CoCoWa is a collaborative approach to detecting selfish nodes in mobile ad-hoc networks (MANETs) and delay tolerant networks (DTNs) that improves upon local watchdog approaches. It combines local watchdog detections with the dissemination of information about detected selfish nodes between nodes during contacts. This reduces the time and increases the precision of detecting selfish nodes by reducing the effects of false positives and negatives generated by local watchdogs. The paper presents an analytical model and experimental evaluation using mobility traces showing CoCoWa provides significantly faster and more accurate detection of selfish nodes with reduced overhead compared to traditional watchdog approaches.
A collaborative contact based watchdog for detecting selfish nodes in coopera...eSAT Journals
Abstract Mobile Ad-hoc Networks (MANETs) assume that mobile nodes voluntary cooperate in order to work properly. This cooperation is a cost-intensive activity and some nodes can refuse to cooperate, leading to a selfish node behaviour. Thus, the overall network performance could be seriously affected. The use of watchdogs is a well-known mechanism to detect selfish nodes. However, the detection process performed by watchdogs can fail, generating false positives and false negatives that can induce to wrong operations. Moreover, relying on local watchdogs alone can lead to poor performance when detecting selfish nodes, in term of precision and speed. This is specially important on networks with sporadic contacts, such as Delay Tolerant Networks (DTNs), where sometimes watchdogs lack of enough time or information to detect the selfish nodes. Thus, this paper propose CoCoWa (Collaborative Contact-based Watchdog) as a collaborative approach based on the diffusion of local selfish nodes awareness when a contact occurs, so that information about selfish nodes is quickly propagated. As shown in the paper, this collaborative approach reduces the time and increases the precision when detecting selfish nodes. Keywords: Opportunistic and Delay Tolerant Networks, Performance Evaluation, Selfish Nodes Wireless networks, MANETs.
JPN1422 Defending Against Collaborative Attacks by Malicious Nodes in MANETs...chennaijp
Get the latest IEEE ns2 projects in JP INFOTECH; we are having following category wise projects like Industrial Informatics, Vehicular Technology, Networking, WSN and Manet.
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/ns2-projects/
Defending against collaborative attacks byranjith kumar
Dear Student,
DREAMWEB TECHNO SOLUTIONS is one of the Hardware Training and Software Development centre available in
Trichy. Pioneer in corporate training, DREAMWEB TECHNO SOLUTIONS provides training in all software
development and IT-related courses, such as Embedded Systems, VLSI, MATLAB, JAVA, J2EE, CIVIL,
Power Electronics, and Power Systems. It’s certified and experienced faculty members have the
competence to train students, provide consultancy to organizations, and develop strategic
solutions for clients by integrating existing and emerging technologies.
ADD: No:73/5, 3rd Floor, Sri Kamatchi Complex, Opp City Hospital, Salai Road, Trichy-18
Contact @ 7200021403/04
phone: 0431-4050403
Detecting Misbehaving and Selfish Nodes in the Network using Watchdog MechanismINFOGAIN PUBLICATION
The nodes in a wireless network may misbehave at times. This misbehavior needs to be monitored in order to avoid sudden failure of network. The watch dog mechanism has been sufficiently studied to address the issue of malice node detection, in Mobile Adhoc Networks (MANETs). A Collaborative Contact based Watchdog (CoCoWa) is collaborated with information diffusion in the proposed work. This combination strategy analyses all the nodes in a network and provides the information update regarding the selfishness of the specific nodes to other nodes and routing protocols to enable performance oriented transmission. Once the selfish node is detected by the watch dog, it is marked as selfishness positive node else the node is marked as negative selfish node. For enabling this fool proof approach, true neighbors, fake neighbors, their probability of relationships with each other is analyzed. The evaluation of the viability of the proposed work is made in terms of detection efficiency, detection accuracy of both malicious and selfish nodes. Apart from these, the strategy is proved to be simple yet effective.
Behavioral Model to Detect Anomalous Attacks in Packet TransmissionIOSR Journals
This document summarizes a proposed behavioral model to detect anomalous attacks in packet transmission in wireless networks. The model aims to identify packet droppers and modifiers by having nodes monitor their neighbors' forwarding behaviors over time. A tree-based routing structure is used, where each packet is marked as it travels toward the sink node. The marks provide information to help the sink node determine which nodes are misbehaving. The proposed scheme aims to gradually identify bad nodes through statistical analysis of their behaviors across different network topologies over time, with low false positives. It aims to catch both packet droppers and modifiers within a single detection module.
A Novel Approach To Detect Trustworthy Nodes Using Audit Based Scheme For WSNIJERDJOURNAL
ABSTRACT: In multi-hop ad hoc networks there exists a problem of identifying and isolating misbehaving nodes which refuses to forward packets. Audit-based Misbehavior Detection (AMD) is a comprehensive system that effectively and efficiently isolates both continuous and selective packet droppers. The AMD system integrates reputation management, trustworthy route discovery, and identification of misbehaving nodes based on behavioral audits. Compared to previous methods, AMD evaluates node behavior on a per-packet basis, without employing energy-expensive overhearing techniques or intensive acknowledgment schemes. Moreover, AMD can detect selective dropping attacks even if end-to-end traffic is encrypted and can be applied to multichannel networks or networks consisting of nodes with directional antennas. This work implements the AMD approach by considering the rushing attack. The analysis of the results confirms that AMD based method with rushing attack performs better as compared to the non rushing attack.
A collaborative contact based watchdog for detecting selfish nodes in coopera...eSAT Journals
Abstract Mobile Ad-hoc Networks (MANETs) assume that mobile nodes voluntary cooperate in order to work properly. This cooperation is a cost-intensive activity and some nodes can refuse to cooperate, leading to a selfish node behaviour. Thus, the overall network performance could be seriously affected. The use of watchdogs is a well-known mechanism to detect selfish nodes. However, the detection process performed by watchdogs can fail, generating false positives and false negatives that can induce to wrong operations. Moreover, relying on local watchdogs alone can lead to poor performance when detecting selfish nodes, in term of precision and speed. This is specially important on networks with sporadic contacts, such as Delay Tolerant Networks (DTNs), where sometimes watchdogs lack of enough time or information to detect the selfish nodes. Thus, this paper propose CoCoWa (Collaborative Contact-based Watchdog) as a collaborative approach based on the diffusion of local selfish nodes awareness when a contact occurs, so that information about selfish nodes is quickly propagated. As shown in the paper, this collaborative approach reduces the time and increases the precision when detecting selfish nodes. Keywords: Opportunistic and Delay Tolerant Networks, Performance Evaluation, Selfish Nodes Wireless networks, MANETs.
JPN1422 Defending Against Collaborative Attacks by Malicious Nodes in MANETs...chennaijp
Get the latest IEEE ns2 projects in JP INFOTECH; we are having following category wise projects like Industrial Informatics, Vehicular Technology, Networking, WSN and Manet.
For More Details:
http://jpinfotech.org/final-year-ieee-projects/2014-ieee-projects/ns2-projects/
Defending against collaborative attacks byranjith kumar
Dear Student,
DREAMWEB TECHNO SOLUTIONS is one of the Hardware Training and Software Development centre available in
Trichy. Pioneer in corporate training, DREAMWEB TECHNO SOLUTIONS provides training in all software
development and IT-related courses, such as Embedded Systems, VLSI, MATLAB, JAVA, J2EE, CIVIL,
Power Electronics, and Power Systems. It’s certified and experienced faculty members have the
competence to train students, provide consultancy to organizations, and develop strategic
solutions for clients by integrating existing and emerging technologies.
ADD: No:73/5, 3rd Floor, Sri Kamatchi Complex, Opp City Hospital, Salai Road, Trichy-18
Contact @ 7200021403/04
phone: 0431-4050403
Detecting Misbehaving and Selfish Nodes in the Network using Watchdog MechanismINFOGAIN PUBLICATION
The nodes in a wireless network may misbehave at times. This misbehavior needs to be monitored in order to avoid sudden failure of network. The watch dog mechanism has been sufficiently studied to address the issue of malice node detection, in Mobile Adhoc Networks (MANETs). A Collaborative Contact based Watchdog (CoCoWa) is collaborated with information diffusion in the proposed work. This combination strategy analyses all the nodes in a network and provides the information update regarding the selfishness of the specific nodes to other nodes and routing protocols to enable performance oriented transmission. Once the selfish node is detected by the watch dog, it is marked as selfishness positive node else the node is marked as negative selfish node. For enabling this fool proof approach, true neighbors, fake neighbors, their probability of relationships with each other is analyzed. The evaluation of the viability of the proposed work is made in terms of detection efficiency, detection accuracy of both malicious and selfish nodes. Apart from these, the strategy is proved to be simple yet effective.
Behavioral Model to Detect Anomalous Attacks in Packet TransmissionIOSR Journals
This document summarizes a proposed behavioral model to detect anomalous attacks in packet transmission in wireless networks. The model aims to identify packet droppers and modifiers by having nodes monitor their neighbors' forwarding behaviors over time. A tree-based routing structure is used, where each packet is marked as it travels toward the sink node. The marks provide information to help the sink node determine which nodes are misbehaving. The proposed scheme aims to gradually identify bad nodes through statistical analysis of their behaviors across different network topologies over time, with low false positives. It aims to catch both packet droppers and modifiers within a single detection module.
A Novel Approach To Detect Trustworthy Nodes Using Audit Based Scheme For WSNIJERDJOURNAL
ABSTRACT: In multi-hop ad hoc networks there exists a problem of identifying and isolating misbehaving nodes which refuses to forward packets. Audit-based Misbehavior Detection (AMD) is a comprehensive system that effectively and efficiently isolates both continuous and selective packet droppers. The AMD system integrates reputation management, trustworthy route discovery, and identification of misbehaving nodes based on behavioral audits. Compared to previous methods, AMD evaluates node behavior on a per-packet basis, without employing energy-expensive overhearing techniques or intensive acknowledgment schemes. Moreover, AMD can detect selective dropping attacks even if end-to-end traffic is encrypted and can be applied to multichannel networks or networks consisting of nodes with directional antennas. This work implements the AMD approach by considering the rushing attack. The analysis of the results confirms that AMD based method with rushing attack performs better as compared to the non rushing attack.
Dear Student,
DREAMWEB TECHNO SOLUTIONS is one of the Hardware Training and Software Development centre available in
Trichy. Pioneer in corporate training, DREAMWEB TECHNO SOLUTIONS provides training in all software
development and IT-related courses, such as Embedded Systems, VLSI, MATLAB, JAVA, J2EE, CIVIL,
Power Electronics, and Power Systems. It’s certified and experienced faculty members have the
competence to train students, provide consultancy to organizations, and develop strategic
solutions for clients by integrating existing and emerging technologies.
ADD: No:73/5, 3rd Floor, Sri Kamatchi Complex, Opp City Hospital, Salai Road, Trichy-18
Contact @ 7200021403/04
phone: 0431-4050403
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology
Privacy Preserving and Detection Techniques for Malicious Packet Dropping in ...IRJET Journal
This document discusses techniques for detecting malicious packet dropping in wireless ad hoc networks. It begins with an introduction to wireless ad hoc networks and the security issues they face, such as packet dropping attacks. It then reviews existing literature on detecting such attacks using techniques like reputation systems. The document proposes a new detection mechanism that calculates the auto-correlation function of packet loss bitmaps to identify correlations between lost packets and determine if packet dropping is intentional. It describes the key phases of this approach, including key generation, auditing suspected nodes, and detecting malicious nodes. Finally, it discusses using randomized routing to mitigate the effects of detected packet dropping attacks.
COMMUNITY DETECTION USING INTER CONTACT TIME AND SOCIAL CHARACTERISTICS BASED...ijasuc
Delay Tolerant Networks (DTNs) where the node connectivity is opportunistic and end-to-end path between
any pair of source and destination is not guaranteed most of the time. Hence the messages are transferred
from source to destination via intermediate nodes on hop to hop basis using store-carry-forward paradigm.
Due to quick advancement in hand held devices such as smart phone and laptop with support of wireless
communication interface carried by human being, it is possible in coming days to use DTNs for message
dissemination without setting up infrastructure. The routing task becomes challenging in DTNs due to
intermittent network connectivity and the connection opportunity arises only when node comes in
transmission range of each other. The performance of the routing protocols depend on the selection of
appropriate relay node which can deliver the message to final destination in case of source and destination
do not meet at all. Many social characteristics are exhibited by the human being like friendship,
community, similarity and centrality which can be exploited by the routing protocol in order to take the
forwarding decisions. Literature shows that by using these characteristics, the performance of DTN routing
protocols have been improved in terms of delivery probability. The existing routing schemes used
community detection using aggregated contact duration and contact frequency which does not change over
the time period. We propose community detection through Inter Contact Time (ICT) between node pair
using power law distribution where the members of community are added and removed dynamically. We
also considered single copy of each message in entire network to reduce the network overhead. The
proposed routing protocol named Social Based Single Copy Routing (SBSCR) selects the suitable relay
node from the community members only based on the social metrics such as similarity and friendship
together. ICTs show power law nature in human mobility which is used to detect the community structure at
each node. A node maintains its own community and social metrics such as similarity and friendship with
other nodes. Whenever node has to select the relay node then it selects from its community with higher
value of social metric. The simulations are conducted using ONE simulator on the real traces of campus
and conference environments. SBSCR is compared with existing schemes and results show that it
outperforms in terms of delivery probability and delivery delay with comparable overhead ratio.
This document proposes a collaborative contact-based watchdog (CoCoWa) approach to detect selfish nodes in mobile ad-hoc networks (MANETs) and delay tolerant networks (DTNs). CoCoWa combines local watchdog detections with the dissemination of detection information between nodes. When a node detects a selfish node locally, it can share this information with other nodes during contacts. This reduces the detection time and improves precision by reducing the impact of false positives and negatives from local detections. The proposed approach is evaluated using simulations, which show it significantly reduces detection time and overhead compared to traditional watchdog approaches.
Content Sharing over Smartphone-Based Delay-Tolerant NetworksIJERA Editor
With the growing number of smartphone end users, peer-to-peer ad hoc content giving is likely to occur often. Thus, new articles sharing mechanisms must be developed since traditional information delivery schemes will not be efficient with regard to content sharing due to the sporadic connectivity between smartphones on the market. To obtain data delivery such challenging environments, researchers include proposed the employment of store-carry-forward methodologies, in which a node stores a communication and holds it until a forwarding prospect arises through an encounter together with other nodes. Most past works in this field have dedicated to the conjecture of whether two nodes could encounter the other, without thinking about the place and also time from the encounter. In this particular paper, we propose to her discover-predict-deliver as a possible efficient articles sharing scheme for delay-tolerant touch screen phone networks. In this proposed scheme, contents are usually shared while using the mobility information of people. Specifically, our strategy employs the mobility understanding algorithm to spot places inside your own home and outdoor.
CONGESTION AWARE SPRAY AND WAIT PROTOCOL: A CONGESTION CONTROL MECHANISM FOR ...ijcsit
In the last few years, the Vehicular Ad-hoc Network (VANET) has come to be an important area of research. Significant research has been conducted to improve the performance of VANETS. One output of further research conducted on VANET is the Vehicular Delay Tolerant Network (VDTN). It is an
application of the mobile DTN where nodes relay messages in the network using a store-carry-forward approach. Due to its high mobility, it suffers frequent disconnections and also congestions at nodes which leads to message drops. To minimize the rate of message drops and so optimize the probability of message delivery so that drivers are increasingly aware of the situation of the road, we propose a congestion
control mechanism: Congestion Aware Spray and Wait (CASaW) protocol in this work so as to optimize the
rate of message delivery to its destination and so increase the awareness of drivers in the vehicular environment thereby improve road safety. The results have shown that our proposition performed better than other classical VDTN protocols in terms of message delivery probability and rate of packet drops performance measures. We used the Opportunistic Networking Environment (ONE) simulator to implement the classical VDTN protocols: the PROPHET protocol, the Epidemic protocol, the MaxProp protocol and
the Spray and Wait Protocol. The simulation scenarios shows a better performance for the congestion control mechanism we propose as it maintains a good message delivery rate as well as minimize the rate of packet losses thereby optimizing the chances of messages getting to their destinations and so improve road safety.
The document discusses efficient routing techniques for intermittently connected mobile networks (ICMNs). It begins by introducing ICMNs and the challenges of routing in such networks where end-to-end paths may not always exist. It then summarizes various routing approaches including flooding-based epidemic routing and single-copy schemes. The document proposes two spray-based routing techniques: (1) Spray and Wait, which sprays a fixed number of message copies and waits for a copy to reach the destination, and (2) Spray and Focus, which uses utility-based routing to focus copies towards the destination after the spray phase. Expected delays are analyzed for Spray and Wait. Different mobility models for analysis are also discussed.
An Extensive Literature Review of Various Routing Protocols in Delay Tolerant...IRJET Journal
This document summarizes an extensive literature review on routing protocols in delay tolerant networks (DTNs). It begins by defining DTNs as wireless networks with intermittent connectivity where nodes use a store-carry-forward mechanism. Common routing protocols for DTNs like epidemic, spray and wait, and prophet are described. The document then reviews several papers that propose and evaluate new routing algorithms or improvements for DTNs, analyzing metrics like delivery ratio, overhead, and latency. Key factors considered include node contact histories, social characteristics, energy constraints, and message prioritization. Finally, it suggests the contact duration between nodes could be an important parameter to further optimize routing in DTNs.
PACKET DROP ATTACK DETECTION TECHNIQUES IN WIRELESS AD HOC NETWORKS: A REVIEWIJNSA Journal
Wireless ad hoc networks have gained lots of attention due to their ease and low cost of deployment. This
has made ad hoc networks of great importance in numerous military and civilian applications. But, the lack
of centralized management of these networks makes them vulnerable to a number of security attacks. One
of the attacks is packet drop attack, where a compromised node drops packets maliciously. Several
techniques have been proposed to detect the packet drop attack in wireless ad hoc networks. Therefore, in
this paper we review some of the packet drop attack detection techniques and comparatively analyze them
basing on; their ability to detect the attack under different attack strategies (partial and or cooperate
attacks), environments and the computational and communication overheads caused in the process of
detection.
A NOVEL METHODOLOGY TO OVERCOME ROUTING MISBEHAVIOR IN MANET USING RETALIATIO...ijwmn
This document presents a novel methodology called the Retaliation Model to overcome routing misbehavior in mobile ad hoc networks (MANETs). The model monitors node behavior, calculates a Grade based on packet forwarding ratio to isolate selfish nodes, and assigns Bonus Points to define the number of packets an honest node can drop in retaliation for a misbehaving node's actions. Simulation results show the model achieves up to 40% packet delivery ratio with only a 7.5% overhead cost compared to the plain DSR protocol. Combining the model with a Friendly Group approach further reduces overhead by up to 75%. The strict punishment enforced by dropping packets aims to encourage cooperation and ensure reliability in MANETs.
PRIVACY ENHANCEMENT OF NODE IN OPPORTUNISTIC NETWORK BY USING VIRTUAL-IDijsc
An entrepreneurial system is one of the sort of remote system. Delay resistance system is correspondence
organizing proposition which empowers the correspondence in such a situation where end to end way
might never be exist. Message is forward on the premise of chance. Time interim to convey a message is
long we can't evaluate or anticipate the time until we get the message. There is a security issue in these
sorts of system. In this paper we will proposed another procedure which will expand the protection of the
system and build execution of the system.
The document proposes a new broadcasting algorithm called Y-Hamiltonian Layers Broadcast (Y-HLB) for wormhole-routed 3D mesh networks. It divides the 3D mesh into layers that are modeled as Hamiltonian paths. The Y-HLB algorithm routes messages along these Hamiltonian paths in an efficient manner to broadcast to all nodes. Previous related work on broadcasting algorithms for wormhole-routed 3D meshes are also discussed, including how they divide the network and route messages. Simulation results show Y-HLB performs better than these previous algorithms in terms of reducing broadcast latency.
a probabilistic misbehavior detection scheme toward efficient trust establish...swathi78
The document proposes iTrust, a probabilistic misbehavior detection scheme for secure routing in delay-tolerant networks (DTNs). iTrust introduces a periodically available Trusted Authority (TA) that judges nodes' behaviors based on collected routing evidence and probabilistically checks nodes. The TA models iTrust as an inspection game and sets an appropriate investigation probability to ensure security at reduced cost. Detection probability is correlated with node reputation, allowing a dynamic probability determined by user trust. Analysis and simulations show iTrust effectively and efficiently detects misbehavior.
This document outlines the experience and qualifications of John Shawky Khalil as a Senior System Engineer. He has over 5 years of experience in fields such as system administration, mail servers, firewalls, virtualization, backup servers, networking, file servers, and CCTV/access control systems. His roles have included designing, installing, configuring, managing, and maintaining servers, networks, firewalls, and other IT infrastructure. He also has experience providing technical support, repairing equipment, and mentoring other team members. His education includes a B.S. in Computer Engineering as well as various IT certifications.
Un arrêté relatif à l'aide médicale de l'Etat est paru au JO du 19 octobre 2016. Le texte de l'arrêté met en place diverses mesures relatif à la mise en place de l'aide médicale de l'Etat.
- L'établissement d'un bilan mensuel des dépenses d'aide médicale de l'Etat:
La Caisse nationale de l’assurance maladie des travailleurs salariés dresse un arrêté mensuel des dépenses d’aide médicale de l’Etat, établi et certifié par l’agent comptable. Cet arrêté mensuel indique pour chaque CPAM le montant des prestations versées. Cela vise les prestations de ville et les prestations hospitalières.
- Un état mensuel des recettes des établissements de santé:
Cet état mensuel, établit par l'agence technique de l'information sur l'hospitalisation, indique: le nombre de séjours et de séances, les frais de séjours, les produits de la liste en sus et les évolutions par rapport aux exercices précédents sur une période comparable.
- Un état récapitulatif trimestriel
Cet état établit par la Caisse nationale de l'assurance maladie des travailleurs, indique le nombre de bénéficiaires de l'aide médicale de l'Etat; le nombre de nouvelles admissions et renouvellements et le nombre de bénéficiaires et ayants droit sortis du dispositif d'aide médicale de l'Etat.
- Une analyse détaillée de l'activité d'hospitalisation en médecine:
Le texte prévoit que deux fois par an, l'Agence technique d'information sur l'hospitalisation adresse aux services du ministère de la santé, une analyse détaillée de l'activité d'hospitalisation en médecine, chirurgie, obstétrique et odontologie. Cette analyse comprend: la répartition des séjours selon différents agrégats et les évolutions par rapport aux exercices précédents.
- Un arrêté mensuel des dépenses de soins:
Cet arrêté indique pour chaque CPAM, le montant des prestations versées au titre des hospitalisations, honoraires médicaux en consultations externes, médicaments et frais d'interruption de grossesse.
Stewart Palacios has over 15 years of experience in information technology, including positions as an Information Systems Analyst, IT Technician, and IT Administrator. He has a background in computer networking, systems administration, and information security. Palacios is fluent in English and Spanish with basic skills in German, Japanese, and Korean. His technical skills include troubleshooting software, hardware, and network issues as well as setting up and repairing computers, servers, and other equipment.
Allan Simmons has over 13 years of experience in manufacturing. He has 3.5 years of experience as a Production Team Lead and Scheduler at HON Company where he supervised operators, set daily production schedules, and ensured production goals were met. Simmons also has experience in quality control, production operation, and as a Level 5 Technician where he operated machines and trained new employees. He is pursuing a degree in Computer Information Systems and has a leadership certificate.
This document discusses distribution strategy. It defines distribution as one of the four aspects of marketing, with distributors acting as middlemen between manufacturers and retailers. It then discusses distribution channels and how they are used to reconcile producer and consumer needs. The document outlines different channel strategies involving selection, intensity, and integration of channels. It also discusses channel management, physical distribution systems, and some ethical issues related to distribution.
Dear Student,
DREAMWEB TECHNO SOLUTIONS is one of the Hardware Training and Software Development centre available in
Trichy. Pioneer in corporate training, DREAMWEB TECHNO SOLUTIONS provides training in all software
development and IT-related courses, such as Embedded Systems, VLSI, MATLAB, JAVA, J2EE, CIVIL,
Power Electronics, and Power Systems. It’s certified and experienced faculty members have the
competence to train students, provide consultancy to organizations, and develop strategic
solutions for clients by integrating existing and emerging technologies.
ADD: No:73/5, 3rd Floor, Sri Kamatchi Complex, Opp City Hospital, Salai Road, Trichy-18
Contact @ 7200021403/04
phone: 0431-4050403
IJERA (International journal of Engineering Research and Applications) is International online, ... peer reviewed journal. For more detail or submit your article, please visit www.ijera.com
International Journal of Computational Engineering Research(IJCER) is an intentional online Journal in English monthly publishing journal. This Journal publish original research work that contributes significantly to further the scientific knowledge in engineering and Technology
Privacy Preserving and Detection Techniques for Malicious Packet Dropping in ...IRJET Journal
This document discusses techniques for detecting malicious packet dropping in wireless ad hoc networks. It begins with an introduction to wireless ad hoc networks and the security issues they face, such as packet dropping attacks. It then reviews existing literature on detecting such attacks using techniques like reputation systems. The document proposes a new detection mechanism that calculates the auto-correlation function of packet loss bitmaps to identify correlations between lost packets and determine if packet dropping is intentional. It describes the key phases of this approach, including key generation, auditing suspected nodes, and detecting malicious nodes. Finally, it discusses using randomized routing to mitigate the effects of detected packet dropping attacks.
COMMUNITY DETECTION USING INTER CONTACT TIME AND SOCIAL CHARACTERISTICS BASED...ijasuc
Delay Tolerant Networks (DTNs) where the node connectivity is opportunistic and end-to-end path between
any pair of source and destination is not guaranteed most of the time. Hence the messages are transferred
from source to destination via intermediate nodes on hop to hop basis using store-carry-forward paradigm.
Due to quick advancement in hand held devices such as smart phone and laptop with support of wireless
communication interface carried by human being, it is possible in coming days to use DTNs for message
dissemination without setting up infrastructure. The routing task becomes challenging in DTNs due to
intermittent network connectivity and the connection opportunity arises only when node comes in
transmission range of each other. The performance of the routing protocols depend on the selection of
appropriate relay node which can deliver the message to final destination in case of source and destination
do not meet at all. Many social characteristics are exhibited by the human being like friendship,
community, similarity and centrality which can be exploited by the routing protocol in order to take the
forwarding decisions. Literature shows that by using these characteristics, the performance of DTN routing
protocols have been improved in terms of delivery probability. The existing routing schemes used
community detection using aggregated contact duration and contact frequency which does not change over
the time period. We propose community detection through Inter Contact Time (ICT) between node pair
using power law distribution where the members of community are added and removed dynamically. We
also considered single copy of each message in entire network to reduce the network overhead. The
proposed routing protocol named Social Based Single Copy Routing (SBSCR) selects the suitable relay
node from the community members only based on the social metrics such as similarity and friendship
together. ICTs show power law nature in human mobility which is used to detect the community structure at
each node. A node maintains its own community and social metrics such as similarity and friendship with
other nodes. Whenever node has to select the relay node then it selects from its community with higher
value of social metric. The simulations are conducted using ONE simulator on the real traces of campus
and conference environments. SBSCR is compared with existing schemes and results show that it
outperforms in terms of delivery probability and delivery delay with comparable overhead ratio.
This document proposes a collaborative contact-based watchdog (CoCoWa) approach to detect selfish nodes in mobile ad-hoc networks (MANETs) and delay tolerant networks (DTNs). CoCoWa combines local watchdog detections with the dissemination of detection information between nodes. When a node detects a selfish node locally, it can share this information with other nodes during contacts. This reduces the detection time and improves precision by reducing the impact of false positives and negatives from local detections. The proposed approach is evaluated using simulations, which show it significantly reduces detection time and overhead compared to traditional watchdog approaches.
Content Sharing over Smartphone-Based Delay-Tolerant NetworksIJERA Editor
With the growing number of smartphone end users, peer-to-peer ad hoc content giving is likely to occur often. Thus, new articles sharing mechanisms must be developed since traditional information delivery schemes will not be efficient with regard to content sharing due to the sporadic connectivity between smartphones on the market. To obtain data delivery such challenging environments, researchers include proposed the employment of store-carry-forward methodologies, in which a node stores a communication and holds it until a forwarding prospect arises through an encounter together with other nodes. Most past works in this field have dedicated to the conjecture of whether two nodes could encounter the other, without thinking about the place and also time from the encounter. In this particular paper, we propose to her discover-predict-deliver as a possible efficient articles sharing scheme for delay-tolerant touch screen phone networks. In this proposed scheme, contents are usually shared while using the mobility information of people. Specifically, our strategy employs the mobility understanding algorithm to spot places inside your own home and outdoor.
CONGESTION AWARE SPRAY AND WAIT PROTOCOL: A CONGESTION CONTROL MECHANISM FOR ...ijcsit
In the last few years, the Vehicular Ad-hoc Network (VANET) has come to be an important area of research. Significant research has been conducted to improve the performance of VANETS. One output of further research conducted on VANET is the Vehicular Delay Tolerant Network (VDTN). It is an
application of the mobile DTN where nodes relay messages in the network using a store-carry-forward approach. Due to its high mobility, it suffers frequent disconnections and also congestions at nodes which leads to message drops. To minimize the rate of message drops and so optimize the probability of message delivery so that drivers are increasingly aware of the situation of the road, we propose a congestion
control mechanism: Congestion Aware Spray and Wait (CASaW) protocol in this work so as to optimize the
rate of message delivery to its destination and so increase the awareness of drivers in the vehicular environment thereby improve road safety. The results have shown that our proposition performed better than other classical VDTN protocols in terms of message delivery probability and rate of packet drops performance measures. We used the Opportunistic Networking Environment (ONE) simulator to implement the classical VDTN protocols: the PROPHET protocol, the Epidemic protocol, the MaxProp protocol and
the Spray and Wait Protocol. The simulation scenarios shows a better performance for the congestion control mechanism we propose as it maintains a good message delivery rate as well as minimize the rate of packet losses thereby optimizing the chances of messages getting to their destinations and so improve road safety.
The document discusses efficient routing techniques for intermittently connected mobile networks (ICMNs). It begins by introducing ICMNs and the challenges of routing in such networks where end-to-end paths may not always exist. It then summarizes various routing approaches including flooding-based epidemic routing and single-copy schemes. The document proposes two spray-based routing techniques: (1) Spray and Wait, which sprays a fixed number of message copies and waits for a copy to reach the destination, and (2) Spray and Focus, which uses utility-based routing to focus copies towards the destination after the spray phase. Expected delays are analyzed for Spray and Wait. Different mobility models for analysis are also discussed.
An Extensive Literature Review of Various Routing Protocols in Delay Tolerant...IRJET Journal
This document summarizes an extensive literature review on routing protocols in delay tolerant networks (DTNs). It begins by defining DTNs as wireless networks with intermittent connectivity where nodes use a store-carry-forward mechanism. Common routing protocols for DTNs like epidemic, spray and wait, and prophet are described. The document then reviews several papers that propose and evaluate new routing algorithms or improvements for DTNs, analyzing metrics like delivery ratio, overhead, and latency. Key factors considered include node contact histories, social characteristics, energy constraints, and message prioritization. Finally, it suggests the contact duration between nodes could be an important parameter to further optimize routing in DTNs.
PACKET DROP ATTACK DETECTION TECHNIQUES IN WIRELESS AD HOC NETWORKS: A REVIEWIJNSA Journal
Wireless ad hoc networks have gained lots of attention due to their ease and low cost of deployment. This
has made ad hoc networks of great importance in numerous military and civilian applications. But, the lack
of centralized management of these networks makes them vulnerable to a number of security attacks. One
of the attacks is packet drop attack, where a compromised node drops packets maliciously. Several
techniques have been proposed to detect the packet drop attack in wireless ad hoc networks. Therefore, in
this paper we review some of the packet drop attack detection techniques and comparatively analyze them
basing on; their ability to detect the attack under different attack strategies (partial and or cooperate
attacks), environments and the computational and communication overheads caused in the process of
detection.
A NOVEL METHODOLOGY TO OVERCOME ROUTING MISBEHAVIOR IN MANET USING RETALIATIO...ijwmn
This document presents a novel methodology called the Retaliation Model to overcome routing misbehavior in mobile ad hoc networks (MANETs). The model monitors node behavior, calculates a Grade based on packet forwarding ratio to isolate selfish nodes, and assigns Bonus Points to define the number of packets an honest node can drop in retaliation for a misbehaving node's actions. Simulation results show the model achieves up to 40% packet delivery ratio with only a 7.5% overhead cost compared to the plain DSR protocol. Combining the model with a Friendly Group approach further reduces overhead by up to 75%. The strict punishment enforced by dropping packets aims to encourage cooperation and ensure reliability in MANETs.
PRIVACY ENHANCEMENT OF NODE IN OPPORTUNISTIC NETWORK BY USING VIRTUAL-IDijsc
An entrepreneurial system is one of the sort of remote system. Delay resistance system is correspondence
organizing proposition which empowers the correspondence in such a situation where end to end way
might never be exist. Message is forward on the premise of chance. Time interim to convey a message is
long we can't evaluate or anticipate the time until we get the message. There is a security issue in these
sorts of system. In this paper we will proposed another procedure which will expand the protection of the
system and build execution of the system.
The document proposes a new broadcasting algorithm called Y-Hamiltonian Layers Broadcast (Y-HLB) for wormhole-routed 3D mesh networks. It divides the 3D mesh into layers that are modeled as Hamiltonian paths. The Y-HLB algorithm routes messages along these Hamiltonian paths in an efficient manner to broadcast to all nodes. Previous related work on broadcasting algorithms for wormhole-routed 3D meshes are also discussed, including how they divide the network and route messages. Simulation results show Y-HLB performs better than these previous algorithms in terms of reducing broadcast latency.
a probabilistic misbehavior detection scheme toward efficient trust establish...swathi78
The document proposes iTrust, a probabilistic misbehavior detection scheme for secure routing in delay-tolerant networks (DTNs). iTrust introduces a periodically available Trusted Authority (TA) that judges nodes' behaviors based on collected routing evidence and probabilistically checks nodes. The TA models iTrust as an inspection game and sets an appropriate investigation probability to ensure security at reduced cost. Detection probability is correlated with node reputation, allowing a dynamic probability determined by user trust. Analysis and simulations show iTrust effectively and efficiently detects misbehavior.
This document outlines the experience and qualifications of John Shawky Khalil as a Senior System Engineer. He has over 5 years of experience in fields such as system administration, mail servers, firewalls, virtualization, backup servers, networking, file servers, and CCTV/access control systems. His roles have included designing, installing, configuring, managing, and maintaining servers, networks, firewalls, and other IT infrastructure. He also has experience providing technical support, repairing equipment, and mentoring other team members. His education includes a B.S. in Computer Engineering as well as various IT certifications.
Un arrêté relatif à l'aide médicale de l'Etat est paru au JO du 19 octobre 2016. Le texte de l'arrêté met en place diverses mesures relatif à la mise en place de l'aide médicale de l'Etat.
- L'établissement d'un bilan mensuel des dépenses d'aide médicale de l'Etat:
La Caisse nationale de l’assurance maladie des travailleurs salariés dresse un arrêté mensuel des dépenses d’aide médicale de l’Etat, établi et certifié par l’agent comptable. Cet arrêté mensuel indique pour chaque CPAM le montant des prestations versées. Cela vise les prestations de ville et les prestations hospitalières.
- Un état mensuel des recettes des établissements de santé:
Cet état mensuel, établit par l'agence technique de l'information sur l'hospitalisation, indique: le nombre de séjours et de séances, les frais de séjours, les produits de la liste en sus et les évolutions par rapport aux exercices précédents sur une période comparable.
- Un état récapitulatif trimestriel
Cet état établit par la Caisse nationale de l'assurance maladie des travailleurs, indique le nombre de bénéficiaires de l'aide médicale de l'Etat; le nombre de nouvelles admissions et renouvellements et le nombre de bénéficiaires et ayants droit sortis du dispositif d'aide médicale de l'Etat.
- Une analyse détaillée de l'activité d'hospitalisation en médecine:
Le texte prévoit que deux fois par an, l'Agence technique d'information sur l'hospitalisation adresse aux services du ministère de la santé, une analyse détaillée de l'activité d'hospitalisation en médecine, chirurgie, obstétrique et odontologie. Cette analyse comprend: la répartition des séjours selon différents agrégats et les évolutions par rapport aux exercices précédents.
- Un arrêté mensuel des dépenses de soins:
Cet arrêté indique pour chaque CPAM, le montant des prestations versées au titre des hospitalisations, honoraires médicaux en consultations externes, médicaments et frais d'interruption de grossesse.
Stewart Palacios has over 15 years of experience in information technology, including positions as an Information Systems Analyst, IT Technician, and IT Administrator. He has a background in computer networking, systems administration, and information security. Palacios is fluent in English and Spanish with basic skills in German, Japanese, and Korean. His technical skills include troubleshooting software, hardware, and network issues as well as setting up and repairing computers, servers, and other equipment.
Allan Simmons has over 13 years of experience in manufacturing. He has 3.5 years of experience as a Production Team Lead and Scheduler at HON Company where he supervised operators, set daily production schedules, and ensured production goals were met. Simmons also has experience in quality control, production operation, and as a Level 5 Technician where he operated machines and trained new employees. He is pursuing a degree in Computer Information Systems and has a leadership certificate.
This document discusses distribution strategy. It defines distribution as one of the four aspects of marketing, with distributors acting as middlemen between manufacturers and retailers. It then discusses distribution channels and how they are used to reconcile producer and consumer needs. The document outlines different channel strategies involving selection, intensity, and integration of channels. It also discusses channel management, physical distribution systems, and some ethical issues related to distribution.
Selfish Node Isolation & Incentivation using Progressive ThresholdsIDES Editor
The problems associated with selfish nodes in
MANET are addressed by a collaborative watchdog approach
which reduces the detection time for selfish nodes thereby
improves the performance and accuracy of watchdogs[1]. In
the related works they make use of credit based systems, reputation
based mechanisms, pathrater and watchdog mechanism
to detect such selfish nodes. In this paper we follow an approach
of collaborative watchdog which reduces the detection
time for selfish nodes and also involves the removal of such
selfish nodes based on some progressively assessed thresholds.
The threshold gives the nodes a chance to stop misbehaving
before it is permanently deleted from the network.
The node passes through several isolation processes before it
is permanently removed. Another version of AODV protocol
is used here which allows the simulation of selfish nodes in
NS2 by adding or modifying log files in the protocol.
The document proposes a behavioral model called PFMDA to detect anomalous packet dropping and modification attacks in wireless ad hoc networks. The PFMDA scheme establishes a routing tree with the sink node at the root. As data packets are transmitted along the tree, each sender or forwarder adds a small number of "packet marks" to the packet. This allows the sink to determine the dropping ratio for each node and identify nodes that are definitely dropping/modifying packets or are suspicious of such behavior. The scheme uses node categorization and heuristic ranking algorithms to gradually identify misbehaving nodes with few false positives. The goal is to detect packet droppers and modifiers within the network.
Efficient Detection Of Selfish Node In Manet Using A Colloborative WatchdogIJERA Editor
Mobile ad-hoc networks(MANET) are collected many number of nodes.In a mobile ad-hoc network(MANET)
undertakes that all the mobile nodes unitewillingly in order to work accurately.This is a cost –intensive action
for the collaboration and particular nodes can decline to cooperate then it will prominent to a selfish node
behaviour.Thus, it will utterly affect the global network performance.The watchdogs are a well-known device
used for identifying a selfish node.Theprocedure performed by watchdogs can fail,generating false positives
and false negatives this may convince to wrong operation.Whenidentifying selfish node trusting on local
watchdogs only can prime to poor performance,in terms of precision and speed.Thus we propose collaborative
contact based watchdog(COCOWA) as a collaborative method based on the dispersion of selfish nodes
responsiveness when a contact occurs,so the evidence will quickly circulated about selfish nodes. As shown in
the paper,whenidentifying a selfish nodes this collaborative approach decreases the time and rises the precision
This document discusses congestion control techniques for vehicular ad hoc networks (VANETs). It first provides background on VANETs, noting their use of vehicle-to-vehicle communication to share information. Congestion can occur when there is a sudden increase in data from nodes in the network. The document then reviews different existing congestion control schemes, which vary in how they adjust source sending rates and handle transient congestion. It proposes a priority-based congestion control technique using dual queues, one for transit packets and one for locally generated packets. This approach aims to route packets along less congested paths when congestion is detected based on buffer occupancy.
Wormhole attack detection algorithms in wireless network coding systemsPvrtechnologies Nellore
This document proposes algorithms to detect wormhole attacks in wireless network coding systems. It first discusses how wormhole attacks can severely impact network coding protocols by disrupting routing and introducing unfair workload distributions. It then presents a centralized algorithm that uses a central node to detect wormholes by measuring changes in expected transmission counts. For distributed systems without a central node, it proposes DAWN, a distributed algorithm that examines the order nodes receive innovative packets and their expected transmission counts to detect wormholes. The algorithms aim to detect wormholes using only local information available from regular network coding protocols to keep overhead low. Extensive testing validated the effectiveness and efficiency of the proposed approaches.
TRIDNT: THE TRUST-BASED ROUTING PROTOCOL WITH CONTROLLED DEGREE OF NODE SELFI...IJNSA Journal
In Mobile ad-hoc network, nodes must cooperate to achieve the routing purposes. Node misbehaviour due to selfish or malicious intention could significantly degrade the performance of MANET because most existing routing protocols in MANET are aiming at finding most efficiency path. In this paper, we propose a Two node-disjoint Routes protocol for Isolating Dropper Node in MANET (TRIDNT) to deal with misbehaviour in MANET. TRIDNT allows some degree of selfishness to give an incentive to the selfish nodes to declare itself to its neighbours, which reduce the misbehaving nodes searching time. In TRIDNT two node-disjoint routes between the source and destination are selected based on their trust values. We use both DLL-ACK and end-to-end TCP-ACK to monitor the behaviour of routing path nodes: if a malicious behaviour is detected then the path searching tool starts to identify the malicious nodes and isolate them. Finally by using a mathematical analysis we find that our proposed protocol reduces the searching time of malicious nodes comparing to the route expected life time, and avoids the isolated misbehaving node from sharing in all future routes, which improve the overall network throughput.
A novel defence scheme against selfish Node attack in manetijcsa
This document proposes a new intrusion detection system (IDS) algorithm to defend against selfish node attacks in mobile ad hoc networks (MANETs). Selfish nodes flood the network with false information and drop packets from other nodes. The proposed IDS identifies selfish node behavior and blocks their activities. Simulation results show the IDS enhances network performance from negligible to 92% and prevents infection from attacks. The IDS is integrated with the AODV routing protocol to detect and eliminate selfish nodes within its transmission range.
THE NASH’S BALANCE IN THE THEORY OF GAMES FOR A SECURE MODEL MECHANISM IN ROU...ijcisjournal
The present work is dedicated to study attacks and countermeasure in MANET. After a short introduction to what the Mobile Ad hoc Networks (MANETs) are and network security we present a survey of various attacks in MANETs pertaining to fail routing protocols. We present the different tools used by these attacks and the mechanisms used by the secured routing protocols to counter them. We also study a mechanism of security, named the reputation, proposed for the MANETs and the protocol which implements it. We also propose a secure mechanism which is based on the reputation. Our work ends with a proposal analytical model to the modules of our mechanism and the equilibrium states of our model.
Detection of Node Activity and Selfish & Malicious Behavioral Patterns using ...ijcnes
Mobile ad-hoc networks(MANETs) assume that mobile nodes voluntary cooperate in order to work properly. This cooperation is a cost-intensive activity and some nodes can refuse to cooperate, leading to a selfish node behaviour. Thus, the overall network performance could be seriously affected. The use of watchdogs is a well-known mechanism to detect selfish nodes. However, the detection process performed by watchdogs can fail, generating false positives and false negatives that can induce to wrong operations. Moreover, relying on local watchdogs alone can lead to poor performance when detecting selfish nodes, in term of precision and speed. This is especially important on networks with sporadic contacts, such as delay tolerant networks (DTNs), where sometimes watchdogs lack of enough time or information to detect the selfish nodes. Thus, We apply chord algorithm to identify behavior pattern of one shelf by two neighborhood nodes and themselves. Servers will finally categories nature of node.
Link Disconnection Entropy Disorder in Mobile Adhoc Networkspaperpublications3
Abstract: In Mobile Ad-hoc Networks, nodes move freely causing an interruption in communications. This communication interruption can be accounted in a time lapse to an entropy to connection or disconnection; the combined entropy disorder of a node’s links describe how suitable a node is to communicate to neighbors. This entropy disorder is tightly coupled to mobility and communications factors such as node’s speed or data traffic saturation. In this paper, we analyze the relationship between speed and traffic saturation into a disorder in link entropy with a focus on disconnection, namely Link Disconnection Entropy Disorder (LDED). The findings indicate a high LDED value to nodes with high speed.
Iaetsd an efficient and accurate misbehavior detectionIaetsd Iaetsd
This document proposes a probabilistic misbehavior detection scheme called iTrust to detect misbehavior in delay tolerant networks (DTNs). iTrust introduces a periodically available Trusted Authority (TA) that estimates nodes' behaviors based on collected routing evidence. It associates detection probability with nodes' reputations for effective inspection. The key contributions are a framework for generating forwarding evidence that can detect misbehaviors and be compatible with various routing protocols, and using the TA and evidence to detect malicious nodes and reduce packet dropping.
Detecting Misbehavior Nodes Using Secured Delay Tolerant NetworkIRJET Journal
This document proposes a method called Statistical-based Detection of Blackhole and Greyhole attackers (SDBG) to detect misbehaving nodes in delay tolerant networks. SDBG can detect both individual misbehaving nodes as well as nodes that are colluding together. It works by having each node record encounter data with other nodes, including the number of messages sent and received. Individual nodes that drop many messages can be detected based on having a low message forwarding ratio. Colluding nodes can be detected because they will have sent many messages to each other to fake good behavior. The method aims to accurately detect misbehaving nodes while keeping false positives low. Extensive simulations showed it can work well across different network conditions.
A Secure Payment Scheme with Low Communication and Processing Overhead for Mu...Editor IJMTER
In this proposed work a trust-based routing protocol is developed to route messages through the
highly trusted nodes to minimize the probability of dropping the messages. Thus improve the network
performance in terms of throughput and packet delivery ratio. The proposed design contains a novel secure
reactive routing protocol for Mobile ad hoc networks (MANETs), called TRIUMF (Trust-Based Routing
Protocol with controlled degree of Selfishness for Securing MANET against Packet Dropping Attack). In the
proposed protocol trust among nodes is represented by trust value, which consists of cooperation score, direct
trust and indirect trust. The proposed trust routing allows controlled degree of selfishness to give an incentive to
the selfish nodes to declare its selfishness behavior to its neighbor nodes, which reduce the searching time of
misbehaving nodes to search for the malicious nodes only. In the proposed routing protocol two node-disjoint
routes between the source and destination nodes are selected based on their path trust values, one marked as
primary and the other as secondary. In this work both DLL-ACK and end- to-end TCP-ACK as monitoring
tools to monitor the behavior of routing path nodes: if the data packet successfully transmitted, then the path
nodes trust value are updated positively; otherwise, if a malicious behavior is detected then the path searching
tool starts to identify the malicious nodes and isolate them from the routing path and the network. Finally this
scheme reduces the searching time of malicious nodes, and the routing protocol avoids the isolated misbehaving
node from sharing in all future routes, which improves the overall network throughput.
A Distributed Approach for Detecting Wormhole Attack in Wireless Network Codi...IRJET Journal
This document presents a distributed algorithm called DAWN to detect wormhole attacks in wireless network coding systems. The algorithm has two phases: 1) a detection phase where each node uses the expected transmission count (ETX) metric to detect if any attackers exist, and 2) a reporting phase where detected attackers are reported to other nodes. ETX represents the number of transmissions needed for a packet to be received and can reveal the network topology. DAWN examines the order nodes receive packets and their ETX values to identify attackers. It signatures reports to prevent manipulation and distributes the workload of detection across all nodes. The algorithm successfully detects wormhole attacks with high rates while imposing low computation and communication overhead.
Elimination of wormhole attacker node in manet using performance evaluation m...Alexander Decker
This document summarizes a research paper that proposes a new method for detecting wormhole attacker nodes in mobile ad hoc networks (MANETs). The method detects malicious nodes based on analyzing hop counts and time delays in routes, without requiring any special hardware or protocol modifications. The proposed method is simulated using OPNET software with scenarios of 50 nodes, both with and without wormhole attacks. The results show that without prevention, a wormhole attack decreases average hop count and increases delays. However, when the proposed method is applied, it is able to detect the attacker nodes and avoid their paths, regaining normal hop counts and delays.
Minimum Process Coordinated Checkpointing Scheme For Ad Hoc Networks pijans
The wireless mobile ad hoc network (MANET) architecture is one consisting of a set of mobile hosts
capable of communicating with each other without the assistance of base stations. This has made possible
creating a mobile distributed computing environment and has also brought several new challenges in
distributed protocol design. In this paper, we study a very fundamental problem, the fault tolerance
problem, in a MANET environment and propose a minimum process coordinated checkpointing scheme.
Since potential problems of this new environment are insufficient power and limited storage capacity, the
proposed scheme tries to reduce the amount of information saved for recovery. The MANET structure used
in our algorithm is hierarchical based. The scheme is based for Cluster Based Routing Protocol (CBRP)
which belongs to a class of Hierarchical Reactive routing protocols. The protocol proposed by us is nonblocking coordinated checkpointing algorithm suitable for ad hoc environments. It produces a consistent
set of checkpoints; the algorithm makes sure that only minimum number of nodes in the cluster are
required to take checkpoints; it uses very few control messages. Performance analysis shows that our
algorithm outperforms the existing related works and is a novel idea in the field. Firstly, we describe an
organization of the cluster. Then we propose a minimum process coordinated checkpointing scheme for
cluster based ad hoc routing protocols.
S IMULATION B ASED S TUDY OF C OOPERATIVE B LACK H OLE A TTACK R ESOLU...pijans
An Ad hoc Network is a pool of wireless mobile node
s energetically forming a network without the use o
f
any pre-accessible network infrastructure or centra
lized administrator. These nodes communicate with
each other by hop-to-hop communication. This dynami
c topology of mobile ad-hoc networks (MANETs)
allows nodes to get attached and leave the network
at any second of time. Thus MANET can be used in a
variety of fields. Current MANETs are designed prim
ary for military utility. This generic characterist
ic of
MANET has rendered its vulnerability to security at
tacks. Due to which unprotected attacks of the
malicious nodes can occur at any time. This paper f
ocuses on one such attack known as “Black hole
attack” and the routing protocol being used here is
AODV
HOW TO DETECT MIDDLEBOXES: GUIDELINES ON A METHODOLOGYcscpconf
Internet middleboxes such as VPNs, firewalls, and proxies can significantly change handling of traffic streams. They play an increasingly important role in various types of IP networks. If end hosts can detect them, these hosts can make beneficial, and in some cases, crucial improvements in security and performance But because middle boxes have widely varying behavior and effects on the traffic they handle, no single technique has been discovered that can detect all of them.
Devising a detection mechanism to detect any particular type of middle box interference involves many design decisions and has numerous dimensions. One approach to assist with the
complexity of this process is to provide a set of systematic guidelines. This paper is the first attempt to introduce a set of general guidelines (as well as the rationale behind them) to assist researchers with devising methodologies for end-hosts to detect middle boxes by the end-hosts. The guidelines presented here take some inspiration from the previous work of other
researchers using various and often ad hoc approaches. These guidelines, however, are mainly based on our own experience with research on the detection of middle boxes. To assist
researchers in using these guidelines, we also provide an example of how to bring them into play for detection of network compression.
How to detect middleboxes guidelines on a methodologycsandit
Internet middleboxes such as VPNs, firewalls, and proxies can significantly change handling of
traffic streams. They play an increasingly important role in various types of IP networks. If end
hosts can detect them, these hosts can make beneficial, and in some cases, crucial improvements
in security and performance But because middleboxes have widely varying behavior and effects
on the traffic they handle, no single technique has been discovered that can detect all of them.
Devising a detection mechanism to detect any particular type of middlebox interference involves
many design decisions and has numerous dimensions. One approach to assist with the
complexity of this process is to provide a set of systematic guidelines. This paper is the first
attempt to introduce a set of general guidelines (as well as the rationale behind them) to assist
researchers with devising methodologies for end-hosts to detect middleboxes by the end-hosts.
The guidelines presented here take some inspiration from the previous work of other
researchers using various and often ad hoc approaches. These guidelines, however, are mainly
based on our own experience with research on the detection of middleboxes. To assist
researchers in using these guidelines, we also provide an example of how to bring them into
play for detection of network compression
A STUDY ON HYBRID CONGESTION CONTROL MECHANISM IN WIRELESS SENSOR NETWORKSJournal For Research
Congestion in WSN is a current research area. There are so many studies to avoid, detect and control congestion in WSN. This paper discussing about current studies going in this field.
Similar to CoCoWa A Collaborative Contact-Based (20)
A STUDY ON HYBRID CONGESTION CONTROL MECHANISM IN WIRELESS SENSOR NETWORKS
CoCoWa A Collaborative Contact-Based
1. CoCoWa: A Collaborative Contact-Based
Watchdog for Detecting Selfish Nodes
Enrique Hernandez-Orallo, Member, IEEE, Manuel David Serrat Olmos, Juan-Carlos Cano,
Carlos T. Calafate, and Pietro Manzoni, Member, IEEE
Abstract—Mobile ad-hoc networks (MANETs) assume that mobile nodes voluntary cooperate in order to work properly. This
cooperation is a cost-intensive activity and some nodes can refuse to cooperate, leading to a selfish node behaviour. Thus, the overall
network performance could be seriously affected. The use of watchdogs is a well-known mechanism to detect selfish nodes. However,
the detection process performed by watchdogs can fail, generating false positives and false negatives that can induce to wrong
operations. Moreover, relying on local watchdogs alone can lead to poor performance when detecting selfish nodes, in term of
precision and speed. This is specially important on networks with sporadic contacts, such as delay tolerant networks (DTNs), where
sometimes watchdogs lack of enough time or information to detect the selfish nodes. Thus, we propose collaborative contact-based
watchdog (CoCoWa) as a collaborative approach based on the diffusion of local selfish nodes awareness when a contact occurs, so
that information about selfish nodes is quickly propagated. As shown in the paper, this collaborative approach reduces the time and
increases the precision when detecting selfish nodes.
Index Terms—Wireless networks, MANETs, opportunistic and delay tolerant networks, selfish nodes, performance evaluation
Ç
1 INTRODUCTION
COOPERATIVE networking is currently receiving signifi-
cant attention as an emerging network design strategy
for future mobile wireless networks. Successful cooperative
networking can prompt the development of advanced wire-
less networks to cost-effectively provide services and appli-
cations in contexts such as vehicular ad hoc networks
(VANETs) or mobile social networks. Two of the basic tech-
nologies that are considered as the core for these types of
networks are mobile ad-hoc networks (MANETs) and
opportunistic and delay tolerant networks (DTNs).
The cooperation on these networks is usually contact-
based. Mobile nodes can directly communicate with each
other if a contact occurs (that is, if they are within communi-
cation range). Supporting this cooperation is a cost intensive
activity for mobile nodes. Thus, in the real world, nodes
could have a selfish behaviour, being unwilling to forward
packets for others. Selfishness means that some nodes refuse
to forward other nodes’ packets to save their own resources.
The literature provides two main strategies to deal
with selfish behaviour: a) motivation or incentive based
approaches, and b) detection and exclusion. The first
approach, tries to motivate nodes to actively participate
in the forwarding activities. These approaches are usually
based on virtual currency and/or game theory models
[4], [5], [9], [36]. The detection and exclusion approach is
a straight-forward way to cope with selfish nodes and
several solutions have been presented [3], [14], [19], [22],
[23], [24], [25], [28], [34]. In CoCoWa, we do not attempt
to implement any strategy to exclude selfish nodes or to
incentivize their participation; instead, we focus on the
detection of selfish nodes.
The impact of node selfishness on MANETs has been stud-
ied in [30], [31], [32]. In [32] it is shown that when no selfish-
ness prevention mechanism is present, the packet delivery
rates become seriously degraded, from a rate of 80 percent
when the selfish node ratio is 0, to 30 percent when the selfish
node ratio is 50 percent. The survey [31] shows similar results:
the number of packet losses is increased by 500 percent when
the selfish node ratio increases from 0 to 40 percent. A more
detailed study [30] shows that a moderate concentration of
node selfishness (starting from a 20 percent level) has a huge
impact on the overall performance of MANETs, such as the
average hop count, the number of packets dropped, the
offered throughput, and the probability of reachability. In
DTNs, selfish nodes can seriously degrade the performance
of packet transmission. For example, in two-hop relay
schemes, if a packet is transmitted to a selfish node, the packet
is not re-transmitted, therefore being lost.
Therefore, detecting such nodes quickly and accurately is
essential for the overall performance of the network. Previ-
ous works have demonstrated that watchdogs are appropri-
ate mechanisms to detect misbehaving and selfish nodes.
Essentially, watchdog systems overhear wireless traffic and
analyse it to decide whether neighbour nodes are behaving
in a selfish manner [16]. When the watchdog detects a self-
ish node it is marked as a positive detection (or a negative
detection, if it is detected as a non selfish node). Neverthe-
less, watchdogs can fail on this detection, generating false
positives and false negatives that seriously degrade the behav-
iour of the system.
Another source of problems for cooperative approaches
is the presence of colluding or malicious nodes. In this case,
the effect can even be more harmful, since these nodes try
The authors are with the Departamento de Informatica de Sistemas y
Computadores, Universitat Politecnica de Valencia, Spain.
E-mail: {ehernandez, jucano, calafate, pmanzoni}@disca.upv.es,
mdserrat@upvnet.upv.es.
Manuscript received 23 Oct. 2013; revised 12 July 2014; accepted 16 July
2014. Date of publication 27 July 2014; date of current version 1 May 2015.
For information on obtaining reprints of this article, please send e-mail to:
reprints@ieee.org, and reference the Digital Object Identifier below.
Digital Object Identifier no. 10.1109/TMC.2014.2343627
1162 IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 14, NO. 6, JUNE 2015
1536-1233 ß 2014 IEEE. Personal use is permitted, but republication/redistribution requires IEEE permission.
See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
2. to intentionally disturb the correct behaviour of the net-
work. For example, one harmful malicious node can be
lying about the status of other nodes, producing a fast
diffusion of false negatives or false positives. Malicious
nodes are hard to detect using watchdogs, as they can
intentionally participate in network communication with
the only goal to hide their behaviour from the network.
Thus, since we assume that these nodes may be present
on the network, evaluating their influence becomes a very
relevant matter.
This paper introduces Collaborative Contact-based
Watchdog (CoCoWa) as a new scheme for detecting self-
ish nodes that combines local watchdog detections and
the dissemination of this information on the network. If
one node has previously detected a selfish node it can
transmit this information to other nodes when a contact
occurs. This way, nodes have second hand information
about the selfish nodes in the network. The goal of our
approach is to reduce the detection time and to improve
the precision by reducing the effect of both false nega-
tives and false positives. Although some of the aforemen-
tioned papers (such as [3], [28]) introduced some degree
of collaboration on their watchdog schemes, the diffusion
is very costly since they are based on periodic message
dissemination.
The diffusion of information about positive or negative
detections of selfish nodes introduces several issues about the
reputation of the neighbour nodes. The first issue is the con-
solidation of information, that is, the trust about neighbour’s
positive and negative detections, specially when it does not
match with the local watchdog detection. Another issue is the
case of malicious nodes. Thus, this paper extends our previ-
ous approaches [12], [13] to also cope with malicious nodes
using a reputation scheme.
In order to evaluate the efficiency of CoCoWa we first
introduce an analytical performance model. We model
the network as a continuous time Markov chain (CTMC)
and derive expressions for obtaining the time and over-
head (cost) of detection of selfish nodes under the influ-
ence of false positives, false negatives and malicious
nodes. In general, the analytical evaluation shows a sig-
nificant reduction of the detection time of selfish nodes
with a reduced overhead when comparing CoCoWa
against a traditional watchdog. The impact of false nega-
tives and false positives is also greatly reduced. Finally,
the pernicious effect of malicious nodes can be reduced
using the reputation detection scheme. We also evaluate
CoCoWa with real mobility scenarios using well known
human and vehicular mobility traces. These experimental
results confirm that our approach is very efficient.
The rest of the paper is organised as follows. We first
introduce the architecture of CoCoWa in Section 2.
Section 3 discusses the characterisation of contact occur-
rence. Then, Section 4 presents a performance model for
evaluating our approach. Section 5 presents the evalua-
tion of CoCoWa in terms of detection time and overhead
using the analytical model. The CoCoWa approach is
also experimentally evaluated using real mobility traces
in Section 6. After presenting and evaluating our pro-
posal we present some related work in Section 7. Finally,
Section 8 presents the concluding remarks.
2 ARCHITECTURE OVERVIEW
A selfish node usually denies packet forwarding in order to
save its own resources. This behaviour implies that a selfish
node neither participates in routing nor relays data packets
[21]. A common technique to detect this selfish behaviour
is network monitoring using local watchdogs. A node’s
watchdog consists on overhearing the packets transmitted
and received by its neighbours in order to detect anomalies,
such as the ratio between packets received to packets being re-
transmitted [15]. By using this technique, the local watchdog
can generate a positive (or negative) detection in case the
node is acting selfishly (or not).
An example of how CoCoWa works is outlined in Fig. 1.
It is based on the combination of a local watchdog and the
diffusion of information when contacts between pairs of
nodes occurs. A contact is defined as an opportunity of
transmission between a pair of nodes (that is, two nodes
have enough time to communicate between them). Assum-
ing that there is only one selfish node, the figure shows how
initially no node has information about the selfish node.
When a node detects a selfish node using its watchdog, it is
marked as a positive, and if it is detected as a non selfish
node, it is marked as a negative. Later on, when this node
contacts another node, it can transmit this information to it;
so, from that moment on, both nodes store information
about this positive (or negative) detections. Therefore, a
node can become aware about selfish nodes directly (using
its watchdog) or indirectly, through the collaborative trans-
mission of information that is provided by other nodes.
Under this scheme, the uncontrolled diffusion of positive
and negative detections can produce the fast diffusion of
wrong information, and therefore, a poor network perfor-
mance. For example, in Fig. 1, on the last state d), node two
and three have a positive detection and node four has a neg-
ative detection (a false negative). Now, node one, which has
no information about the selfish node, has several possibili-
ties: if it contacts the selfish node it may be able to detect it;
if it contacts node two or three it can get a positive detection;
but if it contacts node four, it can get a false negative.
Fig. 2 shows the functional structure of CoCoWa and we
now detail its three main components.
Fig. 1. An example of how CoCoWa works. a) Initially all nodes have
no information about the selfish node. b) Node 2 detects the selfish
node using its own watchdog. c) Node 2 contacts with node 3 and it
transmits the positive about the selfish node. d) The local watchdog
of Node 4 fails to detect the selfish node and it generates a negative
detection (a false negative).
HERNANDEZ-ORALLO ET AL.: COCOWA: A COLLABORATIVE CONTACT-BASED WATCHDOG FOR DETECTING SELFISH NODES 1163
3. The Local Watchdog has two functions: the detection of
selfish nodes and the detection of new contacts. The local
watchdog can generate the following events about neigh-
bour nodes: PosEvt (positive event) when the watchdog
detects a selfish node, NegEvt (negative event) when the
watchdog detects that a node is not selfish, and NoDetEvt
(no detection event) when the watchdog does not have
enough information about a node (for example if the
contact time is very low or it does not overhear enough
messages). The detection of new contacts is based on
neighbourhood packet overhearing; thus, when the watch-
dog overhears packets from a new node it is assumed to
be a new contact, and so it generates an event to the
network information module.
The Diffusion module has two functions: the transmission
as well as the reception of positive (and negative) detec-
tions. A key issue of our approach is the diffusion of infor-
mation. As the number of selfish nodes is low compared to
the total number of nodes, positive detections can always be
transmitted with a low overhead. However, transmitting
only positive detections has a serious drawback: false posi-
tives can be spread over the network very fast. Thus, the
transmission of negative detections is necessary to neutral-
ise the effect of these false positives, but sending all known
negative detections can be troublesome, producing exces-
sive messaging or the fast diffusion of false negatives. Con-
sequently, we introduce a negative diffusion factor g, that is
the ratio of negative detections that are actually transmitted.
This value ranges from 0 (no negative detections are trans-
mitted) to 1 (all negative detections are transmitted). We
will show in the evaluation section that a low value for the
g factor is enough to neutralise the effect of false positives
and false negatives. Finally, when the diffusion module
receives a new contact event from the watchdog, it transmits
a message including this information to the new neighbour
node. When the neighbour node receives a message, it gen-
erates an event to the network information module with the
list of these positive (and negative) detections.
Updating or consolidating the information is another key
issue. This is the function of the Information Update module.
A node can have the following internal information about
other nodes: NoInfo state, Positive state and Negative
state. A NoInfo state means that it has no information
about a node, a Positive state means it believes that a
node is selfish, and a Negative state means it believes that
a node is not selfish. A node can have direct information
(from the local watchdog) and indirect information (from
neighbour nodes). CoCoWa is event driven, so the state of a
node is updated when the PosEvt or NegEvt events are
received from the local watchdog and diffusion modules. In
particular, these events updates a reputation value r using
the following expression:
r ¼ r þ D D ¼
þd ðPosEvt; LocalÞ
þ1 ðPosEvt; IndirectÞ
Àd ðNegEvt; LocalÞ
À1 ðNegEvt; IndirectÞ:
8
:
d ! 1 (1)
In general, a PosEvt event increments the reputation
value while a NegEvt event decrements it. Defining u as a
threshold and using the reputation value r, the state of the
node changes to Positive if r ! u, and to Negative if
r Àu. Otherwise, the state is NoInfo. The combination of
d and u parameters allows a very flexible and dynamic
behaviour. First, if u 1 and d u we need several events
in order to change the state. For example, starting from the
NoInfo state, if u ¼ 2 and d ¼ 1, at least a local and an indi-
rect event is needed to change the state, but if u ¼ 1, only
one event is needed. Second, we can give more trust to the
local watchdog or to indirect information. For example, a
value of d ¼ 2 and u ¼ 3, means that we need one local event
and one indirect event, or three indirect events, to change
the state. This approach can compensate wrong local deci-
sions: for example, a local NegEvt can be compensated by
2d þ u indirect PosEvt events, and in order to change from
Positive to Negative states (or vice-versa) we need
twice the events.
The advantages of this updating strategy are twofold.
First, with the threshold u we can reduce the fast diffusion
of false positive and false negatives. Nevertheless, this can
produce a delay on the detection (more events are needed
to get a better decision). Second, the decision about a selfish
node is taken using the most recent information. For exam-
ple, if a node had contact with the selfish node a long time
ago (so it had a Positive state) and now receives several
NegEvt in a row from other nodes, the state is updated to
Negative.
Finally, the network information about the nodes has an
expiration time, so after some time without contacts it is
updated. The implementation of this mechanism is straight-
forward. When an event is received, it is marked with a
time stamp, so in a given timeout an opposite event is gen-
erated, in order to update the value of r.
3 CHARACTERISING INTER-CONTACT TIMES
Characterising inter-contact times (or inter-meeting times)
between pairs of nodes is essential for analysing the perfor-
mance of contact-based protocols in cooperative network-
ing. The inter-contact times distribution is obtained by
aggregating the individual pair distribution of all combinations
of pairs of nodes in the network. The individual pair distribu-
tion is defined as the distribution of the time elapsed
between two consecutive contacts between the same pair of
nodes [27].
The assumption that the aggregated inter-contact time
follows an exponential distribution with rate has been
shown to hold in several mobility scenarios of both humans
and vehicles [11], [23], [37]. For example, in [11] it is shown
Fig. 2. CoCoWa architecture.
1164 IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 14, NO. 6, JUNE 2015
4. that, for the random waypoint and random direction mobil-
ity models, parameter is related to the mean speed of nodes
v, through an empirical expression. There is some contro-
versy about whether this exponential distribution relates to
real mobility patterns. Empirical results have shown that the
aggregated inter-contact time distribution follows a power-
law and has a long tail [7], meaning that there are some pairs
of nodes that barely experience contact. In [6] it is shown that
in a bounded domain, such as the one selected along this
paper, the inter-contact distribution is exponential, but in an
unbounded domain the distribution is power-law. The
dichotomy of this distribution is described in [18]: a trun-
cated power law with exponential decay appearing in its tail
after some cutoff point. A recent paper [27] presents the
dependence between the individual pair distribution and the
aggregated distribution. It is stated that, starting from the expo-
nential individual pair distribution, the aggregated is distrib-
uted according to a Pareto law. It also verifies the dichotomy
property of the aggregate distribution analytically. The work
in [10] analysed some popular mobility traces and found that
over 85 percent of the individual pair distributions fit an expo-
nential distribution.
Therefore, we consider that using an exponential fit is a
valid assumption to model inter-contact times. Our analyti-
cal model assumes an exponential distributed inter-contact
rate between nodes and, therefore, it is suited for modelling
the contacts in MANETs and DTNs networks.
4 SYSTEM MODEL
The network is modelled as a set of N wireless mobile nodes,
with C collaborative nodes, M malicious nodes and S selfish
nodes (N ¼ C þ M þ S). Our goal is to obtain the time and
overhead that a set of D C nodes need to detect the selfish
nodes in the network. The overhead is the number of infor-
mation messages transmitted up to the detection time.
Note that the following models evaluate the detection
of a single selfish node. The effect of having several self-
ish nodes in a network is easy to evaluate, and it does
not require a specific model. If we assume that selfish
nodes are not cooperative, we can analyse the impact of
each selfish node on the network independently. In the
case of several selfish nodes (S 1) on a network with N
nodes, we can assume that there are C ¼ N À S coopera-
tive nodes.
4.1 The Model for the CoCoWa Architecture
The goal of this section is to model the behaviour of the dif-
ferent modules of our architecture (see Fig. 2). The local
watchdog is modelled using three parameters: the probabil-
ity of detection pd, the ratio of false positives pfp, and the
ratio of false negatives pfn. The first parameter, the probabil-
ity of detection (pd), reflects the probability that, when a
node contacts another node, the watchdog has enough
information to generate a PosEvt or NegEvt event. This
value depends on the effectiveness of the watchdog, the
traffic load, and the mobility pattern of nodes. For example,
for opportunistic networks or DTNs where the contacts are
sporadic and have low duration, this value is lower than for
MANETs. Furthermore, the watchdog can generate false
positives and false negatives. A false positive is when the
watchdog generates a positive detection for a node that is
not a selfish node. A false negative is generated when a self-
ish node is marked as a negative detection. In order to mea-
sure the performance of a watchdog, these values can be
expressed as a ratio or probability: pfp is the ratio (or proba-
bility) of false positives generated when a node contacts a
non-selfish node, and pfn is the ratio (or probability) of false
negatives generated when a node contacts a selfish node.
Using the previous parameters we can model the probabil-
ity of generating local PosEvt and NegEvt events when a
contact occurs:
PosEvt event: the node contacts with the selfish
node and the watchdog detects it, with probability
pdð1 À pfnÞ. Note that a false positive can also be gen-
erated with probability pd Á pfp.
NegEvt event: the node contacts with a non-selfish
node and detect it with probability pdð1 À pfpÞ. A
false negative can also be generated when it contacts
with the selfish node with probability pd Á pfn.
The diffusion module can generate indirect events when a
contact with neighbour nodes occurs. Nevertheless, a con-
tact does not always imply collaboration, so we model this
probability of collaboration as pc. The degree of collabora-
tion is a global parameter, and it is used to reflect that either
a message with the information about the selfish node is
lost, or that a node temporally does not collaborate (for
example, due to a failure or simply because it is switched
off). In real networks, full collaboration (pc ¼ 1) is almost
impossible. Finally, the probability of generating the indi-
rect events are the following:
PosEvt event: a contact with another node that has a
Positive state of the selfish node with probability pc.
NegEvt event: a contact with another node that has a
Negative state, being the probability g Á pc. Note
that not all Negative states are transmitted, it
depends on the diffusion factor g.
The information update module is driven by the previous
local and indirect events. These events update the reputa-
tion r about a node, and are used to finally decide if a node
is selfish or not using the threshold u.
4.2 Malicious Nodes and Attacker Model
Malicious nodes attempt to attack the CoCoWa system by
generating wrong information about the nodes. Thus, the
attacker model addresses the behaviour or capabilities of
these malicious nodes. A malicious node attack consists of
trying to send a positive about a node that is not a selfish
node, or a negative about a selfish node, with the goal of
producing false positives and false negatives on the rest of
nodes. In order to do this, it must have some knowledge
about the way CoCoWa works. The effectiveness of this
behaviour clearly depends on the rate and precision that
malicious nodes can generate wrong information. Malicious
nodes are assumed to have a communications hardware
similar to the rest of nodes, so they can hear all neighbour
messages in a similar range than the rest of nodes. Never-
theless, the attacker could use high-gain antennas to
increase its communications range and thus disseminate
false information in a more effective manner.
HERNANDEZ-ORALLO ET AL.: COCOWA: A COLLABORATIVE CONTACT-BASED WATCHDOG FOR DETECTING SELFISH NODES 1165
5. Regarding the diffusion of information on the network,
our approach does not assume any security measures, such
as message cyphering or node authentification. Neverthe-
less, if these measures exist, the effect of malicious nodes in
CoCoWo will be very reduced or even non-existent. The dif-
fusion module can also accepts messages from every node,
including from malicious ones. Thus, we assume that mali-
cious nodes can be active, and use this information in order
to generate wrong positives/negatives about other nodes.
Nevertheless, we assume that malicious nodes cannot
impersonate other nodes and do not collude with other
malicious nodes (that is, they do not cooperate among
them). Another problem is the Sybil attack [8]. Since mali-
cious nodes can create and control more than one identity
on a single physical device, it can have a serious impact on
CoCoWa. Thus, a specific security measure is needed, such
as the one presented in [1].
The behaviour of malicious nodes is modeled from the
receiver perspective, which is based on the probability of
receiving wrong information about a given node when a
contact with a malicious node occurs (that is, it receives a
Negative about the selfish node, and a Positive about
the other nodes). We denote this behaviour as the malicious-
ness probability pm. Below we detail several aspects that can
affect this probability:
1) The reception of information, considering that not all
contacts produce this reception. This aspect is similar
to the collaboration degree (that is, the pc parameter),
but an increase of communication range of the mali-
cious nodes will increase the information reception.
2) The malicious nodes do not have information about
all nodes; so, in order to send a positive/negative
about a node, they must have contacted this node
previously or have received a message from other
nodes.
3) Another issue to consider is the proper generation of
wrong information, for example when receiving a
positive of a node that is not a selfish node. From the
receiver point of view, a perfect malicious node will
always provide wrong information. In this case, the
malicious node, in order to send wrong information,
must know the state of each node. In other words it
must have a perfect local watchdog (about the node
it contacts).
Summing up, this parameter reflects the average inten-
sity or effectiveness of the attack of the malicious nodes.
4.3 The Model for the Detection of Selfish Nodes
In this section we introduce an analytical model for evaluat-
ing the performance of CoCoWa. The goal is to obtain the
detection time (and overhead) of a selfish node in a net-
work. This model takes into account the effect of false nega-
tives. False positives do not affect the detection time of the
selfish node, so pfp is not introduced in this model.
Using as the contact rate between nodes, we can model
the network using a 4D continuous time Markov chain (4D-
CTMC). For modelling purposes, the collaborative nodes
are divided into two sets: a set with D destination nodes, and
a set of E ¼ C À D intermediate nodes. The destination and
intermediate nodes have the same behaviour (both are
collaborative nodes). The only purpose of this division is to
analytically obtain the time and the overhead required for
the subset of destination nodes to detect the selfish node.
Thus, the 4D-CTMC states are: ðdpðtÞ; dnðtÞ; epðtÞ; enðtÞÞ,
where epðtÞ represents the number of intermediate nodes that
have a Positive state, enðtÞ the intermediate nodes with a
Negative state, dpðtÞ the destination nodes with a Posi-
tive state and dnðtÞ the destination nodes with a Negative
state. Note that, in this model, a Negative is a false nega-
tive. The states must verify the following conditions:
dpðtÞ þ dnðtÞ D and epðtÞ þ enðtÞ E. Our 4D-CTMC
model has an initial state ð0; 0; 0; 0Þ (that is, all nodes have
no information). The final (absorbing) states are when
dpðtÞ ¼ D. We define y as the number absorbing states, that
are all possible permutations of states (fðD; 0; Ã; ÃÞg) that
sum E. It is easy to derive that y ¼ PS
ðEÞ ¼ 0:5ðE þ 1Þ
ðE þ 2Þ. The number of transient states t is obtained in a
similar way: t ¼ ðPS
ðDÞ À 1ÞPS
ðEÞ. This model can be
expressed using the following generator matrix Q:
Q ¼
T R
0 0
; (2)
where T is a t  t matrix with elements qij denoting the
transition rate from transient state si to transient state sj, R
is a t  y matrix with elements qij denoting the transition
rate from transient state si to the absorbing state sj, the left
0 is a y  t zero matrix, and the right 0 is a y  y zero
matrix.
Now, we derive the transition rates qij. Given the state
si ¼ ðep; en; dp; dnÞ,1
we have:
qij ¼
RpðE À ep À enÞ epþ
RfnðE À ep À enÞ enþ
Rfnep epÀ
Rpen enÀ
RpðD À dp À dnÞ dpþ
RfnðD À dp À dnÞ dnþ
Rfndp dpÀ
Rpdn dnÀ;
8
:
(3)
where xþ represents a transition from state ð. . . ; x; . . .Þ to
ð. . . ; x þ 1; . . .Þ, and xÀ represents a transition from state
ð. . . ; x þ 1; . . .Þ to ð. . . ; x; . . .Þ. Finally, qii ¼ À
P
i6¼j qij.
The first transition epþ is when a intermediate collabora-
tive node changes from NoInfo state to a Positive state
(ðdp; dn; ep; enÞ to ðdp; dn; ep þ 1; enÞ). The rate of change
depends on the updating of r, and on the d and u parame-
ters. The reputation value r increments according to expres-
sion 1. This update can be generated by local events and
indirect events. First, the local watchdog can generate a
local PosEvt with rate pdð1 À pfnÞ so the reputation is
incremented by d. Then, the rate of increment due to local
events is dpdð1 À pfnÞ. Second, updating from an indirect
event depends on the number of nodes with Positive and
Negative states and the probability of collaboration:
pcðcp À gcnÞ where cp ¼ ep þ dp and cn ¼ en þ dn. Malicious
nodes affect this updating by generating indirect NegEvt
with a rate Mpm. Since we are evaluating the increment,
1. For simplicity, we omit the time in the states.
1166 IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 14, NO. 6, JUNE 2015
6. this term must be positive. So, the final rate due to indirect
events is maxðpcðcp À gcnÞ À MpmÞ. All the previous terms
are divided by threshold u in order to obtain the rate of
changing when a node contacts with a collaborative node:
Rp ¼ ðdpdð1 À pfnÞ þ maxðpcðcp À gcnÞ À Mpm; 0ÞÞ=u: (4)
Finally, there are ðE À ep À enÞ nodes with the NoInfo state
so the final transition rate is RpðE À ep À enÞ.
The second transition, enþ, is when a intermediate collabo-
rative node changes from ðdp; dn; ep; enÞ to ðdp; dn; ep; en þ 1Þ.
This means that a intermediate collaborative node changes to
a Negative state (a false negative). We can derive a similar
expression for the rate of change to a (false) Negative state
RfN . In this case, when a node contacts with the selfish node,
the reputation is decreased with rate dpdpfn, and also by
indirect events with rate ðpcðgcn À cpÞ þ MpmÞ. Finally, we
have:
Rfn ¼ ðdpdpfn þ maxðpcðgcn À cpÞ þ Mpm; 0ÞÞ=u (5)
and the transition is RfnðE À ep À enÞ.
The transition epÀ is when a intermediate collaborative
node that has a Positive state changes to NoInfo. This
event is similar to enþ and the transition rate is similar:
Rfnep. Note that in this case we multiply by the number of
nodes that have a Positive state instead of the number of
pending nodes. In a similar way, the transition enþ occurs
when a intermediate collaborative node that has a Negative
state changes to NoInfo. So, the transition rate is Rpen. For
transitions regarding destination nodes, the rates are very
similar to the previous ones, as seen in expression 3. Finally,
all these transitions retain the exponential distribution of
useful contacts (that is, the contacts that produce a transi-
tion), preserving the Markovian nature of the process.
Using the generator matrix Q we can derive two different
expressions: one for the detection time Td and another for
the overall overhead (or cost) Od. Starting with the detection
time, from the 4D-CTMC we can obtain how long it will
take for the process to be absorbed. Using the fundamental
matrix N ¼ ÀTÀ1
, we can obtain a vector t of the expected
time to absorption as t ¼ Nv, where v is a column vector of
ones (v ¼ ½1; 1; . . . ; 1ŠT
). Each entry ti of t represents the
expected time to absorption from state si. Since we only
need the expected time from state s1 ¼ ð0; 0; 0; 0Þ to absorp-
tion (that is, the expected time for all destination nodes to
have a Positive state), the detection time Td, is:
Td ¼ E½TŠ ¼ v1Nv; (6)
where T is a random variable denoting the detection time
for all nodes and v1 ¼ ½1; 0; . . . ; 0Š. Concerning the overhead
we need to obtain the number of transmitted messages for
each state si. First, the duration of each state si can be
obtained using the fundamental matrix N. By definition, the
elements of the first row of N are the expected times in each
state starting from state 0. Then, the duration of state si is
fi ¼ Nð1; iÞ.
Now, we calculate the expected number of messages mi.
The number of messages depends on the diffusion model.
For an easier exposition, we start with g ¼ 0, that is,
only the positive detections are transmitted. From state
s1 ¼ ð0; 0; 0; 0Þ to sEþ1=ð0; 0; 0; EÞ no node has a Positive
state, so no messages are transmitted and m1 ¼ 0. From
states sEþ2 ¼ ð0; 0; 1; 0Þ to s2Eþ1 ¼ ð0; 0; 1; E À 1Þ, one node
has a Positive state. In these cases, the Positive can be
transmitted to all nodes (except itself) for the duration of
each state i (Nð1; iÞ) with a rate and probability pc. Then,
the expected number of messages can be obtained as
mi ¼ Nð1; iÞðC À 1Þpc. From states s2Eþ2 ¼ ð0; 0; 2; 0Þ to
s3Eþ1 ¼ ð0; 0; 2; E À 2Þ, we have two possible senders and
mi ¼ 2Nð1; iÞðC À 1Þpc. Considering both types of nodes
(destination and intermediate), the number of nodes with a
Positive for state si is FðsiÞ ¼ dp þ ep. Summarizing, the
overhead of transmission (number of messages) is:
Od ¼ E½MsgŠ ¼ ðC À 1Þpc
Xt
i¼1
FðsiÞNð1; iÞ: (7)
Finally, for g 0, the ratio of nodes cn that will transmit a
Negative is precisely g, so FðsiÞ ¼ dp þ ep þ gðdn þ enÞ.
Using the previous model, we can also evaluate the time
when destination nodes D have a ”false negative” about the
selfish node. In this case the absorbing states are f0; D; Ã; Ãg,
that is, when dn ¼ D. A high rate of false negatives and
malicious nodes may cause a false negative state to be
reached in less time than a true positive detection. This situ-
ation (and the solution) is studied in Section 5.2.
4.4 The Model for False Positives
We now develop a model for evaluating the effect of false
positives. This model evaluates how fast a false positive
spreads in the network (the diffusion time). Thus, in this
case, a greater diffusion time stands for a lower impact of
false positives. The diffusion time is similar to the detection
time of true positives described in the previous section, and
it can be obtained in a similar way. Following the same pro-
cess that in the previous model for the false negatives, we
have a 4D-CMTC with the same states ðdp; dn; ep; enÞ, but in
this case cp ¼ dp þ ep represents the number of nodes with a
false positive, and cn ¼ dn þ en the number of nodes with a
(true) negative detection. We can derive expressions similar
to 4 and 5, for the case of false positives. In this case, RfP
represents the rate of a false positive, and it is derived in a
similar way:
Rfp ¼ ðdpdpfp þ maxðpcðcp À gcnÞ þ Mpm; 0ÞÞ=u (8)
and Rn represents the rate of negative detection:
Rn ¼ ðdpdð1 À pfpÞ þ maxðpcðgcn À cpÞ À Mpm; 0ÞÞ=u: (9)
Using these expressions, the transition rates (qij) of the gen-
erator matrix Q are similar to expression 3, substituting RP
and Rfn by Rfp and Rn, respectively. Finally, using Equa-
tions (6) and (7) described in our previous model, we can
obtain the diffusion time and the overhead.
5 ANALYTICAL EVALUATION
This section is devoted to evaluate the performance of
CoCoWa. The analytical model introduced in Section 4 has
several parameters, so in this paper we focus on those
parameters that clearly affect performance. First, we study
HERNANDEZ-ORALLO ET AL.: COCOWA: A COLLABORATIVE CONTACT-BASED WATCHDOG FOR DETECTING SELFISH NODES 1167
7. the global performance of our approach considering the col-
laborative issues. Then, we focus our study on the impact of
false negatives, false positives, and malicious nodes. Finally,
we compare our approach to the classic periodic diffusion
model. Note that, since is a multiplying factor of all transi-
tion rates in matrix Q (except for qii), the concluding results
of this section are valid for any value of (a greater value of
will affect only on a reduction of the detection time). For
the evaluations that follow, we consider a value of 0.01 con-
tacts/s, which has been shown to be a valid value in vehicu-
lar scenarios [37]. The following evaluations also consider
the experimental ranges of several parameters obtained
from previous works of our research group [16], [29]. In par-
ticular, the probability of detection is low because the local
watchdog needs enough packets to generate a positive (or
negative) detection of a selfish node pd $ ½0:1; 0:3Š, and the
ratio of false negatives and false positives are related to pd;
for the range considered the former take the following val-
ues: pfn $ ½0:05; 0:25Š and pfp $ ½0:1; 0:3Š.
5.1 Global Performance Evaluation
In the experiments of this section we assume ideal condi-
tions: there are no false positives, no false negatives and no
malicious nodes: pfn ¼ pfp ¼ M ¼ pm ¼ 0, and only positive
detections are transmitted: g ¼ 0. The first evaluation ana-
lyse the impact that the degree of collaboration (pc) has over
the efficiency of CoCoWa. The number of selfish nodes is
one (S ¼ 1) and the detection parameters are: u ¼ d ¼ 1.
Fig. 3a shows the detection time and overhead for all nodes
in a network with 25 nodes (N ¼ 25; D ¼ 24) with different
probabilities of detection (pd), ranging from a low detection
ratio (0.1), typical of DTNs and Opportunistic Networks, to
greater detection ratios (0.3) typical of MANETs [16], [29].
We observe that, when increasing the degree of collabora-
tion from 0 to 0.2, the detection time is reduced exponen-
tially and the overhead is increased. The effect of pd is the
expected: for greater values of pd, the detection time is
reduced. For example, for pd ¼ 0:1, the detection time with
no collaboration (pc ¼ 0) is 3775 s. This value can be greatly
reduced by using CoCoWa. Thus, even for a low collabora-
tion rate (pc ¼ 0:2), the detection time for all nodes is
reduced to 181 s with an overhead of just 82 messages,
which represents an improvement of about 2000 percent on
the detection time. Regarding the detection probability (pd),
we can see that the detection time is greatly reduced even
for low values, so CoCoWa is useful in both Opportunistic
Networks and DTNs. The previous results show that, when
using the local watchdog alone, the detection time is very
high (close to one hour). The implications are important. A
one hour detection is not useful, because it is equivalent to
no detection. Thus, when using collaboration, the detection
time is reduced from hours to seconds, meaning that nodes
can take appropriate actions in time to avoid the selfish
nodes, thereby improving the network performance.
We now evaluate the impact that the number of nodes
has on performance. For the following experiments, we set
pd ¼ pc ¼ 0:2. In the first experiment the value of N ranges
from 10 to 100 (see Fig. 3b) while also varying the number
of destination nodes. A value of D ¼ N À 1 evaluates the
detection for all collaborative nodes in the network (the
overall detection), and D ¼ 1 evaluates the detection time for
only one node (the individual detection). Thus, the overall
detection evaluates the performance of the entire network,
while the individual detection evaluates the performance seen
from an arbitrary node. We observe that, in general, the
greater the number of nodes, the smaller the detection time
Fig. 3. Global performance evaluation in the absence of false negatives, false positives and malicious nodes. a) detection time depending on collabo-
ration in a network of N ¼ 25, b) detection time depending on the number of nodes, c) number of destination nodes that have detected the selfish
nodes depending on the detection time, d) detection time depending on the parameters of the detection function (u and d). In these plots, the continu-
ous line represents the overhead and the dashed line the detection time.
1168 IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 14, NO. 6, JUNE 2015
8. and the greater the number of messages. The main reason is
that, when the number of nodes is greater, the number of
contacts increases and so the information about the positive
detection is disseminated more quickly. The cost is directly
proportional to N.
Finally, as expected, for D ¼ 1 the detection time is less
than for D 1, but this increase is not exponential with D.
We can evaluate this through the dynamics of the overall
detection process. Fig. 3c shows the number of destination
nodes (D) informed about the selfish nodes depending on
time with diferent network sizes. The figure shows that,
when the number of nodes is low (N 20), the first detec-
tion takes more time, and the next detections have also a
low rate. The reason is that, when N is low, the number of
contacts is also low, and so the diffusion of the positives
becomes very slow. On the other hand, in a network with
more nodes, there are more contacts, meaning that this dif-
fusion is faster (that is, the process runs faster).
Now, we are going to evaluate the detection function,
that is the impact of the u and d parameters. We expect that
greater u values imply greater detection times and over-
head, due to the number of events required to make a deci-
sion. This is confirmed in the results shown in Fig. 3d. In
this plot we can also observe that increasing d, that is, giving
more trust to local events, implies a reduction of both detec-
tion time and overhead (which is logical, since less events
are needed). The significance of these detection parameters
will become more evident when handling malicious nodes.
Finally, the effect of having several selfish nodes S 1 is
easy to evaluate. Since the number of cooperative nodes is
reduced when S increases (C ¼ N À S), the effect is similar
to reducing the number of nodes in the network. For exam-
ple, a network with N ¼ 100 and S ¼ 5 has a behaviour sim-
ilar to a network with N ¼ 96 and S ¼ 1. Thus, the harmful
effect of selfish nodes depends mainly on the number of
remaining collaborative nodes. If this number is very low
(below 20), as shown in Fig. 3b, the cooperation is greatly
reduced and the detection time increases exponentially.
In the following sections, we evaluate the impact of false
negatives, false positives and malicious nodes. Since we are
evaluating the performance of the node’s collaborative
watchdog, we choose to evaluate the performance from an
arbitray node (that is, we set D ¼ 1).
5.2 Impact of False Negatives
The goal of the following experiments is to evaluate the
impact of false negatives. In all the experiments we used
pd ¼ 0:1, M ¼ pm ¼ 0, D ¼ 1, N ¼ 25. We are going to evalu-
ate how the detection time (and overhead) increases depend-
ing on the ratio of false negatives (pfn). The first experiment
evaluates the influence of collaboration for several values of
pc when only positive detections are transmitted (that is
g ¼ 0). The detection parameters were u ¼ 1 and d ¼ 1. We
can see in Fig. 4a that the detection time increases with the
ratio of false negatives. This figure also shows the effect of
collaboration: the greater the collaboration the lesser the
detection time. This means that, even a low degree of collabo-
ration reduces the impact of these local false negatives.
Regarding the overhead, the experiment showed little influ-
ence on the number of messages, which is always close to 20
messages. Since only positive detections are transmitted, the
effect of collaboration is always favourable. Thus, the only
effect of increasing the detection parameters (u) is an incre-
ment on the detection time, while it fails at reducing the
impact of false negatives.
Now, we are going to evaluate the effect of transmitting
all negative detections (g ¼ 1). Fig. 4b shows the results for
g ¼ 1. The results when pfn is zero are very similar to the
“positive detections only” diffusion case (g ¼ 0). However,
when pfn is greater than zero we can observe that the detec-
tion time for values of pc 0 increases exponentially being
greater than the detection time with no collaboration (the
dashed red line). We evaluate the time the destination node
reaches a false negative state to confirm this effect. When
pfn is near to 0.5, the model shows that this false negative
state is reached before a true positive state.
Summing up, if only positive detections are transmitted,
the detection time is greatly reduced and the impact of false
negatives is also reduced; however, when all known nega-
tive detections are transmitted, collaboration amplifies the
effect of false negatives, which is clearly undesirable.
5.3 Impact of False Positives
In this section we evaluate the influence of false positives
using the model developed in Section 4.4. This model evalu-
ates how fast a false positive spreads in the network. Thus,
higher values of time imply slower diffusion of false posi-
tives. In this case, we expect that the diffusion of negative
detections (that is, g ¼ 1) will reduce the influence of false
positives and that when g is zero, the influence of false posi-
tives will be amplified. Fig. 5a shows the diffusion time for
Fig. 4. Evaluation of the impact of false negatives, a) for g ¼ 0, b) for
g ¼ 1.
HERNANDEZ-ORALLO ET AL.: COCOWA: A COLLABORATIVE CONTACT-BASED WATCHDOG FOR DETECTING SELFISH NODES 1169
9. g ¼ 0, using the same parameters of Fig. 4a. We observe,
that for the curves where pc 0, the effect of false positives
is indeed amplified, leading to a drastic reduction of the dif-
fusion time. This means that these false positives are spread
on the network rather quickly, as if they were ”true” posi-
tives. Consequently, we need to transmit the negative detec-
tions in order to compensate for these false positives. Fig. 5b
shows the results for g ¼ 1. In this case, we can see that the
detection time is highly increased when the collaboration
increases and so the effect of false positives is reduced.
One way to reduce this effect is to increase the reputation
threshold u. The results confirm that the diffusion time is
increased and so the harmful impact of false positives is
reduced. Nevertheless, the best approach to reduce this
effect is to use the diffusion factor. As shown, we have the
inverse effect that in the false negatives case. If only positive
detections are transmitted the effect of false positives is
magnified and so the transmission of negative detections is
needed in order to reduce the impact of false positives. This
effect can be regulated using the g factor. Thus, we evalu-
ated the same scenario of Figs. 4 and 5 for g ¼ 0:1. For the
detection time the resulting graph is very similar to Fig. 4a,
confirming that the detection time is reduced, even if the
ratio of false negatives is high. Regarding the diffusion
time, the resulting graph is similar to Fig. 5a, that is, the dif-
fusion time is increased when the collaboration increases,
effectively reducing the effect of false positives. Summing
up, the g value must be tuned properly in order to achieve
the desired behavior. A g value near zero greatly reduces
the detection time of selfish nodes, but it increases the
diffusion of false positives. A value near one increases the
detection time (due to the effect of false negatives), but it
reduces the diffusion of false positives. For practical imple-
mentations, and based on the results of our experiments, g
values from 0:05 to 0:25 represent good options.
5.4 Impact of Malicious Nodes
In the following experiments we evaluate the effect of
malicious nodes. Fig. 6a shows the detection time of a selfish
node depending on the maliciousness probability of one
node (M ¼ 1). This ratio range from 0 (no malicious behav-
iour) to 0.5 (a very malicious behaviour). The parameters
used are similar to previous experiments (N ¼ 25, D ¼ 1,
pfn ¼ pd ¼ 0:1, u ¼ d ¼ 1, g ¼ 0:1). We can conclude that
when pm increases the detection time increases. This effect
is reduced for greater degrees of collaboration. Neverthe-
less, for values of pm 0:3, the impact is very reduced,
meaning that collaboration reduces the impact of malicious
nodes. The impact on the diffusion of a false positive is
shown in Fig. 6b when pfp is 0.2. We can see that the diffu-
sion time is reduced when pm increases, so a false positive
has a faster diffusion. Increasing the degree of collaboration
reduces this diffusion for low values of pm.
The previous experiments show that collaboration can-
not reduce the impact of malicious nodes for pm 0:2.
Therefore, in order to reduce this impact we need to
adjust the values of the detection parameters. In this
case, we need to give more trust to the local watchdog
(that is, the d parameter). This is confirmed by the results
shown in Fig. 7a using pc ¼ 0:2. The best results are
obtained for d ¼ u ¼ 2 and d ¼ u ¼ 3. Although the
Fig. 5. Evaluation of the impact of false positives: diffusion time of false
positives (the higher the best). a) when only positives are transmitted
(g ¼ 0), b) when positives and negative are transmitted g ¼ 1.
Fig. 6. Impact of malicious nodes a) detection time of selfish node for
g ¼ 0:1, b) diffusion time of false positives for g ¼ 0:1:
1170 IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 14, NO. 6, JUNE 2015
10. detection time is greater compared to d ¼ u ¼ 1 for low
values of pm, when pm is high, the detection time does
not increase exponentially as for d ¼ 1. Greater values of
d and u (not shown in the graph), increases the detection
time. Thus, given too much trust to the local watchdog is
a way to elude collaboration, so the detection time is
increased. Finally, regarding the diffusion of false posi-
tives, we can see in Fig. 7b that by increasing u this diffu-
sion is only slightly reduced.
Finally, the effect of the number of malicious nodes M
depends on the number of nodes evaluated. If the ratio
M=N is low, the impact can be controlled using collabo-
ration and reputation mechanisms, but if the ratio M=N
is high, the performance of the network can be very low.
Our experiments showed that the limit is about 0.1 (that
is, one malicious node for each ten collaborative nodes).
This contrasts to the effect of selfish nodes, that only
depends on the remaining cooperative nodes, and has
less impact on network performance. These results are
coherent, as they highlight the different behaviour of self-
ish and malicious nodes.
6 EXPERIMENTAL EVALUATION
This section introduces several experimental results of
CoCoWa using two realistic scenarios. It also compares
CoCoWa with previous approaches. But first, based on the
previous analytical results, we provide some experimental
guidelines to optimise CoCoWa.
6.1 Guidelines to CoCoWa Optimisation
The goal of this section is twofold: it is a guideline for select-
ing the correct configuration of CoCoWa for improving the
global performance and it also summarises the results
obtained in the experiments presented along this paper
(and from other experiments not include here).
The main criteria for tuning and adjusting CoCoWa
are shown on Table 1. Each row describes the influence
of the different factors on attaining a given performance
goal. In general, reducing the impact of false negatives
and false positives depends on the g factor, and in this
case, reducing both implies adjusting the diffusion factor,
as shown in the table. Regarding the detection parame-
ters, the best results are obtained when d ¼ u ¼ 1. Never-
theless, if the number of malicious nodes or their
probability (pm) is high, we must use d ¼ u ¼ f2; 3g in
order to assign more trust to local watchdogs.
Thus, the procedure for CoCoWa optimisation is the fol-
lowing: first, we need to obtain the network characteristics
such as number of nodes, contact rate and degree of collabo-
ration. These values can be experimentally measured or esti-
mated. The performance of the local watchdog is also
measured (or estimated), and it can depend on the network
characteristics. Note that this local watchdog can be adjusted
in terms of detection and precision (usually, the greater the
precision, the lesser the detection ratio, as the local watchdog
needs more packet overhearing to generate a more precise
detection). For example, in order to reduce the detection
time in a network with a given contact rate and collaboration,
the only solution is to increase the performance of the local
watchdog module (if it is possible). Other network character-
istics, such as the number (or ratio) of selfish and malicious
nodes, can be evaluated using several scenarios, such as the
worst case scenario.
6.2 Real Mobility Scenarios
In this section we are going to evaluate CoCoWa using real
mobility scenarios. One of the drawback of the analytical
model is the representativity of the mobility model.
Although it is shown to be an excellent approximation, it is
important to evaluate CoCoWa using both human and
Fig. 7. Reduction of the impact of malicious nodes using different detec-
tion parameters a) detection time of selfish nodes, b) diffusion time of
false positives.
TABLE 1
Criteria for the Selection of Parameters
Performance goal Parameter tuning
Reduce Detection
time
Increase detection ratio (pd). Increase
precision (reduce local False Negative
(FN) ratio (pfn))
Reduce Overhead Indirectly, reducing the detection ratio
(pd). Reduce diffusion factor g
Reduce Impact of
False Positives
Increase precision (reduce local False Pos-
itives (FP), pfp). Reduce diffusion factor g
Reduce Impact of
False Negatives
Increase precision (reduce local FN, pfn).
Increase diffusion factor g
Reduce Impact of
both FN and FP
Increase precision (reduce local FN and
FP). Set diffusion factor g in [0.05,025]
range
Reduce Impact of
Malicious Nodes
If the degree of maliciousness is high
(pm 0:2) or/and the number of mali-
cious nodes is high (M=N 0:1), give
more trust to local watchdog
(d ¼ u ¼ f2; 3g)
This table resumes the main factors that have impact on the consecution of the
goals. Some of the factors can be network dependent, so we need to adjust
another parameters (if it is possible).
HERNANDEZ-ORALLO ET AL.: COCOWA: A COLLABORATIVE CONTACT-BASED WATCHDOG FOR DETECTING SELFISH NODES 1171
11. vehicular mobility traces. In the following experiments we
used some well known real contact traces (see Table 2). The
Cambridge mobility set trace [17] was gathered from a set of
undergraduate students from the University of Cambridge
carrying small devices (iMotes) in 2005. The Shanghai Taxis
GPS Trace [37] was collected from 2,100 taxis in Shanghai
city during February of 2007. This trace does not contain the
contacts (it contains GPS locations), so a pre-process for
obtaining the contact trace is needed. Following the method
used in [37] we assume that a contact occurs if both vehicles
are within Wi-Fi range (100 meters). The result of processing
the previous mobility traces is a contact trace.
We did four experiments with different watchdog and
maliciousness parameters for each set of traces (see Table 3).
The parameter N is set to the number of nodes on each net-
work. In all experiments, we obtain the time and overhead
for detecting one selfish node (S ¼ 1) by one of the nodes in
the network (D ¼ 1), assuming collaboration (pc ¼ 0:3) and
no collaboration (pc ¼ 0), so we can clearly evaluate the ben-
efits of using CoCoWa. The simulator is the one described
in appendix A, which can be found on the Computer
Society Digital Library at http://doi.ieeecomputersociety.
org/10.1109/TMC.2014.2343627, but in this case we used a
real contact trace as the input. For each experiment, we per-
formed 1,000 simulations where the destination node and
the selfish node were randomly selected from all posible
nodes. The final result for each experiment is the mean
detection time (and overhead) with confidence intervals.
Note that, for the Shanghai experiment, our trace is limited
to a 24 hour period. So, in order to simulate more than a day
(the mean detection time is greater than 24 hours), we reuse
the same trace for every new day, randomly modifying
node numbers. This is a way to force all taxis to have a dif-
ferent route every day. Finally, using the contact rate () of
each trace (see Table 2), we also calculated the detection
time (and overhead) using the 4D-CTMC analytical model,
to check the precision of our model.
Table 4 shows the detection time for the four experiments
using both mobility traces. In general, we can see that our
approach greatly reduces the detection time of the selfish
node compared with a simple local watchdog solution.
Even in the worst scenario (low precision watchdog and
high ratio of malicious of nodes), the detection is greatly
reduced. Regarding the overhead, the results of the previ-
ous experiments confirm the analytical results. For example,
the overhead in CoCoWa for experiment 2 for Cambridge
was 31.5 (12.5-42.2) percent using simulation, and 34.2 using
the analytical model, which is a very reduced value. In gen-
eral, the overhead is linear with the number of nodes, so it
is a scalable approach.
These experiments confirm the results of the previous
section based on the analytical model. We can see that the
detection time and the overhead values obtained with the
analytical model are close to the simulated ones, so these
experiments also validate our analytical model.
6.3 Comparison with Other Approaches
We now proceed by comparing the CoCoWa approach with
previous cooperative approaches that use periodic mes-
sages for the diffusion of information about selfish node
detections (such as the ones presented in [20], [26], [28]).
Note that this comparison focuses only on the diffusion pro-
tocol. If a node has information about a positive (or nega-
tive) detection, it will periodically broadcast a message with
a given period P. This message will be received by all nodes
that are within the communication range of the sender. The
performance of this protocol clearly depends on the period
P. A short period will reduce the detection time, but the
number of messages transmitted (the overhead) will be
high. A large period will increase the detection time by
reducing the overhead.
TABLE 2
Description of Contact Traces
Cambridge Shanghai
Type Human Vehicle
Device iMote GPS+GPRS
Network Type Bluetooth WiFi
Duration (hours) 274 24
Resolution (s) 120 60
Nodes 36 2288
Contacts (C) 21200 1262498
Contact Rate (contacts/hour) 0.101 0.012
For the inter-contact rates () we used the sames values of [23].
TABLE 3
Parameters of the Different Real Mobility
Scenarios Experiments
Experiment Parameters
1 No false negatives and positives (low detection
ratio), No malicious nodes (pfn ¼ pfp ¼ 0:0,
pd ¼ 0:1, M ¼ 0, d ¼ u ¼ 1, g ¼ 0:1)
2 Low ratio of false positives and negatives
(higher detection ratio), No Malicious nodes
(pfn ¼ pfp ¼ 0:1, pd ¼ 0:2, M ¼ 0, d ¼ u ¼ 1,
g ¼ 0:1)
3 Low ratio of false positives and negatives,
Low ratio of Malicious nodes (pfn ¼ pfp ¼ 0:1,
pd ¼ 0:2, dM ¼ N=50e, pm ¼ 0:1, d ¼ u ¼ 1,
g ¼ 0:1)
4 Worst scenario: Higher ratio of false positives
and negatives, Higher ratio of Malicious nodes
and maliciousness (pfn ¼ pfp ¼ 0:2, pd ¼ 0:3,
dM ¼ N=20e, pm ¼ 0:1, d ¼ u ¼ 2, g ¼ 0:1)
TABLE 4
Detection Time in Hours Using Several Mobility Scenarios
Exp. Model Simulation Simulation (no colab.)
Cambridge
1 6.30 7.52 (2.12-12.14) 99.01 (40.36-140.53)
2 4.86 6.15 (2.05-11.02) 61.12 (38.92-99.80)
3 5.51 6.03 (1.12-12.14) 91.68 (43.12-139.60)
4 11.09 7.52 (2.12-12.14) 103.14 (80.48-159.17)
Shanghai
1 46.82 43.69 (20.06-53.63) 999.39 (614.79-1050.1)
2 36.58 34.93 (18.51-42.11) 605.18 (350.66-775.31)
3 40.77 45.81 (31.26-64.82) 997.77 (592.39-1050.6)
4 93.35 84.91 (50.61-124.5) 1191.45 (634.54-1502.6)
See Table 3 for the parameters of each experiment. In parenthesis are the 95 per-
cent confidence intervals.
1172 IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 14, NO. 6, JUNE 2015
12. The comparison of both protocols was based on a custom
simulator. This simulator reads a mobility trace and, know-
ing the position of the network nodes beforehand, simulates
the periodic diffusion protocol, broadcasting a periodic
message to all nodes that are within communication range,
as described in the previous paragraph. Since our simulator
can accept ns-2 setdest command mobility traces, we gener-
ated different mobility scenarios that are used to simulate
both approaches. The main parameters for the mobility
model are mean-speed = 5 m/s, side-area = 1,000 m, pause-
interval = 1 s and range = 100 m. Regarding CoCoWa, the
watchdog parameters are (pfp ¼ 0:17, pfn ¼ 0:08, pd ¼ 0:11),
that were obtained based on a set of real testbed experi-
ments from [16]. The remaining parameters are pc ¼ 0:2,
g ¼ 0:1, u ¼ d ¼ 1 and there are no malicious nodes (M ¼ 0).
Fig. 8a shows the detection time and overhead for the
periodic diffusion protocol when period P ranges from 1 to
30 s on a network with 40 nodes. Results confirm that
increasing period P implies a higher detection time while
reducing the overhead. We compare these results with the
detection time and overhead values for CoCoWa. The peri-
odic diffusion for periods below 3 s has a shorter detection
time than our model, but with a higher overhead. For exam-
ple, for P ¼ 1 s, the detection time is 823 s (compared with
857 s of CoCoWa) and the overhead is 9,791 messages
(CoCoWa cost is always 162). For P ¼ 3 s, the detection
time is similar to our approach, and the overhead is 3,779
messages. In order to clearly compare these approaches,
Fig. 8b shows the ratio between the detection time and over-
head for both of them. Three different numbers of nodes
(N ¼ 30; 40; 50) are used. We can see that, for the periodic
diffusion, the detection time increases compared to the
CoCoWa approach. Only for reduced periods (P 4) is the
detection time lower or equal than for CoCoWa. Regarding
the overhead, we can see that even when increasing the
period, it is still six times greater than with CoCoWa.
Regarding false positives, in the periodic model the diffu-
sion time of false positives is reduced for low values of P.
For example, for N ¼ 40 the detection time of false positives
is reduced from 15;024 s when there is no diffusion of posi-
tive detections to 900 s when P ¼ 1.
Summarizing, although using periodic diffusion can
reduce the detection time slightly, this implies a large over-
head and the impact of false positives is very high, and so it
is not a viable strategy for low period values.
7 RELATED WORK
There are two main strategies to deal with selfish behaviour
in cooperative networks. The first approach tries to motivate
the nodes to actively participate in the forwarding activities.
For example, in [4], [5] the authors presented a method
using a virtual currency called nuglet. Zhong et al. [36] pro-
posed SPRITE, a credit-based system to incentivate partici-
pation of selfish nodes in MANET communication. These
incentivation methods present several problems, such as
the need for some kind of implementation infrastructure to
maintain the accounting and they usually rely on the use of
some kind of tamper-proof hardware. The COMMIT Proto-
col [9] combines game-theoretic techniques to achieve truth-
fulness and an incentivation payment scheme to reduce the
impact of selfish nodes on routing protocols. Regarding the
detection and exclusion approach, there are several solu-
tions for MANETs and DTNs. A first study about misbehav-
ing nodes and how watchdogs can be used to detect them
was introduced in [25]. The authors proposed a Watchdog
and Pathrater over the DSR protocol to detect non-forward-
ing nodes, maintaining a rating for every node. In [28]
another scheme for detecting selfish nodes based on context
aware information was proposed.
In previous works it has been shown how some degree of
cooperation can improve the detection of selfish or misbe-
having nodes. The CONFIDENT protocol was proposed in
[3], which combines a watchdog, reputation systems,
Bayesian filters and information obtained from a node and
its neighbours to securely detect misbehaving nodes. The
system’s response is to isolate those nodes from the net-
work, punishing then indefinitely. A distributed intrusion
detection system (IDS) is introduced in [35]. In this
approach if a node locally detects an intrusion with strong
evidence, it can initiate a response. However, if a node
detects an anomaly with weak evidence, it can initiate a
cooperative global intrusion detection procedure. A similar
approach is the mobile intrusion detection system described
in [20]. In this case, local sensor ratings are periodically
flooded throughout the network in order to obtain a global
rating for each misbehaving node. Another approach is
CORE “collaborative reputation mechanism” [26]. The
CORE system is similar to the distributed IDS approaches
described below. It consists in local observation using
watchdogs that are combined and distributed to obtain a
reputation for each node. This reputation is used to deter-
mine whether a node is allowed to participate (otherwise, it
Fig. 8. Comparison of periodic diffusion and CoCoWa. a) Detection time
and overhead depending on period P for N ¼ 40. The dotted lines
around the curves are the 95 percent confidence intervals. The confi-
dence intervals for the CoCoWa detection time and overhead, are not
plotted in the graph and are [625, 1021] and [102, 243] respectively. b)
Plot of the ratio between the detection time of periodic diffusion and
CoCoWa (TdðPÞ=TdðCoCoWaÞ) and overhead (OdðPÞ=OdðCoCoWaÞ)
HERNANDEZ-ORALLO ET AL.: COCOWA: A COLLABORATIVE CONTACT-BASED WATCHDOG FOR DETECTING SELFISH NODES 1173
13. is excluded). Another approach is OCEAN [2] where the
reputation of a neighbour is evaluated using only locally
available information, avoiding complex and potentially
vulnerable techniques of reputation propagation through-
out the network. It is shown that, even with direct neigh-
bour observations, OCEAN performs almost as well as
those schemes that share second-hand reputation informa-
tion. In [14] an analytical selfish model (which is tied specifi-
cally to the Ad hoc on-demand distance vector (AODV)
routing protocol) is proposed. A recent work [34], introdu-
ces the audit-based misbehaviour detection (AMD) which
isolates continuous and selective packet droppers. The
AMD system integrates reputation management, trustwor-
thy route discovery, and identification of misbehaving
nodes based on behavioural audits. This scheme also col-
lects first and second-hand information for obtaining the
reputation of nodes.
More recently, papers have focused on DTNs. In [19], the
author introduces a model for DTN data relaying schemes
under the impact of node selfishness. A similar approach is
presented in [23] that shows the effect of socially selfish
behaviour. Social selfishness is an extension of classical self-
ishness (also called individual selfishness). A social selfish
node can cooperate with other nodes of the same group,
and it does not cooperate with other nodes outside the
group. The impact of social selfishness on routing in DTN
has been studied in [22].
Our approach presents similarities with the ones pre-
sented in [20], [26]. Nevertheless, these approaches do
not evaluate the effect of false positives, false negatives
and malicious nodes. For example, the approach in [26]
only transmits positive detections. The problem, as
shown in the evaluation sections, is that if a false posi-
tive is generated it can spread this wrong information
very quickly on the network, isolating nodes that are not
selfish. Therefore, an approach that includes the diffu-
sion of negative detections as well becomes necessary.
Another problem is the impact of colluding or malicious
nodes. Although a reputation system, as the one pre-
sented in [26], can be useful to mitigate the effect of
malicious nodes, it clearly depends on how are com-
bined local and global ratings, as shown in this paper.
Another implementation issue is the high imposed over-
head due to the flooding process in order to achieve a
fast diffusion of the information. Since our approach is
based on contacts, it has been proven that the overhead
is greatly reduced.
8 CONCLUSIONS
This paper proposes CoCoWa as a collaborative contact-based
watchdog to reduce the time and improve the effectiveness
of detecting selfish nodes, reducing the harmful effect of
false positives, false negatives and malicious nodes.
CoCoWa is based on the diffusion of the known positive
and negative detections. When a contact occurs between
two collaborative nodes, the diffusion module transmits
and processes the positive (and negative) detections.
Analytical and experimental results show that CoCoWa
can reduce the overall detection time with respect to the
original detection time when no collaboration scheme is
used, with a reduced overhead (message cost). This reduc-
tion is very significant, ranging from 20 percent for very
low degree of collaboration to 99 percent for higher degrees
of collaboration. Regarding the overall precision we show
how by selecting a factor for the diffusion of negative detec-
tions the harmful impact of both false negatives and false
positives is diminished. Finally, using CoCoWa we can
reduce the effect of malicious or collusive nodes. If mali-
cious nodes spread false negatives or false positives in the
network CoCoWa is able to reduce the effect of these mali-
cious nodes quickly and effectively. Additionally, we have
shown that CoCoWa is also effective in opportunistic net-
works and DTNs, where contacts are sporadic and have
short durations, and where the effectiveness of using only
local watchdogs can be very limited.
In short, the combined effect of collaboration and reputa-
tion of our approach can reduce the detection time while
increasing the global accuracy using a moderate local preci-
sion watchdog.
ACKNOWLEDGMENTS
This work was partially supported by the Ministerio de Cien-
cia e Innovacion, Spain (grant TIN2011-27543-C03-01).
REFERENCES
[1] S. Abbas, M. Merabti, D. Llewellyn-Jones, and K. Kifayat,
“Lightweight sybil attack detection in manets,” IEEE Syst. J.,
vol. 7, no. 2, pp. 236–248, Jun. 2013.
[2] S. Bansal and M. Baker, “Observation-based cooperation enforce-
ment in ad hoc networks” arXiv:cs.NI/0307012, 2003.
[3] S. Buchegger and J.-Y. Le Boudee, “Self-policing mobile ad hoc
networks by reputation systems,” IEEE Commun. Mag., vol. 43,
no. 7, pp. 101–107, Jul. 2005.
[4] L. Buttyan and J.-P. Hubaux, “Enforcing service availability in
mobile ad-hoc WANs,” in Proc. 1st Annu. Workshop Mobile Ad Hoc
Netw. Comput., 2000, pp. 87–96.
[5] L. Buttyan and J.-P. Hubaux, “Stimulating cooperation in self-
organizing mobile ad hoc networks,” Mobile Netw. Appl., vol. 8,
pp. 579–592, 2003.
[6] H. Cai and D. Y. Eun, “Crossing over the bounded domain: From
exponential to power-law intermeeting time in mobile ad hoc
networks,” IEEE/ACM Trans. Netw., vol. 17, no. 5, pp. 1578–1591,
Oct. 2009.
[7] A. Chaintreau, P. Hui, J. Crowcroft, C. Diot, R. Gass, and J. Scott,
“Impact of human mobility on opportunistic forwarding algo-
rithms,” IEEE Trans. Mobile Comput., vol. 6, no. 6, pp. 606–620,
Jun. 2007.
[8] J. R. Douceur, “The sybil attack,” in Proc. Revised Papers 1st Int.
Workshop Peer-to-Peer Syst., 2002, pp. 251–260.
[9] S. Eidenbenz, G. Resta, and P. Santi, “The COMMIT protocol
for truthful and cost-efficient routing in ad hoc networks with
selfish nodes,” IEEE Trans. Mobile Comput., vol. 7, no. 1,
pp. 19–33, Jan. 2008.
[10] W. Gao, Q. Li, B. Zhao, and G. Cao, “Multicasting in delay tolerant
networks: A social network perspective,” in Proc. 10th ACM Int.
Symp. Mobile Ad Hoc Netw. Comput., 2009, pp. 299–308.
[11] R. Groenevelt, P. Nain, and G. Koole, “The message delay in
mobile ad hoc networks,” Perform. Eval., vol. 62, pp. 210–228,
Oct. 2005.
[12] E. Hernandez-Orallo, M. D. Serrat, J.-C. Cano, C. M. T. Calafate,
and P. Manzoni, “Improving selfish node detection in MANETs
using a collaborative watchdog,” IEEE Comm. Lett., vol. 16, no. 5,
pp. 642–645, May 2012.
[13] E. Hernandez-Orallo, M. D. Serrat Olmos, J.-C. Cano, C. T.
Calafate, and P. Manzoni, “Evaluation of collaborative selfish
node detection in MANETS and DTNs,” in Proc. 15th ACM Int.
Conf. Modeling, Anal. Simul. Wireless Mobile Syst., New York, NY,
USA, 2012, pp. 159–166.
1174 IEEE TRANSACTIONS ON MOBILE COMPUTING, VOL. 14, NO. 6, JUNE 2015
14. [14] M. Hollick, J. Schmitt, C. Seipl, and R. Steinmetz, “On the effect of
node misbehavior in ad hoc networks,” in Proc. IEEE Int. Conf.
Commun., 2004, pp. 3759–3763.
[15] J. Hortelano, J.-C. Cano, C. T. Calafate, M. de Leoni, P. Manzoni,
and M. Mecella, “Black hole attacks in p2p mobile networks dis-
covered through Bayesian filters,” in Proc. Int. Conf. Move Mean-
ingful Internet Syst., 2010, pp. 543–552.
[16] J. Hortelano, J. C. Ruiz, and P. Manzoni, “Evaluating the useful-
ness of watchdogs for intrusion detection in VANETs,” in Proc.
Int. Conf. Commun. Workshop, 2010, pp. 1–5.
[17] P. Hui, J. Crowcroft, and E. Yoneki, “Bubble rap: social-based for-
warding in delay tolerant networks,” in Proc. 9th ACM Int. Symp.
Mobile Ad Hoc Netw. Comput., 2008, pp. 241–250.
[18] T. Karagiannis, J.-Y. Le Boudec, and M. Vojnovic, “Power law and
exponential decay of inter contact times between mobile devices,”
in Proc. ACM Mobicom Annu. Int. Conf. Mobile Comput. Netw., 2007,
pp. 183–194.
[19] M. Karaliopoulos, “Assessing the vulnerability of DTN data
relaying schemes to node selfishness,” IEEE Commun. Lett.,
vol. 13, no. 12, pp. 923–925, Dec. 2009.
[20] F. Kargl, A. Klenk, S. Schlott, and M. Weber, “Advanced detection
of selfish or malicious nodes in ad hoc networks,” in Proc. 1st Eur.
Conf. Security Ad-Hoc Sens. Netw., 2004, pp. 152–165.
[21] F. Kargl, A. Klenk, M. Weber, and S. Schlott, “Sensors for detec-
tion of misbehaving nodes in MANETs,” in Proc. Detection Intru-
sions Malware Vulnerability Assessment, 2004, pp. 83–97.
[22] Q. Li, S. Zhu, and G. Cao, “Routing in socially selfish delay toler-
ant networks,” in Proc. IEEE Conf. Comput. Commun, 2010,
pp. 857–865.
[23] Y. Li, G. Su, D. Wu, D. Jin, L. Su, and L. Zeng, “The impact of node
selfishness on multicasting in delay tolerant networks,” IEEE
Trans. Veh. Technol., vol. 60, no. 5, pp. 2224–2238, Jun. 2011.
[24] M. Mahmoud and X. Shen, “ESIP: Secure incentive protocol
with limited use of public-key cryptography for multihop
wireless networks,” IEEE Trans. Mobile Comput., vol. 10, no. 7,
pp. 997–1010, Jul. 2011.
[25] S. Marti, T. J. Giuli, K. Lai, and M. Baker, “Mitigating routing mis-
behavior in mobile ad hoc networks,” in Proc. ACM Mobicom
Annu. Int. Conf. Mobile Comput. Netw., 2000, pp. 255–265.
[26] P. Michiardi and R. Molva, “CORE: A collaborative reputation
mechanism to enforce node cooperation in mobile ad hoc
networks,” in Proc. 6th Joint Working Conf. Commun. Multimedia
Secur., 2002, pp. 107–121.
[27] A. Passarella, and M. Conti, “Characterising aggregate inter-
contact times in heterogeneous opportunistic networks,” in Proc.
10th Int. IFIP TC 6 Conf. Netw., 2011, pp. 301–313.
[28] K. Paul and D. Westhoff, “Context aware detection of selfish
nodes in DSR based ad-hoc networks,” in Proc. IEEE Global Tele-
commun. Conf., 2002, pp. 178–182.
[29] M. D. Serrat-Olmos, E. Hernandez-Orallo, J.-C. Cano, C. T.
Calafate, and P. Manzoni, “A collaborative Bayesian watchdog for
detecting black holes in MANETs,” in Proc. 6th Int. Symp. Intell.
Distrib. Comput. VI, 2012, vol. 446, pp. 221–230.
[30] C. K. N. Shailender Gupta and C. Singla, “Impact of selfish node
concentration in MANETs,” Int. J. Wireless Mobile Netw., vol. 3,
no. 2, pp. 29–37, Apr. 2011.
[31] C. Toh, D. Kim, S. Oh, and H. Yoo, “The controversy of selfish
nodes in ad hoc networks,” in Proc. Adv. Commun. Technol.,
Feb. 2010, vol. 2, pp. 1087–1092.
[32] Y. Yoo, S. Ahn, and D. Agrawal, “A credit-payment scheme for
packet forwarding fairness in mobile ad hoc networks,” in Proc.
IEEE Int. Conf. Commun., May 2005, vol. 5, pp. 3005–3009.
[33] X. Zhang, G. Neglia, J. Kurose, and D. Towsley, “Performance
modeling of epidemic routing,” Comput. Netw., vol. 51, no. 10,
pp. 2867–2891, 2007.
[34] Y. Zhang, L. Lazos, and W. Kozma, “AMD: Audit-based misbe-
havior detection in wireless ad hoc networks,” IEEE Trans. Mobile
Comput., vol. PP, no. 99, 2012, http://doi.ieeecomputersociety.
org/10.1109/TMC.2012.257
[35] Y. Zhang, W. Lee, and Y.-A. Huang, “Intrusion detection techni-
ques for mobile wireless networks,” Wireless Netw., vol. 9, no. 5,
pp. 545–556, Sep. 2003.
[36] S. Zhong, J. Chen, and Y. Yang, “Sprite: A simple, cheat-proof,
credit-based system for mobile ad-hoc networks,” in Proc. IEEE
Conf. Comput. Commun., Mar. 2003, vol. 3, pp. 1987–1997.
[37] H. Zhu, L. Fu, G. Xue, Y. Zhu, M. Li, and L. M. Ni, “Recognizing
exponential inter-contact time in VANETs,” in Proc. IEEE Conf.
Comput. Commun., 2010, pp. 101–105.
Enrique Hernandez-Orallo received the MSc
and PhD degrees in computer science from
the Universitat Politecnica de Valencia (UPV),
Spain, in 1992 and 2001, respectively. He is
currently an associate professor in the Depart-
ment of Computer Engineering, Universitat
Politecnica de Valencia. From 1991-2005 he
was at several companies in real-time and
computer networks projects. His areas of inter-
est include distributed systems, performance
evaluation, and mobile and pervasive comput-
ing. He is a member of the IEEE.
Manuel David Serrat Olmos received the
degree in computer science in 1995 from the
UPV, the master’s degree in ITC Department
Managing from the Universidad Politecnica de
Madrid (UPM) in 2008, the MSc degree in
computer engineering, and the PhD degree in
computer science UPV, in 2011 and 2013,
respectively. He was with several institutions
and, nowadays, he is the ITC director at the
Valencia County Fire Department. He is a co-
author of about 10 journal and conference
papers, and author of one Linux book.
Juan-Carlos Cano received the MSc and the
PhD degrees in computer science from the Uni-
versitat Politecnica de Valencia (UPV), in 1994
and 2002, respectively. He is currently a full
professor in the Department of Computer Engi-
neering, Universitat Politecnica de Valencia,
Spain. From 1995-1997 he was a programming
analyst at IBM’s manufacturing division in
Valencia. His current research interests include
vehicular networks, mobile ad hoc networks, and
pervasive computing.
Carlos T. Calafate graduated with honors in
electrical and computer engineering from the
University of Oporto, Portugal, in 2001 and
received the PhD degree in computer engi-
neering from the Technical University of Valen-
cia in 2006, where he has worked since 2005.
He is currently an associate professor in the
Department of Computer Engineering, Univer-
sitat Politecnica de Valencia (UPV), Spain. His
research interests include mobile and perva-
sive computing, security and QoS on wireless
networks, as well as video coding and streaming.
Pietro Manzoni received the MS degree in com-
puter science from the Universita degli Studi,
Milan, Italy, in 1989, and the PhD degree in com-
puter science from the Politecnico di Milano, Italy,
in 1995. He is currently a full professor of com-
puter science at the Universitat Politecnica de
Valencia, Spain. His research activity is related to
mobile wireless data systems design, modelling,
and implementation. He is a member of the IEEE.
For more information on this or any other computing topic,
please visit our Digital Library at www.computer.org/publications/dlib.
HERNANDEZ-ORALLO ET AL.: COCOWA: A COLLABORATIVE CONTACT-BASED WATCHDOG FOR DETECTING SELFISH NODES 1175