Content uploaded by Agria Rhamdhan
Author content
All content in this area was uploaded by Agria Rhamdhan on May 25, 2022
Content may be subject to copyright.
A Survey of Defense Mechanisms Against Sybil Attacks
on IoT with Wireless Ad-hoc Networks
Agria Rhamdhan*1, Fadhil Hidayat2
1,2School of Electrical Engineering and Informatics,
1,2Bandung Institute of Technology, Bandung, Indonesia
*Corresponding author, email: agria.rhamdhan@students.itb.ac.id1, fadhil@stei.itb.ac.id2
Abstract
Integrating IoT with Wireless Ad-hoc Network (WANET) capabilities can solve several problems.
However, because they both rely on identity nodes to communicate with each other, they are both
vulnerable to Sybil Attack. Sybil attackers illegally change into several different identities to carry out
various malicious activities such as damaging data aggregation, voting, and disrupting routing. Several
defense mechanisms have been proposed for Sybil attacks on WANET, which are mostly based on
cryptography, location/position, network behavior, resource testing, and trust. However, the drawbacks are
that not all mechanisms are suitable for use in networks with limited resources. In this paper, we present a
survey, classification, and comparison of various defense mechanisms that have been proposed for non-
IoT WANETs. We emphasize the issue of how the advantages and disadvantages of this defense
mechanism when applied to the IoT infrastructure and how each method can effectively recognize
properties of a Sybil attack. The purpose of this paper is to promote research so that it can resolve several
issues for later consideration in the design of Sybil's next defense mechanism.
Keywords: Sybil Attack, Wireless Ad-hoc Network, Internet of Thing
Copyright © 2020 Universitas Ahmad Dahlan. All rights reserved
1. Introduction
Internet of Thing Internet of Things (IoT) is technology where devices get a particular
identity to be able to connect and communicate with one another through internet networks
without human-to-human or human-to-machine interactions. A collection of IoT devices
connected by a network is called IoT infrastructure. It is group into four layers, i.e., sensors and
actuators, internet gateway and data acquisition system, edge handler, and data center.
Sensors and actuators are used to collect data from the environment or physically observed
objects. Units of sensors and actuator are what we called nodes. Each node can communicate
with each other using specific protocols to produce this useful set of data. Analog data from
sensors and actuators are converted into a digital form by data acquisition devices, which is
then forwarded by the internet gateway to Edge handler layer. Edge handler function is to
prevent data from the edge to consume data center bandwidth. It also can process raw data into
data that is ready to be processed. The last layer is Data Center and Cloud, at this layer, data is
processed and analyzed in-depth for later use by its users.
In contrast to the current paradigm on the Internet, which bases on human-to-human
relations, Gutiérrez[1] mention IoT to have a paradigm as the future internet, every physical or
virtual object that can be identified with unique identifiers will be considered to be
interconnected[2]. So keeping this in mind, although IoT uses distributed networks in nature, IoT
has driven combinations with other technologies, such as short-range communication, real-time
localization, embedded sensors and ad-hoc networks as a way to turn everyday things into
smart things. Combining IoT with an ad-hoc network provides benefits because of the ad hoc
properties as self-organized networks, they are built spontaneously by several connected
devices. The nodes together form a unicast or multicast communication as a flow of messages,
rather than relying on a router or base station, so they are suitable for implementation where the
deployment of new fixed infrastructure is not feasible.
In addition, when the mobility characteristic is calculated, making it a Wireless Ad-hoc
Network. Wireless Ad-hoc Network itself represents a new communication paradigm where
decentralized wireless nodes communicate with each other in collaborative ways to achieve
common goals[1]. Wireless ad-hoc networks. So considering the many capabilities owned by
Wireless Ad-hoc Network, it would be highly beneficial to IoT, this will also be suitable for
implementations that require mobility.
On the other hand, there is something to be considered in the integration of these two
technologies. As both depends on the node that communicates using particular identities, both
are still facing common security problems. It is vulnerable to Sybil attack, Sybil attack defined
as an intrusion where malicious devices get or change into several different identities illegally.
Based on its characteristics, Sybil attack is grouped into the identity-based attack, which both
attacks compromised system using false identities. This type of attack disguises themselves as
legitimate devices, and it is done by attacker camouflage its intrusion packet data similar to
regular data packets. The security system would find it difficult to distinguish between the two
types of data packages. For detecting this kind of attack, a lot of traditional countermeasures is
proposed. However, adopting traditional security countermeasure cannot effectively be used in
IoT due to its source limitation.
Along with the many studies regarding the method of securing Sybil attacks on the
Wireless Ad-Hoc Network, the question that arises is related to what methods are used in the
IoT defense mechanism and what is the drawback. Similar questions have been investigated by
[3–5] with both focusing on non-IoT infrastructure. In this paper, Researches related to machine
learning on IoT security are collected from various sources and then reviewed using the
Systematic Literature Review method[6]. The main focus would be the compatibility current
Sybil defense mechanism in Wireless Ad-hoc Networks, considering its integration in IoT
infrastructure that has limitation in the resource.
So the aim of this paper is to present a survey of security mechanism that has been
proposed for Wireless Ad-Hoc Network to get the results of the analysis of which methods are
suitable and what needs to be taken into account in the implementation of security mechanisms
in IoT, we classify each paper then analyze advantages and limitation to analyze which methods
suitable to be implemented in the Wireless Ad-hoc Networks application in IoT. We also will be
presented several issues that arise from the weakness that has been reviewed.
In this paper, will be presented in several sections, Chapter II will explain the properties
of the Sybil Attack. The review of Sybil defense mechanism and each limitation will be
discussed in Part III. The discussion will be presented in Chapter IV, then we conclude with a
conclusion in Chapter V.
2. Sybil Attack Properties
Sybil attack is defined as an intrusion where malicious devices get or change into
several different identities illegally. Newsome [5] convey the impact of the Sybil attack on
several protocols, including
- Distributed storage: when there are nodes that cannot provide services, then it will share its
data to neighboring nodes. If this neighbor is a Sybil node, then the data can be obtained.
- Routing: especially a network that has a sink, when the Sybil point has gained control of the
sink node, in addition to the Sybil node getting all data passed on the network, many other
attacks can be carried out.
- Data aggregation: if the Sybil node mediates data packets, then it can manipulate the data.
- Voting: by increasing the number of nodes, Sybil nodes can influence the results of the
ballot, or as a majority of Sybil points can accuse legitimate nodes of being evil.
- Fair allocation of resources: the Sybil node can disrupt the system by unauthorized
activating/deactivating the node.
So as to avoid these impacts, defense mechanisms that can accurately detect Sybil
attacks are needed. To be able to design these defense mechanisms, knowledge is required to
recognize behavior and predict the possible actions of the Sybil attacker. Mishra [7] classifies
Sybil attacks based on nature and tasks carried out during this attack into three phases, namely
the compromise, deployment, and launch phases.
2.1. Compromised Phase
The attacker tries to get a group of nodes that can be controlled by the attacker. There
are two characteristics of Sybil attack at this stage, according to the way the attacker gets a
node to be able to enter the network, namely by making stolen / compromise and by doing
Fabrication. This phase ends when the attacker receives a group of compromised nodes that
are connected in the destination network.
1) Fabrication: characteristics of Sybil attacks with Fabrication are usually carried out when
there is the possibility of the attacker to create a new identity in accordance with network
requirements. For example, if the network only gives an ID in the form of a number of -bits,
the Sybil attacker can create a new random identity randomly within a valid range ( to )
so that it is recognized as a legitimate node.
2) Stolen / Compromised: if a fabrication attack cannot be carried out, then what the attacker
can do is to steal the identity of a valid node. If one of the nodes or a group of valid nodes in
the network can be taken over, the attacker can use this node directly, or by taking its
identity then temporarily interferes with the legitimate node or destroys it permanently.
2.2. Deployment Phase
Sybil attackers will try to spread the nodes that are taken over by gathering network-
related information. The most crucial thing in this phase is that the attacker will determine the
placement of compromised nodes in strategic locations and allow for success in the launch
phase. Sybil nodes can be moved at specific areas to be able to attack simultaneously, or
individual nodes can be endeavored to take on the role of cluster heads.
There are two characteristics of Sybil at this stage, according to the capabilities of the
Sybil attacker, namely by spreading randomly and selectively.
1) Random Deployment: the attacker chooses a location to use Sybil randomly.
2) Selective Deployment: the attacker selectively chooses the set of Sybil nodes it has, then
deploying the group at one central location so it can dominate that location, or the attacker
can spread Sybil nodes to various places on the network to avoid behavior-based detection.
2.3. Launching Phase
There are several forms of Sybil attacks in carrying out attacks. This is adjusted to the
objectives to be achieved by the attack, whether to disrupt the system, do the DoS, or other
purposes. Forms of attack that are launched are also usually intended to avoid detection
systems. The attack can be carried out directly, i.e., the Sybil node communicates directly with
the valid node, or indirectly, i.e., the attack is carried out by communication through one of the
Sybil nodes.
Indirect Communication in this attack version, there is no node that can communicate
directly with Sybil. Instead, one or more malicious devices are claimed to have reached Sybil's
point. Messages sent to the Sybil node are routed through one of these dangerous
intersections, which pretends the message is returned to the Sybil node.
1) Simultaneous, Attackers deploy a group or all Sybil nodes simultaneously. This group can
directly connect with the network or participate through other Sybil points.
2) Non-Simultaneous, Attackers do not attack simultaneously; for example, the attacker can
choose attacks alternately according to a specific time lag. Usually, this is done to avoid
specific detection.
3) Conspiracy Sybil, Sybil attacks that conspire to do by attacking the Sybil Node network will
freely control nodes that are compromised by other points as accomplices to attack directly
or by using these nodes to give new identities to other Sybil nodes. The Sybil conspiracy
attack in Vehicle Ad-hoc Network (VANET) was first introduced in [8] where the attacker
could pretend to be a conspiracy node to send malicious messages to other nodes nearby.
3. Sybil Detection In Wireless Ad-Hoc Network
The defense mechanism of Sybil by considering the characteristics of Sybil that has
been mentioned is vital to improve detection accuracy. We have reviewed several defense
mechanisms from Sybil attacks on Wireless Ad-Hoc Networks using the SLR method. In
general, the steps taken are planning, implementing, and documenting. The planning step
consists of identifying review needs, defining and taking specific research questions, developing
research protocols, and evaluating review protocols. In the second stage, the implementation of
research identification is carried out by conducting a pilot selection and extraction, followed by a
selection of the primary study quality assessment, data extraction, and data synthesis. The last
step taken is documentation, including drawing conclusions and considering threats.
The research question in this SLR is "what methods are used in defense mechanisms
against Sybil attacks" to get an overview of the development of forms of security against Sybil in
Wireless Ad-hoc Networks. The next step, for the search strategy, we use several digital
libraries with the search string '(SYBIL ATTACK) AND DETECTION AND ("WIRELESS AD-
HOC NETWORKS" OR "MOBILE AD-HOC NETWORKS" OR "VEHICLE AD-HOC
NETWORK")’. After going through some inclusion and exclusion criteria, 133 primary studies
were obtained. Then according to the research question, the primary study is grouped into a
taxonomy, as seen in Table 1. After getting a group of methods used in the defense mechanism
against Sybil attacks, a weakness analysis is carried out on each defense mechanism for its
application to IoT.
Table 1. Sybil Defense Mechanism in WANET Taxonomy
Method
Schemes
Reference
Cryptography Based
Authentication Based
Password Comparison
[9]
Zero-Knowledge Protocol
[10]
Fujisaki-Okamoto
[11]
GSM's SRES
[12]
Public Key Infrastructure
ID-based Signature
[13]
Certificate trust
[14–18]
Pseudo Certificate
[19]
Token-Based
[20]
Group Signature
[21]
Watermarking Based
[22]
Symmetric key Based
[23–28]
Location-Based
RSSI Based
Observer collection
[29–37]
Neighbour Collection
[38–53]
Time-based
ToA / TDoA
[54–57]
TDMA
[58]
Spider Monkey
[59]
Time Synchronization
[60–62]
Range free
[63–83]
Network Feature/ Behavior
Traffic and Mobility
[84,85]
Enter - Exit Behaviour
[86]
Attack Edge
[87]
Node relation (Graph)
[88,89]
Network/physical data
[90–94]
Data-Centric
[95,96]
Resource Test
Energy-Based
Power
[97–102]
Signal Strength
[103,104]
Physical Fingerprinting
Clock Skew
[105]
State Information
[106–109]
Speed info
[110]
Transient based
[111]
Radio Fingerprinting
[112,113]
MAC and MAP
[114]
Trust-Based
Centralized trust
Game-Based
[115]
Reputation Based
[116–120]
Bayes rule filter
[121]
Energy cost
[122–124]
Routing based
[125–128]
Ant colony
[129,130]
Physical trust
[131]
Decentralized trust (neighbor trust)
Position Based
[132–134]
Sequential Hypothesis testing
[135]
Message Exchange
[136–139]
Ultra-wideband ranging
[140]
Speed
[141]
3.1. Cryptographic Based
This method uses the cryptographic protocol often found mainly to prevent the
occurrence of Sybil attacks. Broadly speaking, this defense mechanism is performed by
authenticating nodes, using public key certificates to guarantee trust, using secret symmetric
keys to prevent other nodes from communicating with the network, and using watermarking to
ensure valid data.
1) Authentication: the schema working with each node must be able to prove that it is a valid
node through a series of message exchanges on the authentication protocol.
2) Public Key Infrastructure: a cryptographic system based on public keys is used to
improve security by allowing nodes to communicate in networks with trust values based on
certificates held. In this system, certificate-based techniques used in encryption and
authentication mechanisms. Centralized authority for certification is required.
3) Symmetric key: this scheme relies on encrypting and decrypting messages between nodes
using a symmetric encryption algorithm. This technique is used in the network to create
secure paths to communicate with each other by using a set of pre-agreed keys or using a
trusted third party to ensure the distribution of keys to all legitimate nodes in the network.
With this defense mechanism, the Sybil node will have difficulty getting the key so that it is
only possible to obtain a compromised node by stealing.
4) Watermarking: Watermarking techniques are used to be the solution to implementing
cryptography on devices with limited resources. The main idea is to embedding information
which allows an individual to add verification messages to communication data. So the
Sybil nodes cannot make an attack because it cannot change the watermark constraints.
In the application of IoT defense mechanisms using cryptography have disadvantages:
• Dependence on cryptographic hardware and software.
• Compatibility issue with network types and routing protocols on IoT.
• Scalability, in the addition of new nodes, may increase resource requirements
exponentially.
• High in memory, computing, and communication overhead that is not suitable for resource
constraints network.
• To ensure the network has safe keys and algorithms need high costs.
3.2. Location Verification Based
The location/position based method utilizes measurement parameters that can be
physically observed to estimate the location and position of the node to detect Sybil attacks.
This method is used with the assumption that there may not be different nodes that are in the
same location. So that if found, it will be concluded as a Sybil node. Another assumption is to
use position verification where a node equipped with a Global Positioning System (GPS) will
send its location to a valid node, and then the node will verify based on the estimated position of
the propagation model of the received signal. As stated in [103], this method can be grouped
into two categories, namely, range-based and ranged free methods.
1) Ranged based: the estimated position is calculated based on the physical indicator used to
determine the distance between the transmitter and receiver. This distance estimate is
usually based on the Received Signal Strength Indicator (RSSI), time-based methods such
as Time of Arrival (ToA) and Time Difference of Arrival (TDoA). This method is suitable for
IoT devices because it is low cost, where the distance between two entities is estimated
only based on the received signal strength and the indicators that the device has.
2) Range free method: has high accuracy in distance calculation. By utilizing data from GPS,
Radar, or location-based/localization scheme, this method can also be used as a support
for position estimation using ranged based.
In applying IoT, the location/position based defense method has disadvantages:
- Not suitable for use on mobile networks, the accuracy of approximate location decreases
due to rapid changes in network topology and changes in node position.
- The accuracy of the method depends on the environment — interference, multipath fading,
and shadowing lead to inaccurate location estimation[3].
- This method is not enough if implemented as a single mechanism[43]. It will be challenging
to detect nodes that can manipulate signal strength or decrypt conspiring nodes.
- With the increase in node density, it is possible when two or more honest nodes that have
adjacent positions will be identified as Sybil nodes.
- Possible privacy violations where identity is required to send position information so that the
route of movement of the nodes can be traced.
3.3. Network behavior-based
This method purely detects Sybil nodes based on their features and behavior in the
network. The detection method specifically detects features that allow accurate classification
between Sybil nodes and valid nodes. In applying IoT, network behavior-based defense method
has disadvantages including:
• Only identify Sybil nodes according to the context expected by the detection method, so that
Sybil nodes with specific knowledge can escape detection.
• It requires specialized hardware that has a large capacity to collect and analyze data.
3.4 Resource Testing
This method approach is made by testing the unique resources of the node, assuming
that each physical node has specific limited resources. A node will be challenged to provide
knowledge about specific resources (usually in the form of physical fingerprinting or based on
energy), then the verifier compares the resources used by an entity with the typical value or
threshold of the resources owned by that entity. Incompatibility indicates the possibility of an
attack.
1) Energy-based: the basic idea of energy-based testing is to verify assuming the node has a
predictable energy parameter, so that if a node is found to be incompatible with the existing
node in providing an answer, then the node is considered a malicious node
2) Physical fingerprinting: each device has unique characteristics. This characteristic is the
basis of verification to determine whether the point is valid or not.
In applying IoT, the resource testing defense method has disadvantages, including:
- Exponential increase for each node addition.
- Extensive power consumption due to the need to carry out testing at all times.
- Assuming a single channel, attackers who have more than one channel can manipulate the
results of resource testing.
- Valid nodes that have resource problems due to DoS or conditions such as power
blackouts, overloaded processors, and others can be considered Sybil nodes.
3.5 Trust-Based
Trust is defined as a relationship of trustor and trustee. The trustor can periodically
evaluate the trusteeship to assess its eligibility[124]. Trusted based is based on the value of
trust that must be maintained by each node to remain in the network. This trust value can be
obtained from trusted devices or from neighbor trusts.
1) Centralized trust, In the trust-based method using a trusted device, usually in the initial
stage, a comprehensive network mapping is carried out on all nodes, with the device
obtaining its identity and trust value. Then the trust value is evaluated to determine the
possibility that the node is not a Sybil node.
2) Decentralized trust, In the detection approach based on the relationship between
neighbors, each node will visit nearby nodes based on the pattern of relationships and
behavior of these nodes in the network.
In applying IoT, the trust-based defense method has disadvantages, and the method is not able
to detect if Sybil node dominates the number of nodes in the process of determining the value of
trust. Table 2. Comparison of defense mechanisms against the properties of Sybil attacks
Ref
Method
Scheme
Priv
acy
Static/
mobile
Structure
Sybil Attack Properties
C1
C2
D1
D2
L1
L2
L3
[11]
Authentication
Authenticate node by
Fujisaki-Okamoto
no
mobile
centralized
√
√
√
-
√
√
-
[16]
PKI based
ID Obfuscated and
Publik key certificate
yes
mobile
centralized
√
-
√
-
√
√
-
[19]
PKI based
Data protection via
Public Key Encryption
no
mobile
centralized
√
√
√
-
√
-
-
[22]
Watermarking
Data Validation by
Kolgomorov
no
mobile
decentralized
√
-
√
√
√
√
-
[26]
Symmetric
key
Network data protection
by symmetric key
yes
mobile
centralized
√
-
√
√
√
√
-
[36]
RSSI based
Range-Free using APIT
Localization
no
static
decentralized
√
√
√
-
√
-
-
[43]
RSSI Based
RSSI based Voiceprint
no
Mobile
decentralized
√
√
√
-
√
-
√
[55]
Time-Based
Secure time
synchronization based
no
static
decentralized
√
-
√
√
√
-
-
[59]
Time-Based
challenge zone using
Spider monkey
no
mobile
Centralized
√
√
√
√
√
-
√
[65]
Range-free
macroscopic traffic flow
theory-based
no
mobile
decentralized
√
-
√
-
√
√
-
[69]
Range-free
cluster head collab and
A distributive algorithm
no
static
centralized
√
-
√
√
√
√
-
[87]
Net Feature
Persuading function in
attack edge is more
than the mistaken
edge
no
static
decentralized
√
√
√
-
√
√
√
[91]
Net Feature
Multilayer Perceptron
Neural Network based
no
static
centralized
√
-
√
√
√
√
-
[101]
Energy Based
Power gain and delay
spread exacted from
receiving packets
no
static
decentralized
-
√
√
-
√
-
√
[106]
Energy Based
Based on Channel
no
mobile
decentralized
√
√
√
√
√
√
-
Ref
Method
Scheme
Priv
acy
Static/
mobile
Structure
Sybil Attack Properties
C1
C2
D1
D2
L1
L2
L3
State Information
[117]
Central Trust
Use Watchdog Nodes
to label based on their
movement behaviors
no
mobile
centralized
√
-
√
√
√
√
√
[124]
Central Trust
Uses a trust-based
mechanism in RPL
no
static
centralized
√
√
√
√
√
√
-
[132]
Neighbor Trust
use number allocating
and mutual guarantee
relying on neighbors
no
mobile
decentralized
-
√
√
√
√
√
√
[140]
Neighbor Trust
Uses rule-based
anomaly, relies on
UWB ranging info
no
static
decentralized
√
√
√
√
√
-
√
C1: Fabrication; C2: Stolen; D1: Random; D2: Selective, L1: Simultaneous L2: Non-simultaneous; L3: Conspiracy
√ : addressed, — : not addressed/mentioned
The defense mechanism of Sybil by considering the characteristics of Sybil that has
been mentioned is essential to improve detection accuracy. From the reviewed paper, we select
several latest proposed schemes to present how each method can be used to recognized
properties of Sybil attack in every phase in Table 2. As shown in the table, Not all defense
mechanisms can handle all Sybil attack properties, some have implemented privacy protections,
and some can work on mobile networks and fast-changing networks. A practical, energy-
efficient, and versatile defense mechanism that can cover all Sybil attacks properties is highly
recommended.
4. Discussion
4.1. General detection Issue
As a general need for defense mechanisms in the Wireless Ad-hoc network to be
integrated with IoT, several issues arise both related to the accuracy of defense mechanisms,
the possibility of implementation and others, some problems associated with this include:
1) Accuracy: defense mechanism can detect Sybil at each phase with different properties. It
must be able to discover large percentage of Sybil nodes to eliminate damage.
2) Cooperative Sybil detection: to detect efectively, all nodes in networks participate
independently in the Sybil node detection process.
3) Low overhead costs: the proposed approach works more efficiently and requires fewer
system resources.
- Does not need additional hardware at high prices
- Does not increase message exchange on the network.
- Does not require much memory
4) Detection time: the time needed to find and delete a Sybil entity is an essential factor that
must be minimal.
5) Implementation: every IoT implementation such as in Industry, Smarthome, Smart grid,
and others, there are special needs that must be considered in applying mechanisms.
4.2. Vanet Issue
In the wireless ad-hoc network area, VANET has become the most talked about topic
lately, with specific needs that VANETs require additional requirements for security guarantees.
Issues discussed in several papers reviewed are:
1) Privacy Issue: most vehicle users hope that their identity information can be stored in
VANET because they are afraid that their trip will leak with that identity.
2) Safety Issue: VANET does not allow a decrease in reputation after a severe traffic accident
to prevent another attack, because damage to life and things in this attack cannot be
repaired.
4.3 Learning-Based Issue
Defense mechanisms in the IoT infrastructure must be prepared with the needs of a
"smart" system so that the application of scientific fields on artificial intelligence, especially
machine learning is very open. Several machine learning methods have succeeded in detecting
specific attacks on IoT[142]. Machine learning that needs to be applied to Sybil's defense
mechanisms include:
1) Deep Learning: with the development and the number of entities in an IoT infrastructure, a
mechanism based on thorough analysis is needed, deep learning has been successfully
used in various areas including intrusion detection systems.
2) Transfer Learning: with regard to data that is continuously changing, and the possibility of
attacks at an advanced level, requires that defense mechanisms can prevent, even new
types of Sybil attacks.
3) Online Learning: most of the data sent on IoT infrastructure, including WANET-based IoT,
is a data stream, so online learning needs to be a concern for solutions on detection that
continuously enhance the capability of defense mechanisms.
4.4. Centralized vs. Decentralized Issue
Another factor to be considered in implementing is defense mechanism architecture
selection, centralized and decentralized has its own issue, including:
1) Centralized issue: some defense mechanisms use centralized detection, which requires a
trusted center. Several papers on VANET build trust relationships that are bestowed on
RSU. Installation of such infrastructure nationally is challenging to achieve in the early
stages of VANET. Even in the medium term, there may still be many places that are not
covered by RSU[43]
2) Decentralized issue: on the mechanism that relies on each node as a detector, all must
know the credibility of each node that shares information around it and ensure all messages
received are trusted and correct. However, this mechanism can work well, assuming that
most nodes are trusted nodes.
5. Conclusion
In this paper, we have provided a comprehensive review of defense mechanisms
against Sybil attacks, including defining the Sybil attack properties, building the taxonomy of
these mechanisms and analyzing the problems that still exist in defense mechanisms against
Sybil on Wireless Ad-hoc Networks related to their implementation in IoT. Several challenges
have been mentioned to be implemented in a practical IoT system. We hope that this survey will
provide readers with the big picture and current knowledge related to this topic.
References
[1] Reina DG, Toral SL, Barrero F, Bessis N, Asimakopoulou E. The Role of Ad Hoc Networks in the Internet of
Things: A Case Scenario for Smart Environments. Bessis N, Xhafa F, Varvarigou D, Hill R, Li M, editors. Internet
of Things and Inter-cooperative Computational Technologies for Collective Intelligence. Berlin, Heidelberg:
Springer Berlin Heidelberg; 2019; 89–113.
[2] Lu Tan, Neng Wang. Future internet: The Internet of Things. 2010 3rd International Conference on Advanced
Computer Theory and Engineering(ICACTE). 2010; V5-376.
[3] Vasudeva A, Sood M. Survey on sybil attack defense mechanisms in wireless ad hoc networks. Journal Of
Network And Computer ApplicationS. 2018 Oct 15;120:78–118.
[4] Abdulkader ZA, Abdullah A, Abdullah MT, Zukarnain ZA. A survey on sybil attack detection in vehicular ad hoc
networks (VANET). Journal of Computers (Taiwan). 2018; 29(2):1–6.
[5] Newsome J, Shi E, Song D, Perrig A. The Sybil Attack in Sensor Networks: Analysis & Defenses. Proceedings of
the 3rd International Symposium on Information Processing in Sensor Networks. New York, NY, USA: ACM;
2004; 259–268.
[6] Kitchenham B, Pearl Brereton O, Budgen D, Turner M, Bailey J, Linkman S. Systematic Literature Reviews in
Software Engineering - A Systematic Literature Review. Inf Softw Technol. 2009 Jan;51(1):7–15.
[7] Mishra AK, Tripathy AK, Puthal D, Yang LT. Analytical Model for Sybil Attack Phases in Internet of Things. IEEE
Internet of Things Journal. 2019 Feb;6(1, SI):379–87.
[8] Feng X, Li C, Chen D, Tang J. A method for defensing against multi-source Sybil attacks in VANET. Peer-to-Peer
Networking and Applications. 2017 Mar;10(2):305–314.
[9] Amuthavalli R, Bhuvaneswaran RS. Detection and prevention of Sybil attack in wireless sensor network
employing random password comparison method. Journal of Theoretical and Applied Information Technology.
2014;67(1):236–46.
[10] Sharma P, Gupta G. Proficient techniques and protocols for the identification of attacks in WSN: A review. Indian
Journal of Science and Technology. 2016;9(42).
[11] Nirmal Raja K, Maraline Beno M. Secure Data Aggregation in Wireless Sensor Network-Fujisaki Okamoto(FO)
Authentication Scheme against Sybil Attack. Journal of Medical Systems. 2017;41(7).
[12] Saud Khan M, Khan NM. Low Complexity Signed Response Based Sybil Attack Detection Mechanism in Wireless
Sensor Networks. Journal of Sensors. 2016;2016.
[13] Vinayagam SS, Parthasarathy V. IPTTA: Leveraging Token-Based Node IP Assignment and Verification for WSN.
2014 International Conference on Science Engineering and Management Research. 2014.
[14] de Sales TBM, Perkusich A, de Sales LM, de Almeida HO, Soares G, de Sales M. ASAP-V: A privacy-preserving
authentication and sybil detection protocol for VANETs. Information Sciences. 2016::208–24.
[15] Dua A, Bulusu N, Feng W-C, Hu W. Combating Software and Sybil Attacks to Data Integrity in Crowd-Sourced
Embedded Systems. ACM Trans Embed Comput Syst. 2014 Oct;13(5s):154:1–154:19.
[16] Feng X, Tang J. Obfuscated RSUs Vector Based Signature Scheme for Detecting Conspiracy Sybil Attack in
VANETs. Mobile Information Systems. 2017;2017.
[17] Soni M, Jain A. Secure Communication and Implementation Technique for Sybil Attack in Vehicular Ad-Hoc
Networks. Proceedings of the 2nd International Conference on Computing Methodologies and Communication,
ICCMC 2018. 2018; 539–43.
[18] Reddy DS, Bapuji V, Govardhan A, Sarma SSVN. Sybil attack detection technique using session key certificate in
vehicular ad hoc networks. 2017 International Conference on Algorithms, Methodology, Models and Applications
in Emerging Technologies (ICAMMAET). 2017; 1–5.
[19] Sharma AK, Saroj SK, Chauhan SK, Saini SK. Sybil Attack Prevention and Detection in Vehicular Ad hoc
Network. Astya, PN and Swaroop, A and Sharma, V and Singh, M, editor. 2016 ICCCA. IEEE; IEEE UP Sect;
IEEE Uttar Pradesh Sect SP C Chapter; Galgotias Univ, Sch Comp Sci & Engn; 2016; 594–9.
[20] Hussain R, Oh H. On Secure and Privacy-Aware Sybil Attack Detection in Vehicular Communications.
WIRELESS PERSONAL COMMUNICATIONS. 2014 Aug;77(4):2649–73.
[21] Alimohammadi M, Pouyan AA. Sybil Attack Detection Using a Low Cost Short Group Signature in VANET. 2015
12TH ISCISC. Iranian Soc Cryptol; 2015; 23–8.
[22] Harjito B. Kolmogorov watermarking technique for secure the data of Wireless Sensor Networks. 2017 Second
International Conference on Informatics and Computing (ICIC). 2017; 1–6.
[23] Aggarwal P, Rai MK. A novel scheme for detection of selective forwarding attack and sybil attack in wireless
sensor network. International Journal of Applied Engineering Research. 2015;10(10):25929–38.
[24] Ambika N, Raju GT. ECAWSN: Eliminating compromised node with the help of auxiliary nodes in wireless sensor
network. International Journal of Security and Networks. 2014;9(2):78–84.
[25] Ambika N, Raju GT. MA WSN — Manifold authentication in wireless sensor network. 2012 World Congress on
Information and Communication Technologies. 2012; 572–6.
[26] Parikh N, Das ML. Privacy-preserving services in VANET with misbehavior detection. 2017 IEEE International
Conference on Advanced Networks and Telecommunications Systems (ANTS). 2017; 1–6.
[27] Zhou T, Choudhury RR, Ning P, Chakrabarty K. P2DAP - Sybil attacks detection in vehicular ad hoc networks.
IEEE Journal on Selected Areas in Communications. 2011;29(3):582–94.
[28] Lal AS, Nair R. Region authority based collaborative scheme to detect Sybil attacks in VANET. 2015 International
Conference on Control Communication Computing India (ICCC). 2015; 664–8.
[29] De Sales TM, Almeida HO, Perkusich A, De Sales L, De Sales M. A privacy-preserving authentication and Sybil
detection protocol for vehicular ad hoc networks. Digest of Technical Papers - IEEE International Conference on
Consumer Electronics. 2014; 426–7.
[30] Li M, Xiong Y, Wu X, Zhou X, Sun Y, Chen S, et al. A Regional Statistics Detection Scheme against Sybil Attacks
in WSNs. 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and
Communications. 2013; 285–91.
[31] Jan MA, Nanda P, He X, Liu RP. A Sybil Attack Detection Scheme for a Centralized Clustering-based Hierarchical
Network. 2015 IEEE TRUSTCOM/BIGDATASE/ISPA, VOL 1. IEEE; IEEE COMP SOC; IEEE Tech Comm
Scalable Comp; Aalto Univ, Sch Elect Engn; Integrated Serv Networks, State Key Lab; NOKIA; SSH; ERICSSON;
Tekes; Federat Finnish Learned Soc; Xidian Univ; 2015; 318–25.
[32] Lieping Z, Huanhuan Y, Yanlin Y, Fei P. A Three-dimensional Node Security Localization method for WSN Based
on Improved RSSI-LSSVR Algorithm. 2018 10TH International Conference On Measuring Technology And
Mechatronics Automation (ICMTMA). Hunan City Univ, Dept Urban Management; Cent S Univ, Shenzhen Res
Inst; Changsha Univ Sci & Technol, Commun Res Inst; 2018; 182–6.
[33] Chen Y, Yang J, Trappe W, Martin RP. Detecting and Localizing Identity-Based Attacks in Wireless and Sensor
Networks. IEEE Transactions on Vehicular Technology. 2010 Jun;59(5):2418–34.
[34] Chen S-S, Yang G, Chen S-S. LEACH protocol based security mechanism for Sybil attack detection. Tongxin
Xuebao/Journal on Communications. 2011;32(8):143–9.
[35] Abdulkader ZA, Abdullah A, Abdullah MT, Zukarnain ZA. Malicious node identification routing and protection
mechanism for vehicular ad-hoc network against various attacks. International Journal of Networking and Virtual
Organisations. 2018;19(2–4):153–75.
[36] Yuan Y, Huo L, Wang Z, Hogrefe D. Secure APIT Localization Scheme Against Sybil Attacks in Distributed
Wireless Sensor Networks. IEEE Access. 2018;6:27629–36.
[37] Thawani S, Upadhyay H. Securing TORA against Sybil attack in MANETs. 2015 International Conference on
Futuristic Trends on Computational Analysis and Knowledge Management (ABLAZE). 2015; 475–8.
[38] Liu R, Wang Y. A New Sybil Attack Detection for Wireless Body Sensor Network. 2014 Tenth International
Conference on Computational Intelligence and Security. 2014; 367–70.
[39] Jan MA, Nanda P, He X, Liu RP. A Sybil attack detection scheme for a forest wildfire monitoring application.
Future Generation Computer Systems. 2018;80:613–26.
[40] Wang J, Yang G, Sun Y, Chen S. Defending against Sybil attacks based on received signal strength in wireless
sensor networks. Chinese Journal of Electronics. 2008;17(4):611–614.
[41] Bhuvaneshwari G, Udayakumar R. Detecting the identities of sybil attack in manet based on Rss detection.
International Journal of Applied Engineering Research. 2014;9(22):7251–4.
[42] Faisal M, Abbas S, Ur Rahman H. Identity attack detection system for 802.11-based ad hoc networks. Eurasip
Journal on Wireless Communications and Networking. 2018;2018(1).
[43] Yao Y, Xiao B, Wu G, Liu X, Yu Z, Zhang K, et al. Multi-Channel Based Sybil Attack Detection in Vehicular Ad
Hoc Networks Using RSSI. IEEE Transactions on Mobile Computing. 2019 Feb;18(2):362–75.
[44] Paul A, Sinha S. Performance analysis of received signal power-based Sybil detection in MANET using spline
curve. International Journal of Mobile Network Design and Innovation. 2017;7(3–4):222–32.
[45] Bouassida MS, Guette G, Shawky M, Ducourthial B. Sybil nodes detection based on received signal strength
variations within VANET. International Journal of Network Security. 2009;9(1):22–33.
[46] Yao Y, Xiao B, Wu G, Liu X, Yu Z, Zhang K, et al. Voiceprint: A Novel Sybil Attack Detection Method Based on
RSSI for VANETs. 2017 47th Annual IEEE/IFIP International Conference on Dependable Systems and Networks
(DSN). 2017; 591–602.
[47] Chen R-C, Hsieh C-F, Huang Y-F. A lightweight method for wireless sensor network intrusion detections. ICIC
Express Letters. 2013;7(6):1793–8.
[48] Liu Y, Wu Y. An enhanced RSSI-based detection scheme for sybil attack in wireless sensor networks. Lecture
Notes in Networks and Systems. 2020;69:87–102.
[49] Balaji N, Priya N. Detecting new identities of Sybil attack in manets based on Rss detection. International Journal
of Applied Engineering Research. 2014;9(22):6068–71.
[50] Abbas S, Haqdad M, Begum S, Khan MZ. Detecting sybil attacks using heterogeneous topologies in static
wireless sensor network. Journal of Theoretical and Applied Information Technology. 2018;96:4928–40.
[51] Rahman MU, Abbas S, Latif S. Lightweight Detection of Malicious Nodes in Mobile Ad Hoc Networks. 2017
INTERNATIONAL CONFERENCE ON COMTECH. IEEE Islamabad Sect; 2017; 191–4.
[52] Abbas S, Merabti M, Llewellyn-Jones D, Kifayat K. Lightweight Sybil Attack Detection in MANETs. IEEE
SYSTEMS JOURNAL. 2013 Jun;7(2, SI):236–48.
[53] Marian S, Mircea P. Sybil Attack Type Detection in Wireless Sensor Networks based on Received Signal Strength
Indicator detection scheme. 2015 IEEE 10TH Jubilee International Symposium on Applied Computational
In℡Ligence And Informatics (SACI). 2015; 121–4.
[54] Kumar PV, Maheshwari M. Prevention of Sybil attack and priority batch verification in VANETs. International
Conference on Information Communication and Embedded Systems (ICICES2014). 2014;1-5.
[55] Selvakumar K, Naveen Kumar S. Security issues and ANALYSING sybil attack detection in VANET. International
Journal of Recent Technology and Engineering. 2019;7(5):386–91.
[56] Jin D, Song J. A Traffic Flow Theory Aided Physical Measurement-Based Sybil Nodes Detection Mechanism in
Vehicular Ad-hoc Networks. 2014 IEEE/ACIS 13th International Conference on Computer and Information
Science (ICIS). 2014; 281–6.
[57] Wen M, Li H, Zheng Y-F, Chen K-F. TDOA-based Sybil attack detection scheme for wireless sensor networks.
Journal of Shanghai University. 2008;12(1):66–70.
[58] Ali Alheeti KM, Al-ani MS, McDonald-Maier K. A hierarchical detection method in external communication for self-
driving vehicles based on TDMA. PLoS ONE. 2018;13(1).
[59] Iwendi C, Uddin M, Ansere JA, Nkurunziza P, Anajemba JH, Bashir AK. On Detection of Sybil Attack in Large-
Scale VANETs Using Spider-Monkey Technique. IEEE Access. 2018;6:47258–67.
[60] Wang Z, Zeng P, Kong L, Li D, Jin X. Node-identification-based secure time synchronization in industrial wireless
sensor networks. Sensors (Switzerland). 2018;18(8).
[61] Dong W, Liu X. Robust and Secure Time-Synchronization Against Sybil Attacks for Sensor Networks. IEEE
Transactions on Industrial Informatics. 2015 Dec;11(6):1482–91.
[62] Benzaid C, Saiah A, Badache N. Secure pairwise broadcast time synchronization in wireless sensor networks.
2011 International Conference on Distributed Computing in Sensor Systems and Workshops (DCOSS). 2011;1–6.
[63] Geetha C, Ramakrishnan M. A hybrid scheme for detecting clone and Sybil attacks in wireless sensor networks.
International Journal of Applied Engineering Research. 2015;10(9):22467–76.
[64] Shi W, Liu S, Zhang Z. A Lightweight Detection Mechanism against Sybil Attack in Wireless Sensor Network. KSII
Transactions On Internet And Information Systems. 2015 Sep 30;9(9):3738–50.
[65] Ayaida M, Messai N, Najeh S, Ndjore KB. A Macroscopic Traffic Model-based Approach for Sybil Attack Detection
in VANETs. Ad Hoc Networks. 2019;101845.
[66] Patil DS, Patil SC. A Novel Algorithm for Detecting Node Clone Attack in Wireless Sensor Networks. 2017
International Conference on Computing, Communication, Control and Automation (ICCUBEA). 2017; 1–4.
[67] Tian B, Yao Y, Shi L, Shao S, Liu Z, Xu C. A novel sybil attack detection scheme for wireless sensor network. 5th
IEEE International Conference on Broadband Network Multimedia Technology. 2013; 294–7.
[68] Kanumalli SS, Anuradha Ch, Murty PSRC. An efficient method for detection of Sybil attackers in IOV. Advances
in Modelling and Analysis A. 2018;61(1):5–8.
[69] Abbas S. An efficient sybil attack detection for internet of things. Advances in Intelligent Systems and Computing.
2019;931:339–49.
[70] Mohamed MS, Dandekhya P, Krings A. Beyond passive detection of sybil attacks in VANET. 2017 6th
International Conference on Reliability, Infocom Technologies and Optimization: Trends and Future Directions,
ICRITO 2017. 2018; 384–90.
[71] Jamshidi M, Zangeneh E, Esnaashari M, Darwesh AM, Meybodi MR. A Novel Model of Sybil Attack in Cluster-
Based Wireless Sensor Networks and Propose a Distributed Algorithm to Defend It. Wireless Personal
Communications. 2019;105(1):145–73.
[72] Vigenesh M, Santhosh R. An efficient stream region sink position analysis model for routing attack detection in
mobile ad hoc networks. Computers & Electrical Engineering. 2019;74:273–80.
[73] Anthoniraj J, Abdul Razak T. CBCD: Cluster based clone detection in mobile wireless sensor networks. Indian
Journal of Science and Technology. 2016;9(31).
[74] Lim K, Tuladhar KM, Kim H. Detecting Location Spoofing using ADAS sensors in VANETs. 2019 16th IEEE
Annual Consumer Communications and Networking Conference, CCNC 2019. 2019.
[75] Yu B, Xu C-Z, Xiao B. Detecting Sybil attacks in VANETs. Journal of Parallel and Distributed Computing.
2013;73(6):746–56.
[76] Płaczek B, Bernas M. Detection of malicious data in vehicular ad Hoc networks for traffic signal control
applications. Communications in Computer and Information Science. 2016;608:72–82.
[77] Almas-Shehni R, Faez K. Detection of Sybil Nodes in Mobile Sensor Networks Using the Context of Nodes
Mobility. Jahangir, AH and Movaghar, A and Asadi, H, editor. Computer Networks And Distributed Systems,
CNDS 2013. Comp Soc Iran; 2014; vol. 428117–28. [78] Sowattana C, Viriyasitavat W, Khurat A.
Distributed consensus-based Sybil nodes detection in VANETs. 2017 14th International Joint Conference on
Computer Science and Software Engineering (JCSSE). 2017; 1–6.
[79] Maheswari PU, Kumar PG. Dynamic Detection and Prevention of Clone Attack in Wireless Sensor Networks.
WIRELESS PERSONAL COMMUNICATIONS. 2017 Jun;94(4):2043–54.
[80] Yuvashri K, Dalfiah J, Karuppiah AB, Rajaraja R. Efficient algorithm for accurate detection of sybil attack in a
wireless sensor network. International Journal of Applied Engineering Research. 2015;10(55):1429–32.
[81] Zhang J-M, Yu Q, Wang L-M. Geographical location-based scheme for Sybil attacks detection in wireless sensor
networks. Xitong Fangzhen Xuebao / Journal of System Simulation. 2008;20(1):259–63.
[82] Xin Y, Feng X, Li T-T. Position related lightweight Sybil detection approach in VANET. Tongxin Xuebao/Journal
on Communications. 2017;38(4):110–9.
[83] Hamed H, Keshavarz-Haddad A, Haghighi SG. Sybil Attack Detection in Urban VANETs Based on RSU Support.
Electrical Engineering (ICEE), Iranian Conference on. 2018; 602–6.
[84] Han S, Ban D, Park W, Gerla M. Localization of Sybil Nodes with Electro-Acoustic Positioning in VANETs.
GLOBECOM 2017 - 2017 IEEE Global Communications Conference. 2017; 1–6.
[85] Golestani Najafabadi S, Naji HR, Mahani A. Sybil attack Detection: Improving security of WSNs for smart power
grid application. Smart Grid Conference 2013, SGC 2013. 2013; 273–8.
[86] Jamshidi M, Darwesh AM, Lorenc A, Ranjbari M, Meybodi MR. A precise algorithm for detecting malicious sybil
nodes in mobile wireless sensor networks. IEIE Transactions on Smart Processing and Computing.
2018;7(6):457–66.
[87] Silawan T, Aswakul C. SybilComm: Sybil community detection using persuading function in IoT system. 2016
International Conference on Electronics, Information, and Communications (ICEIC). 2016; 1–4.
[88] Subba B, Biswas S, Karmakar S. A game theory based multi layered intrusion detection framework for VANET.
Future Generation Computer Systems. 2018;82:12–28.
[89] Zhang K, Liang X, Lu R, Shen X. Sybil Attacks and Their Defenses in the Internet of Things. IEEE Internet of
Things Journal. 2014 Oct;1(5, SI):372–83.
[90] Sicari S, Rizzardi A, Grieco LA, Coen-Porisini A. Performance comparison of reputation assessment techniques
based on self-organizing maps in wireless sensor networks. Wireless Communications and Mobile Computing.
2017;2017.
[91] Singh R, Singh J, Singh R. Fuzzy based advanced hybrid intrusion detection system to detect malicious nodes in
wireless sensor networks. Wireless Communications and Mobile Computing. 2017;2017.
[92] Sujatha V, Mary Anita EA. Fuzzy based scheme for detection of Sybil node in wireless sensor networks. Journal
of Advanced Research in Dynamical and Control Systems. 2017;9(Special Issue 6):815–22.
[93] Wang H, Wen Y, Zhao D. Identifying localization attacks in wireless sensor networks using deep learning. Journal
of Intelligent and Fuzzy Systems. 2018;35(2):1339–51.
[94] Kumar NMS, Deepa S, Marimuthu CN, Eswari T, Lavanya S. Signature Based Vulnerability Detection Over
Wireless Sensor Network for Reliable Data Transmission. WIRELESS PERSONAL COMMUNICATIONS. 2016
Mar;87(2, SI):431–442.
[95] Ruj S, Cavenaghi MA, Huang Z, Nayak A, Stojmenovic I. On data-centric misbehavior detection in VANETs.
IEEE Vehicular Technology Conference. 2011.
[96] Hussain R, Kim S, Oh H. Privacy-aware VANET security: Putting data-centric misbehavior and sybil attack
detection schemes into practice. Lecture Notes in Computer Science (including subseries Lecture Notes in
Artificial Intelligence and Lecture Notes in Bioinformatics). 2012;7690 LNCS:296–311.
[97] Katiravan J, N D, N D. A two level detection of routing layer attacks in hierarchical wireless sensor networks using
learning based energy prediction. KSII Transactions on Internet and Information Systems. 2015;9(11):4644–61.
[98] Li Q, Zhang K, Cheffena M, Shen X. Channel-Based Sybil Detection in Industrial Wireless Sensor Networks: A
Multi-Kernel Approach. GLOBECOM 2017 - 2017 IEEE Global Communications Conference. 2017; 1–6.
[99] Alsaedi N, Hashim F, Sali A. Energy Trust System for Detecting Sybil Attack in Clustered Wireless Sensor
Networks. 2015 IEEE 12TH Malaysia International Conference On Communications (MICC). IEEE; IEEE
Commun Soc Malaysia Chapter; IEEE VTS Malaysia Chapter; SKMM; Tenaga Nasl; genetron; CST, RF Stat;
atenlab; IEEE Malaysia Commun Soc & Vehicular Technol Soc, Joint Chapter; 2015; 91–5.
[100] Li Q, Zhang K, Cheffena M, Shen XS. Exploiting dispersive power gain and delay spread for sybil detection in
industrial WSNs. 2016 IEEE/CIC International Conference on Communications in China (ICCC). 2016; 1–6.
[101] Li Q, Cheffena M. Exploiting Dispersive Power Gain and Delay Spread for Sybil Detection in Industrial WSNs: A
Multi-Kernel Approach. IEEE Transactions on Wireless Communications. 2019;18(3):1805–18.
[102] Udhayasankar SM, Vijaya Chamundeeswari V, Dharini N. Light weight prediction algorithm based IDS for
wireless sensor networks. Asian Journal of Information Technology. 2016;15(3):393–405.
[103] Zhang T, He J. An attack-resistant localization method in wireless sensor networks. Beijing Jiaotong Daxue
Xuebao/Journal of Beijing Jiaotong University. 2012;36(3):80-83+86.
[104] Chinchore A, Jiang F, Xu G. Intelligent Sybil attack detection on abnormal connectivity behavior in mobile social
networks. Lecture Notes in Business Information Processing. 2015;224:602–17.
[105] Huang D-J, Teng W-C, Wang C-Y, Huang H-Y, Hellerstein JM. Clock Skew Based Node Identification in Wireless
Sensor Networks. GLOBECOM 2008 - 2008 IEEE Global ℡Ecommunications Conference. 2008.
[106] Wang C, Zhu L, Gong L, Zhao Z, Yang L, Liu Z, et al. Accurate Sybil Attack Detection Based on Fine-Grained
Physical Channel Information. SENSORS. 2018 Mar;18(3).
[107] Li X, Han G, Qian A, Shu L, Rodrigues J. Detecting Sybil attack based on state information in Underwater
Wireless Sensor Networks. 2013 21st International Conference on Software, Telecommunications and Computer
Networks - (SoftCOM 2013). 2013; 1–5.
[108] Rabieh K, Mahmoud MMEA, Guo TN, Younis M. Cross-layer scheme for detecting large-scale colluding Sybil
attack in VANETs. 2015 IEEE International Conference on Communications (ICC). 2015; 7298–303.
[109] Gaikwad V, Ragha L. Mitigation of attack on authenticating identities in ad-hoc network. 2017 International
Conference on Energy, Communication, Data Analytics and Soft Computing (ICECDS). 2017; 1027–32.
[110] Saggi MK, Kaur R. Isolation of Sybil attack in VANET using neighboring information. 2015 IEEE International
Advance Computing Conference (IACC). 2015; 46–51.
[111] Danev B, Capkun S. Transient-based Identification of Wireless Sensor Nodes. Proceedings of the 2009
International Conference on Information Processing in Sensor Networks. Washington, DC, USA: IEEE Computer
Society; 2009; 25–36. (IPSN ’09).
[112] Uddin MB, Castelluccia C. Towards clock skew based services in wireless sensor networks. International Journal
of Sensor Networks. 2011;9(1):24–37.
[113] Sieka B. Using radio device fingerprinting for the detection of impersonation and Sybil attacks in wireless
networks. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and
Lecture Notes in Bioinformatics). 2006;4357 LNCS:179–92.
[114] Lakhanpal R, Sharma S. Detection & Prevention of Sybil attack in Ad hoc network using hybrid MAP & MAC
technique. 2016 International Conference on Computation of Power, Energy, Information and Communication,
ICCPEIC 2016. 2016; 283–7.
[115] Liao X, Hao D, Sakurai K. Achieving cooperative detection against Sybil attack in wireless ad hoc networks: A
game theoretic approach. 17th Asia-Pacific Conference on Communications, APCC 2011. 2011; 806–11.
[116] Tanuja R, Anoosha V, Manjula SH, Venugopal KR, Iyengar SS, Patnaik LM. Secure reputation update for target
localization in wireless sensor networks. Communications in Computer and Information Science. 2012;292
CCIS:109–18.
[117] Jamshidi M, Zangeneh E, Esnaashari M, Meybodi MR. A lightweight algorithm for detecting mobile Sybil nodes in
mobile wireless sensor networks. Computers & Electrical Engineering. 2017 Nov;64:220–32.
[118] Sujatha V, Anita EAM. An efficient trust based method for Sybil node detection in mobile wireless sensor network.
AIP Conference Proceedings. 2018.
[119] Bißmeyer N, Njeukam J, Petit J, Bayarou KM. Central Misbehavior Evaluation for VANETs Based on Mobility
Data Plausibility. Proceedings of the Ninth ACM International Workshop on Vehicular Inter-networking, Systems,
and Applications. New York, NY, USA: ACM; 2012; 73–82.
[120] Khan MS, Iltaf N, Rashdi A. Collusion-resistant Sybil attack detection scheme in mobile ad hoc networks. 2014
National Software Engineering Conference. 2014; 30–6.
[121] Rashidibajgan S. A trust structure for detection of sybil attacks in opportunistic networks. 2016 11th International
Conference for Internet Technology and Secured Transactions, ICITST 2016. 2017; 347–51.
[122] Zhan G, Shi W, Deng J. Design and Implementation of TARF: A Trust-Aware Routing Framework for WSNs. IEEE
Transactions on Dependable and Secure Computing. 2012 Mar;9(2):184–97.
[123] Alsaedi N, Hashim F, Sali A, Rokhani FZ. Detecting sybil attacks in clustered wireless sensor networks based on
energy trust system (ETS). COMPUTER COMMUNICATIONS. 2017 Sep 15;110:75–82.
[124] Airehrour D, Gutierrez JA, Ray SK. SecTrust-RPL: A secure trust-aware RPL routing protocol for Internet of
Things. Future Generation Computer Systems. 2019;93:860–76.
[125] Medjek F, Tandjaoui D, Romdhani I, Djedjig N. A Trust-Based Intrusion Detection System for Mobile RPL Based
Networks. 2017 IEEE International Conference on Internet of Things (iThings) and IEEE Green Computing and
Communications (GreenCom) and IEEE Cyber, Physical and Social Computing (CPSCom) and IEEE Smart Data
(SmartData). 2017; 735–42.
[126] Bankovic Z, Fraga D, Moya JM, Vallejo JC, Araujo A, Malagón P, et al. Detecting and confining Sybil attack in
wireless sensor networks based on reputation systems coupled with clustering algorithms. Engineering Intelligent
Systems. 2010;18(3–4):133–44.
[127] Hamdan S, Hudaib A, Awajan A. Hybrid Algorithm to Detect the Sybil Attacks in VANET. 2018 Fifth International
Symposium On Innovation In Information And Communication Technology (ISIICT 2018). Amity Univ; IEEE,
Jordan Sect; 2018; 93–8.
[128] Nikam A, Ambawade D. Opinion Metric Based Intrusion Detection Mechanism for RPL Protocol in IoT. 2018 3rd
International Conference for Convergence in Technology (I2CT). 2018; 1–6.
[129] Meena Kowshalya A, Valarmathi ML. Detection of Sybil’s across communities over Social Internet of Things.
Journal of Applied Engineering Science. 2016;14(1):75–83.
[130] Edwin Prem Kumar G, Baskaran K, Elijah Blessing R, Lydia M. Evaluation of hybrid trust models using ant colony
optimization in wireless sensor networks. International Journal on Smart Sensing and Intelligent Systems.
2016;9(3):1243–60.
[131] Triki B, Rekhis S, Boudriga N. An RFID based System for the detection of Sybil attack in Military Wireless Sensor
networks. 2014 World Congress on Computer Applications and Information Systems (WCCAIS). 2014; 1–2.
[132] Tang Q, Wang J. A secure positioning algorithm against Sybil attack in wireless sensor networks based on
number allocating. International Conference on Communication Technology Proceedings, ICCT. 2018; 932–6.
[133] Wang W-T, Ssu K-F, Chang W-C. Defending Sybil attacks based on neighboring relations in wireless sensor
networks. Security and Communication Networks. 2010;3(5):408–20.
[134] Ssu K-F, Wang W-T, Chang W-C. Detecting Sybil attacks in Wireless Sensor Networks using neighboring
information. Computer Networks. 2009;53(18):3042–56.
[135] Vamsi PR, Kant K. Sybil attack detection using Sequential Hypothesis Testing in Wireless Sensor Networks.
2014 International Conference on Signal Propagation and Computer Technology (ICSPCT 2014). 2014; 698–702.
[136] Vamsi PR, Kant K. A lightweight Sybil attack detection framework for Wireless Sensor Networks. 2014 Seventh
International Conference on Contemporary Computing (IC3). 2014; 387–93.
[137] Grover J, Gaur MS, Laxmi V, Prajapati NK. A Sybil Attack Detection Approach Using Neighboring Vehicles in
VANET. Proceedings of the 4th International Conference on Security of Information and Networks. New York,
NY, USA: ACM; 2011; 151–158. (SIN ’11).
[138] Rafeh R, Khodadadi M. Detecting sybil nodes in wireless sensor networks using two-hop messages. Indian
Journal of Science and Technology. 2014;7(9):1359–68.
[139] Chen C, Han W, Wang X. Sybil attack detection based on signature vectors in VANETs. International Journal of
Critical Computer-Based Systems. 2011;2(1):25–37.
[140] Sarigiannidis P, Karapistoli E, Economides AA. Detecting Sybil attacks in wireless sensor networks using UWB
ranging-based information. Expert Systems with Applications. 2015;42(21):7560–72.
[141] Medjek F, Tandjaoui D, Romdhani I, Djedjig N. Performance Evaluation of RPL Protocol under Mobile Sybil
Attacks. 2017 IEEE Trustcom/BigDataSE/ICESS. 2017; 1049–55.
[142] L. Xiao, X. Wan, X. Lu, Y. Zhang, D. Wu. IoT Security Techniques Based on Machine Learning: How Do IoT
Devices Use AI to Enhance Security? IEEE Signal Processing Magazine. 2018 Sep;35(5):41–9.