QoS/QoE-based Wi-Fi Network Trust and Reputation

(1)

Thesis

Reference

QoS/QoE-based Wi-Fi Network Trust and Reputation

TITI, Xavier

Abstract

In recent years, Wi-Fi technologies have become very popular and the trend is continuing to climb. Unfortunately, there is a risk to use Wi-Fi networks in range because there is no way to select trustworthy Wi-Fi networks. In this thesis, we focus on ways that can help users to choose the best Wi-Fi network for their needs. In order to help the user to choose the best network, our solution allows the users to rate the networks that they have used. It also checks that their assessments reflect the true network quality that they have experienced by measuring and certifying the quality of service such as delay, jitter and packet loss. The measuring process follows an innovative protocol that certifies the measurement in all cases but one. We mitigate this remaining case thanks to trust and reputation management.

TITI, Xavier. QoS/QoE-based Wi-Fi Network Trust and Reputation. Thèse de doctorat : Univ. Genève, 2014, no. SES 834

URN : urn:nbn:ch:unige-350102

DOI : 10.13097/archive-ouverte/unige:35010

Available at:

http://archive-ouverte.unige.ch/unige:35010

Disclaimer: layout of this document may differ from the published version.

1 / 1

(2)

QoS/QoE-Based Wi-Fi Network Trust and

Reputation

THÈSE

Présentée à la Faculté des Sciences Economiques et Sociales de l’Université de Genève

par

M. Xavier Titi

sous la direction de

Dr. Jean-Marc Seigneur et Prof. Dimitri Konstantas

pour l’obtention du grade de

Docteur ès sciences économiques et sociales mention systèmes d’information

Membres du jury de thèse:

Prof. Giovanna Di Marzo Serugendo (Président du jury) Dr. Jean-Marc Seigneur (Co-directeur de thèse) Prof. Dimitri Konstantas (Co-directeur de thèse)

Prof. Sviatoslav Voloshynovskiy, Prof. Yanjun Zuo, University of North Dakota

Thèse no 834 Genève, 6 Mars 2014

(3)

(4)

La Faculté des sciences économiques et sociales, sur préavis du jury, a autorisé l’impression de la présente thèse, sans entendre, par là, émettre aucune opinion sur les propositions qui s’y trouvent énoncées et qui n’engagent que la responsabilité de leur auteur.

Genève, 6 Mars 2014 Le doyen

Bernard MORARD

Impression d'après le manuscrit de l'auteur

(5)

(6)

Table of Contents

Table of Contents ... iii

Résumé ... v

Abstract ... vii

Acknowledgements ... ix

Remerciements ... xi

Publications related to this Ph.D ... xiii

Chapter 1. Introduction ... 1

1.1 Aims and Objectives ...3

1.2 Contribution of this Thesis...4

1.3 Organization of this Thesis...5

Chapter 2. Moving Towards the Selection of Trustworthy Wireless Networks Based on Sound Criteria ... 7

2.1 Definition of the main criteria for Wi-Fi Networks Evaluation ...7

2.2 Comparison of the Main Websites According to the Previously Listed Criteria 10 2.3 Evaluation Criteria Discussion ... 14

2.3.1 Aspects Concerning Evaluation ... 14

2.3.2 Aspects Concerning Security ... 15

2.3.3 Aspects concerning the site information ... 16

2.3.4 GAP... 17

Chapter 3. Related Work on Wireless Access Point Evaluation Trust ... 21

3.1 Trust and Reputation definition ... 21

3.1.1 Trust definition ... 21

3.1.2 Reputation definition ... 22

3.2 Related Work on Wireless Network Selection ... 22

3.3 Related Work about Quality of Experience (QoE) ... 26

3.4 Related Work on Trust and Reputation ... 28

3.5 Analysis ... 42

Chapter 4. Design of a Novel Trust Metric and Model for Wi-Fi Selection, based on Sound QoS/QoE-based Criteria ... 47

4.1 Verifying Hotspot Quality User Rating With Certified QoS Evidence ... 47

4.1.1 Certifying QoS Evidence ... 51

4.1.2 Delay and Jitter ... 53

4.1.3 Packet Loss ... 56

4.1.4 Rules ... 56

4.1.5 Synthesis ... 57

4.2 The Novel Trust and Reputation Model for trustworthy Wi-Fi evaluation based Certified QoS ... 57

4.2.1 Assumptions ... 57

4.2.2 Concepts definition ... 59

4.2.3 Trust and Reputation Model ... 59

4.2.4 Trust Functions ... 67

(7)

Chapter 5. Implementation and Evaluation of our HotspotTrust Framework 71

5.1 AnyLogic Presentation and Model Set-Up ... 71

5.1.1 Anylogic Presentation ... 71

5.1.2 Model Set-up ... 72

5.2 Geneva APs Scenario ... 76

5.3 Scenario and Results with our solution ... 77

5.4 Results with Salem Metrics and EigenTrust Metrics ... 81

5.4.1 Salem ... 82

5.4.2 EigenTrust ... 86

5.4.3 Comparison Summary ... 90

Chapter 6. Conclusion and Future Work ... 93

Bibliography ... 96

(8)

Résumé

Depuis quelques années les technologies sans fil connaissent un grand succès et la tendance n'est pas à la baisse. Ce succès est notamment dû à de la mobilité offerte aux utilisateurs. Ces réseaux sans fil ont favorisé le grand succès des appareils mobiles. Dans les technologies sans fil nous retrouvons:

les réseaux sans fils personnels, dans cette catégorie on a le RFID, Zigbee et le Bluetooth qui est le plus connu des réseaux sans fils personnels; il y a aussi les réseaux locaux sans fils; dans cette catégorie on retrouve la technologie sans fil la plus connue qui est le Wi-Fi qui sera le réseau sans fil concerné dans notre travail de thèse; ensuite nous avons aussi les réseaux sans fils métropolitains;

dans cette catégorie on retrouve le WiMAX et pour finir on a aussi les réseaux sans fils à longue distance, dans cette catégorie on a l'Internet par satellite.

Le Wi-Fi est une technologie sans fil mise en place afin de fonctionner en réseau interne et permet d'avoir accès avec du haut débit à Internet.

Malheureusement, le risque d'utiliser une connexion Wi-Fi varie et il n'existe aucun moyen de sélectionner le point d'accès le plus digne de confiance. Dans ce travail, nous nous concentrerons sur les moyens qui peuvent aider les utilisateurs à choisir la meilleure connexion sans fil. Pour ce faire, nous allons étudier les solutions existantes tel que les sites web fournissant un service d’évaluation des réseaux Wi-Fi, et ainsi définir les critères principaux nécessaires à l’utilisateur pour pouvoir choisir le réseau Wi-Fi le plus digne de confiance.

L’un des plus importants sites recensant les hotspots à travers le monde est Wefi. Wefi à ce jour a recensé plus de 195 millions hotspots à travers le monde.

Wefi permet aux utilisateurs de donner une évaluation aux hotspot utilisés par les utilisateurs. Cependant, il n'existe aucun moyen de vérifier si l’évaluation de l'utilisateur est digne de confiance ou non. Dans le but d'aider l'utilisateur à choisir le meilleur réseau, nous proposons d'utiliser les informations sur la qualité de service du réseau tel que le delay, jitter et les packet loss ainsi que les concepts confiance et de réputation sur ces réseaux sans fil. De nombreux travaux on été réalisé dans le domaine en utilisant la qualité d’expérience des utilisateurs, le concept de confiance et réputation. Je présente les travaux réalisés dans ces domaines à savoir la qualité d’expérience d’un utilisateur, la sélection de réseaux Wi-Fi et bien sur la confiance et la réputation. La liste des travaux présentés n’est pas exhaustive mais permet d’avoir un aperçu des travaux réalisés dans les domaines concernés. Nous avons comparé aussi tous les travaux concernant la confiance et la réputation en fonction des paramètres de confiance et de la résistance aux attaques dans un tableau comparatif afin ressortir les faiblesses et les points de chaque solution présentée. Cette analyse montre que la majorité des travaux utilisant le concept de confiance et réputation ne prennent pas en compte la résistance à la majorité des attaques qui est un critère important de nos jours lors de la réalisation d’une solution.

Ma solution permet aux utilisateurs d'évaluer les réseaux Wi-Fi qu'ils ont utilisés et de vérifier que leurs évaluations correspondent à la vraie qualité du réseau qu'ils ont expérimenté en mesurant et en certifiant la qualité de service comme le delay, jitter et packet loss.

(9)

Le processus qui permet de mesurer les paramètres de la qualité de service se fait à travers un protocole innovant qui permet de certifier ces mesures dans différents cas. Mais il existe un cas où ma solution n’est pas capable de certifier ces mesures, pour traiter ce cas j’utilise le concept de confiance.

J'ai validé ma solution par des simulations en utilisant AnyLogic qui est un outil de simulation dynamique. Outre les simulations nous avons comparé les résultats obtenus de notre solution avec ceux des deux solutions existantes qui traitent de la même problématique en utilisant le concept de confiance:

EigenTrust et Salem [37]. En Comparant ma solution avec celle proposée par Salem pour sélectionner les points d'accès et avec l'algorithme de EigenTrust, j’ai trouvé que ma solution était plus robuste que celle de Salem, parce que ma solution est plus résistante aux attaques telles que l'insertion de points d'accès malveillants. En ce qui concerne EigenTrust, ma solution peut traiter avec un pourcentage plus élevé de points d'accès malveillants parmi tous les points d'accès de EigenTrust.

(10)

Abstract

In recent years, wireless technologies have become very popular and the trend is continuing to climb. This success is mainly due to the mobility offered to users.

These wireless networks have promoted the great success of mobile devices. In wireless technologies we find: personal wireless networks, in this category are RFID, Zigbee and Bluetooth, which is the most famous wireless network in this category. Besides personal wireless networks, there are also local wireless networks, in this category the best-known wireless technology is Wi-Fi; which will be the wireless network involved in our thesis. Then there are wireless metropolitan networks, this category includes WiMAX. And finally there are also long distance wireless networks, which include satellite internet. Wi-Fi is a wireless technology implementation used to run in-house networks and allow users access to broadband Internet. Unfortunately, there is a risk using Wi-Fi which is the range since there is no way to select the most trustworthy Wi-Fi network. In this thesis, we focus on ways that can help users to choose the best Wi-Fi network for their needs. To do this, we will study existing solutions such as websites that provide an assessment service for hotspot Wi-Fi networks and identify key criteria important for the user when choosing the most trustworthy hotspot Wi-Fi network. A hotspot is a public place giving access to a wireless network (Wi-Fi) that allows users of mobile device (laptops, tablets, smartphones) to easily connect to Internet. It’s also call Access Point (AP).

One of the most important sites to identify hotspots around the world is Wefi.

Wefi identifies more than 195 million hotspots around the world. Wefi allows users to provide a review of the hotspots that have been accessed by the users.

However, there is no way of judging whether the user is trustworthy or not. In order to help the user choose the best network, we propose using information on the quality of service such as delay, jitter and packet loss, as well as the concepts of trust and reputation. Many studies have been done in the field using the quality of user experience and the concept of trust and reputation. We present some works in these areas concerned with learning the quality of the user’s experience, the selection of the Wi-Fi networks and the trustworthiness and reputation of the networks. The list of works presented is not exhaustive, but it provides an overview of work that has been done in the field. We also compared all the work on trustworthiness and reputation within the parameters of trust and resistance to attacks in order to highlight the weaknesses of each solution, and have presented this information in a table. What emerges of this comparison is that the majority of studies using the concept of trust and reputation do not take into account the resistance against the majority of attacks as an important factor for achieving a solution.

Our solution allows users to rate the networks they have used and to check that their assessments reflect the true network quality they have experienced by measuring and certifying the quality of service such as delay, jitter and packet loss. The measuring process follows an innovative protocol that certifies the measurement in different cases. In fact, there is one remaining case that we cannot certify. We mitigate this case with trust management.

I have validated my proposed solution through simulation using the dynamic simulation tool AnyLogic and comparing the results of our solution to those of

(11)

two previous well-known trust metrics: EigenTrust and Salem metrics. AnyLogic is a simulation tool that can have different types of modeling and simulation system dynamics, discrete events, multi-agent systems. These AnyLogic’s features have allowed me to validate my solution

Comparing my solution with that proposed by Salem for selecting APs and with EigenTrust’s algorithm, I find that my solution is more robust than the one in Salem et al. because my solution is resistant to attacks such as inserting malicious APs and inserting malicious users. Regarding EigenTrust, my solution can deal with a higher percentage of malicious APs among all APs than EigenTrust.

(12)

Acknowledgements

Firstly, I would like to thank my supervisor, Dr. Jean- Marc Seigneur, for giving me the opportunity of conducting this research work, for his help and valuable advice over the years. I am also grateful for the time, the educational and scientific qualities, along with the frankness and sympathy that he has given me during all this time; I am as glad as I learned these much from him over the years.

I also extend warm thanks to my co-supervisor, Prof. Dimitri Konstantas, Vice Dean of the Faculty of Economic and Social Sciences at the University of Geneva, for his wise counsel and listening skills that were paramount for the success of this thesis. I would like to thank the members of the jury of this thesis Prof.

Sviatoslav Voloshynovskiy, Professor at the University of Geneva, and Prof. Yanjun Zuo, Professor at the University of North Dakota for their interest in my research topic. I also want to thank them for the valuable feedback and comments that helped me to improve the quality of my thesis manuscript. I extend these thanks to Prof.

Di Marzo Serugendo Giovanna, Professor at the University of Geneva, Jury Chair, whose recommendations, remarks and comments helped to finalize this thesis. I also give thanks to my office mate Mr. Carlos Ballester Lafuente for his help and contributions during this thesis. I will also like to thank Mrs. Wanda Opprecht for the tips and suggestions that she came up with: they have been very useful to me. I also want to thank my friend Dr.

Loukakou Destiny for all those moments spent together discussing our respective PhD thesis and for his support during this thesis. I also want to thank Mr. Abel Fouopi for his help and guidance when I was in Ireland. I want to thank my dear and loving mother who always believed in me, and for her unconditional support during all my studies; her presence and encouragement made what I am today. I want to thank my brother Olivier for his material and moral support during my years of study. I also want to thank my sister Manon, without whom I would not be where I am now, for her sacrifices and love that helped me immensely with my studies. I want to thank my wife Daphne for her love, patience, and unfailing daily support during these years. Thank you for been around during my moments of doubt. On the same line, I also want to say thank you to my son Eliot Titi whose constant smile gave me the strength and motivation to continue and complete this thesis.

(13)

Finally, to conclude my gratitude, a deep thought to my late father who was not here to witness the culmination of my work, but would have been proud of me. Thank you everybody for everything!

(14)

Remerciements

Je souhaite remercier en premier lieu mon directeur de thèse, Dr.

Jean-Marc Seigneur, pour m’avoir confié ce travail de recherche, ainsi que pour son aide et ses précieux conseils au cours de ces années. Je lui suis également reconnaissant pour le temps conséquent qu’il m’a accordé, ses qualités pédagogiques et scientifiques, sa franchise et sa sympathie. J’ai beaucoup appris à ses côtés et je lui adresse ma gratitude pour tout cela. J’adresse de chaleureux remerciements à mon co-directeur de thèse, Prof.

Dimitri Konstantas, Vice-Doyen de la Faculté de Sciences Economiques et Sociales de l’Université de Genève, pour ses conseils avisés et son écoute qui ont été prépondérants pour la bonne réussite de cette thèse.

Je voudrais remercier les membres du jury de cette thèse Prof.

Sviatoslav Voloshynovskiy à l’Université de Genève et Prof.

Yanjun Zuo à l’Université du Dakota du Nord pour l’intérêt qu’ils ont porté à mon travail. Je tiens aussi à les remercier pour les précieuses remarques et commentaires qui m’ont permis d’améliorer la qualité de mon mémoire. Je remercie Prof. Giovanna Di Marzo Serugendo à l’Université de Genève, Présidente du Jury de Thèse pour ses recommandations, remarques et commentaires qui m’ont permis de finaliser cette thèse. Je remercie aussi mon collègue de bureau M. Carlos Ballester Lafuente pour son aide et ses contributions durant cette thèse. Je tiens aussi à remercier Mme. Wanda Opprecht pour ses conseils et suggestions qui m’ont été fort utiles. Je tiens à remercier aussi mon ami Dr. Loukakou Destiny pour tous ces moments passés ensemble à discuter sur nos thèses respectives et pour son soutien durant cette thèse.

Je tiens à remercier ma chère et tendre mère qui a toujours cru en moi et pour son soutien inconditionnelle durant toutes mes études.

Sa présence et ses encouragements sont pour moi les piliers fondateurs de ce que je suis. Je tiens à remercier mon frère Olivier pour son soutien matériel et moral durant toutes mes années d’études. Je tiens aussi à remercier ma sœur Manon sans qui je ne serais pas là où je suis, par ces sacrifices et son amour m’ont permis de faire de grandes études.

Je tiens à remercier ma femme Daphné pour son amour, sa patience et surtout son soutien quotidien indéfectible durant ces années de thèse car elle a su me supporter et me soutenir durant

(15)

les moments de doutes. J’aimerai aussi remercier mon fils Eliot Titi qui par son sourire de chaque matin me donnait la force de continuer et la motivation nécessaire pour finir la thèse.

Une profonde pensée pour terminer ces remerciements pour mon papa décédé qui n’a pas vu l’aboutissement de mon travail, et qui aurait été fier de moi. Tout simplement merci pour tout…

Je dédie cette thèse à mon père Dr. Abel Titi.

(16)

Publications related to this Ph.D

1. Xavier Titi, Carlos Ballester Lafuente and Jean-Marc Seigneur

"Trust Management for Selecting Trustworthy Access Points", International Journal of Computer Science Issues (IJCSI), Volume 8, Issue 2, March 2011.

2. Xavier Titi, Tewfiq El Maliki, Jean-Marc Seigneur,"Trust-based Hotspot Selection", IADIS International Conference e-Society 2010, Portugal. Best Quantitative paper award.

3. Xavier Titi, Jean-Marc Seigneur, "Verifying Hotspot Quality User Rating With Certified QoS Evidence", The Fourth International Conference on Emerging Security Information, Systems and Technologies SECURWARE 2010 July 18 - 25, 2010 - Venice/Mestre, Italy.

4. Xavier Titi, B. Yavuz, L. Ridel, Jean-Marc Seigneur,"Reputation System for Access Point Selection", International Conference on New Media and Interactivity Istanbul, 2010.

5. Xavier Titi, Carlos Ballester Lafuente and Jean-Marc Seigneur,

"Boosting Trustworthy Hotspot QoE Rating With Implicit Hotspot QoS Evidence", IADIS International Conference e-Society 2011 Avila,Spain 10-13 March.

6. Xavier Titi, Carlos Ballester Lafuente and Jean-Marc Seigneur,

"Trust and Reputation Management for Detecting Untrustworthy Access Points", International Conference on Reputation - Society, Economy, Trust. Montpellier, France, 19 September 2011

7. Jean-Marc Seigneur, Xavier Titi,Tewfiq El Maliki, “Towards mobile/wearable device electrosmog reduction through careful network selection”, Augmented Human International Conference.

Megève, France, 2010.

8. Xavier Titi and Jean-Marc Seigneur,"Boosting Trustworthy Hotspots Rating with Implicit Hotspot QoS Evidence", Future Internet Assembly, Stockholm, 2009. Best Poster award- 3rd Place.

9. Jean-Marc Seigneur and Xavier Titi, Reputation-based Telecommunication Network Selection", in the Proceedings of the 7th International Conference on e-Society, IADIS, 2009.

(17)

10. Jean-Marc Seigneur, Xavier Titi and L. Ridel,"User-Driven Reputation of Mobile Network Providers", ERCIM eMobility Working Group, 2009.

11. Jean-Marc Seigneur, Xavier Titi, L. Ridel and B. Yavuz,"User- Driven Trust Computation in Wireless Network and Telecommunication Providers", Wireless World Research Forum (WWRF), 2009.

12. Carlos Ballester Lafuente, Xavier Titi and Jean-Marc Seigneur,

"Flexible Communication: A Secure and Trust-Based Free Wi-Fi Password Sharing Service", TRUSTCOMM'11 - UbiSafe Symposium, Changsha, China.

(18)

(19)

(20)

Chapter 1. Introduction

In recent years, wireless technologies have become very successful and the trend is continuing to grow. In wireless technologies we find: Wireless Personal Area Network (WPAN), and in this category we have RFID, Zigbee and Bluetooth; which is the most popular of the private wireless networks. Secondly, we have Wireless Local Area Network (WLAN), and in this category we have wireless technology known as Wi-Fi; which will be the main theme of this thesis. Then, there is also the Wireless Metropolitan Area Network (WMAN); in this category we have WiMAX. And finally we have the long distance Wireless Wide Area Network (WWAN), and in this category we have Internet by satellite. In this thesis, our work is focused on Wi-Fi. Wi-Fi is a wireless technology set up to operate an internal network which provides access to broadband Internet. There are two ways of connecting to Wi-Fi: the infrastructure mode that is characterised by the fact that the connection is established through an access point that is connected to a wired network; or the ad hoc mode characterised by the fact that it is totally dynamic, meaning that computers are connected with each other. Wi-Fi opens up prospects of great interest, for example it offers the possibility to connect to the Internet anywhere that there is an access point accessible to the user. The number of Wi-Fi networks is growing rapidly because of the increasing number of shared free personal Wi-Fi access points. WeFi [1], one of the websites that evaluates Wi-Fi networks, lists more than 195 millions Wi-Fi networks around the world. Wi-Fi networks have widely spread across many locations like airports, cafes, businesses and university campuses.

Wi-Fi offers response to the demand for the continuously growing amount of users who need to always be connected. Unfortunately, it has been reported [2] that fake Wi-Fi networks have been set up in airports. This is dangerous as the users have no means of knowing which Wi-Fi networks are trustworthy. It is important to know whether the Access Points (APs) within range are trustworthy or not as in some locations, it is not uncommon to find more than five potential Wi-Fi networks to connect to. Accordingly, the opinions of users who have used some access points are important to help future users to know which access points they can rely on. The idea of involving users’ opinions gives them the feeling that they are taking part in a larger community and that their

(21)

points of view are important for the good of the community.

Although it is known that systems based on popularity are not infallible, this kind of system can still be used like an initial filter for the multitude of Wi-Fi networks found at any given location. The feedback from a user is called the Quality of Experience (QoE).

The QoE is a subjective measurement of a customer's experience with a vendor [3]. In order to assess the QoE, we provide the users with the means to rate each network that they have used. This rating will reflect the user’s degree of satisfaction, which in turn will provide an accurate estimate of the user’s QoE regarding the network that was used. Many works have been done regarding the selection of the Wi-Fi network like [20, 21, 22, 5], but unfortunately these works do not allow users to choose the trustworthy network based on past user experiences which are certified. This thesis will demonstrate how my proposed solution will help users to choose which Wi-Fi networks, out of all of those available, are trustworthy.

My solution will not only be able to help users choose the most trustworthy network, but will be also resistant against attacks. In our simulations, this reputation system, called HotspotTrust, has significantly increased the chances to choose the most trustworthy wireless AP; even under a variety of bad conditions, i.e. with bad Wi-Fi networks in place and even with malicious users cooperating in an attempt to deliberately subvert the system by giving an inaccurate rating to an AP. We propose to use trust and reputation in order to help users choose trustworthy Wi-Fi networks based on the QoE of users. In the next section, we present the goals of this thesis. This thesis has been done in the context of the EU-funded ICT FP7 PERIMETER project. PERIMETER’s main objective was to establish a new paradigm for user-centricity in advanced networking architectures. In contrast with network-centric approaches, user-centric strategies could achieve seamless mobility driven by actual user needs rather than simply business considerations. Putting the users at the centre rather than the operator enables them to finely control the way their identity, preferences and credentials are sued. Furthermore, in this project, seamless mobility is streamlined according to user preferences, enabling mobile users to be “Always Best Connected” (ABC) in multiple-access multiple-operator networks of the Future Internet.

(22)

1.1 Aims and Objectives

Many works have been done on the selection of Wi-Fi network.

This thesis tries to response to the problem of how to help users to select the most trustworthy network between several. My proposed solution is based on QoS evidence and trust and reputation. My solution is designed and implemented in a way that is easily accessed by the user, meaning on the mobile phone of the user and also on our server. Then, it must be validated so that my solution can effectively be used. Since there are a number of attacks that my solution can be vulnerable to, a discussion from a security point of view must be addressed. A threat analysis is required to evaluate the robustness of my solution. Although concrete global computing environments do not yet exist, tests in related existing environments are needed.

The measurable objectives listed below are validated:

 New trust metric: The design of a novel computational trust metric for Wi-Fi selection based on sound QoS/QoE-based criteria:

o The user’s rating.

o Securely gathered QoS parameters such as delay, jitter and packet loss in order to detect when a user cheats.

 New Trust model: A new trust model that is characterized by a trust value. This trust value represents the trust level of the AP, based on the previous experiences of the users with that AP, and it is signed and sent to our server.

 Android application: An Android application that will run on android phones. This application will allow users to evaluate the networks they use. Knowing that it is easy to propose new assessment services, we seek to make it resistant to attacks i.e. preventing a cheating user from misjudging a network that is actually a good network.

 Resistant to attacks based on false recommendations for the attacks may have weight based on the fact that there is a cheater among the user's friends.

 Consideration of a behaviour change, that is to say that the APs are able to gain the trust of users who act normally at first to acquire a good value of trust and then begin to deceive. (Whitewashing-Access Point Suspicion (APS)).

(23)

 Introduction to Access Point Maliciousn (APM).

 Introduction of a group of Access Point Malicious.

 Introduction of Malicious User (UM).

All these terms (UM, APS, APM) will be explain later. To measure whether these technical objectives were met, I have set up a similar simulation environment to compare my solution with the main state-of-the art solutions: EigenTrust [29] and Salem’s solution [37].

1.2 Contribution of this Thesis

Within the context of this thesis, I have designed, implemented and evaluated my solution that combines computational trust and reputation based on sound QoS (Quality of Service) evidence in order to help users choose trustworthy Wi-Fi networks. Wi-Fi network selection is still a critical problem which shows that choosing a Wi-Fi network based solely on signal strength causes the user to miss significant opportunities for Internet connectivity.

In the real world, users might have to try several available Wi-Fi networks before finding a usable connection; which can be a long and boring task. The contributions are defined in the following way:

 A new trust model that is characterized by a trust value. This trust value represents the trust level of the AP, based on the previous experiences of the users with that AP, and it is signed and sent to our server.

 The design of a novel computational trust metric for Wi-Fi selection based on sound QoS/QoE-based criteria:

o The user’s rating.

o Securely gathered QoS parameters such as delay, jitter and packet loss in order to detect when a user cheats.

 The implementation of this novel computational trust metric in Java as part of an AnyLogic simulation environment and an Android application connected to Facebook will help ease the social recommendations and be able to, with the help of a number of servers, securely check QoS parameters such as delay, jitter and packet loss in order to prevent users from cheating. Finally, my solution provides

(24)

the user with information about the level of trustworthiness of APs before connecting through the use of telecom operator connections (GPRS, 3G, etc.).

 The evaluation of this novel trust metric for Wi-Fi selection based on simulations after being implemented, as well as the main related trust metrics for comparison; especially from an attack-resistance point of view will stop :

o False recommendations.

o Whitewashing-Access Point Suspicion (APS) o Introduction of Access Point Maliciousness (APM).

o Introduction of group Access Point Malicious (APM Group).

o Introduction of User Malicious (UM).

1.3 Organization of this Thesis

After the introduction to Wi-Fi network selection, the aims and objectives and the general contribution of this thesis, we have structured the remainder of this thesis as follows. In Chapter 2, we compare the existing websites that offer an evaluation system of access points based on, what is in our point of view, the most relevant criteria for the evaluation of Wi-Fi networks. Chapter 3 presents the related work on trust and reputation of networks. In Chapter 4, we present the novel trust metric for Wi-Fi Selection based on Sound QoS/QoE-based Criteria such as delay, jitter and packet loss and also our trust model. The measuring process of these criteria follows an innovative protocol that certifies each measurement in different cases. Chapter 5 describes the implementation and evaluation of our solution. In this Chapter, we present the simulation tool AnyLogic, and in the model set-up we validate our work by presenting qualitative and quantitative results in these selected application scenarios. Finally, Chapter 6 concludes this thesis and I summarise the positive points of our work and outline the issues that remain open for future work.

(25)

(26)

Chapter 2. Moving Towards the Selection of Trustworthy Wireless Networks Based on Sound Criteria

This section describes the kind of services web site that help user to choose Wi-Fi networks and enumerates the main criteria for the best web site service. An evaluation of the main websites will be done on different criteria

2.1 Definition of the main criteria for Wi-Fi Networks Evaluation

The number of access points in the world has increased significantly and this fact has allowed for the appearance of many services related to Wi-Fi. In this thesis, we focus on the Wi-Fi sharing service. There are many service sites that list the access points around the world, however, all these sites differ from each other by their evaluation criteria or the number of access points that they identify. These sites allow users to give an evaluation of the access points they have used. If the access point has not yet been identified, these sites offer users the possibility to record new access points to their databases. However, all these sites do not have the same evaluation system. An evaluation system is a method used to evaluate a result, but the value of a result cannot be measured. It is applied in various fields where results are expected, but not measurable. A good evaluation depends on the selected criteria. The issue in the definition of these criteria is the most important and relevant to the assessment.

It is important that users can rate a hotspot after using it and that we put this ability at their disposal; and it is also important that these assessments are made available to future users of these hotspots. But before any assessment can be made, we must define the purpose this evaluation will serve. The criteria defined in the evaluation will estimate the confidence one can have in a Wi-Fi network; which will be used as a basis for comparison between networks. The criteria that I present are not exhaustive, but they seem to be the most relevant for me, because they cover all field of Wi-Fi network (security, signal strength,..). Thus, the user, according to his preferences, can choose the network that they prefer. To do this analysis of the sites which offer an inventory of access points, we compare the Wi-Fi systems offered by these

(27)

sites according to our criteria. The best solution should contain the majority of the criteria that we present. These criteria seem, for us, most relevant because they give us a clear picture of each of the hotspots. These criteria can be divided in 5 categories. The first category is User Account Information. This category regroups all information about the user in the website. The second category is User Friendliness. This category regroups all information about functionalities of user in the website that is user friendly. The third category is Hotspot Information. This category regroups all information about hotspot. The fourth category is Hotspot Performance. This category regroups all information about hotspot performance. The fifth category is Hotspot Security. This category regroups all information about the security of the hotspot.

User Account Information

●User Account: This allows identification of the user of our system. This criterion is essential because it is critical to identify the user who votes to prevent cheating.

●User location: This criterion is used by the administrator to prevent miscalculations; for example, preventing a user who is in Paris from evaluating a hotspot located in London. This information gives the administrator the ability to identify a user’s location and compile statistics on the rate of activity in a given area.

●Number of User Accounts: This criterion indicates to the user the number of user accounts that the website has. This information is very important because it could greatly influence the users, but it is very difficult to verify the trustworthiness of this information.

●Voting: For evaluating the network by giving users the possibility to vote about a hotspot. This allows for the ability to check whether the site has an evaluation system.

●Number of Votes: This criterion is very important because it allows the user to have an indication for the user rate of this hotspot.

User Friendliness

●Text Comment: This criterion will serve to inform the user about the feedback from other users.

(28)

●Video or Picture presentation: Indicates whether the site provides photos or videos of the access point’s location.

●Search on Map: This criterion indicates whether the site offers the opportunity for users of their site to search for hotspots on a map.

●Social Network: This criterion will indicate to the user if the site incorporates a social network.

Hotspot Information

●Price: This information will indicate to the user if the hotspots identified are free or not.

●Open to all Providers: This information indicates if the hotspots recorded are for only one provider. This criterion is important because it will establish whether the site is connected to a specific supplier, which is a strong indication on the reliability of that website.

●Worldwide: This criterion indicates whether the site identifies hotspots around the world. However, this information is difficult to verify.

●Number of hotspots: This criterion indicates to the user the number of hotspots recorded by the website. This information can significantly influence the user. This information is very important because it could greatly influence the users, but it is very difficult to verify the trustworthiness of this information.

●Compatibility: This criterion indicates what type of Wi-Fi the hotspot offers.

Hotspot Performance:

●Coverage of hotspot: This criterion allows the user to have an indication of the scope of the access point.

●Quality of Connection: This criterion test will give concrete information about the connection.

●Rate: This criterion can give information about data transfer rate which is the average number of bits, characters, or blocks per unit time passing between equipment in a data transmission system.

(29)

●Signal Strength: Indicates whether the site indicates the signal strength of the access point or gives the ability to assess the signal strength.

●Energy: This test will indicate to users the amount of energy required when using a certain access point. For example, different types of Wi-Fi networks consume different amounts of energy.

Hotspot Security

●Security: This criterion indicates whether the hotspot provides some encryption mechanism to ensure the protection of data.

So with these criteria, the user has all the necessary information to choose the access point, which corresponds to their particular preferences. In the tables below, we have summarised all the characteristics of these sites. In these tables, all the information characterising these sites has been rated.

2.2 Comparison of the Main Websites According to the Previously Listed Criteria

This subsection enumerates the main website and I compared these websites according to the previously listed criteria

Websites without hardware provided

www.journaldunet.com/wifi [7]:

User Account  Search on Map 

Evaluation  Software X

Number of Voting  Picture of video presentation X

Text Comment  Signal Strength X

Number of hotspot ~8042 Coverage of hotspot X

Number of User Account X Quality of Connection X

Price  Rate 

Social Network X Compatibility X

User location X Energy X

Open to all provider  Security X

Worldwide X

(30)

www.cafes-wifi.com[8]:

User Account X Search on Map 

Number of Voting  Picture of video presentation 

Number of hotspot ~146 Coverage of hotspot X

Price  Rate 

Worldwide X

www.jiwire.com [9]:

www.wefi.com [1]:

Number of Voting X Picture of video presentation X

Text Comment  Signal Strength 

Number of hotspot ~500 000 Coverage of hotspot X Number of User Account X Quality of Connection X

Price X or  Rate X

Social Network X Compatibility 

Worldwide 

Evaluation  Software 

Number of Voting X Picture of video presentation 

Number of hotspot ~195 699 888 Coverage of hotspot X Number of User Account X Quality of Connection X

Price X or  Rate X

Social Network  Compatibility X

User location  Energy X

Worldwide 

(31)

www.ict-perimeter.eu [10]:

Websites with hardware provided

In this section, we present the sites offering the material to create individual mesh networks; and as they have different features, we add to this category only the following criteria: Business model, Number SSID, Authentication Methods and Price.

www.gespot.ch [11]:

User Account  Search on Map X

Evaluation  Software 

Number of Voting  Picture of video presentation 

Number of hotspot X Coverage of hotspot 

Number of User Account X Quality of Connection 

Price X or  Rate 

Social Network X Compatibility 

User location  Energy X

Open to all provider  Security 

Worldwide 

Evaluation X Software X

Number of hotspot Unknown Coverage of hotspot X

Number of User Account Unknown Quality of Connection X

Price X Rate X

Open to all provider X Security X

Worldwide X

(32)

www.fon.com [12]:

www.meraki.com [13]:

www.open-mesh.com:[14]

User Account  Search on Map 

Price X Rate X

Worldwide X

Price X Rate X

Worldwide X

Price X Rate X

Worldwide X

(33)

www.worldspot.net [15]:

2.3 Evaluation Criteria Discussion

We will first discuss the aspects of the evaluation method of Wi-Fi on the different sites, and then the security, the aspects concerning the information on each website.

2.3.1 Aspects Concerning Evaluation

When a user finishes using a hotspot, it is important that the user can evaluate that hotspot. This evaluation must also be available for future users of that hotspot. We have listed the websites offering an evaluation system for hotspots. This list is not exhaustive, but it contains the most important websites. There are also websites which have a less advanced evaluation system than other websites. For example, the evaluation system of websites like Journaldunet and Freespot only allow users to leave a text comment on the hotspot; yet this still allows users to see the number of these text comments, which is indicative of the amount of traffic to a certain hotspot. However, the websites Jiwire, Café- wifi and Wefi have a more complete evaluation system. Regarding the evaluation system of Jiwire, it differs from others by including an assessment of the signal strength of the Wi-Fi from 0-5 in their

Price X Rate X

Worldwide X

(34)

evaluation system, which helps estimate the degree of user satisfaction. Jiwire provides a rating about the place where the hotspot is located, for example users can rate the environment.

Café-wifi has an evaluation system with various criteria, besides an overall score on the satisfaction of the user. It indicates us the number of users who evaluated the hotspot, this enables future users to know the attendance rate. Unfortunately, Café-wifi is limited in only being able to identify the cafes, parks and gardens of Paris. But it also provides information relating to commercial establishments such as the number of electrical outlets available or if the space is smoking or non-smoking. The system evaluations of these websites can be arranged into two classes. The first class is an evaluation system focusing on the quantity of the score that is provided by the user with a simple notation. The user just gives a score in this case between a minimum of 0 and a maximum of 5 for all these sites. So in this type of system, the final score is simply the sum of all the scores divided by the number of assessors to view the evaluation. The second class is the evaluation systems which focus on quality. These websites, like Jiwire, provide more information besides just the evaluation score, about whether or not the signal is good. On Café-wifi, users can find information about a location’s atmosphere and even photos of the place, this is ideal for tourists. Systems focusing on quality evaluations are preferable because they allow the user to know if the location of a hotspot has a good signal, as well as if it is a quiet place.

2.3.2 Aspects Concerning Security

Regarding websites offering software like Wefi, which is highly developed and has a very good system of evaluation, the evaluation system prevents a Wefi user to rate a hotspot if he is not connected to this hotspot. This security prevents some malicious users from evaluating the hotspots for personal purposes. There is a big security gap when the hotspot does not have security protocol like (WEP, WAP and WAP2). In fairness to other users, who must prevent a user from giving a bad evaluation when a network with a good QoS was used, or from giving a good evaluation when a network with a bad QoS was used. To conclude this security aspect, there is a project being developed called PERIMETER [10], which aims to let the user choose the network that best responds to their preferences. This is a very important

(35)

legal aspect that cannot be overlooked, especially when it comes to Wi-Fi Connection Sharing. Those who share their connections with other are considered responsible for their network. In other words, whether the owner of the network or someone else is making use of the network to commit illegal acts (terrorism, pedophilia etc.), the owner will be the one held responsible. It will be up to the owner to prove their innocence by proving that it was someone else who was connected to their network. The danger of these websites lies in the fact that the users can access the hotspots paid or free, and it is difficult for administrators to check the veracity of this information. Thus, a user can access a hotspot by specifying that it is free, or that it belongs to a person who has left their Wi-Fi without protection. Users who connect to this kind of hotspot may be pursued by justice. For example, in France it is forbidden to connect to someone’s personal Wi-Fi network if this network is not locked. Even if it was just for personal emails, people will be outlawed; even if there was no protection preventing the connection. The analogy can be made in this respect to explain why, “if someone leaves the door of his house wide open when going out and a stranger comes into the house, he would have committed a crime”. The French penal code is quite clear, Article 323-1of the Criminal Code says: "Art.323-1 (Order No. 2000-916 of 19 September 2000 art. 3 Official Journal of 22 September 2000 into force on 1 January 2002) (Act No. 2004-575 of 21 June 2004 art. 45 I, Official Journal of 22 June 2004). The act of accessing or fraudulently maintaining all or part of a system of automated data processing is two years imprisonment and 30,000 Euros fine. If it results in either the removal or modification of data contained in the system, or a change in the workings of the system, the penalty is three years imprisonment and 45,000 Euros fine.

2.3.3 Aspects concerning the site information

To assess the importance of a website, the users must check the number of hotspots that the website identifies. Relying on this criterion, Wefi is the most important website because Wefi identifies more than 195 million hotspots. Wefi can identify more hotspots than other websites. This number of hotspots increases significantly every hour, however, which lead me to have some

(36)

doubts about the reliability of this information. The user has no way of checking if this number is correct. Thus, it can influence the user’s judgment about why Wefi has such a large number of hotspots. This shows the importance of feedback left by users who then serve as proof of the existence of all these hotspots. Other websites identified far fewer hotspots than Wefi. Jiwire lists just over 500,000 hotspots. There is also the number of users of their services, meaning membership to the website. Unfortunately, not all of websites offer this feature. This information could be an indication of the trust or lack of trust might have concerning this website. Despite the evaluation system of these websites, it shows proof that very few users take the time to assess these hotspots. In our opinion, there should be more motivation for users to evaluate hotspots. It must be stressed that through the hotspots identified in these websites, we found that for the same hotspots accessed from different websites, people did not have the same assessment.

We can explain these differences by the fact that every human being has their own appreciation and that for the same hotspot;

users will not have the same experience. This difference reflects the fact that all users do not do the same things online when they are connected.

2.3.4 GAP

Within the context of this thesis we have designed, implemented and evaluated our solution which combines trust and reputation in order to help users choose reliable Wi-Fi networks. Wi-Fi network selection is still a critical problem that shows that choosing a Wi-Fi network based only on signal strength causes the user to miss significant opportunities for Internet connectivity. In the real world, users might have to try several available Wi-Fi networks before finding a usable connection, which is a time-consuming task. Our framework is called HotspotTrust, and it fills the gap of how to be sure that the information about a Wi-Fi network is trustworthy before getting connected to it; as well as giving the user the possibility to ask for recommendations from their friends.

(37)

2.3.4.1 Signal Strength GAP

Existing systems have a selection process for Wi-Fi networks based solely on signal strength. This is a weakness because it does not take into account other important information for users.

So just based on the signal strength, the selection process does not take into account the trustworthiness of the hotspot based on real feedback from users.

2.3.4.2 Lack of Information GAP

In the real world, users might have to try several available Wi-Fi networks before finding a usable connection. Thus, this example shows the lack of information available on the Wi-Fi networks.

There is no way to know the past opinions of users who have used the Wi-Fi networks.

It is important to enable future users to know which Wi-Fi networks they can rely on, according to the opinions of users who have used these network access points. The process of involving users gives them the feeling that they are taking part in a larger community and that their points of view are important for the good of the community. This is a noteworthy difference because currently, the criteria taken into account are directly supplied by operators, which do not guarantee to the users a perfect transparency.

When a user finishes using a hotspot, it is important for that user to evaluate that hotspot. This evaluation must be available for future users of that hotspot to tell them the number of users who have evaluated the hotspot so future users know the attendance rate.

Our approach proposes that users will be allowed to rate the networks that they have used. For this reason, it is important to know whether or not the users of current systems that offer the user’s the ability to rate their network really participate in the evaluation process.

2.3.4.3 Cooperation GAP

At the moment there is no way for a user to ask for recommendations or information from other users about specific Wi-Fi networks. This lack of cooperation and communication is a bad thing because there is no good way to spread information about the selection of an AP. However, if users start cooperating

(38)

and communicating about Wi-Fi networks, this can be seen as a benefit to the owners of these Wi-Fi networks. For instance, owners of networks could obtain some revenue without physically spending time working at promoting their site, but through users accessing their networks and then writing positive reviews. As an example, JiWire allows users to do that with unique advertising opportunities that monetise its network of users [9]. So the more users that use the network, the bigger the audience and the more money it generates. Jiwire will encourage the owner of the Wi-Fi networks to act correctly.

2.3.4.4 Trust GAP

In some locations, it is not uncommon to have more than five potential Wi-Fi networks to connect to, but it is important to know which one is the most trustworthy based on past user experiences.

This information is essential to the user to avoid having to connect to all the individual APs to discover which one is trustworthy. It is important to add a subjective evaluation to APs; several APs have the same characteristics, so in order to distinguish them we need additional information i.e. past experiences of users. Thus, having this kind of data could help the user choose the most trustworthy AP. There are very few solutions using trust and reputation in order to assist the process of selecting an AP. Salem et al. [37] propose a reputation system to enable the user to choose the best hotspot and discourage wireless Internet service providers (WISPs) from providing a bad quality of service to the mobile nodes. However, there are no means set up in order to trust recommendations coming from friends or to trust information about Wi-Fi networks.

Although Wi-Fi networks have a widespread success, the problem is that these technologies do not match the everyday requirements or preferences of the end-users.

(39)