Detecting Colluding Blackhole and Greyhole Attacks in Delay Tolerant Networks
- 20 July 2015
- journal article
- research article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Transactions on Mobile Computing
- Vol. 15 (5), 1116-1129
- https://doi.org/10.1109/tmc.2015.2456895
Abstract
Delay Tolerant Network (DTN) is developed to cope with intermittent connectivity and long delay in wireless networks. Due to the limited connectivity, DTN is vulnerable to blackhole and greyhole attacks in which malicious nodes intentionally drop all or part of the received messages. Although existing proposals could accurately detect the attack launched by individuals, they fail to tackle the case that malicious nodes cooperate with each other to cheat the defense system. In this paper, we suggest a scheme called Statistical-based Detection of Blackhole and Greyhole attackers (SDBG) to address both individual and collusion attacks. Nodes are required to exchange their encounter record histories, based on which other nodes can evaluate their forwarding behaviors. To detect the individual misbehavior, we define forwarding ratio metrics that can distinguish the behavious of attackers from normal nodes. Malicious nodes might avoid being detected by colluding to manipulate their forwarding ratio metrics. To continuously drop messages and promote the metrics at the same time, attackers need to create fake encounter records frequently and with high forged numbers of sent messages. We exploit the abnormal pattern of appearance frequency and number of sent messages in fake encounters to design a robust algorithm to detect colluding attackers. Extensive simulation shows that our solution can work with various dropping probabilities and different number of attackers per collusion at high accuracy and low false positive.This publication has 19 references indexed in Scilit:
- A trust-based framework for data forwarding in opportunistic networksAd Hoc Networks, 2013
- A Probabilistic Misbehavior Detection Scheme toward Efficient Trust Establishment in Delay-Tolerant NetworksIEEE Transactions on Parallel and Distributed Systems, 2013
- Detecting blackhole and greyhole attacks in vehicular Delay Tolerant NetworksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2013
- Mitigating Routing Misbehavior in Disruption Tolerant NetworksIEEE Transactions on Information Forensics and Security, 2011
- MUTON: Detecting Malicious Nodes in Disruption-Tolerant NetworksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- The ONE simulator for DTN protocol evaluationPublished by European Alliance for Innovation n.o. ,2009
- MaxProp: Routing for Vehicle-Based Disruption-Tolerant NetworksPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2006
- Spray and waitPublished by Association for Computing Machinery (ACM) ,2005
- The Interplanetary Internet: a communications infrastructure for Mars exploration.Acta Astronautica, 2003
- Probabilistic routing in intermittently connected networksACM SIGMOBILE Mobile Computing and Communications Review, 2003