Introduction

Flying Ad hoc Networks (FANETs) have emerged as a revolutionary technology that enables unmanned aerial vehicles (UAVs) to form self-organizing networks for various applications, such as surveillance, disaster management, communication in remote areas, Aerial Photography and Videography, Search and Rescue, Agriculture and Crop Monitoring, and many more [1, 2]. Implementing a cluster oriented trust-based model to secure FANETs offers several practical advantages including Secure Communication by establishing and evaluating trust levels between nodes to identify and mitigate potential security threats, such as malicious nodes attempting to compromise communication integrity, Collaborative Mission Execution by fostering cooperation and preventing malicious entities from disrupting mission-critical tasks, and Dynamic Network Adaptability to adapt to changing conditions by dynamically adjusting trust levels based on the behavior of individual node. Resource optimization by allowing flying nodes to make informed decisions about sharing resources, Resilience against jamming, eavesdropping, node compromise attacks, Privacy Protection to consider privacy aspects, ensuring that sensitive information is not misused within the network and many more. FANETs offer unparalleled mobility and flexibility, allowing UAVs to operate in dynamic and challenging environments without relying on fixed infrastructure or centralized control. Figure 1 represents the Ground Control Station (GCS) unit functions as a ground-based hub, offering essential services and information to UAVs to support their communication [3]. It is imperative to maintain a continuous connection between at least one FANET node and the GCS to ensure uninterrupted service. The remaining UAVs can operate within the coverage area through UAV–UAV links established among themselves. These ground services encompass various specialized communication systems, including vehicle-to-vehicle communication, which are facilitated by the flying nodes. FANET nodes play a vital role in enabling communication between VANET nodes by connecting to the GCS and establishing links with Roadside Units (RSUs) or other vehicles (V2V) to exchange messages [4]. Direct connection between the UAV and the GCS generally lacks robustness compared to satellite communication which ensures reliable UAV–UAV communication. However, satellite communication entails drawbacks such as high transmission latency and additional management costs. Furthermore, the availability of infrastructure for cellular connectivity is crucial in each location to facilitate UAV transmission signals [5, 6].

Fig. 1
figure 1

FANET communication layout

Full size image

In the foreseeable future, the domain of UAVs communication will assume a momentous role in facilitating a diverse array of tasks. We have already witnessed the substantial contribution of drones in activities such as lockdown monitoring during the COVID-19 pandemic. However, the unique characteristics of FANETs also bring forth significant security concerns [7]. With the enhancement in the humans dependency on UAVs network, there arises the necessity to augment the security measures deployed within these networks. The decentralized and dynamic nature of FANETs make them vulnerable to malicious activities by flying nodes within the network. Malicious nodes can engage in various harmful behaviors, including unauthorized access, node misbehavior, denial of service attacks, node impersonation, Man-in-the-Middle (MitM) attack, and information disclosures [8, 9]. These security threats pose serious risks to the integrity, availability, and confidentiality of the network. Securing FANETs against malicious nodes is crucial to ensure the reliable and safe operation of these networks in critical applications. Issue to consider the nodes being unable to prove their trustworthiness due to uncertain factors like failure of hardware or software at run-time or by link interruptions during mobility is still open for research [10]. The Trust-Based Clustering Scheme (TBCS), employing a fuzzy methodology, categorizes node behavior using the Takagi–Sugeno–Kang fuzzy inference method for coordination challenges, emphasizing their impact on security and data transmission. Despite its intricate model causing computational demands for trust estimation, TBCS dynamically updates communication mechanisms for node isolation, while a streamlined approach for cluster head selection could enhance simplicity [11]. Performance, assessed for metrics such as packet delivery, delay, energy use, throughput, and time complexity, assumes uniform node transmission power, overlooking potential impacts from node heterogeneity or mobility on security efficiency using whale optimization for link state routing to bolster network security [12]. An adaptive trust-based authentication scheme, emphasizing high-trust node selection to address dynamic topology challenges by prioritizing node energy consumption for communication security. The method lacks consideration for crucial factors like latency, impacting the pursuit of an efficient and reliable security solution [13]. Security challenges like transmission overhead and malicious nodes through a trust-oriented, peered customized mechanism are addressed in [14]. However, the approach assumes perfect channel knowledge, overlooking the impact of node failures or network partitioning on security analysis, and lacks consideration for false node isolation crucial for efficiency. Addressing the challenge of dual cyber-attacks on nonlinear semi-linear parabolic partial differential equation systems, incorporating innovative solutions involving the Takagi–Sugeno fuzzy model to construct linear systems and design filters, ensuring system stability and filter parameter optimization using Lyapunov method [15]. Exploring event-triggered state defense estimation for reaction–diffusion neural networks under DoS attacks. A novel event-triggered strategy ensuring efficient management and mitigation of attacks is proposed demonstrating exponential stability through Lyapunov Krasovskii functional method [16]. Introducing resource utilization for security, a event control algorithm and space-sampled data scheme using Lyapunov method, Halanay’s inequalities, and pinning control, the approach achieves bipartite synchronization in target neural networks with advanced control algorithms for cooperative–competitive dynamics [17].

Existing security mechanisms, such as encryption, authentication, and intrusion detection, have limitations in performance due to the high speed and mobility, limited computational resources like battery life, storage, communication challenges due variable environmental conditions, lack of fixed network topologies, and others. These limitations hinder real-time applications and services and necessitate the development of novel security solutions specifically tailored to FANETs. Motivation behind proposed SCSF for FANET security system based on trust models is paramount for ensuring the reliability, efficiency, and security of UAV operations as it not only safeguards communication and collaboration among UAVs but also contributes to the successful implementation of FANETs in real-world applications, ranging from surveillance and monitoring to disaster response and infrastructure inspection.

In this research paper, we introduce a novel methodology SCSF that combines fuzzy logic-based trust evaluation for both the cluster and individual nodes for high accuracy to quickly identify the malicious nodes. The research incorporates security enhancement enabling the maximum chances to each node before finalization of their trust. SCSF is also addressing previously unexplored issue of trust reconfiguration for updating network trustworthiness to cover the nodes whose trust could not be proven due to network or some other run-time errors based on explained previous trust analysis approaches. Optimized node classification and identification method for effectively differentiating productive nodes from non-productive ones that goes beyond the previous research. Proposed study uniquely defines a measure called cluster confidence (C) to enhance the safety of information routing by increasing the overall trustworthiness of the network. Weight vector defines the proportion of the network’s taken-in parameters to proposed Fuzzy Model based on the availability of resources and network capabilities. Real-world applicability of our findings by isolating malicious nodes attempting to compromise communication integrity, collaborative mission execution by fostering cooperation, adaptability to changing conditions by dynamically adjusting trust levels based on the behavior of individual node, and further the recourse optimization by allowing flying nodes to make informed decisions about sharing resources. Proposed SCSF bridging gaps between sensor and ad hoc networks to high-speed mobility without infrastructure support. Novel algorithms supporting the idea behind SCSF are demonstrated through simulation and outcomes demonstrate a comparison between the effectiveness of the proposed methodology and state-of-the-art techniques.

The main contributions of the paper are:

  1. 1.

    Designing of mathematical model including the expressions for evaluation of network behavior.

  2. 2.

    Designing novel algorithms for cluster formation, member allocation, and resolving multiple cluster ambiguity to a nodes.

  3. 3.

    Development of a novel fuzzy-based trust estimation model to compute node and cluster trust.

  4. 4.

    Designing of novel algorithm and development of trust reconfiguration model for updated network trustworthiness to cover the nodes whose trust could not be proven due to network or some other run-time errors by assigning chance based on previous trust.

  5. 5.

    An optimized node classification and identification method to accurately differentiating productive nodes from non-productive ones. Additionally, this method effectively identifies and isolates malicious nodes within the cluster, thereby removing them from the network.

  6. 6.

    Applicability of the proposed algorithms is demonstrated through simulations conducted with different numbers of malicious nodes and time variations. Experimental results shown comparing the performance of the proposed approach with the state-of-the-art methods in terms of decision metrics.

The subsequent sections of this paper are organized as follows: “Related work” section offers an overview of the literature and related research conducted in the field. “Proposed: SCFS” section elaborates on the principles and methodology underlying the proposed approach. In “Performance analysis” section, a comprehensive analysis is presented, examining the performance of the proposed method focuses on variable decision metrics. Finally, “Discussion” section serves as the conclusion and proposing potential possibilities for future research.

Related work

Security in the context of Flying Ad Hoc Networks (FANETs) encompasses a range of vital aspects, including authentication, integrity, confidentiality, privacy, identity anonymity, availability, timeliness, and self-stabilization. Given the widespread utilization of FANETs across various services, particularly in military operations reliant on UAVs, the vulnerability to attacks poses significant risks and potential losses. These attacks can be broadly categorized into two types: source and target attacks. Source attacks may originate from internal or external sources within the network. Internal attackers, being network members, possess a profound understanding of the network and its vulnerabilities. On the other hand, external attackers masquerade as network members despite not being part of the network. Target attacks involve malicious nodes targeting specific network elements. These attacks, regardless of their category, jeopardize the integrity, availability, and confidentiality of the operational network, resulting in data manipulation, hardware and software malfunctions, denial of services, packet dropping, delays, and energy depletion. Figure 2 provides an illustration of fundamental security models employed in flying ad hoc networks.

Fig. 2
figure 2

Security mechanism taxonomy: FANET

Full size image

In recent years, numerous techniques have been proposed to enhance the reliability and stability of FANET by strengthening its security measures. This section includes the related works in past to enhance the security from malicious nodes in flying ad hoc network. Zhang et al. [18] focus on enhancing the physical security of UAV communication through trajectory optimization techniques. They employ an iterative approach to address a non-convex and non-smooth problem. Their main emphasis is on optimizing two parameters: the transmit power of UAVs and their trajectories. Each parameter is optimized alternately while keeping the other fixed. Gupta et al. [19] adopt a different methodology to increment or decrement the trust of nodes and address message modification in flying ad hoc networks. They utilize a dual detection scheme, first computing the dropped packet information and then examining message modification. Based on these factors, a trust model computes the trust of nodes. When the trust of a particular node falls below a certain threshold, it is declared malicious. Pandey et al. [20] propose a cuttlefish optimization-based clustering algorithm (COCA) to address challenges related to flying time and inefficient routing caused by the high velocity in FANETs. This clustering algorithm aims to solve these issues, as previous bio-inspired optimization algorithms like CLPSO, CAVDO, and ECRNET could not address all optimization problems. Sharma et al. [21] utilize a trust value to assess the trustworthiness of nodes. This trust value determines whether a node should be utilized for communication or specific tasks. The trust value ranges from 0 to 1, and the trust of a node increases by 0.001 when it successfully forwards an information packet to the source. Conversely, the trust decreases by the same factor if it fails to do so. However, this methodology does not establish a process for handling modified and forwarded packets. Singh et al. [22] perform trust evaluation for each node to detect selfish behavior, such as not forwarding a packet toward its destination due to limited or insufficient remaining power. The node prioritizes saving energy for itself. In such cases, the node may not be inherently malicious, but its selfish behavior needs to be identified for efficient communication. Trust is evaluated using parameters, such as the node’s energy, signal strength, packet delivery ratio (PDR), and transmission delay. This approach is compared with two other models, resulting in improved validity and calculation of the producer. In the proposed model, the Friend Score (FS) is evaluated by multiplying Trust and Link Duration (LD), and the resulting FS value is compared with the threshold value of the friend score. Singh et al. [23] compare various trust management techniques based on parameters, such as complexity, dynamicity, scalability, and security. Their article encompasses five fundamental stages of trust management: trust composition, trust formation, computation trust, trust propagation, and trust updating. The steps for trust management include trust initialization, followed by evidence space and trust space, and ultimately decision-making. Barka et al. [24] propose a model to identify whether the suspicious behavior of a node is due to it being genuinely selfish/malicious or caused by other factors, such as buffer space, energy, or mobility patterns. The model demonstrates a low error ratio and high detection accuracy compared to RPM, CA-Trust, and T-CLAIDS. Barka et al. [25] employ an approach that avoids checking the validity of content/data at every node, which is time and energy-consuming. Zardari et al. [26] proposed a model to identify attacks by malicious nodes, which are primarily categorized as black hole and gray hole attacks. Black hole attacks involve the complete dropping of packets and can be executed by a single node, multiple nodes, or through collaborative attacks. On the other hand, gray hole attacks are partial drop packet attacks. The proposed model applies a dual identification technique to detect both black and gray attacks simultaneously. It demonstrated good performance compared to AODV, LID-ADOV, and HPSO-GA. However, the model’s performance may be affected by routing overhead. Condomines et al. [27] developed a hybrid intrusion detection system for flying ad hoc networks. This model has the capability to analyze spectral traffic and detect malicious activity promptly, even in the presence of false information. The authors focused on various threats, such as jamming, flash attacks, worms, and others to address security concerns. Khan et al. [28] employed the certificateless key-encapsulated signcryption (CL-KESC) scheme, based on certificateless public key cryptography (CL-PKC), to enhance security in FANET. Previous models were computationally expensive for small UAVs. Therefore, a new construction model of CL-KESC based on hyper elliptic curve cryptography (HECC) was proposed. HECC is an advanced version of elliptic curve cryptography characterized by smaller parameters and size. FANET applications often involve real-time scenarios where users demand timely information. The proposed model was compared with the models of Zhou et al. [29], Won et al. [30], Seo et al. [31], Liu et al. [32], Reddy et al. [33], and Xiong et al. [34] in terms of computational cost, communication cost, and security functionalities. The proposed model demonstrated better adaptability, accuracy, and performance. Bacanin et al. [35] introduced a solution for the NP-Hard problem, employing a wireless sensor network to address the energy-efficient clustering problem using bat algorithm. Mohan et al. [36] proposed the IMCMR-UWSN methodology, employing the chaotic krill head algorithm for the route optimization and selection of cluster heads employing the self-adaptive glow worm swarm optimization algorithm. Bacanin et al. [37] address the localization challenge by identifying unknown nodes as information transmission targets within a wireless sensor network considering arrival time and position angle through the integration of a quasi-reflected-based learning algorithm within the framework of a swarm intelligence approach. Mann et al. [38] introduced an enhanced version of the artificial bee colony, surpassing the capabilities of the original artificial bee model with heightened exploitation capabilities considering enhancements in the population sampling technique, incorporating Student’s t-distribution. Mann et al. [39] introduced the BeeCluster protocol for optimal energy and maintaining equilibrium between exploration and exploitation search capabilities while imposing minimal memory demands. Zivkovic et al. [40] tackle the task of maximizing network lifetime through the utilization of the firefly technique integrated with clustering algorithms for harmonious equilibrium in node energy, thereby enhancing overall energy consumption efficiency.

As the network needs to handle a large amount of data by an increasing number of flying nodes day by day, there are several open issues related to security in flying ad hoc networks that have been the focus of ongoing research. These issues include scalability, reliability, privacy, service quality, and attack prevention.

Proposed: SCFS

Cluster setup

A strategy has been implemented to safeguard flying ad hoc networks against malicious and selfish nodes that disrupt message communication and transmission among UAVs. These troublesome nodes not only manipulate the information passing through them but also interfere with the communication among other nodes. Such behavior can have detrimental effects on the network and its well-behaved nodes. The proposed solution involves promptly identifying and eliminating these malicious nodes from the network. The suggested method calculates the collaborative trust of nodes by utilizing a cluster-based approach, where a group of network nodes is guided by an observer node. Based on parameters, such as cooperative trust, distance, or range, an observer node will be designated from among the nodes. This observer node will act as the cluster head and be responsible for overseeing its members. Algorithms has been defined further ahead to allocate the cluster observer and members. Figure 3 illustrates the representation of flying ad hoc network’s clusters and members.

Fig. 3
figure 3

Cluster organization

Full size image

The network structure is established through the definition of clusters and observers as in 1 and 2

$$\begin{aligned}{} & {} [Cn \equiv On] \hspace{.1in}\text {such that} \hspace{.1in}n \in \{1,2,3\ldots N\} \end{aligned}$$
(1)
$$\begin{aligned}{} & {} [M1, M2, M3,\ldots Mm] \in [Cn] \hspace{.1in}\nonumber \\{} & {} \qquad \text {where}\hspace{.1in}[m\hspace{.1in}\textrm{members}] \in [n\textrm{th}\hspace{.1in}\textrm{cluster}]. \end{aligned}$$
(2)

The observer of a specific cluster is denoted by a green marker, while the corresponding cluster boundaries are depicted in blue color. In some cases, members may be shared by multiple observers, as shown in the scenario with members M1 and M2. M1 receives signals from both O1 and O2, while M2 receives signals from O1, O2, and O3. However, these multiple cluster member nodes can only be controlled by one specific cluster observer among several observers. It is essential for the network to maintain at least one node connected to the Ground Control Station (GCS) at all times. Due to their direct connectivity, observers of clusters 1, 2, and 3 can directly communicate and exchange information with each other. Information, such as cluster records, node information vectors, cluster information tables, and other data, can be transferred between O1 and O4, or vice versa, either through observer-to-observer communication or observer-to-node communication. Alternatively, another communication method may be utilized based on the specific requirements of the moment. The link shown between the GCS and the Road Side Unit (RSU) facilitates the extension of transmission capabilities from Flying Ad Hoc Networks to Vehicular Ad Hoc Networks (VANET) and other fixed or mobile networks. Figure 4 illustrates the workflow of SCFS, for the final trust calculation based on the chances offered and other criteria to create an effective flying communication.

Fig. 4
figure 4

SCFS: work flow

Full size image

Cluster record and information vector

The Cluster Records (CR) consist of Node Information Vector (NIV) matrices for the neighboring nodes within a 1-hop range, along with various communication parameter values at an observer node of a specific cluster. These records are regularly updated to ensure accurate and timely information. The CR contains factors used to classify nodes as cooperative or non-cooperative, contributing to the overall network trust assessment. Additionally, these records are periodically exchanged among cluster observers to enhance secure transmission in FANET. The structure of CR and its corresponding NIV is depicted in Fig. 5. The NIV parameters {PDRNEDSNTDVDM} represent packet delivery ratio, node energy, network stay time, transmission latency, node speed, and direction of motion, respectively. These variables form the fundamental attributes of a flying node and play a crucial role in trust computation to enhance network reliability

$$\begin{aligned} r_{CR[k]}[\hspace{.05in}] = \bigg (\frac{CR_k[\hspace{.05in}]}{|Det(CR_k[\hspace{.05in}]|}\bigg ). \end{aligned}$$
(3)

The computation for node trust and analysis has begun as a result of the parameter values that the cluster observer CR[ ] has received. To assist the accurate computation of trust, a procedure is initially started to scale the cluster records \(r_{CR}\)[ ] to keep all of the values for the node information vector in the range from 0 to 1 [41].

Fig. 5
figure 5

Cluster record and node information vector

Full size image

Equation 3 illustrates the reduced matrix of parameter values for the \(K^{th}\) cluster.

Fuzzy model for trust estimation

This provides a comprehensive framework for understanding and analyzing the trust dynamics within a network, shedding light on the factors influencing trust formation and evolution among network entities. The trust evaluation fuzzy model is proposed in this subsection for assessing trustworthiness of network and shown in Fig. 6. An allocated weight vector WV is used to define the proportion of the network’s taken-in parameters is deployed on reduced cluster records. Based on the resources and network capabilities available, weighted incidence varies from region to region. The weighted average of all the factors to be evaluated must be equal to one to evaluate the effective trust. Weight vector WV for q parameters having defined weight value \(w_q\) in cluster kth and weight \(w_q\) is correlated with qth column field of reduced records of cluster as in 4

Fig. 6
figure 6

Fuzzy trust estimation

Full size image
$$\begin{aligned} WV_k[\hspace{.05in}]= \begin{pmatrix} w_1 \\ w_2\\ w_3 \\ \vdots \\ \vdots \\ \vdots \\ w_q\\ \end{pmatrix}: \left( \sum _{q=1}{k}[w_q] \right) = 1. \end{aligned}$$
(4)

Subsequently, a Trust Vector TV[] is generated, holding the measured trustworthiness for every node at cluster. Computed trust for cluster k using matrix vector product rule is shown in 5. For n such nodes in cluster k, generalized trust vector matrix is represent by \(TV_{nk}\)TV[] and expressed in 6. Finally, using the weight vector and cluster record, the cooperative trust for network is given by 7.

The trustworthiness evaluation of each cluster node is accompanied by providing opportunities for nodes to reinforce their existing trust levels. These opportunities arise from instances where unexpected challenges, such as a dead battery, work disruptions, power loss, or other run-time issues, occur less frequently. A record of these opportunities is maintained in the Chance Information Table (CIT[]) at the observer node (O). The CIT[] captures node trust information from a trust vector and undergoes updates at regular intervals (t time units). The attributes associated with the nth member node of cluster k are specified in 8. Each FANET node is assigned a unique identity (\(Node\_ID1\)), which remains unchanged throughout its time within the cluster. \(Node\_ID2\) represents an additional secondary identity assigned by the observer when the node joins the cluster. This secondary identity is valid only within the issuing cluster and is superseded by a new identity when the node switches clusters due to motion. The variable T denotes the updated trust of node n with respect to the chance (Ch)

$$\begin{aligned} TV_k[\hspace{.05in}]=\big [ (r_{CR[k]})[\hspace{.05in}]\cdot (WV_k[\hspace{.05in}]) \big ] \end{aligned}$$
(5)
$$\begin{aligned}{} & {} \quad TV_{nk}[\hspace{.05in}]= \begin{Bmatrix} \begin{bmatrix} PDR_{11} \\ PDR_{21} \\ PDR_{31} \\ \vdots \\ \vdots \\ \vdots \\ PDR_{n1} \\ \end{bmatrix} + \begin{bmatrix} N_{E_{11}} \\ N_{E_{21}} \\ N_{E_{31}} \\ \vdots \\ \vdots \\ \vdots \\ N_{E_{31}}\\ \end{bmatrix} + \begin{bmatrix} DSN_{11} \\ DSN_{21} \\ DSN_{31} \\ \vdots \\ \vdots \\ \vdots \\ DSN_{n1}\\ \end{bmatrix} + \begin{bmatrix} TD_{11} \\ TD_{21} \\ TD_{31} \\ \vdots \\ \vdots \\ \vdots \\ TD_{n1} \\ \end{bmatrix} + \begin{bmatrix} V_{11} \\ V_{21} \\ V_{31} \\ \vdots \\ \vdots \\ \vdots \\ V_{n1}\\ \end{bmatrix} + \begin{bmatrix} DM_{11} \\ DM_{21} \\ DM_{31} \\ \vdots \\ \vdots \\ \vdots \\ DM_{n1}\\ \end{bmatrix} \end{Bmatrix} * \begin{bmatrix} w_1 \\ w_2 \\ w_3 \\ \vdots \\ \vdots \\ \vdots \\ w_q \\ \end{bmatrix} \end{aligned}$$
(6)
$$\begin{aligned}{} & {} \quad N_{TRUST} = \int _{1}^{k} \int _{1}^{n} \Big [ (r_{CR[k]}[n])[\hspace{.05in}]\cdot (WV_k[n]) \Big ] \end{aligned}$$
(7)
$$\begin{aligned}{} & {} \quad CIT_k[node]=\big \{Node\_ID1_n, Node\_ID2_n, T_n, Ch_n \big \} \nonumber \\{} & {} \text {where node} \in [1\hspace{.05in} to \hspace{.05in}n]. \end{aligned}$$
(8)

Cluster formation

The provided Algorithm 1 outlines the process of cluster formation. The final determination of the cluster head among multiple nodes with comparable trust levels is based on the evaluation of significant weighted parameter values prior to the expiration of the timer. Observer nodes, throughout their tenure in the cluster, diligently observe and track the activities of member nodes by consistently updating the node information vector.

Algorithm 1
figure a

Cluster creation

Full size image

The subsequent function for member allocation delineates the procedure of assigning nodes to particular clusters. Nodes are required to be under the governance of a single cluster head at any given time, even when receiving invitations from multiple observers belonging to different clusters. To resolve this ambiguity, the node’s signal strength is thoroughly evaluated across numerous assessments, ensuring that it joins the cluster of observers exhibiting the highest signal strength. This approach eliminates any confusion and ensures the node’s proper integration into the most robust cluster.

Algorithm 2
figure b

Cluster joining request by node

Full size image
Algorithm 3
figure c

Cluster member approval by observer

Full size image

Trust reconfiguration model

Moreover, in this subsection, we present a strategy aimed at improving system performance and expediting the categorization process of cooperative nodes. Swift and proactive identification and elimination of nodes that pose a threat to the network will significantly enhance overall performance. Before reaching the final determination of node trust, we outline the procedure for further refining the trust vector using a recommended credit or debit belief system. This involves augmenting the trust through a defined trust factor (tf) for nodes that either maintain or increase their trust value compared to the previous chance. Conversely, nodes that fail to meet this criterion experience a reduction in trust by the same factor. The strategy aims to penalize nodes that fail to uphold or enhance their current state, while rewarding those that do. The size of the network, the number of clusters, the locations, and other relevant parameters may influence the alteration of the chance counter. The selected maximum chance value will impact the solution metrics, as well as the development of trust over time. Within this framework, the ground controller station will determine the maximum chances for each cluster. The final trust value (\(T_n\)) for cooperative node n, considering the maximum chances (\(max_{Ch}\)) in the cluster, is defined in 9, and the procedure for modifying the node’s trust (\(T_n\)) is presented in the trust reconfiguration procedure

$$\begin{aligned}{} & {} when; \{Ch == max_{Ch} \} \implies \Big \{ CIT[T_n]\nonumber \\{} & {} \qquad \xrightarrow {\text {yields}} final(T_n) \Big \}. \end{aligned}$$
(9)

Furthermore, in this study, an additional measure called cluster confidence (C) is computed based on the trust levels of individual nodes. This measure aims to simplify and enhance the safety of information routing by increasing the overall trustworthiness of the network for end users. Nodes are categorized as normal, selfish, or false based on their individual trust values. The cluster confidence is determined by the number of legitimate, selfish, and fraudulent nodes present in the kth cluster, representing the cumulative trust of each node at the end of the decision process. Nodes (m) whose parameter values are not received by the observer are excluded from the computation of cluster confidence. Hence, the total number of productive nodes (\(\lambda \)) is considered for computing C. Within a cluster of nodes (n), an observer node (\(O \in n\)) is selected using the observer selection function. Only observer nodes have the ability to assess the cluster trust. The mathematical formulation for productive nodes and cluster trust is provided in 10.

$$\begin{aligned}{} & {} {\text {Productive Nodes}} (\lambda )=[n-m] \ \text {and} \ C_k\nonumber \\{} & {} \quad =[T_1 + T_2 + T_3 + \cdots + T_{\lambda }]. \end{aligned}$$
(10)

The calculation of the dynamic node trust DNT of a cluster involves considering the productive nodes that have a trust value greater than or equal to the defined cooperation threshold. These nodes contribute to the overall trust of the cluster at a specific moment in time. The function defined in 11 provides the variation in the approach within a given interval of time

$$\begin{aligned} {DNT}(n) \rightarrow f(n)=\int _{1}^{n-m} (\lambda )*([T_1 + T_2 + T_3 + \cdots ]. \nonumber \\ \end{aligned}$$
(11)

Cluster trust applicability

The cluster trust can be effectively utilized to enhance various aspects of the network’s performance, including security and other related features. By employing dynamic routing techniques, the cluster trust can play a crucial role in determining a reliable and cost-effective path when there are multiple routes available between the source and destination. This flexibility in route selection involves giving preference to nodes belonging to higher trust clusters over lower trust clusters, thereby ensuring efficient delivery of data packets. Furthermore, the evaluation of a cluster’s overall performance can be facilitated by leveraging the cluster trust. This evaluation process can involve assigning ranks or grades to specific clusters, thereby providing valuable insights into their effectiveness. This highlights the importance of information prioritization and the allocation of maximum chances during the trust modification process. Additionally, information originating from observers belonging to higher ranked clusters holds greater validation at the Ground Control Station compared to observers from lower ranked clusters. Figure 7 showcases some practical scenarios where these concepts and strategies are employed, further emphasizing their significance in optimizing network performance.

Algorithm 4
figure d

Trust reconfiguration

Full size image
Fig. 7
figure 7

Cluster trust functionality

Full size image
Table 1 Classification directed by node dynamic trust
Full size table

Nodes classification

With the implementation of fuzzy-based cluster approach, the utilization of nodes for information processing and other operations can be significantly reduced. In addition to identifying false or selfish nodes, it is beneficial to further classify nodes into specific types. This segmentation plays a crucial role in ensuring the overall validation of information, especially in scenarios involving repeated data reception. The hierarchical arrangement of nodes, ranging from highly trusted to doubtful, proves advantageous in various network services and applications. By categorizing nodes into highly trusted, trustworthy, and suspicious groups through an extensive assessment, a threshold (Th) is established to determine the final level of trust. The specific criteria for setting this threshold may vary based on network resources, location, or other influencing factors. Table 1 provides the threshold factors applied to nodes within the dynamic cooperative clusters, considering distinct trust scales. The trust range between 0 and 1 is a common convention in various trust models, and it aligns with the concept of probability or certainty. In this context, a trust value of 0 typically indicates complete lack of trust, while a trust value of 1 indicates complete trust or certainty. The decision to use a range between 0 and 1 is often driven by the desire to express trust in a quantifiable and normalized manner. The specific interpretation of trust values within this range for SCSF trust model design is represented in Table 1 where a trust value of 0.7 or more indicates a high level of node trust, while the less than 0.4 puts the same in doubtful category in the proposed model. In the event that a node reaches its maximum chances and is categorized as anything other than a self-serving or false node, the process continues by resetting the node’s chances to 1.

Nodes’ identification

Nodes that exhibit false or self-serving behavior should be promptly eliminated from the network by disseminating their identification and status to all other nodes within clusters, ensuring their avoidance in the future. It is crucial to identify and classify these nodes as false or selfish prior to their information being incorporated into the network. This approach of distinguishing between selfish and false nodes can be employed in various contexts, such as adjusting the weight of parameters in network trust computation. By assuming a continuity theory of trust across all chances, the categorization of these nodes can be carried out without adversely affecting the system. In the proposed method, if the confidence consistently diminishes across all chances, it can be inferred that the node is likely to be false. Conversely, if the trust fluctuates, both increasing and decreasing throughout the chances from 1 to the maximum, it can be deduced that the node is selfish, exhibiting alternating normal and abnormal behavior driven by its self-centered transmission tendencies. Figure 8 provides a representation of node classification and identification based on the derived trust values.

Fig. 8
figure 8

Classification and identification of nodes

Full size image

Performance analysis

This section, along with its subsequent subsections, comprises various components and configurations that are essential for accurately representing the operational environment of UAVs. It includes the setup of simulated UAVs, their communication infrastructure, network topology, and the deployment of relevant protocols and algorithms. Furthermore, specific parameters and metrics are defined to evaluate the performance and effectiveness of the proposed technique within the simulation environment aimed at enhancing secure communication in UAVs.

Simulation organization

The simulation configuration is established to conduct a comparative analysis between the proposed technique and two other state-of-art models, namely FTrust [22] and COI-HiTrust [42], for analysis of improvement in security. Omnetpp is utilized as the simulation platform for this purpose. The network scenario consists of 200 flying nodes, and varying numbers of malicious and selfish nodes ranging from 5 to 50 and 2 to 10, respectively, are introduced at specific time intervals to evaluate the performance metrics, as described in subsequent sections. The simulation parameters used in this study are presented in Table 2.

Table 2 Simulation parameters
Full size table
Table 3 Considered cases for cluster excellence analysis
Full size table
Fig. 9
figure 9

Superiority analysis of SCSF clustering for Case 1

Full size image

Competency of clustering over non-clustered method by evaluating various metrics outcomes for decided number of clusters is shown in Figs. 9a–d and 10a–d, respectively. Table 3 represents the considered cases to evaluate and demonstrate the same.

Fig. 10
figure 10

Superiority analysis of SCSF clustering for Case 2

Full size image

Assessment metrics

In this subsection, we present the evaluation metrics utilized to compare and assess the performance of the proposed system in comparison to other techniques. The selection of parameters for SCSF can significantly impact the effectiveness and efficiency of the security solution. General consideration for better performance includes parameters understanding related to clustering, fuzzy logic, and trust computation. Systematic literature reviewed to identify recommended values or ranges for similar parameters in existing trust models. Further, experiments using simulation tools for SCSF conducted to evaluate the performance of the trust model under various parameter configurations. Additionally, the performance for proposed method is measured with different network sizes for assess scalability to ensure that the parameters can adapt to the varying number of nodes while maintaining security and performance. With the mentioned criteria for parameters setup, we are considering rate of message drop, throughput, delay, and degree of exposure to evaluate the proposed approach SCSF. Drop rate is a crucial indicator as it reflects the reliability of data delivery. Monitoring drop rate allows us to assess the network’s ability to maintain connectivity and recover from link disruptions. For evaluating the efficiency of data transfer within the network throughput is a fundamental metric for given bandwidth constraints and the need for timely information exchange. Further, the delay parameter is essential especially in applications requiring real-time communication such as surveillance or collaborative missions where timely information is must. Finally, the degree of exposure is a key performance indicator as it assesses the extent to which the network can effectively cover a given geographical area. These selected indicators collectively provide a comprehensive assessment of the SCSF performance. These metrics focus on measuring the performance in terms of the number of transmitted bits (B) within a specific time period (t) across multiple simulations (n). Following provides a detailed description of the metrics used for performance evaluation.

Rate of message drop(\(\eta \)) This metric employed to assess the performance of the system and defined as the proportion of transmitted packets from the source that fail to reach their intended destination nodes, as in 12. A lower the \(\eta \) indicates a higher level of security in the flying ad hoc network, as it signifies a reduced impact of malicious nodes on the packet delivery process.

$$\begin{aligned} \eta _\textrm{Avg}= \sum _{\textrm{run}=1}^{n} \left\{ \left( \frac{B-B'(\textrm{Received}_{\textrm{packets}})}{B}\right) * 100 \right\} \Big / n \nonumber \\ \end{aligned}$$
(12)

Throughput(Th) This is defined as the measure of the effective data transfer rate (amount of bits) or the amount of secure data successfully transmitted and received within the network over a specific period of time as in 13. It represents the efficiency and resilience of the network in maintaining secure communication while mitigating the impact of malicious nodes. More this reflects the high FANET security to data and other service, hence maintain the service quality

$$\begin{aligned} Th= \sum _{\textrm{run}=1}^{n} \left\{ \left( \frac{\textrm{Delivered}_{\textrm{Bits}}(\textrm{Destination}_{\textrm{Network}})}{\textrm{Transmitted}_\textrm{Bits}(\textrm{Source})}\right) \right\} . \nonumber \\ \end{aligned}$$
(13)

Delay(\(\Gamma \)) In the realm of security from malicious nodes, the delay metric is defined as the measure of the time taken for a data packet to traverse the network from the source node to the destination node while considering the impact of security mechanisms and countermeasures implemented to protect against malicious activities and is influenced by several factors, including the computational overhead, the efficiency of routing algorithms in identifying secure and reliable paths, and the latency introduced malicious nodes or by security mechanisms such as intrusion detection and response. For the total time (T) taken by M messages in n runs to reach the destination is defined in 14. High the delay indicates a longer duration for data packets to reach their intended destinations and can be caused due to malicious activities

$$\begin{aligned} \Gamma = \sum _{{\text {run}}=1, {\text {message}}=1}^{n, M} (T_{nM}) \Big / \sum _{{\text {run}}=1}^{n} {T_n}. \end{aligned}$$
(14)

Degree of exposure (\(\alpha \)) This is defined as the measure of the extent to which the network is effectively covered and monitored, taking into consideration the presence of potential threats posed by malicious nodes and reflects the spatial distribution and density of monitoring nodes or observers throughout the network. A high network coverage metric signifies that the airspace is well monitored, with an adequate number of observers strategically positioned to detect and mitigate potential threats from malicious nodes. It demonstrates the network’s ability to effectively identify and respond to security incidents, minimizing the risk of successful malicious attacks. Equation 15 presents the ratio of nodes within a cluster that are accessible or inaccessible for communication, relative to the total number of nodes that received messages from the source. This metric quantifies the availability of nodes within the cluster, indicating the proportion of nodes that can actively engage in communication compared to the overall number of nodes that received messages

$$\begin{aligned} \alpha _{\text {Avg}} =\frac{\left[ \sum _{{\text {run}}=1, {\text {message}}=1}^{n, M} \left( \frac{N_{nM}}{N_n}\right) \right] }{{\text {Total number of nodes in cluster}}}. \end{aligned}$$
(15)

Simulation results

Simulation results obtained in the research demonstrate the effectiveness of the proposed algorithm in this section. Through extensive simulations and experimentation, the performance of the system was evaluated in various scenarios. To assess the network’s security and analyze its behavior, we conducted Experiment 1 by introducing a specific number of malicious nodes and forming a predetermined number of clusters. Our aim was to evaluate the trust within each cluster and subsequently evaluate the overall network trust. We limited the injection of malicious nodes to a maximum of 50, distributed across a minimum of 1 and maximum of 10 clusters. The results, as depicted in Fig. 11, clearly demonstrate the efficiency of the proposed algorithms. It exhibits improved trust levels nearly to 1 in the presence of increasing malicious nodes, by effectively detecting and eliminating them from the network. Furthermore, the trust also improves with an increase in the number of clusters, highlighting the positive impact of enhanced communication facilitated by a larger cluster count.

Fig. 11
figure 11

Output of Experiment 1: cluster trust evaluation

Full size image

Experiment 2 was conducted to provide a comprehensive assessment of the performance of the proposed SCSF mechanism. In this experiment, we injected varying combinations of maximum and minimum numbers of both malicious [50 and 5] and selfish nodes [10 and 2], while also introducing a random number of clusters. The different combinations utilized in this experiment are presented in Table 4. Although the trust level observed in networks comprising both maximum malicious and selfish nodes was comparatively lower than networks with minimum malicious and selfish nodes, considering the same time or number of nodes, the overall performance of the SCSF algorithm exhibited a significant improvement. The results of Experiment 2, capturing the network trust behavior for the aforementioned combinations in relation to time and the total number of nodes in the network, are presented in Fig.  12a and b, respectively.

Table 4 Considered cases for cluster excellence analysis
Full size table
Fig. 12
figure 12

Output of Experiment 2: network trust evaluation

Full size image

Experiment 3 was conducted to perform an extensive analysis of the results, focusing on key performance metrics including drop rate, delay, throughput, and the degree of exposure (coverage). This analysis was conducted by varying node density and simulation time to capture a comprehensive understanding of the system’s behavior. The obtained results are presented in Figs. 13, 14, 15 and 16. The outcome of our analysis demonstrates a significant improvement in the reliability of our SCSF security approach and evidenced by the substantial reduction in drop rate and delay, coupled with an increase in throughput and the degree of exposure (coverage), when compared to state-of-the-art. With the increase in the number of malicious nodes over time, SCSF mechanism identifies and eliminates such nodes from the network in less duration, resulting in enhanced packet delivery and reduced loss within the network. This improved performance ensures efficient and secure communication throughout the network. These findings contribute to in securing Flying Ad Hoc Networks and signify the potential of our approach for real-world deployments.

Fig. 13
figure 13

Drop rate with time and malicious nodes

Full size image
Fig. 14
figure 14

Throughput with time and malicious nodes

Full size image
Fig. 15
figure 15

Delay with time and malicious nodes

Full size image
Fig. 16
figure 16

Degree of exposure with time and malicious nodes

Full size image

Discussion

This section highlights the improved performance metrics, including reduced delay and drop ratio, increased throughput, and extended coverage, ensuring a secure system against malicious and selfish nodes even at high message transmission rates. Statistical analysis, involving a sample size expansion for both malicious and selfish nodes, up to 50 and 10, respectively, among 200 nodes, is employed to estimate population parameters accurately. Our analyses cover various factors, such as node speed, initial trust values, coverage region, and observer numbers, enhancing the validation of the proposed approach and evaluating security effectiveness based on clusters. Additionally, we introduce a novel measure, cluster confidence (C), derived from individual node trust levels, aiming to enhance information routing safety. The methodology for node trust estimation in SCSF is detailed, utilizing the run-time value of the weight vector proportional to the network’s parameters in the proposed Fuzzy Model, considering resource availability and network capabilities. Scientific soundness of the method is covering the number of key factors that contribute to the model’s reliability, validity, and overall effectiveness. This includes the consideration of theoretical foundation for applying clustering algorithm and verification of fuzzy logic principles for capturing uncertainties in trust assessments, trust model design, and with the specific requirements of approach. Transparently describing the fuzzy logic rules, membership functions, and aggregation methods used in the trust inference process and validating the SCSF trust model through simulation and comparing the assessment results with other existing trust models. This evaluation covers a range of scenarios and cases to assess the robustness. Furthermore, the SCSF trust model performs efficiently with an increased number of nodes and maintains effectiveness as the network size grows. Also, the designed model adapts to changes in network topology, node mobility, and other dynamic factors with network scaling. Sensitivity analysis of SCSF performs through the conduction of comprehensive variation in parameters values during simulation. Our analysis provides insights into the robustness of our findings across different parameter configurations. We observed that certain parameters, such as node speed when highest to 80 km/h, ratio of number of malicious and selfish nodes in comparison to normal nodes exhibited more pronounced effects on the results comparing to average of 40–50 km/h indicating their higher sensitivity, while others had a more marginal impact.

Conclusion and future work

The decentralized and dynamic nature of FANETs makes them vulnerable to security threats posed by malicious nodes. This research paper presents a novel cluster-based framework aimed at assessing the security aspects of flying network behavior. This framework encompasses the security based on run-time trust estimation for both the node and cluster using fuzzy model by assigning weight to the parameters to address vulnerabilities including denial of service attacks, node impersonation, and information breaches. Moreover, it introduces a collaborative mechanism of trust reconfiguration to cover issue of nodes unable to substantiate their trust by providing additional chances as per the previous collective trust. Furthermore, the paper incorporates a dynamic reputation systems, to proficiently detect and segregate malicious and selfish nodes from the network. Simulation results indicate a significant improvement in performance metrics, with a considerable reduction in delay and drop ratio by 41.46% and 36.37%, respectively, while the sufficient rise of 54.71% and 46.05% in throughput and coverage, respectively, comparing with the considered state-of-art, indicates the improvement in trust, reliability, and quality of the flying network by improving security to network services from malicious or selfish nodes, even when the message transmission rate is high. All of the decision factors taken into consideration are performing as expected. With the support of the interpretation of results, it is possible to conclude that the proposed method is quite reliable and robust in dynamic environments, and also more accurate in every way by reducing the false nodes. However, the SCSF model limited to establishing trust in the initial stages of network formation as nodes may not have sufficient information about each other, and the trust model may take time to converge to accurate trust values. Future work can include the machine-learning-based dynamic trust estimation with a higher transmission range and false node size to examine the effectiveness and efficiency of the system with communication methods.