430 likes | 550 Views
Dealing with Selfish and Malicious Nodes in Ad Hoc Networks. What are they?. Selfish nodes 損人利己 Malicious nodes 損人 不 利己 ,白開心. How likely are they to exist?. Watchdog and Pathrater. “Mitigating routing misbehavior in mobile Ad hoc networks,” Mobcom’00. Watchdog and Pathrater.
E N D
What are they? • Selfish nodes • 損人利己 • Malicious nodes • 損人不利己,白開心
Watchdog and Pathrater “Mitigating routing misbehavior in mobile Ad hoc networks,” Mobcom’00.
Watchdog and Pathrater • Misbehaving nodes • Selfish, malicious, overloaded, broken • Basic idea: identify misbehaving nodes and avoid them in routing.
Watchdog • A scheme to identify misbehaving nodes • On top of dynamic source routing • Monitors next node’s transmission • Tallies its misbehaviors • Reports its misbehaving status when tally reaches a threshold C D B A S
Watchdog’s Weakness (1) • Ambiguous collision: while A is monitoring B’s forwarding, it hears a collision. • Question: has B forwarded the packet? C D B A S
Watchdog’s Weakness (2) • Receiver collision: a packet forwarded by B may collide at C. • Problem: a selfish B may choose to forward any packet only once? C D B A S
Watchdog’s Weakness (3) • Partial dropping: the watchdog reports misbehavior only if it reaches a threshold. • Problem: a selfish node may choose to drop packets at a “safe” rate?
Watchdog’s Weakness (4) • Collusion: two or more nodes collude to cheat. • Example: C always drops packets, but B does not report it. C D B A S
The Confidant Protocol Buchegger & Boudec, “Performance Analysis of the Confidant Protocol,” Mobihoc’02
The Self Gene(a book by Richard Dawkins) • Three kinds of birds: • Sucker 以德報怨者 • Cheat 自私自利者 • Grudger 禮尚往來者 • In a population with 50% suckers and 50% cheats, both groups will lead to extinction. • In a population with a majority of cheats and marginal groups of suckers and grudgers, only grudgers survive.
The Watchdog and Pathrater Scheme • Basic idea: identify misbehaving nodes and avoid them in routing. • The scheme does not punish misbehaving nodes, whose packets get forwarded as usual. • Two kinds of nodes: suckers and cheats.
The Confidant Scheme • Treat misbehaving nodes as cheats. • Treat non-misbehaving nodes as grudgers, rather than suckers. • Do not forward misbehaving nodes’ packets.
The Nuglet Scheme Buttyan and Hubaux, “Stimulating cooperation in self-organizing mobile ad hoc networks,” MONET 2002.
Selfish nodes, malicious nodes • Malicious nodes • Hard to deal with • Uncommon • Selfish nodes • Very common • Easies to deal with • Interested in their own interests. • Consider selfish nodes first.
The Nuglet Scheme • Nuglet counter: a tamper-proof counter • Can send a packet only if you have enough nuglets. +1 +1 +1 -3
Analysis of the Nuglet Scheme (1) • What to analyze? • Assuming each node is interested in maximizing the number of its own outgoing packets. • Can send (B+C)/(N+1) own packets, if you forward (NB-C)/(N+1) packets for others, where • C: initial number of nuglets • B: amount of battery (in terms of # of packet transmissions) • N: cost of each outgoing packet
Analysis of the Nuglet Scheme (2) Four possible forwarding strategies: If f < (NB-C)/(N+1) then • unconditionally forward • forward if c ≤ C, and forward with some probability if c > C • forward if c ≤ C • forward with some probability if c ≤ C where c = current nuglet count Which strategy is best for selfish nodes?
Analysis of the Nuglet Scheme (3) • Best strategy in what sense? • Ro = rate of generating own packets • Rf = rate of incoming packets for forwarding • Zo = # own packets sent / # generated • Selfish node wishes to maximize • # of own packets sent, i.e. (B+C)/(N+1) • Zo Which strategy is best for selfish nodes?
Implementation Issues • A security module containing the nuglet counter and some other functions. • All outgoing packets must pass this module. • Must be able to distinguish between own and others’ packets. • Ensure it does forward others’ packets which have gone thru the security module. • Cash on delivery • Nuglet synchronization, mobility problem
The Sprite System Zhong & Chen & Yang, “Sprite: A Simple, Cheat-Proof, Credit-Based System for Mobile Ad-Hoc Networks,” Infocom’03
Sprite • Dealing with only selfish nodes. • An all-software solution; no need for tamper-proof hardware. • Credit based. • Game theory based.
Who Pays whom? And How much? • The nuglet scheme • Why? +1 +1 +1 -3
Who pays whom? Three options : • Sender • Destination • Both sender and destination destination sender
Who pays whom? Three options: • Each intermediate node • Each intermediate node who ever forwards the message • Each intermediate node who successfully forwards the message • The next node should report to CCS on receiving the message
Payment scheme • Has to deal with selfish nodes
Possible Cheating Actions • After receiving a packet • Reports a receipt, drops the packet • Reports no receipt (& drops or forwards the packet) • Receiving no packet • Reports a receipt To CCS
Objectives of Payment Scheme • Motivating nodes to forward packets • Motivating nodes to report receipts • Preventing false receipts
Motivating nodes to report receipts • The sender pays
Preventing false receipts • γ= 1 if destination reports receipt of packet • γ« 1 otherwise
The Receipt-Submission Game (1) • Players: the nodes from sender to destination, • Truth (Ti): each player either • has received the packet or • has notreceived the packet.
Game (2) • Action (Ai): each player either • reports a receipt to CCS, or • does not report a receipt to CCS. • Cost of action:
Game (3) • Payment: as described earlier. • Welfare (Utility):
Game (4) • Strategy: each player may • tell the truth (Ai = Ti), or • cheat (Ai ≠ Ti). • Optimal strategy for a player: a strategy that brings the player the maximum welfare regardless other players’ strategies. • Theorem: Telling the truth is an optimal strategy if the destination does not cheat and
Game (5) • Theorem: Telling the truth is an optimal strategy if the destination does not cheat and • Theorem: Any group of colluding players cannot cheat to increase their total welfare. • The game is cheat-proof.
A Zen Approach (1) “敢問師父, 如何處理 selfish nodes?” “老僧這裡不用電腦!”
A Zen Approach (2) “敢問師父, 如何處理 selfish nodes?” “至道無難,唯嫌擇揀。 老僧這裡不計較! ”
A Zen Approach (3) “敢問師父, 如何處理selfish nodes?” 師棒之。