Dealing with Selfish and Malicious Nodes in Ad Hoc Networks What are they? Selfish nodes – 損人利己 Malicious nodes – 損人不利己,白開心 How likely are they to exist? Watchdog and Pathrater “Mitigating routing misbehavior in mobile Ad hoc networks,” Mobcom’00. Watchdog and Pathrater Misbehaving nodes – Selfish, malicious, overloaded, broken Basic idea: identify misbehaving nodes and avoid them in routing. Watchdog A scheme to identify misbehaving nodes On top of dynamic source routing Monitors next node’s transmission Tallies its misbehaviors Reports its misbehaving status when tally reaches a threshold S A B C D Pathrater Watchdog’s Weakness (1) Ambiguous collision: while A is monitoring B’s forwarding, it hears a collision. Question: has B forwarded the packet? S A B C D Watchdog’s Weakness (2) Receiver collision: a packet forwarded by B may collide at C. Problem: a selfish B may choose to forward any packet only once? S A B C D Watchdog’s Weakness (3) Partial dropping: the watchdog reports misbehavior only if it reaches a threshold. Problem: a selfish node may choose to drop packets at a “safe” rate? Watchdog’s Weakness (4) Collusion: two or more nodes collude to cheat. Example: C always drops packets, but B does not report it. S A B C D The Confidant Protocol Buchegger & Boudec, “Performance Analysis of the Confidant Protocol,” Mobihoc’02 The Self Gene (a book by Richard Dawkins) Three kinds of birds: – – – Sucker 以德報怨者 Cheat 自私自利者 Grudger 禮尚往來者 In a population with 50% suckers and 50% cheats, both groups will lead to extinction. In a population with a majority of cheats and marginal groups of suckers and grudgers, only grudgers survive. The Watchdog and Pathrater Scheme Basic idea: identify misbehaving nodes and avoid them in routing. The scheme does not punish misbehaving nodes, whose packets get forwarded as usual. Two kinds of nodes: suckers and cheats. The Confidant Scheme Treat misbehaving nodes as cheats. Treat non-misbehaving nodes as grudgers, rather than suckers. Do not forward misbehaving nodes’ packets. The Nuglet Scheme Buttyan and Hubaux, “Stimulating cooperation in self-organizing mobile ad hoc networks,” MONET 2002. Selfish nodes, malicious nodes Malicious nodes – – Selfish nodes – – – Hard to deal with Uncommon Very common Easies to deal with Interested in their own interests. Consider selfish nodes first. The Nuglet Scheme Nuglet counter: a tamper-proof counter Can send a packet only if you have enough nuglets. +1 -3 +1 +1 Analysis of the Nuglet Scheme (1) What to analyze? Assuming each node is interested in maximizing the number of its own outgoing packets. Can send (B+C)/(N+1) own packets, if you forward (NB-C)/(N+1) packets for others, where – – – C: initial number of nuglets B: amount of battery (in terms of # of packet transmissions) N: cost of each outgoing packet Analysis of the Nuglet Scheme (2) Four possible forwarding strategies: If f < (NB-C)/(N+1) then unconditionally forward forward if c ≤ C, and forward with some probability if c > C forward if c ≤ C forward with some probability if c ≤ C where c = current nuglet count Which strategy is best for selfish nodes? Analysis of the Nuglet Scheme (3) Best strategy in what sense? Ro = rate of generating own packets Rf = rate of incoming packets for forwarding Zo = # own packets sent / # generated Selfish node wishes to maximize – – # of own packets sent, i.e. (B+C)/(N+1) Zo Which strategy is best for selfish nodes? Implementation Issues A security module containing the nuglet counter and some other functions. All outgoing packets must pass this module. Must be able to distinguish between own and others’ packets. Ensure it does forward others’ packets which have gone thru the security module. – – Cash on delivery Nuglet synchronization, mobility problem The Sprite System Zhong & Chen & Yang, “Sprite: A Simple, CheatProof, Credit-Based System for Mobile Ad-Hoc Networks,” Infocom’03 Sprite Dealing with only selfish nodes. An all-software solution; no need for tamperproof hardware. Credit based. Game theory based. Architecture Who Pays whom? And How much? The nuglet scheme +1 -3 Why? +1 +1 Who pays whom? Three options : Sender Destination Both sender and destination destination sender Who pays whom? Three options: Each intermediate node Each intermediate node who ever forwards the message Each intermediate node who successfully forwards the message – The next node should report to CCS on receiving the message Payment scheme Has to deal with selfish nodes Possible Cheating Actions After receiving a packet – – Reports a receipt, drops the packet Reports no receipt (& drops or forwards the packet) Receiving no packet – Reports a receipt To CCS Objectives of Payment Scheme Motivating nodes to forward packets Motivating nodes to report receipts Preventing false receipts Motivating nodes to forward packets β≥ 0 Motivating nodes to report receipts The sender pays Preventing false receipts γ= 1 if destination reports receipt of packet γ« 1 otherwise The Receipt-Submission Game (1) Players: the nodes from sender to destination, Truth (Ti): each player either – – has received the packet or has not received the packet. Game (2) Action (Ai): each player either – – reports a receipt to CCS, or does not report a receipt to CCS. Cost of action: Game (3) Payment: as described earlier. Welfare (Utility): Game (4) Strategy: each player may – – tell the truth (Ai = Ti), or cheat (Ai ≠ Ti). Optimal strategy for a player: a strategy that brings the player the maximum welfare regardless other players’ strategies. Theorem: Telling the truth is an optimal strategy if the destination does not cheat and Game (5) Theorem: Telling the truth is an optimal strategy if the destination does not cheat and Theorem: Any group of colluding players cannot cheat to increase their total welfare. The game is cheat-proof. Zen (禪) Approaches A Zen Approach (1) “敢問師父, 如何處理 selfish nodes?” “老僧這裡不用電腦!” A Zen Approach (2) “敢問師父, 如何處理 selfish nodes?” “至道無難,唯嫌擇揀。 老僧這裡不計較! ” A Zen Approach (3) “敢問師父, 如何處理 selfish nodes?” 師棒之。
© Copyright 2026 Paperzz