Table 5 An overview of trust strategies for a recommendation in the Application layer of IoT
From: Trust-based recommendation systems in Internet of Things: a systematic literature review
Reference | Advantages | Disadvantages | Evaluation technique | Evaluation environment |
|---|---|---|---|---|
Al-Hamadi and Chen [99] | Flexible to noisy data captured either intentionally or not Trust evaluation regarding location rating, rater and witness trust value For trustworthy decision takes data and source trust into account Customized information concerning user trust measures | There is a centralized cloud for trust rating and lacks a distributed cloud of IoT devices for storage and processing Poor decision accuracy due to disregarding SIoT attributes for P2P trust evaluation | NS3 simulation | |
Kounelis et al. [103] | Promoting trust in human–IoT relationship: enhancing agency through “Rights in Design" | No metric evaluation Usability (user expertise and previous knowledge) not implemented | SecKit: model-based security toolkit | (MQTT) message broker SecKit GUI |
Yan et al. [104] | Find open issues: Trust assessment disregards context awareness and trustor’s subjective approach Lacks a comprehensive trust management framework DPT for capability-constrained WSN Power efficiency makes trust management less energy-consuming | Not considered: Demands for trust in heterogeneous IoT Challenges on SMC and homomorphic encryption improvement Human privacy and processes confidentiality Hard to control cloud Difficult to achieve trustworthy data fusion Incomplete privacy preservation DTCT was not associated with other TM Immature SMC research HCTI is almost ignored | No simulation | |
Wang and Zhang [105] | Address IoT challenges: Lack of fully distributed, applicable security solution Few studies on privacy and anonymity Scalable and secure mobile trust | Lack of empirical evidence | No implementation | |
Suryani et al. [106] | Categorize trust metrics, types, methods, related attacks | No comparison to demonstrate methods applicability Lack of optimal resource utilization | No practical result on direct/indirect trust formulas | |
Mendoza and Kleinschmidt [107] | Despite 30% of malicious nodes, trust model’s performance is well Besides bad mouthing attack, may detect other attack types | Higher interval of trust table update, lowers anomaly detection time Frequent update results in higher traffic and more resources consumption Average time for assigning nodes a distrust is lower than trust | Unit Disk Graph Medium (UDGM) as radio model, ContikiMAC as radio duty cycle (RDC) protocol CSMA/CA (Carrier Sensor Multiple Access with Collision Avoidance) | Cooja simulator of the Contiki operation system Tmote sky nodes |
Chen et al. [108] | Assessing organizations’ reputation does not cost heavy load due to smaller number than nodes Avoid modification, replay and message dropping attacks and protect the integrity, authenticity originality and non-repudiation ORES well detect attacks in both scattered or dense dispersion of nodes | No investigation on badly behaved user and organization Skip over other types of attacks | Software-defined networking (SDN) technology | Not mentioned |
Margaris and Vassilakis [30] | Stop too cold or hot venues for the users’ likings or marginal arrival times Improved satisfaction and recommendation accuracy Incorporates any IoT-sourced species to suit domain needs | Not consider recommendation with a lower score than 5 out of 10 or didn’t pass with the highest rating No representative demographics A limited number of participants Not consider keywords and tags | Data extracted by Facebook Graph API and Tripadvisor | |
Guo et al. [109] | Aggregates trust according to belief theory or regression Combine social trust metrics validate the defense mechanism Applies scalability, mobility, the social interaction for trust evaluation Combines centralized cloud with trust propagation Real-world IoT applications | Deals between accuracy and energy consumption | No simulation | |
Bernabe et al. [28] | Considering security evidence copes with information vagueness Multidimensional approach Uses resilient and lightweight mechanisms Combined with DCapBAC access control | Rise in memory requirement by the number of devices to handle trust management Lack of a fully distributed approach Miss well-defined interoperable negotiation language | Android SDK Android Platform 2.3.3 (API level 10) | |
Kowshalya and Valarmathi [21] | Defys on–off selective forwarding threats Inspects vulnerabilities to identify and isolate untrustworthy nodes | Lack of participation opportunity for low trust nodes undermines all types of attack identification | Dataset from CRAWDAD NS3 SocNetV 1.9 | |
Mashal et al. [114] | Recommend third-party services SMHSR combination of SR, MPSO, and OBCF algorithms Servrank (SR): Solve sparsity with high accuracy and low assessment duration Independence of contextual information | No publicly available popular big database not depict sensor localization and mobility | TagRec | Lightweight RESTful platform |
Mashal et al. [113] | A formal model for the service recommendation in IoT | Still in beginning and in the data collection phase Hard to find a large-scale dataset | No simulation | |
Atzori et al. [49] | Guarantees the network navigability Associates things and social network Trustworthiness leverages degree of friends’ interaction Social networks models reused to address IoT | requiring continuous communication detects CLOR, CWOL, and SOR Reduce efficiency in resource discovery | Simulation in SWIM mobility simulator | |
Chen et al. [115] | Identifies that inherent limitations affect security and stability Timeliness tackles dynamic behavior in a distributed scenario Recommendation based on reputation or past performance, social transaction and energy | Lack of actual unstable secure network Not achieved mutual boosting in social relationship and access service recommendation | CRAWDAD data set | |
Lin and Dong [116] | Bilateral trust evaluation Infers Trust from historical task. Trust transited via intermediate node Update Trust with delegation effects Adjust trust with dynamic environments | Despite obtaining more trust than conservative, aggressive transitivity suffers from complexity and communication overhead | Radio Frequency for Consumer Electronics (RF4CE) IEEE 802.15.4, Zigbee | Facebook, Google+ and Twitter Texas Instruments’ Z-Stack (version 2.5.0) CC2530 chip social networks simulator not mentioned |
Nitti et al. [35] | Isolate malicious nodes Cope with dynamic behaviors Immunity against malicious nodes mistreating | An increased network traffic due to feedback information swap Lower credibility and malicious behavior on strongly relation nodes | Theoretical analysis | SWIM Brightkite dataset |
Fernandez-Gago et al. [123] | Consider trust, identity, and privacy Requirements Taking into account dynamicity and evolution | Lack of extension of a modeling language to represent trust requirements Disregard functional requirements in architecture | Not implemented | Scenario: Field Service Teams (FST) |
Ben Saied et al. [111] | Identifies a group of threats against the trustworthiness Proposes a proper partnership for cooperativeness Offers fine-tunes trust for erroneous witnesses | Trust level decreases the first time bad-mouthing threat occurs | Simulation by the TRM | |
Chabridon et al. [124] | Privacy and QoC: middleware solutions for context managers Confidentiality and QoC Choose QoC level is not easy QoC (change) is sensitive information | Not consider dynamicity and spatio-temporal condition of context-aware management | No simulation | |
Tang and Meersman [125] | Not limited in types of components (either software modules or physical smart object) Combine algorithms | Not evaluate usability Only recommends parts defined by domain ontologies | ORM/ORM2 OWL/RDF(s) | Java J2EE/Eclipse SDK SDT editor Collibra studio |
Chen et al. [112] | Minimizes trust bias Optimizes application performance Minimizes convergence time Minimum computation in the capacity-limited node for trust update | Only considered persistent attackers Only considered self-interest incentives | NS-3 network simulator | |
Ko et al. [29] | Improves recommendation accuracy in average precision by 28.87% Accuracy does not decrease by increasing data sparsity Overcomes data-sparsity problem | The tested dataset has lower sparsity than the actual one MCMLI is not scalable matrix Completion takes a lot of time Processing time rises exponentially by increasing the number of user/item | PREA recommendation algorithm toolkit | TripAdvisor and Yahoo! Movies datasets Eclipse Indigo Java EE Indigo SR2 and JDK 1.7.0_03 |
Chen et al. [126] | Good performance under a large density of malicious nodes Early discover nodes attitude alteration, produce desirable result on time-dependent attacks | For faster data transmission will substitute 5G with current IEEE802.11p Vehicles speed acceleration, cause more packet loss and let to drop precision and recall Drop in recall and precision due to high proportion of adversaries | Dempster–Shafer (D–S) theory IEEE 802.11p | NS2 Citymob mobility model SUMO |
Tormo et al. [129] | Quickly chooses proper trust and reputation The smooth and automatic transition between the reputation computation engines More accurate reputation values than traditional models of only one reputation computation engine | Reputation engines have weak accuracy for some time after activation Costly interchange among reputation engines regarding accuracy, without transition time | ROMEO: ReputatiOn Model Enhancing OpenID Simulator | |
Nguyen et al. [130] | Used for all situations without relying on historical experience or recommendations No dependency on third entities Trust values are consistent | Other pertinent factors environment-specific are not considered | Not mentioned | |
Ali et al. [131] | An automatic recommendation process Prediction accuracy and a precision rate of recommendation | Lack of irrelevant data filtering mechanism Deplete information retrieval of social network | T2FSs in MATLAB Protégé OWL 4.3 package reasoners: Pellet, Fact ++, Hermit “SWRLTab” | |
Mahmud et al. [132] | Less AECR rate depicts TMM anomaly identification ability Less energy consumption In data transmission | With 10 to 50% of adversaries, the throughput dropped due to malicious nodes disassociation in packet forwarding | Adhoc On-demand Distance Vector (AODV) routing protocol | NS2 |
Asiri and Miri [22] | guarantees better availability, no SPOF Conserves energy, adds the life span of battery devices, decreases maintenance expense, immediate response Lessens computation overhead for information transmission Protect against bad/good mouthing attacks | No implementation in reality | No simulation | |
Al-Turjman [33] | CCFF outperforms due to learning elements, searching data, fidelity increases data publisher by Decreasing loads puts services/resources close to users in the edge Replaces cached data according to fog and user obligation Substitutes unemployed data according utility task | Edge nodes security problems, susceptible to untrusted data | NS3: fog node implemented in Golang |