Content uploaded by Muhammad Saleem Khan
Author content
All content in this area was uploaded by Muhammad Saleem Khan on Oct 05, 2017
Content may be subject to copyright.
1 23
Mobile Networks and Applications
The Journal of SPECIAL ISSUES on
Mobility of Systems, Users, Data and
Computing
ISSN 1383-469X
Mobile Netw Appl
DOI 10.1007/s11036-017-0867-0
Isolating Misbehaving Nodes in MANETs
with an Adaptive Trust Threshold Strategy
Muhammad Saleem Khan, Daniele Midi,
Saif-Ur-Rehman Malik, Majid I. Khan,
Nadeem Javaid & Elisa Bertino
1 23
Your article is protected by copyright and all
rights are held exclusively by Springer Science
+Business Media New York. This e-offprint is
for personal use only and shall not be self-
archived in electronic repositories. If you wish
to self-archive your article, please use the
accepted manuscript version for posting on
your own website. You may further deposit
the accepted manuscript version in any
repository, provided it is only made publicly
available 12 months after official publication
or later and provided acknowledgement is
given to the original source of publication
and a link is inserted to the published article
on Springer's website. The link must be
accompanied by the following text: "The final
publication is available at link.springer.com”.
Mobile Netw Appl
DOI 10.1007/s11036-017-0867-0
Isolating Misbehaving Nodes in MANETs with an Adaptive
Trust Threshold Strategy
Muhammad Saleem Khan1·Daniele Midi2·Saif-Ur-Rehman Malik1·
Majid I. Khan1·Nadeem Javaid1·Elisa Bertino2
© Springer Science+Business Media New York 2017
Abstract Due to dynamic network topology, distributed
architecture and absence of a centralized authority, Mobile
Ad hoc Networks (MANETs) are vulnerable to various
attacks from misbehaving nodes. To enhance the security of
MANETs, various trust-based schemes have been proposed
that augment the traditional cryptography-based security
schemes. However, most of these schemes use static and
predefined trust thresholds for node misbehavior detection,
without taking into consideration the network conditions
locally at each node. Using static trust thresholds for mis-
behavior detection may result in high false positives, low
malicious node detection rate, and network partitioning. In
this paper, we propose a novel Adaptive Trust Threshold
(ATT) strategy that adapts the trust threshold in the rout-
ing protocol according to the network conditions such as
Muhammad Saleem Khan
skhan.ciit@gmail.com
Daniele Midi
dmidi@purdue.edu
Saif-Ur-Rehman Malik
saif ur rehman@comsats.edu.pk
Majid I. Khan
majid iqbal@comsats.edu.pk
Nadeem Javaid
nadeemjavaid@comsats.edu.pk
Elisa Bertino
bertino@purdue.edu
1Department of Computer Science, COMSATS Institute
of Information Technology, Islamabad, Pakistan
2Department of Computer Science, Purdue University,
West Lafayette, IN, USA
rate of link changes, node degree and connectivity, and aver-
age neighborhood trustworthiness. We identify the topology
factors that affect the trust threshold at each node, and
leverage them to build a mathematical model for ATT com-
putation. We compare our ATT strategy with one of the
most recently proposed trust-based security schemes. Our
simulation results indicate that the ATT strategy is robust
in terms of convergence to the same trust threshold value
computed at all neighbor nodes for malicious nodes and is
energy efficient. Moreover, the ATT strategy achieves sig-
nificant improvements in packet delivery ratio, reduction in
false positives, and increase in detection rate as compared to
non-ATT schemes (static trust threshold based schemes).
Keywords MANETs ·Threshold computation ·Adaptive
threshold ·Static threshold ·Colluding attackers
1 Introduction
Mobile Ad hoc Networks (MANETs) consist of
mobile nodes interconnected through wireless links in
infrastructure-less environments without relying on any
centralized authority, such as a base station. Nodes that
are not within the communication ranges of each other,
communicate through intermediate nodes known as relay
nodes. MANETs can be deployed in areas or in situations
where no infrastructure is available or when the deployment
of infrastructure is not possible or expensive, such as emer-
gency operations, environmental disasters, and so on. Due
to dynamic network topology, distributed architecture, and
absence of a centralized authority, MANETs are vulnera-
ble to packet routing attacks. Several trust-based security
schemes [1–4], closely coupled with misbehavior detec-
tion schemes, have been proposed in order to identify and
isolate misbehaving nodes. In such trust-based schemes,
Author's personal copy
Mobile Netw Appl
each node in the network computes and stores a trust value
about the other nodes. These trust values are compared
with a pre-defined threshold, referred to as trust threshold,
representing the maximum tolerated misbehavior for a
node. A node is considered trusted if it successfully relays a
certain percentage of the received packets according to the
specification of underlying network protocol.
Some of the existing trust-based security schemes com-
pute the trust threshold based on heuristic assignments that
trade-off performance metrics, such as false positives rate,
detection rate, packet loss rate, and so on [5–7]. Usually,
these trust-based security schemes asses the trustworthi-
ness of a node in the range [0,1]with 0.5 as commonly
used threshold [8]. However, short transmission ranges and
high nodal mobility causes short interaction times between
nodes. As the behavior of nodes in MANETs can change
rapidly, it is difficult to set an appropriate trust threshold
for misbehaving node detection that works best in all the
scenarios [9].
Using a static trust threshold can result in high false pos-
itives1, low malicious node detection rate2, and partitioning
of the network. If the trust threshold is too low, the error
rate3will be high, since misbehaving nodes will be removed
from the routing path much later. On the other hand, if the
trust threshold is too high, error rate will be low, but fewer
nodes will be able to participate in the routing, since more
nodes will be seen as misbehaving nodes, possibly lead-
ing to network partitioning. Moreover, a smart malicious
node can adapt its misbehavior strategy according to the pre-
defined trust threshold (which is known to all the nodes)
in order to remain within trust threshold to avoid detection
[10–12].
As each node in MANETs experiences different network
conditions, such as mobility, node degree, and so on, a static
trust threshold may not optimal in terms of detection rate,
false positives rate, and packet loss rate. Therefore, a more
adequate trust threshold should also be based on the network
conditions. We thus need an adaptive trust threshold strategy
able to take into account the network conditions and adjust
the trust parameters accordingly.
To address such requirement, in this paper, we propose a
novel Adaptive Trust Threshold (ATT) strategy that adapts
the trust threshold locally at every node according to var-
ious network conditions, such as node degree, mobility,
and so on. In the paper, we first identify the topology
factors, metrics, and behavioral changes in network condi-
tions that affect the trust threshold at each node. Then, we
leverage them to develop a mathematical model for ATT
computation.
1Ratio of the legitimate nodes declared malicious.
2Percentage of the malicious nodes actually detected.
3Ratio of maliciously dropped data packets.
It is worth-mentioning that our proposed work does not
aim at developing a new trust-based security scheme itself.
We aim at designing an adaptive trust threshold computa-
tion mechanism based on run-time network conditions. The
proposed ATT strategy can be implemented on top of any
baseline trust-based scheme that allows a node to locally
optimize the trust threshold in order to better estimate the
trustworthiness of a neighboring node.
Our key contributions in this paper can be summarized as
follows:
– we evaluate how individual network condition parame-
ters affect the trust threshold;
– we propose a distributed strategy for computing an
adaptive trust threshold, based on several network
parameters;
– we provide an implementation of our model in a real
routing protocol, the Optimized Link State Routing
(OLSR) protocol;
– we evaluate and compare our ATT strategy with
the recently proposed trust scheme by Shabut et al.
[13], showing that the ATT strategy outperforms such
scheme;
– we evaluate how well the ATT strategy converges across
different nodes for a same suspect node;
– we evaluate our strategy against colluding attackers.
Our simulation results indicate that the ATT strategy
achieves significant improvements in packet delivery ratio,
reduction in false positives, and increase in detection rate
as compared to traditional static trust threshold strategies.
Therefore, our ATT strategy, based on well-designed met-
rics, can significantly enhance security and performance of
MANETs when compared to traditional static trust thresh-
old based approaches. Moreover, we show that our ATT
strategy converges to the same ATT value computed for
malicious node isolation by the nodes in the same neighbor-
hood with a very negligible variance in values.
The rest of the paper is organized as follows. Section 2
introduces the background and our problem motivations.
Section 3presents the design goals of the proposed scheme.
Section 4discusses related work. Section 5presents the
network dynamics and properties. Section 6discusses the
effects of various topology factors on the trust threshold and
our proposed adaptive strategy. Section 7reports the sim-
ulation results. Security analysis is presented in Section 8.
Section 9outlines few conclusions and future work.
2 Background and problem motivations
In this section, we present background information about
the static trust threshold problem and then motivations to the
problem.
Author's personal copy
Mobile Netw Appl
2.1 Background
Various trust-based schemes have been proposed to inte-
grate the concept of trust in MANETs [14–16]. Routing
decisions are based on trust values computed for all nodes in
the network. Most of the aforementioned trust-based secu-
rity schemes [13,17–22] work as follows:
when node Ewants to evaluate node M,trustτcomputed
by node Eis given in the following equation:
τFH
E,M =αE,M
αE,M +βE,M
,(1)
where τFH
E,M is the trust computed based on first-hand infor-
mation at node Eabout node M,αE,M is number of packet
forwarded, and βE,M is the number of packet dropped by
node Mas observed by node E.
Trust computed in Eq. 1is published periodically, which
is then used by other network nodes as second-hand infor-
mation in trust computation. An evaluating node Ecom-
bines the second-hand information about node Mreceived
from all the recommender nodes as given in the following
equation:
τSH
R,M =
N
R=1
α
R,M
α
R,M +β
R,M
,(2)
where τSH
R,M is the second-hand information received from
recommender nodes Rabout node M,andNis the total
number of recommender nodes. By combining both first-
hand and second-hand information, total trust is computed
using the following equation:
τE,M(t , t +) =ωαE,M
αE,M+βE,M +(1−ω)
N
R=1
α
R,M
α
R,M+β
R,M ξ, (3)
where tis current time, is the trust update period, and
ωis the weight assigned to first-hand information (ranges
between 0 and 1). Trust computed in Eq. 3is then compared
with trust threshold ξ. If computed trust is greater than ξ,
node is considered as trustworthy, otherwise, misbehaving
[23,24]
2.2 Problem motivations
In most trust-based schemes, ξis set when the network is
deployed, based on some predefined protocol static behav-
ior obtained from simulation or empirical testing, and
remains the same for all the nodes and for the entire net-
work lifetime. However, because of the dynamic nature of
MANETs and their mobility characteristics, the nodes in the
network may not all be in the same state [25]. Therefore,
selecting a particular ξin order to decide which node to
remove from the routing path may be appropriate for a part
of the network and inappropriate for another. Moreover, the
metrics of what a “normal” behavior for cooperative nodes
is may change over time due to mobility. Therefore, using
a static trust threshold for misbehavior detection does not
always work, and may lead to the problems we discuss in
the following. For clarity, it is worth-mentioning that in our
discussion we are operating from the point of view of a par-
ticular node, and that all decisions and trust thresholds are
local states.
Network partitioning Because of node mobility, link fail-
ures or node failures, the network may split into small
groups of nodes, preventing nodes from communicating
directly or indirectly with each other and leading to perfor-
mance degradation. Therefore, before isolating a malicious
node from a routing path, it is critical to consider the possi-
bility of a network partitioning. A static, predefined ξdoes
not take into account the network connectivity, and may lead
to either partitioning in sub-networks (Fig. 1a) or source
node isolation (Fig. 1b). In the scenario in Fig. 1a, node O
is malicious but, if removed from the routing path, Region
1 and Region 2 will be isolated from each other. Similarly,
in Fig. 1b, if node Ois removed from the routing path, the
source node Iwill be isolated. Since the malicious node O
could be misbehaving in the context of data forwarding, but
still forwarding control packets, its removal must be further
investigated.
High false positive rate If the trust threshold ξis high,
there will be a low error rate, since a node has limited
chances to behave maliciously. However, fewer nodes will
be able to participate in routing, as many will be incorrectly
seen as misbehaving, thus increasing the chances of net-
work partitioning. Figure 2a and b show a network portion at
times t0and t1, respectively. It is clear that the neighborhood
of node Schanges very frequently, indicating that Region
1 is more mobile than Region 2. In this case, a higher trust
threshold is not an optimal choice, as it will result in a high
number of false positives, since the source node has very
short interactions with its neighboring nodes, making it dif-
ficult to have a good trust estimation. Therefore, the source
node should consider its neighborhood and its dynamicity
when estimating the trust threshold.
Low packet delivery ratio and detection rate If the trust
threshold value is too low, the error rate will be high due
to an increased amount of maliciously discarded packets. A
lower value of ξwill give more chances to malicious nodes
to avoid detection for a longer time. For example, Region
2 in Fig. 2b has low mobility, so the neighborhood around
source node Idoes not change frequently. In this case, a
lower trust threshold for malicious node isolation lets a mis-
behaving node discard more packets, and thus a higher trust
threshold would be a better choice. In fact, it would prevent
Author's personal copy
Mobile Netw Appl
(a) (b) (c)
Fig. 1 Effect of isolation
malicious nodes from discarding more packets since they
would be removed from the source node’s data path earlier,
and would not have anymore packets to forward (and thus
drop) from that source node.
3 Design goals
Our proposed strategy for adaptive trust threshold computa-
tion has the following design goals:
Dynamicity One of the basic design goals of the pro-
posed scheme is that it should be dynamic and reactive in
nature. As MANETs topology is dynamic and changes fre-
quently, trust thresholds should be updated dynamically and
reactively.
Energy optimization One of the major issues in MANETs
is energy consumption as mobile nodes are battery pow-
ered. Thus, a mobile node failure due to power can affect the
functionality of the network and overall network lifetime.
Therefore, our trust threshold scheme should be lightweight
in terms of computing, performance, storage, and energy.
Scalability MANETs may consist of large numbers of
nodes which exchange data. The adaptive trust threshold
should be built with scalability in mind. An ATT strategy
that wants to ensure scalability should be able to properly
function using only local information.
Maximization of the detection rate The basic design goal
of an ATT strategy is to detect the true malicious nodes as
early as possible, which ultimately reduces the number of
packet losses.
Minimization of false positives and network partitioning
Trust-based security techniques suffer from bad-mouthing
[26] and false positives, with legitimate nodes declared as
malicious nodes. These legitimate nodes are then removed
from the data path which may result in network parti-
tioning and low packet delivery ratio. An ATT strategy
should minimize the false positives and prevent network
partitioning.
Trust threshold convergence The trust threshold conver-
gence refers to how close the computed trust threshold
values are for a given node Aby all its neighbor nodes.
A good algorithm convergence indicates that the algorithm
returns the same values, or very similar values, when run
by different nodes in a given neighborhood under the same
network conditions.
4 Related work
One of the key approaches in MANET trust-based schemes
is by Marti et al. [1]. They proposed a watchdog and path-
rater mechanism implemented on top of the DSR protocol
to minimize the impact of malicious nodes on the through-
put of the network. However, the trust threshold values used
to detect misbehaving nodes are static and pre-defined.
McCoy et al. [22] proposed a trust-based mechanism to
detect malicious nodes. In such scheme, a trust authority
collects reports from neighbors and aggregate these reports
Fig. 2 Effect of Mobility
(a) (b)
Author's personal copy
Mobile Netw Appl
with its own observation to create a global trust about a
suspected node. Similar threshold based schemes were pro-
posed by Ren and Boukerche [17] and Lenzini et al. [19].
In such schemes, a node is considered trustworthy if the number
of good interactions is greater than a certain trust threshold.
Distributed reputation mechanisms were proposed to
overcome the shortcomings of the watchdog scheme. In
such mechanisms, the reputation is computed periodically
on the basis of ratings collected from neighbors. Buchegger
et al. [2] proposed the CONFIDANT protocol to detect and
respond to misbehaving nodes. One of its shortcomings is
the problem of conflicting update reports. In case of con-
flicting update reports, the source node is unable to make
correct decisions about node trustworthiness. Moreover, to
avoid false praise attacks [26], only negative experiences as
second-hand information are shared among nodes, but that
may cause bad-mouth attacks [26]. A similar approach was
proposed by Parker et al. [27]. They suggested an intru-
sion detection scheme that requires the monitoring node to
overhear traffic in its transmission range. However, attacks
such as misrouting (relaying packets to the wrong next hop)
cannot be detected.
Other relevant approaches use acknowledgment-based
detection systems, such as TWOACK [3] and EEACK [4].
TWOACK focuses on solving the receiver collision and
limited transmission power problems of the watchdog and
path-rater approach. However, due to the acknowledgment
of each packet, such scheme degrades the network per-
formance. Moreover, it detects misbehaving links instead
of misbehaving nodes. Shakshuki et al. [4] proposed the
Enhanced Adaptive ACKnowledgement (EAACK) proto-
col to detect misbehaving nodes in MANETs environment
using DSA and RSA digital signatures. Their technique can
validate and authenticate the acknowledgement packet, yet
at the expense of extra resources and also requires pre-
distributed keys for digital signatures. Sheltami et al. [28]
propose a novel acknowledgement-based scheme called
Adaptive Three Acknowledgments (A3ACKs) to solve the
three significant shortcomings of the watchdog and path-
rater scheme, namely receiver collision, limited transmis-
sion power, and collaborative attack. Inspired from the court
procedure in a judiciary system, Zhang et al. proposed a
secure solution for MANETs called distributed court sys-
tem (DCS) [29]. Aravindh et al. [30] proposed a trust-based
technique to identify misbehaving nodes. Such technique is
based on a trust counter managed by each node for forward-
ing packets from other nodes. If the trust counter is below
a certain static trust threshold, the corresponding interme-
diate node is declared as misbehaving node. A static trust
threshold is used, which is one of the major shortcomings of
such scheme. A recommendation-based trust model coupled
with a defense scheme was proposed by Shabut et al. [13]
to address the problem of dishonest recommendations by
nodes in MANETs. The proposed scheme uses a clustering
technique to successfully filter out dishonest nodes recom-
mendations. However, a static trust threshold value of 0.4
is used to eliminate the misbehaving nodes. A comparison
between the aforementioned trust model and our proposed
scheme is presented in Section 7, showing that our scheme
is more effective in terms of false positives, detection rate,
and packet loss rate.
A multi-dimensional trust management framework based
on three metrics is proposed by Li et al. [31]. The afore-
mentioned work covers different aspects of node’s trust-
worthiness as it considers multiple dimensions of trust in
MANETs. The proposed multi-dimensional metrics are (i)
node collaboration, such as packet forwarding, (ii) node
behavior, and (iii) correctness of control information, such
as routing updates. However, the mentioned scheme does
not include any adaptive trust threshold mechanism. It uses
a fixed trust threshold that does not take into account the
network conditions in the neighborhood of evaluating node
to mark the evaluated node as trustworthy or untrustwor-
thy. Based on the Li et al. [31] work, there are some other
threshold-based works extended in [32,33]. However, as
discussed previously, all these works have no adaptive trust
threshold mechanism.
Although the mentioned approaches support misbehav-
ing node detection and isolation schemes, these schemes use
static trust thresholds that can result in erroneous trust esti-
mation, especially under high nodal mobility. One of the
basic consequences of the adoption of a static trust thresh-
old is that all the network nodes are aware of the pre-defined
trust threshold. Such knowledge may thus be exploited by
misbehaving nodes. For example, a misbehaving node may
act so as to remain just below the misbehaving threshold
and thus go undetected. In contrast, our proposed scheme is
based on an adaptive trust threshold computation, that takes
into account the network conditions at each node.
We originally proposed the ATT strategy in [34]. In this
work, we address some shortcomings and extend our pre-
vious work by (i) providing experimental comparison with
the state-of-the-art protocol proposed by Shabut et al. [13],
(ii) investigating the convergence of our algorithm, i.e. eval-
uating the variance of thresholds computed by different
neighbors for a same suspect node, (iii) providing additional
experiments for advanced attackers that carry out collusion
attacks, and (iv) providing an extensive security analysis of
the proposed ATT strategy.
5 Network dynamics and link properties
In this section, we discuss network dynamics, such as node
mobility, node degree, network connectivity, and rate of link
changes, how they effectively reveal frequent changes in the
Author's personal copy
Mobile Netw Appl
network topology, and the role they play in computing an
optimal trust threshold.
Density metrics, node degree, and mobility metrics are
commonly used for topology adaptation [35,36]. The den-
sity metric is a global parameter, defined as the number
of nodes per unit area [35]. The node degree is a local
parameter, defined as the number of nodes in a neighbor-
hood. Mobility is one of the major factors to be considered
for our ATT strategy. Different mobility metrics have been
proposed [25,36,37]. In the following subsections, we
investigate the relationships of the average link change rate
and node degree with mobility. To observe the effect of
mobility on the rate of link change and node degree, we have
simulated the OLSR protocol [38] for different node mobil-
ity speeds. For this set of simulations, we vary the node
mobility from 1–10 m/sec, number of maximum nodes is
kept 60 with network area size of 1000 ×1000 m2.
5.1 Effect of mobility on rate of link changes
The average link change rate η(average number of link
changes per second observed by a single node) can give a
good estimation of neighborhood dynamics. According to
Samar and Wicker [39], the average link arrival rate λ(num-
ber of new links) is equal to the average link breakage μ
(number of link breakages) during time [t0,t
1].Letηdenote
the average link change rate. Then,
η=λ+μ=2λ. (4)
Figure 3a shows that with increasing node speed, the aver-
age rate of link change increases linearly. In previous
approaches, the trust threshold ξis computed based on the
average link dynamics. However, it is evident from Fig. 3b
that each node experiences different network conditions. An
ATT computation algorithm thus needs to analyze the rate
of link change at each node at run-time to better estimate the
local neighborhood dynamics.
5.2 Effect of mobility on node degree
As shown in Fig. 3c, the average node degree increases as a
function of node density but is independent of speed. How-
ever, Fig. 3d shows that the node degree at each node is
different for increasing node speed. Moreover, nodes in the
same network may experience different network conditions;
for example, in some portion of the network, some nodes
may have relative stable and greater node degree during a
period of time, while others may not [36].
6 Adaptive trust threshold (ATT) strategy
The computation of a good trust threshold has to account
for many different factors. A single node may face a vari-
ety of conditions during the same session, such as changes
in the node degree and link rate due to mobility [40]. In this
section, we introduce the network model and the assump-
tions made. We identify the topology parameters that are
critical in order to adapt the trust threshold, and analyze
their relationship to the network dynamics. Then, we discuss
how such topology parameters affect the trust thresholds.
6.1 Network model and assumptions
We consider multi-hop MANETs, consisting of a number of
mobile nodes. The network is modeled as a graph G(V,E),
where Vis the set of nodes, and Eis the set of links [41],
E⊆V×V. We assume that all the nodes have a uniform
transmission range r0. A wireless link (u, v) ∈Eif and
only if the Euclidean distance DEbetween nodes uand vis
smaller than the transmission range r0. When discussing 2-
hop connectivity of a node u, we consider the sub-graph Gu
consisting only of the 1-hop and 2-hop neighbors of u.The
latter are defined as:
2hop(u) ={w∈V,z ∈V:(u, z)∈E∧(z, w)∈E}.
0
2
4
6
8
10
12
14
16
18
20
22
2 4 6 8 10
Average rate of link changes
Maximum node speed (m/sec)
10 nodes
20 nodes
30 nodes
40 nodes
50 nodes
60 nodes
6
8
10
12
14
16
18
20
22
24
4 8 12 16 20 24 28 32 36 40 44 48
Rate of link changes
Node ID
0
2
4
6
8
10
12
14
16
18
20
22
2 4 6 8 10
Average node degree
Maximum node speed (m/sec)
10 nodes
20 nodes
30 nodes
40 nodes
50 nodes
60 node
9
10
11
12
13
14
15
16
17
18
4 8 12 16 20 24 28 32 36 40 44 48
Node Degree
Node ID
(a) (b) (c) (d)
Fig. 3 Rate of link changes and Node degree
Author's personal copy
Mobile Netw Appl
We also assume that the ATT value range is ξ∈[0,1],0
being the lowest and 1 the highest.
In addition, the adversarial model we consider includes
malicious nodes that may drop, alter or inject control and
data packets. In our proposed scheme, we further assume
that a trust-based intrusion detection and malicious node
isolation scheme is deployed at each node and is able
to detect misbehavior from nodes. The intrusion detection
scheme will trigger the ATT strategy module whenever a
misbehavior is detected. It is important to highlight that, in
our model, the trust threshold ξ, as well as the trustworthi-
ness of each neighbor, are states local to each node, meaning
that each node will compute such values individually. In our
model, the algorithm for adaptive trust calculation is fully
distributed, and therefore different nodes might have differ-
ent views of the same neighbor. As a consequence, in this
paper we use the term “isolation” of a malicious node from
the routing path to indicate a decision local to each node.
6.2 ATT parameters
We now present the proposed ATT parameters, and discuss
their implications.
Node degree (σ)It is defined as the number of nodes in
a node’s 1-hop neighborhood. Let ube a node. The node
degree of uat time t, denoted as σu(t), with a transmission
range r0is defined as |{v∈Vu:DE(t) (u, v )≤r0}|.
A node of degree σ=0 is isolated, i.e. it has no neigh-
bors; therefore, the minimum node degree min(σu)=0.
Moreover, a node has a maximum node degree max(σu)if
all the nodes in the network are directly connected to u.
The node degree has a direct impact on the trust threshold.
When computing the trust threshold, each node considers
the node degree in its 1-hop neighborhood. The higher the
number of nodes in its 1-hop neighborhood, the higher the
trust threshold value, and vice versa. In fact, when a source
node has more alternative 1-hop nodes for selecting for-
warding nodes, it can tolerate stricter trust threshold values
with lower risks of network partitioning. If a malicious node
mis isolated from the routing path, node uremains con-
nected to the network, guaranteeing a balance between high
detection rate and throughput. The following formula allows
us to find the optimal trust threshold value at node ufor
malicious node isolation with respect to node degree σu:
ξσ=σu
|V|.(5)
According to above Equation, the maximum value of the
node degree results in the highest trust threshold (i.e., 1),
while the minimum value of the node degree results in the
lowest (i.e., 0).
2-hop connectivity (ρ)In our proposed strategy, we define
the 2-hop connectivity ρ(u,z) at node ufor particular direct
neighbor zas the number of nodes win a 2-hop neighbor-
hood that are only reachable through z, defined as follows:
ρ(u,z)={w∈2hop(u) :(u, z)∈Eu∧(z, w)∈Eu
∧(p∈1hop(u), p = z:(u, p) ∈Eu∧(p, w) ∈Eu)}.
(6)
The minimum 2-hop connectivity of a node min(ρu)
with respect to particular 1-hop neighbor zis 0 and can be
interpreted as the fact that no 2-hop node is reachable only
through that node. Conversely, the maximum 2-hop connec-
tivity max(ρu)of a node with respect to a direct neighbor z
is |2hop(u)|, meaning that all the 2-hop neighbors of uare
only reachable via node z.
The 2-hop connectivity is another important parame-
ter for our ATT strategy, representing the tolerance of the
network to node failures. Its purpose is to ensure the connec-
tivity of network before isolating a misbehaving node from
the routing path. To find the optimal trust threshold value
at node ufor the possible removal of malicious node zwith
respect to 2-hop connectivity ρ(u,z), we use the following
expression:
ξρ=1−ρ(u,z)
|2hop(u)|.(7)
According to above Equation, if ρ(u,z)has maximum
value, the trust threshold value will be the lowest (i.e., 0),
while for the minimum value of ρ(u,z), it will be the highest
(i.e., 1).
Rate of link changes (η)The composition of the net-
work and therefore of the neighborhood of the individual
nodes changes frequently due to the mobility in the net-
work. A node can determine the mobility of the nodes in its
neighborhood by computing the neighborhood rate of link
changes [36]. The higher the mobility, the more the net-
work composition changes and hence the higher the rate of
change in the node neighborhood, as shown in the exam-
ple in Fig. 3a. While computing the trust threshold, the rate
of change in a neighborhood should be taken into consid-
eration. We can find the rate of link changes at node uby
modifying (4) to focus on the rate of link change at an indi-
vidual node u, instead of focusing on the average rate of link
changes in the whole network, and obtaining:
ηu=λu+μu.(8)
Author's personal copy
Mobile Netw Appl
Every new node that enters the node u’s transmission
range creates a new link to u. Therefore, the number of new
nodes in the neighborhood of uis equivalent to the total link
arrival rate at ufor every time interval [t−1,t]. The link
arrival set λuis defined as:
λu(t) ={v∈Vu,D
E(t−1)(u, v )>r
0∧DE(t) (u, v )≤
r0}.
Similarly, the link breakage rate μis the total number of
nodes moving out of node u’s transmission zone for every
time interval [t−1,t]. The link breakage set μuis defined
as:
μu(t) ={v∈Vu,D
E(t−1)(u, v )≤r0∧DE(t) (u, v)>
r0}.
By using the formulas for λuand μuin Eq. 8, we obtain
the rate of link change at node uas ηu=|λu|+|μu|.
The minimum possible link change rate min(ηu)for node
uat time tis 0, indicating that there is no new arrival of
nodes and no link breakages because of no mobility of nodes
(i.e. the network is temporarily static). Similarly, since the
maximum possible link breakage max(μu)for node uat
time tis given when all the direct neighbors move out of
the transmission zone, and based on the results by Samar
and Wicker [39] showing that the maximum link arrival
rate max(λu)is equal to the breakage rate. The maximum
link change rate max(ηu)is formulated as max(λu(t )) +
max(μu(t)) =2·σu(t ).
Finding the rate of link changes allows us to better esti-
mate the dynamics in a neighborhood in order to avoid false
positives and adapt the trust threshold accordingly. If the
rate of link change in a neighborhood is high, a low trust
threshold can be an optimal choice to avoid false positives,
given the short interaction time among the nodes. Similarly,
if the rate of link change in a neighborhood is low, the net-
work tends to be static, hence a high trust threshold can be
an optimal choice. The trust threshold for malicious node
isolation with respect to the link change rate is formulated
as follows:
ξη(t) =1−ηu(t)
2·σu(t ) .(9)
Average neighborhood trustworthiness (τavg)In trust-
based security schemes, each node manages a trust table
to record the trust of other nodes; therefore the average
neighborhood trustworthiness can be easily computed. In
our model, the entries of such table for each neighbor are
computed by observing the percentage of packets correctly
routed by that neighbor in a sliding window of the Wmost
recent observed behaviors. In our ATT strategy, each node
considers the average trustworthiness of the nodes in its 1-
hop neighborhood while computing the trust threshold value
for misbehaving node isolation. The average trustworthi-
ness is the overall trust reputation of the nodes in 1-hop
neighborhood:
τuavg =1
n
N
j=1
τj.
where Nis the total number of nodes in u1-hop neighbor-
hood. Clearly, the maximum neighborhood trustworthiness
max (τ )uis equal to 1, while conversely the minimum
min(τ )uis 0.
If a node has direct neighbors with a good average trust-
worthiness, a strict trust threshold should be adopted, as the
source node can tolerate the isolation of more misbehaving
nodes because of the availability of multiple good alterna-
tives. Similarly, if a node has less trustworthy neighbors and
more misbehaving nodes, then a low trust threshold value
for misbehaving node isolation will be an optimal choice to
maintain the connectivity in the network. The optimal trust
threshold value at node ufor malicious node isolation with
respect to its average neighborhood trustworthiness τuis
given by:
ξτ=τuavg. (10)
6.3 Algorithm and mathematical model
We are now able to combine the equations introduced so
far into our mathematical model for the adaptive compu-
tation of the optimal trust threshold for misbehaving node
isolation. By combining Eqs. 5,7,9and 10, we obtain:
ξu=αξσ+βξρ+γξ
η+δξτ
α+β+γ+δ,whereα+β+γ+δ=4.
(11)
The weights α, β, γ ,and δcan be tuned based on the spe-
cific security goal to be achieved. For a higher throughput,
we consider the network connectivity as vital, so node
degree and 2-hop connectivity carry more weight than other
parameters.
Algorithm 1 presents the pseudo code for our ATT strat-
egy. In the proposed algorithm, each node computes the
node degree (Line 3), its 2-hop connectivity (Line 4–11),
rate of link changes (Line 12–14) and average trustwor-
thiness of its neighborhood (Line 15–18). The updated
parameters are then used to compute adaptive trust thresh-
old (Line 20–26). The node current trust value is compared
with the computed adaptive trust threshold (Line 28), and if
Author's personal copy
Mobile Netw Appl
the node’s trust values is less than the trust threshold, it is
isolated from the routing path (Line 29).
7 Experimental performance analysis
In this section, we report the experimental performance
analysis of the ATT strategy under varying performance
metrics and parameters. We present first the simulation
environment and performance metrics. Then, we compare
the proposed scheme to the recommendation-based strategy
by Shabut et al. [13], referred to as static trust threshold
(STT) strategy in what follows, under different network
parameters. The aforementioned scheme uses a static trust
threshold value of 0.4 for misbehaving node detection and
isolation.
7.1 Performance metrics and parameters
We used the Network Simulator 2 (NS-2) [42]toimple-
ment and analyze the performance of the ATT strategy. As
an experimental setup/test-bed incurs high costs, we have
used simulation studies to analyze the performance of pro-
posed scheme. However, to get reliable results and obtain
a rigorous evaluation of the proposed scheme, it is critical
to make sure that the chosen simulation scenarios repre-
sents with high fidelity the scenario where the proposed
scheme is likely to be deployed. To address such goal, we
consider a random deployment of network nodes to better
evaluate our proposed scheme. We used different scenarios
and performance evaluation metrics with varying network
parameters. For the simulation experiments, we have varied
the mobility speed of the nodes between 1–10 m/s. For data
traffic, 30% of the total nodes in the network are selected
as source-destination pairs (sessions), spread randomly over
the network. Only 512-bytes data packets are sent. The
packet sending rates in each pair are varied to change the
offered load in the network. All traffic sessions are estab-
lished at random times near the beginning of the simulation
run and stay active until the end. Moreover, a very popu-
lar and commonly used mobility model, called random way
point mobility model [43], is used for node mobility. In the
aforementioned mobility model, each node selects a ran-
dom destination and starts moving with a randomly chosen
speed (uniformly distributed between 0 and a pre-defined
maximum speed).
We compared our adaptive scheme against the STT strat-
egy under various parameters such as network node count,
node speed, and network area size. Table 1lists commonly
used simulation parameters, otherwise stated explicitly. The
number of simulation experiments has been chosen suffi-
ciently large in order to obtain a 95% confidence interval for
the results. In most cases, the data shown is averaged over
10 simulation runs. Only in very few cases, 15 simulation
runs were required.
Tabl e 1 Simulation parameters
Parameter Value
Simulation time 1000 seconds
Number of nodes 100
Number of malicious nodes 10% -30%
α, β, γ , δ 1.5, 1.5, 0.5, 0.5
Network size 1000 m ×1000 m
Transmission range 250 m
Maxspeed 1m/s-10m/s
Mobility model Random way point
Traffic Type Constant bit rate (CBR)
Author's personal copy
Mobile Netw Appl
Following are the performance metrics considered in the
analysis of our proposed scheme:
–False Positives rate: the ratio of the legitimate nodes
declared as malicious over the total number of legiti-
mate nodes.
–Detection rate: the percentage of malicious nodes
detected among the total number of malicious nodes
within the network.
–Packet Delivery Ratio: The ratio of the number of data
packets generated by a source node and the number of
packets received at the destination.
–Average End-to-End Delay: The average time taken
by data packets sent from source to destination.
–Packet Loss Rate: the percentage of data packets
dropped by misbehaving nodes out of the total sent data
packet.
–Energy Consumption: the ratio of the average con-
sumed energy at all the nodes to the initial energy at
nodes.
7.2 Experimental adversarial model
In our experiments, we choose the malicious nodes ran-
domly to keep their distribution uniform in the network. The
malicious node count is set to 10–30% of the total number
of nodes. In our adversarial model, we consider two types
of attacks: one against the baseline routing protocol and the
other against the proposed ATT strategy. Packet drop and
selective forwarding attacks are the most common attacks
against MANETs routing protocols. In our experiments, we
simulated such attacks by having malicious nodes dropping
control and data packets randomly or selectively with 25%
probability. The malicious nodes, as in real scenarios, are
not different from regular nodes and thus have same mobil-
ity properties, such as speed, direction, and so on. In our
experiments, we also considered colluding attacker nodes.
More specifically, we considered scenarios with two col-
luding attacker nodes. In such scenario, one malicious node
drops data packet and other node intentionally increases
its mobility around a targeted node. Such an attack will
affect the rate of link change parameter, so that the detection
threshold remains low, thus making it possible for the
malicious node not to be detected for longer time.
7.3 Simulation results and analysis
We now discuss the results of the comparison between the
ATT strategy and the STT strategy.
7.3.1 False positives
Figure 4a and b show the effect on false positives of the
ATT strategy and the STT strategy with increasing node
count and increasing node speed. Figure 4a shows that the
ATT strategy results in a lower number of false positives as
compared to the STT strategy for any node count. In fact,
each node in the network considers its local network condi-
tions while computing the trust threshold for malicious node
isolation, leading to more informed decisions. With increas-
ing values of the node count, the number of false positives
increases in the ATT strategy as it does in the STT strat-
egy, since a higher node count will result in a more strict
trust threshold for malicious node isolation. Figure 4bshows
how, independently from the speed, the ATT strategy results
in a lower number of false positives as compared to the STT
strategy, with the major improvements achieved at lower
speeds, when the lower rate of link changes allows a more
informed trust estimation about the neighbors as compared
to the static trust threshold.
7.3.2 Detection rate
Figure 4c and d show the impact on the detection rate,
with different node counts and speeds, of the ATT strategy,
and the comparison with the STT strategy. Figure 4cshows
that with a lower node count, the ATT strategy has almost
the same detection rate as compared to the STT strategy,
because a low node degree, being one of the main factors
in the ATT computation, keeps the adaptive trust threshold
lower. Therefore, the detection rate is initially very close to
that of the STT strategy. However, with increasing values
of the node count, the adaptive trust threshold increases as
0
1
2
3
4
5
6
7
10 20 30 40 50 60
False positives (%)
Number of nodes
STT-strategy
ATT-strategy
1
2
3
4
5
6
7
8
9
10
2 4 6 8 10
False positives (%)
Maximum node speed (m/sec)
STT-strategy
ATT-strategy
75
80
85
90
95
100
105
10 20 30 40 50 60
Detection rate (%)
Number of nodes
STT-strategy
ATT-strategy 75
80
85
90
95
100
105
2 4 6 8 10
Detection rate (%)
Maximum node speed (m/sec)
STT-strategy
ATT-strategy
(a) (b) (c) (d)
Fig. 4 Effect of node speed and node density on false positive and detection rate
Author's personal copy
Mobile Netw Appl
well, and malicious nodes are detected earlier, while the
STT strategy does not adapt according to network con-
ditions, resulting in a significantly lower detection rate.
Figure 4d shows the detection rate with increasing node
speed. As shown in the figure, at lower node speeds, the
ATT strategy has a much higher detection rate as compared
to the STT strategy since, at lower node speed, the rate of
link changes is low and keeps the trust threshold higher.
With increasing node speed, the detection rate of both
strategies decreases due to the more frequent changes in
neighborhood composition but the adaptive trust threshold
still outperforms the STT strategy.
7.3.3 Packet delivery ratio (PDR)
Figure 5a, b, and c show the PDR of the ATT strategy and
STT strategy, when varying node count, node speed, and
network area size.
As shown in Fig. 5a, initially the ATT strategy has almost
the same PDR as that of the STT strategy. The reason is
that, with a lower values of the node count, the source node
has less alternatives available in the neighborhood, so a
lower trust threshold is adopted. However, with increasing
values of the node count, the PDR of the ATT strategy is
significantly better than that of the STT strategy. In fact,
with increasing values in the node count, the source node
has more alternatives in the routing path, and malicious
nodes are removed from the path at higher trust threshold.
Similarly, Fig. 5b shows the PDR for increasing values of
the node speed. With lower values of the node speed, the
ATT strategy performs better than the STT strategy, since
a lower rate of link changes will result in a stricter adap-
tive trust threshold. Thus, malicious nodes are isolated very
early from the path to avoid higher error rates and keep the
PDR high. However, with a higher mobility, the rate of link
change is high and the adaptive trust threshold is kept lower,
resulting in a lower PDR for the ATT strategy, which is still
higher than the PDR of the STT strategy.
Figure 5c shows the PDR for increasing values of the
network area size, while fixing node count and speed. At
smaller network areas, the PDR of the ATT strategy is
higher than that of the STT strategy. The reason is that with
smaller network area sizes, the node degree is higher and a
higher trust threshold is computed. Conversely, as the net-
work area size increases, the node degree decreases, and the
ATT strategy has a lower PDR, almost equal to the ratio of
the STT strategy, because of the lower trust threshold for
malicious node isolation.
7.3.4 Average end-to-end delay
Figure 6a shows the average end-to-end delay of the ATT
strategy for increasing values of the node count in compar-
ison with the STT strategy. The results show that the ATT
strategy has a slightly higher end-to-end delay, since to guar-
antee a higher PDR, it may have data packets follow a longer
path to avoid malicious nodes.
7.3.5 Packet loss and energy consumption
Figure 6b shows the packet loss rate for varying node speed.
As show in figure, the packet loss rate is lower in case of the
ATT strategy as compared to the STT strategy. The reason
is that, under the ATT strategy, true malicious nodes are iso-
lated at the right time and hence more informed decisions
are taken that reduce packet losses. In contrast, under the
STT strategy, malicious nodes have more opportunities to
drop the packets. Similarly, Fig. 6c shows the energy con-
sumption for varying node speed for both the ATT strategy
and the STT strategy, respectively. The results confirm that
energy consumption is slightly higher for the ATT strategy.
The reason is that in the ATT strategy, each node computes
the adaptive trust threshold for all its neighbors periodically
which increases the energy consumption at these nodes as
compared to the STT strategy where nodes are not required
to compute the trust threshold.
50
55
60
65
70
75
80
10 20 30 40 50 60
Packet delivery ratio (%)
Number of nodes
ATT-strategy
STT-strategy 55
60
65
70
75
80
85
2 4 6 8 10
Packet delivery ratio (%)
Maximum node speed (m/sec)
ATT-strategy
STT-strategy 25
30
35
40
45
50
55
60
65
70
75
80
500 1000 1500 2000
Packet delivery ratio (%)
Maximum area size (m2)
ATT-strategy
STT-strategy
(a) (b) (c)
Fig. 5 Effect on PDR
Author's personal copy
Mobile Netw Appl
5
10
15
20
25
30
35
40
45
50
55
60
10 20 30 40 50 60
Average end-to-end delay (ms)
Number of nodes
ATT-strategy
STT-strategy
20
22
24
26
28
30
32
34
36
2 4 6 8 10
Packet loss rate (%)
Maximum node speed (m/sec)
ATT-strategy
STT-strategy
21
22
23
24
25
26
27
2 4 6 8 10
Energy consumption (%)
Maximum node speed (m/sec)
ATT-strategy
STT-strategy
(a) (b) (c)
Fig. 6 Effect on average end-to-end delay, packet loss, and energy consumption
To summarize the packet loss and energy consumption
analysis, the ATT strategy has lower packet loss ratio,
about 4–6%, at the cost of 1-2% extra energy consump-
tion as compared to the STT strategy. As the results show,
our ATT strategy outperforms the STT strategy on all the
performance metrics.
7.4 Security against colluding attackers
In a collusion attack, two or more attackers collaborate with
each others to disrupt the computation of adaptive trust
threshold in the ATT strategy. The collusion attack model
that we are considering in this paper works as follows. Let
Node Sbe the target of the attack, and let nodes A1and
A2be the colluding attackers. Node A1drops data pack-
ets while in the forwarding path of node S, while node A2
moves back and forth in the neighborhood of the target node
Sto affect the rate of link changes. This collusion aims at
having the ATT strategy compute a lower threshold for the
misbehaving node A1, giving it more opportunities to drop
packets.
In this section, we carry out experiments to show that,
while the rate of link changes parameter may be affected
by this colluding behavior, the ATT strategy continues to be
effective because of the other parameters that it takes into
account. For example, in the collusion scenario discussed
in the previous paragraph, the 2-hop connectivity and node
degree will also be affected, and will compensate the impact
of the rate of link changes.
To analyze the effectiveness of the ATT strategy against
colluding attackers, we compare the performances of the
ATT strategy under three different scenarios: (i) individual
attacking nodes without collusion denoted as “Without-CA-
All” in the graphs, and used as baseline curve; (ii) with
colluding attackers, using only the rate of link changes
for the ATT computation (denoted as “With-CA-LC” in
the graphs), and (iii) with colluding attackers, using all
the ATT parameters to compute the threshold (denoted
as “With-CA-ALL” in the graphs). Moreover, the num-
ber of colluding attackers is set to vary from 5% up to
40% of the total number of nodes in all the simulation
scenarios.
It is worth-mentioning here that the purpose of this anal-
ysis is not to detect which nodes are the colluding attacker
that moves to alter the network parameters, but to show
how well the ATT strategy withstands against the colluding
attackers by detecting the nodes that are actively dropping
packets. Therefore, the detection rate shown in the results
indicates the number of detected malicious nodes that drop
packets.
We carry out the experiments under two different net-
work configurations, one with controlled mobility deploy-
ment and the other with random mobility deployment. In
the controlled mobility deployment, the underlying network
protocol controls the mobility of certain nodes to evaluate
the performance of the network with respect to a specific
objective [44]. This controlled scenario allows us to pre-
cisely repeat experiments and evaluate metrics such as the
detection rate against a known baseline. In the random
mobility deployment, each node is free to move randomly
in the space. This random scenario, instead, aims at show-
ing the robustness of the ATT strategy under unforeseen
topologies, events, and traffic patterns.
7.4.1 Controlled network deployment
In this set of simulation experiments, we include a total of
20 nodes, using two different pairs of colluding attackers in
different parts of the network. Figure 7a shows the number
of nodes detected as misbehaving node at different simu-
lation time instances. Using only the rate of link changes
as ATT parameter, we can see that the colluding attack-
ers succeed in eluding detection, and significantly degrade
the performances of the trust-based scheme. Conversely,
the detection using all the ATT parameters is comparable
both with and without colluding attackers, showing how the
Author's personal copy
Mobile Netw Appl
0
1
2
3
4
5
100 200 300 400 500 600 700 800 900 1000
No. of nodes detected
Simulation time (sec)
Without-CA-All
With-CA-All
With-CA-LC
0.1
0.15
0.2
0.25
0.3
0.35
0.4
0.45
0.5
100 200 300 400 500 600 700 800 900 1000
ATT values
Simulation time (sec)
Without-CA-All
With-CA-All
With-CA-LC
Number of Colluding Attackers (%)
No-mal 0 5 10 15 20 25 30 40
Packet Loss Rate (%)
4
5
6
7
8
9
10
11
12
13
14
15
Number of Colluding Attackers (%)
0 5 10 15 20 25 30 40
Detection rate(%)
40
50
60
70
80
90
100
100
200
300
400
500
600
700
800
2 4 6 8 10
First node detection time (sec)
Node speed (m/sec)
Without-CA-All
With-CA-All
With-CA-LC
(a)
(d) (e)
(b) (c)
Fig. 7 Effectiveness of the ATT strategy against collusion attacks
other factors well compensate for the parameters that are
tampered with by the attackers.
Similarly, Fig. 7b shows the ATT values computed over
time by the source node for the forwarding node in the three
scenarios. The values computed without colluding attackers
and with colluding attackers using all the ATT parameters
are very similar (the maximum difference amounts to 0.06
points), while the colluding attack has a significant effect on
the ATT value when only using the rate of link changes for
the computation, also leading to higher fluctuations. This
result further confirms that using all the ATT parameters
for the computation of the threshold effectively withstands
against collusion attacks.
To further analyze the effect of increasing numbers of
colluding attackers on the ATT strategy, we perform the
simulations under the following settings. We deployed a
network of 50 nodes under the controlled deployment. We
keep the number of source-destination pair equal to one.
The mobility of nodes varies in the range of 1–4 m/sec. The
colluding attackers have the same mobility characteristics
of the source node, except that, during the pause time, the
colluding attackers move in and out of the neighborhood
with a speed of 4–6 m/sec, to affect the rate of link change
parameter of the ATT strategy. Moreover, as shown in the
Fig. 3c, the average node degree is 16 under the 50-nodes
network. We vary the percentage of colluding attackers in
the neighborhood of the source node according to the afore-
mentioned average node degree. We run the simulation for
1000 seconds.
Figure 7c shows the effect of increasing numbers of col-
luding attackers on packet loss. The first bar in the graph
labeled with “no-mal”, shows the baseline for the packet
loss rate when there is no malicious node in the network.
As shown in the figure, we observe that the ATT strategy
maintains a constant packet loss rate up until 30% of the
nodes in the network are colluding attackers. After that,
percentage of attackers having almost half of the neighbor-
hoods of the source nodes consisting of colluding attackers,
the ATT strategy is expectedly overwhelmed by the number
of nodes attempting to alter network parameters, causing it
to miss some detection and therefore resulting in a higher
packet loss rate. We note, though, that such a high percent-
age of attackers would result in a disruption of the network
communication so severe that it would be evident to all the
involved parties.
We also evaluated the detection rate under increasing
colluding attackers count. Figure 7d shows our results.
We observe that the ATT strategy achieves a consistent
Author's personal copy
Mobile Netw Appl
98−100% detection rate up to 30% colluding attacker
nodes. After that, the concentration of attackers is too high
for accurate detection, but as discussed, such a severe attack
would already be detectable by the intense degradation in
network performance.
7.4.2 Random network deployment
In this set of simulation experiments, 50 nodes are deployed
with random mobility patterns, while keeping the number
of colluding attackers fixed at 20% of the nodes (half drop-
ping packets, half moving in and out of the neighborhood,
as in the previously discussed attacker model). Figure 7d
shows the effect of the node speed on how soon the first
misbehaving node is detected (i.e., the earliest an attacker
is correctly detected). While only considering the rate of
link changes leads to a slow detection, using all the ATT
parameters leads to quick detection as in the baseline with
no collusion attacks. It can be inferred from the figure that
colluding attackers have a very minor effect on the ATT
strategy.
7.5 Trust threshold convergence at neighbor nodes
In order to show the robustness of our algorithm, we want
to evaluate the similarity of the ATT values computed inde-
pendently from different nodes for a same suspect node.
More formally, the trust threshold convergence refers to how
close to each other the computed ATT values are for a given
node Aby all its neighbor nodes. The trust threshold con-
vergence is measured in terms of variance (ϕ), indicating
how far each the computed ATT value is from the mean
value at different nodes, for the same neighbor node, under
the same network conditions. The trust threshold variance is
computed according the following formula:
ϕ2=(ξ −υ)2
#of n e i g h b o r s
where ξis the trust threshold computed at each node, and υ
is the mean value computed over the computed ATT values.
A variance value of zero or close to zero indicates that the
algorithm is effective in terms of convergence.
In this section, we simulate the ATT strategy under two
different network settings, one with controlled mobility
deployment and other with random mobility deployment.
7.5.1 Controlled network deployment
In these simulation experiments, we analyze the ATT strat-
egy in terms of trust threshold convergence using pattern-
based mobility scenario. We simulate the ATT strategy with
some fixed parameters and focus on a specific region of the
network to better analyze the trust threshold convergence.
We implement the scenario presented in the Fig. 1aandc.In
Fig. 1a, we assume that node Ois malicious and is the only
node that connects region 1 to region 2 initially. As shown in
Fig. 8a, the initial trust threshold computed at all the neigh-
bor nodes of O,i.e.A, F, I ,andMhas a lower value, about
0.47. Then, at time t =210 sec, node Nmoves in the 1-
hop neighborhood of Region 1, providing an alternate path
to Region 2, as shown in Fig. 1c. As shown in Fig. 8a, the
ATT value raises up to 0.7, with a variance of 0.05 across
all the neighbor nodes of O. We therefore evaluated that the
ATT values computed by the neighbor nodes converges to
almost same ATT value with a negligible variance.
7.5.2 Random network deployment
In these simulation experiments, we analyze the conver-
gence of the ATT strategy with random node deployment
and random mobility. For this purpose, we simulate the ATT
strategy with 50 nodes, 10% of which are malicious. Read-
ings for the trust threshold variance are taken at different
time units computed by different neighbors for a same mali-
cious node. We average all the ATT values in the malicious
node neighborhood. A specific number of nodes are con-
sidered to track the trust threshold computation at those
nodes. Figure 8b, c and d show the trust threshold computed
for malicious nodes 1, 10, and 43 by their neighbor nodes.
The ATT values at all the neighbors converge to almost the
same value, with a negligible maximum difference of 0.02.
Moreover, Fig. 8e reports the results of the ATT strategy in
terms of variance in the trust threshold computed at different
neighbors for the particular malicious nodes, for increasing
node speeds. With a speed of 0 m/sec (i.e., when there is
no mobility), there is a 0 value variance in the trust thresh-
old, therefore achieving perfect convergence. In this case,
the network tends to be static, hence obtaining a perfect esti-
mation of the ATT at all the neighbor nodes. Moreover, the
figure shows that the variance in the ATT values increases
linearly with speed, as the network topology changes more
quickly, causing different neighbor nodes to experience dif-
ferent network conditions. Even in this case, however, the
highest variance is not greater than 0.1.
8 Security analysis
In this section, a detailed security analysis of the ATT
strategy against several security threats is presented. We dis-
cuss how the proposed scheme withstands against possible
attackers.
Stand-alone attackers The proposed ATT strategy is
effective against stand-alone attackers. For example, if a
Author's personal copy
Mobile Netw Appl
Time (sec)
30 90 150 210
ATT values
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
Node A
Node F
Node I
Node M
Node ID
3 8 16 27 28 33
ATT values
0.77
0.775
0.78
0.785
0.79
0.795
0.8
0.805
0.81
MIN
MAX
Node ID
0 10 18 20 22 24 30 33 36 41 48
ATT values
0.7
0.72
0.74
0.76
0.78
0.8
0.82
0.84
MAX
MIN
Node ID
0 18 20 22 30 41 47 48
ATT values
0.7
0.72
0.74
0.76
0.78
0.8
0.82
MIN
MAX
Maximum Node Speed (m/sec)
0 2 4 6 8 10
ATT values variance
0
0.02
0.04
0.06
0.08
0.1
0.12
(a)
(d) (e)
(b) (c)
Fig. 8 Per node analysis of trust threshold convergence
node is trying to affect one of the parameters, such as the
rate of link changes by moving back and forth in the evalu-
ating node’s neighborhood, such a node will not be selected
as forwarding node. So, a stand-alone attacker can misbe-
have either by dropping the data packets or by affecting one
of the parameters used in the ATT computation, but in both
cases our ATT strategy will withstand against it.
Colluding attackers Through the extensive experimental
results we presented in Section 7.4, we show that the
ATT strategy is robust even in face of colluding attack-
ers, that collaborate with the end goal of circumventing the
security scheme. The results show that the ATT strategy
withstands against a number of colluding attackers up to
30% of the total nodes in the neighborhood of the source
node. As already discussed, a percentage of attackers higher
than that would anyway result in such a sever disruption
of communications that the involved parties would easily
notice.
Elusive attackers A smart malicious node can adapt its
misbehavior strategy according to the pre-defined trust
threshold to remain below the misbehavior node detection
threshold [10–12]. Our proposed scheme provides security
against such misbehavior tactic, as the trust threshold is not
pre-defined at the start-up of the network. Therefore, smart
attackers are not able to adapt their misbehavior frequency
to remain under that threshold and therefore go undetected.
Bad-mouthing and false praise attacks The proposed
ATT strategy protects against bad-mouthing and false praise
attacks. In these attacks, wrong information is provided
by the attacker nodes to the evaluating node in form of
second-hand information. Our ATT strategy does not need
any information sharing to compute the trust threshold of
other nodes in the network. Each node individually, and in
distributed manner, based on its own gathered information,
computes the adaptive trust threshold, so there is no chance
of bad-mouthing and false praising attack.
9 Conclusion and future work
We presented a strategy to adapt the trust threshold for
misbehaving nodes detection and isolation in MANETs by
taking into account all the local network condition. We
analyzed reasons why a static trust threshold does not per-
form well and discussed in details the different network
conditions that can affect the computation of an optimal
trust threshold, and proposed a trust computation model and
an algorithm implementing this model. Simulation results
show the effectiveness of our strategy in comparison to the
Author's personal copy
Mobile Netw Appl
use of a static trust threshold strategy, in terms of false
positives, detection rate, packet delivery ratio, and average
end-to-end delay under different network parameters. Our
strategy outperforms the static trust threshold strategy with
respect to all the metrics, and enhances the performances
of routing protocols for MANETs. Moreover, we evaluated
the effectiveness of the proposed ATT strategy against col-
luding attackers. The results confirmed that the proposed
strategy withstands against the colluding attackers.
In the future, we plan to detect not only the attackers
actively dropping traffic, but also the colluding attackers
that trying to affect the functionality of the ATT strategy,
for example, considering their mobility pattern anomalies
before including them in the computations for the network
parameters.
Acknowledgment The work reported in this paper has been partially
supported by Higher Education Commission (HEC), Pakistan, and by
Purdue Cyber Center and the National Science Foundation under grant
CNS-1111512.
References
1. Marti S, Giuli TJ, Lai K, Baker M (2000) Mitigating routing mis-
behavior in MANETs. In: Proceedings of the 6th annual ACM
international conference on mobile computing and networking
2. Buchegger S, Le Boudec J (2002) Performance analysis of the
confidant protocol. In: Proceedings of the 3rd ACM international
conference on mobile ad hoc networking & computing
3. Balakrishnan K, Deng J, Varshney PK (2005) Twoack: prevent-
ing selfishness in mobile ad hoc networks. In: IEEE wireless
communication and networking conference
4. Shakshuki EM, Kang N, Sheltami TR (2013) EAACK-a secure
intrusion-detection system for manets. IEEE Trans Ind Electron
5. Zahariadis T, Trakadas P, Leligou HC, Maniatis S, Karkazis
P (2013) A novel trust-aware geographical routing scheme for
wireless sensor networks. Wirel Pers Commun 69(2):805—826
6. Zhan G, Shi W, Deng J (2012) Design and implementation of
tarf: a trust-aware routing framework for WSNs. IEEE Trans
Dependable Secure Comput 9(2):184—197
7. Reddy YB, Selmic RR (2011) A trust-based approach for secure
packet transfer in wireless sensor networks. Int J Adv Secur 4(3)
8. Ahmed A, Bakar KA, Channa MI, Haseeb K, Khan AW (2015) A
survey on trust based detection and isolation of malicious nodes in
ad-hoc and sensor networks. Front Comput Sci 9(2):280—296
9. Wenjia L, Joshi A, Finin T (2010) Coping with node misbehav-
iors in ad hoc networks: a multi-dimensional trust management
approach. In: Proceedings of the 11th international conference on
mobile data management (MDM), pp 85—94
10. Patwardhan A, Parker J, Joshi A, Iorga M, Karygiannis T (2005)
Secure routing and intrusion detection in ad hoc networks. In:
3rd IEEE international conference on pervasive computing and
communications (PerCom2005), pp 191—199
11. Li W, Parker J, Joshi A (2012) Security through collaboration and
trust in MANETs. Mob Netw Appl J
12. Li W, Joshi A (2009) Outlier detection in ad hoc networks
using dempster-shafer theory. In: 10th international conference
on mobile data management: systems, services and middleware
(MDM’09), pp 112—121
13. Shabut A, Dahal K, Bista S, Awan I (2015) Recommendation
based trust model with an effective defence scheme for MANETs.
IEEE Trans Mob Comput
14. Boukerch A, Xu L, El-Khatib K (2007) Trust-based security for
wireless ad hoc and sensor networks. Computer Communications
15. Sarvanko H, H¨
oyhty¨
a M, Katz M, Fitzek F (2010) Distributed
resources in wireless networks: discovery and cooperative uses.
In: ERCIM workshop on mobility
16. Ayachi MA, Bidan C, Abbes T, Bouhoula A (2009) Misbehavior
detection using implicit trust relations in the aodv routing protocol.
In: IEEE international conference on computational science and
engineering (CSE)
17. Ren Y, Boukerche A (2008) Modeling and managing the trust
for wireless and mobile ad hoc networks. In: IEEE international
conference on communications
18. Theodorakopoulos G, Baras JS (2004) Trust evaluation in ad-
hoc networks. In: Proceedings of 3rd ACM workshop on wireless
security
19. Lenzini G, Bargh MS, Hulsebosch B (2008) Trust-enhanced secu-
rity in location-based adaptive authentication. Electron Notes
Theor Comput Sci
20. Probst MJ, Kasera SK (2007) Statistical trust establishment in
wireless sensor networks. In: IEEE international conference on
parallel and distributed systems
21. Zouridaki C, Mark BL, Hejmo M, Thomas RK (2006) Robust
cooperative trust establishment for MANETs. In: Proceedings of
4th ACM workshop on security of ad hoc and sensor networks
22. McCoy D, Sicker D, Grunwald D (2007) A mechanism for detect-
ing and responding to misbehaving nodes in wireless networks. In
4th IEEE international conference on sensing, communication and
networking (SECON)
23. Beth T, Borcherding M, Klein B (1994) Evaluation of trust in open
networks
24. Kamvar SD, Schlosser MT, Garcia-Molina H (2003) Eigenrep:
reputation management in peer-to-peer networks. In: Proceedings
of 12th international WWW conference, Hungary
25. Fathy C, El-Hadidi MT, El-Nasr MA (2011) Fuzzy-based adaptive
cross layer routing protocol for MANETs. In: 30th IEEE Interna-
tional Performance Computing and Communications Conference
(IPCCC)
26. Khalid O et al (2013) Comparative study of trust and reputation
systems for wireless sensor networks. Security Commun Netw
27. Parker J, Undercoffer J, Pinkston J, Joshi A (2004) On intru-
sion detection and response for mobile ad hoc networks. In:
IEEE international conference on performance, computing, and
communications
28. Sheltami A, Basabaa A, Shakshuki E (2014) A3ACKs: adaptive
three acknowledgments intrusion detection system for MANETs.
Journal of Ambient Intelligence and Humanized Computing,
pp 1–10
29. Zhang D, Yeo CK (2011) Distributed court system for intrusion
detection in MANETs. Comput Secur
30. Aravindh S, Vinoth RS, Vijayan R (2013) A trust based approach
for detection and isolation of malicious nodes in MANETs. Int J
Eng Technol
31. Li W, Joshi A, Finin T (2010) Smart: an svm-based misbehavior
detection and trust management framework for mobile ad hoc net-
works. In: Military communications coference (MILCOM 20Il),
pp 1102—1107
32. Li W, Joshi A, Finin T (2011) Sat: an svm-based automated
trust management system for mobile ad-hoc networks. In: IEEE
MILCOM conference, pp 1102–1107
Author's personal copy
Mobile Netw Appl
33. Li W, Joshi A, Finin T (2013) Cast: context-aware security and
trust framework for mobile ad-hoc networks using policies. Distrib
Parallel Databases 31(2):353–376
34. Khan MS, Midi D, Khan MI, Bertino E (2015) Adaptive trust
threshold strategy for misbehaving node detection and isolation.
In: Trustcom/BigDataSE/ISPA, vol 1, pp 718—725
35. Paillassa B, Yawut C, Dhaou R (2011) Network awareness and
dynamic routing: the ad hoc network case. Comput Netw
36. Qin L, Kunz T (2006) Mobility metrics to enable adaptive rout-
ing in MANET. In: IEEE international conference on wireless and
mobile computing, networking and communications (WiMob)
37. Yawut C, Paillassa B, Dhaou R (2008) Mobility metrics evaluation
for self-adaptive protocols. J Networks
38. Clausen T et al (2006) The optimized link routing protocol version
2, draft-ietf-manetolsrv2-00
39. Samar P, Wicker SB (2004) On the behavior of communica-
tion links of a node in a multi-hop mobile environment. In:
Proceedings of 5th ACM international symposium on mobile ad
hoc networking and computing
40. Rasheed A, Ajmal S, Qayyum A (2014) Protocol independent
adaptive route update for VANETs. Sci World J
41. Sultana S, Gabriel G, Bertino E, Shehab M (2012) A
lightweight secure provenance scheme for wireless sensor net-
works. International Conference on Parallel and Distributed
Systems
42. Peter W (2003) The vint project, the network simulator - ns-2
43. Broch J, Maltz DA, Johnson DB, Hu YC, Jetcheva J (1998) A
performance comparison of multi-hop wireless ad hoc network
routing protocols. In: Proceedings of the 4th annual ACM/IEEE
international conference on mobile computing and networking, pp
85–97
44. Venkateswaran A, Sarangan V, La Porta TF, Acharya R (2009) A
mobility-prediction-based relay deployment framework for con-
serving power in MANETs. IEEE Trans Mob Comput
Author's personal copy
- A preview of this full-text is provided by Springer Nature.
- Learn more
Preview content only
Content available from Mobile Networks and Applications
This content is subject to copyright. Terms and conditions apply.
