3  >  1  3 +  1  and  3  >  2  3 +  2 , there is a barrier between node  and node  3 .In the environment with obstacles, the distance between two nodes, which are affected by the obstacles, is the maximal distance between the obstacles.The maximal measurement error can be obtained by derivations as At the same time, (35) can be obtained: According to the values of cos(∠ 3  1 ),  1  3 and  1 ,  3  can be obtained by ) In an environment with obstacles,  =   3  −  3 .  3  is the distance value obtained by distance attenuation model.
Definition 13.In the WSN positioning, the reference node set is Loc refer = { 1 ,  2 ,  3 ,  4 ,   }, and the information frame format of each reference node is (  ,   ,  rssi  ), wherein (  ,   ) are the reference node coordinates, and  rssi  is the distance between reference node and unknown node.
According to Definition 13, the localization error of each reference node in the security localization can be obtained by   where   is the localization error of each reference node, and (, ) refers to the actual position of the unknown node.
In (38),   represents the average localization error, and   obeys the normal distribution; thus   also obeys the normal distribution.In the experimental environment, the mean  and the variance  of the   were obtained by the actual measurement.
According to the central limit theorem [27], when  → ∞, the distribution function of   = (∑  =1   −  0 )/ 0 obeys the standard normal distribution, where  0 = ,  0 = √.If   is equal to  *   , then we may get Based on the above conclusions, (40) can be obtained: According to (40), the standard normal distribution can be obtained.Therefore, the standard normal distribution table can be used to set the appropriate threshold  in different environments.

Localization Process.
According to the trust valuation model, the trust value of each anchor node can be obtained in the communication range of the unknown node.Three anchor nodes with the largest value of trust are used for computing.
Trilateral-centroid localization [28] is used for unknown node localization.The unknown node is , and the three beacon nodes are  1 ,  2 ,  3 .Trilateral-centroid localization is shown in Figure 7.
The coordinates of three anchor nodes are ( 1 ,  1 ), ( 2 ,  2 ), and ( 3 ,  3 ).Unknown node coordinate is (, ).Measurement distance values are  1 ,  2 , and  3 .Equation (41) can be listed according to Figure 7: According to (38) and the least square method, unknown node coordinates can be obtained as follows [29]: In addition, due to the presence of measurement errors, in some cases, the equations may not be solvable (as shown in Figure 7).In this case, the center of triangle is formed by the intersection of all circles, taken as the coordinates of the unknown point.
There are six intersections among three circles in Figure 8.The coordinates of the three intersection points which are close to the unknown nodes are ( 1 ,  1 ), ( 2 ,  2 ), and ( 3 ,  3 ).The coordinates of the estimated position of the unknown node are (, ).Thus we can calculate (, ) via

Experiment of Environment Selection and Parameter
Setting.Matlab7.0 experimental platform is used as the simulation environment.In this simulation environment, 100 nodes are randomly deployed in the range of 100 m * 100 m [30].The number of anchor nodes and unknown nodes is 40 and 60, respectively.The communication radius of the nodes is 20 m, and the communication model is the regular pattern.The path loss factor is  = 2.5 and the range standard deviation is  = 0.5.In addition, the robustness of the model is also investigated.One is attack power and the other is the number of attack nodes.

Simulation
As can be seen from Figure 12, when the number of attack nodes is less than 20, the localization error of secure localization model is much smaller than normal localization algorithm.However, when the number of attack nodes exceeds 20, the localization error increases sharply, since the attack node produces much fake information with consistency.The system cannot distinguish between malicious nodes and normal nodes through the consistency of the given information.As can be seen from Figure 13, the localization error of secure localization model remains in a very low level and the localization error of normal localization algorithm increases with the increasing of attack power.The localization error of secure localization model increases with the increasing of attack power, in case the attack power is under 5, with the performance of malicious nodes being similar to normal nodes.However, the system can distinguish between malicious nodes and normal nodes from the values of each attribute with the increasing of attack power.Thus the localization error remains in a low level.
In addition, this algorithm is compared with other secure localization algorithm in localization error.
As can be seen from Figure 14, the overall localization error of this algorithm is smaller than AR-MMSE algorithm.In the AR-MMSE algorithm [31], the localization error  becomes large when the number of malicious nodes exceeds 14.After that, with the increasing of the number of malicious nodes, the localization error is also growing.The algorithm proposed in this paper gets much larger localization error when the number of malicious nodes exceeds 20.AR-MMSE algorithm determines malicious nodes just by the consistency of the location information, while the proposed algorithm is capable of identifying malicious nodes via some additional attributes, such as distance measurement, detection of anchor node position, and detection of transition time.
As can be seen from Figure 15, the trust relationship network becomes tighter as the density of anchor nodes increases.Normal node does not build trust relationship with attack node, so the attack node is removed from the secure localization model.

Conclusion
The problem of secure localization is closely related to the structure characteristics and application background in WSN.Traditional security algorithms in WSN are constrained by the limited resources of sensor nodes.Trust management can improve the security and reliability of the localization system with low system overhead.In this paper, a number of attributes related to the localization are adopted and the threshold of the attribute value is discussed to ensure that the method can deal with the internal attacks and a certain degree of collusion attack.This model is superior to the traditional secure localization algorithm based on WSN in the success rate of identifying malicious nodes and performance overhead.

Figure 1 :
Figure 1: Frame diagram of trust validation.

Figure 3 :
Figure 3: Relationship between distance and error.

Figure 4 :
Figure 4: Localization in the case of Sybil attack.

Figure 6 :
Figure 6: Localization in the presence of obstacles.
based on trust valuation Normal localization algorithm
rssi  − √ (  − ) 2 + (  − ) Experiment.In the simulation experiment, three types of nodes are listed as follows: attack node, anchor node, or unknown node.First of all, three groups of experiments are carried out under different environments.The experimental conditions are listed as follows: nonexisting attack nodes, attack nodes existing, and attack nodes existing under trust valuation model.According to Figures9, 10, and 11, it can be concluded that the localization error increases with the increasing of attack nodes.When the trust valuation model is added in the localization process, the localization error recovers to normal level.