Distributed Detection of Selfish Routing in Wireless Mesh Networks

Community wireless mesh networks are vulnerable to free riders who refuse to forward data for others. As the naive selfish strategy of dropping data is readily detected, free-riders are motivated to subtly manipulate the routing protocols to minimize their workload while still evading detection. This paper presents an adaptive on-line algorithm to detect such selfish behavior based solely on local observations of messages exchanged by AODV-like routing protocols. We use a finite state machine model of locally observable protocol actions to generate a statistical description of the behavior of each neighbor and apply statistical analysis to cluster neighboring nodes on the basis of behavioral similarities and identify the selfish ones. Through simulation, we evaluate the performance of our method with respect to the probability of detecting selfish nodes and the rate of false positives against two generic selfish strategies— dropping route requests and dropping route replies. We also evaluate the effect of detection on an adaptive adversary who attempts to operate as selfishly as possible while still evading detection. We find that our technique can detect dropped route requests as well or better than a variant of the widely-used Watchdog detection method, with a lower rate of false positives. In the case of dropped route replies, a fundamental scarcity of observable routing events prevents any algorithm from performing well, suggesting the need to revisit the design of routing protocols.

[1]  Songwu Lu,et al.  SCAN: self-organized network-layer security in mobile ad hoc networks , 2006, IEEE Journal on Selected Areas in Communications.

[2]  Hans-Peter Kriegel,et al.  LOF: identifying density-based local outliers , 2000, SIGMOD '00.

[3]  W. Eddy,et al.  Approximate single linkage cluster analysis of large data sets in high-dimensional spaces , 1996 .

[4]  Ian F. Akyildiz,et al.  Wireless mesh networks: a survey , 2005, Comput. Networks.

[5]  Refik Molva,et al.  Core: a collaborative reputation mechanism to enforce node cooperation in mobile ad hoc networks , 2002, Communications and Multimedia Security.

[6]  Giovanni Vigna,et al.  An intrusion detection tool for AODV-based ad hoc wireless networks , 2004, 20th Annual Computer Security Applications Conference.

[7]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[8]  Ratul Mahajan,et al.  Sustaining cooperation in multi-hop wireless networks , 2005, NSDI.

[9]  Karl N. Levitt,et al.  A specification-based intrusion detection system for AODV , 2003, SASN '03.

[10]  Philip S. Yu,et al.  Cross-feature analysis for detecting ad-hoc routing anomalies , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[11]  R. Sekar,et al.  Specification-based anomaly detection: a new approach for detecting network intrusions , 2002, CCS '02.

[12]  S. Buchegger,et al.  A Robust Reputation System for P2P and Mobile Ad-hoc Networks , 2004 .

[13]  Byung-Cheol Kim,et al.  On the Efficacy of Detecting and Punishing Selfish Peers , 2005, WINE.

[14]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[15]  Robert Tappan Morris,et al.  Architecture and evaluation of an unplanned 802.11b mesh network , 2005, MobiCom '05.

[16]  Pang-Ning Tan,et al.  Local Detection of Selfish Routing Behavior in Ad Hoc Networks , 2006, J. Interconnect. Networks.

[17]  Issa M. Khalil,et al.  DICAS: Detection, Diagnosis and Isolation of Control Attacks in Sensor Networks , 2005, First International Conference on Security and Privacy for Emerging Areas in Communications Networks (SECURECOMM'05).

[18]  J. Thomson,et al.  Philosophical Magazine , 1945, Nature.

[19]  Wenke Lee,et al.  Attack Analysis and Detection for Ad Hoc Routing Protocols , 2004, RAID.

[20]  Jean-Yves Le Boudec,et al.  Performance analysis of the CONFIDANT protocol , 2002, MobiHoc '02.

[21]  Edward W. Knightly,et al.  Measurement driven deployment of a two-tier urban mesh access network , 2006, MobiSys '06.