Due to the unique network characteristics, the security and efficient routing in DTNs are considered as two great challenges. In this paper, we design a security and efficient routing scheme, called SER, which integrates the routing decision and the attacks detection mechanisms. In SER scheme, each DTNs node locally maintains a one-dimensional vector table to record the summary information about the contact with other nodes and the trust degree of other nodes. To obtain the global status and the contact relationship among all nodes, the trusted routing table consisting of vectors of all nodes is built in each DTNs node. The method for detecting malicious nodes and selfish nodes is proposed, which exploits the global summary information to analyze the history forwarding behavior of node and judge whether it is a malicious node or selfish node. The routing decision method is proposed based on trust degree of forwarding messages between nodes, which adopts trust degree as relay node selection strategy. Simulation results show that compared with existing schemes SER scheme could detect the attacks behavior of malicious nodes and selfish nodes, at the same time, with higher delivery rate and lower average delivery delay.
Delay-tolerant networks (DTNs) refer to a new form of self-organizing networks that is envisioned to support communication in case of failure or no preexisting infrastructure, such as interplanetary communication networks in space areas, high-speed vehicular networks that disseminate the city traffic information, and sensor networks in extreme environment [
However, DTNs are threatened by various attacks, because some nodes will behave selfishly and may not be willing to help others forward messages in order to conserve their limited resources (e.g., power and buffer), and even some nodes controlled by adversary will behave maliciously and may launch black hole, grey hole, or DoS attacks against the networks by dropping all or part of the received message packets, maliciously tampering message packets, or producing an enormous number of fake message packets [
To achieve the better routing performance of DTNs, many routing protocols in DTNs have been proposed in [
In this paper, we propose a security and efficient routing scheme (SER) to improve message forwarding performance and detect malicious attacks. Different from existing routing schemes and malicious attacks detection schemes that work independently, respectively, we integrate the routing decision and attacks detection mechanisms into the trusted routing table. In SER scheme, each DTNs node maintains a one-dimensional vector to record the summary information about the contact with other nodes. The summary information includes the encounter history evidences with other nodes, the evidences of messages of sending to or receiving from other nodes, and trust degree that represents the ability of other nodes to forward messages to it. To form a global view and obtain the contact relationship among all nodes, SER introduces the trusted routing table that consists of vector of each node. In the initial phase, the trusted routing table of each node has only its own vector; when the two nodes meet, they would exchange the trusted routing table with each other and update it by comparing with the received trusted routing table. Therefore, each node could obtain a global view of the previous network connectivity from its trusted routing table. Based on the trusted routing table, we design the routing decision method and malicious attacks detection mechanisms. The main contributions of this paper include the following three parts.
First, we introduce in detail the method of generating and updating the trusted routing table. The proposed method could not only ensure the security and reliability of trusted routing table, but also make the trusted routing table converge quickly to global consistency.
Second, to accurately evaluate the trust degree of the node, we propose a method of forwarding evidence collection based on layered coin model and digital signature mechanism. The forwarding evidences signed by nodes are bound dynamically on message during the relay processes, and the message carries evidences chain to the destination node. The proposed forwarding evidences collection method greatly improves the timeliness and reliability of the evidences collection and effectively reduces the network overhead.
Third, we propose a routing decision method based on trust degree, which could deliver messages to the destination node along the direction of trust gradient increment and improve effectively routing performance of DTNs. Moreover, the malicious attacks detection method is proposed based on the history evidences of trusted routing table, which could detect selfish nodes and malicious nodes effectively.
The remainder of this paper is organized as follows: In Section
In this paper, we adopt the system model similar to the literature [
We adopt the multicopy message forwarding strategy that allows a message to be copied many times; each time only a copy of the message is forwarded to the next relay node, the max number of messages allowed to be copied is set in the header field of the message. The source node sends a message to the destination node via a sequence of intermediate nodes in a multihop manner. When two nodes contact each other, we would detect the behavior of the encounter node and select the most proper next-hop node as a relay node for each message according to the process of Figure
A flowchart for SER scheme execution.
According to the damage degree of the malicious nodes to the networks, we define two types of attackers as follows.
A selfish attacker is a node that often arbitrarily refuses the forwarding message request of the well-behaving nodes, to save the energy, buffer, or computing resources. But selfish attackers may decide to forward the message if they have a good relationship with the source node, the destination node, or last hop relay node. This type of attack is launched by selfish users that only want to profit from network and are not willing to help other users to forward messages.
A malicious attacker is a node that often uses the vulnerability of routing scheme to disguise as a relay node to receive a large number of messages from its encounter nodes, then maliciously drops these messages from its buffer, and does not forward these messages to the next-hop node. This type of attack is launched by adversary that wants to degrade or destroy the routing of DTNs.
Our goals are to design a secure and reliable opportunistic routing protocol that can not only improve the performance of the network, but also effectively restrain the malicious behavior of selfish or malicious node. The specific objectives are as follows.
In DTNs, most messages need to be forwarded through multiple intermediate nodes. For example, as shown in Figure
Data transmission path.
Based on the above observation, we design a security and efficient routing scheme based on trust mechanism. In our scheme, each DTNs node maintains a trusted routing table (TRT), TRT is
The row vector of matrix
Therefore, in the routing scheme based on TRT, the relay nodes can determine whether the encountered node is the proper next-hop relay node of the message by using row vector of destination node in the trusted routing table (TRT). The node can determine whether the encounter node is a malicious node or selfish node by using the column vector of encounter node in the trusted routing table.
In Figure
Message forwarding process based on trust.
To obtain timely and reliably the forwarding evidences of intermediate nodes, we adopt Captive-Carry mechanism to collect forwarding evidence information. In the message forwarding process, some forwarding evidences information that can prove which nodes have participated in forwarding message is bound dynamically into message body, carried to the destination node together with the message. After receiving the message, the destination node can obtain a list of intermediate nodes from the forwarding evidence information of message body and validate their authenticity and then reward these intermediate nodes according to the defined evaluation strategy.
To guarantee the security and authenticity of the forwarding evidences and prevent malicious nodes from tampering message and adding fake forwarding evidences, in the implementation, we adopt the layered coin model in the literature [
The endorsed layer is formed dynamically by the intermediate node when it wants to forward the message to the next-hop relay node. In Figure
Layered coin model based message format.
Overhead of the message is based on layered coin mode. Because the message is added multilayer of evidences information in the forwarding process, the message length is slightly larger than the basic message. Except the signature fields, we assume each field is 2-byte length; then the message header with six fields is 12 bytes, the length of endorsed layer 0 is around
The tuple
In message receiving process, if node
Assume that
The trust degree
When the encounter process and message receiving process are performed, node
We use an example to illustrate the update process of the trusted routing table. As shown in Tables
Trusted routing table
Destination node | Vector table | TwID | Signature information |
---|---|---|---|
|
|
1 |
|
|
|
1 |
|
|
|
1 |
|
Trusted routing table
Destination node | Vector table | TwID | Signature information |
---|---|---|---|
|
|
2 |
|
|
|
1 |
|
|
|
1 |
|
Trusted routing table of node
destination node | Vector table | TwID | Signature information |
---|---|---|---|
|
|
2 |
|
|
|
1 |
|
|
|
1 |
|
|
|
1 |
|
|
|
1 |
|
(1 (2
(3 (4 (5 (6 (7 (8 (9 (10 (11 (12 (13 (14
(15 (16 (17 (18 (19 (20 (21 (22 (23 (24
(25 (26
By analyzing and observing the characteristics of the attacker in Section
To effectively detect selfish nodes, selfish behavior ratio
Therefore, after obtaining MBR and SBR of node
(1
(2
(3
(4 (5 (6 (7 (8 (9 (10 (11 (12
When node
(1 (2
(3 (4 (5 (6 (7 (8 (9
(10) (11) (12) (13)
(14) (15) (16) (17) (18) (19) (20) (21) (22)
(23) (24)
(25) (26) (27) (28) (29) (30) (31)
The proposed routing algorithm only uses the row vectors and column vectors in the local trusted routing table to judge the behavior of encountered node and make forwarding decision. The overhead of the algorithm is low; the maximum time complexity is equal to
We set up the experiment environment with the ONE (opportunistic network environment) simulator, in which we implement our proposed routing algorithm. ONE simulator is designed for evaluating and verifying DTNs routing protocols and includes a variety of movement models, map of Helsinki city, and some typical routing algorithms such as Epidemic, Spray and Wait (SAW), Prophet, and MaxProp. In our experiment, we adopt the map of Helsinki city as the experiment environment and deploy 200 nodes on the map with size of 4500 m to 3400 m. The well-behaving nodes and selfish nodes use shortest path map based movement model to simulate the movement at speed of 0.5 m/s to 1.5 m/s, and malicious nodes move at speed of 2.7 m/s to 13.9 m/s. Messages are generated at the rate of one per 25 to 35 seconds. The simulation time is set to 24 hours, during which 2900 messages are generated. The size of message is 512 kB. Time to live (TTL) is in the range of 30 to 240 minutes. The buffer
We evaluate our scheme in two aspects: effectiveness of malicious attack detection and routing performance. The performance metrics used in the evaluation are (i) detected accuracy, which is the percentage of malicious nodes and selfish nodes that can be detected; (ii) false positive rate, which is the percentage of well-behaving nodes that are falsely judged as malicious nodes and selfish nodes; (iii) delivery rate, which is the percentage of generated messages that are successfully delivered to destination nodes within time to live; (iv) average delivery delay, which is the average time taken for the messages to be delivered from the source nodes to the destination nodes; (v) overhead rate, which is the proportion between the number of relayed messages (excluding the successfully delivered messages) and the number of successfully delivered messages. Both detected accuracy and false positive rate are used to measure effectiveness of malicious attack detection. Delivery rate, average delivery delay, and overhead rate are used to measure routing performance.
First, we evaluate the impact of choosing different threshold
Figure
SER’s malicious behavior detection results under varying thresholds
Detected accuracy
False positive rate
Similarly, we evaluate the impact of choosing different threshold
SER’s selfish behavior detection results under varying thresholds
Detected accuracy
False positive rate
In this section, we compare SER with three classic routing schemes Epidemic, Prophet, and SAW in the routing performance. The buffer
Figure
Routing performance under varying TTL.
Delivery rate
Average delivery delay
Overheat rate
Time to live (TTL) of message is fixed to 90 minutes. The buffer
Routing performance under varying buffer capacity.
Delivery rate
Average delivery delay
Overheat rate
In this experiment, we assume that there are malicious nodes in DTNs. The number of malicious nodes is varied from 0 to 40. The dropping message probability of malicious nodes is fixed to 0.3. The threshold
Figure
Routing performance under varying of the number of malicious nodes.
Delivery rate
Average delivery delay
Overheat rate
In recent years, many research works on misbehavior detection and routing in DTNs have been proposed, which are closely related to our SER scheme. In Prophet [
To detect colluding blackhole and greyhole attacks, Pham and Yeo [
Different from existing routing protocols and misbehavior detection schemes, our proposed SER scheme introduces a trusted routing table (TRT) that contains the behavior history information of each node and the trust degree of forwarding the message to other nodes. We use the trusted routing table not only to analyze the behavior of nodes, but also to make effective routing decisions. Therefore, SER can achieve both the routing performance and the misbehavior detection and only cost the extra resource overhead that maintains the trusted routing table.
In this paper, we proposed a security and efficient routing scheme (SER), which has the dual functions of routing decision and malicious attacks detection. Based on the layered coin model and digital signature mechanism, the proposed forwarding evidences collection mechanism can effectively guarantee the security and authenticity of the forwarding evidence. Exploiting the forwarding evidence and historical contact information, we described in detail the build and update process of trusted routing table. By adopting the trusted routing table, the proposed SER scheme can obtain the global view about the contact relationship among all nodes in DTNs. The detailed analysis has shown that the trusted routing table not only is secure and reliable, but also quickly converges to global consistency. The simulation results show that SER could accurately detect the attacks behavior of malicious nodes or selfish nodes by analyzing the history forwarding behavior of node from the global view. In addition, the simulation results also demonstrate that SER has better routing performance compared with the existing algorithms, such as higher delivery rate and lower average delivery delay. For our future work, we will design the hierarchical trusted routing table and further reduce the network resource overhead.
The authors declare that they have no conflicts of interest.
This research was supported by National Natural Science Foundation of China (Grant nos. 61300193, 61272125, and 61601107), the Hebei Natural Science Foundation (Grant no. F2015501105, no. F2015501122), and the Fundamental Research Funds for the Central Universities (Grant no. N120323012).