Dealing with Selfish and Malicious Nodes in Ad Hoc Networks

1
Dealing with Selfish and Malicious Nodes in Ad
Hoc Networks
2
What are they?

• Selfish nodes
• ????
• Malicious nodes
• ?????,???

3
How likely are they to exist?
4
Watchdog and Pathrater

• Mitigating routing misbehavior in mobile Ad hoc
  networks, Mobcom00.

5
Watchdog and Pathrater

• Misbehaving nodes
• Selfish, malicious, overloaded, broken
• Basic idea identify misbehaving nodes and avoid
  them in routing.

6
Watchdog

• A scheme to identify misbehaving nodes
• On top of dynamic source routing
• Monitors next nodes transmission
• Tallies its misbehaviors
• Reports its misbehaving status when tally reaches
  a threshold
  

C
D
B
A
S
7
Pathrater
8
Watchdogs Weakness (1)

• Ambiguous collision while A is monitoring Bs
  forwarding, it hears a collision.
  
• Question has B forwarded the packet?

C
D
B
A
S
9
Watchdogs Weakness (2)

• Receiver collision a packet forwarded by B may
  collide at C.
  
• Problem a selfish B may choose to forward any
  packet only once?
  

C
D
B
A
S
10
Watchdogs Weakness (3)

• Partial dropping the watchdog reports
  misbehavior only if it reaches a threshold.
  
• Problem a selfish node may choose to drop
  packets at a safe rate?
  

11
Watchdogs Weakness (4)

• Collusion two or more nodes collude to cheat.
• Example C always drops packets, but B does not
  report it.

C
D
B
A
S
12
The Confidant Protocol

• Buchegger Boudec, Performance Analysis of the
  Confidant Protocol, Mobihoc02

13
The Self Gene (a book by Richard Dawkins)

• Three kinds of birds
• Sucker ?????
• Cheat ?????
• Grudger ?????
• In a population with 50 suckers and 50 cheats,
  both groups will lead to extinction.
  
• In a population with a majority of cheats and
  marginal groups of suckers and grudgers, only
  grudgers survive.

14
The Watchdog and Pathrater Scheme

• Basic idea identify misbehaving nodes and avoid
  them in routing.
  
• The scheme does not punish misbehaving nodes,
  whose packets get forwarded as usual.
  
• Two kinds of nodes suckers and cheats.

15
The Confidant Scheme

• Treat misbehaving nodes as cheats.
• Treat non-misbehaving nodes as grudgers, rather
  than suckers.
  
• Do not forward misbehaving nodes packets.

16
The Nuglet Scheme

• Buttyan and Hubaux, Stimulating cooperation in
  self-organizing mobile ad hoc networks, MONET
  2002.

17
Selfish nodes, malicious nodes

• Malicious nodes
• Hard to deal with
• Uncommon
• Selfish nodes
• Very common
• Easies to deal with
• Interested in their own interests.
• Consider selfish nodes first.

18
The Nuglet Scheme

• Nuglet counter a tamper-proof counter
• Can send a packet only if you have enough
  nuglets.
  

1
1
1
-3
19
Analysis of the Nuglet Scheme (1)

• What to analyze?
• Assuming each node is interested in maximizing
  the number of its own outgoing packets.
  
• Can send (BC)/(N1) own packets, if you forward
  (NB-C)/(N1) packets for others, where
  
• C initial number of nuglets
• B amount of battery (in terms of of packet
  transmissions)
  
• N cost of each outgoing packet

20
Analysis of the Nuglet Scheme (2)

• Four possible forwarding strategies
• If f
• unconditionally forward
• forward if c C, and forward with some
  probability if c C
  
• forward if c C
• forward with some probability if c C
• where c current nuglet count
• Which strategy is best for selfish nodes?

21
Analysis of the Nuglet Scheme (3)

• Best strategy in what sense?
• Ro rate of generating own packets
• Rf rate of incoming packets for forwarding
• Zo own packets sent / generated
• Selfish node wishes to maximize
• of own packets sent, i.e. (BC)/(N1)
• Zo
• Which strategy is best for selfish nodes?

22
Implementation Issues

• A security module containing the nuglet counter
  and some other functions.
  
• All outgoing packets must pass this module.
• Must be able to distinguish between own and
  others packets.
  
• Ensure it does forward others packets which have
  gone thru the security module.
  
• Cash on delivery
• Nuglet synchronization, mobility problem

23
The Sprite System

• Zhong Chen Yang, Sprite A Simple,
  Cheat-Proof, Credit-Based System for Mobile
  Ad-Hoc Networks, Infocom03

24
Sprite

• Dealing with only selfish nodes.
• An all-software solution no need for
  tamper-proof hardware.
  
• Credit based.
• Game theory based.

25
Architecture
26
Who Pays whom? And How much?

• The nuglet scheme
• Why?

1
1
1
-3
27
Who pays whom?

• Three options
• Sender
• Destination
• Both sender and destination

destination
sender
28
Who pays whom?

• Three options
• Each intermediate node
• Each intermediate node who ever forwards the
  message
  
• Each intermediate node who successfully forwards
  the message
  
• The next node should report to CCS on receiving
  the message
  

29
Payment scheme

• Has to deal with selfish nodes

30
Possible Cheating Actions

• After receiving a packet
• Reports a receipt, drops the packet
• Reports no receipt ( drops or forwards the
  packet)
  
• Receiving no packet
• Reports a receipt

To CCS
31
Objectives of Payment Scheme

• Motivating nodes to forward packets
• Motivating nodes to report receipts
• Preventing false receipts

32
Motivating nodes to forward packets

• ß 0

33
Motivating nodes to report receipts

• The sender pays

34
Preventing false receipts

• ? 1 if destination reports receipt of packet
• ? 1 otherwise

35
The Receipt-Submission Game (1)

• Players the nodes from sender to destination,
• Truth (Ti) each player either
• has received the packet or
• has not received the packet.

36
Game (2)

• Action (Ai) each player either
• reports a receipt to CCS, or
• does not report a receipt to CCS.
• Cost of action

37
Game (3)

• Payment as described earlier.
• Welfare (Utility)

38
Game (4)

• Strategy each player may
• tell the truth (Ai Ti), or
• cheat (Ai ? Ti).
• Optimal strategy for a player a strategy that
  brings the player the maximum welfare regardless
  other players strategies.
  
• Theorem Telling the truth is an optimal strategy
  if the destination does not cheat and

39
Game (5)

• Theorem Telling the truth is an optimal strategy
  if the destination does not cheat and
  
• Theorem Any group of colluding players cannot
  cheat to increase their total welfare.
  
• The game is cheat-proof.

40
Zen (?) Approaches
41
A Zen Approach (1)

• ????, ???? selfish nodes?
• ????????!

42
A Zen Approach (2)

• ????, ???? selfish nodes?
• ????,?????
• ???????!

43
A Zen Approach (3)

• ????, ???? selfish nodes?
• ????