*2.9.5. CONFIDANT - Cooperation of nodes – Fairness in dynamic ad-hoc networks*

248 Wireless Sensor Networks – Technology and Protocols

increased.

*2.9.3. SeFER - Secure, flexible, and efficient routing protocol* 

operational nodes cannot be prevented or even detected.

considered as misbehaving and the source is notified.

*2.9.4. Watchdog and pathrater* 

SeFER (Secure, flexible, and efficient routing protocol for sensor networks)[67] is based on random key pre-distribution mechanism. This mechanism aims to provide an easy way for managing the keys in WSN without using public key cryptography. The protocol assumes non symmetric communication architecture in which a tree of sensor nodes delivers information to a controller according to an inquiry sent into the network. Two nodes may communicate indirectly, but securely over a multiple hop path where each pair of nodes on this path shares a common key. The protocol provides the methods for nodes to securely share their keys and communicate directly so that the efficiency of communication is

In fact, all previously mentioned protocols are crypto based solutions. They can successfully fight against attacks in which an intruder falsifies his identity to be a relay for the source such as sybil attack. However, other attacks like selective forwarding, blackhole and HELLO flooding are still possible especially when the attack is performed by an insider node or a node compromised by an intruder. Moreover, any misbehavior due to selfishness or faulty

Two extensions to the Dynamic Source Routing (DSR) protocol to mitigate the effects of routing misbehavior in ad-hoc networks were proposed in [6,7], namely the Watchdog and the Pathrater. The watchdog is the monitoring part that is designed to be responsible for detecting only non forwarding misbehavior. This is accomplished by overhearing the transmission of the next node. The node thus is assumed to be in a continuous promiscuous mode. When the attack is detected, the observing node informs the source of the concerned path. In this approach, each node maintains a buffer of recently sent packets; in case the packet is not forwarded on within a certain timeout or the overheard packet is different than the one stored in the buffer, the watchdog increments a failure counter for the node responsible for forwarding the packet. If the counter exceeds a certain threshold, the node is

The pathrater is the component used for reputation. Ratings are kept about every node in the network based on its routing activity and they are updated periodically. Nodes select routes with the highest average node rating. Thus, nodes can avoid misbehaving nodes in their routes as a response. The pathrater combines knowledge of misbehaving nodes with link reliability data to select the route most likely to be reliable. Specifically, each node maintains a rating for every other node it knows about in the network and calculates a path metric by averaging the node ratings in the path, enabling thus the selection of the shortest path in case reliability information is unavailable. Negative path values indicate the existence of one or more misbehaving nodes in the path. If a node is marked as misbehaving due to temporary malfunction or incorrect accusation, a second-chance mechanism is considered, by slowly increasing the ratings of nodes that have negative values or by setting them to a non-negative value after a long-timeout. However, misbehaving nodes can still In [3], the authors proposed CONFIDANT, a routing protocol for MANET with predetermined trust, and later improved it with an adaptive bayesian reputation and trust system and an enhanced passive acknowledge mechanism (PACK) in [68] and [69] respectively. It is a reputation based secure routing framework in which nodes monitor their neighborhood and detect different kinds of misbehavior by means of an enhanced PACK mechanism. The nodes use the second-hand information from others as a resource of rating, as well. The protocol is based on Bayesian estimation that aims to classify other nodes as misbehaving or normal. The observing node excludes misbehaving nodes from the network as a response, by both avoiding them for routing and denying them cooperation.

In this approach, Upon detection of the node's malice, its packets are not forwarded by normally behaving nodes, while it is avoided in case of a routing decision and deleted from a path cache. CONFIDANT architecture comprises 4 components residing on each node: the Monitor, the Reputation System, the Path Manager and the Trust Manager components. The Monitor component enables nodes to detect deviations of the next node on the source route by either listening to the transmission of the next node ("passive acknowledgement") or by observing route protocol behaviour. In order to convey warning information in case of identification of a bad behaviour, an ALARM message is sent to the Trust Manager component, where the source of the message is evaluated. The rating is updated only if there is sufficient evidence of malicious behaviour that is significant for a node and that has occurred a number of times, exceeding a threshold to rule out coincidences (e.g., collisions). Evidence could come either from a node's own experiences through the Monitor system or from the Trust Manager in the form of Alarm messages. Second-hand information is attributed with low significance (by means of a constant weighting factor *w*) with respect to the first-hand information, irrespective of its source node. Local rating lists and/or black lists are maintained at each node and potentially exchanged with friends. Black lists may be used in a route request, so as to avoid bad nodes along the way to the destination or to not handle a request originating from a malicious node and in forward packet requests, so as to avoid forwarding packets for nodes that have bad rating.

The protocol assumes a Dynamic Source Routing (DSR) operational routing protocol and lacks a provision on WSN constraints and conditions as it is designed for general ad hoc networks.
