Front. Comput. Sci., 2015, 9(2): 280296DOI 10.1007/s11704-014-4212-5A survey on trust based detection and isolation of maliciousnodes in ad-hoc and sensor networksAdnan AHMED1, Kamalrulnizam ABU BAKAR1, Muhammad Ibrahim CHANNA2,Khalid HASEEB1, Abdul Waheed KHAN11 Faculty of Computing, Universiti Teknologi Malaysia, Johor Bahru 81310, Malaysia2 Department of Information Technology, Quaid-e-Awam University of Engineering, Science and Technology,Nawabshah 67450, PakistancHigher Education Press and Springer-Verlag Berlin Heidelberg 2014Abstract Mobile ad-hoc networks (MANETs) and wirelesssensor networks (WSNs) have gained remarkable apprecia-tion and technological development over the last few years.Despite ease of deployment, tremendous applications andsignicant advantages, security has always been a challeng-ing issue due to the nature of environments in which nodesoperate. Nodes physical capture, malicious or selsh behav-ior cannot be detected by traditional security schemes. Trustand reputation based approaches have gained global recog-nition in providing additional means of security for decisionmaking in sensor and ad-hoc networks. This paper providesan extensive literature review of trust and reputation basedmodels both in sensor and ad-hoc networks. Based on themechanism of trust establishment, we categorize the state-of-the-art into two groups namely node-centric trust mod-els and system-centric trust models. Based on trust evidence,initialization, computation, propagation and weight assign-ments, we evaluate the ecacy of the existing schemes. Fi-nally, we conclude our discussion with identication of someunresolved issues in pursuit of trust and reputation manage-ment.Keywords trust, reputation, wireless sensor network, mo-bile ad-hoc networks, routing, node misbehaviorReceived April 30, 2014; accepted October 09, 2014E-mail: adnan.ahmed03@yahoo.com1 IntroductionThe interest of research community has signicantly in-creased in ad-hoc and sensor networks during last few years.The nodes in these networks are self organized in order toprovide exible topology for the dissemination of gatheredinformation. Such networks have been used in variety ofapplications such as military surveillance, emergency ser-vices, commercial and civilian environments [1]. The majorobjective of providing security in any network, whether wiredor wireless, are to defend the network resources against vari-ety of attacks, such as denial of service (DoS) attack, worm-hole attack, blackhole attack, routing table overow and poi-soning attack, packet replication attack, grayhole attack andmodication of packets attack [24]. Sensor nodes are placedin large numbers in hostile environment, which makes di-cult to protect against tampering or captured by an adversaryforce that can launch insider attacks to make a node com-promised and can have easy access to valid keys and mem-ory contents [5]. Then, an adversary can learn contents ofmemory and have access to valid secret keys stored in thecompromised nodes and use them to launch insider attacks.Protocols and algorithms based on traditional security mech-anisms such as authentication [6], encryption and cryptogra-phy are not suitable for WSN as these mechanisms assumesthat all participating nodes are cooperative and trustworthyand also require extensive computation, communication andAdnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks 281storage [7]. In recent years, the concept of trust and reputationhas been applied to eld of wireless communication networksto monitor varying behavior of nodes and counter insider at-tacks. Reputation and trust are two very useful tools that areused to facilitate decision making in diverse elds. Trustbased security is a new way of providing security without us-ing cryptography approaches [8]. Trust in the eld of wirelesscommunication networks may be dened as degree of relia-bility of other nodes performing actions [9,10]. Trust and rep-utation management systems (TRMs) can be used to assistswireless networks in decision making process. Trust betweenthe nodes in maintained by recording the transactions of anode with other nodes in the network, either directly or in-directly. A trust value will be calculated from the record thataids sensor nodes to deal with uncertainty about the future ac-tions of other nodes. Trust based approaches are very usefulto deal with node misbehavior. The problem to address un-certainty in decision making is dealt with trust and reputationmanagement systems by maintaining past behavior of nodes[11]. If a node holds a good reputation it will be forwardedwith packets and considered as trustworthy node; otherwise,it will be considered untrustworthy. The words trust and rep-utation has been commonly used in our personal and businessdealings. The repute of a person in established from the ac-tions performed previously and it goes on increasing with thetime if he or she remains consistently sincere in their deal-ings. The same idea is applied in trust and reputation basedsystems; a well reputed node is chosen for communication inneighborhood. Trust based approaches has been widely usedin popular wireless communication networks such as WSN[1216], MANET [1720], DTN [2123], VANET [24] andwireless multimedia sensor networks (WMSNs) [25].Various surveys on very subject have been conducted indierent domains [11,16,2632]. In [11,26,30] analysis totrust models is restricted to only mobile ad-hoc networks. In[28], diverse applications of trust and reputation based sys-tems are discussed in general wireless communication net-works. A survey on trust based protocols, limited to securelocalization, in WSN is presented in [31].An overview oftrust applications has been presented in [29], but not relatedto WSN. In [32], authors have compared some trust and rep-utation based systems, but most of the discussed literature isnot recent. The authors in [16] highlighted some practices indeveloping trust and reputation models, but detail discussionon working of referenced models is lacking.On contrary, this paper aims to deal with aforementionedlimitations and provides a focused study on trust and repu-tation systems for both mobile ad-hoc networks and wire-less sensor networks. This study also discuss in detail howtrust and reputation systems are modeled, what elements areinvolved in the design of trust and reputation systems andhow these systems can be eective to provide better secu-rity. Some of the latest mechanisms for trust and reputa-tions based systems are compared and their pros and cons arealso discussed. The rest of the paper is organized as follows:Section 2 presents the node misbehavior and comparison ofvarious types of attacks in ad-hoc and sensor network. InSection 3, some design parameters for trust and reputationbased systems are summarized. Section 4 presents compara-tive analysis of trust and reputation based schemes for bothad-hoc and sensor networks. In Section 5, we identify someunresolved issues in pursuit of ecient TRMs in ad-hoc andsensor networks. Finally, Section 6 concludes our discussionof TRMs along with future directions.2 NodemisbehaviorandtypesofattacksIn ad-hoc and sensor networks, it is very important to se-cure each node [33]. An adversary may overtake some criti-cal nodes and inject malicious behavior, which leads to reve-lation of secure information and collapse of entire network[11]. There are two common types of misbehaving nodes:selsh nodes and malicious nodes [34]. If a node does notcooperate in packet forwarding due to some resource con-straints, such as low memory or battery life, it is said to beselsh node. A selsh node may not have any intention todestruct the system; an adversary may reprogram a compro-mised node to behave selshly. On the other hand, a mali-cious node has an objective to destruct the system badly, evenat the cost of its own resources.The security attacks in ad-hoc and sensor networks may becompared and classied frommultiple perspectives. One wayof classifying attacks is based on capabilities and resourcesan adversary has in his possession. In this type of classi-cation, attacks may be classied as outsider (external) attackand Insider attack. In outsider attack, attacker lacks authenti-cation and key information and such type of attack can easilybe dealt with classical security mechanism such as cryptog-raphy, encryption and authentication. In insider attack, an ad-versary already has all key and cryptographic information,therefore such type of attack cannot be dealt with traditionalsecurity measures. Another classication is based on adver-sarys intention to destruct the system. The attacks may beclassied as trust management (TM) related attack and net-work related attack. The intention of TM related attack is to282 Front. Comput. Sci., 2015, 9(2): 280296degrade the performance of trust management system whichleads to the inaccurate decisions. For example, in trust awarerouting mechanisms, if misbehaving nodes are not properlydetected and isolated by trust management system, then thesenodes may become part of selected routing path and performmalicious activity. In network related attack, the intention ofan adversary is to destruct overall performance of networkby intentionally dropping data packets, energy drain and re-porting incorrect sensed data. Such attacks can be detectedand prevented by trust management system. For example, ablackhole attack intentionally drops all the received packets,which in results degrade the overall network performance interms of packet delivery ratio. Yet another way to character-ize attacks is based on perspective of the ecacy of coun-termeasure, such as, traditional security solutions and trustbased security solutions, to prevent attacks. Table 1 presentsthe comparison of security attacks in context of aforemen-tioned perspectives. It is analyzed that trust-based securitysolutions provide better resistance capability against major-ity of attacks, either insider, TM related or network related.While traditional security measures cannot provide protec-tion against insider attacks.3 DesignoftrustandreputationsystemsIn this section, we discuss some critical factors used for trustestablishment such as bootstrapping, trust evidence, trustevaluation and decision making [55] in both node-centrictrust models and system-centric trust models. The bootstrap-ping is the initial step of any TRM system. Mostly there arethree ways in which a TRM may be initialized, mentioned asbelow:i) Nodes are considered to be trustworthy when initializedwith high trust values.ii) Nodes are considered to be neither trustworthy nor un-trustworthy when initialized with neutral trust values.iii) Nodes are considered to be untrustworthy when initial-ized with low trust values.Some of the schemes in the literature that assign hightrust value to nodes are [18,5659]. Similarly, the schemesTable 1 Comparison and classication of attacks in ad-hoc and sensor networksAttacks InsiderExternalTM-Related Network-relatedTraditionalsecuritysolutionsecacyTrust-basedsolutionsecacyAttacking behaviorWormhole Capture packets at one end (source) and tunnel them to otherend (destination) and replay them. Colluding nodes may alsoredirect trac to a slow link to cause congestion and delay[3537]Sybil An attacker node may use multiple network identities to repre-sent itself as more than one node in the network [38]Grayhole A variant of blackhole attack, which drops packets randomlyor selectively [3941]Blackhole A misbehaving node claim itself to be the most suitable candi-date to forward packets but drop all the received packets [4246]Routing loop An attacker node may alter routing information contained inthe packets, for example, number of hops to reach destination[47]Packet injection A packet may be injected with false data such as incorrectsource and destination addresses [48]Conicting behavior Dierent behavior for dierent set of nodes [49]Packet delay An attacker node may forward packets with random delayBad-mouth An attacker node spread false information about trustworthynode to decrease its trust rating [50]Selshness An attacker node refuses to take part in packet forwarding topreserve its battery resource [5153]On-o attack A malicious node alternatively switches the behavior betweentrustworthy and untrustworthy node to keep trust level abovethreshold [54]DoS Huge amount of routing packets are ooded throughout thenetworkAdnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks 283discussed in [12,47,49,6069] assign neutral trust valuewhereas [70] are based on low trust value. The trust value ofa node may either increase or decrease depending on the be-havior of node. The trust models initialized with high trustrating may take some considerable amount of time to de-crease the trust rating of misbehaving node and declared itas untrustworthy. Similarly, trust models initialized with lowtrust values may take reasonable amount of time to increasetrust rating of behaving node and declared it as trustworthy.Therefore, most the schemes available in the literature areinitialized with neutral trust rating. Based on the nodes ownexperiences and observations a node decides the trustworthi-ness of other nodes.In TRMs, trust evaluation is based on either of trust evi-dence methods: direct trust [rsthand information], indirecttrust [secondhand information] or both direct and indirecttrust. The schemes presented in [12,47,56,57,62,6668,70]employ both direct and indirect trust mechanism, whereas schemes presented in [13,18,49,5860,6365,69,71] and[72,73] exploits direct trust only and indirect trust only, re-spectively, in their trust establishment mechanism.A node gathers direct trust by its own personal experienceswith other neighboring nodes through direct interaction. Onthe other hand, indirect trust is gathered by a node from othernodes experiences with the subjective node. The use of indi-rect trust makes the reputation build-up process fast, but onthe other hand, it makes the TRM system vulnerable to falsereport attack. Therefore, most of the studies available in theliterature exploit direct trust information only in their reputa-tion mechanism.Many researchers have proposed variety of trust com-putation approaches. The probability-based approaches[13,49,61,63,65,6870,7376] have been widely used inTRM systems. The beta distribution is most frequently usedprobabilistic trust computational approach in TRM systemsdue to its simplicity, exibility and easy estimation. Thebeta distribution represents trust as binary transactions suchas positive or negative and cooperative or non-cooperative.Other probability based distributions are: Gaussian, Poisonand Binomial distributions. Game theory-based approaches[60,62,7780] provide the way to mathematically capturethe behavior of an entity and analyze situations where co-operating and non-cooperating entities coexist. The packetforwarding activity among the nodes is modeled as games.In these approaches, decision maker focus on knowledgeand experience of other decision makers behavior and re-peated non-cooperative game is being played between theparticipants based on selsh behavior. Weighting-based ap-proaches [12,47,49,57,58,67] aggregate the results obtainedfrom nodes and assign dierent weights to dierent observedquantities. Neural network-based approaches [8184] havebeen commonly used in distributed, P2P environment and e-commerce communities to build trust and reputation amongparticipating entities. To the best of our knowledge, neuralnetwork-based approaches have not been widely used in ad-hoc and sensor networks. Bayesian-based approaches [8590] use Bayesian theory as trust computation methodology,as it is in total compliance with concept of trust computation.In order to make a posterior inference of an even, it makes useof prior probability of that event. Entropy-based approaches[54,91] dene trust metric based on entropy.Entropy is ameasure of uncertainty. Entropy based models measure thetrustworthiness of a node based on the degree of consistencyof nodes behavior pattern. The scope of this study is lim-ited to probability-based, game theory-based and weighting-based approaches.The decision made by decision making component ofTRMs can be used for excluding misbehaving nodes andselecting trustworthy nodes for mutual interaction. Thereare three types of decision making methods: ranking-based,weight-based and threshold-based [55].The de-cisionmakingmethodsposses hybrid nature, it maybe combination of ranking-based and threshold-based orweight-based and threshold-based. In ranking-based meth-ods [18,49,57,60,68,70,73], the nodes are ranked in eitherof type: trustworthy node or untrustworthy node accord-ing to trustworthiness value (base for trust computation). Inweight-based methods [12,47,49,58,62,67,69,70]. The repu-tation values collected from nodes are aggregated to form acollective decision about the environment being monitoredsuch as D =

Ni=1riwi, where D is the collective deci-sion, ri represents the reputation value of node i and wi isthe weight assigned to the result reported by node i, wherei = 1, 2, . . . , N. The major objective of threshold-based meth-ods [12,47,58,60,63,64,68,69] is to lter out the informationreported by other nodes. If trust value of a node is lower thancertain threshold, such as T< , the node is considered to bemalicious. Most of the TRMs, use 0.5 as intuitive thresholdvalue for trustworthiness representation in the range of {0, 1}.The actual threshold value depends on the network dynamics.Figure 1 presents the summary of trust establishment factors,discussed in various literatures.4 ComparisonandclassicationoftrustandreputationbasedschemesIn this section, various reputation and trust-based models for284 Front. Comput. Sci., 2015, 9(2): 280296Fig. 1 Summary of trust establisment factorssensor and ad-hoc networks have been reviewed and orga-nized into two groups: node-centric trust models and system-centric trust models. To get a better insight of trust modeling,it is worthwhile to provide an overview of node-centric trustmodels and system-centric trust models.4.1 Node-centric trustThe essential goal of any trust and reputation based systems isto facilitate the nodes to predict the behavior of other nodesand provide secure mutual interaction. The trust among thenodes may be established either by directly observing be-havior of node or reputation information provided by othernodes. In most of the trust based frameworks, a central trustedentity is not available; therefore, a node must possess de-cision making capability to revise its strategy of interactionand lter indirect information reliably. The node-centric trustrefers to the trust a node has in another node. A node basedtrusted systems consists of following components, each com-ponent can be considered as step for the trust computationprocess. Information collection Whenever a node transmits packetto its neighbor node, the watchdog mechanism [92] placesthe sender node in promiscuous mode to verify whether theneighbor node has forwarded the packets or not. The workingmechanism of promiscuous mode is shown in Fig. 2.Fig. 2 Promiscuous modeThe sender node increments trust rating in its database ifit observe that neighboring node has successfully forwardedthe packet. Otherwise, trust rating is decremented if packet isdropped by neighboring node.When a node A forwards a packet to its neighboring nodeB, it monitors the behavior of node B in promiscuous mode.Whenever node B forwards the packet, a copy of packet isalso received by node A. Node A veries the contents ofpacket with its buer contents, if both contents are matched,node A update trust rating for node B. Information sharing This component is concerned withdissemination of rsthand information to neighboring nodes.The disseminated information is called secondhand informa-tion. The secondhand information is disseminated in the net-work either at periodic time interval or at the occurrence ofsome event or change in the network. The utilization of sec-Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks 285ondhand information is very benecial for trust and reputa-tion based systems such as: it enables the node to learn fromeach others mistakes, consistent view of trust in networkis established and makes the reputation process to build upquickly [7]. Despite the aforementioned usefulness of sec-ondhand information, it makes TRM system target of falsereport attack. The solution to avoid such vulnerability isto share either negative information or positive informationabout the node.The limitation with mentioned solution is that system be-came vulnerable to false praise attack when nodes only sharepositive information and cannot exchange their bad experi-ences with other nodes [62]. In the same way, system be-comes vulnerable to bad-mouth attack when the nodes onlyshare their bad experiences [56]. There is another possibilityto avoid such consequences is not exchange any information.The authors in [71] presents a model that established repu-tation based on its own experiences [rsthand information]while does not rely on neighboring nodes to share their expe-riences (secondhand information). Although, the mentionedsolution is highly robust against false report attack but suersfrom some weaknesses such as: it allows the malicious nodesto remain in the systems longer, system takes more time toconverge its reputation database and it takes some time todecrease reputation value for malicious nodes. Some reputa-tion frameworks like [68] and [70] make use of both positiveand negative information by incorporating rsthand and sec-ondhand information along with dierent weights assigned todierent information. Information mapping to the trust model In this step, rst-hand and secondhand information is combined to form trustand reputation metric. Nodes collect rsthand information bydirectly interacting with other nodes, therefore, to incorporateit into reputation metric does not requires extensive compu-tation. However, this is not applicable to secondhand infor-mation because it is provided by other nodes. There might bethe case that node providing secondhand information couldbe compromised and provide spurious information about nor-mal node. Therefore, some mechanismmust be used to checkthe credibility of reporting node. One of the techniques calleddeviation test is provided by [28] and represented as Eq. (1):|E(Beta(, )) E(Beta(F, F))|d. (1)In Eq. (1), and are the parameter of beta distributionwhich denes the good and bad behavior of nodes, respec-tively. The current trust value node A has about node B ismeasure by expectation value E(Beta(, )), whereas newtrust information about node B provided to node A by nodeC is measured by E(Beta(F, F)). Where d is a thresholdvalue. If reporting node qualies left-hand side of inequalityof deviation test in a way that it produces a value less than dand the information is incorporated in reputation metric.To evaluate the credibility of secondhand information, va-riety of statistical model has been used in trust and repu-tation systems. For example, Dempster-Shafer belief theory[93] and discounting belief principle [94] has been used in[70] to incorporate secondhand information. The Binomial,Poison and Gaussian distributions are other statistical toolsused in other trust models. However, beta distribution hasbeen widely used in the eld of TRMs. It was rst used by[95]. The probability density function of beta distribution isrepresented by the Gamma function in Eq. (2):P(x) = Beta(, )=[ + B][][]x1(1 x)1,0x1, 0, 0. (2)where and represents the good and bad behavior of a noderespectively. Equation (2) presents another way of measuringthe consistency of data by a reporting node.Another important issue in trust evaluation is how muchweights may be assigned to recent and past observations.Some framework tend to give more weight to past observa-tions [62] while other framework tend to give more weight torecently collected information [70]. Decision making This component is responsible for mak-ing all the decisions involved in trust and reputation basedsystems. The decisions are based on the information given bytrust mapping module (precompiled trust values). The out-come of this component is binary decision represented as 1or 0 that could be translated to cooperate or not to cooperate,good or bad behavior and forward or not to forward, respec-tively. Figure 3 graphically illustrates the trust computationprocess at node-centric trust.The decision made by this component varies from trust tonot-trust, as the reputation values evaluated by informationmodelling component varies. A node previously holding agood repute may not be trusted any more, if its reputationvalue falls below threshold. Similarly, decision can switchfrom not-trust to trust, if a node initially holding bad reputestart cooperating in packet forwarding and its trust values ex-ceed specied threshold.4.1.1 Node-centric trust based schemesRFSN1), a distributed trust model is the rst reputation model1) RFSN stands for reputation based framework for sensor networks.286 Front. Comput. Sci., 2015, 9(2): 280296Fig. 3 Node-centric trust computation processdesigned for WSN [70]. RFSN exploits both rsthand andsecondhand information to compute reputation metric. Onlypositive information is disseminated among the sensor nodes.A node gathers rsthand information by monitoring neigh-boring node using watchdog mechanism. The secondhand in-formation gathered from reputed node is accompanied withweight factor and combined with rsthand information. TheBeat distribution model is used for overall trust computa-tion. Finally, based on the trust value nal decision is madewhether to trust a node or not. The reputation value for nodeQ evaluated by node P is represented in Eq. (3):Rpq= Beta(newq+ 1, newq+ 1), (3)newq= (wage q) + x, (4)newq= (wage q) + y, (5)where Rpq is the reputation value computed by node P fornode Q. Assume two nodes have x+ y interactions, wherex and y represents successful and unsuccessful interactionsrespectively. wage represents the weight given to recent ob-servation in the range of {0, 1}. In Eq. (4), newqrepresentsthe possibility that node Q has good repute and computed bymultiply wage with positive behavior (q) of node Q and thenadding with successful recent interactions (x) performed be-tween nodes P and Q. newqrepresent possibility that node Qhas bad repute and also computed in the same way as rep-resented by Eq. (5). Finally, node P has to make decisionwhether to cooperate with node Q or not. The decision is re-ferred to as Bpq, as illustrated in Eq. (6), behavior of node Ptowards node Q and it is a binary value either 1 (cooperate)or 0 (do not cooperate). The trust value Tpq is used to makedecision as follows:Bpq=Cooperate, TpqBpq,do not cooperate, Tpq< Bpq.(6)In wireless sensor network, it is utmost important for thenodes to exchange accurate coordinate information abouttheir location. A misbehaving node, for the purpose to keepitself undetected, may exchange false coordinates informa-tion. Therefore, it paved the way for the applicability of trustin secure localization. In [68] authors proposed a distributedtrust framework, called DRBTS2), for secure localization ofnodes. There are two types of nodes in model: the beaconnode (BN) and sensor node (SN). BN have pre-determinedinformation about its location, whereas a mathematical tri-angulation method is used for determining the location of aSN [7]. In triangulation, sensor node broadcast location re-quest message and wait for specic amount of time. Beaconnode responds with its location coordinates and reputationinformation for each of its neighbor nodes. SN exploits thelocation information provided by BN and compares the co-ordinates with its true location. If the dierence is betweenthe ranges of error, BN is considered to be trustworthy. Oth-erwise, it is considered as malicious and its trust rating isdecreased. DRBTS enables the sensor nodes to exclude ma-licious beacon nodes propagating false location information.In [96] proposed a trust-ware routing protocol, ambienttrust sensor routing (ATSR), to defend against routing at-tacks. ATSR is trust based version of GPSR [97]. The beaconmessages are periodically broadcasted by each to announceits node ID, location coordinates and remaining energy. Thereputation request messages are periodically multicasted todirect neighbors to collect indirect trust information. In re-sponse of reputation request message the neighbor node re-spond with reputation reply (unicasted to requesting node).In order to evaluate neighboring nodes, each node maintainssome trust metrics as: forwarding behavior, distance and re-maining energy. Each node monitors the packet forwardingbehavior and distance with 1-hop neighbor nodes. The totaltrust is computed by integrating direct and indirect trust val-ues. ATSR incorporate energy metric in routing decisions ina manner that before forwarding packet to next-hop neighbor,its remaining energy is veried. If energy level is above de-termined threshold it is selected in routing path, otherwise itis discarded from routing process. The performance compar-ison between ATSR and GPSR illustrate that packet loss inGPSR increases signicantly with the increase of maliciousnodes. However, ATSR suers from increased latency due2) DRBTS stands for distributed reputation-based beacon trust system.Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks 287to selection of alternate routes, as connected routes containmalicious nodes. The memory requirement for ATSR also in-crease as it needs to store indirect trust values. Moreover, ifthe node mobility is very high it may also increase packet lossand trust buildup mechanism time.A trust-based approach [60], based on DSR routing, is rec-ommended to minimize the overheads of intruder detectionsystem and detect the abnormal behavior nodes. The pro-posed model uses the repeated games to detect maliciousnodes through the cooperative eort in the sensor networkand judges the trust of successive nodes. The model for trustrelation among the nodes was presented and prediction of atrusted node in the path was discussed using game model andautomatic collaborative ltering approach. The trust level iscalculated as the dierence of packets received to transfer ofpackets by that node. Each node maintains a rating of its suc-cessive node. If the ratings of a node are above the threshold(expected minimum error rate), then the current node contin-ues to transfer the packets. Game theory based model are notsuitable to completely resolve trust problems in WSN, as it isnot a predictive tool for the behavior of nodes but a suggestivetool for how nodes ought to behave. Moreover, WSN almostemploy one-way transmission (sensor nodes to base station)but the prerequisite to apply game theory is bi-directional be-havior [10].A cluster based trust aware routing scheme for wirelesssensor network have been proposed in [57] which distinguishmalicious nodes from trusted nodes. This is done by calcu-lating the trustworthiness or reputation of each element ofthe network which serves as a measure to gauge the credibil-ity of that element. This trust value changes according to thedata sent by each element. A three-tiered hierarchal architec-ture has been used that consist of three types of nodes: sen-sor nodes, aggregator nodes and cluster heads. Cluster headsare elected on the basis of one-hop distance to the base sta-tion. Trust value depends upon three factors: battery, sens-ing communication and variation. Weights K1, K2 and K3are assigned to these factors. This scheme has certain limi-tations. What if the energy level of cluster head is below cer-tain threshold, it will deplete early and will not be able to takepart in routing. Also no mechanism is dened if cluster headnodes are compromised and behave abnormally. Secret keysare generated that need extra storage and computations.In [47] authors have proposed a routing framework, calledTARF, to protect replay of routing packets in multi-hop rout-ing in WSN. The selection of next-hop node is based on en-ergy and trust values of nodes. A database containing trustand energy level values has been maintained for the knownneighbors. Each node has two main components running onit: energy watcher and trust manager. The responsibility ofenergy watcher is to record energy level values for all knownneighbors. To rule out a neighbor node frombeing selected asnext-hop node, a malicious node may propagate false energycost information about that neighbor.However, TARF en-abled nodes detect and isolate malicious nodes based on thelow trustworthiness identied by Trust Manager. The respon-sibility of trust manager is to keep track of trust values forall neighbors based on data delivery notications from basestation.A novel trust based routing mechanism have been pro-posed in [18] to mitigate black hole attack in ad hoc net-works. The proposed model is based on trust correlation ser-vice (TCS) mechanism. This aggregates and distributes thetrust among nodes that are participating in the wireless net-work. The trust for a node is computed based on various fac-tors such as node reputation, its ability to defend against var-ious attacks and unauthorized resource utilization. A correla-tion score for a pair of nodes is computed based on their in-ternal trust, required level of trust, number of packet sent anddelivered to the destination. Dynamic source routing (DSR)protocol [98] is modied to nd a trusted route rather than theshortest route between source and destination. The behaviorof DSR protocol with and without the black hole attack isinvestigated. The formats of route request (RREQ) and theroute reply (RREP) of the DSR are modied to carry an ad-ditional payload i-e the trust value of a nodes neighbor. Ac-cording to authors, the proposed model though increases thehop count performs better than DSR by roughly 13% with-out compromising on security. The end to end delay remainsalmost the same as compared to DSR even during an attack.A trust aware routing framework for mobile ad-hoc net-works, based on AODV routing [99], is proposed by [63] todetect misbehavior in packet forwarding caused by maliciousnodes or congestion in active route. The trust of node is evalu-ated by aggregating its packet forwarding ratio. If some mali-cious or congested node involve in packet forwarding misbe-havior in an active, the scheme establish other reliable routeand re-routes the packets on it. The trust aware scheme con-sists of three essential components: reliability manager, routesetup and route maintenance. The responsibility of reliabil-ity manager is to keep trust level information about neigh-bor nodes in reliability database. The reliability manager in-denties the malicious nodes dynamically by overhearingpacket transmission in promiscuous mode. The beta distribu-tion model is used by reliability manager to evaluate positiveand negative behavior of nodes. The responsibility of route288 Front. Comput. Sci., 2015, 9(2): 280296setup is to establish the shortest path to destination with allreliable nodes. The end-to-end delay and reliability factorsare used as routing metrics. The responsibility of route Main-tenance is to inform source node to establish another reliableroute, if some malicious or congested node behaves abnor-mally in active route. The routing overhead and congestionlevel increases due to increased number of route maintenancecalls.A distributed trust management system [58] is proposedfor secure routing for detecting misbehaving nodes, whichalso incorporates energy awareness in routing decisions.Trust, energy and location information are combined to formreliability metric. The protocol makes use of only direct trust.All trust values are summed up in weighted manner to com-pute total direct trust. Dierent weights are assigned to dis-tance, energy, packet forwarding ratio and network acknowl-edgment.An energy ecient and trust based routing for MANET ispresented in [64]. The aim of presented scheme to provide arobust trust based mechanism to solve the problem of nodemisbehavior. The passive acknowledgement mechanism hasbeen used by the used to compute trustworthiness of othernodes. The energy eciency is also incorporated along withthe trust. Each node periodically computes its consumed en-ergy during transmission and reception. A table called Get-Trust is maintained by all the node in the network. The eldsin the table include TrustPres (present trust value of node),TrustThres (threshold value for trust) and TrustLowest. Allnodes are initialized with neutral trust value. If a node ob-served that neighboring node is cooperating in packet for-warding, its TrustPres value will be incremented; otherwise,it will be decremented.Table 2 presents taxonomy of the aforementioned node-centric trust models. We evaluate each model in terms ofbootstrapping mechanism, trust evidence and evaluation ap-proach, attack models being addressed, weight assignments,decision making criteria, routing protocol being used and en-ergy consideration.The rationale behind such organization is to aid readers inchoosing appropriate trust model in accordance with their re-quirements and network dynamics. It is observed that most ofthe models assign neutral trust value to the nodes in the net-work. Furthermore, both direct and indirect trust informationis being used by most of the existing TRMs. In the most re-cent models, the weight-based trust computation and decisionmaking has gained widespread applicability. The comparisonprovides a quick reference to the recent trends in the researchand design of trust and reputation based frameworks.4.2 System-centric trustThe system-centric trust refers to trust and reputation sys-tems which include framework for trust and reputation eval-uation model and means of punishing and rewarding mecha-nism for misbehaving and good behavior nodes respectively.Figure 4 illustrates the basic module for system-centric trustmodel. As discussed in Section 4.1.1, computational methodsused in node-centric trust models evaluate the reputation andtrustworthiness of node based on past experiences. In thesemodels, if a node observes the malicious behavior of anothernode, then observing node will decrease the trust rating ofnode. This action taken by the nodes is only applicable in ascenario where a node makes decision about trustworthinessbased on trust rating of node, but it will not prevent mali-cious node fromcontinuing its abnormal behavior. Therefore,if such a mechanism is provided that enables a node to beaware of the fact that abnormal or dishonest behavior couldresult in signicant punishments or being disqualied fromthe network, nodes will behave reliably most of time. Thus,punitive measures are employed by system-centric models intheir interaction mechanism for detecting malicious behav-ior. In later discussion, some of system-centric trust modelsavailable in literature are summarized.4.2.1 System-centric trust based schemeCORE3) [62] protocol is a distributed trust model proposedto impose node cooperation in MANET based on a collabo-rative monitoring technique.Fig. 4 System-centric trust modelCORE is based on collaborative monitoring technique.The nodes maintain rsthand and secondhand informationto compute reputation metric. It uses DSR routing proto-col for route discovery mechanism and promiscuous mode3) CORE stands for collaborative reputation mechanism to enforce node co-operation in mobile ad-hoc networks.Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks 289Table 2 Taxonomy of node-centric trust models in ad-hoc and sensor networksRef. Bootstrapping TrustevidenceTrust evaluation Attack model WeightassignmentRoutingprotocolDecision makingEnergyconsideration[70] Nodes are ini-tialized with lowtrust valueDirect & in-direct trustBeta distribution sta-tistical modelBad-mouth attack Higher weight as-signed to indirectinformation Ranking andweight basedNo[68] Nodes are initial-ized with neutraltrust valueDirect & in-direct trustBeta distribution sta-tistical modelBallot-stung andbad-mouthNot assigned Threshold andranking basedNo[96] Nodes are initial-ized with neutraltrust valueDirect & in-direct trustWeighted sum ofdistance, energy andpacket forwardingratioBlackhole, gray-hole, wormholeHigher weight as-signed to distancemetricGPSR Threshold andweighted-basedYes[60] Nodes are initial-ized with neutraltrust valueDirect trustonlyGame theory query-based trust computa-tionSelective forward-ing attackNot assigned DSR Threshold andranking basedNo[57] All nodes areconsidered to betrustworthyDirect & in-direct trustWeighted sum of bat-tery, sensing commu-nication and data au-thenticityPacket injectionattackHigher weightassigned to au-thenticity of data(Variance)LEACH Ranking-based Yes[47] Nodes are initial-ized with neutraltrust valueDirect & in-direct trustWeighted aggrega-tion of positive andnegative informationalong with loopdiscovery & dataACK informationgiven by base stationSinkhole andwormholeHigher weight isassigned to nega-tive transactionsCTP [100] Threshold-basedand weight-basedYes[18] All nodes areconsidered to betrustworthyDirect trustonlyTCS aggregatesand distribute trustamong the nodesBlackhole attack Not assigned DSR Ranking-based No[63] Nodes are initial-ized with neutraltrust valueDirect trustonlyBeta distributionmodelBlackhole & gray-holeWeight mecha-nism not utilizedAODV Threshold-based No[64] Nodes are initial-ized with neutraltrust valueDirect trustonlyPassive acknowledgemechanism is used toevaluate trustBlackhole & gray-holeWeight mecha-nism not utilizedAODV Threshold-based Yes[58] All nodes areconsidered to betrustworthyDirect trustonlyWeighted sum of dis-tance,energy,ACKand packet forward-ing ratioBlackhole, gray-hole, integrity,modication &condentialityauthenticationHigher weightsgiven to distanceand forwardingin respectivescenariosGPSR Threshold andweighted-basedYesoperations for collecting direct trust value of neighboringnodes. The indirect trust is collected by exchanging reputerequest and repute reply messages. The positive and negativerepute about the nodes are stored in trust table, maintainedby each node. The trust values for a nodes varies in between1 and +1. During network initialization phase, nodes are as-signed with neutral trust values. Similarly, new nodes thatbecame part of network are also assigned neutral trust valueof 0. CORE exploits punitive measure in a way that whena node B is being asked to forward packets for node A, thenode B evaluates the trustworthiness of node A. If it ndsthe trust rating of node A is below specied threshold value,node B not only rejects the service request of node A, but alsoinforms other nodes about possible DoS attack from nodeA, which in result further reduce its reputation value. COREassigns higher weight to past experiences rather than recentone. Therefore, it will not aect overall reputation of node ifit fails due to temporary network problem. However, a node isconsidered to be malicious if it continuously misbehaves andtrust rating will decrease till it became negative. In CORE,nodes have to continuously contribute to network trac toremain trusted, otherwise their reputation values will be de-creased and they are excluded from the network. The mali-cious nodes are punished temporarily, if a node starts behav-ing in high cooperative manner its trust rating will increaseabove specied threshold and it allow the node to becomepart of the network again.In order to make misbehavior unattractive in ad-hoc290 Front. Comput. Sci., 2015, 9(2): 280296networks, CONFIDANT4) protocol is proposed by [56]. Itmakes use of node-centric trust model to compute reputationof nodes and exploit potential punishment mechanism forthe nodes having low trust rating then predetermined thresh-old and results in permanent exclusion from the network.The major objective of the protocol is to discourage mali-cious behavior of the nodes. The nodes maintain rsthandand secondhand information for other nodes. The dynamicsource routing (DSR) protocol is used for route discoveryprocess. In CONFIDANT, each node consists of four compo-nents: i) Monitor, ii) Trust manager, iii) Reputation system,and iv) Path manager. The monitoring component incorpo-rate promiscuous mode to monitor packet forwarding behav-ior of 1-hop neighbor nodes. The ALARMS messages arealso forwarded by monitor to trust manager for evaluation.The trust manager is responsible for handling all incomingand outgoing ALARM messages. The trustworthiness of thenode sending ALARM message has to be veried by eval-uating its trust levels. Some of the other responsibilities oftrust manager includes: take part in route origination, allow-ing a node to be the part of route and accept routing infor-mation. The reputation system manages a table that keeps en-tries for the nodes and their trust rating. A node is declaredas malicious node, presenting enough evidence of maliciousbehavior, recorded at least threshold number of times. There-fore, a node is not punished for accidental misbehavior dueto network faults such as link failure. The path manager isthe decision making component of CONFIDANT. It assignsthe trust rating to a path according to security metric. Therouting paths that lead to malicious nodes are deleted by pathmanager after analyzing trust ranking. It also rejects the routerequest for the path made by compromised node. CONFI-DANT assigns dierent weights to accumulated trust ratings.A higher weight is assigned to direct trust as compares to in-direct trust. According to authors, the reason behind assign-ing of such weight mechanism is that a node must trust itsown observation and experience more than the other nodes.The nodes in the system only share bad experience (nega-tive information) about other node. The major weakness ofthis scheme is that nodes may suers from bad-mouth attack.Another limitation of the scheme is that after certain time-out, malicious nodes become part of the system. This enablescompromised nodes to re-enter and attack the system. How-ever, the compromised node is permanently disqualied fromthe network when the number of attempts to attack the sys-tem reaches a specied threshold. The inclusion of punitivemeasure also requires that misbehaving nodes must be de-tected accurately so that negligence on behalf of watchdog orbad-mouth attack frommalicious nodes may not result in per-manent exclusion of well-behaving node from the network.The nodes in sensor and mobile ad-hoc network have lim-ited power resources; therefore, a selsh node may not co-operate in packet forwarding to preserve its own resources.Such act of selshness degrades overall performance of wire-less communication networks. To address this problem inMANET, a scheme called SORI5) has been proposed by [59]with the major objective to penalize selsh nodes and en-courage packet forwarding.The key characteristics of theschemes are: one-way-hash based authentication mechanismhas been used for the secure propagation of reputation val-ues, nodes reputation is quantied by objective measures andreputation values are only forwarded to neighboring nodesrather than broadcasting to entire network. The scheme con-sists of three components: monitoring, reputation propaga-tion and punishment. The monitoring component is respon-sible for observing behavior of neighboring nodes by usingpromiscuous mode. The reputation propagation is responsi-ble for recording and evaluating trustworthiness of neighbor-ing nods. The trustworthiness of a node is evaluated by Eq.(7):RN(X) =RFN(X)HFN(X), (7)where RN(X) is reputation of node N on node X; RFN(X) rep-resents number of packets that node X has received fromnodeN for forwarding; HFN(X) represents number of packets no-ticed by N and forwarded by X. The punishment componentis responsible for penalizing the selsh nodes. If the reputa-tion value for the selsh node X is less than specied thresh-old value, node N probabilistically dorps the packet origi-nated from node X. Node N not only decreases the reputationvalue of node X, but it also informs its neighbor node aboutthe selsh behavior of node X so that it may be punished byall neighbor nodes.Table 3 presents taxonomy of the aforementioned system-centric trust models. We evaluate each model in terms ofbootstrapping mechanism, trust evidence, neighbor monitor-ing mechanism, reputation propagation, punishment and re-demption mechanism, attack models being addressed, rout-ing protocol being used and energy consideration.It is observed that CORE and SORI are more exible thanCONFIDANT in terms of punitive measures and provide re-demption mechanism in way that malicious node may return4) CONFIDANT stands for cooperation of nodes - fairness in dynamic ad-hoc neTworks5) Secure and objective reputation-based incentive.Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks 291to system if they cooperate and behave properly in packetforwarding. On contrary, CONFIDANT model has no suchprovision and take severe action against malicious nodes inthe form of permanent exclusion from the network. It is alsoobserved that none of the aforementioned model gives con-sideration to energy conservation in their mechanism whichmakes them unsuitable for resource constraint networks suchas WSN, where energy is most critical factor.Beside aforementioned classication, existing trust andreputation based schemes can also be classied based on im-portant design parameter for TRM such as trust computation(TC).On the basis of type of trust computation mechanism, ex-isting TRM can be classied as follows:i) Probability based schemesii) Weight based schemesiii) Game theory based schemesiv) Fuzzy logic based schemesTable 4 provides the comparison of trust and reputationschemes based on trust computation mechanism with prosand cons.In probability based trust computation models, trust is vi-sualized as probability of expected behavior of a node. TheBeta distribution is most frequently used probabilistic trustcomputational approach in TRM systems due to its simplic-ity, exibility, easy estimation and compatibility with trustparameters. The beta distribution represents trust as binarytransactions such as positive or negative and cooperative ornon-cooperative. However, probabilistic trust models may in-volve high computational complexity which is not desirablefor resource constrained nodes.Weighting-based approaches provide simple andlightweight computation methods to estimate trust. Theseapproaches aggregate the results obtained from nodes and as-sign dierent weights to dierent observed quantities. How-ever, accuracy of estimated trust should be veried as gran-ularity of expressing trust may not be good when modeledusing weight-based approaches.Fuzzy logic based trust computation methods are simpleand lightweight in nature. Fuzzy logic rules and membershipfunctions are used for trust computing. However, due to dy-namic nature of trust phenomena the fuzzy logic inferencemight be incompatible with trust management system. TrustTable 3 Taxonomy of system-centric trust modelsRef. Bootstrapping TrustevidenceNeighbormonitoringReputationpropagationPunishmentmechanismRedemptionRoutingprotocol Attack modelEnergyconsideration[62] Nodes are as-signed neutraltrust valuesBoth directand indirecttrustPromiscuousmodeFunctional reputa-tion is used toevaluate trustwor-thiness of nodeNodes with low trustrating are deprivedof the service theyrequestedNode becomes partof the system again ifthey behave in coop-erative mannerDSR False praiseattackNo[56] Nodes areinitializedwith positivetrust ratingBoth directand indirecttrustPromiscuousmodeALARM mes-sages are sent toneighboring nodesand authenticity isveriedNodes with lowtrust rating are per-manently excludedfrom networkNo redemption forthe malicious nodesDSR Bad-mouthand falsereport attackNo[59] All nodes areassumed to betrustworthyDirect trustonlyPromiscuousmodeReputation valuesare updated peri-odicallyby eachnodePackets from selshnodesare droppedprobabilistic-allyIf reputation valuesexceeds threshold,selsh node will notbe punished anymoreDSR Selshn-essof nodesNoTable 4 Comparison of trust computation methodsTC methods TRM schemes Objective Advantages DisadvantagesProbability [61,63,65,6870,7376] Trust rating follow probabilitydistribution.Mathematically sound High complexityWeight [47,49,57,58,67,96] Rating is changed according toassigned weightsEasy to implement and low com-plexityAccuracy of estimated trust valueshould be veriedGame Theory [60,62,7780] Packet forwarding activity ismodeled as gamesProvide set of mathematical toolsfor investigating multi-personstrategic decision makingNot a predictive tool for the behaviorof nodes and prerequisite to apply gametheory is bi-directional behavior whileWSN employ one-way transmissionFuzzy Logic [8184] Trustisevaluatedon the basisof membership function and fuzzyrulesMathematically sound and easy toimplementDue to dynamic nature of trust phenom-ena,membership function might notrepresent accurate trust value292 Front. Comput. Sci., 2015, 9(2): 280296computation methods based on game theory provide mathe-matical tools for investigating behavior in strategic situationwhere success of one player depends on the behaviors of oth-ers. The interaction among an adversary and defender is stud-ied in these models. However, these models are not in com-pete compliance to resolve trust problems in WSN as gametheory is not a predictive tool for the behavior of nodes buta suggestive tool for how nodes ought to behave. Moreover,WSN almost employ one-way transmission (sensor nodes tobase station) but the prerequisite to apply game theory is bi-directional behavior.5 OpenresearchissuesAlthough lot of research work has been conducted in the eldof trust and reputation based systems in various domains,but still TRMs are in evolutionary phases when it comes toMANETs and WSNs. The application of trust and reputationin ad-hoc and sensor networks is relatively recent and manyopen issues have been identied which need to be resolved.Some of the most important issues are discussed below:1) Bootstrapping: It refers to the time TRMs may take tobuild trust and reputation among nodes in the network. Fordisaster monitoring and time-critical applications, this typeof delay is not acceptable. To reduce this startup time is stillan issue to solve.2) False reporting: Use of secondhand or indirect informa-tion makes the trust building process fast, but on the otherhand it makes the system vulnerable to false report attacks.3) Monitoring nodes behavior: Majority of the existingtrust and reputation models discussed in the literature moni-tors the behavior of neighboring nodes through promiscuousmode. However, obtained results may not always be true dueto noise and other factors that may cause interference. Sim-ilarly, it becomes very dicult to monitor the behavior ofnodes if directional antennas are used.4) Mobility: Ad-hoc and sensor networks may exposedto security threats due to high node mobility and frequentchanging of neighboring nodes. Future research should con-sider this issue in the design of trust and reputation model.5) Resource constraints and communication overhead:Some of existing TRMs incorporate indirect trust and keymanagement to evaluate trust. This requires extra data struc-ture, storage and computation resources which is not suit-able for resource constraint networks such as, WSN. In or-der to disseminate and update trust among the nodes, most ofthe TRMs discussed in literature employ ooding approach.Such ooding results in high network trac and increasecommunication overhead. Most of the existing TRMs havenot addressed these issues adequately.6) Nodes collusion: Most of the existing TRMs have notgiven appropriate attention to this issue. Existing models as-sume that network is free from nodes collusion. However,compromised nodes may collude to decrease reputation valueof normal node or increase reputation value of maliciousnode. This act of compromised nodes badly aects the overallperformance of network. The solution for detection collusionmay be derived from sociology, evolutionary biology or psy-chology, as human communities also exhibit same problem[55].7) Weight assignment: The direct and indirect trust eval-uates the trustworthiness of node. There are several schemesin literature which weight direct and indirect trust dierently.Few schemes assign high weight to direct trust while someschemes assign high weight to indirect trust. The assignmentof appropriate weight to relevant information is importantfactor in TRM. It is desired to have such a mechanism thatenables the nodes to dynamically assign optimal weights.8) Quantitative comparison: The qualitative comparison ofTRM systems has been provided by most of the literaturewhich is not sucient to assess the pros and cons of reputa-tion systems. The quantitative comparison of existing TRMsand software test beds should be provided under variety ofnetwork congurations and node densities.9) Trust dissemination: It is an important research issue,which is not given proper attention, as it may involve messageoverhead. For example, a malicious node may send unneces-sary control or trust recommendation messages continuouslyto its neighboring node in order to exhaust energy. Therefore,an ecient trust dissemination mechanismis required that in-corporate energy eciency and security.10) Trust models limitation in attack resistance: Most ofthe existing trust models aimto deal with selsh node and for-warding behavior attacks. There are several attacks that havenot been given appropriate consideration such as data forgery,imitating identity, controversial behavior, Sybil attack andHello ood attack. Moreover, trust models may come underattacks directed at trust management system such as iden-tity imitation, malicious trust reporting, and malicious nodecollusion. These attacks eect decision making capability oftrust models and may assign inaccurate trust value to mali-cious node. Therefore, robust defense mechanism is neededthat may resist attacks directed at network as well direct attrust management system.Adnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks 2936 ConclusionsTrust and reputation are two very important tools that facili-tate in predicting future actions of nodes based on their pastobservations. Information about predicted future actions ofnodes may not be reliable and might lead to incorrect infer-ence about other nodes behavior. Trust and reputation basedsystems have been extensively used in eective decision mak-ing for identication of suspicious nodes behavior. In thispaper, we surveyed and analyzed existing trust managementschemes in ad-hoc and sensor networks and organized theminto nodes-based trust models and system-based trust mod-els. The aim of node-centric trust models is to enable nodesto collect direct and indirect trust values, aggregates themandevaluate the trustworthiness of particular node, thus leadingto decision whether to be engaged with subject node or not.System-centric trust models focus on providing punitive mea-sures in their interaction mechanism which enables the nodeto be aware of the fact that abnormal behavior results in sig-nicant punishment. Furthermore, we discussed in detail dif-ferent type of node misbehaviors in MANET and WSN andexamined all aspects of TRM systems including bootstrap-ping mechanisms, trust evidence, trust computation and in-teractive decision making methods. Based on the study ofliterature, some unresolved research issues are presented inpursuit of TRM systems.As part of future work, we planto develop a comprehensive trust aware model for WSN notonly to identify and isolate suspicious nodes behavior but alsoto take into consideration a rich set of attacks discussed in thispaper.References1. Tsetsos V, Alyfantis G, Hasiotis T, Sekkas O, Hadjiefthymiades S. To-wards commercial wireless sensor networks: business and technologyarchitecture. Ad Hoc & Sensor Wireless Networks, 2006, 2(1): 59802. Padmavathi G, Shanmugapriya D. A survey of attacks, security mecha-nisms and challenges in wireless sensor networks. International Journalof Computer Science and Information Security (IJCSIS), 2009, 4(1):193. Jain A, Kant K, Tripathy M. Security solutions for wireless sensor net-works. In: Proceedings of the 2nd IEEE International Conference onAdvanced Computing & Communication Technologies (ACCT). 2012,4304334. Zhou Z, Yow K C. Geographic ad hoc routing security: attacks andcountermeasures. Ad Hoc & Sensor Wireless Networks, 2005, 1(3):2352535. Becher A, Benenson Z, Dornseif M. Tampering with motes:real-world physical attacks on wireless sensor networks. Technical Report.Springer Berlin Heidelberg, 20066. He D, Gao Y, Chan S, Chen C, Bu J. An enhanced Two-factor userauthentication scheme in wireless sensor networks. Ad Hoc & SensorWireless Networks, 2010, 10(4): 3613717. Srinivasan A, Teitelbaum J, Liang H, Wu J, Cardei M. Reputation andtrust-based systems for ad hoc and sensor networks. In: Boukerche A,ed. Algorithms and Protocols for Wireless, Mobile Ad Hoc Networks.Ottawa: Wiley, 2008, 3754038. Devisri S, Balasubramaniam C. Secure routing using trust based mech-anism in wireless sensor networks (WSNs). International Journal ofScientic & Engineering Research, 2013, 4(2): 179. Babu S S, Raha A, Naskar M K. LSR protocol based on nodes poten-tiality in trust and residual energy for WSNs. International Journal ofNetwork Security & Its Applications (IJNSA), 2012, 4(2): 213410. Yu Y, Li K, Zhou W, Li P. Trust mechanisms in wireless sensor net-works: attack analysis and countermeasures. Journal of Network andComputer Applications, 2012, 35(3): 86788011. Cho J, Swami A, Chen I. A survey on trust management for mobilead hoc networks. IEEE Communications Surveys & Tutorials, 2011,13(4): 56258312. Zahariadis T, Trakadas P, Leligou H C, Maniatis S, Karkazis P. A noveltrust-aware geographical routing scheme for wireless sensor networks.Wireless Personal Communications, 2012, 69(2): 80582613. Chen H, Wu H, Zhou X, Gao C. Reputation-based trust in wireless sen-sor networks. In: Proceedings of the IEEE International Conference onMultimedia and Ubiquitous Engineering, MUE07. 2007, 60360714. Momani M. Trust models in wireless sensor networks: a survey. In:Proceedings of the Recent Trends in Network Security and Applica-tions. Springer Berlin Heidelberg. 2010, 374615. Song F, Zhao B. Trust-based LEACH protocol for wireless sensor net-works. In: Proceedings of the 2nd IEEE International Conference onFuture Generation Communication and Networking (FGCN). 2008,20220716. Lopez J, Roman R, Agudo I, Fernandez-Gago C. Trust managementsystems for wireless sensor networks: best practices. Computer Com-munications, 2010, 33(9): 1086109317. Al-Karaki J N, Kamal A E. Stimulating node cooperation in mobile adhoc networks. Wireless Personal Communications, 2007, 44(2): 21923918. Manikandan S P, Manimegalai R. Trust based routing to mitigate blackhole attack in MANET. Life Science Journal, 2013, 10(4): 49049819. Pirzada A A, Mcdonald C. Trust establishment in pure ad-hoc net-works. Wireless Personal Communications, 2006, 37(1-2): 13916820. Jain Y K, Sharma P. Trust based ad hoc on-demand distance vectorfor MANET. In: Proceedings of the National Conference on SecurityIssues in Network Technologies (NCSI-2012). 2012, 11121. Bulut E, Szymanski B K. Secure multi-copy routing in compromiseddelay tolerant networks. Wireless Personal Communications, 2012,73(1): 14916822. Chang M, Chen I-R, Bao F, Cho J-H. On integrated social and QoStrust-based routing in delay tolerant networks. Wireless Personal Com-munications, 2012, 66(2): 44345923. Chen I-R, Bao F, Chang M, Cho J-H. Trust management for encounter-based routing in delay tolerant networks. In: Proceedings of the IEEEGlobal Telecommunications Conference (GLOBECOM). 2010, 1624. Zhang J. A survey on trust management for VANETs. In: Proceedingsof the IEEE International Conference on Advanced Information Net-working and Applications (AINA). 2011, 10511225. Sun Y, Luo H, Das S K. A trust-based framework for fault-tolerant294 Front. Comput. Sci., 2015, 9(2): 280296data aggregation in wireless multimedia sensor networks. IEEE Trans-actions on Dependable and Secure Computing, 2012, 9(6): 78579726. Govindan K, Mohapatra P. Trust computations and trust dynamics inmobile Adhoc networks: a survey. IEEE Communications Surveys &Tutorials, 2012, 14(2): 27929827. El-hajj W, Safa H, Guizani M. Survey of security issues in cognitiveradio networks. Journal of Internet Technology, 2011, 12(2): 18119828. Yu B H, Shen Z, Miao C, Leung C, Niyato D. Asurvey of trust and rep-utation management systems in wireless communications. Proceedingsof the IEEE, 2010, 98(10): 1755177229. Momani M, Challa S. Survey of trust models in dierent network do-mains. International Journal of Ad hoc, Sensor & Ubiquitous Comput-ing, 2010, 1(3): 11930. Cho J-H, Swami A, Chen I R. A survey on trust management for mo-bile ad hoc networks. International Journal of Network Security and ItsApplications (IJNSA), 2010, 13(4): 56258331. Srinivasan A, Wu J. A survey on secure localization in wireless sensornetworks. In: Furth, ed. Encyclopedia of wireless and mobile commu-nications. B(Ed). Florida, USA: CRC Press, Taylor and Francis Group,200732. Fernandez-Gago M C, Roman R, Lopez J. A survey on the applica-bility of trust management systems for wireless sensor networks. In:Proceedings of the 3rd IEEE International Workshop on Security, Pri-vacy and Trust in Pervasive and Ubiquitous Computing (SECPerU).2007, 253033. Brandao P, Sargento S, Crisostomo S, Prior R. Secure routing in ad hocnetworks. Ad Hoc & Sensor Wireless Networks, 2005, 1(4): 27730034. Khalid O, Khan S U, Madani S A, Hayat K, Khan M I, Min-AllahN, Kolodziej J, Wang L Z, Zeadally S, Chen D. Comparative study oftrust and reputation systems for wireless sensor networks. Security andCommunication Networks, 2013, 6(6): 66968835. Maheshwari R, Gao J, Das S R. Detecting wormhole attacks in wirelessnetworks using connectivity information. In: Proceedings of the 26thIEEE International Conference on Computer Communications (INFO-COM). 2007, 10711536. Bhosle AA, Thosar T P, Mehatre S. Black-hole and wormhole attack inrouting protocol AODV in MANET. International Journal of ComputerScience, Engineering and Applications (IJCSEA), 2012, 2(1): 455437. Dong D, Li M, Liu Y, Li X Y, Liao X. Topological detection on worm-holes in wireless ad hoc and sensor networks. IEEE/ACM Transactionson Networking, 2011, 19(6): 1787179638. Moya J M, Vallejo J C, Fraga D, Araujo A, Villanueva D, de GoyenecheJ-M. Using reputation systems and non-deterministic routing to securewireless sensor networks. Sensors, 2009, 9(5): 3958398039. Zada Khan W, Xiang Y, Y Aalsalem M, Arshad Q. The selectiveforwarding attack in sensor networks: detections and countermea-sures. International Journal of Wireless and Microwave Technologies(IJWMT), 2012, 2(2): 334440. Arya M, Jain Y K. Grayhole attack and prevention in mobile adhoc network. International Journal of Computer Applications, 2011,27(10): 212641. Kaur J, Kumar V. An eectual defense method against gray hole attackin wireless sensor networks. International Journal of Computer Scienceand Information Technologies, 2012, 3(3): 4523452842. Mohanapriya M, Krishnamurthi I. A light-weight and scalable solutionfor secure routing in DSR MANET for black hole attack. Ad Hoc &Sensor Wireless Networks, 2013, 17(12): 335243. Yang B, Yamamoto R, Tanaka Y. Historical evidence based trust man-agement strategy against black hole attacks in MANET. In: Proceed-ings of the 14th IEEE International Conference on Advanced Commu-nication Technology (ICACT). 2012, 39439944. Ahmed A, Bakar K A, Channa M I. Performance analysis of adhoc ondemand distance vector protocol. Journal of Computer Science, 2014,10(9): 1466147245. Shoja M R K, Taheri H, Vakilinia S. A new approach to prevent blackhole attack in AODV. International Journal of Computer Science andInformation Security (IJCSIS), 2011, 9(1): 242946. Ameza F, Assam N, Beghdad R. Defending AODV routing protocolagainst the black hole attack. International Journal of Computer Sci-ence and Information Security, 2010, 8(2): 11211747. Zhan G, Shi W, Deng J. Design and implementation of TARF: a trust-aware routing framework for WSNs. IEEE Transactions on Depend-able and Secure Computing, 2012, 9(2): 18419748. Tanuja R, Rekha M K, Manjula S H, Venugopal K R, Iyengar S, Pat-naik L M. Elimination of black hole and false data injection attacks inwireless sensor networks. In: Proceedings of the 3rd International Con-ference on Trends in Information, Telecommunication and Computing.2013, 47548249. Chen H, Wu H, Zhou X, Gao C. Agent-based trust model in wirelesssensor networks. In: Proceedings of the 8th ACIS International Con-ference on Software Engineering, Articial Intelligence, Networking,and Parallel/Distributed Computing (SNPD). 2007, 11912450. Bankovic Z, Vallejo J C, Fraga D, Moya J M. Detecting bad-mouthingattacks on reputation systems using self-organizing maps. In: Proceed-ings of the Computational Intelligence in Security for Information Sys-tems. 2011, 91651. Dehnie S, Tomasin S. Detection of selsh nodes in networks usingCoopMAC protocol with ARQ. IEEE Transactions on Wireless Com-munications, 2010, 9(7): 2328233752. Chen Z, Qiu Y, Liu J, Xu L. Incentive mechanism for selsh nodes inwireless sensor networks based on evolutionary game. Computers &Mathematics with Applications, 2011, 62(9): 3378338853. Hernandez-Orallo E, Serrat M D, Cano J, Calafate C T, Manzoni P.Improving selsh node detection in MANETs using a collaborativewatchdog. IEEE Communications Letters, 2012, 16(5): 64264554. Sun Y L, Han Z, Yu W, Liu K J R. A trust evaluation framework in dis-tributed networks: vulnerability analysis and defense against attacks.In: Proceedings of the 25th IEEE International Conference on Com-puter Communications. 2006, 11355. Gonzalez J M, Anwar M, Joshi J B D. Trust-based approaches to solverouting issues in ad-hoc wireless networks: a survey. In: Proceedingsof the 10th IEEE International Conference on Trust, Security and Pri-vacy in Computing and Communications (TrustCom), 2011, 55656356. Buchegger S, Le Boudec J-Y. Performance analysis of the CONFI-DANT protocol (cooperation of nodes: fairness in dynamic Ad-hocnetworks). In: Proceedings of the 3rd ACM International Symposiumon Mobile Ad Hoc Networking & Computing. 2002, 22623657. Chakrabarti A, Parekh V, Ruia A. A trust based routing scheme forwireless sensor networks. In: Proceedings of the Advances in Com-puter Science and Information Technology, Networks and Communi-cations. 2012, 15916958. Stelios Y, Papayanoulas N, Trakadas P, Maniatis S, Leligou H C, Za-hariadis T. A distributed energy-aware trust management system forsecure routing in wireless sensor networks. In: Proceedings of the Mo-bile Lightweight Wireless Systems. 2009, 859259. He Q, Wu D, Khosla P. SORI: a secure and objective reputation-basedAdnan AHMED et al. A survey on trust based detection and isolation of malicious nodes in ad-hoc and sensor networks 295incentive scheme for ad-hoc networks. In: Proceedings of the WirelessCommunications and Networking Conference (WCNC). 2004, 82583060. Reddy Y B, Selmic R R. A trust-based approach for secure packettransfer in wireless sensor networks. International Journal on Advancesin Security, 2011, 4(3): 19820761. Almenarez F, Marin A, Diaz D, Sanchez J. Developing a model for trustmanagement in pervasive devices. In: Proceedings of the 4th AnnualIEEE International Conference on Pervasive Computing and Commu-nications Workshops. 2006, 26727162. Michiardi P, Molva R. CORE: a collaborative reputation mechanismto enforce node cooperation in mobile ad hoc networks. In: Proceed-ings of the Advanced Communications and Multimedia Security. 2002,10712163. Channa M I, Ahmed K M. A reliable routing scheme for post-disasterad hoc communication networks. Journal of Communications, 2011,6(7): 54955764. Gidijala N S, Datla S, Joshi R C. A robust trust mechanism algorithmfor secure power aware AODV routing in mobile Ad hoc networks. In:Proceedings of the Contemporary Computing. 2010, 324165. Chen H. Task-based trust management for wireless sensor networks.International Journal of Security and Its Applications, 2009, 3(2): 212666. Liu S, Pang L, Pei Q, Ma H, Peng Q. Distributed event-triggered trustmanagement for wireless sensor networks. In: Proceedings of the 3rdIEEE International Conference on Information Assurance and Security.2009, 29129467. Yadav K, Srinivasan A. iTrust: an integrated trust framework for wire-less sensor networks. In: Proceedings of the 2010 ACM Symposiumon Applied Computing. 2010, 1466147168. Srinivasan A, Teitelbaum J, Wu J. DRBTS: distributed reputation-based beacon trust system. In: Proceddings of the 2nd IEEE Interna-tional Symposium on Dependable, Autonomic and Secure Computing.2006, 27728369. Qin T, Yu H, Leung C, Shen Z, Miao C. Towards a trust aware cog-nitive radio architecture. ACM SIGMOBILE Mobile Computing andCommunications Review, 2009, 13(2): 869570. Ganeriwal S, Balzano L K, Srivastava M B. Reputation-based frame-work for high integrity sensor networks. ACM Transactions on SensorNetworks, 2008, 4(3): 13771. Bansal S, Baker M. Observation-based cooperation enforcement in adhoc networks. In: Proceedings of the Computing Research Repository(CoRR). 2003, 11072. Crosby G V, Pissinou N, Gadze J. A framework for trust-based clusterhead election in wireless sensor networks. In: Proceedings of the 2ndIEEE Workshop on Dependability and Security in Sensor Networksand Systems (DSSNS). 2006, 132273. Buchegger S, Le Boudec J-Y. A robust reputation system for P2P andmobile ad-hoc networks. In: Proceedings of 3rd Workshop on Eco-nomics of Peer-to-Peer Systems (P2PEcon). 2004, 1674. Sun Y L, Yu W, Han Z, Liu K J R. Information theoretic frameworkof trust modeling and evaluation for ad hoc networks. IEEE Journal onSelected Areas in Communications 2006, 24(2): 30531775. Ren K, Li T, Wan Z, Bao F, Deng R H, Kim K. Highly reliable trustestablishment scheme in ad hoc networks. Computer Networks, 2004,45(6): 68769976. Zouridaki C, Mark B L, Hejmo M, Thomas R K. A quantitative trustestablishment framework for reliable data packet delivery in MANETs.In: Proceedings of the 3rd ACM Workshop on Security of Ad Hoc andSensor Networks. 2005, 11077. Reddy Y B, Srivathsan S. Game theory model for selective forward at-tacks in wireless sensor networks. In: Proceedings of the 17th IEEEConference of Control and Automation. 2009, 45846378. Lin C, Wu G, Li M, Chen X, Liu Z, Yao L. A selsh node preventivereal time fault tolerant routing protocol for WSNs. In: Proceeding ofthe 4th International Conference on Internet of Things, Cyber, Physicaland Social Computing (iThings/CPSCom). 2011, 33033779. Shila D M, Anjali T. A game theoretic approach to gray hole attacks inwireless mesh networks. In: Proceedings of the IEEE Conference onMilitary Communications (MILCOM). 2008, 1780. Xiong L, Liu L. A reputation-based trust model for peer-to-peer eCom-merce communities. In: Proceedings of the IEEE International Confer-ence on E-Commerce. 2003, 27528481. Gupta B, Mahavidhyalaya K, Kaur H, Bedi P. Predicting grid user trust-worthiness using neural networks. In: Proceedings of the IEEE WorldCongress on Information and Communication Technologies (WICT).2011, 72773282. Zong B, Xu F, Jiao J, Lv J. A broker-assisting trust and reputation sys-tem based on articial neural network. In: Proceedings of the IEEEInternational Conference on Systems, Man and Cybernetics. 2009,4710471583. Baohua H, Heping H, Zhengding L. Identifying local trust value withneural network in P2P environment. In: Proceedings of the 1st IEEEand IFIP International Conference in Central Asia on Internet. 2005,5984. Sang J, Qi Z. Research on reputation estimation system of e-commercebased on fuzzy neural network. In: Proceedings of the IEEE Controland Decision Conference (CCDC). 2010, 1866186985. Elizabeth B L, Aaishwarya R, Kiruthika P, Shrada M N, Prakash A. J,Uthariaraj V R. Bayesian based condence model for trust inference inMANETs. In: Proceedings of the International Conference on RecentTrends in Information Technology (ICRTIT). 2011, 40240686. Begriche Y, Labiod H. A bayesian statistical model for a multipathtrust-based reactive ad hoc routing protocol. In: Proceedings of the 7thIEEE International Conference on Information, Communications andSignal Processing (ICICS). 2009, 1887. Beghriche Y, Toubiana V, Labiod H. A Bayesian lter to detect misbe-having nodes in MANETs. In: Proceedings of the New Technologies,Mobility and Security (NTMS). 2008, 1588. Momani M, Challa S, Alhmouz R. BNWSN: Bayesian network trustmodel for wireless sensor networks. In: Proceedings of the IEEEMosharaka International Conference on Communications, Computersand Applications (MIC-CCA). 2008, 11011589. Momani M, Aboura K, Challa S. RBATMWSN: recursive Bayesian ap-proach to trust management in wireless sensor networks. In: Proceed-ings of the 3rd IEEE International Conference on Intelligent Sensors,Sensor Networks and Information. 2007, 34735290. Quercia D, Hailes S, Capra L. B-trust: Bayesian trust framework forpervasive computing. Trust management. Springer Berlin Heidelberg.2006, 29831291. Dai H J, Jia Z P, Dong X N. An entropy-based trust modeling and eval-uation for wireless sensor networks. In: Proceedings of the IEEE In-ternational Conference on Embedded Software and Systems (ICESS).2008, 273492. Marti S, Giuli T J, Lai K, Baker M. Mitigating routing misbehavior inmobile ad hoc networks. In: Proceedings of the 6th ACM Annual In-296 Front. Comput. Sci., 2015, 9(2): 280296ternational Conference on Mobile Computing and Networking. 2000,25526593. Shafer G. A mathematical theory of evidence. Princeton:PrincetonUniversity Press, 197694. Jsang A. A logic for uncertain probabilities. International Journal ofUncertainty, Fuzziness and Knowledge-Based Systems, 2001, 9(3):27931195. Josang A, Ismail R. The beta reputation system. In: Proceedings of the15th Bled Electronic Commerce Conference, 200296. Zahariadis T, Leligou H, Karkazis P, Trakadas P, Papaefstathiou I, Van-gelatos C, Besson L. Design and implementation of a trust-aware rout-ing protocol for large WSNs. International Journal of Network Security& Its Applications, 2010, 2(3): 526897. Karp B, Kung H. GPSR: greedy perimeter stateless routing for wire-less networks. In: Proceedings of the 6th ACM Annual InternationalConference on Mobile Computing and Networking. 2000, 24325498. Johnson D B, Maltz D A, Broch J. DSR: the dynamic source routingprotocol for multi-hop wireless ad hoc networks. Ad Hoc Networking,2001, 5: 13917299. Royer E M, Perkins C E. An implementation study of the AODV rout-ing protocol. In: Proceedings of the IEEE Wireless Communicationsand Networking Confernce (WCNC). 2000, 10031008100. Gnawali O, Fonseca R, Jamieson K, Moss D, Levis P. Collection treeprotocol. In: Proceedings of the 7th ACM Conference on EmbeddedNetworked Sensor Systems - SenSys. 2009, 114Adnan Ahmed is currently registeredas a PhDstudent in the Depart-mentof Computer Science atUni-versiti Teknologi Malaysia, Malaysia.He completed his MS of Engineeringin Computer Systems Engineering in2012 from Quaid-e-Awam Universityof Engineering, Science and Technol-ogy, Pakistan. He is employed as an as-sistant professor in the same university in the Department of Com-puter Systems. His research interest includes routing in ad hoc net-works, security and trust management in ad hoc networks.Dr. Kamalrulnizam Abu Bakar is anassociate professor in Computer Sci-ence at Universiti Teknologi Malaysia(UTM), Malaysia and member ofthe Pervasive Computing researchgroup. He completed his PhD in com-puter science from Aston University,UK.He is professionalmember ofIEEE and ACM. He involves in severalresearch projects and is the referee for many scientic journals andconferences. His specialization includes mobile and wireless com-puting, information security and grid computing.Professor Dr. Muhammad IbrahimChannaisa professorin theDe-partment of Information Technology,Quaid-e-AwamUniversity of Engineer-ing Science and Technology, Pakistan.He completed his PhD from Asian In-stitute of Technology (AIT), Thailand.He completed MSc in Computer Sci-ence from University of Sind, Pakistan,in 1995 and MS in Information Technology from National Univer-sity of Science and Technology, Pakistan in 2005. His research in-terest comprises of trust management, security, routing, and qualityof service in mobile ad hoc networks.Khalid Haseeb received his MSc andMS degree from University ofPe-shawar, Pakistan. He is pursuing PhDin computer science from UniversitiTeknologi Malaysia. He is a researchstudent in Pervasive Computing Re-search Group and his research area iswireless sensor networks.Abdul Waheed Khan graduated fromDepartment of Computer Science, Uni-versity of Peshawar, Pakistan in 2005.He has got his MSc in Digital Com-munications Networks with Distinctionfrom London Metropolitan University,UK in 2008. Currently, he is pursuinghis PhD at Faculty of Computing, Uni-versiti Teknologi Malaysia. From 2009to 2012, he worked as a lecturer at Faculty of Computing and In-formation Technology Rabigh, King Abdulaziz University, SaudiArabia. His research areas include wireless sensor networks, ad hocnetworks, and next generation networks.