Content uploaded by Majeed Alajeely
Author content
All content in this area was uploaded by Majeed Alajeely on Jun 13, 2016
Content may be subject to copyright.
Security and Trust in Opportunistic Networks - A
Survey
Majeed Alajeely
School of Information Technology
Deakin University
Melbourne, Australia
Email: malajeel@deakin.edu.au
Asma’a Ahmad
School of Information Technology
Deakin University
Melbourne, Australia
Email: anahmad@deakin.edu.au
Robin Doss
School of Information Technology
Deakin University
Melbourne, Australia
Email: robindoss@deakin.edu.au
Abstract—Opportunistic networks or OppNets refer to a
number of wireless nodes opportunistically communicating with
each other in a form of “Store-Carry-Forward”. This occurs
when they come into contact with each other without proper
network infrastructure. OppNets use wireless technologies, such
as IEEE 802.11, WiMAX, Bluetooth and other short range radio
communication. In OppNets, there is no end-to-end connection
between the source and the destination nodes and the nodes
usually have high mobility, low density, limited power, short
radio range, and an often subject to different kinds of attacks
by malicious nodes. Due to these characteristics and features,
OppNets are subject to serious security challenges. OppNets
strongly depend on human interaction, therefore the success
of securing such networks is based on trust between people.
This survey includes the security approaches in OppNets and
techniques used to increase their security levels.
Keywords: Opportunistic Networks, Routing Protocols, Security.
I. INTRODUCTION
OppNets aim to establish reliable networks where there is
no end-to-end connection between the source and destination
node. The nodes in OppNets usually have high mobility,
low density, limited power, short radio range, and an often
subject to different kinds of attacks by malicious nodes. Due to
these characteristics, OppNets have gained significant research
attention due to the security and privacy challenges that have
emerged. OppNets have emerged from delay tolerant networks
(DTNs) where connectivity is intermittent. The nodes are often
disconnected from each other and use Bluetooth, Wi-Fi, or
any other wireless connectivity to exchange and forward data
in an opportunistic hop by hop manner. In OppNets there
is no end-to-end path between a sender and a destination,
so the opportunity for forwarding of messages are usually
limited, with possibly higher error rates and longer delays
[1]. Unlike DTNs, the routing algorithm in OppNets must
be opportunistic. In DTNs, when a message is to be sent,
an existing end to end route is first investigated; if none is
found, the message is then sent opportunistically. However, in
OppNets, the message is always sent opportunistically, and an
existing end to end path is never required. OppNets began with
applications like ZebraNet [2], which is one of the wireless
mobile sensor network techniques used for tracking animals
in wildlife areas; CenWits [3], a search and rescue system,
used in emergency situations in wild areas and the underwater
networks project [4] where radio frequency antennas are fixed
on whales for data collection and communication. OppNets
are subject to serious security challenges due to their special
characteristics and features. OppNets strongly depends on
human interaction, therefore the success of securing such
networks is based on trust between people. However, due to the
characteristics of OppNets, many challenges and opportunities
exist to accomplish security measures such as authentication,
integrity, confidentiality, access control, availability, and non-
repudiation.
In this paper, we provide a detailed overview of security issues
in OppNets and current security approaches that are aimed
at mitigating these issues. Unlike other surveys [5][6][7] we
focus primarily on secure and trust based routing while the oth-
ers focused on the security threats, architecture, authentication
and access controls in OppNets. The remainder of this paper
is organized as follows: in Section II, we present the security
approaches in OppNets. In Section III, we present the Secure
Routing Techniques in OppNets. In Section IV, we present
the Security Solutions Based on Intrusion Detection System.
In Section V, we present the Trust Management Evaluation.
In Section VI, we present the Trust Strategies in OppNets and
in Section VII we present our conclusion and future work.
II. SECURITY IN OP PNE TS
Security can be defined as the process, provisioning and
management of ensuring the confidentiality, integrity, non-
repudiation, access control, availability, and authentication of
network systems. OppNets can be vulnerable to different types
of attack. We can classify these attacks as internal and external
attacks [6][7] [5], where internal attacks come from nodes
inside the domain or part of the network. These kinds of
attacks have a high impact on the network since malicious
nodes can have some privileges to access network resources.
External attacks come from nodes outside the network or they
are nodes that don’t belong to the domain of the network.
The impact of this type of attack is less than internal attacks
because nodes have less information about network resources.
Different types of attacks can affect routing in OppNets, such
as Wormhole attacks, Blackhole attacks, Selfish attacks, Sybil
attacks and Selective Dropping attacks. Attack descriptions
and the mechanism used to defend against them is detailed
below.
A. Defence against Wormhole Attacks
The idea of a Wormhole attack [8] is that malicious nodes
record packets at specific location on the network and “tunnel”
to other locations on the network and retransmit them from that
location. Malicious nodes claim a short path in the network to
certain destinations so they can attract traffic or other nodes.
The packet leash technique [9] has been proposed as a defence
against Wormhole Attacks. Some information can be added to
packets to restrict the maximum allowed transmission distance.
Geographical leashes and temporal leashes can be used, with
the receiver of the packet ideally within a certain distance
from the sender in geographical leashes. In temporal leashes
the packet should have an upper bound on its lifetime so it
can restrict the maximum distance travelled. However, this
kind of technique needs secure and tight time synchronization.
A method for detecting and isolating Wormhole attacks was
proposed in [10]. This is a modification of the AODV protocol
where the source node sends a route request to a destination
and receives all available routes with the number of hops.
These routes are used later as a reference for each other in
order to find malicious nodes. The proposed method works in
three steps, by using route redundancy, routes aggregation and
calculating the round-trip time (RTT) for all listed routes. In
order to detect any malicious nodes and isolate them we do
a comparison between RTT and the number of hops for all
routes. However, this method will not be efficient in OppNets
because there is no end to end connection and it is difficult to
find more than one route to the destination.
B. Defence against Blackhole Attacks
In Blackhole attacks, malicious nodes silently drop or discard
all or some of the received packets all of the time or some of
the time. Malicious nodes can advertise themselves as having a
valid route to some of the popular destinations on the network.
In [11], a defence against Blackhole attacks was proposed,
where an attacker can fake its contact history with some
popular destinations and raise its value of delivery likelihood
to the maximum value. The idea of an “encounter ticket” (ET)
is proposed as evidence of the encounters of nodes. However,
a malicious node can still fake its contact history with a
destination by a one-time tailgate attack, where the malicious
node collects redundant ETs by tailgating the destination
once, then moving around the data source to intercept the
data. However, even with the author’s technique of ignoring
redundant ETs generated within a short interval, it may not
work efficiently in case of a multi-tailgate attack, where an
attacker moves in and out of the connection range with the
destination. This technique can only detect an attacker when
claiming non-existent encounters and cannot handle packet
dropping in Blackhole attack. In [12], malicious nodes bloat
their competency of meeting a destination node so it can
intercept data from other senders. A watchdog mechanism was
proposed to monitor the behavior of neighbour nodes with the
absence of an end to end connection. In this mechanism, a
watchdog with a positive feedback message (PFM) is used to
inform the sender the next hop will truthfully forward data
to other nodes. When node A sends the message to node
B, node A will monitor the forwarding behaviour of node
B in terms of evidence of the PFM created by other nodes
like node C which received a message from node B. It will
then generate a PFM and send it to node A telling it that B
successfully forwarded the message. If node A does not get
this PFM, then node B will be registered as suspicious till the
PFM arrives and the trust/reputation system is built according
to this mechanism. In this case, each node will have a trust
value record for other nodes and they will exchange this value
when they meet each other to make an indirect reputation plus
a direct reputation. This trust value is derived and integrated
with the probability of meeting the destination to achieve a
final evaluated forwarding competency for a node. However,
a PFM is sent using epidemic routing. Therefore it adds more
overhead on the network. A method of securing the packet
delivery history of contact between nodes is proposed in [13].
Nodes can detect Blackhole attacks by checking these records.
In case of an encounter between two nodes both nodes record
the number of exchanged packets between them and use their
private key to create a secure record. Neighbour nodes can do
sanity checks by checking the history packets records of other
nodes, thus detecting more Blackhole attacks. Each node has
a private key (RK) and public key (PK) pairs, with each node
owning the public keys of other nodes. However, the method of
manually pre-loading all keys into the nodes during a network
setup phase or using a key distribution scheme can be difficult
to apply in OppNets.
C. Defence against Dropping and Selective Dropping Attacks
In normal network operation, packets can be dropped accord-
ing to predefined rules such as resource limitation as in [14]
where a packet dropping policy, dropping mechanism and
performance analysis is proposed according to the packets
weight. This weight is calculated based on inter-contact time
between nodes. However, in dropping attacks or selective
dropping attacks, malicious nodes drop all or some of their
received packets. It is difficult to detect an attacker since both
source and destination does not know when or where the
dropping take place and also since the malicious node is part
of the network domain. Acknowledgement based mechanisms
can be used for detecting packet dropping attacks [15], [16].
This mechanisms is based on the authenticated acknowledg-
ment from the intermediate nodes and the destination within
a specific time period. Source or destinations can detect a
malicious node. In [17], a mitigation scheme to evaluate the
impact of a packet selective dropping attack is proposed by
using network coding. In this scheme, the destination node
should measure the delivery ratio and return it to the sender.
The sender starts dynamically adjusting the redundancy factor
to mitigate against the degradation in the delivery ratio caused
by the attack. Theoretical analysis and simulations show the
impact of packet dropping on routing performance. The impact
of non-cooperative action, like selfishness or message non-
forwarding in the routing performance reduces the delivery
cost, while the behaviour of dropping messages increases the
delivery cost. The work in [18] is a proposed mechanism for
detecting packet dropping attacks, where intermediate nodes
acknowledge the reception of the packets. Source nodes use
this acknowledgment to construct a Merkle tree and then
compare the value of the tree root with precalculated values.
If these values are equal then there is no packet dropping in
that path; otherwise there is packets dropping. However, this
technique can detect the path with a malicious node and then
look for alternative paths for retransmission. Thus, this tech-
nique results in network overhead. This technique also cannot
detect the exact malicious node in the path. Authors in [19]
proposed a packet dropping detection mechanism based on
cooperative participation at the network-bootstrapping phase.
Alternative routing is used for avoiding malicious nodes or
a non-trusted path. However, this solution leads to network
overhead. Authors in [20], proposed a detection mechanism
for the packet dropping attack based on data provenance to
identify malicious nodes. The characteristics of the water-
marking based secure provenance transmission mechanism and
the inter-packet timing characteristics are exploited to achieve
this goal. There are three stages for this technique: detect
lost packets using the distribution of the inter-packet delays,
identify the presence of the attack by comparing the empirical
average packet loss rate with the natural packet loss rate of the
data flow path and identify the malicious path or link and then
isolate it by transmitting more provenance information along
with the sensor data. However, this techniques is not very
accurate since it does not detect the exact malicious node in
the entire path or link.
In [21], two techniques were used to improve throughput;
watchdog and pathrater. In the watchdog stage, a sender node
detects the misbehaving node by overhearing the neighbour
node and comparing its message transmission with the saved
copy on its buffer and checks whether its matching. If matched,
then the node is not malicious and the message copy on the
buffer is deleted. If nothing is heard for a certain time, the
watchdog will increment the failure tally of that neighbour
node. If that tally exceeds the threshold value, this node will
be recorded as a misbehaving node. Each node running the
pathrater phase determines the best path with the highest
metric by combining the information from watchdog with the
link reliability data, then calculates the best path. According to
the information from watchdog and pathrater each node will
build a rating table for other known nodes on the network
so it can be used in future transmissions. However, the
watchdog technique is not that efficient if there are ambiguous
collisions, receiver collisions, limited transmission power, false
misbehaviour or collusion. To solve the weakness of watchdog,
ExWatchdog was proposed [22], to enhance the intrusion de-
tecting system for discovering malicious nodes. ExWatchdog
has the ability to detect malicious nodes that partitions the
network by falsely reporting other node as malicious. Each
node builds a table with the number of received packets and
the number of forwarded packets. When a node receives a
report about a misbehaving node, the source of communication
starts to send a message to the destination to check if the
number of received and forwarded packets are equal. If they
are equal, the node that reported the other node as malicious is
actually malicious and if not equal, the report is correct. The
authors in [23] have proposed a reputation based mechanism
for detecting packet dropping attacks. This mechanism uses
direct observation and indirect or second hand information to
calculate full reputation weight. Nodes can be excluded from
the network if they have a low reputation weight. To provide
fault tolerance, historical reputation and Fuzzy logic was used
to improve the performance. In our previous work [24] we
have presented an algorithm to detect packet dropping attacks,
and to find the malicious node that attempted the attack. The
algorithm detects the attack by using an indicative field in the
header section of each packet; the indicative field has 3 sub
fields - the identication field, the flag field, and the offset field.
These 3 fields are used to find if a node receives the complete
original number of packets from the previous node.
In our previous work [25] we have presented a novel attack and
detection mechanism against a special type of packet dropping
attack where the malicious node drops one packet or more
and injects a new fake packet instead. Our novel detection
mechanism is very powerful and has very high accuracy. It
relies on a very simple yet powerful idea; the creation time
of each packet. Results show this mechanism achieves a very
high accuracy and detection rate.
D. Defence against a Selfish Attack
Selfish nodes may use network services, but refuse to coop-
erate with other nodes. For example, selfish nodes may not
forward or route messages due to the limitation of battery life
or resources consumption. Defence against this type of attack
can be classified as barter based and credit based. In [26], a
barter based mechanism to stimulate selfish nodes to cooperate
is proposed. This system consists of two parts; a reputation
system and a virtual payment or rewarding scheme part. When
two nodes are on the same transmission range they start
sending a description of their messages on the buffer. They
can then agree on which messages will be exchanged, with
each message sent one by one from each side in preference
order (primary/secondary message). If one side cheats, the
transaction is directly disrupted and the worst scenario will be
the deferment of one message. After each message interaction
the nodes receive a score and they accumulate these scores
to obtain their total score at the end (this part represents
rewarding schema). Gaming theory is used to achieve this
barter based mechanism where the nodes are divided between
two players; “Crowd” player, represents the majority of nodes.
“Deviator” player, represents a small group that deviates from
the behavior of normal nodes. However, this techniques relies
on the assumption that selected subsets of messages must
be the same size and connection time should be enough to
exchange all agreed messages which is not practical. Also,
there is no clear picture of the network behaviour in case
a node has no messages or fewer messages than the second
side. In MobiCent [27], a Credit-Based Incentive System is
proposed. Each nodes, client / receiver pays for message
delivery using a payment scheme involving two algorithms.
The first is a payment set selection algorithm which decides
the relays to be paid. The second algorithm is a payment
calculation algorithm which decides how much should be
paid to each selected relay and how much the client should
be charged. As a result, nodes will forward packets without
adding phantom links or waste any contact opportunity unless
the reward is not sufficient or it is the decision of an underlying
routing protocol. This technique, however, is not that strong
because the sender can flood the network as he is not involved
in the payment schema. This kind of strategy is not effective
if the majority of nodes have selfish behaviour.
E. Defence against Sybil Attacks
A Sybil attack is the ability of a malicious node to create a
number of fake ID’s while dropping received packets. In a
Sybil attack it is difficult to identify the real node causing
the packet dropping since malicious nodes use different ID’s
to communicate with neighbour’s. In [28], a definition and
taxonomy to the Sybil attack is proposed, showing the types of
defence such as the resource testing as an old technique, and a
new technique including radio resource testing, verification of
key sets for random key predistribution, registration, position
verification and code attestation. Another defence against a
Sybil attack is proposed in [29] by the design of a reputation
based system - Explicit and implicit social trust establishment.
This trust relies on two factors. the first is contact quality
between nodes and the trustworthiness of the nodes’ opinions.
To establish social trust, nodes combine explicit and implicit
social trust where explicit social trust is built from “Friend
Ties” whenever they meet via secure pairing. A friend list is
built in each encounter and then saved in a friendship graph.
Implicit social trust is built from contact time and relies on the
familiarity and the similarity of the nodes. Familiarity means
the accumulated contact time and similarity means the degree
of familiarity for the two nodes matches.
F. Anti-Localization Techniques
Detection of node’s location can be a serious threat by tracking
path and movement of nodes in OppNets. One of the tech-
niques used to hide the location of nodes is ALAR [30]. ALAR
uses good techniques to protect a sender’s location privacy
by dividing the message to a number of encrypted segments
and sending each one of these to a different neighbour. The
decryption key is kept on the last segment so the receiver
doesn’t know the message content unless he receives all the
segments. ALAR achieves the minimization of a sender’s lo-
cation privacy and maximizes message delivery. The weakness
of this technique is that routing performance is influenced by
the setting of the number of segments and the number of
neighbours or receivers. Additionally, the routing performance
is degraded in terms of delivery ratio and delivery latency as
the two parameters increase. In [31], any node should be a
member of at least one group and each group has a set of
nodes. Public/private key-pair is assigned to each group, and
nodes are distributed randomly to groups. Each node maintains
a keychain of a public/private key pair, plus a copy of all other
nodes and groups of public keys. It also maintains the private
key of its group, where each node uses group public keys to
encrypt messages for other groups, and uses the groups private
keys to decrypt messages for groups of which it is a part of.
TPS use a secret sharing technique to divide the message,
which is considered a secret, into multiple shares, then sends
the secret to the destination through a number of independent
paths. In this scenario, the author protects the contents of the
message from individual intermediary nodes. The sender en-
crypts the message with a receiver’s public key and seals both
the message and receiver’s address before sending them. While
the message travels through the network, each node checks
whether to decrypt it. If yes, then this node is the message
destination and the message can be reconstructed. However,
with a Sybil attack, multiple pseudonymous nodes can copy,
create and then intercept a sufficient number of shares. In [32]
the authors have reviewed the application of k-anonymity for
Location based Services (LBS) and its recent advancements.
They have recognized three perspectives for the applicability
of k-anonymity for LBS: the application of k-anonymity based
on the architecture, based on the algorithms for anonymization,
and based on the types of k-anonymity (according to the
different query processing techniques). Hence, the review has
been done within the framework of these perspectives. This
review can arm the privacy providers with the latest techniques
and possible modifications in their present techniques.
III. SECURITY SOLUTIONS BAS ED O N INT RUS IO N
DET EC TI ON SY ST EM
An Intrusion Detection System (IDS) can be a good technique
for increasing security in OppNets. In [33], a ferry-based intru-
sion detection and mitigation (FBIDM) scheme was proposed.
In FBIDM, special nodes called “Ferries” are used to collect
information from other nodes by passing them in fixed routes
and stopping at a fixed stop points. “Secret” encrypted mes-
sages are broadcast by ferry nodes so any genuine node can
understand or decode it and then start sharing information like
encounter and delivery predictability with other nodes. Ferry
nodes then compare this information to decipher any malicious
nodes and inform the genuine nodes to update their blacklist.
MUTON [34] is a detection scheme based on the same idea
as FBIDM [33] but with the modification of taking transitive
properties into consideration. In MUTON, special nodes called
“Ferries” are used to collect information from other nodes by
passing them in fixed routes and stop in a fixed stop points.
“Secret” encrypted message are broadcast by ferry nodes so
any genuine node can understand or decode the message and
start sharing information like Delivery Encounter Table (DET),
Delivery Probability Table (DPT), and Transitive Information
Table (TIT) with other nodes. DET and DPT are inherited
from FBIDM, and a MUTON created TIT table is used to
record transitive information. In FBIDM, a cross-checking of
delivery probabilities between two nodes is used to detect
malicious node. However, for the duration of the detection
process MUTON uses associations inherited from consecutive
encountering events between nodes and calculates the sanity
of the node based only on the information on that node. The
intrusion detection system in [35] uses the same techniques as
used in wired networks where nodes observe traffic sent by
one hop neighbours and compares the observed values of some
metrics, such as the unconditional packet dropping ratio and
selective random packet dropping ratio with original values
observed from the past to detect anomalous behaviours. This
intrusion detection system means nodes will be in promiscuous
mode and will process all monitored packets, thus it is energy
consuming. Additionally, there can be an insufficient number
of neighbors that can be used as monitoring nodes in sparsely
connected networks.
IV. TRUST MANAGEME NT EVAL UATION
In order to evaluate the trustworthiness of other nodes in
OppNets, a trust management model [36] [37] [38] [39] can
be an efficient solutions to increase the security levels of
the network. In [36], a trust model was built to evaluate
the forwarding behaviour of neighbour nodes and the model
was applied to opportunistic routing in ad hoc networks.
From this work, [36] proposed the minimum cost routing
algorithm (MCOR). The MCOR framework has three layers;
trust management, trusted opportunistic forwarding model,
and trusted minimum cost opportunistic routing. The up-
per layer is used for the initialization of trust relationships,
trust recommendations, trust computations, trust judgments,
and trust updating. The middle layer is used for selecting
the effective forwarder with the least cost distance to the
destination from the trusted neighbour forwarding list. The
bottom layer contains the trusted forwarding list and trusted
minimum cost opportunistic routing. Probe packets are used to
evaluate links delivery probabilities between nodes and passive
acknowledgement modes used by nodes so they can observe
the forwarding behaviour of their neighbour’s. Each node
observes its neighbour’s behaviour by comparing their trust
degree value with a threshold value. Then the node initializes
the cost of trusted opportunistic routes and updates the trusted
forwarding list in all nodes. Nodes with trust degree values
less than the threshold are considered as malicious nodes. In
[37], a framework is presented to quantitatively measure trust,
model trust propagation, and defend trust evaluation systems
against malicious attacks. The idea is each node maintains a
trust record, and when the source node needs to find a route
to the destination it first tries to find as many routes to the
destination as it can. The source node then tries to find the
packet-forwarding trustworthiness of nodes on these routes
from its own trust record or through recommendations. At
the end, the source node will select the trustworthy route to
the destination and then updates the trust records based on its
monitoring of the route quality. This trust record is also used
for detecting malicious nodes. However, these methods are not
efficient in OppNets as there is no end to end connection and
its difficult to find more than one route to the destination. In
[38], a quantitative measure and a model trust propagation
information theoretic framework is presented by two trust
models, entropy-based model and probability-based model. We
can establish trust relationships in two ways. One through
direct observations and the second through recommendations
from other nodes. Uncertainty is used to represent trust, and
entropy is used to measure uncertainty. In the entropy-based
trust model node B monitors the behaviour of node C then
makes a recommendation to node A. In the probability-based
model, the probability values of trust relationships are used
to calculate concatenation and multipath trust propagation.
When a sender wants to establish a route to the destination,
it should find multiple routes to the destination. The sender
should then try to find the trustworthiness of the routes from
its own trust record or through the recommendations. The
sender chooses the trustworthy route to transmit the message
and updates the trust records based on the monitoring of
route quality. The trust records can also be used for detecting
malicious nodes. Building a trust management system based
on ontology or structural frameworks to organize information
is proposed in [39]. A reputation system is used to classify
users reliability by collecting direct and indirect information
about other users. The reputation system uses a range of values
or classes to evaluate other nodes. These values or classes
are very untrustworthy, untrustworthy, no opinion, trustworthy,
and very trustworthy.
V. TRU ST ST RATEGIES IN OPPNET S
Trust strategies in OppNets can be built based on Social,
Reputation and history information as shown in Table I . A
combination of all the previous strategies can be used as well.
Trust is especially difficult when mobile users find themselves
in a new surrounding without established trust or reputation
available. The first time a node meets with another node,
it doesn’t trust it. But the second time it meets the same
node, how does it know if it should trust it or not? On what
basis is a new node accepted into the network?. Trust can
be established in 2 ways: Direct trust - sometimes called
first hand trust - established through direct observations of
other node’s behaviour from past records, and indirect trust
- sometimes called second hand trust - established through
trust propagation from recommendations from other nodes. In
a network, when node A wants to send a message to node B,
node A has 3 choices: Node A fully trusts node B and is sure
that node B will perform its job as required, node A doesn’t
fully trust node B and is not sure if node B will perform
the job, node A does not trust node B. How does node A
make the choice?. Trust is important to authenticate a node’s
identity and avoid malicious nodes. Methodologies used to
measure trust include but are not limited to, rating experiences,
reputation models, recommendations, past experiences, word
of mouth, weighting, probability, encounter based trust, voting
methods, cluster based methods, honey bee mating, beacon
nodes, public key cryptography, digital signatures, Bayesian
networks, chain optimization, social networks, iterative algo-
rithms, acknowledgments, watchdog monitoring nodes, neural
networks, game theory, fuzzy logic, confident and core, swarm
intelligence, and directed and undirected graph.
A. Social-Based Trust Strategies
Social network information is used to build trust systems.
In [40], a study and analysis the trade-off between trust and
success delivery rates in OppNets was proposed by adopting
a real-trace driven approach. Number of trust social based
filters including common interests, common friends and the
distance in the social graph were applied on an epidemic
protocol to achieve a reasonable trade-off between trust and
the success rate by achieving more than a 35% success rate
compared to an untrusted environment where 10% of the nodes
refused to cooperate because of the absence of trust. However,
it is difficult to rely on these filters for trust criteria since
malicious nodes can break these filters. In [41], the authors
use social networks to propose a trust model. When a peer in
the network wants to work with an unknown peer, it first asks
its friends for opinion. When a malicious peer is found in the
network, friends inform each other to eliminate the malicious
peer from the network. Probability is used to define trust and
recommendation values. The trust value is how much 2 peers
trust each other, and the recommendation value is how much
a peer friend recommends a peer to other peers. The more
positive recommendations a peer gets, the higher its trust value
increments. The network starts with legitimate peers and new
peers can only join the network when there is an existing peer
in the network that can recommend it. This condition helps
prevent malicious peers from joining the network from the
beginning. In [42], a model with trust chain optimization based
on the stochastic Petri net technique (bipartite graph) and
social networks is used to measure the trust and social values
of multiple nodes in a path. When nodes evaluate each other’s
trust they combine social trust with QoS trust to compute the
total trust value of a node. Social trust is measured from direct
and indirect trust derived socially from own experiences with
other nodes, or the reputation of the node in the social network.
QoS trust is measured from a node’s ability to provide good
services and conduct positive interactions with other nodes in
the network. When trust is measured in a path, its distance
and number of nodes affects the computed trust, where longer
chains of nodes in a path weakens the trust value of a path. In
[29], secure routing in OppNets relies on social trust between
users by designing a systems using explicit and implicit trust.
Explicit trust is built from the level of friendship among friends
meeting each other. Implicit trust relies on the familiarity
(encounter duration) and the similarity (to which extent 2
familiar nodes stayed in the same location) of nodes, the
larger the encounter duration, the more trust that peer gains,
implicit trust helps in determining if a node is legitimate or
not. Another social based trust system is presented in [43]
where nodes in the network are grouped based on their social
position in the network. Each group is assigned a value that
indicates the importance of the group in the social network.
The destination receives the message forwarded to it from the
source node through intermediate nodes, it uses the number
of hops to measures the trust value of each intermediate node.
The trust value of nodes that participated in forwarding the
message is updated. The work in [44], improves the Markov
model by proposing a new algorithm and using probability that
computes indirect trust using the level factor and confidence
to measure the trust value. Where the level factor states that
the more intermediate nodes in a path, the longer trust has
to transfer, and so the weaker it becomes. And confidence is
what a node believes about the truthfulness of information
it receives from other nodes. The algorithm relies on the
transmission history of peer nodes, but is not designed to work
with cases where information between nodes is not common or
not gathered. The model in [53] aims on detecting a malicious
node using cluster based analysis. Using auto regression, nodes
forecasts the trust value of other nodes in the network where
past experiences affect the current trust value of a node. Direct
and indirect trust are then united by the cluster head to measure
the trust value using a probabilistic model. Trust values are
checked for their accuracy using the Proportional Integral
Derivative (PID) controller. Nodes resulting with a low trust
value will not be trusted, thus a secure route can be formed by
avoiding interactions between legitimate and malicious nodes.
Using distributed trust based on public key cryptography,
the model in [54] uses a probabilistic method to deal with
problems involved with initial trust establishment in networks.
At the initial stage of the network and with the help of a secret
dealer (could be a service provider), nodes are supplied with
adequate amount of trust enough to get them started in the
network, nodes trust their secret dealer. After this stage, the
network becomes ad hoc and any central tasks such as the
secret dealer ends here. Nodes then create direct trust when
meeting each other by viewing each other’s certificates and
validating them by looking for a trusted route between each
other. At this stage, each node is self-organized, and becomes
responsible to issue public certificates for other nodes. Having
the secret dealer simplifies the process of establishing trust in
this model, however, in decentralized networks, implementing
the centralized secret dealer at the start of the network might
not be feasible. The authors in [55] present a novel trust
management framework that builds trust among nodes using 3
levels of trust - subjective or direct trust, objective or indirect
trust, and recommended trust for unfamiliar nodes. Each node
in the network maintains a local trust list that records the
3 levels of trust for nodes in the network. Each node can
establish direct trust towards another node using its direct past
experiences with a node, if it never had a past experience
with a node it can seek feedback from trusted neighbours
towards their trust to a node, and past performance ability
of a node to perform reliably in the network. Indirect trust
is built from the reputation of a node as viewed by other
nodes in the network that had previous interactions with the
node, and a node’s reputation in regards to its ability in
preventing malicious behaviour. Nodes build recommended
trust for unfamiliar nodes in the network by using both direct
and indirect trust.
TABLE I: A comparison of trust strategies
Strategies Techniques Methodology Advantage Disadvantage Suitability with
OppNets
Social-Based Filters [40] Common interests Fair trade-off between trust and success rate Filters can be break Suitable
Opinion [41] Trust and recommendation Good protection and scalability Needs recommendations Not suitable
Chain optimization [42] Stochastic Petri net technique Identify the optimal length of trust chain Rely on the path length Not suitable
Friendship, Familiarity and similarity [29] Explicit and implicit trust Doesn’t need end to end connection Needs larger encounter duration Suitable
Position [43] Nodes position Good Blackhole attacks defense Weak techniques with mobility Suitable with limitation
Markov model [44] Level factor and condence Good accuracy rate Not working with uncommon information Suitable with limitation
Reputation-Based Bayesian [45] Reputation and trust rating Addressing lying nodes Needs recommendations Suitable
Watchdog [46] Direct and indirect observation Periodically evaluate other nodes Nodes should be on the same transmission range Note suitable
Acknowledgments [47] Reputation building Reputation expire with the age Sender needs destination feedback Suitable with limitation
Ontology [39] Similarities and differences Consider direct and indirect reputation Not consider trust changing Suitable with limitation
Certicates (CA) [48] trustworthiness Dealing with ofine and online stages Malicious nodes can fake CA Suitable with limitation
Fuzzy Recommendation [49] Packet forwarding patterns Direct and indirect trust calculation Nodes should be on the same transmission range Not suitable
Activity [50] Cooperation, honesty, and similarities Direct and indirect trust calculation Inactive nodes have less opportunities Suitable
History-Based Filters [51] Encounter Frequency, Duration,
Location and Behaviour Good accuracy rate Nodes misbehavior is not considered Suitable
Trusted authority [52] Nodes interactions history Good accuracy rate History records can be fake Not suitable
B. Reputation-Based Trust Strategies
The reputation of the nodes can be used for building a system
of trust. In [45], a robust reputation system for detecting the
misbehaviour of nodes has been proposed using a modified
Bayesian estimation approach. Each node on the network
maintains a reputation rating, which represents the opinion
of each node toward other nodes and a trust rating that
represents the opinion of nodes about the honesty of other
nodes. First-hand observations and second-hand reputation
records from others nodes are used if other nodes have
reliably been trustworthy or when nodes pass the deviation
test. Nodes use their own rating to sporadically classify
other nodes according to two criteria, normal/misbehaving
and trustworthy/untrustworthy. The Bayesian approach is used
to accomplish both classifications, address lying nodes and
detect false reports. In CONFIDANT [46], a reputation based
system is proposed. A watchdog mechanism is used to collect
direct information where nodes direct, observe or monitor their
neighbour and detects the misbehaviour of nodes, such as
packet dropping, modification, fabrication, or timing misbe-
haviour. nodes do this by comparing the message transmission
of their neighbour with the message copied on its buffer.
Nodes also gather second-hand information from others neigh-
bour nodes and deal with false ratings. Nodes classify other
nodes as misbehaving or normal using a Bayesian estimation
probability. So, misbehaving nodes can be isolated from the
network. Pathrater is used to select the best path accord-
ing to direct and second hand information. CONFIDANT
periodically reduces the ratings of nodes according to the
observation. By doing this, nodes cannot exploit previous
behaviour, and it is useful to allow redemption of isolated
nodes no longer misbehaving. In [47], a reputation based
routing protocol technique is proposed for blackholes attacks
where nodes maintains a local reputation for each node. In the
next forwarding, the node selects the best neighbour according
to the reputations of the nodes. The reputation mechanism
depends on three elements; Acknowledgments, Node Lists and
Aging. This protocol deals especially with sinkhole attacks,
where a malicious node can send wrong routing information
to attract messages and then drop all or some of them. When
a node has a low reputation value the possibility it will be a
malicious node is very high. Therefore, the likelihood it will be
the chosen as the next hop will be very low. When the message
reaches its destination, an acknowledgment message is sent
to the sender and then the sender increases the reputation
value of the forwarding nodes and so on. Reputation has age,
so it periodically ages or its age decreases as some nodes
may be selfish for a long time for reasons such as battery
life or resources consumption. Eigentrust [56], one of the
most classical trust models is a reputation system that uses
transitivity of trust to assign a unique global trust value for
each node based on its interactions with other nodes in the
network. Before a node attempts to download content from
another anode, it checks the global trust value of the node. To
calculate the global trust value for node A, ratings from all
nodes that worked with node A are required. This process is
demanding and time consuming, as updating the global trust
value for a node requires lots of input from a large number
of other nodes. Peertrust [57] is another classical model that
uses reputation to build a trust framework. Trust is computed
from a number of parameters: recommendations from other
nodes based on the services they provide, total number of
interactions a node completes, credibility of recommendations
from other nodes, context of the interactions, and the context
of the community such as creating incentives to encourage
recommendations. PeerTrust works with many parameters and
metrics making it difficult to apply with a large number of
nodes in the network. A reputation aggregation method is
used in [58] to solve issues with malicious peers who send
malicious content at times, and honest content at other times.
The method works by assigning a provisional trust value to
peers in the network. When a peer receives malicious content
from another peer it lowers the direct trust value of the peer
that sent it malicious content. The proposed system then allows
the receiving peer to spread the new updated trust value of the
malicious peer to other peers which lowers the reputation of
this malicious peer. This process happens every time a peer
receives malicious content from another peer and this attempts
to keep the reputation level of peers updated at all times.
Before nodes decide to trust a peer, they rely on the reputation
or global value of the peer. A malicious node detection model
using graph based iterative trust and reputation methods is
introduced in [59]. Nodes in the network use past experiences
to evaluate the trust value of other nodes. Nodes are either
service providers where they provide a service, or are service
consumers where they use the services provided by service
providers. After an interaction, service consumers rate the
service provider of whom they used a service from. Using
the rate values and after examining them for their level of
honesty, a reputation system is built for nodes in the network.
These ratings are recorded in a table and are used by the
iterative detection mechanism to keep the reputation of all
nodes in the system updated regularly, where nodes with a
low reputation are removed from the network. The gathered
tables of each node in the network are then used to create a
bipartite graph. A trust model based on ontologies is proposed
in [39]. Using reputation, the ontology classifies nodes in the
network according to their trustworthiness in the network. A
node uses its past experiences with a target node to evaluate its
direct reputation value, and uses recommendations from other
nodes towards a target node to evaluate its indirect reputation
value. Direct and indirect reputation are both combined and
then used as a decision parameter for nodes to look at
before trusting other nodes. The model does not consider
trust changes according to a node’s location, and this is a
relevant feature in OppNets. In [60] the authors present a
trust model that uses basic trust followed with application
trust. Basic trust forms as initial trust is established, the
model allows 2 nodes to exchange their credentials when they
meet for the first time. The credentials of any node in the
network contains symmetrically encrypted features about the
node. These credentials are decrypted using a secret key that
is exchanged between 2 nodes when they meet. Nodes can
choose which features in their credentials to share with other
nodes. Once basic trust is formed, application trust formation
is followed. Application trust is measured based on the node’s
context, roles are assigned to nodes based on their application
trust which changes when a node’s context changes.
Another model in [48] uses certificates to evaluate the trust-
worthiness of a trust value, and the node’s ID. The model
has two stages, offline and online. In the offline stage, the
certificate, called Attribute Certificate (AC), is issued by a
node to its neighbour, the certificate contains the neighbour’s
evaluated trust, and the issued AC is also stored in the issuing
node as well. Every node in the network issues an AC for their
neighbours. In the online stage, when a node wants to send
a message to a specific destination, it constructs paths to the
destination. It then requests ACs from nodes that belong to the
paths it constructed, it validates the ACs. Using the validated
ACs it measures the trust value of each route, paths with
less hop counts have higher trust, and then chooses the most
trustworthy route to send its message. To deal with uncertainty,
a fuzzy recommendation based trust model is introduced in
[49]. Each node in the network monitors its neighbour’s
packet forwarding patterns. Nodes record the results of their
neighbour monitoring patterns into a table that contains the
data forwarding information. Every time a node interacts with
another node in the network it rates the interaction as either
a positive or a negative one. Using the information recorded
in the table, fuzzy direct trust is computed. Latest interactions
are more valid than past interactions, but both are used to
measure the trust value of a node. To build a trusted path,
direct trust and feedback from other nodes towards nodes they
interacted with are both used to calculate the fuzzy indirect
trust with fuzzy properties. In [61] a Trust Based Spreading
(TBS) is proposed to allow nodes to collaborate with each
other to filter spam messages by exchanging assessments to
allow or block the spreading of the message between nodes in
a network when they meet each other opportunistically. The
system starts when a node receives a message, it classifies
the content of the message as legitimate or spam. The node
then places legitimate content in a whitelist, and spam content
in a blacklist. When nodes meet each other, they exchange
their white and black lists whether they exchange content
or not. A threshold of required assessments must be met to
confirm an assessment. The authors in [50] took the activity
of nodes in the network into consideration when designing an
OppNet trust system. An active node in the network has more
opportunities to meet with other nodes, hence has a higher
chance of meeting the destination. Direct trust is calculated
using the activity parameter, an active node is determined by
the number of encounter rates with other nodes. To avoid
having highly active malicious nodes with a high trust value,
indirect trust is measured using the cooperation, honesty, and
similarities parameters of nodes towards other nodes in the
network.
C. History-Based Trust Strategies
These techniques use a nodes history to build a trust system
as in [51], where a trust advisory framework is proposed to
decrease the unreachability in the selfish network using the
four trust advisory filters (Encounter Frequency, Encounter
Duration, Encounter Location Based Behaviour Vectors and
Behaviour Matrix Filters). These filters are evaluated using
a real world data set where Epidemic protocol [62] is used.
Using these filters, one can provide evidence of potential
similarity between nodes and this can be used when we try
to find the best path to the destination. Encounter frequency
(when devices be on the same radio range) is used to develop
trust between nodes and is based on the idea that nodes with
similar interest frequently meet and interact. This means the
more they meet the more trustworthy they are. The more time
spent by the nodes, the greater the similarity between them
and more trustworthy they are likely to be. The behaviour
vector filter (BV) is based on the idea that similar people
have a tendency to go to similar locations so capturing the
location preference of nodes is used as a filter base. The
BV preserves the vectors for the duration and frequency of
capturing user behaviour. Some modification of the vector
into a matrix allows maintaining a single entity to achieve
a spatio-temporal representation of user behaviour. In this
behaviour matrix, each column represents a location and each
row represents a single day. A Random Trust filter (RT) is
also used for comparison purposes. This randomly selects a T
percent of encountered users and adds them to the trust list.
However, in [51] misbehaviour of the nodes is not considered.
The scheme introduced in [52] uses trusted authorities to
measure the trust value of nodes, the scheme is modelled using
game theory. Initially, nodes record their history interactions
with other nodes, and later send their history records to the
trusted authority (TA) which validates the trustworthy of nodes
in the network by observing their history records. The TA
rewards nodes with good behaviour to encourage positive be-
haviour, and punishes misbehaving nodes to minimize negative
behaviour. A probabilistic misbehaviour detection scheme is
used where TAs could validate nodes or not, and where nodes
could misbehave or not. A reputation system is then created
for nodes in the network where positive behaviour increases
a node’s reputation in the network, and a negative behaviour
decreases a node’s reputation in the network.
VI. CONCLUSION
The aim of this survey was to investigate the available security
approaches in OppNets and any techniques used to increase
their security levels. In this survey, we discussed secure routing
and trust management systems and strategies to increase
security levels in OppNets where social, reputation and history
relationships play important roles in the implementations of
these trust strategies. We also discussed secure routing tech-
niques in OppNets and different defence mechanisms against
various types of attacks like Blackhole, Wormhole, Dropping,
and Sybil attacks. Anti-localization techniques of nodes have
attracted the attention of researchers as many routing protocols
uses the location of nodes as a base for their routing decisions.
Selfishness was discussed in this paper where the node tries
to obtain benefits from network facilities and resources but
refuses to cooperate with other nodes for reasons such as
limitation of resources. We have also discussed the impact
of intrusion detection systems on OppNets and provided an
overview of trust in OppNets.
Majeed Alajeely joined Deakin University ,
Melbourne, Australia in Dec 2012. He is cur-
rently pursuing his PhD degree. His research
interest focuses on security in Opportunistic
Networks routing protocol.
Asmaa Ahmad joined Deakin University , Mel-
bourne, Australia in 2013. She is currently pur-
suing her PhD degree. Her research interest
focuses on security in Opportunistic Networks
routing protocol.
Robin Doss: Associate Head of Information
Technology School (Development and Inter-
national), Deakin University, Melbourne, Aus-
tralia. His research interests include broad ar-
eas of communication systems, protocol design,
wireless networks, security and privacy.
REFERENCES
[1] L. Tang, Y. Chai, Y. Li, and B. Weng. “Buffer management policies in
opportunistic networks”. Journal of Computational Information Systems,
volume 8(number 12):5149–5159, June 2012.
[2] P. Juang, H. Oki, Y. Wang, M. Martonosi, L. Peh, and D. Rubenstein.
“Energy-efficient computing for wildlife tracking: Design tradeoffs and
early experiences with ZebraNet”. Proceedings of the Tenth Interna-
tional Conference on Architectural Support for Programming Languages
and Operating Systems, volume 37(number 10):96–107, October 2002.
[3] J. Huang, S. Amjad, and S. Mishra. “CenWits: A sensor-based loosely
coupled search and rescue system using witnesses”. Proceedings of
the Third International Conference on Embedded Networked Sensor
Systems, pages 180–91, November 2005.
[4] T. Small and Z. Haas. “The shared wireless infostation model - a new ad
hoc networking paradigm (or where there is a whale, there is a way)”.
Proceedings of the Fourth ACM International Symposium on Mobile Ad
Hoc Networking and Computing, pages 233–244, June 2003.
[5] M. Riguidel G. Wang Y. Wu, Y. Zhao and P. Yi. Security and trust
management in opportunistic networks: a survey. Security Comm.
Networks, 8:18121827, 2015.
[6] B. Wu, J. Chen, J. Wu, and M. Cardei. “A survey on attacks and
countermeasures in mobile ad hoc networks”. Wireless Network Security,
pages 103–135, 2007.
[7] J. Fuentesand A. Gonzlez-Manzano, A. Gonzlez-Tablas, and J. Blasco.
“Security Models in Vehicular Ad-hoc Networks: A Survey”. IETE
Technical Review, 31(1):47–64, 2014.
[8] Y. Hu, A. Perrig, and D. Johnson. “Wormhole attacks in wireless
networks”. IEEE Journal on Selected Areas in Communications, volume
24(number 2):370–380, February 2006.
[9] Y. Hu, A. Perrig, A., and D. Johnson. “Packet leashes: A defense
against wormhole attacks in wireless ad hoc networks”. INFOCOM
2003, Twenty Second Annual Joint Conference of the IEEE Computer
and Communications Societies, volume 3:1976–1986, March 2003.
[10] S. Shin and E. Halim. “Wormhole attacks detection in MANETs using
routes redundancy and time-based hop calculation”. IEEE International
Conference on ICT Convergence (ICTC), pages 781–786, October 2012.
[11] F. Li, J. Wu, and A. Srinivasan. “Thwarting blackhole attacks in
disruption-tolerant networks using encounter tickets”. IEEE INFOCOM
Conference, pages 2428–2436, April 2009.
[12] N. Li and S. Das. “A trust-based framework for data forwarding in
opportunistic networks”. Ad Hoc Networks, volume 11(number 4):1497–
1509, June 2013.
[13] Y. Ren, M. Chuah, J. Yang, and Y. Chen. “Detecting blackhole attacks
in disruption-tolerant networks through packet exchange recording”.
Proceedings of the 2010 IEEE International Symposium on a World
of Wireless, Mobile and Multimedia Networks, pages 1–6, June 2010.
[14] M. Ke, Y. Nenghai, and L. Bin. “A new packet dropping policy in
delay tolerant network”. Twelfth IEEE International Conference on
Communication Technology (ICCT), pages 337–380, November 2010.
[15] X. Zhang, A. Jain, and A. Perrig. “Packet-dropping adversary identifi-
cation for data plane security”. Proceedings of the 2008 ACM CoNEXT
Conference, December 2008.
[16] B. Carbunar, I. Ioannidis, and C. Nita-Rotaru. “JANUS: Towards
robust and malicious resilient routing in hybrid wireless networks”.
Proceedings of the Third ACM Workshop on Wireless Security, pages
11–20, 2004.
[17] M. Chuah and P. Yang. “Impact of selective dropping attacks on network
coding performance in DTNs and a potential mitigation scheme”.
Proceedings of the Eighteenth International Conference on Computer
Communications and Networks, pages 1–6, August 2009.
[18] A. Baadache and A. Belmehdi. “Fighting against packet dropping
misbehavior in multi-hop wireless ad hoc networks”. Journal of Network
and Computer Applications, volume 35(number 3):1130–1139, May
2012.
[19] J. Sen, M. Chandra, P. Balamuralidhar, S. Harihara, and H. Reddy. “A
distributed protocol for detection of packet dropping attack in mobile ad
hoc networks”. IEEE International Conference on Telecommunications
and Malaysia International Conference on Communication, pages 75–
80, May 2007.
[20] S. Sultana, E. Bertino, and M. Shehab. “A Provenance based mechanism
to identify malicious packet dropping adversaries in sensor networks”.
Proceedings of the 2011 Thirty First International Conference on
Distributed Computing Systems Workshops, pages 332–338, June 2011.
[21] S. Marti, T. Giuli, K. Lai, and M. Baker. “Mitigating routing misbe-
havior in mobile ad hoc networks”. Proceedings of the Sixth Annual
International Conference on Mobile Computing and Networking, pages
255–265, 2000.
[22] N. Nasser and Y. Chen. “Enhanced intrusion detection system for discov-
ering malicious nodes in mobile ad hoc networks”. IEEE International
Conference on Communications, pages 1154–1159, June 2007.
[23] S. Jianhua and M. ChuanXiang. “A reputation-based scheme against
malicious packet dropping for mobile ad hoc networks”. IEEE Inter-
national Conference on Intelligent Computing and Intelligent Systems
(ICIS), volume 3:113–117, November 2009.
[24] A. Ahmad, M. Alajeely, and R. Doss. “Defense against packet dropping
attacks in opportunistic networks”. Advances in Computing, Communi-
cations and Informatics (ICACCI, 2014 IEEE International Conference
on, pages 1608–1613, Sept 2014.
[25] M. Alajeely, A. Ahmad, R. Doss, and V. Mak-Hau. “ Packet Faking
Attack: A Novel Attack and Detection Mechanism in OppNets”. Compu-
tational Intelligence and Security (CIS), 2014 IEEE Tenth International
Conference on, pages 638–642, Nov 2014.
[26] L. Butty´
an, L. D´
ora, M. F´
elegyh´
azi, and I. Vajda. “Barter-based
cooperation in delay-tolerant personal wireless networks”. Proceedings
of the 2007 IEEE International Symposium on a World of Wireless,
Mobile and Multimedia Networks, pages 1–6, June 2007.
[27] B. Chen and M. Chan. “MobiCent: A credit-based incentive system for
disruption tolerant network”. Proceedings of INFOCOM 2010, pages
1–9, March 2010.
[28] J. Newsome, E. Shi, D. Song, and A. Perrig. “The sybil attack in
sensor networks: Analysis and defenses”. Proceedings of the Third
International Symposium on Information Processing in Sensor Networks,
pages 259–268, April 2004.
[29] S. Trifunovic, F. Legendre, and C. Anastasiades. “Social trust in oppor-
tunistic networks”. INFOCOM 2010, IEEE Conference on Computer
Communications Workshops, pages 1–6, March 2010.
[30] X. Lu, P. Hui, D. Towsley, J. Pu, and Z. Xiong. “Anti-localization
anonymous routing for delay tolerant network”. Computer Networks,
volume 54(number 11):1899–1910, August 2010.
[31] R. Jansen and R. Beverly. “Toward anonymity in delay tolerant
networks: Threshold pivot scheme”. IEEE Conference on Military
Communications, pages 587–592, October 2010.
[32] R. Shahin, B. Lall, and S. Naseem. “Privacy Protection Through
k.anonymity in Location.based Services”. IETE Technical Review,
volume 29(3):196–201, 2012.
[33] M. Chuah, P.Yang, and J. Han. “A Ferry-based intrusion detection
scheme for sparsely connected ad hoc networks”. Proceedings of the
2007 Fourth Annual International Conference on Mobile and Ubiquitous
Systems: Networking Services, pages 1–8, August 2007.
[34] Y. Ren, M. Chuah, J. Yang, and Y. Chen. “MUTON: Detecting malicious
nodes in disruption-tolerant networks”. IEEE Wireless Communications
and Networking Conference, pages 1–6, April 2010.
[35] Y. Huang and W. Lee. “A cooperative intrusion detection system for ad
hoc networks”. Proceedings of the First ACM Workshop on Security of
Ad Hoc and Sensor Networks, pages 135–147, 2003.
[36] W. Bo, H. Chuanhe, L. Layuan, and Y. Wenzhong. “Trust-based
minimum cost opportunistic routing for ad hoc networks”. Journal of
Systems and Software, volume 84(number 12):2107–2122, December
2011.
[37] Y. Sun, Z. Han, W. Yu, and K. Liu. “A trust evaluation framework in
distributed networks: Vulnerability analysis and defense against attacks”.
Proceedings of the Twenty Fifth IEEE International Conference on
Computer Communications, pages 1–13, April 2006.
[38] Y. Sun, W. Yu, Z. Han, and K. Liu. “Trust modeling and evaluation in ad
hoc networks”. IEEE Global Telecommunications Conference, volume
3, November 2005.
[39] M. Gonc¸alves, E. Moreira, and L. Martimiano. “Trust management in
opportunistic networks”. Proceedings of the 2010 Ninth International
Conference on Networks, pages 209–214, April 2010.
[40] A. Mtibaa and K. Harras. “Social-based trust in mobile opportunistic
networks”. Proceedings of Twentieth International Conference on
Computer Communications and Networks, pages 1–6, July 2011.
[41] W. Liu, P. Ren, D. Sun, K. Liu, and J. Wu. “TrustP2PNet: P2P social
network with admission control model based on trust”. AASRI Procedia,
volume 5:281–286, 2013.
[42] J. Cho, A. Swami, and I. Chen. “Modeling and analysis of trust
management with trust chain optimization in mobile ad hoc networks”.
Journal of Network and Computer Applications, volume 35(number
3):1001–1012, May 2012.
[43] S. Gupta, S. Dhurandher, I. Woungang, A. Kumar, and M. Obaidat.
“Trust-based security protocol against blackhole attacks in opportunistic
networks”. Proceedings of the 2013 IEEE Ninth International Confer-
ence on Wireless and Mobile Computing, Networking and Communica-
tions, pages 724–729, October 2013.
[44] G. Yang, L. Zhang, Z. Tan, H. Yu, and S. Li. “A new method
of trust inference based on Markov model for peer-to-peer network”.
Proceedings of the 2012 IEEE Twelfth International Conference on
Computer and Information Technology, pages 349–354, October 2012.
[45] S. Buchegger and J. Boudec. “A robust reputation system for P2P and
mobile ad-hoc networks”. Proceedings of the Second Workshop on the
Economics of Peer-to-Peer Systems, November 2004.
[46] S. Buchegger and L. Boudec. “Self-policing mobile ad hoc networks
by reputation systems”. IEEE Communications Magazine, volume
43(number 7):101–107, July 2005.
[47] G. Dini and A. Duca. “Towards a reputation-based routing protocol
to contrast blackholes in a delay tolerant network”. Ad Hoc Networks,
volume10(number 7):1167–1178, September 2012.
[48] S. Inoue, M. Ishii, N. Sugaya, T. Yatagai, and I. Sasase. “Trust level
evaluation for communication paths in MANETs by using attribute
certificates”. Third International Conference on Communications and
Electronics (ICCE), pages 70–75, August 2010.
[49] J. Luo, X. Liu, and M. Fan. “A trust model based on fuzzy recom-
mendation for mobile ad-hoc networks”. Computer Networks, volume
53(number 14):2396–2407, July 2009.
[50] M. El-Sherief and M. Azer. “A novel proximity based trust model for
opportunistic networks”. Proceedings of the 2013 Eighth International
Conference on Availability, Reliability and Security, pages 281–284,
September 2013.
[51] U. Kumar, G. Thakur, and A. Helmy. “PROTECT: Proximity-based
trust-advisor using encounters for mobile societies”. Proceedings of
the Sixth International Wireless Communications and Mobile Computing
Conference, pages 636–645, April 2010.
[52] H. Zhu, S. Du, Z. Gao, M. Dong, and Z. Cao. “A Probabilistic
misbehavior detection scheme toward efficient trust establishment in
delay-tolerant networks”. IEEE Transactions on Parallel and Distributed
Systems, volume 25(number 1):22–32, January 2014.
[53] P. Chatterjee, U. Ghosh, I. Sengupta, and S. Ghosh. “Approach
for modelling trust in cluster-based wireless ad hoc networks”. IET
Networks, volume 3(number 3):187–192, September 2014.
[54] K. Ren, T. Li, Z. Wan, F. Bao, R. Deng, and K. Kim. “Highly reliable
trust establishment scheme in ad hoc networks”. Computer Networks,
volume 45(number 6):687–699, 2004.
[55] B. Zhang, Z. Huang, and Y. Xiang. “A novel multiple-level trust
management framework for wireless sensor networks”. Computer
Networks, volume 72:45–61, 2014.
[56] S. Kamvar, M. Schlosser, and H. Molina. “The Eigentrust algorithm for
reputation management in P2P networks”. Proceedings of the Twelfth
International Conference on World Wide Web, pages 640–651, May
2003.
[57] L. Xiong and L. Liu. “PeerTrust: Supporting reputation-based trust for
peer-to-peer electronic communities”. IEEE Transactions on Knowledge
and Data Engineering, volume 16(number 7):843–857, July 2004.
[58] T. Yajima, A. Matsumoto, and H. Shigeno. “PTrust: Provisional value
based trust for reputation aggregation in peer-to-peer networks”. First
International Symposium on Access Spaces (ISAS), pages 180–185, June
2011.
[59] E. Ayday, H. Lee, and F. Fekri. “Trust management and adversary
detection for delay tolerant networks”. IEEE Conference on Military
Communications, pages 1788–1793, October 2010.
[60] G. Yajun and W. Yulin. “Establishing trust relationship in mobile ad-
hoc network”. International Conference on Wireless Communications,
Networking and Mobile Computing, pages 1562–1564, September 2007.
[61] S. Trifunovic, M. Kurant, K. Hummel, and F. Legendre. “Preventing
spam in opportunistic networks”. Computer Communications, volume
41:31–42, March 2014.
[62] A. Vahdat and D. Becker. “Epidemic routing for partially-connected ad
hoc networks”. Technical Report, CS-200006, Duke University, 2000.
