TY - JOUR
AU - Yi-Fan, Lee,
AB - Abstract People are constantly using mobile technologies to exchange perspectives across the world. The search services they use, however, belong to centralized systems that may be easily censored. The Peer-to-Peer retrieval system was created to impede censorship of online information, but the decentralized nature of P2P makes it difficult to infer information that cannot be measured directly, such as the proportion of subversion, selfish nodes, network size, or churn rate. Recent advances have pushed providers toward large-scale wireless networks where data retrieval is difficult. Thus, we propose a defense mechanism that can: (1) tackle censorship issues; (2) employ probability density function, exponential weighted moving average and modified Chi-squared tests to estimate the proportion of malicious and selfish nodes; (3) defend against malicious and selective-forwarding attacks by adjusting the number of forwarding levels and requests to ensure high-match probability; (4) maintain high-retrieval rates even in large and highly mobile networks; and (5) guarantee robustness compared to other search systems. A series of experiments demonstrated our algorithm’s high-retrieval rate, reasonable costs, mobility resilience, and robustness, demonstrating that the algorithm can work well when the network size is large and/or has a large proportion of selfish nodes, malicious nodes and mobile nodes. 1. INTRODUCTION The Internet is the pre-eminent source of information on this planet. The Internet, which is distributed, uncontrolled, unbiased and dispassionate, smooths the turbulent flow of data. It has changed how we live and how we perceive. As networked devices become ubiquitous, people across the world use them to share information and compare perspectives. As of this writing, online information retrieval is highly centralized for efficiency and economy of scale, and the public’s trust in that access depends on the benign administration of centralized search engines. Unfortunately, history teaches that such administrators cannot be trusted to stay benign forever. These centralized search systems depend on a small number of nodes that can be easily censored or can easily become malicious, as in the case of widespread Internet censorship in China [1]. Some decentralized search and retrieval systems [2–8] have been proposed with an eye to impeding censorship of information accessed over the Internet. These systems are more trustworthy than centralized search, since they have cut out the middleman and allowed people to share information directly without depending on a central node. Decentralized search systems offer peace of mind, since a small number of administrators cannot prevent users from exchanging their information with others. However, the very decentralization of these systems makes it fiendishly difficult to infer any information that cannot be measured directly, such as the proportion of malicious nodes that do not reply when they have matches. Traditionally, a source node distributes its message by multicasting directly to multiple nodes. However, this technique has become infeasible in a large network. Therefore, most systems encourage the source node to first transmit the message to a set of selected nodes, each of which forwards the messages to another set of nodes, and so on. This strategy allows nodes to share the load of processing and buffering, as well as the communication costs, with others, rather than placing the entire load on the source node. Yet the nature of this system makes it very difficult to deduce any information that cannot be measured directly, such as the number and prevalence of selfish nodes that fail to forward the message. Recent technical advancements have pushed providers to use large-scale wireless networks, such as wireless sensor networks (WSNs) and mobile ad-hoc networks (MANETs), with many mobile nodes distributed over a wide area. In a WSN, sensors are usually gathered to detect, collect and share environmental data. It is now reasonable to suppose that wireless devices are everywhere, particularly in densely populated areas. However, the problem with such wireless networks is the difficulty of data distribution and retrieval in a large, highly mobile system. Some scholars [9–15] have proposed to address these issues in both WSNs and MANET environments, but their systems cannot guarantee high-retrieval rates and can raise network overhead too high to allow efficient data distribution and maintenance. In light of these problems, it is clearly very difficult to maintain a high-retrieval rate in the face of a large proportion of malicious, selfish, and mobile nodes in a highly mobile, large-scale network. First of all, there is no way for individual nodes in such a network to maintain a full view of the system, thus affecting the overall retrieval rate. Next, direct communication is infeasible in such a large network, and the very process of forwarding creates vulnerabilities. Selfish nodes and malicious nodes can have a particularly profound effect on the retrieval rate. In a previous paper [16], we presented the design and implementation of an adaptive algorithm that can protect against malicious and selective-forwarding attacks in fixed-size and static networks, but did not consider the case of nodes that reside in a highly mobile and large-scale network. As recent technical advancements have pushed more and more users to use large-scale wireless and mobile ad-hoc networks, we must consider just such a case-the situation of many mobile nodes distributed over a large network. As a result, in [17], we addressed the mobility issues that arise in a small mobile network, but did not consider the problems of malicious nodes, selfish nodes, or enormous numbers of nodes in a large-scale network. The difference between this paper and previous works is substantial, because this paper addresses the problem of selfish and malicious nodes not only in the smaller neighborhoods but in large mobile networks as well. Furthermore, we also investigated and compared our work with other search systems to demonstrate the effectiveness and robustness of our work in detecting malicious and selfish nodes, even when the network is large and contains enormous numbers of mobile nodes. Therefore, in this paper, we present a Defense mechanism Against Malicious & Selective forwarding attacks in large and mobile wireless networks, also called DAMS, to address all the problems mentioned above. The goal of DAMS is to address a scenario involving any or all of the following factors: (1) a decentralized large-scale network; (2) high churn; (3) malicious nodes; and (4) selfish nodes. Our system first divides the entire network into a number of regions. Next, our system generates metadata, applies locality sensitive hash (LSH) functions to calculate the mapped region, routes metadata to a mapped region, and finally stores it in 2N nodes in that mapped region, thus minimizing the number of data replicas in a region while maintaining a high-retrieval rate. Our DAMS allows nodes to join or leave a region, distribute metadata, make requests, or move to other regions at will. Moreover, our system allows every node to maintain and update its membership view during metadata or query distribution in order to address a high churn rate. In addition, DAMS allows nodes to estimate the proportion of malicious and selfish nodes during metadata or query distribution, and adaptively adjusts the number of forwarding levels and requests as needed to achieve a high probability of a match in large and mobile networks. After the requesting node has successfully retrieved the file, it becomes a source node, and thus publishes its metadata of the file to its mapped region. Furthermore, our system applies a relocation method so that when a node moves to other region, the nodes from the source region still know where to forward subsequent messages to the moving node. Finally, we compare our system to other search systems in terms of match probability, proportion of malicious nodes, proportion of selfish nodes, network size, moving speed, message costs and search times. We also demonstrate that our system could achieve high-retrieval rates, better scalability, reasonably low overhead, greater mobility resilience and higher overall system robustness. We summarize the contribution of this paper as follows: Our algorithm tackles censorship issues by creating a system in which a small number of administrators cannot prevent users from distributing or retrieving messages and information. Our algorithm employs probability density function (pdf), exponential weighted moving average (EWMA) and modified Chi-squared testing to estimate the proportion of malicious and selfish nodes. Our algorithm defends against malicious and selective-forwarding attacks by appropriately adjusting the number of forwarding levels and messages to ensure high-match probability. Our algorithm employs LSH, relocation methods and update-membership methods to guarantee robustness and scalability in a large and high-churn network. Our algorithm does not require nodes to communicate with others and can still achieve high-match probability with reasonably low overhead, even with a large proportion of malicious and selfish nodes in a large-scale and highly mobile network. Because energy savings and overhead reduction are relatively important, especially in WSNs, our algorithm is designed to reduce overall overhead as much as possible, particularly when compared to other systems. Multiple equivalent responses from different matching nodes create redundancy-in other words, waste. Our DAMS is the first work that uses redundant responses as valuable information to manage network churn, to address malicious and selfish nodes, and to adaptively determine the quantity of forwarding levels and fanout, such that it can guarantee low overhead with high-match rates even in a large-scale and highly mobile network. The goal of this paper is to protect users across the world from censorship by centralized administrators. We hope that such infrastructure will ultimately assure the free flow of information over the Internet. We know that it is important to develop such a system before it is needed, and to ensure that it is available when the need arises. 2. RELATED WORK 2.1. Distributed search in peer-to-peer (P2P) networks Refs [18–20] have conducted extensive and elaborate comparisons of distributed search methods in P2P networks. The structured approach [21, 22] demands that nodes be organized in an overlay network based on distributed hash tables, trees, rings and the like. The efficiency of this approach is counterbalanced by the fact that it leaves the network vulnerable to manipulation by untrustworthy nodes. In contrast, the unstructured approach [2–8, 23, 11, 14, 24] uses randomization and gossiping, where nodes find one another by exchanging messages over existing links. This approach leaves the network considerably less vulnerable to manipulation, which is why our DAMS uses the unstructured approach. Gnutella [4], one of the first unstructured networks, uses flooding of requests to find information. Ferreira et al. [3] use a random-walk strategy to replicate both queries and data in an unstructured network. BubbleStorm [6] replicates both queries and data and combines random walks with flooding. Ref. [2] is more sophisticated and efficient than Gnutella because it learns from previous requests. However, it presents a clearer opportunity for a group of untrustworthy nodes to hoard searches. Ref. [7] distributes subscription and publication messages to nodes via directed routing. The authors of both [8, 5] are concerned with trust, much as we are with DAMS; they have addressed these concerns with the facts of privacy and scalability, making centralized systems undesirable to the users of social networks. Ref. [11] employs geographic routing for both file distribution and retrieval; a source node sends out a location update message to periodically identify the closest node to the location of the file, and transfers the file if it finds a closer node. In [14], the entire geographic area is separated into many smaller squares, metadata is mapped and stored from the squares with IDs closest to the virtual ID, and the location is updated if a node’s moving distance reaches a predefined updating threshold. Ref. [24] is an on-demand multi-hop routing system in which nodes first apply flooding to build a route from the source to the destination, and then send the message along this route. Ref. [23] introduces a scalable and mobility-resilient distributed data search system for extremely dense and highly mobile wireless networks. Our DAMS uses a strategy similar to [23] for applying LSH [25, 26] to the mapped regions of messages, but our methods for network division, metadata distribution, query retrieval, message routing and node relocation are quite different from that of [23]. Ref. [27] adopts a hierarchical proactive routing framework, which provides reliable and timely data transmission for efficient routing updates and maintenance in large-scale wireless sensor networks. This work addresses the problem of large-scale networks but fails to address the issues of mobility and attacks. Ref. [28] uses a content-centric cooperative service paradigm via D2D communications to reduce cellular traffic and provides an efficient cooperative content-retrieval framework for mobile users. However, this approach is quite different from our work since our work focuses on location-aware content searching. In addition, it does not consider any issues of malice or mobility. Ref. [29] proposes two distributed data-storage algorithms using compressive sensing for wireless sensor networks. The idea of this paper in addressing data-storage problems is quite different from our own work. In addition, it does not address any of the problems created by mobility or malice. 2.2. WSNs and MANET WSNs are used for a wide range of applications. In WSNs, sensors must constantly cooperate to collect and share data, and to exchange environmental phenomena. Refs [30–33] propose flooding and local broadcasting-based methods in WSNs; however, these methods still generate too much transmission overhead to be energy-efficient and, thanks to their reliance on local broadcasting, they cannot guarantee data discovery. Similarly, in [9, 10], the authors propose a topological routing-based method in MANETs, where nodes distribute their data, develop tables for their received messages and forward data queries to the nodes that are most willing to process the data. Unfortunately, these proposed methods still require networks to invest too much overhead in distributing data and data maintenance. Moreover, they cannot guarantee data discovery in a highly mobile network. MANETs contain several mobile nodes with no centralized node to control the whole infrastructure, where each node is responsible for sending messages, receiving messages and maintaining its routing table. The challenges in MANETs include mobility issues, network churn, short transmission range, lack of centralized administration and dynamic changes in network topology. A comprehensive survey by Abid et al. [34] classified the routing methods for MANETs into the following categories: (1) flat-based routing, which is best for small-scale jobs, and can be further classified into reactive routing [24, 35] (discover path when it is needed) and proactive routing [36, 27] (constantly update routine tables); (2) cluster or hierarchical-based routing [37, 38], in which a cluster of nodes such as root-peer manage messages; (3) geographical-based routing [11, 14, 13, 15], where a node applies a data-mapping policy to map a file into a geographic location and stores it to the closest node for high scalability; (4) virtual coordinate-based routing [39, 40], where a node obtains its virtual coordinates and updates these coordinates when it moves from one region to another; and (5) DHT-based routing [41–44], where a node needs to have a logical network and its corresponding physical network, and the logical network and routing algorithm are constructed from these logical identifiers. Ref. [45] indicates that routing methods in MANETs should address the dynamic topology, and guarantee that the message can be quickly delivered without excessive overhead. As a result, we use geographical-based routing for our DAMS system, which maintains high-retrieval rates and low overhead in large-scale and mobile wireless networks, and simultaneously allows nodes to publish their metadata, retrieve information and protect against malicious and selfish nodes. 2.3. Chi-squared statistics and EWMA Several network security researchers use the EWMA algorithm and Chi-squared statistics. Refs [46, 47] employ EWMA and Chi-squared statistics on its anomaly-detection techniques for intrusion detection. Likewise, Refs [48, 49] use known window size to appropriately estimate the smoothing factor for detecting network anomalies, and Ref. [50] applies the Chi-squared test to detect intrusions. Refs [51, 52] apply modified Chi-squared statistics to identify similarities between attribute couples of a dataset and a projected subset. Press et al. [53] use a modified Chi-squared statistic to balance the weights of the buckets in comparing two datasets. Our defense mechanism considers all results from a node, beginning when it joins the network and ending when it leaves, and employs the EWMA method with a modified Chi-squared test to determine the proportion of malicious and selfish nodes, increasing the number of forwarding levels and messages in the network in order to maintain high-match probability. 2.4. Message forwarding Probabilistic forwarding is an alternative solution to multicast routing that has been widely applied for sensors and ad-hoc networks [54–57]. Ref. [58] presents an overview of gossiping and broadcasting in communication networks. Likewise, Refs [59, 60] use forwarding to reduce overall performance cost in delay-tolerant networks. Ref. [61] develops algorithms that require nodes to broadcast with a minimum number of messages and determines upper and lower bounds for broadcasting [62]. Similarly, Ref. [63] presents algorithms that achieve greater efficiency when messages are forwarded in both inter-networks and extended LANs. A paper by [64] finds the pdf for a number of distinct nodes reached, the expected number of distinct nodes in which a message is forwarded within a small and fixed-size network, the pdf for the number of new nodes at a given forwarding level and the expected number of new nodes at a given forwarding level. Our defense mechanism applies the pdf in the same manner as [64] to estimate the number of distinct nodes that would receive the metadata and requests. Beyond that, our algorithm estimates the proportion of malicious nodes and selfish nodes, and can determine the appropriate number of forwarding levels and messages in achieving high-match probabilities from a large and highly mobile network. 2.5. Defense mechanism for malicious attacks Ref. [65] takes an unique approach to detecting malicious behaviors, that is it detects nodes that do not respond and then reduces their workloads [66]. Ref. [67] creates a blacklist of malicious nodes in an overlay network with regard to gossiping. Ref. [68] uses a statistical method for determining how often the sequence should occur in normal traces or in intrusions. Ref. [69] employs neural networks or training decision trees [70] to detect novel attacks. Ref. [71] describes an adaptive replication protocol based on random walks whose feedback mechanism adjusts the number of replicas based on search length for sufficient replications. Ref. [72] presents an adaptive P2P protocol to protect against malicious peers that upload corrupt, inauthentic or misnamed content. 2.6. Defense mechanism for selective-forwarding attacks According to [73], sensor nodes might refuse to forward or drop messages due to limited signal, resulting in a failure to propagate the messages. Ref. [74] obtains safe data transmission between nodes, effectively detects selective-forwarding attacks and manages design issues in a reasonable manner. Two noteworthy approaches to detecting selective-forwarding attacks can be found in [75], which uses Lightweight Detection, and [76], which uses watermark technology. Ref. [77] detects black-hole and selective-forwarding attacks and employs cryptographic hashes, neighborhood watch and threshold-based analysis to defend against such attacks. Refs [78, 79] use lightweight security scheme to detect selective-forwarding attacks in WSN, and use multi-hop acknowledgment from intermediate nodes to create responses and launch alarms. Ref. [80] proposes a defense against selective-forwarding attacks in the form of a fuzzy-based reliable data-delivery method, and Refs [81, 82] apply a multipath routing scheme to defend against such attacks in WSN. 3. DAMS: DEFENSE MECHANISM AGAINST MALICIOUS, SELFISH AND MOBILE NODES In this subsection, we explain our DAMS defense mechanism, which is designed to deal with mobile nodes, malicious nodes and selfish nodes. Our defense mechanism is engineered to address situations where any given node cannot have knowledge of all the nodes in its membership, especially in a large-scale network. The aims of this mechanism are to: (1) utilize the pdf, EWMA method and modified Chi-squared test to detect malicious and selfish nodes; (2) defend against malicious and selfish nodes by adjusting the number of requests so as to achieve high-match probability; and (3) ensure network robustness and scalability in a large network, and even with a large proportion of nodes moving to other regions. Figure 1 shows the basic concepts of the DAMS defense mechanism. In DAMS, the entire network is first divided into multiple regions (Section 3.1), as shown in Fig. 1. When a node joins a network, it applies Section 3.2 to enter the region. When a source node wishes to distribute its files, it applies Section 3.4 to do so. Similarly, the requesting node uses Section 3.5 to distribute its requests. When a node is about to transfer to other region, it applies the steps described in Section 3.9. When a node needs to relay its received messages to other nodes, it employs the steps described in Section 3.6. Lastly, when a node wishes to leave a region, it adapts the steps described in Section 3.3. Figure 2 shows the flowchart of the DAMS defense mechanism, and the following subsections lay out a detailed design of the system. FIGURE 1. View largeDownload slide Basic concepts of DAMS network. FIGURE 1. View largeDownload slide Basic concepts of DAMS network. FIGURE 2. View largeDownload slide Flowchart of DAMS system. FIGURE 2. View largeDownload slide Flowchart of DAMS system. 3.1. Network separation Due to the range limitations inherent in wireless systems, it is impossible to have all the nodes communicate with all other nodes in a wireless network. Therefore, our system uses static landmarks or wireless access points within the network. We first divide the whole network into multiple regions, where each region has a central landmark whose transmission range can cover the entire region. For example, we may divide the whole network into four smaller regions, as shown in Fig. 1. Every node periodically senses the signal strength of its nearby landmarks and re-identifies its region based on the strongest signal received from these landmarks. Assuming that we have a network size with the area NS, and TR is the transmission range, the number of regions NR can be calculated as follows: NR=NSπ×TR2 (1) Please note that TR has to be larger than the diameter D of each region in order to allow every region to cover the transmission range of all of its nodes. Pseudocode for the network-dividing algorithm is given in Fig. 3. FIGURE 3. View largeDownload slide Finding the appropriate number of regions NR. FIGURE 3. View largeDownload slide Finding the appropriate number of regions NR. 3.2. Entering the network When a node joins the network, it first selects a node from the new region to serve as its bootstrapping node and then sends a membership request to the selected node. The bootstrapping node replies to the joining node with a list of all of its members. The bootstrapping node also determines whether the joining node should hold metadata. If so, the bootstrapping node sends a source’s URL, along with its membership information, back to the newly joined node. The joining node then saves all of the membership information to its database. If the bootstrapping node also replies with the source node’s URL, the joining node contacts the source node to obtain the metadata. The joining node distributes a join message to all the nodes in its view, each of which then adds the joining node to its local view. 3.3. Departing the network When a node leaves a network, it first determines whether it has metadata in its database. If so, the leaving node asks a bootstrapping node whether it should transfer its metadata. If so instructed, the departing node randomly selects a node to receive the metadata and notifies the source node of this transfer. The leaving node then distributes a leaving message to all the nodes in its view, deletes its metadata and departs the network. If a node simply leaves the network without informing other nodes, other nodes would still discover this leaving node during their join, metadata distribution or query distribution. 3.4. Metadata distribution When a source node wishes to distribute its metadata, it first applies alDistribution() algorithm from [16] to calculate the pdf [83, 84] for the number of nodes that receive the metadata in terms of forwarding level l ⁠, forwarding fanout a ⁠, and forwarding probability. In [85], if the source and requesting node both distribute the metadata and requests to m=2n nodes with x=1 proportion of nodes that are operational, then P(k≥1)>1−exp2n2nn≥1−exp−4>0.9817 ⁠. Likewise, we determine the appropriate number of a and l such that the overall number of distributions would still be appropriate to achieve m=2n of nodes to distribute metadata. After obtaining the number of forwarding fanouts a and forwarding levels l ⁠, the source node produces metadata and applies an LSH (Section 3.10) algorithm to identify the most appropriate destination for the metadata. The source node first chooses an LSH function and hashes its metadata to the x coordinates, then applies another LSH function, and hashes its metadata to the y coordinates. Our system then sends this message to the region that has the coordinates x and y ⁠. After this is done, the source node uses the routing algorithm, as described in Section 3.7, to send its metadata to the designated region. The first node in a destination region, called the relay node, chooses 2view random nodes in its local view and distributes this metadata to these nodes. Based on the chosen forwarding probability, some nodes receiving such metadata might further forward this metadata to other nodes in the same region. Lastly, the relay node updates its membership and then notifies the source node about these metadata nodes. 3.5. Query distribution When a requesting node wishes to distribute its query, it first applies alGet() algorithm from [16] to calculate the pdf [83, 84] for the number of nodes that receive the query messages in terms of forwarding level l ⁠, forwarding fanout a ⁠, and forwarding probability. Next, the requesting node produces a query, and applies an LSH (Section 3.10) algorithm to determine the appropriate destination for the query. The requesting node first chooses an LSH function and hashes its query to the x coordinates, and then applies another LSH function, and hashes its query to the y coordinates. Our system then sends this query to the region that contains the coordinates x and y ⁠. The requesting node uses the routing algorithm, as described in Section 3.7, to forward the query to the calculated region. The first node, called the relay node, chooses 2view random nodes in its local view and distributes this query to these nodes. Based on the chosen forwarding probability, some nodes receiving such queries might forward this request to other nodes in the same region. The nodes that receive such a query compare the keywords in the request with the metadata they hold. If a node finds a match, the node responds to the relay node with the URLs of the source nodes. After obtaining the responses, the relay node first updates its view from its membership and then sends its response to the requesting node. The requesting node then randomly selects one of the source nodes to retrieve its desired file, and applies a protection algorithm (Section 3.8) to discover newly joined and leaving nodes, to estimate the proportion of malicious nodes, to determine the proportion of selfish nodes, to estimate the churn and to decide its next update time based on the current churn. The requesting node further applies the steps as described in Section 3.4 to publish its metadata to some randomly chosen nodes in its mapped region. 3.6. Relaying messages There are six different ways that a relay node would relay its messages. The first way is that the relay node receives metadata and simply forwards that metadata to 2view randomly selected nodes. The second way is that the relay node receives a metadata reply message with 2view nodes in it, and it forwards this reply back to the source node. The third way is that the relay node gets a query, and it simply forwards this query to 2view randomly selected nodes. The fourth way is that the relay node receives a query-matching response, and it simply forwards it to the requesting node. The fifth way is that the relay node receives a relocation message from the distributor and it forwards this message to all the nodes that have the metadata. The last way is that the relay node receives a relocation message from the requesting node, and it simply updates the location in its database. 3.7. Distance–direction-based geographic routing algorithm In our DAMS, we propose a distance–direction-based geographic routing method (DGR). In our DGR, the sender first determines the recipient’s x coordinate, y coordinate and direction. Next, the sender detects its nearby neighbors within a certain range and along a certain vector and calculates the distances between the neighbors’ coordinates and the recipient’s coordinates. Finally, the sender selects the neighbor along the recipient’s vector that is the closest to the recipient’s coordinates. Thus, the message can be quickly delivered to the destination region, making the overall delivery to the destination region within the smallest number of hops. For example, assuming that we have a sender located at coordinates s=(1,2) ⁠, and a receiver located at coordinates r=(8,10) ⁠. The sender identifies four nearby neighbors: n1=(0,3) ⁠, n2=(3,3) ⁠, n3=(5,5) and n4=(0,5) ⁠. The sender first determines that the receiver is to the northwest, and notices that n2 and n3 also lie in that direction. The sender then determines the distances from n2 and n3 to the receiver and notices that the distance between the receiver and n3 is smallest. Thus, the sender forwards the message to n3. The algorithm is given in Fig. 4. FIGURE 4. View largeDownload slide Message routing algorithm. FIGURE 4. View largeDownload slide Message routing algorithm. 3.8. Protection algorithm Those nodes that receive both metadata and requests but do not report a match are considered malicious. Similarly, those nodes that do not forward a message are considered selfish. Moreover, when the network has high churn, it means that enormous quantities of nodes are continuously arriving and departing the network, which might cause disconnection in the network, or limit other nodes’ view of it. Thus, our protection algorithm is designed to allow every node to discover newly joined and leaving nodes, to estimate the proportion of malicious and selfish nodes, to estimate the churn and to allow nodes to manage and decide their next update time based on the estimated churn of the network. The sender first sends its messages to a few nodes chosen at random, and waits for responses from those nodes. The sender then removes the unresponsive nodes, and adds newly joined nodes from the received response messages to its view. Our algorithm further collects data on the number of responses that a requesting node receives using the probability density function from [16], EWMA method, and modified Chi-squared test. The EWMA method is used to decrease the noise of the observations and to average the observations over a sequence of requests. The EWMA method is defined by: st=c×vt+(1−c)×st−1 ⁠, where c is the smoothing factor for 0≤c≤1 ⁠, st is the output of the EWMA at time t ⁠, and vt is the current non-normalized observed probabilities. The modified Chi-squared goodness-of-fit test [53] is used to determine which of the analytical curves best matches the observed probabilities, and estimate the proportion of non-malicious nodes in its membership view. The modified Chi-squared statistic is defined by: χ2=∑k=1kMax((ok−ek)2)/(ok+ek) ⁠, where ok is the actual number of observations in k th bucket, ek is the expected number of observations in k th bucket, and kMax is the maximum bucket in which the observations might be located. After calculating the observed probabilities from the collected responses, the sender further calculates the analytical match probabilities with message forwarding. For the analytical match probabilities, we employ hypergeometric distribution [83], which describes the number of successes in a sequence of random draws from a finite population without replacement, and it is calculated as: P(k)=mxkn−mxr−knr ⁠, for mx+r≤n and k≤min{mx,r} ⁠. If either of those two conditions is not satisfied, then P(k)=0 ⁠. In addition, the match probability P(k≥1) of one or more matches is given by P(k≥1)=1−P(0) ⁠, where mx+r≤n ⁠. In essence, we employ hypergeometric distribution to calculate the probability of k match P(k) ⁠, and probabilistic analysis with probability density function (pdf), for both pdf(n,a,l,F).getM() and pdf(n,a,l,F).getR() ⁠, for the number of nodes reached when forwarding to m and to r nodes. The match probability will be the summation of the product of these match probabilities for all values of m and r ⁠. After obtaining the analytical probability curve, the algorithm applies normalization since there might be no response at all, particularly in light of the fact that metadata and requests might end up distributed to disjointed subsets of nodes, malicious or selfish nodes might interfere with distribution, and there might exist no metadata that match a request. Therefore, we excluded requests for which all responses indicate no match. In addition, we further excluded requests that result in matches for large values of kMax since the probability of these matches is negligibly small. We normalize the probabilities as: Q(k)=P(k)/∑i=1kMaxP(i) ⁠. Our algorithm finally compares the normalized observed probabilities and the normalized analytical probabilities with various values of F and X and determines that the value of x and f for which the modified Chi-squared value is the smallest between the observed and analytical probability curves, since the smallest value corresponds to the curve with the best fit. Next, once the algorithm has obtained the value of x and f ⁠, it further computes the appropriate a and f in order to satisfy the match probability of one or more matches y0=P(k≥1) ⁠. Then the algorithm increases the number of l levels and a fanouts to which the query is distributed to achieve the same match probability as when X=1.0 and F=1.0 ⁠. Finally, the algorithm calculates the next update time based on the sum of current leaving nodes plus newly joined nodes, multiplied by the maximum update time, and then divided by the total number of request messages. Pseudocode for our protection algorithm is given in Fig. 5. FIGURE 5. View largeDownload slide Protecting algorithm. FIGURE 5. View largeDownload slide Protecting algorithm. 3.9. Region transfer algorithm There are four types of nodes that might move to other regions: (1) source nodes, (2) requesting nodes, (3) nodes with metadata and (4) relay nodes. First, when the network has a high churn, the source node might move to another region at any time. Our algorithm ensures that all the nodes that have metadata know the current location of the source node, and thus they would know where to inform the requesting node about the location of the source node later. Second, the requesting node might move to another region before it obtains a match reply. Therefore, our algorithm ensures that the relay node from the original region knows the current location of the requesting node, and thus it would know where to forward the incoming response to the requesting node. The requesting node has a timer, so that if it does not receive any response for a while, it will initiate another request from the new region. Third, if a metadata node happens to move out of the current region, it will transfer its information to another node chosen at random from its region, and inform the source node about this transfer. Lastly, if a relay node moves to another region, it transfers its information from its database to a node selected at random in its region. 3.10. LSH algorithm The goal of LSH is to hash items several times, so that similar documents would be more likely to appear in the same bucket [25, 26]. In our experiment, we ignore all of the punctuation in the document, convert all capitalized characters to lowercase, apply the stemming algorithm to convert various forms of a word to its base form, remove any step words, and group the consecutive set of k words into a set. According to [86], the value of k is usually set as k=2 or k=3 for small documents such as emails, and set as k=3 or k=4 for large documents such as news and research articles. We likewise set the value of k=3 for our further experiments. It is difficult to use Jaccard similarity to calculate the similarities between sets when we have millions of documents in the network since we cannot store all the sets in a node’s main memory space. As a result, we apply the “Minhashing” method, which estimates the similarities between documents with relatively little computation time. The minhashing process begins with the conversion of a series of sets into a single matrix. If the element j is in the set Si ⁠, we set 1 in location (i,j); otherwise, 0. Next, we construct a minhash (or permutation) function h to reorder the all the rows of the matrix. The permutation function is defined as follows: [87]: h(x)=(ax+b)modp ⁠, where p is any prime number, a is any integer that satisfies 0<a<p and b is any integer that satisfies 0≤b<p ⁠. We then record the first 1 that appears in each column. We repeat the above step several times and run multiple permutations. We then apply Jaccard similarity [88] to determine the similarity distances between these sets and the above signature matrix, which is calculated as: s(A,B)=(∣A∩B∣)/(∣A∪B∣) and d(A,B)=1−s(A,B) ⁠. The more permutations we can get, the higher the accuracy we achieve in estimating the similarities between two sets, and thus, we repeat the permutation a certain number of times. Even if we apply minhashing to compute small signatures and similarities between sets of documents, we might still have a problem in finding the greatest similarities since the number of pairs might be too large, even with relatively few documents. Therefore, we apply the LSH function in such a way that we only need to focus on finding pairs of documents that are above a certain threshold to reduce computation time. Thus, after repeating the permutation a certain number of times, we choose a threshold T ⁠, where T tells how similar two documents have in order to be considered a ‘similar pair’. In addition to the value of b and r ⁠, we can divide our signature matrix into b bands with each band containing r rows. The values of T ⁠, r and b have to satisfy the following conditions: (1) br=n ⁠, where n is the number of permutations and (2) threshold T=(1b)1/r [88]. Each band contains an LSH hash function, such that it would hash similar vectors of r to the same buckets in a hash table. 4. EXPERIMENTAL EVALUATION In this section, we performed a simulation designed to give our defense mechanism a thorough evaluation. We originally tried an NS-3 simulator, but it did not have enough memory to handle our experiments since our network has up to 90,000 nodes with a great deal of movement (e.g. tests either would take an unreasonable amount of time to run or would simply crash). Therefore, we developed our own simulator to test our algorithm and then compared its performance against that of other protocols. Our simulation environment was developed on a system with an Intel(R) CoreTM i5-4590 at 3.30 GHz, running with 32GB RAM. The simulation program was developed in Eclipse and Netbeans development environments, written in Java, and finally tested in Windows 7 Professional Edition, Service Pack1, in the 64-bit Operating System. In our simulator, we performed: (1) network separation, (2) network entry, (3) network departure, (4) metadata distribution, (5) query distribution, (6) relaying messages, (7) region transfer, (8) detection of malicious and selfish nodes, (9) protection against malicious and selfish nodes, (10) membership updates and (11) message routing. Our simulation program returned a log with all the events and data after it finished running the simulation. Since nodes may move to other regions at any time, or may become malicious and/or selfish at any moment, we considered a scenario where every node in the network follows our DAMS defense mechanism, except: (1) malicious nodes respond to a request but do not return a match, (2) selfish nodes do not forward messages, (3) any node may move out of its current region at any time, (4) any node may join a region at any time and (5) any node is allowed to have a partial membership view of the actual network. In the simulation program, we began by constructing a network and dividing it into smaller sub-regions. At each step, some nodes might enter or depart a region, distribute metadata, distribute queries, update membership or relay messages. Some nodes might behave maliciously by not responding to a request despite having a match, or by not forwarding a message. We compared the match probability, message costs and search times of our algorithm with several existing protocols to demonstrate the effectiveness and scalability of our system. 4.1. Controlled variables In our simulation, we consider the following control variables: N ⁠: Total number of nodes in the network. X ⁠: Proportion of non-malicious nodes in the actual membership in the network at a particular point in time, where 0<X≤1.0 ⁠. F ⁠: Proportion of non-selfish nodes in the actual membership in the network at a particular point in time, where 0<F≤1.0 ⁠. S ⁠: Speed at which a node can move in the network at a particular point in time. We divided the nodes in the network into four speed groups, according to the ratios of the nodes to the range of their speed: (1) 16.67% in the fast speed, at 6 m/s, (2) 16.67% in the medium speed, at 4 m/s, (3) 16.67% in the low speed, at 2 m/s and (4) 50% in the static group, where no node moves.In addition, when a node hits a boundary of the network during its movement, such as when it wishes to move beyond the 2700 m × 2700 m boundary, it will bounce in the opposite direction and continue moving until it encounters an obstacle, such as another boundary. D ⁠: The direction in which a node can move in the network at a particular point in time. We divided the nodes in the network into eight direction groups: (1) north, (2) northeast, (3) east, (4) northwest, (5) southeast, (6) southwest, (7) west and (8) south. 4.2. Performance metrics The performance metrics that we used to test the effectiveness of our defense mechanism are as follows: MP: Match probability of one or more responses for a request, averaged over all requesting nodes. MC: Total message cost per node. ST: Total search time that a requesting node needs before getting a match. x ⁠: Estimated proportion of non-malicious nodes in the actual network at a particular point in time. f ⁠: Estimated probability of non-selfish nodes in the actual network at a particular point in time. 4.3. Various data search systems In our experiment, we compared the performance metrics of DAMS against those of other two famous locality-based search systems: (1) GLS [14], the most representative geographic routing-based data search system; and (2) LORD [23], the most recent work that considered both large-scale wireless networks and those with issues related to high mobility. However, GLS and LORD deal exclusively with data search and have no defense mechanisms to protect against selective and malicious attacks; thus, to make the experiment fairer and more applicable to real-world computing, we applied multipath routing [89] to both GLS and LORD systems, as this is the most common approach to defending against selective-forwarding attacks [76]. The following explains these six search systems for our performance evaluation: DAMS: The data retrieval system that applies the defense mechanism as described in Section 3. In DAMS, the total quantity of metadata or request messages is calculated based on estimated x and f ⁠, and thus the quantities vary considerably. DAMS-N: The data retrieval system, which is similar to the DAMS system, except that it does not apply the defense mechanism from Section 3 to adjust the value of a and l ⁠. In DAMS-N, instead, every source node distributes m=210 metadata, and every requesting node distributes r=210 requests. GLS: The data retrieval system that applies GLS protocol [14] for data retrieval, and multipath routing [89] for the defense mechanism. Since multipath routing was originally designed strictly for selective-forwarding attacks, we modified a multipath routing algorithm in such a way that the requesting node must find and select a route that can successfully deliver the query to the matching nodes in order to protect against malicious and selective-forwarding attacks. In GLS, every source node distributes m=5000 metadata, and the number of requesting nodes varies depending on the current estimated x and f ⁠. GLS-N: The data retrieval system is similar to the GLS system, except that it does not apply a multipath routing protocol to defend against selective and malicious attacks. In GLS-N, every source node distributes m=1800 metadata, and every requesting node distributes r=600 requests. LORD: The data retrieval system that applies the LORD protocol [23] for data retrieval, and multipath routing [89] for the defense mechanism. We applied the modified multipath routing described in GLS to handle both malicious and selective-forwarding attacks. In LORD, every source node distributes m=5000 metadata, and the number of requesting nodes, as in other protocols, varies because it depends on the current value of x and f ⁠. LORD-N: The data retrieval system is similar to the LORD system, except that it does not use a multipath routing protocol to defend against selective and malicious attacks. In LORD-N, every source node distributes m=5000 metadata, and every requesting node distributes r=1 request. We performed our experiment with the following nine cases for above six search systems: (1) X=1.0 ⁠, F=1.0 ⁠, (2) X=1.0 ⁠, F=0.7 ⁠, (3) X=1.0 ⁠, F=0.4 ⁠, (4) X=0.7 ⁠, F=1.0 ⁠, (5) X=0.7 ⁠, F=0.7 ⁠, (6) X=0.7 ⁠, F=0.4 ⁠, (7) X=0.4 ⁠, F=1.0 ⁠, (8) X=0.4 ⁠, F=0.7 ⁠, (9) X=0.4 ⁠, F=0.4 ⁠. 4.4. Varying S ⁠, F and X We first considered a scenario in which our algorithm was applied with varied speed S ⁠, the proportion of non-selfish nodes was F ⁠, and the proportion of non-malicious nodes was X with varied network size N ⁠. Figure 6 shows the simulation result of match probability MP with N = 10 000, S=slow,medium,fast ⁠, kMax=9 ⁠, c=0.999 ⁠, l=2 ⁠, and xfGap=0.3 ⁠. The solid line represents the slow speed curve, the dashed line represents the medium speed curve, and the dotted line represents the fast speed curve. The x-axis represents the following nine cases: (1) X=1.0 ⁠, F=1.0 ⁠; (2) X=1.0 ⁠, F=0.7 ⁠; (3) X=1.0 ⁠, F=0.4 ⁠; (4) X=0.7 ⁠, F=1.0 ⁠; (5) X=0.7 ⁠, F=0.7 ⁠; (6) X=0.7 ⁠, F=0.4 ⁠; (7) X=0.4 ⁠, F=1.0 ⁠; (8) X=0.4 ⁠, F=0.7 and (9) X=0.4 ⁠, F=0.4 ⁠. The y-axis represents the match probability MP. In examining these figures, we first noticed that the MP for these curves all looked similar, regardless of their different speeds. Next, we observed that as X or F decreases, MP also decreases. Furthermore, we noticed that MP decreases sharply, especially when F decreases to F=0.4 (e.g. MP for case 3, case 6 and case 9 are lower than those of other cases). This is because when F drops to F=0.4 ⁠, about 60% of the nodes in the network refuse to forward the message, thus seriously affecting MP. FIGURE 6. View largeDownload slide MP for N = 10 000 with various speed. FIGURE 6. View largeDownload slide MP for N = 10 000 with various speed. Figure 7 shows the simulation result of match probability MP with N = 50 000, S=slow,medium,fast ⁠, kMax=9 ⁠, c=0.999 ⁠, l=2 ⁠, and xfGap=0.3 ⁠. The solid line represents the slow speed curve, the dashed line represents the medium speed curve and the dotted line represents the fast speed curve. We noticed that the match probabilities MP for N = 50 000 are all very close compared to N = 10 000. When we further scale up to N = 90 000, as shown in Fig. 8, we similarly observed that the match probabilities MP for N = 90 000 are nearly identical to N = 10 000 and N = 50 000. This indicates that even widely different values of network size and speed can return similar match probabilities, thus demonstrating the scalability and effectiveness of our algorithm. And thus, we are certain that the match probabilities would still be similar to these curves even if we were to scale up beyond N = 90 000. We subsequently chose N = 90 000 for further experiments, as we believe this number is large enough when comparing our work with other systems. FIGURE 7. View largeDownload slide MP for N = 50 000 with various speed. FIGURE 7. View largeDownload slide MP for N = 50 000 with various speed. FIGURE 8. View largeDownload slide MP for N = 90 000 with various speed. FIGURE 8. View largeDownload slide MP for N = 90 000 with various speed. 4.5. Match probability Figure 9 shows the MP curves with N = 90 000, NR=9 ⁠, a=14 ⁠, l=2 ⁠, kMax=9 ⁠, c=0.999 ⁠, xfGap=0.3 ⁠, S=static,slow,medium,fast ⁠, D=N,S,W,E,NW,NE,SW,SE ⁠, on DAMS system, DAMS-N system, GLS system, GLS-N system, LORD system and LORD-N system. FIGURE 9. View largeDownload slide MP for various search systems. FIGURE 9. View largeDownload slide MP for various search systems. In Fig. 9, we first noticed that when X and F decrease, MP also decreases significantly for all six search systems. In addition, we noticed that the DAMS-N, GLS-N, and LORD-N curves decrease much more sharply when both X and F decrease to X=F=0.4 (We can see that even the MP of GLS-N curve drops to about MP=0.1093 for case F=0.4 ⁠, X=0.4 ⁠). This is to be expected because these search systems have not yet applied any defense mechanism. Furthermore, for GLS and LORD, we noticed their MC curves both stay at 1 for all nine cases; this is because their requesting nodes, seeking to guarantee at least one route for successful distribution of the request to the matching node(s), implement a multipath routing algorithm. Lastly, even though our DAMS does not apply a modified multipath algorithm in its defense, our defending mechanism is the second-highest curve among all curves for all nine cases, being able to maintain more than 80% match probability with X=0.4 and F=0.4 ⁠. Thus, this demonstrates the robustness and effectiveness of our defense mechanism, since our DAMS algorithm can still maintain high MP even with relatively low values of X and F ⁠. 4.6. Message costs Figure 10 shows the MC curves with N = 90 000, NR=9 ⁠, a=14 ⁠, l=2 ⁠, kMax=9 ⁠, c=0.999 ⁠, xfGap=0.3 ⁠, S=static,slow,medium,fast ⁠, D=N,S,W,E,NW,NE,SW,SE on DAMS system, DAMS-N system, GLS system, GLS-N system, LORD system and LORD-N system. FIGURE 10. View largeDownload slide MC for various search systems. FIGURE 10. View largeDownload slide MC for various search systems. In Fig. 10, we first noticed that when X and F decrease, the MC value of GLS is significantly increased; it is slightly increased for DAMS and remains about the same for the other four systems. This is precisely what we expected; after all, adding a defense mechanism would logically increase message costs. We observed that before applying the defense mechanism, the MC for both GLS-N and LORD-N was already quite high, such as MC=9995.084 for GLS-N, and MC=5010.814 for LORD-N. This is because GLS uses a proactive mapping update scheme, which requires that a node periodically discover the closest node to its mapped location and move its file to this node, thus creating excessive communication costs. On the other hand, even though LORD uses a reactive data-mapping update scheme similar to that of our DAMS, the problem of this algorithm is that it requires ‘all’ nodes holding metadata in a designated region to conduct updates when their source node moves to another region, thus creating excessive overhead. This is why both systems need high data-replication overheads to maintain such high MP. Moreover, the MC for both GLS and LORD systems is even higher, such as MC = 33 300.95 for GLS and MC=5016.178 for LORD, after they implement a multipath routing algorithm to defend against malicious and selective-forwarding attacks. Thus, we see that even though GLS and LORD both can achieve relatively high-match probabilities, such as MP = 1 for all nine cases, the message costs for our DAMS are much lower than those for these systems. Even though the message costs required by DAMS are strikingly lower than those required by GLS and LORD (such as MC=1003.65≪5016.178≪33⁢300.95 for X=0.4 ⁠, F=0.4 ⁠), it can still produce reasonably high-match probabilities (such as MP=0.8 for X=0.4 ⁠, F=0.4 ⁠). In addition, were we to increase the overall network size to N=≫90 000 ⁠, the total number of nodes residing in a region would be greatly increased; thus, the total cost of MC for our DAMS would be much lower when compared to those of GLS and LORD (⁠ GLS≫LORD≫DAMS ⁠), which confirms the energy efficiency and overhead reduction of our work. This figure demonstrates the robustness and effectiveness of our defense mechanism, because our algorithm requires relatively low MC, but can still maintain high MP even with relatively low values of X and F ⁠. We know that energy savings and overhead reduction are relatively important, especially in WSNs, and this figure has demonstrated that our DAMS addresses the energy savings issue. 4.7. Search costs Figure 11 shows the ST curves with N = 90 000, NR = 9, a=14 ⁠, l=2 ⁠, kMax=9 ⁠, c=0.999 ⁠, xfGap = 0.3, S=static,slow,medium,fast ⁠, D=N,S,W,E,NW,NE,SW,SE on DAMS system, DAMS-N system, GLS system, GLS-N system, LORD system and LORD-N system. FIGURE 11. View largeDownload slide ST for various search systems. FIGURE 11. View largeDownload slide ST for various search systems. In Fig. 11, we first noticed that when X and F decrease, the ST values of both GLS and GLS-N are significantly increased. This is because in GLS-N, the next hop of its routing path might not be geographically close, which would lead to a larger ST when the network size is large. Additionally, when we apply a modified multipath routing algorithm to defend against malicious and selective-forwarding attacks, it leads to even higher ST. The other four systems-DAMS, DAMS-N, LORD and LORD-N-all require relatively low ST for all nine cases due to the fact that these systems map metadata to multiple nodes in a geographical region. In contrast, we observed that the ST required by DAMS are much lower than those required by GLS, and about the same as those of LORD, but can still produce reasonably high-match probabilities. Thus, this figure clearly demonstrates the robustness and effectiveness of our defense mechanism, because our algorithm can maintain high MP even with relatively low values of X and F while requiring relatively low MC and ST. 4.8. Effectiveness of defense mechanism against malicious, selfish and mobile nodes In this section, we considered an extended scenario in which we applied the defense mechanism with varied X and F for N = 90 000, a=14 ⁠, l=2 ⁠, kMax=9 ⁠, c=0.999 ⁠, xfGap=0.3 ⁠, S=static,slow,medium,fast ⁠, D=N,S,W,E,NW,NE,SW,SE ⁠. In order to reflect a realistic network, we designed the extended scenario such that X and F decrease or increase their values slowly. Figure 12 shows the graphs of X ⁠, F ⁠, MP and MC, where X first slowly decreases from 1 to 0.4, then increases to 1, and finally decreases to 0.7. Similarly, F first decreases from 1 to 0.4, and finally increases back to 0.7. First of all, as shown in Fig. 12, when X and F are low, the small number of nodes reporting a match greatly reduces match probability. Therefore, the values of MP of DAMS-N change from MP=1 at time 1, to MP=0.9715 at time 500, to MP=0.9087 at time 1000, to MP=0.7689 at time 1500, to MP=0.5928 at time 2000, to MP=0.3808 at time 2500, to MP=0.3683 at time 3000, to MP=0.4880 at time 3500, to MP=0.6636 at time 4000, to MP=0.8466 at time 4500 and finally to MP=0.7961 at time 5000. The value of MC in DAMS-N for all cases remains at MC=420 from beginning to end. FIGURE 12. View largeDownload slide Graphs of X ⁠, F ⁠, MP and MC of DAMS & DAMS-N. FIGURE 12. View largeDownload slide Graphs of X ⁠, F ⁠, MP and MC of DAMS & DAMS-N. The requesting node receives fewer matches when the values of X and F are low, and thus, it would estimate low values of X and F ⁠. Hence, the DAMS algorithm raises a and l in order to bolster match probability MP and keep it appropriately high. The overall value of MP in our DAMS defense mechanism changes from MP=0.9774 at time 1, to MP=0.9751 at time 500, to MP=0.9792 at time 1000, to MP=0.9838 at time 1500, to MP=0.9683 at time 2000, to MP=0.8536 at time 2500, to MP=0.8626 at time 3000, to MP=0.8974 at time 3500, to MP=0.9552 at time 4000, to MP=0.9921 at time 4500 and finally to MP=0.9862 at time 5000. It is evident to the casual observer that the match probability MP for the DAMS system remains high even when X and F are low, which shows the effectiveness and robustness of our DAMS defense mechanism. The MC of our DAMS defense mechanism changes from MC=420 at time 1, to MC=420.3157 at time 500, to MC=456.1003 at time 1000, to MC=602.1248 at time 1500, to MC=758.2673 at time 2000, to MC=956.5648 at time 2500, to MC=805.7301 at time 3000, to MC=715.933 at time 3500, to MC=505.2884 at time 4000, to MC=478.1215 at time 4500 and finally to MC=531.5385 at time 5000. By comparing both DAMS and DAMS-N, we can see that applying a defense mechanism can adjust MC to ensure a suitably high value of MP, and can create a dramatic increase in MP, which is quite effective. Thus, Fig. 12 confirms the effectiveness and scalability of our defense mechanism and demonstrates that a node can still find a match even when the network is mobile with low values of X and F ⁠. In summary, these experiments have demonstrated the effectiveness and scalability of our algorithm in estimating the proportion of non-malicious and non-selfish nodes in the mobile network with a high degree of accuracy. Our algorithm can rapidly estimate changes in x when the actual proportion of malicious nodes rises or falls. Likewise, when the actual proportion of selfish nodes increases or decreases, our algorithm can quickly identify the changes in f ⁠. Moreover, this study has demonstrated that our defense mechanism achieves high-match probability MP even when in a highly mobile network, and can effectively adjust the value of a and l to defend against malicious and selective-forwarding attacks. The comparison of our DAMS system against the DAMS-N system, LORD system, LORD-N system, GLS system and GLS-N system has demonstrated the robustness of our algorithm in several experiments despite significant variations in network size and performance metrics. Finally, we have constructed an extended scenario in which we varied X and F ⁠, and have demonstrated the effectiveness and scalability of our algorithm, such that it can accurately estimate the value of x and f ⁠, appropriately adjust a and l to ensure high-match probability MP, and still maintain a reasonable message cost MC, even in a highly mobile network. 5. CONCLUSION We have presented DAMS, a decentralized search system with defense mechanisms to protect against malicious and selective-forwarding attacks in large and/or mobile wireless networks. DAMS addresses the following dilemmas: (1) tackling censorship issues; (2) employing pdf, EWMA and modified Chi-squared test to estimate the proportion of malicious and selfish nodes; (3) defending against malicious and selective-forwarding attacks by adjusting the number of forwarding levels and requests to ensure high-match probability; (4) maintaining high-match probability even in a large and/or mobile wireless network; and (5) guaranteeing robustness and effectiveness compared with other search systems. Our DAMS first divides the entire network into an appropriate number of regions, then employs LSH to have nodes map the relevant metadata or request to a geographical region and finally routes the message to the destination. Nodes in DAMS are allowed to join a region, leave a region, distribute metadata, make requests, relay messages or move to other regions. Our DAMS allows every node to maintain and update its membership view during metadata or query distribution. In addition, every node can estimate the proportion of malicious and selfish nodes during metadata or query distribution, and adaptively adjust the number of forwarding levels and requests to achieve high match probability in large and mobile networks. Furthermore, DAMS applies a relocation method to ensure that when a node moves to another region, the nodes from the source region are still able to forward the subsequent metadata or request response to the moving node. Finally, we compare our system to other search systems in terms of match probability, proportion of malicious nodes, proportion of selfish nodes, network size, moving speed, message costs and search times, and demonstrate that our system can achieve high-retrieval rates, better scalability, reasonable overhead, mobility resilience and system robustness, all of which can work well under a range of adverse network conditions: (1) when the network has a large proportion of selfish nodes, (2) when the network has a large proportion of malicious nodes, (3) when the network has a high churn rate and (4) when the network size is large. In the future, we plan to continue investigating the following challenges: (1) adding reputation mechanisms to our system; (2) extending the current work and testing the algorithm when the network contains a very large membership, such as millions of nodes; (3) experimenting with scenarios in which nodes move out of bounds. We know that it is critically important to develop such a system before it is needed in order to ensure that it is available when the need arises. FUNDING This research was supported in part by MOST 104-2410-H-194-090-MY2 and MOST 106-2410-H-194-027-MY2 of Ministry of Science and Technology, Taiwan. REFERENCES 1 Chomhaill , T.N. , McKelvey , N. , Curran , K. and Subaginy , N. ( 2015 ) Internet censorship in china. In Khosrow-Pour , M. (ed.) Encyclopedia of Information Science and Technology , pp. 1447 – 1451 . IGI Global , Hershey, PA . 2 Clarke , I. , Sandberg , O. , Wiley , B. and Hong , T. ( 2001 ) Freenet: a distributed anonymous information storage and retrieval system. Proc. Workshop on Design Issues in Anonymity and Unobservability, Berkeley, CA, July, pp. 46–66. Springer. 3 Ferreira , R.A. , Ramanathan , M.K. , Awan , A. , Grama , A. and Jagannathan , S. ( 2005 ) Search with probabilistic guarantees in unstructured peer-to-peer networks. Proc. 5th IEEE Int. Conf. Peer-to-Peer Computing, Konstanz, Germany, August, pp. 165–172. IEEE. 4 Gnutella . (2018). Retrieved from http://en.wikipedia.org/wiki/Gnutella. 5 Isdal , T. , Piatek , M. , Krishnamurthy , A. and Anderson , T. ( 2010 ) Privacy preserving P2P data sharing with OneSwarm. Proc. ACM SIGCOMM Conf., New Delhi, India, September, pp. 111–122. ACM. 6 Terpstra , W.W. , Kangasharju , J. , Leng , C. and Buchmann , A.P. ( 2007 ) Bubblestorm: resilient, probabilistic, and exhaustive peer-to-peer search. Proc. ACM Conf. Applications, Technologies, Architectures and Protocols for Computer Communications, Kyoto, Japan, August, pp. 49–60. ACM. 7 Tran , D.A. and Pham , C. ( 2010 ) Enabling content-based publish/subscribe services in cooperative P2P networks . Comput. Netw. , 52 , 1739 – 1749 . Google Scholar Crossref Search ADS 8 Wong , B. and Guha , S. ( 2008 ) Quasar: a probabilistic publish-subscribe system for social networks. Proc. 7th Int. Workshop on Peer-to-Peer Systems, Tampa Bay, FL, February. USENIX Association. 9 Shah , N. and Qian , D. ( 2011 ) An efficient unstructured p2p overlay over manet using underlying proactive routing. Proc. Seventh Int. Conf. Mobile Ad-hoc and Sensor Networks (MSN), Beijing, China, December, pp. 248–255. IEEE. 10 Sharma , P. , Souza , D. , Fiore , E. , Gottschalk , J. and Marquis , D. ( 2012 ) A case for manet-aware content centric networking of smartphones. Proc. 2012 IEEE Int. Symp. World of Wireless, Mobile and Multimedia Networks (WoWMoM), San Francisco, CA, June, pp. 1–6. IEEE. 11 Ratnasamy , S. , Karp , B. , Shenker , S. , Estrin , D. , Govindan , R. , Yin , L. and Yu , F. ( 2003 ) Data-centric storage in sensornets with GHT: a geographic hash table . Mobile Netw. Appl. , 8 , 427 – 442 . Google Scholar Crossref Search ADS 12 Xu , J. , Tang , X. and Lee , W.-C. ( 2008 ) A new storage scheme for approximate location queries in object-tracking sensor networks . IEEE Trans. Parallel Distrib. Syst. , 19 , 262 – 275 . Google Scholar Crossref Search ADS 13 Demirbas , M. , Lu , X. and Singla , P. ( 2009 ) An in-network querying framework for wireless sensor networks . IEEE Trans. Parallel Distrib. Syst. , 20 , 1202 – 1215 . Google Scholar Crossref Search ADS 14 Li , J. , Jannotti , J. , De Couto , D.S. , Karger , D.R. and Morris , R. ( 2000 ) A scalable location service for geographic ad hoc routing. Proc. 6th Annual Int. Conf. Mobile Computing and Networking, Boston, MA, August, pp. 120–130. ACM. 15 Shen , H. , Zhao , L. and Li , Z. ( 2011 ) A distributed spatial-temporal similarity data storage scheme in wireless sensor networks . IEEE Trans. Mobile Comput. , 10 , 982 – 996 . Google Scholar Crossref Search ADS 16 Chuang , Y.-T. ( 2017 ) Protecting against malicious and selective forwarding attacks for P2P search & retrieval system . Peer-to-Peer Netw. Appl. , 10 , 1079 – 1100 . Google Scholar Crossref Search ADS 17 Chuang , Y.-T. , Yu , C.-Y. and Wu , Q.-W. ( 2018 ) Dslm: a decentralized search for large and mobile networks . J. Supercomput. , 74 , 738 – 767 . Google Scholar Crossref Search ADS 18 Mischke , J. and Stiller , B. ( 2004 ) A methodology for the design of distributed search in P2P middleware . IEEE Netw. , 18 , 30 – 37 . Google Scholar Crossref Search ADS 19 Risson , J. and Moors , T. ( 2006 ) Survey of research towards robust peer-to-peer networks: Search methods . Comput. Netw. , 50 , 3485 – 3521 . Google Scholar Crossref Search ADS 20 Tsoumakos , D. and Roussopoulos , N. ( 2003 ) A comparison of peer-to-peer search methods. Proc. Sixth Int. Workshop on the Web and Databases, San Diego, CA, June, pp. 61–66, Citeseer. 21 Bianchi , S. , Felber , P. and Gradinariu , M. ( 2007 ) Content-based publish/subscribe using distributed r-trees. Proc. Euro-Par, Rennes, France, August, pp. 537–548, Springer. 22 Gupta , A. , Sahin , O. , Agrawal , D. and El Abbadi , A. ( 2004 ) Meghdoot: content-based publish/subscribe over P2P networks. Proc. 5th ACM/IFIP/USENIX Int. Conf. Middleware, Toronto, Canada, October, pp. 254–273, Springer. 23 Shen , H. , Li , Z. and Chen , K. ( 2014 ) A scalable and mobility-resilient data search system for large-scale mobile wireless networks . IEEE Trans. Parallel Distrib. Syst. , 25 , 1124 – 1134 . Google Scholar Crossref Search ADS 24 Perkins , C. , Belding-Royer , E. and Das , S. ( 2003 ) Ad hoc on-demand distance vector (aodv) routing. Retrieved from https://www.rfc-editor.org/info/rfc3561. 25 Andoni , A. and Indyk , P. ( 2008 ) Near-optimal hashing algorithms for near neighbor problem in high dimensions. Communications of the ACM, 51 ( 1 ), 117 – 122 . ACM. 26 Leskovec , J. , Rajaraman , A. and Ullman , J.D. (2014) Mining of massive datasets. Cambridge University Press. 27 Pradittasnee , L. , Camtepe , S. and Tian , Y.-C. ( 2017 ) Efficient route update and maintenance for reliable routing in large-scale sensor networks . IEEE Trans. Ind. Inform. , 13 , 144 – 156 . Google Scholar Crossref Search ADS 28 Pu , L. , Chen , X. , Xu , J. and Fu , X. ( 2016 ) Content retrieval at the edge: a social-aware and named data cooperative framework . IEEE Trans. Emerg. Top. Comput. , (Early Access). 29 Talari , A. and Rahnavard , N. ( 2016 ) Cstorage: decentralized compressive data storage in wireless sensor networks . Ad Hoc Netw. , 37 , 475 – 485 . Google Scholar Crossref Search ADS 30 Yang , H. , Ye , F. and Sikdar , B. ( 2008 ) A swarm-intelligence-based protocol for data acquisition in networks with mobile sinks . IEEE Trans. Mobile Comput. , 7 , 931 – 945 . Google Scholar Crossref Search ADS 31 Fan , K.-W. , Liu , S. and Sinha , P. ( 2008 ) Dynamic forwarding over tree-on-dag for scalable data aggregation in sensor networks . IEEE Trans. Mobile Comput. , 7 , 1271 – 1284 . Google Scholar Crossref Search ADS 32 Lotfinezhad , M. , Liang , B. and Sousa , E.S. ( 2008 ) Adaptive cluster-based data collection in sensor networks with direct sink access . IEEE Trans. Mobile Comput. , 7 , 884 – 897 . Google Scholar Crossref Search ADS 33 Xing , G. , Li , M. , Luo , H. and Jia , X. ( 2009 ) Dynamic multiresolution data dissemination in wireless sensor networks . IEEE Trans. Mobile Comput. , 8 , 1205 – 1220 . Google Scholar Crossref Search ADS 34 Abid , S.A. , Othman , M. and Shah , N. ( 2015 ) A survey on dht-based routing for large-scale mobile ad hoc networks . ACM Comput. Surv. (CSUR) , 47 , 20 . 35 Rangarajan , H. and Garcia-Luna-Aceves , J. ( 2007 ) Efficient use of route requests for loop-free on-demand routing in ad hoc networks . Comput. Netw. , 51 , 1515 – 1529 . Google Scholar Crossref Search ADS 36 Munaretto , A. and Fonseca , M. ( 2007 ) Routing and quality of service support for mobile ad hoc networks . Comput. Netw. , 51 , 3142 – 3156 . Google Scholar Crossref Search ADS 37 Ritchie , L. , Yang , H.-S. , Richa , A.W. and Reisslein , M. ( 2006 ) Cluster overlay broadcast (COB): MANET routing with complexity polynomial in source-destination distance . IEEE Trans. Mobile Comput. , 5 , 653 – 667 . Google Scholar Crossref Search ADS 38 Sivakumar , R. , Sinha , P. and Bharghavan , V. ( 1999 ) Cedar: a core-extraction distributed ad hoc routing algorithm. IEEE J. Selected Areas Commun. , 17 , 1454 – 1465 . 39 Zhao , Y. , Chen , Y. , Li , B. and Zhang , Q. ( 2007 ) Hop id: a virtual coordinate based routing for sparse mobile ad hoc networks . IEEE Trans. Mobile Comput. , 6 , 1075 – 1089 . Google Scholar Crossref Search ADS 40 Cao , Q. and Abdelzaher , T. ( 2006 ) Scalable logical coordinates framework for routing in wireless sensor networks . ACM Trans. Sensor Netw. (TOSN) , 2 , 557 – 593 . Google Scholar Crossref Search ADS 41 Stoica , I. , Morris , R. , Karger , D. , Kaashoek , M.F. and Balakrishnan , H. ( 2001 ) Chord: a scalable peer-to-peer lookup service for Internet applications. Proc. ACM SIGCOMM Conf. Applications, Technologies, Architectures and Protocols for Computer Communications, San Diego, CA, August, pp. 149–160, ACM. 42 Rowstron , A. and Druschel , P. ( 2001 ) Pastry: scalable, decentralized object location, and routing for large-scale peer-to-peer systems. IFIP/ACM Int. Conf. Distributed Systems Platforms and Open Distributed Processing, Heidelberg, Germany, November, pp. 329–350. Springer. 43 Ratnasamy , S. , Francis , P. , Handley , M. , Karp , R. and Shenker , S. ( 2001 ) A Scalable Content-Addressable Network , Vol. 31, No. 4, pp. 161–172. ACM . 44 Zhao , B.Y. , Huang , L. , Stribling , J. , Rhea , S.C. , Joseph , A.D. and Kubiatowicz , J.D. ( 2004 ) Tapestry: a resilient global-scale overlay for service deployment . IEEE J. Selected Areas Commun. , 22 , 41 – 53 . Google Scholar Crossref Search ADS 45 Junhai , L. , Danxia , Y. , Liu , X. and Mingyu , F. ( 2009 ) A survey of multicast routing protocols for mobile ad-hoc networks . IEEE Commun. Surv. Tutorials , 11 , 78 – 91 . Google Scholar Crossref Search ADS 46 Ye , N. and Chen , Q. ( 2001 ) An anomaly detection technique based on a Chi-square statistic for detecting intrusions into information systems . Qual. Reliab. Eng. Int. J. , 17 , 105 – 112 . Google Scholar Crossref Search ADS 47 Zhou , B. , Shi , Q. and Merabti , M. ( 2006 ) Intrusion detection in pervasive networks based on a Chi-square statistic test. Proc. 30th Int. Computer Software and Applications Conf., Chicago, IL, September, pp. 203–208. IEEE. 48 Roberts , S.W. ( 1959 ) Control chart tests based on geometric moving averages . Technometrics , 1 , 239 – 250 . Google Scholar Crossref Search ADS 49 Viinikka , J. and Debar , H. ( 2004 ) Monitoring IDS background noise using EWMA control charts and alert information. Proc. 7th Int. Symp. Recent Advances in Intrusion Detection, French Riviera, France, September, pp. 166–187. Springer. 50 Goonatilake , R. , Herath , A. , Herath , S. and Herath , J. ( 2007 ) Intrusion detection using the Chi-square goodness-of-fit test for information assurance, network, forensics and software security . J. Comput. Sci. Coll. , 23 , 255 – 263 . 51 Belen , R. ( 2009 ) Detecting Disguised Missing Data. PhD Thesis, Middle East Technical University. 52 Heckert , A. ( 2006 ) Chi-square two sample. Tarihinde. Retrieved from https://www.itl.nist.gov/div898/software/dataplot/refman1/auxillar/chi2samp.htm. 53 Press , W.H. , Teukolsky , S.A. , Vetterling , W.T. and Flannery , B.P. ( 2007 ) Numerical Recipes in Fortran: The Art of Scientific Computing. Cambridge University Press , Cambridge, UK . 54 Busse , M. , Haenselmann , T. and Effelsberg , W. ( 2006 ) Energy-efficient forwarding schemes for wireless sensor networks. Proc. 2006 Int. Symp. World of Wireless, Mobile and Multimedia Networks, Washington, DC, June, pp. 125–133. IEEE Computer Society. 55 Gu , Y. and He , T. ( 2007 ) Data forwarding in extremely low duty-cycle sensor networks with unreliable communication links. Proc. 5th Int. Conf. Embedded Networked Sensor Systems, New York, NY, November, pp. 321–334. ACM. 56 Haas , Z.J. , Halpern , J.Y. and Li , L. ( 2006 ) Gossip-based ad hoc routing . IEEE/ACM Trans. Networking (ToN) , 14 , 479 – 491 . Google Scholar Crossref Search ADS 57 Sasson , Y. , Cavin , D. and Schiper , A. ( 2003 ) Probabilistic broadcast for flooding in wireless mobile ad hoc networks. Proc. IEEE Wireless Communications and Networking (WCNC), New Orleans, LA, March, pp. 1124–1130. IEEE. 58 Hedetniemi , S.M. , Hedetniemi , S.T. and Liestman , A.L. ( 1988 ) A survey of gossiping and broadcasting in communication networks . Networks , 18 , 319 – 349 . Google Scholar Crossref Search ADS 59 Chen , X. , Shen , J. , Groves , T. and Wu , J. ( 2009 ) Probability delegation forwarding in delay tolerant networks. Proc. 18th Int. Conf. Computer Communications and Networks (ICCCN), San Francisco, CA, August, pp. 1–6. IEEE. 60 Erramilli , V. , Crovella , M. , Chaintreau , A. and Diot , C. ( 2008 ) Delegation forwarding. Proc. 9th ACM Int. Symp. Mobile Ad hoc Networking and Computing, Hong Kong, China, May, pp. 251–260. ACM. 61 Farley , A.M. ( 1979 ) Minimal broadcast networks . Networks , 9 , 313 – 332 . Google Scholar Crossref Search ADS 62 Farley , A.M. ( 1980 ) Broadcast time in communication networks . SIAM J. Appl. Math. , 39 , 385 – 390 . Google Scholar Crossref Search ADS 63 Deering , S.E. and Cheriton , D.R. ( 1990 ) Multicast routing in datagram internetworks and extended lans . ACM Trans. Comput. Syst. (TOCS) , 8 , 85 – 110 . Google Scholar Crossref Search ADS 64 Moser , L.E. and Melliar-Smith , P.M. ( 2013 ) Probabilistic analysis of message forwarding. Proc. IEEE Int. Conf. Computer Communications and Networks, Nassau, Bahamas, July. IEEE. 65 Lazarevic , A. , Ertoz , L. , Kumar , V. , Ozgur , A. and Srivastava , J. ( 2003 ) A comparative study of anomaly detection schemes in network intrusion detection. Proc. Third SIAM Int. Conf. Data Mining, San Francisco, CA, May, pp. 25–36. SIAM. 66 Hales , D. ( 2004 ) From selfish nodes to cooperative networks—emergent link-based incentives in peer-to-peer networks. Proc. Fourth Int. Conf. Peer-to-Peer Computing, Bologna, Italy, August, pp. 151–158. IEEE. 67 Jesi , G.P. , Hales , D. and Van Steen , M. ( 2007 ) Identifying malicious peers before it’s too late: a decentralized secure peer sampling service. Proc. 1st Int. Conf. Self-Adaptive and Self-Organizing Systems, Boston, MA, July, pp. 237–246. IEEE. 68 Helman , P. and Bhangoo , J. ( 1997 ) A statistically based system for prioritizing information exploration under uncertainty . IEEE Trans. Syst. Man Cybern. A Syst. Hum. , 27 , 449 – 466 . Google Scholar Crossref Search ADS 69 Lee , W. , Stolfo , S.J. et al. ( 1998 ) Data mining approaches for intrusion detection. Usenix security. Proc. 7th USENIX Security Symposium, San Antonio, Texas, January, pp. 79–93. 70 Ghosh , A.K. and Schwartzbard , A. ( 1999 ) A study in using neural networks for anomaly and misuse detection. Proc. 8th USENIX Security Symposium. Washington, DC, August, pp. 141–152. 71 Morselli , R. , Bhattacharjee , B. , Srinivasan , A. and Marsh , M.A. ( 2005 ) Efficient lookup on unstructured topologies. Proc. 24th ACM Symp. Principles of Distributed Computing, Las Vegas, NV, July, pp. 77–86. IEEE. 72 Condie , T. , Kamvar , S.D. and Garcia-Molina , H. ( 2004 ) Adaptive peer-to-peer topologies. Proc. 4th IEEE Int. Conf. Peer-to-Peer Computing, Zurich, Switzerland, August, pp. 53–62. IEEE. 73 Wang , X.-S. , Zhan , Y.-Z. , Xiong , S.-M. and Wang , L.-M. ( 2009 ) Lightweight defense scheme against selective forwarding attacks in wireless sensor networks. Int. Conf. Cyber-Enabled Distributed Computing and Knowledge Discovery, Zhangijajie, China, October, pp. 226–232. IEEE. 74 Alajmi , N. and Elleithy , K. ( 2015 ) Multi-layer approach for the detection of selective forwarding attacks . Sensors , 15 , 29332 – 29345 . Google Scholar Crossref Search ADS PubMed 75 Hai , T.H. and Huh , E.-N. ( 2008 ) Detecting selective forwarding attacks in wireless sensor networks using two-hops neighbor knowledge. Seventh IEEE Int. Symp. Network Computing and Applications, Cambridge, MA, July, pp. 325–331. IEEE. 76 Deng , H. , Sun , X. , Wang , B. and Cao , Y. ( 2009 ) Selective forwarding attack detection using watermark in WSNS. ISECS Int. Colloquium on Computing, Communication, Control, and Management, Sanya, China, August, 2009, pp. 109–113. IEEE. 77 Mathur , A. , Newe , T. and Rao , M. ( 2016 ) Defence against black hole and selective forwarding attacks for medical wsns in the iot . Sensors , 16 , 118 . Google Scholar Crossref Search ADS 78 Yu , B. and Xiao , B. ( 2006 ) Detecting selective forwarding attacks in wireless sensor networks. 20th Int. Parallel and Distributed Processing Symp., pp. 325–331. IEEE. 79 Xiao , B. , Yu , B. and Gao , C. ( 2007 ) Chemas: Identify suspect nodes in selective forwarding attacks . J. Parallel Distrib. Comput. , 67 , 1218 – 1230 . Elsevier. Google Scholar Crossref Search ADS 80 Lee , H.Y. and Cho , T.H. ( 2007 ) Fuzzy-based reliable data delivery for countering selective forwarding in sensor networks. Int. Conf. Ubiquitous Intelligence and Computing, Hong Kong, China, July, pp. 535–544. Springer. 81 Geethu , P. and Rameez Mohammed , A. ( 2013 ) Defense mechanism against selective forwarding attack in wireless sensor networks. 2013 Fourth Int. Conf. Computing, Communications and Networking Technologies (ICCCNT), Tiruchengode, India, July, pp. 1–4. IEEE. 82 Karlof , C. and Wagner , D. ( 2003 ) Secure routing in wireless sensor networks: Attacks and countermeasures . Ad hoc Netw. , 1 , 293 – 315 . Google Scholar Crossref Search ADS 83 Feller , W. ( 1968 ) An Introduction to Probability Theory and Its Applications . New York, John Wiley & Sons . 84 Brownlee , K.A. and Brownlee , K.A. ( 1965 ) Statistical Theory and Methodology in Science and Engineering . Wiley , New York . 85 Melliar-Smith , P.M. , Moser , L.E. , Michel Lombera , I. and Chuang , Y.T. ( 2012 ) iTrust: trustworthy information publication, search and retrieval. Proc. 13th Int. Conf. Distributed Computing and Networking, Hong Kong, China, January, pp. 351–366. Springer. 86 Philips , J. (2018) Data mining. Retrieved from http://www.cs.utah.edu/jeffp/teaching/cs5140.html. 87 Broder , A.Z. , Charikar , M. , Frieze , A.M. and Mitzenmacher , M. ( 2000 ) Min-wise independent permutations. J. Comput. Syst. Sci., 60, 630–659. 88 Leskovec , J. , Rajaraman , A. and Ullman , J.D. ( 2014 ) Mining of Massive Datasets . Cambridge, UK, Cambridge University Press . 89 Mueller , S. , Tsang , R.P. and Ghosal , D. ( 2004 ) Multipath routing in mobile ad hoc networks: issues and challenges. Performance Tools and Applications to Networked Systems, Berlin, Heidelberg, pp. 209–234. Springer. © The British Computer Society 2018. All rights reserved. For permissions, please e-mail: journals.permissions@oup.com This article is published and distributed under the terms of the Oxford University Press, Standard Journals Publication Model (https://academic.oup.com/journals/pages/open_access/funder_policies/chorus/standard_publication_model)
TI - Defense Mechanism for Malicious and Selective Forwarding Attacks in Large and Mobile Wireless Networks
JF - The Computer Journal
DO - 10.1093/comjnl/bxy095
DA - 2018-12-01
UR - https://www.deepdyve.com/lp/oxford-university-press/defense-mechanism-for-malicious-and-selective-forwarding-attacks-in-GuH8hvSpuJ
SP - 1862
VL - 61
IS - 12
DP - DeepDyve
ER -