Delay Tolerant Network (DTN) is developed to cope with intermittent connectivity and long delay in wireless networks. Due to the limited connectivity, DTN is vulnerable to blackhole and greyhole attacks in which malicious nodes drop all or part of the received packets intentionally. Although existing proposals could detect the attack launched by individuals, they fail to tackle malicious nodes cooperating to cheat the defense system. In this paper, we suggest a scheme to address both individual and collusion attacks. Nodes are required to exchange records of previous encounters and evaluate others based on their messages forwarding ratios. Malicious nodes might avoid being detected by colluding to hide misbehaving forwarding ratio metrics. To persistently drop packets and promote the metrics at the same time, attackers need to create forged encounter records at high frequency and with high number of sent messages. This leads to abnormal patterns of fake encounters in contrast with authentic ones and provides a symptom for collusion detection. Extensive simulation shows that our solution can work with various dropping probabilities and different number of attackers per collusion at high accuracy and low false positive.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.