trust-based minimum cost opportunistic routing for ad hoc networks
TRANSCRIPT
T
Wa
b
a
ARRAA
KTTODC
1
slwaatmcciurtan
tn
0d
The Journal of Systems and Software 84 (2011) 2107– 2122
Contents lists available at ScienceDirect
The Journal of Systems and Software
jo u rn al hom epage: www.elsev ier .com/ locate / j ss
rust-based minimum cost opportunistic routing for Ad hoc networks
ang Boa,∗,1, Huang Chuanhea, Li Layuanb, Yang Wenzhonga
School of Computer, Wuhan University, Wuhan 430072, ChinaSchool of Computer, Wuhan University of Technology, Wuhan 430073, China
r t i c l e i n f o
rticle history:eceived 17 December 2010eceived in revised form 23 May 2011ccepted 23 May 2011vailable online 12 June 2011
ey words:rusted opportunistic forwarding modelrusted routing
a b s t r a c t
Recently, opportunistic routing has received much attention as a new design direction. It can exploitthe wireless broadcast and more highly reliable opportunistic forwarding, so as to substantially increasethe throughput of network. Due to dynamic topology, distributed collaboration, limited bandwidth andcomputing ability, the absence of enough physical protection in Ad hoc networks, opportunistic routingis vulnerable to attacks by malicious nodes. In order to alleviate the malicious behaviors, we incorporatethe concept of trust to Ad hoc networks, build a simple trust model to evaluate neighbors’ forwardingbehavior and apply this model to opportunistic routing for Ad hoc networks. A new trusted opportunisticforwarding model is proposed by choosing the trusted and highest priority candidate forwarder, then a
pportunistic routingegree of trustost of routing
trusted minimum cost routing algorithm (MCOR) is formally formulated, the correctness and effective-ness of this algorithm from theoretical analysis are also approved. Finally, MCOR algorithm is verified bysimulation using nsclick software and compared its performance with the classic protocols: ExOR, TAODVand Watchdog-DSR. The simulation results show that MCOR scheme can detect and mitigate node mis-behaviors. Furthermore, MCOR scheme outperforms the other protocols in terms of: throughput, delay,Expected ETX, security-gains and cost of routing.
. Introduction
Mobile Ad hoc networks (MANETs), are temporary autonomousystem, where mobile nodes communicate with each other by wire-ess link and multi-hop forwarding, while the network topology,
ireless channel and limited bandwidth are time-varying (Corsonnd Macker, 1999). Due to its flexibility, a MANET is attractive forpplications, such as disaster relief, emergency operations, mili-ary service, maritime communications, vehicle networks, casual
eetings, campus networks, robot networks, and so on. Similar toonventional fixed networks, security of the Ad hoc networks isonsidered from the attributes such as availability, confidential-ty, integrity, authentication, non-repudiation, access control andsage control (Zhou and Haas, 1999; Deng et al., 2002). But secu-ity approaches used for the fixed networks are not feasible due tohe salient characteristics of Ad hoc networks. New security mech-nisms are needed to adapt the special characteristics of Ad hocetworks.
Traditional MANET routing protocols assume that all nodes inhe network work in a benevolent and cooperative manner ando predefined trust exists between communication partners. This
∗ Corresponding author Tel.: +86 02787650460.E-mail address: [email protected] (W. Bo).
1 This paper has been published in part at WCNIS2010, Beijing, China, June 2010.
164-1212/$ – see front matter. Crown Copyright © 2011 Published by Elsevier Inc. All rioi:10.1016/j.jss.2011.05.043
Crown Copyright © 2011 Published by Elsevier Inc. All rights reserved.
may render the network vulnerable to malicious attacks in case ofthe presence of selfish and malicious nodes. Selfish nodes are thosewhich, in order to save their own batteries, do not propagate pack-ets from other nodes as perform protocol, while malicious nodesmay perform impersonation, fabrication or modification attacksagainst the network traffic (Zhou and Haas, 1999; Deng et al., 2002).Therefore, to design a routing that can defend malicious or selfishattacks and improve network performance is also one of challeng-ing issues in current research.
Recently, several research efforts were launched on opportunis-tic routing (Biswas and Morris, 2005; Zhong et al., 2006, 2007;Dubois-Ferriere et al., 2007; Zeng et al., 2007a,b, 2008, 2010; Rozneret al., 2009; Couto et al., 2003; Lu et al., 2009; Lu and Jie, 2009;Zhong and Nelakuditi, 2007; Chachulski et al., 2007; Cui et al., 2007;Sun et al., 2006; Theodorakopoulos and Baras, 2006; Peng et al.,2008; Luo et al., 2008; Li et al., 2008), which exploits the broadcastnature and spatial diversity of the wireless medium by involvingmultiple one-hop neighbors for packet forwarding. The increasein packet forwarding reliability improves throughput and energyefficiency. As well as, opportunistic routing can better deal withthe lossy, unreliable and varying link quality that is typical of wire-less networks. In particular, Biswas and Morris (2005) introduce the
novel ExOR protocol, by asking network nodes to opportunisticallyforward received data packets, they can achieve superior perfor-mance than the traditional deterministic forwarding. In Chachulskiet al. (2007) introduce the MORE opportunistic routing protocol toghts reserved.
2 ms and Software 84 (2011) 2107– 2122
anhhtwnhtPp2simifrlmwattonctp
(
(
(
wotaw
2
te
108 W. Bo et al. / The Journal of Syste
ddress issues in ExOR and achieve higher throughput in wirelessetworks. The adoption of such opportunistic routing protocols,owever, might lead to reduced network throughput when nodesave malicious behavior. To the best of our knowledge, we can seehat little research efforts were made to address the trust issuesith existing opportunistic routing and enhance the security ofetwork. Moreover, incorporating the concept of trust into MANETsas recently gained a large amount of attentions, including manyrust models (Sun et al., 2006; Theodorakopoulos and Baras, 2006;eng et al., 2008; Luo et al., 2008; Li et al., 2008) and secure routingrotocols (Zapata, 2002; Hu et al., 2002; Hu and Johnson Perring,002; Sanzgiri et al., 2005). In this paper, first of all, we build aimple trust model to evaluate the neighbors’ forwarding behav-or to select the trusted forwarding list, and illustrate the new
etric of cost of opportunistic routing taken the wireless link qual-ty into consideration. Then we propose a trusted opportunisticorwarding model which can be applied to existing opportunisticouting. In this model, we utilize the trusted neighbor forwardingist to determine the actual forwarder and select a trusted mini-
um cost route for secure and reliable forwarding packets. At last,e give a novel trusted minimum cost routing algorithm, termed
s MCOR, which is based on the proposed trust-based opportunis-ic forwarding model. In this algorithm, each node can monitorhe neighbors’ forwarding behavior correctly, and determine theptimal forwarder from the trusted forwarding list to mitigateode misbehavior. Moreover, each node can also select the leastost route to reduce the number of packet retransmissions duringhe secure packet forwarding stage. The main contributions of thisaper are as follows:
1) Based on existing researches on trust models, we also definetrust degree for each node according to the past interactivebehaviors, which is comprised of two parts: direct trust degreeof each node and recommendation trust degree by judging itssimilar recommendation ability. Moreover, we give the con-crete formulas on cost of trusted opportunistic routing, whichalso contains two components: fore link cost and remainingpath cost. Then, we define a simple effective forwarder selectionmechanism and propose a trusted opportunistic forwardingmodel to select the least cost trusted opportunistic routingamong all the potential trusted routes.
2) We design a trusted minimum cost routing algorithm and usetrust degree of next-hops to make an optimal routing choiceby choosing an effective forwarder from each trusted neigh-bor forwarding list, so as to improve the packet transmissionefficiency and alleviate the malicious attacks.
3) For further validity of algorithm mentioned above, we imple-ment this algorithm and conduct simulation extensively byusing NS2 and click modular router architecture (called nsclick).At last, we give the performance comparison with some classicrouting protocols in terms of some performance parameters.
The rest of this paper is organized as follows. In the next section,e summarize the related works. In Section 3, the detailed trusted
pportunistic forwarding model is given. In Section 4, we introducehe design detail of the routing algorithm of MCOR. Results andnalysis are shown in Section 5. Finally, conclusions and our futureork are presented in Section 6.
. Related work
In this section, we will go through the previous works on oppor-unistic routing, trust model and trusted routing schemes, in anffort to integrate the schemes to the following discussions.
Fig. 1. An example of opportunistic routing.
2.1. Benefits of opportunistic routing
The main idea of opportunistic routing (Biswas and Morris,2005; Ke et al., 2010) is that, instead of pre-selecting a single spe-cific node to be the next-hop forwarder for a packet, multiple nodescan potentially be served as the next-hop forwarders, that is, in theopportunistic routing mechanism, there are no specific conceptsof next-hop or next-hop node: once the current node transmitsa packet via a single-hop broadcast, all the candidate nodes thatreceive the packet successfully will determine which one or oneswould actually forward the packet according to some criteria, e.g.only the one that is closest to the destination will perform theforwarding while the rest will simply drop the packet even theyhave successfully received it. As a result, opportunistic routing cantake advantage of the potentially numerous, yet unreliable wire-less links in the network when they actually deliver. Usually, thebroadcast feature of wireless transmission is avoided. Owing to thebroadcast feature, when one node is transmitting, the nodes withinthe transmitting node’s carrier sensing range will not transmit orreceive at that time, which makes the bandwidth usage ratio ofwireless channel much lower than that of the wired network.
The most distinct character that opportunistic routing differsfrom traditional routing is that it exploits the broadcast nature ofwireless medium and defers the decision on forwarder nodes untilafter packet transmission. This can cope well with unreliable andunpredictable wireless links.
There are two main benefits in the opportunistic routing.First, opportunistic routing can combine multiple weak links
into one strong link. For example, in Fig. 1(a), considering the deliv-ery ratio between the source node S and the three intermediatenodes X, Y, and Z is 50% each, and the delivery ratio between theintermediate nodes to the destination node D is 100% each. Underthe traditional routing protocol, we have to pick one of the threeintermediate nodes as the best next-hop node. According to thedelivery ratio of each link, altogether we need 2 transmissionson average to send a packet from the node S to node X, and 1transmission from node X to the destination. In comparison, underopportunistic routing, we can treat the three intermediate nodes asone unit that cooperatively forwards the packet to the destination.The combined link has a success rate of 1 − (1 − 0.5)3 = 0.875. There-fore, on average only 1/0.875 = 1.14 transmissions are required todeliver one packet for at least one of the three intermediate nodes.Altogether it takes only 2.14 (1.14 + 1) transmissions to deliver thepacket.
Second, a traditional routing protocol has to trade off betweenlink quality and the amount of progress that each transmissionmakes. Consider the scenario in Fig. 1(b), where the best pathbetween the source and destination is S–1–2–3–D. Because of thedynamic and random nature of the wireless medium, some of thesource’s transmission may be directly received by node 3 or thedestination itself. A traditional routing protocol ignores these for-tunate transmissions and keeps trying to send these packets alongthe predetermined route. Opportunistic routing on the other hand
exploits these happy occurrences to skip some hops, reducing thenumber of transmissions and increasing the throughput.
ms and
2
oafta(mfiotai(sat(smiaocairctpigsictmtttcaii(aMtCaomtuetptsarotc
W. Bo et al. / The Journal of Syste
.2. Prior opportunistic routing protocols
Existing studies on opportunistic routing mainly concentraten protocol design. Some variants of opportunistic routing, suchs ExOR (Biswas and Morris, 2005) and opportunistic any-pathorwarding (Zhong et al., 2006), rely on the path cost informa-ion or global knowledge of the network to select candidatesnd prioritize them. In the least-cost opportunistic routing (LCOR)Dubois-Ferriere et al., 2007), depending on the cost definition, it
ay need to enumerate all the neighboring node combinations tond the best forwarding candidates, while in some common cases itnly introduces linear searching. The authors reveal several impor-ant properties of the local behavior of opportunistic routing, suchs the maximum expected packet advancement (EPA) is an increas-ng and concave function of the number of forwarding candidatesZeng et al., 2007a,b). SOAR (Rozner et al., 2009) limits the nodeelection to those who are close to the unicast shortest path tovoid routing diverging. The algorithms in Zhong et al. (2007) fil-er out the nodes with lower Expected Transmission Counts (ETX)Couto et al., 2003) to the destination than the source, and thenelect the nodes which maintain small Expected Anycast Trans-ission Counts (EAX) iteratively. In Lu et al. (2009), the authors
ntegrate the cost and stability into a network utility metric, anddopt the metric to evaluate the routing optimality in a unifiedpportunistic routing model, an efficient algorithm is designed, theentralized and distributed implementations are presented. In Lund Jie (2009), the authors use mathematical tools such as rout-ng algebra to analyze the compatibility of routing metrics andouting protocols so as to provide a guideline for routing proto-ol design. In Zeng et al. (2008), the authors conduct the study onhe impacts of multiple rates, interference, candidate selection andrioritization on the maximum end-to-end throughput or capac-
ty of opportunistic routing by constructing transmission conflictraphs. Similar to Couto et al. (2003), authors in Zhong et al. (2007)how that the routing metric used to select and prioritize forward-ng nodes is important. They develop a new routing metric, alsoalled EAX, to account for inter-candidate communication in oppor-unistic routing. In Zeng et al. (2007a,b), the authors propose a local
etric expected one-hop throughput (EOT) to balance the mediumime cost and expected packet advancement. In Zeng et al. (2010),he authors conduct their research on computing an end-to-endhroughput bound of opportunistic routing in multi-radio multi-hannel multi-hop wireless networks, solving the radio-channelssignment and transmission scheduling. Recently, there is a trendn integrating network coding techniques into opportunistic rout-ng (Chachulski et al., 2007; Cui et al., 2007). In Chachulski et al.2007), the authors adopt the random linear coding scheme tollow intermediate nodes to code the received packets, so that noAC layer acknowledgement scheduling is needed. However, con-
rolling of outgoing packets is a big challenge, and the authors inhachulski et al. (2007) fail to provide a convincing solution withn in-depth analysis. In Yan et al. (2010), the authors propose anpportunistic routing mechanism for real-time voice service. Thisechanism is based on the dynamic source routing (DSR) pro-
ocol with some modifications, the routing messages of DSR aresed to construct the forwarder list, which guides the data pack-ts forwarding process. However, little research efforts were madeo analyze to what extent these node misbehaviors can impact theerformance of Ad hoc networks under opportunistic routing quan-itatively. In this paper, we also focus on the selection of candidateet and the priority of each candidate under the idea of ExOR, andssume that the duplicate forwarding avoidance suppression can be
esolved by link layer coordination schemes. Moreover, the studyn opportunistic routing is less in formal analysis of routing cost. Inhis paper, we further propose an effective way of computing theost of opportunistic routing to illustrate its performance.Software 84 (2011) 2107– 2122 2109
2.3. Trust models
The current researches on the trust models in MANETs havebeen extensively performed for a wide range of applications inmany areas, such as peer-to-peer computing and e-commerce. Sunet al. (2006) propose a trust model based on entropy. The proposedmodel can capture the uncertainty of the message space itself andthus it is useful for estimating the uncertainty of the trust relation.But it is not a general mathematical model, and cannot preventthe false recommendations. Theodorakopoulos and Baras (2006×propose a semiring-based trust model. The proposed model canevaluate trust by using the path semiring and the distance semir-ing. It also has more dynamic adaptability, but its convergence isslow and cannot be adopted in large-scale networks. Peng et al.(2008) propose a trust model based on Bayesian theory. The modelassesses subjective trust of nodes through the Bayesian method,which makes it easy to obtain the subjective trust value amongnodes, but it cannot detect dishonest recommendations. Luo et al.(2008) propose a fuzzy trust recommendation framework, anddesign a recommendation algorithm based on collaborative filter-ing in MANETs. It considers recommendation trust, while it doesnot consider other factors, such as the time aging and the cer-tainty nature of trust. Li et al. (2008) describe the vulnerabilitiesof and possible attacks on existing trust model frameworks, andgive a new objective trust management framework to overcomethe malicious attacks. Omar et al. (2009) proposes a fully dis-tributed public key certificate management system based on trustgraphs and threshold cryptography. It permits users to issue pub-lic key certificates, and to perform authentication via certificates’chains without any centralized management or trusted authorities.Another public key infrastructure-based trust model (Millan et al.,2010) is promoted using a wider adoption of cross-certification.The authors describe the design, implementation and performancemeasurement of a cross-certification scenario to make sure thatthis trust model can run efficiently. The legality of nodes in networkcould be guaranteed by the certifications from certificate author-ity. ElSalamouny et al. (2009) also promote a hidden Markov trustmodel that represents principal behaviors, and focus on computa-tional trust frameworks based on the ‘beta’ probability distributionand the principle of exponential decay, and derive a precise ana-lytical formula for the estimation error they induce. In this paper,we present a simple trust model based on the concept of trustdegree and apply this model to opportunistic routing for MANETs.Our model builds, for each node, a trust relationship to all neigh-bors from direct trust degree and recommendation trust degreeperspectives. The direct trust can observe the neighbors’ behav-ior directly using acknowledgement ways. The recommendationsimprove the trust evaluation process for nodes that do not suc-ceed in observing their neighbors due to resource constraints orlink outages.
2.4. Trusted routing
Lately, there are many scholars contributing to the researcheson secure and trusted routing. They can be mainly classified intotwo categories: cryptographic technique and non-cryptographictechnique.
The cryptographic technique mainly focuses on traditionalsafety mechanisms called hard security strategy. These traditionalsafety mechanisms for providing confidentiality, authentication,and availability are not efficient in MANETs, where network nodeshave limited communication bandwidth, CPU cycles, memory, and
battery capacity. These traditional safety mechanisms come at thecost of computation complexity of encryption algorithms, mem-ory usage for storing security information, and network bandwidthfor key synchronization and certificate distribution and revoca-
2 ms and
t22tTawcrfc
aimnTtttfctaaPbomuoes
m
nts
3
d
Dw(o
3
etnooit
S −
110 W. Bo et al. / The Journal of Syste
ion. This category consists of classical routings as: SAODV (Zapata,002), ARIADNE (Hu et al., 2002), SEAD (Hu and Johnson Perring,002) and ARAN (Sanzgiri et al., 2005), and so on. Although thisechnique can resist many attacks (Rushing attacks, Sybil attacks,unneling attacks and DoS attacks (Zhou and Haas, 1999; Deng etl., 2002)), no solution has been proposed so far to secure the net-ork against an malicious attack in the distributed environment by
olluding malicious nodes or by discovering a trusted end-to-endoute. The hard security technology can hardly prevent any nodesrom malicious or selfish behavior. Further, it also cannot promoteooperation among nodes.
The other non-cryptographic technique is taken into accounts auxiliary way to assure the soft security of routing. The exist-ng solutions to this issue are proposed by incorporating trust
odel into routing strategy as: Watchdog and Pathrater mecha-ism (Marti et al., 2000), are two extensions to the DSR algorithm.he watchdog mechanism, based on promiscuous mode opera-ion of the nodes, has been the fundamental assumption in anyrust model. The pathrater mechanism uses the knowledge fromhe watchdog extension to choose a path that is most likely toorward data packets; Sprite (Zhong et al., 2003) is a simple,heat-proof, credit-based system for MANETs. Sprite uses credito provide incentives for mobile nodes to cooperate and reportctions honestly; CONFIDANT (Buchegger and Boudec, 2002) adds
trust manager and a reputation system to the Watchdog andathrater scheme. The trust manager evaluates the events reportedy the Watchdog (monitor in this case) and issues alarms to warnther nodes regarding malicious nodes. The alarm recipients areaintained in a friends-list, which is configured through a user-to-
ser authentication mechanism. In a word, although this techniquenly can resist one or several attacking behaviors, it shows higherffectiveness as performing. So, in this paper, we focus on the softecurity for further discussion.
Although there are numerous existing works applying the trustodel or trusted routing related approaches, as far as we know,
one of them utilize the trust mechanism to design a trusted oppor-unistic routing that will maximize the throughput and enhance theecurity of network. We give the idea of them in details as below.
. Trusted opportunistic forwarding model
In this section, for convenience of description, we give someefinitions for modeling network in the following:
efinition 1. Let G = (V,E) denote the topology of the network,hich is a directed graph with wireless nodes set V and link set E
communication links that join the nodes). |V| and |E| are numberf nodes and links, respectively.
.1. Trust model based on similarity
Trust (Sun et al., 2006; Theodorakopoulos and Baras, 2006; Pengt al., 2008; Luo et al., 2008) in entities is based on the fact thathe trusted entity will not act maliciously. In Ad hoc networks,odes that have never met before can communication with each
Tdnew(i, j) =
{1 − TF × Td
old(i, j)
1 − TF × (RF × S − PF × F) × Tdold
(i, j) + TF × (RF ×0
ther based on mutual trust relationship developed over a periodf time. In this context, trust has the following characteristics: its subjective (different nodes may have different perceptions ofhe same node’s trustworthiness), asymmetric (two nodes need not
Software 84 (2011) 2107– 2122
have similar trust in each other) and time dependent (it grows anddecays over a period of time and is based on previous similar experi-ences with the same party). In MANETs, a trust relationship formedfrom direct interactions can be characterized as direct trust; a trustrelationship or a potential trust relationship built from recommen-dations by a trusted node or a chain of trusted nodes, which createa trust path, is called indirect trust. Moreover, the use of recom-mendations can speed up the convergence of the trust evaluatingprocess. In this paper, the total trust relationship among nodesalso contains these two parts. In our trust model, passive acknowl-edgement (Pirzada et al., 2006) is used as the single observablefactor for assessing the node’s trustworthiness. Passive acknowl-edgement uses promiscuous mode to monitor neighbors’ behaviorsin the wireless radio channel, which allows a node to detect anytransmitted packet within its transmission range, irrelevant of theirdestinations. So, the direct trust degree of node i and its neighbornode j can be defined as:
Definition 2. Direct trust degree is used to indicate that node idirectly observes its neighbor node j with past direct interactionsperiodically.
Direct trust degree is introduced with multiple constraints: timeaging factor, reward factor and penalty factor. Similar to the humansociety, trust should fade with time variation. Moreover, the rewardfactor and the penalty factor are used to distinguish the impact ofsuccessful and failed interactions for the evaluation of trust. Thesuccessful interaction means the neighbor node not only trans-mits a packet to its all next-hops, but also forwards devotedly(correct modification if required). The failed interaction means theneighbor node does not forward correctly by launching black holeattacks, gray-hole attacks and modification attacks. The purposeof concerning the reward and penalty factor is to encourage coop-eration within a MANET by providing some measurements to thebenevolent and co-operating nodes. So, direct trust degree can becalculated as follows denoted by Td
new(i, j):
(s = 0, f = 0, Tdold
(i, j) > 0) PF × F) (s = 0 or f = 0, Td
old(i, j) > 0)
otherwise(1)
where 0 ≤ Tdnew(i, j) ≤ 1, TF is a time aging factor, which represents
that the trust fades with time during the time period �t, that is,TF = �t/(�t + 1). RF is a reward factor, which denotes the posi-tive impact for the trust in successful interactions during the timeperiod �t. PF is a penalty factor, which denotes the negative impactfor the trust in failure interactions during the time period �t. So, RFand PF satisfy the following conditions: 1 ≥ RF > PF ≥ 0, RF + PF =1. �t is the period between the current time and the time of lastinteraction between node i and node j (�t ≥ 0). s and f denotethe amount of successful and failed interactions during the timeperiod �t, respectively. S and F are the forwarding successful prob-ability and failed probability, respectively. Furthermore, S = s/(s + 1),F = f/(f + 1). �t, RF and PF can be determined according to the prac-tical requirement.
To avoid malicious nodes submitting dishonest recommenda-tions, or colluding with each other to raise their own trust, oraccusing non-malicious nodes of misbehaving, so we considercalculate the indirect trust relationship by recommendation mech-anism through other neighbor nodes. However, how to choosethe trusted recommendation information provided by the highertrusted neighbor nodes is an important problem. Here, we can con-sider from the similarity of recommendation neighbor nodes.
Definition 3. Similarity is referred as the level of similar judgingand recommendation ability between node i and node k to someneighbor node for their trust relationship.
W. Bo et al. / The Journal of Systems and Software 84 (2011) 2107– 2122 2111
st(f
s
cttt
innapnhtbmt
DoCnm
T
ST
unabdms(
t
Da
f
T
Table 1Different meanings of trust degree.
Level Trust degree value Meaning
1 (Tthreshold, 1] Trusted node
Fig. 2. Similar recommended trust degree.
When node i and k show the higher similarity, they will have theame opinion towards a node (such as u), that is, the two nodes havehe same recommendation ability for computation of trust degreesee Fig. 2). Here, let s(i,k) denote the similarity of node i and k, itsormula is as follows:
(i, k) =
∑u ∈ CN(i,k)
(Td(i, u) − Ti) × (Td(k, u) − Tk)√∑u ∈ CN(i,k)
(Td(i, u) − Ti)2 ×
√∑u ∈ CN(i,k)
(Td(k, u) − Tk)2
(2)
Obviously 0 ≤ s(i, k) ≤ 1. Where CN(1,k) denotes the number ofommon neighbor nodes for nodes i and k. Td(k,u) and Td(i,u) denotehe direct trust degree of node k, i to u, respectively. Ti and Tk denotehe average direct trust degree of node i and node k that are put onheir common neighbor nodes in CN(i,k), respectively.
From formula (2), we can calculate the similarity between node and its neighbor nodes. According to all the similarities betweenode i and its neighbor nodes, we select the m most similarearest-neighbors (the similarity between two nodes should satisfy
certain threshold �, we can choose appropriate � according to theractical application scenario, such as � ≥ 0.6. The m most similarearest-neighbors are sorted in descending order by similarity. Theigher of the similarity of neighbors, the more reliable and trustedhey give the recommendation information. So, the trust degreeetween node i and j can be computed indirectly by node i and the
most similar nearest-neighbors. That is, we can calculate indirectrust degree using the nodes’ similarity as below:
efinition 4. Indirect trust degree is used to represent the rec-mmendation trust degree by most similar nearest-neighbors.ombining the direct trust degree of most similar nearest-eighbors, we can be described the recommendation trust levelore reliably, truthfully and precisely.
We can achieve the formula of Tr(i,j) as:
r(i, j) =∑
k ∈ mTd(k, j) × s(i, k)∑k ∈ ms(i, k)
(3)
o, the formula (3) should satisfy the condition obviously: 0 ≤r(i, j) ≤ 1.
The neighbor nodes’ recommendations improve the trust eval-ation process for nodes that do not succeed in observing theireighbors due to resource constraints or link outages. The ability ofssessing the trust degree of each node using indirect trust degreey recommendations brings several advantages. First, a node canetect and isolate malicious behaviors, avoiding relay packets toalicious behaviors. Secondly, cooperation is also stimulated by
electing the neighbors with higher trust levels to relay packetssee Definition 8).
According to the definitions of direct trust degree and indirectrust degree, we give the total trust degree definition as follows:
efinition 5. Trust degree of node i and j denotes the sum of directnd indirect trust degree between the two nodes.
The trust degree T(i,j) between node i and j can be assessed asollows:
(i, j) = × Td(i, j) + × Tr(i, j) (4)
2 [0, Tthreshold] Malicious node3 0.5 Uncertain node
where 0 ≤ T(i,j) ≤ 1. and represent the corresponding weightingfactors for Td(i,j) and Tr(i,j) they can be determined by prac-tical situation ( + = 1). If the current situation of network isprone to estimate the direct trust, we can set up the condition:1 > > > 0. That is, during the initial phase of network, the inter-actions between nodes are not frequent, every node may not befamiliar with each other, the trust degree between nodes is deter-mined by direct trust degree, not considering indirect trust degree.So we can set = 1 and = 0. As each node understands each othergradually by normal forwarding behaviors, the trust relationshipbetween them will be formed by direct trust along with indirecttrust, the corresponding direct trust degree will be updated throughformula (1) according to its successful or failed forwarding behav-iors. The detailed algorithm is proposed in Section 4.
After each interaction, node i can monitor its neighbor nodes’forwarding behavior by passive acknowledgement. If so, the trustdegree between them increases. Otherwise, the trust degreedecreases. In our trust model, trust degree value is limited in acontinuous range from 0 to 1. The trust degree value of 0 denotescomplete distrust whereas the value of 1 represents absolute trust.If there is no interaction between two nodes, the initial trust degreevalue is set to 0.5 (uncertain node). That is, we adopt a neutral viewon unknown or uncertain node. A threshold Tthrehold of trust degreeis used to detect malicious nodes. Obviously, Tthrehold > 0.5. Here, thedifferent meanings of trust degree of nodes are listed in Table 1.
Each node rewards collaborative nodes for their benevolentbehaviors and punishes (isolates) malicious nodes for their mali-cious actions based on its personal interaction experiences. But howto design an incentive mechanism to punish and stimulate the mali-cious nodes to enhance their collaborative forwarding behavioractively is not considered in this paper. To improve the forward-ing security, nodes should interact with the trusted neighbor nodeswhose trust degree value is above the threshold Tthrehold.
3.2. Cost of trusted opportunistic routing
In the last section, each node can monitor its neighbor nodes’forwarding behavior to judge the trust degree of each node by usingthe trust model based on similarity, thus, malicious nodes can beisolated from the network, the other nodes are trusted node with-out existing the malicious attacks. Next, how to quantify the costof trusted opportunistic routing under the trusted network envi-ronment is a significant problem to us, on the other hand, howto choose and assign the priority of trusted forwarding list for agiven destination under trusted opportunistic routing also posesa challenge. In this section, we will try to give the solutions tothese challenges. For ease of presentation, we also give some for-mal definitions to illustrate the idea of cost of trusted opportunisticrouting.
Definition 6. Let hypergraph � = (V,ε) denote the topology of thenetwork, which is also composed of a set V of vertices or nodesand a set ε of hyperedges or hyperlinks. A hyperlink is an orderedpair (i,M(i)), where i ∈ V is a node and M(i) is a nonempty subset of
neighbors of i, each hyperlink (i,M(i)) ∈ ε.Definition 7. Trusted neighbor forwarding list represents a subsetof neighbors. These neighbor nodes in the list have the nearer cost
2 ms and
dh
tt
Dtn
tsiilotlo
3
ntdsnet
iitnwble
Dc
bJ
d
wl
p
wj
Drv
lda
C
112 W. Bo et al. / The Journal of Syste
istance to a fixed destination. In addition, these nodes also have aigher trusted degree, which is above the Tthrehold.
Let J(i) be the trusted neighbor forwarding list of node i, wherehe trust degree between node i and each node j(j ∈ J(i)) should meethe requirement: T(i,j) > Tthrehold. Moreover, J(i) ⊆ M(i).
efinition 8. Trusted forwarding list is used to indicate the set ofhe effective forwarding nodes, which are chosen from the trustedeighbor forwarding list of each next-hops.
Note: We distinguish the trusted neighbor forwarding list fromrusted forwarding list here. Trusted neighbor forwarding list is theet of the trusted neighbor candidate nodes, while trusted forward-ng list is constructed by the trusted neighbor forwarding list of eachntermediate node in the trusted route. Hence, trusted forwardingist is a subset of unions of all trusted neighbor forwarding list. Inther words, all the effective forwarder nodes selected from eachrusted neighbor forwarding list form the final trusted forwardingist, so as to provide the basis for establish the least cost trustedpportunistic routing.
.2.1. Cost of trusted routeUnder the main idea of opportunistic routing, with the broadcast
ature of wireless medium, a packet may be forwarded accordingo a number of different trusted routes from a source node to aestination node. The trusted opportunistic routing can be repre-ented as the union of all possible trusted routes between a sourceode and a destination node based on a given assignment of J(i) atach node. Therefore, we first should give the solution to quantifyhe cost of each trusted route.
Due to the channel interference of wireless link in network, its necessary to estimate the link quality in next sections. Accord-ng to reference Couto et al. (2003), the ETX metric measureshe expected number of transmissions, including retransmissions,eeded to send a packet across a link. The derivation of ETX startsith measurements of the underlying packet loss probability in
oth the forward and reverse directions. Therefore, we can calcu-ate the packet delivery probability of each link. Here, the cost ofach link of hyperlink (i,J(i)) can be extended by ETX as follows:
efinition 9. Fore link cost is denoted by expected transmissionount of each link (i,J(i)).
Let di,J(i) denote the fore link cost of each link (i,J(i)), the di,J(i)ecomes the expected number of transmissions until any node in
(i) receives the packet. Its expression is:
i,J(i) = 1pi,J(i)
(6)
here Pi,J(i) is the probability that a packet from i is received by ateast one node in J(i):
i,J(i) = 1 −∏
j ∈ J(i)(1 − pi,j) (7)
here Pi,j is the probability that a packet from i is received by node.
efinition 10. The cost of a trusted route in trusted opportunisticouting is sum of the fore link cost of hyperlink to a fixed destinationia each intermediate node.
All existing trusted routes from node s to d can be denoted by R,et r = {s, n1, n2,. . .,nk, d} be a trusted route in R, {s, n1, n2, ..., nk, d}enotes the trusted forwarding list of r, (s, n1), (n1, n2),. . .,(nk, d)
re links. The cost of r relative to R is denoted by Cr:r =∑i ∈ r
di,j(i) = ds,j(s) + . . . + dnk,J(nk) (8)
Software 84 (2011) 2107– 2122
From Definition 10, it is important to emphasize that the cost oftrusted route r depends on the R (that it traverses the actual net-work), because each consecutive fore link cost di,J(i) relies on thetrusted neighbor forwarding list J(i) and the actual effective for-warder in J(i). That is, each different node chosen from the sameJ(i) can establish a different trusted route due to the transmis-sion diversity. So, the different trusted routes together form trustedopportunistic route.
3.2.2. Cost of trusted opportunistic routeFrom before-mentioned of discussions, we only consider how
to compute the cost of a trusted route. There are multiple possibletrusted routes to construct a trusted opportunistic route. More-over, the trusted route r (see Definition 10) may suffer from theinfluences as: interference of wireless channel, dynamic topologyand remaining energy consumption of each node, etc. The r can bechosen for packet forwarding with a certain probability denotedby p(r). Due to the broadcast nature of wireless network, after eachnode receives a packet, it can forwarding this packet to all node intrusted neighbor forwarding list, so it can generate the |R| size oftrusted routes from node s to d. we give the definition of trustedopportunistic route’ cost as:
Definition 11. The cost of trusted opportunistic route is the sumof cost of all existing trust routes (each trusted route emerges witha certain probability across the network) as:
COR(R) =∑
r ∈ Rp(r) × Cr (9)
The cost of all r routes in the network is represented by COR(R). p(r)is estimated by a number of factors, such as the non-deterministicoutcome of link-layer transmissions, decisions made by link-andnetwork-layer protocol mechanisms and the topology of the net-work. These can be determined through the practical conditions ofthe network. In this paper, for the sake of analysis, we assume thatthe p(r) of all routes in R is set to be 1.
From the above definitions, we only give the solution to the costof trusted opportunistic routing based on the cost of each trustedroute. Here, we further extend the idea of Definition 11: a sourcenode s send a packet, each node in J(s) receives the packet, the costof each link of its s, J(s) can be computed by definition 9, but how toquantify the remaining cost of each node in J(s) to the destination d?If this problem is solved, we can further get a general and concreteformula for trusted opportunistic route to extend the definition 11.Similar to Definition 9, we derive the definition of remaining pathcost as:
Definition 12. Remaining path cost is used as the expected costto reach the destination from each node in J(s). In other words, it isdefined as a weighted average of the cost distance of nodes in J(s).
Here, in the following sections, for simplicity of describing thealgorithm, the cost distance and the cost of trusted opportunis-tic route can be used interchangeably, especially in designing theeffective forwarders selection mechanism.
In brief, trusted opportunistic route’s cost Ds from node s todestination node d is divided into two parts: fore link cost ds,J(s)between s and J(s) as well as remaining path cost Rs,J(s) from J(s) tod (see Fig. 3). That is
Ds = ds,J(s) + Rs,J(s) (10)
The remaining path cost Rs,J(s) of node s can be calculated as:
Rs,J(s) =∑
wj × Dj (11)
j ∈ J(s)
where∑
j ∈ J(s)wj = 1, the weight wj is the probability of nodej being the forwarding node. Let J(s) = {1, 2, . . . , n} with the fol-
W. Bo et al. / The Journal of Systems and
ljtr
p
w
Ftdtbt
(
(
3
wmattcdttoptpccap
Fig. 3. Trusted opportunistic route cost from s to d.
owing priorities of cost distance to d: D1 ≤ D2 ≤ ... ≤ Dn. Node (1 ≤ j ≤ n) will be the forwarding node only when it receiveshe packet and none of the other nodes nearer to the destinationeceives it, which happens with probability as:
j(1 − pj−1)(1 − pj−2) . . . (1 − p1)
Moreover, the weight wj is then defined as:
j = pj
∏j−1k=1(1 − pk)
1 −∏
j ∈ J(i)1 − pj(12)
rom formula (12), we can see that each node in J(s) has a cer-ain probability to be the forwarding node. This probability mainlyepends on the corresponding cost distance to d. That is, the lowerhe cost distance to d, the higher its corresponding probability toe the forwarding node. Here, there are two cases for considerationo analyze:
1) All link delivery probabilities are equal to some p, the remainingpath cost Rs,J(s) can be computed as:
Rs,J(s) = p
1 − (1 − p)n
n∑j=1
(1 − p)j−1Dj (13)
2) Every link of delivery probability between s and each node ofJ(s) is not always equal, let ps,k denote the probability of s andk. Assuming that the nodes in J(s) are sorted by their cost dis-tance to the destination, i.e., that D1 ≤ D2 ≤ ... ≤ Dn, then theremaining path cost is:
Rs,J(s) = 11 −
∏k ∈ J(s)(1 − ps,k)
(ps,1D1 +n∑
j=2
ps,jDj(
j−1∏k=1
(1 − ps,k))
(14)
.3. Effective forwarders selection mechanism
In trusted opportunistic routing, there are practical and generalays to consider: On the one hand, each node can compute the opti-al trusted forwarding list that can be used at each node to reach
given destination; On the other hand, each node can prioritizehese forwarders from the trusted neighbor forwarding list in ordero optimally select the effective forwarding node when multipleandidates have received a packet. The optimal selection of candi-ate forwarders must take into account the following tradeoff: Onhe one hand, taking many candidate forwarders often decreaseshe forwarding cost (i.e., the cost to send any of the candidates);n the other hand, each neighbor node does not make as muchrogress as the next hop in the least trusted route to the destina-ion. Therefore, exploiting too many candidates may increase theossibility of packet removing from the least route. Here, we uses
ost distance from node i to d as metric to determine the optimalandidate forwarder from its trusted neighbor forwarding list J(i)nd assign the priority of each node in its list. However, in thisart, we should satisfy the precondition that: the selected nodes inSoftware 84 (2011) 2107– 2122 2113
the trusted neighbor forwarding list are trusted (its trust degree isabove the Tthreshold) by computing their trust degree in Section 3.1,so as to refuse and insulate the malicious node joining in the list.
How to choose an optimal forwarder from J(i) for effectivepacket forwarding is the most important. Assuming that each nodein J(i) has a cost distance to a fixed destination node using for-mula (10). A simple candidate forwarders selection mechanism isdescribed as follows: as the node i transmits a packet. If only onenode in J(i) receives the packet, that node is used as the forwarder.If multiple neighbor nodes in J(i) receive the packet, then the neigh-bor node with lowest cost distance to reach destination is assigneda higher priority, the higher priority the node has, the earlier it isselected as the forwarder. However, if the highest priority nodedoes not forward the packet, the suboptimal node is suitable to bethe effective forwarder from J(i) similarly by coordination mecha-nism proposed in Biswas and Morris (2005) and Chachulski et al.(2007). Moreover, if the packet is not received by any node in J(i),the sender i retransmits this packet so as to improve the reliabilityof packet forwarding and boost the throughput of network.
3.4. Trusted opportunistic forwarding model
In this section, we propose a trusted opportunistic forwardingmodel through choosing the optimal forwarder from its trustedneighbor forwarding list. This idea not only ensures that each nodecan select a trusted minimum cost route among all potential trustedroutes, but also it can select more trusted neighbor nodes to be theoptimal forwarder, so as to avoid the malicious nodes joining theforwarding list and mitigate the malicious attack. According to thescheme of trust model, the cost of trusted opportunistic routingand candidate forwarders selection mechanism, we give the trustedopportunistic forwarding model as:
Min∀rCOR(R)
where each node in Jr ∈ R(i) of each node i under an existing trustedroute r does not comprise malicious nodes. Furthermore, the nodeonly with the higher trust degree and lower cost distance to reachthe destination in Jr ∈ R(i) is selected as the effective forwarder (seeSection 3.3).
Based on above analysis, the objective function means to estab-lish a least cost trusted opportunistic route, that is, the least costtrusted opportunistic route from a source node to a destinationnode is the trusted route with the minimal cost. Moreover, the con-straints of this model are required to meet the following conditions:(1) each node in the least trusted opportunistic route is trusted; (2)each node chosen from the corresponding trusted neighbor for-warding list should be the optimal forwarding node, that is, theoptimal node is the best suited to be the effective forwarder.
Note: as the COR(R) gains a least cost of trusted route, trustedforwarding list can be formed by selecting the effective forward-ing nodes from the corresponding trust neighbor forwarding list inCOR(R).
In the following, we give some properties of the proposed modelfor further discussions.
Theorem 1. Given a trusted node i with J(i) and the cost distance Dito reach destination d from i. Let k ∈ N(i) − J(i) be a trusted neighborof i that is not in J(i), and for which Dk ≥ Di and T(i,k) > Tthreshold. Ifnode k is added in J(i), J(i) can be updated as: J′(i) = J(i) ∪ {k}, then
di,J′(i) + Ri,J′(i) ≥ di,J(i) + Ri,J(i)
Proof. For the convenience of proving, we assume that there aretwo trusted nodes (m, n) in J(i) and all link delivery probabilitiesare equal to some p. In the meanwhile, the cost distance from nodei to d can be derived by formula (10), that is,
2 ms and
D
bf
D
s
s
D
b
× Dk
1 +
× p ×
S
ecf
Cc
D
Poc
D
tc
FaL
j.
114 W. Bo et al. / The Journal of Syste
i = di,J(i) + Ri,J(i) = 1
1 − (1 − p)2+ 1
1 − (1 − p)2(p × Dm + (1 − p)
× p × Dn) = 1 + (p × Dm + (1 − p) × p × Dn)
1 − (1 − p)2
If a new trusted neighbor node k is added in J(i), the J(i) cane updated with J′(i) as: J′(i) = {m, n, k}, then the corresponding Dirom node i to d can be rewritten as denoted by D′
i:
′i = di,J′(i) + Ri,J′(i)
= 1 + (p × Dm + (1 − p) × p × Dn + (1 − p)2 × p × Dk)
1 − (1 − p)3
By comparing Di with D′i, we can derive the following expres-
ion:
D′i
Di= 1 − (1 − p)2
1 − (1 − p)3
×1 + (p × Dm + (1 − p) × p × Dn + (1 − p)2 × p × Dk)1 + p × Dm + (1 − p) × p × Dn
Due to the assumed condition Dk ≥ Di, we can change the tran-itional in equation as:
k ≤ 1 + (p × Dm + (1 − p) × p × Dn)
1 − (1 − p)2
According to the mentioned above in equations, the (D′i/Di) can
e inverted as:
D′i
Di= 1 − (1 − p)2
1 − (1 − p)3× 1 + (p × Dm + (1 − p) × p × Dn + (1 − p)2 × p
1 + p × Dm + (1 − p) × p × Dn
≥ 1 − (1 − p)2
1 − (1 − p)3×
1 + p × Dm + (1 − p) × p × Dn + (1 − p)2 × p ×
1 + p × Dm + (1 − p)
= 1 − (1 − p)2
1 − (1 − p)3× (1+
p(1 − p)2
1 − (1 − p)2)
= 1 − (1 − p)2+p(1 − p)2
1 − (1 − p)3= 1 − (1 − p)3
1 − (1 − p)3= 1.
o, D′i≥ Di.
Without loss of generality, the process of proving can bextended in the different delivery probabilities of each link, theonclusion still holds.Note: Theorem 1 shows that the cost distancerom i to d will be increased as J(i) adds a new trusted neighbor node.
orollary 1. If node m is one of nodes in J(i), Dm be the minimalost distance from node m to destination node d, then
i ≥ Dm
roof. Firstly, the exceptional case will be considered: If there isnly one node m in J(i), namely, J(i) = {m}, the corresponding Di isalculated as:
i = di,J(i) + Ri,J(i) = 1pi,m
+ Dm ≥ Dm
Clearly, the conclusion holds. This case is very simple and similaro the calculation the cost of traditional routing, which is a specialase of opportunistic routing.
Next, we will prove extendedly by mathematical induction.or convenience of description, similar to Theorem 1, we alsossume that all link delivery probabilities are equal to some p.et J(i) = {1, 2, . . . , m . . . , k} with each node cost distance to d as:
Software 84 (2011) 2107– 2122
)
(p × Dm + (1 − p) × p × Dn)
1 − (1 − p)2
Dn
D1, D2, . . . , Dm, . . . , Dk. Here, Dm = minm≤k
{D1, D2, . . . , Dk}. First of all,
supposing that Di ≥ Dm, the conclusion holds.If a trusted neighbor node k + 1 is added in J(i), the corresponding
J(i) is updated as: J′(i) = J(i) ∪ {k + 1}, so assuring Dm ≤ Dk+1. In themeanwhile, D′
ican be rewritten as:
D′i = di,J′(i) + Ri,J′(i) = 1
1 − (1 − p)k+1+ p
1 − (1 − p)k+1
k+1∑j=1
(1 − p)j−1D
Now, we can derive the following equation:
D′i − Dm = 1
1 − (1 − p)k+1+ p
1 − (1 − p)k+1
k+1∑j=1
(1 − p)j−1Dj − Dm
=1 + p
∑k+1j=1 (1 − p)j−1Dj−(1−(1−p)k+1)×Dm
1 − (1 − p)k+1.
Moreover, due to the equation of Di = (1/1 − (1 − p)k) + (p/1 −(1 − p)k)
∑kj=1(1 − p)j−1Dj we simplify the equation as:
Di =1+p
∑kj=1(1 − p)j−1Dj
1 − (1 − p)k.
The conversion of D′i− Dm can be expressed as:
D′i− Dm = (1 − (1 − p)k)Di + p(1 − p)kDk+1 − (1 − (1 − p)k+1)Dm
1 − (1 − p)k+1
≥ (1 − (1 − p)k)Dm + p(1 − p)kDk+1 − (1 − (1 − p)k+1)Dm
1 − (1 − p)k+1
= p(1 − p)kDk+1 − ((1 − p)k − (1 − p)k+1)Dm
1 − (1 − p)k+1
= p(1 − p)k(Dk+1 − Dm)
1 − (1 − p)k+1≥ 0.
Due to Dk+1 ≥ Dm, so D′i≥ Dm. The cost of a new trusted oppor-
tunistic route D′i
from i to d is still bigger than that of the minimalcost distance Dm of all nodes in J(i). The assumed conclusion holds.Namely, as a new trusted node k + 1 joining in J(i), the cost of derivednew trusted opportunistic route shows slightly higher than theminimum cost of trusted route.
Theorem 2. If r be the minimum cost trusted opportunistic route(least cost distance) from node i to d, then any intermediate nodedenoted by m in r to d constructing the sub-route called rm (rm ∈ r)is also a minimum cost trusted opportunistic route.
W. Bo et al. / The Journal of Systems and Software 84 (2011) 2107– 2122 2115
Initialization of Trust
Relat ion ship
Trust
Recommendat ion
Trust
Computation and Judging
Trust
Updating
Truste d Opportunist ic Forward ing Model
Trusted Nei ghbor Forward ing List Truste d Mini mum Cost OR (MCOR)
ewor
PdSodc
i
oonm
4
at(t
Fig. 4. Fram
roof. We can prove this by contradiction. Supposing that r′m
enotes the minimum cost route from node m to d, namely, rm > r′m.
o, the cost of new formed route from node i to d, which consistsf the route r′
m from m to d is also minimal. However, this contra-icts the assumption that rm is the least cost route. Therefore, theonclusion is true.
Note: It is very clear that an optimal opportunistic route alsoncludes an optimal sub-opportunistic route.
To illustrate the constructing process of trusted minimum costpportunistic routing in details, we give the formal descriptionsf routing algorithm, as well as assessing trust degree betweenodes based on the aforementioned ideas, and then explain theechanism of algorithm using an example.
. MCOR routing algorithm
Due to the unique characteristics of Ad hoc networks, we devise
distributed algorithm to elaborate on the idea of trusted oppor-unistic forwarding model and also give a framework of this modelsee Fig. 4). In Fig. 4, the framework mainly consists of three parts:rust management, trusted opportunistic forwarding model andAlgorithm 1: Calculating TrustDegree (i,j) 1 //Initializing and computing the trust deg2 Node i collects related neighbor nodes’ i
topology; 3 From the neighbor table and historical innode i can calculate the direct trust degree;
4 If (no interactions between i and its nei then
5 The trust degree of node i and j is degree as:
( , ) ( , ) 0.5dT i j T i j ;6 The direct trust degree and the curre
neighbor nodes’ table; 7 Else if (existing interactions between i 8 Updating DirectT rustDegree (i, j); 9 The direct trust degree and the curre
neighbor nodes’ table;10 Node i judges the similar direct trus
towards j by using formula (2), howevecondition: 0.6 ;
11 By using formula (3), node i compuits neighbor j;
12 The total trust degree of node i and 13 Else 14 ( , ) 0T i j ;15 End if 16 return ( , )T i j ;
Fig. 5. Formal description of Calcu
k of MCOR.
trusted minimum cost opportunistic routing. The upper layer of theframework called trust management mainly involve these compo-nents as: initialization of trust relationship, trust recommendation,trust computation and trust judgment, as well as trust updating.These components can evaluate the trust degree of each node effec-tively. The upper layer is indispensable to trust management inTheodorakopoulos and Baras (2006), Peng et al. (2008) and Luoet al. (2008). Moreover, the framework provides a complete mecha-nism to detect and isolate malicious behaviors, as well as preparingfor constructing the trusted neighbor forwarding list. The middlelayer of the framework called trusted opportunistic forwardingmodel conducts the opportunistic forwarding process with oppor-tunistic routing by online selecting the effective forwarder havingthe least cost distance to destination from trusted neighbor for-warding list. The bottom layer of framework contains the trustedforwarding list and trusted minimum cost opportunistic routingto optimize the above mentioned modeling. We assume that: thelink between two nodes is bidirectional, all link delivery probabil-
ities can be evaluated by sending probe packets in the T period.Each node places itself in promiscuous mode after the transmis-sion by any packet so as to overhear the retransmission by theforwarding node. Moreover, a node can also monitor the forwardingree between node i and its neighbor j.nformation to construct the local
teractions with its neighbor nodes,
ghbor j)
initialized by using the direct trust
nt time are stored in the local
and its neighbor j) then
nt time also are stored in the local
t degree ability with its neighborsr, the similarity should satisfy the
tes the indirect trust degree with
j is calculated using formula (4);
latingTrustDegree algorithm.
2116 W. Bo et al. / The Journal of Systems and Software 84 (2011) 2107– 2122
Algorithm 2: Updating DirectTrustDegree (i,j) 1 //Updating the direct trust degree between node i and its neighbor node j.2 According to current situation, node i judges the link connectivity with its
neighbor j;3 Node i obtains the related informatio n (the old direct trust degree, last storage
time, s and f ,et c.) from its local information table; 4 If (existing link connectivity between i and j && ( , ) 0d
oldT i j )then
5 ( , )dnewT i j can be updated using formula (1);
6 Else if (existing link connectivity between i an d j && ( , ) 0doldT i j )
then ( , ) 0d
newT i j ; 7 Else
Node i sends HELLO probe packets to collect its neighbors’ informationin the T period for trust degree updating;
8 End if9 return ( , )d
newT i j ;
Fig. 6. Formal description of UpdatingDirectTrustDegree algorithm.
Algorithm 3: Filtering NeighborMNodes (G,i) 1 For each edge (i,j) in E2 Do
3 If (Calculating TrustDegree (i,j) thresholdT ) then4 ( , )E E edge i j ; 5 { }V V j ; 6 End if7 End for
bND
tpfcinac
Fig. 7. Formal description of Filtering NeighborMNodes algorithm.
ehavior of its neighbor by using passive acknowledgement mode.ow, the formal algorithms of Calculating TrustDegree and UpdatingirectTrustDegree are showed in Figs. 5 and 6, respectively.
The algorithm of MCOR is depicted in detail in Fig. 8. A Fil-ering NeighborMNodes(G,i) algorithm (see Fig. 7) is designed byreventing the malicious nodes being added in its trusted neighbororwarding list and deleting the corresponding link with the mali-ious nodes. The algorithm of Minimum-cost OR (G,d) describes thedea of obtaining any node’s minimum cost route to a given desti-
ation node d in G. The function EXTRACT-LEAST-COST indicates thatnode having minimal cost distance to d can be selected from theurrent forwarding node sets. In addition, we also keep a trusted
Algorithm 4: Minimum-cost OR (G,d) 1 For each node i in V2 Do Filtering NeighborMNodes (G,i)3 iD ;
4 iF ; 5 End for6 0dD ;
7 0S ; 8 Q V ;
9 While Q10 Do j EXTRACT-LEAST-COS T(Q);
11 { }S S j ; 12 For each edge (i,j) in E13 Do { }iJ F j ;
14 If ( i jD D ) then ,i i J JD d D ;
15 iF J ; 16 End if17 End for18 End while
Fig. 8. Formal description of Minimum-cost OR algorithm.
Fig. 9. An example of a loop existing in network.
forwarding list Fi for each node i, which stores the set of nodes usedas the next hops to d. Let S store denote the set of nodes for which wealready have a least cost opportunistic route. Q is a priority queue,which each node still does not have a least cost opportunistic routedenoted by their Di. The algorithm is described in detail in Fig. 8.
4.1. Correctness analysis of MCOR algorithm
Theorem 3. The algorithm ensures that it is loop-free.
Proof. We also prove this by contradiction. We assume that thenetwork has at least one loop. Let (i, j, k, . . . , l, i) be the loop, more-over, every node in this loop is also trusted (see Fig. 9).
Because the loop (i, j, k, . . . , l, i) is directed, each node in theloop has the corresponding minimal cost distance to node d withD∗
i, D∗
j, D∗
k, D∗
l. Clearly, we obtain the following inequality from
Theorem 1: D∗i
> D∗j
> D∗k
> D∗l. As node i obtains the cost of its
route to d, every node in J(i) has influence on its cost computation.However, due to D∗
i> D∗
j, if we delete node i in J(i) then D∗
ican be
updated with D∗′i
, that is, we can draw the inequality as: D∗′l
≤ D∗l.
This leads to a contradiction with the assumption that D∗l
is the leastcost distance between node l and node d. Therefore, the conclusionis true.
Theorem 4. The algorithm ensures that it has an optimal solution.
Proof. Let J(i) be trusted neighbor forwarding list of node i, thecorresponding minimum cost of opportunistic route between i andd is D∗
i. We also prove this by contradiction. Assuming that the
minimum cost routing is D∗′i
instead of D∗i, and the corresponding
trusted forwarding list is J′(i). So, D∗′i
≤ D∗i, namely, di,J′(i) + Ri,J′(i) ≤
di,J(i) + Ri,J(i). In the meanwhile, D∗i
is not the minimum cost route ofnode i to d, there exists at least one node m in J′(i) meeting the con-dition: Dm ≥ D∗
i. From Theorem 1, we can delete similar nodes of m
in J′(i), then node i can form a new forwarding list J′′(i), this resultsin another minimum cost route of D∗′′
i= di,J′′(i) + Ri,J′′(i). This con-
tradicts the assumption that D∗i
is the least cost distance betweennode i and node d. Therefore, the conclusion holds true.
4.2. Time complexity analysis of MCOR algorithm
Theorem 5. The time complexity of the algorithm is O(|V |log|V | +n|E|).
Proof. The time complexity of this algorithm mainly depends onhow Q is implemented. At first, the malicious nodes can be fil-tered by performing the function of Filtering NeighborMNodes instep 2, it may take O(|V|) aggregated time. Assuming that we usea Fibonacci heap as performing this algorithm, the time of each ofthe |V| EXTRACT-LEAST-COST operations in step 10 take O(log|V |),with a total of O(|V |log|V |) aggregated time. The running time tocalculate both di,j and DJ in step 14 depends on the trusted forward-ing list J; however, if we store additional state, it can be reduced
a constant time. The for loop of steps 12–17 takes O(|E|) aggre-gated time and as a result the total complexity of the algorithm isO(∣∣V∣∣ log∣∣V∣∣ + n
∣∣E∣∣). The conclusion holds true.
W. Bo et al. / The Journal of Systems and Software 84 (2011) 2107– 2122 2117
execu
4
on
(
(
(
(
}.
(
Fig. 10. An example of
.3. An illustrative example for MCOR
In Fig. 10(a), the network topology contains 10 nodes, the weightf each edge includes two parts: ETX and trust degree of edge’sodes, the execution procedure of MCOR algorithm is as follows:
1) Step (1): Each node monitors its neighbors’ behavior by com-paring their trust degree value with the threshold Tthreshold(assuming that the Tthreshold is set to be 0.6). So, these nodes:X,Y,Z can be judged as malicious nodes and isolated form thenetwork (see Fig. 10(b)). The remaining nodes are all trusted, sothe current network is assured that it is a trusted environment.
2) Step (2): In Fig. 10(b), each node initializes the cost of trustedopportunistic route of each node to d: Dd = 0, others are ∞. At thesame time, the corresponding trusted forwarding list of eachnode is �, that is, FA = FB = FC = FE = FF = FK = �.
3) Step (3): There are three nodes (C, E and K) within the trans-mission range of d, these nodes update the cost value of nodeC, E and K as: DC = 2, DE = 4 and DK = 8, while that of othernodes still remain ∞ trusted forwarding lists of these nodesare also updated as: FC = FE = FK = {d}. Moreover, because ofDC < DE < DK , DE and FE can be updated through node C as:
DE = 1 + 1 × (1 − 1/4) × 21 − (1 − 1) × (1 − 1/4)
= 2.5, FE = {C, d}.
Then, DB = 7, FB = {C, d}.4) Step (4): According to step (3), instead of node C, the cost of
node E to d is the sub-least in current network. So, DB and FB
can be updated through node C as:
DB = 11 − (1 − 1/5) × (1 − 1/6)
+ (1/5
1 − (1 − 1/5) × (1 − 1/6)
× 2 + (1 − 1/5) × 1/61 − (1 − 1/5) × (1 − 1/6)
× 2.5) = 5.2, FB = {E, C, d
Similarly, DF = 6.5, FF = {E, C, d}.
5) Step (5): Similar to step (4), the cost of node B to d is the thirdleast, so, DA and FA can be updated via node B as:
DA = 5.2 + 4 = 9.2, FA = {B, E, C, d}
ting MCOR algorithm.
(6) Step (6): The cost of node F to d is the fourth least, then DA andFA can be updated through node F again as:
DA = 7.85, FA = {F, B, E, C, d}
However, because of DB < DF , so the cost and forwarding listof node B is not renewed correspondingly.
(7) Step (7): At last, the algorithm is terminated as all nodes inthe network are traversed once. We obtain the final result inFig. 10(c): the minimum cost trusted opportunistic route tonode d is represented by using dotted line, the correspondingtrusted forwarding list of each node is as follows:
FA = {F, B, E, C, d}, FB = {E, C, d}, FF = {E, C, d}, FE
= {C, d}, FC = {d} and FK = {d}.
In each trusted forwarding list, nodes are sorted in ascendingorder from left to right. As well as, the directed array of S is indi-cated finally as: S = {A, F, B, E, C, d}, that is, S also is the union setof forwarding nodes in network.
5. Simulation and analysis
5.1. Simulation environment
We now evaluate the MCOR scheme in realistic wireless sce-narios using nsclick (Read, 2009) with the Madwifi extension (Letoret al., 2007). The nsclick simulator embeds the click modular routerarchitecture (Kohler et al., 2000) into the NS2 (ISI, 2009) simula-tor, such that the routing protocols are developed with click, whilethe physical (wireless) medium is simulated using NS2. The aimof using nsclick is that with only changes of configuration scripts,we can readily deploy our click-based routing protocols on a real
wireless Ad hoc network.Our simulation is based on a lognormal shadowing propagationmodel (ISI, 2009). Let di,j and pi,j be the distance and the deliveryprobability for the link from node i to node j, respectively. According
2118 W. Bo et al. / The Journal of Systems and
Table 2Simulation parameters.
Parameter Meaning Value
Area Rectangular field 1000 m × 1000 mN Number of nodes 50r Transmission radius of each node 250 mS Maximum mobile speed 20 m/sP Data payload size 512 bytes/packet
Weighting factor of Td(i, j) 0.6ˇ Weighting factor of Tr (i, j) 0.4�t Time interval of trust updating 0.5 sT Simulation time 200 sM Number of malicious nodes 1–20Tthreshold Threshold of trust degree value 0.6
t
p
wd�
wictaiBaTiswta
bir
p
wmupdsmnfirerb
5
a
Reward factor Rewards ratio of successful interactions 0.8Penalty factor Penalty ratio of failed interactions 0.1
o (ISI, 2009), pi,j can be approximated as a function of di,j as follows:
i,j ={
1 − ((di,j/R)2�)/2 di,j ≤ R((2R − di,j/R))/2 R < di,j ≤ 2R0 otherwise
here � is the power attenuation factor ranging from 2 to 6, and R isefined as the distance threshold. Here, we set the two parameters:
= 4, R = 125 m.Our simulations are based on the IEEE 802.11b of MAC layer,
hich is included in the NS2. The nodes move from a random start-ng point to a random destination with a speed that is randomlyhosen (the speed is uniformly distributed between 0 and 20 s). Ashe destination is reached another random destination is targetedfter a pause time. The transport protocol used for our simulationss User Datagram Protocol (UDP). Traffic sources used are Constant-it-Rate (CBR). The traffic files are generated such that the sourcend destination pairs are randomly spread over the entire network.he rate of packet generation has been 4 CBR. The number of sourcess 10 in the network. These scenario files are generated using thecene generator of the simulator. The mobility model uses randomay point model in a rectangular field. Each simulation is done in
he presence of 1–20 malicious nodes. The related other parametersre listed in Table 2.
The network topology used in the simulations is constructedy the Waxman’s random graph model (Waxman, 1998), which
s based on a probability model for interconnecting nodes. In thisandom graph, the edge’s probability can be represented as:
(i, j) = exp−Dis(i, j)
× L
here Dis(i, j) is geometric distance from node i to node j, L is maxi-um distance between two nodes, parameter ˛(0 < ˛ < 1) can be
sed to control short edge and long edge of the random graph, andarameter ˇ(0 < ˇ < 1) can be used to control the value of averageegree of the random graph. In the simulation, and are chosenuch that in average each node has a degree between 4 and 5. Geo-etric distance is used as the Euclidean distance from node i to
ode j. Here, a network topology is generated in Fig. 11. From thegure, there are 15 malicious nodes and 35 benevolent nodes byandom generation. To decrease the disturbance of random error,very experiment repeats 50 times and the average experimentesults are computed. The attack behavior of malicious nodes cane assumed in Section 5.2.
.2. Adversary model
Malicious nodes simulate the following two types of activettacks:
Software 84 (2011) 2107– 2122
(1) Black Hole Attack. In this attack, the malicious node dumpsall data packets, which it is supposed to forward. However, itparticipates devotedly in the route establishing process, whichis initiated by other nodes so as to remain on the path of theconnections.
(2) Gray Hole Attack. The gray hole attack is similar to the black holeattack, however, the malicious node also selectively forwardsdata packets at random interval. That is to say, a maliciousnode behaves as a legitimate node occasionally to remain undercover. In this paper, we assume that: the malicious nodes canrandomly drop data packets, with a dropping ratio in the rangeof 0.4–0.8.
5.3. Result analysis
5.3.1. Performance metricsWe use the following metrics to evaluate the performance of our
MCOR scheme with ExOR, the trust based scheme (Pirzada et al.,2006; Li et al., 2004) for AODV (termed as TAODV) and Watchdog-DSR (Marti et al., 2000) protocols:
(1) Throughput: the number of packets transmitted per unit timefrom the source node to the destination node.
(2) Average end-to-end delay: this is the average of the delaysincurred by all the packets that are successfully transmitted.
(3) Expected ETX: the expected transmissions of all candidate for-warders under different size of trusted neighbor forwardinglist.
(4) Security-gains: the ratio of the incremental security perfor-mance using the way of resisting the malicious attacks to thenormal performance in the presence of attacks.
(5) Expected cost of routing: this is indicated that the expected costof all opportunistic routing from each node to a fixed destina-tion.
(6) Detection ratio: the ratio of the number of nodes whose behav-ior (malicious or benevolent) is identified correctly to the actualnumber of such nodes in the network. This metric is only used toevaluate the performance of MCOR, TAODV and Watchdog-DSRunder different settings.
5.3.2. Results and analysisFirst of all, we compare the performance of MCOR scheme
with ExOR, TAODV and Watchdog-DSR in terms of three metrics:throughput, detection ratio and average end-to-end delay. Then,due to the lack of consideration of unreliable wireless link qual-ity between TAODV and Watchdog-DSR schemes, we only give thecomparisons of MCOR and ExOR schemes in terms of other metrics:expected ETX, security-gains and expected cost of routing.
Fig. 12 shows that the throughput with different number ofmalicious nodes. The results show that: as the number of mali-cious nodes increases, the throughput of MCOR, ExOR, TAODV andWatchdog-DSR is reducing slowly. It is observed that the moremalicious nodes, the more serious their damage is. However, thethroughput of MCOR is a bit higher than that of the other threeprotocols. That is because MCOR mitigates the effect of maliciousattacking by using the proposed trust model based on similar-ity. Besides, the MCOR and ExOR schemes exploit the wirelessbroadcast nature and spatial diversity of the wireless mediumto maximize the throughput of network, thus the throughput ofMCOR shows the best cases even if under the presence of maliciousattacks. Nevertheless, the TAODV and Watchdog-DSR schemes are
proposed based on the classic AODV and DSR protocols by introduc-ing the behavior monitor mechanism to choose the secure route,and their routing performance relies on the classic two procedures:route discovery and route maintenance, however, the two pro-
W. Bo et al. / The Journal of Systems and Software 84 (2011) 2107– 2122 2119
pology
cctm
somtsntblstdts
Fig. 11. Network to
edures are lack of considering the advantage nature of wirelesshannel. So, the throughput of TAODV and Watchdog-DSR is lowerhan that of MCOR. ExOR does not take measures to defend the
alicious attacks, thus it shows the worst performance.The detection ratio of MCOR, TAODV and Watchdog-DSR is
hown in Fig. 13. The three schemes decline with the incrementf the number of malicious nodes. It is observed that the morealicious nodes, the more serious their damage is. Accordingly,
he detection is harder. Overall, MCOR is better than the other twochemes in the detection ratio, especially when more maliciousodes exist in the network. Because of establishing the effectiverust relationship model, MCOR can detect the malicious behaviory judging the trust degree among nodes. Although TAODV also uti-
izes the trust model to detect malicious behaviors, its model mayhow false recommendations or collusion of trust relationship, so as
o degrade the detection efficiency. In addition, Watchdog-DSR onlyetects the malicious behavior by direct observation, it is clear thathe detection process results in the higher errors. Therefore, MCORhows better performance on resisting the malicious attacks.Fig. 12. Throughput vs. number of malicious nodes.
during simulation.
We give the average delay comparisons of MCOR, ExOR, TAODVand Watchdog-DSR in Fig. 14. As shown in Fig. 14, the averagedelay of all four schemes rises slowly with the increase in thenumber of malicious nodes. However, the delay overhead of ExORis a bit higher than that of the other three schemes due to thelack of consideration of defending the attack of malicious nodes.Although the other three schemes enhance the security of networkby monitoring the neighbors’ behavior or establishing the trustrelationship among nodes, the routing control packet overheadsof them increase step by step, so as to look for the trustworthyroute for packet forwarding. So, it is obvious that: the more mali-cious nodes, the higher the delay overhead is. The delay overhead ofTAODV and Watchdog-DSR is smaller than MCOR due to the addi-tional overhead on trust relationship mechanism among nodes ofMCOR.
Fig. 15 depicts the average cost of routing of MCOR and ExORwith the similar network conditions of Fig. 12: the cost of routingin ExOR is ranged from 7.8 to 12, while that in MCOR scheme is4.5–11.7. It is clear that the ExOR protocol is slightly higher than
Fig. 13. Detection ratio vs. number of malicious nodes.
2120 W. Bo et al. / The Journal of Systems and Software 84 (2011) 2107– 2122
Mnretnhwns
dEisapoeaelnbp
Fig. 14. Average delay vs. number of malicious nodes.
COR. The reason is that: similar to Fig. 11, given the idea of trustedeighbor candidates of each node and the recursive computation ofemaining path cost, MCOR can calculate the minimal cost betweenach node to a fixed destination node very fast. However, ExOR pro-ocol and its forwarding list doesn’t take into account of maliciousodes’ effect on network, it is no doubt that ExOR expends muchigher cost of routing. Whereas, the overhead of coordinating for-arding among nodes is increasing gradually due to the varyingumber of malicious nodes, relatively, the performance of MCOR isuperior to ExOR protocol.
To observe the effect on ETX of each packet forwarding by can-idate forwarders in trusted forwarding list under the MCOR andxOR schemes. This paper sets the size of trusted neighbor forward-ng list of some node with 8–40 by simulation in Fig. 16. The resulthows the average ETX comparison of the two schemes. Obviously,s the size of forwarding list increases, the average ETX of the tworotocols reduce slowly. The reason is that we introduce the ideasf computing the trust degree and isolate the malicious nodes inach trusted neighbor candidates, and delete the related links, sos to further update the corresponding expected transmissions ofach candidate and derive the final expected ETX value. Neverthe-ess, ExOR protocol does not consider the influence of the maliciousodes, so the number of forwarding candidate nodes of MCOR is a
it less than ExOR, that is, the expected ETX is in inversely pro-ortional to the size of forwarding list. Hence, we can draw theFig. 15. Expected cost of routing vs. number of malicious nodes.
Fig. 16. Expected ETX vs. size of forwarding list.
conclusion that the number of transmission of MCOR protocol is abit less in comparison with that of ExOR protocol.
We also further conduct simulations on the expected size oftrust forwarding list. In Fig. 17, as the number of malicious nodesincreases, the size of trust forwarding list decreases, the twoschemes show lower efficiency of forwarding. The procedure ofanalysis is similar to Fig. 14. However, MCOR can utilize the lim-ited non-malicious nodes to form the effective trusted forwardinglist, and choose the more trusted nodes joining in the forwardinglist. That is, MCOR scheme reduces the size of forwarding list andprovides the security assurance of network, so as to enhance therobustness of network.
Next, we also take into account the security-gains comparisonsbetween the two schemes from the point of view of robustnessand security analysis (see Fig. 18). Firstly, we measure the security-gains by considering of each corresponding network lifetime as:(TMCOR − TExOR)/TExOR. Let TMCOR and TExOR denote the network life-time of each protocol, respectively. The network lifetime is alsoreferred to the longest running time interval as the network suf-fering from the malicious attacks. That is, the running time isrepresented as the survival time of network only if the expectedETX is bigger than 13. The simulation result is shown in Fig. 18. Inthis picture, the security-gains is augmenting progressively sim-ilar to the same settings of Fig. 13, especially when the number
of malicious nodes is 20, the security-gains attains the maximumto be 0.85. To explain this phenomenon, notice the fact that themalicious nodes can be identified and refused to be the actual for-Fig. 17. Size of forwarding list vs. number of malicious nodes.
W. Bo et al. / The Journal of Systems and
wcor
6
wccblaluwMar
ruwtt
A
ot
R
B
B
C
C
C
C
Fig. 18. Security-gains vs. number of malicious nodes.
arder using the effective trust mechanism. Therefore, keeping theonnectivity of network can be further enhanced, and the processf delivery packets can be effectively performed. Meanwhile, theegular survival time of network can be prolonged as far as possible.
. Conclusion and future work
In this paper, after investigating on trust models of Ad hoc net-orks and opportunistic routing in current researches, we firstly
ombine trust model with cost of opportunistic routing taken intoonsideration, propose a trusted opportunistic forwarding modely selecting the optimal forwarder in trusted neighbor forwarding
ist, then devise a trusted MCOR routing algorithm. The proposedlgorithm is proved and analyzed from theoretical perspective. Atast, we also validate the correctness and effectiveness of MCOR bysing nsclick simulator, meanwhile, and compare its performanceith other classic routing protocols. Simulation results show thatCOR algorithm outperforms the other schemes: ExOR, TAODV
nd Watchdog-DSR in terms of resisting malicious attacks, cost ofouting and throughput, and so on.
In our future work, we will conduct extensively simulation andigorous analysis to verify the performance of MCOR algorithmnder real environment. In addition, we will integrate this ideaith network coding and QoS assurance for further study, and
hen devise a higher coordination mechanism on forwarding listo reduce the additional delay overhead.
cknowledgments
The work is supported by National Natural Science Foundationf China (Project No. 60633020, 60970117). The authors wish tohank many referees for their suggestions on this paper.
eferences
iswas, S., Morris, R., 2005. ExOR: opportunistic multi-hop routing for wireless net-works. In: Proceedings of ACM SIGCOMM , pp. 133–144.
uchegger, S., Boudec, J.Le., 2002. Performance analysis of the CONFIDANT protocol:Cooperation of nodes, fairness in dynamic Ad hoc networks. In: Proc of IEEEACM Symp on Mobile Ad Hoc Networking and Computing , New York, ACM, pp.226–236.
hachulski, S., Jennings, M., Katti, S., Katabi, D., 2007. Trading structure for random-ness in wireless opportunistic routing. In: Proceedings of ACM SIGCOMM , pp.169–180.
orson, S., Macker, J., 1999. Mobile Ad hoc Networking (MANET): routing protocol
performance issues and evaluation considerations. In: IETF RFC2501.outo, D., Aguayo, D., Bicket, J., Morris, R., 2003. A high-throughput path metric formulti-hop wireless networks. In: Proceedings of ACM MOBICOM.
ui, T., Chen, L., Ho, T., Low., S., 2007. Opportunistic source coding for data gatheringin wireless sensor networks. In: Proceedings of MASS.
Software 84 (2011) 2107– 2122 2121
Deng, H.M., Li, W., Agrawal, D.P., 2002. Routing security in wireless Ad hoc networks.IEEE Communication Magazine (October), 70–75.
Dubois-Ferriere, H., Grossglauser, M., Vetterli, M., 2007. Least-cost opportunisticrouting. In: Proceedings of 2007 Allerton Conference on Communication, Con-trol, and Computing.
ElSalamouny, E., Tikjob Krukow, K., Sassone, V., 2009. An analysis of the exponentialdecay principle in probabilistic. Trust models. Theoretical Computer Science 410,4067–4084.
Hu,D.F Y.C., Johnson Perring, A., 2002 June. SEAD: secure efficient distance vectorrouting for mobile wireless Ad hoc networks. In: Proc. of Fourth IEEE Workshopon Mobile Computing Systems and Applications , pp. 3–13.
Hu, Y.C., Perring, A., Johnson, D.B., 2002. Ariadne: a secure on-demand routing pro-tocol for Ad hoc networks. IEEE WMCSA, 23–28.
The network simulator-ns-2. http://www.isi.edu/nsnam/ns/.2009.Ke, T., Zhang, B.-X., Jian, M., ZhengF Y., 2010. Opportunistic routing protocols for
wireless multihop networks. Ruan Jian Xue Bao/Journal of Software 21 (October(10)), 2542–2553.
Kohler, E., Morris, R., Chen, B., Jannotti, J., et al., 2000. The click modular route. ACMTransaction on Computer Systems 18 (August (3)), 263–297.
Letor, N., De Cleyn, P., Blondia, C., 2007. Enabling cross layer design: adding theMadWifi Extensions to Nsclick. Proc. of first International Workshop on NetworkSimulation Tools (October), 2007.
Li, X., Michael, R., Lyu, et al., 2004. A trust model based routing protocol for secureAd hoc networks. In: Proc. of IEEE Aerospace Conference , pp. 1266–1295.
Li, J., Li, R., Kato, J., 2008. Future trust management framework for mobile Ad hocnetworks. IEEE Communications Magazine 46 (April (4)), 108–114.
Lu, M., Jie, W., 2009. Opportunistic routing algebra and its applications. In: Proceed-ings of INFOCOM , pp. 2374–2382.
Lu, M., Li, F., Wu, J., 2009. Efficient opportunistic routing in utility-based ad hocnetworks. IEEE Transactions on Reliability 58 (September), 485–495.
Luo, J., Liu, X., Zhang, Y., Ye., D., 2008. Fuzzy trust recommendation based on collabo-rative filtering for mobile ad-hoc networks. In: Proc. of the 33rd IEEE Conferenceon Local Computer Networks (LCN 2008), October , pp. 305–311.
Marti, S., et al., 2000. Mitigating routing misbehavior in mobile Ad hoc networks. In:Proc of MobiCom’00 , New York, ACM, pp. 255–265.
Millan, G.L., Perez, M.G., Perez, G.M., et al., 2010. PKI-based trust management ininter-domain scenarios. Computational Security 29 (2), 278–290.
Omar, M., Challal, Y., Bouabdallah, A., 2009. Reliable and fully distributed trust modelfor mobile Ad hoc networks. Computational Security 28 (3), 199–214.
Peng, S., Jia, W., Wang, G., 2008. Voting-based clustering algorithm with subjectivetrust and stability in mobile ad-hoc networks. In: Proc. of the IEEE/IFIP Interna-tional Conference on Embedded and Ubiquitous Computing (EUC 2008), vol. 2,December , pp. 3–9.
Pirzada, A.A., Mcdonald, C., Datta, A., 2006. Performance comparison of trust-based reactive routing protocols. IEEE Transaction on Mobile Computing 5 (6),695–710.
Nsclick. http://read.cs.ucla.edu/click/nsclick.2009.Rozner, E., Jayesh Seshadri, J., Mehta, Y.A., Qiu, L., 2009. SOAR: simple opportunis-
tic adaptive routing protocol for wireless mesh networks. IEEE Transactions onMobile Computing 8 (December), 1622–1635.
Sanzgiri, K., Dahill, B., Levine, B.N., Shields, C., Belding Royer, E., 2005. Authenticatedrouting for Ad hoc networks. IEEE Journal on Selected Areas in Communications2 (March (1)).
Sun, Y., Yu, W., Han, Z., Liu., K.J.R., 2006. Information theoretic framework of trustmodeling and evaluation for Ad hoc networks. IEEE Journal on Selected Areas inCommunications 24, 305–317.
Theodorakopoulos, G., Baras, J.S., 2006. On trust models and trust evaluation met-rics for Ad hoc networks. IEEE Journal on Selected Areas in Communications 24(February (2)), 318–328.
Waxman, B.M., 1998. Routing of multipoint connections. IEEE Journal of SelectedArea in Communications, 1617–1622.
Yan, Z., Wu, M.-Q., Fang, S.-J., et al., 2010. A priority based opportunistic routingmechanism for real-time voice service in mobile Ad hoc networks. WirelessPersonal Communications 55 (December (4)), 501–523.
Zapata, M.G., 2002. Secure Ad hoc on-demand distance vector (SAODV) routing.ACM Sigmobile Mobile Computing and Communications Review 8 (3), 106–107.
Zeng, K., Lou, W., Yang, J., Brown III, R., 2007a. On throughput efficiency of geo-graphic opportunistic routing in multihop wireless networks. In: Proceedingsof Qshine’07 , August 14–17.
Zeng, K., Lou, W., Zhang, Y., 2007b. Multi-rate geographic opportunistic routing inwireless Ad hoc networks. In: IEEE Milcom , Orlando, FL, October.
Zeng, K., Luo, W., Zhai., H., 2008. On end-to-end throughput of opportunistic routingin multirate and multihop wireless networks. In: IEEE INFOCOM’08 Conference.
Zeng, K., Yang, Z., Wenjing, L., 2010. Opportunistic routing in multi-radio multi-channel multi-hop wireless networks. In: IEEE INFOCOM’10 Conference.
Zhong, Z., Nelakuditi, S., 2007. On the efficacy of opportunistic routing. In: Proceed-ings of SECON 07, vols. 18–21, June , pp. 441–450.
Zhong, S., Chen, J., Yang, Y.R., 2003. Sprite: a simple, cheat-proof, credit-based systemfor mobile Ad hoc networks. Proceedings of IEEE Infocom’03.
Zhong, Z., Wang, J., Nelakuditi S., 2006. Opportunistic any-path forwarding in multi-
hop wireless mesh networks. Technical Report TR-2006-015, USC-CSE, 2006.Zhong, Z., Wang, J., Nelakuditi, S., 2007. Opportunistic any-path forwarding in multi-hop wireless mesh networks, USC-CSE, Technical Report TR-2006-015, 2007.
Zhou, L., Haas, Z.J., 1999. Securing Ad hoc networks. IEEE Network 13(November–December (6)), 24–30.
2 ms and
122 W. Bo et al. / The Journal of SysteWang Bo was born in 1982. He is a Ph.D. degree candi-date in school of computer of Wuhan University, China.His research interests include mobile Ad hoc networks,Wireless Mesh Networks, computer networks.
Huang Chuanhe was born in 1963. He is currently aprofessor and Ph.D. supervisor of school of computer ofWuhan University, China. He is also a senior member ofChina Computer Federation. His research interests are inthe areas of wireless network, computer networks.
Software 84 (2011) 2107– 2122
Li Layuan was born in 1946. He received the BE degreein Communication Engineering from Harbin Institute ofMilitary Engineering, China in 1970 and the ME degreein Communication and Electrical Systems from HuazhongUniversity of Science and Technology, China in 1982. Heacademically visited Massachusetts Institute of Technol-ogy, USA in 1985 and 1999, respectively. Since 1982, hehas been with the Wuhan University of Technology, China,where he is currently a Professor and Ph.D tutor of Com-puter Science, and Editor in Chief of the Journal of WUT.He is Director of International Society of High-Technol.and Paper Reviewer of IEEE/ACM Trans. On Networking,IEEE INFOCOM, ICCC and ISRSDC. His research interests
include high speed computer networks, protocol engineering and image processing.Professor Li has published over one hundred and fifty technical papers and is theauthor of six books. He also was awarded the National Special Prize by the ChineseGovernment in 1993.
Yang Wenzhong was born in 1971. He is a Ph.D. degreecandidate in school of computer of Wuhan University,China. His main research interests include computer net-works and network security.