Trust Propagation using Cellular Automata for UbiComp

28th May 2004

——————

Dr. David Llewellyn-Jones, Prof. Madjid Merabti, Dr. Qi Shi, Dr. Bob Askwith

——————

School of Computing and Mathematical Statistics

Liverpool John Moores University

James Parsons Building

Byrom Street

Liverpool, L3 3AF, UK

{D.Llewellyn-Jones, M.Merabti, Q.Shi, R.Askwith}@livjm.ac.uk

http://www.cms.livjm.ac.uk/PUCsec/

Problem

• Traditional security applied to– Individual computers

– Domains of computers

• Improved by allowing multiple computers to work together– Particularly relevant in a UbiComp environment

Trust

• How can a large number of loosely affiliated devices trust each other?

• We propose a simple, scalable method for propagating trust in a UbiComp environment

• Example – using direct connections

Trust

• If a does not trust b, it is useful to propagate this information• Developed to allow distributed analysis of components for

maintaining security• Could be used

– to ensure correct analysis of components (is b returning correct results?)

– to prevent viruses spreading (does b have a virus?)

– to improve privacy through encryption (is b encrypting data?)

Solution

• We use a system of cellular automata to maintain and propagate trust information around the network

• What are cellular automata?– Studied mathematically, e.g. by John von Neumann (1949), Stephen

Wolfram (1983)

– Used to discretely model differential equations and real world systems

– Each cell has a state and transition function

– A cell applies its transition function to its state and the state of the cells around it

– Every cell does this at each step

Cellular Automata

• Important properties:– Cells only need to know about a small neighbourhood – e.g. adjacent cells

– Transition functions are very simple

– With many cells, produces complex emergent behaviour

The whole is more than the sum of its parts• Example: Conway’s “Game of Life”

Cellular Automata

• Important properties:– Cells only need to know about a small neighbourhood – e.g. adjacent cells

– Transition functions are very simple

– With many cells, produces complex emergent behaviour

The whole is more than the sum of its parts• Example: Conway’s “Game of Life”

Cellular Automata

• Important properties:– Cells only need to know about a small neighbourhood – e.g. adjacent cells

– Transition functions are very simple

– With many cells, produces complex emergent behaviour

The whole is more than the sum of its parts• Example: Conway’s “Game of Life”

–Created by John Conway in 1970

–Studied by mathematicians and computer scientists

–Very simple rules, but complex result

Cellular Automata

• How can we use cellular automata?– Each node in the UbiComp environment represents a cell of the cellular

automaton

– Each node executes a simple transition function

– We want to harness the complex emergent properties to manage and distribute the trust information

• The “Game of Life” network

Cellular Automata

• For an effective system, we must choose the correct transition function

• This will determine the emergent behaviour

Emergent Behaviour

• A security breach causes a reduction of the trust in the node• The effect is like pulling down on an elasticated blanket

• This localises the effect of a security breach

Generating Networks

• Networks are normally far more complex than nodes arranged in a grid– For an effective system, more complex structures must be considered

– Transition function is updated to handle such structures

• Experiments used the Klemm-Eguíluz method for generating a network topology– Small-World graph

– Small average distance between nodes

– High clustering coefficient

– Scale-free network

– Satisfies power-law connectivity distribution

Experimental results

• Malicious code propagation experiment– Malicious code reproduces itself to neighbouring nodes

– Some nodes are able to detect the malicious code

– Nodes only spend a certain proportion of time checking for malicious code

– If detected, the nodes trust is adversely affected

• Experiment details– 19600 node Klemm-Eguíluz network

– Control experiment: same network but no Cellular Automata effect

– Initially malicious code added to five random nodes

– Experimental run of 2000 cycles

Experimental results

100% enabled, fast propagation

Experimental results

85% enabled, fast propagation

Experimental results

85% enabled, fast propagation, 20% active

Conclusion

• Initial tests show that trust can be effectively propagated using cellular automata techniques

• The process relies on the emergent properties of the system• There is little theory properly relating transition functions

with emergent properties in a network environment

• We hope to use the system described to allow distributed code analysis in a UbiComp environment

The End

Thankyou for your time

www.cms.livjm.ac.uk/PUCsec