Detecting colluding blackhole and greyhole attack in Delay Tolerant Networks

Delay Tolerant Network (DTN) is developed to cope with intermittent connectivity and long delay in wireless networks. Due to the limited connectivity, DTN is vulnerable to blackhole and greyhole attacks in which malicious nodes intentionally drop all or part of the received messages. Although existing proposals could accurately detect the attack launched by individuals, they fail to tackle the case that malicious nodes cooperate with each other to cheat the defense system. In this paper, we suggest a scheme called Statistical-based Detection of Blackhole and Greyhole attackers (SDBG) to address both individual and collusion attacks. Nodes are required to exchange their encounter record histories, based on which other nodes can evaluate their forwarding behaviors. To detect the individual misbehavior, we define forwarding ratio metrics that can distinguish the behavious of attackers from normal nodes. Malicious nodes might avoid being detected by colluding to manipulate their forwarding ratio metrics. To continuously drop messages and promote the metrics at the same time, attackers need to create fake encounter records frequently and with high forged numbers of sent messages. We exploit the abnormal pattern of appearance frequency and number of sent messages in fake encounters to design a robust algorithm to detect colluding attackers. Extensive simulation shows that our solution can work with various dropping probabilities and different number of attackers per collusion at high accuracy and low false positive.

[1]  Srinivasan Keshav,et al.  Very low-cost internet access using KioskNet , 2007, CCRV.

[2]  Xiaodong Lin,et al.  Public key distribution scheme for delay tolerant networks based on two-channel cryptography , 2012, J. Netw. Comput. Appl..

[3]  Peng Yang,et al.  A Ferry-based Intrusion Detection Scheme for Sparsely Connected Ad Hoc Networks , 2007, 2007 Fourth Annual International Conference on Mobile and Ubiquitous Systems: Networking & Services (MobiQuitous).

[4]  Jim Kurose,et al.  A survey of practical issues in underwater networks , 2007 .

[5]  Zhenfu Cao,et al.  A Probabilistic Misbehavior Detection Scheme toward Efficient Trust Establishment in Delay-Tolerant Networks , 2014 .

[6]  Yong Wang,et al.  Energy-efficient computing for wildlife tracking: design tradeoffs and early experiences with ZebraNet , 2002, ASPLOS X.

[7]  Lars C. Wolf,et al.  Detecting blackhole and greyhole attacks in vehicular Delay Tolerant Networks , 2013, 2013 Fifth International Conference on Communication Systems and Networks (COMSNETS).

[8]  Rongxing Lu,et al.  PMDS: A probabilistic misbehavior detection scheme in DTN , 2012, 2012 IEEE International Conference on Communications (ICC).

[9]  Jörg Ott,et al.  The ONE simulator for DTN protocol evaluation , 2009, SIMUTools 2009.

[10]  Qinghua Li,et al.  Mitigating Routing Misbehavior in Disruption Tolerant Networks , 2012, IEEE Transactions on Information Forensics and Security.

[11]  Jie Wu,et al.  Thwarting Blackhole Attacks in Disruption-Tolerant Networks using Encounter Tickets , 2009, IEEE INFOCOM 2009.

[12]  Brian Gallagher,et al.  MaxProp: Routing for Vehicle-Based Disruption-Tolerant Networks , 2006, Proceedings IEEE INFOCOM 2006. 25TH IEEE International Conference on Computer Communications.

[13]  Cauligi S. Raghavendra,et al.  Spray and wait: an efficient routing scheme for intermittently connected mobile networks , 2005, WDTN '05.

[14]  Jörg Ott,et al.  A disconnection-tolerant transport for drive-thru Internet environments , 2005, Proceedings IEEE 24th Annual Joint Conference of the IEEE Computer and Communications Societies..

[15]  Mooi Choo Chuah,et al.  Secure Data Retrieval Based on Ciphertext Policy Attribute-Based Encryption ( CP-ABE ) System for the DTNs , 2009 .

[16]  Anders Lindgren,et al.  Probabilistic Routing in Intermittently Connected Networks , 2004, SAPIR.

[17]  Anders Lindgren,et al.  Probabilistic routing in intermittently connected networks , 2003, MOCO.

[18]  Chadi Assi,et al.  Disruption-Tolerant Networking: A Comprehensive Survey on Recent Developments and Persisting Challenges , 2012, IEEE Communications Surveys & Tutorials.

[19]  Jörg Ott,et al.  NRC-TR-2007-007 Towards Securing Disruption-Tolerant Networking , 2007 .

[20]  S. Nedevschi,et al.  Hierarchical identity based cryptography for end-to-end security in DTNs , 2008, 2008 4th International Conference on Intelligent Computer Communication and Processing.

[21]  Sajal K. Das,et al.  A trust-based framework for data forwarding in opportunistic networks , 2013, Ad Hoc Networks.

[22]  Jie Yang,et al.  MUTON: Detecting Malicious Nodes in Disruption-Tolerant Networks , 2010, 2010 IEEE Wireless Communication and Networking Conference.

[23]  Scott Burleigh,et al.  The Interplanetary Internet: a communications infrastructure for Mars exploration. , 2003, Acta astronautica.

[24]  Kevin R. Fall,et al.  A delay-tolerant network architecture for challenged internets , 2003, SIGCOMM '03.