CHANTS Session 1
An Approach for Black-hole Attack Mitigation
in Disruption-tolerant Ad-hoc Smartphone Networks
Manuel Weißbach
Technische Universität Dresden, Germany
manuel.weissbach@tu-dresden.de
ABSTRACT
When cellular networks collapse (e.g. due to disaster scenar-
ios), it is vital to quickly establish new communication chan-
nels. The worldwide spread of smartphones, which support
multiple communication standards, offers a great potential
to solve this problem with commodity hardware. On the soft-
ware side, Disruption-tolerant Network technologies may
be leveraged to transmit messages between devices, even if
there is no direct connection between them. However, DTNs
are vulnerable to black-hole attacks. Therefore, mechanisms
have to be available to address this problem in order to pro-
vide reliable networks. In this paper, we present a concept for
an ad-hoc smartphone-based DTN which is robust against
packet drop attacks as network nodes are able to identify
attackers and exclude them from the network. The overall
concept has been practically evaluated using an implemen-
tation for the Android platform. Our results show that the
approach is capable to mitigate black-hole attacks effectively
with high detection rate and short convergency time.
KEYWORDS
Disruption-tolerant Networking; black-hole attacks; ad-hoc
networks; security
ACM Reference Format:
Manuel Weißbach and Marius Feldmann. 2018. An Approach for
Black-hole Attack Mitigation in Disruption-tolerant Ad-hoc Smart-
phone Networks. In 13th Workshop on Challenged Networks (CHANTS
’18), October 29, 2018, New Delhi, India. ACM, New York, NY, USA,
6 pages. https://doi.org/10.1145/3264844.3264853
Permission to make digital or hard copies of all or part of this work for
personal or classroom use is granted without fee provided that copies
are not made or distributed for profit or commercial advantage and that
copies bear this notice and the full citation on the first page. Copyrights
for components of this work owned by others than the author(s) must
be honored. Abstracting with credit is permitted. To copy otherwise, or
republish, to post on servers or to redistribute to lists, requires prior specific
permission and/or a fee. Request permissions from permissions@acm.org.
CHANTS ’18, October 29, 2018, New Delhi, India
© 2018 Copyright held by the owner/author(s). Publication rights licensed
to ACM.
ACM ISBN 978-1-4503-5926-9/18/10. . . $15.00
https://doi.org/10.1145/3264844.3264853
19
CHANTS’18, October 29, 2018, New Delhi, India.
Marius Feldmann
Technische Universität Dresden, Germany
marius.feldmann@tu-dresden.de
1 INTRODUCTION
The concept of Disruption-tolerant Networks allows network
nodes to communicate with each other, even though no di-
rect end-to-end path exists between them. The core principle
hereby is that messages are passed via an overlay store-and-
forward network from node to node until they reach the recip-
ient. If some or all nodes change their physical location over
time, the moving nodes get into radio range of further nodes.
During such contact phases, messages can be exchanged, then
buffered by the nodes and later forwarded to other contacts
until they finally reach the target node. This concept was
already used in the past for several challenged networking
solutions including mobile ad-hoc networks [3, 12, 13].
Contacts between individual DTN nodes are often difficult
to predict. To increase the likelihood of delivery, messages
in DTNs are often replicated so that multiple copies of the
same message are in transit. However, since resources such as
bandwidth, message buffer size and contact duration are usu-
ally limited, it is mostly necessary to find a trade-off between
the probability of delivery and resource consumption. Mes-
sage delivery should consume a small amount of resources,
but still deliver the messages reliably. Several routing meth-
ods solve this problem in different ways. Some require nodes
to exchange status information to better estimate contact
probabilities. As a result, fewer duplicates of a message need
to be created to deliver it with a high probability. However,
the strength of these methods is also their weakness when
it comes to security. The fewer duplicates of a message exist,
the easier it is for attackers to disturb or prevent successful
message delivery. Attackers who intentionally drop messages
instead of forwarding them are called black-hole attackers as
they behave like a black-hole in the network that swallows
all messages. When it comes to disaster scenarios or wars,
there may be parties that benefit from broken communication
channels. Therefore it is very important to secure DTN-based
ad-hoc networks against black-hole attacks.
Depending on the existing network structure, there may be
cases in which it is not possible to stop an attacker from influ-
encing the network. This is usually the case when the attacker
node is the only one in the network that has (or just claims to
have) a connection to the message recipient. In other topolo-
gies, alternative routes can be used to bypass the attacker. The
prerequisite for this is that the other network nodes are able to
CHANTS Session 1
Figure 1: Example of a network topology
identify the attacker nodes. In this context, we have developed
a concept for DTN-based mobile ad-hoc networks in which
black-hole attackers can be detected and finally excluded
from message delivery by the routing algorithm. It should
be mentioned again that our work focuses exclusively on ad-
hoc mobile networks. Our system architecture was explicitly
designed for such networks and not for general use in DTNs.
The rest of the paper is organized as follows. Firstly, an
exemplary use case and the considered attacker model are
described to clarify the system requirements. Section 3 sum-
marizes related work. Section 4 introduces the overall system
design as well as the strategy for black-hole attack mitigation.
Section 5 presents our evaluation and Section 6 concludes the
paper with a summary and an outlook for future work.
2 USE CASE AND ATTACKER MODEL
The following scenario is considered: After an earthquake,
all communication networks in the city of Agloe have failed.
As long as the cellular network does not work, the popula-
tion communicates via a DTN-based mobile ad-hoc network.
Fortunately, no one was hurt during the earthquake, but Bob
would like to know if his girlfriend Alice, who lives on the
other side of the city, is okay. Marvin, who is also in love
with Alice and very jealous of Bob, wants to prevent that. He
decides to cut off the communication between Alice and Bob
in order to contact Alice himself and to help her in this emer-
gency situation. He will be her hero while her boyfriend Bob
doesn’t even contact her. To achieve his evil goal, Marvin is go-
ing to attack the ad-hoc network. Figure 1 shows the network
topology, in which Alice is referred to as node A, Bob as node
B and Marvin as node M. Obviously, there are several paths via
which node A can send messages to node B, but the path via
node M is the shortest. Depending on the routing algorithm
used, there are different attack options that node M can use to
prevent the exchange of messages between the nodes A and B.
Assuming that the nodes exchange information about their
contacts and successful message delivery, the malicious node
M could use the following attack patterns to reach its target:
• Dropping all messages: The attacker drops all mes-
sages that are sent to him for forwarding.
• Dropping messages selectively: The attacker inten-
tionally drops only certain messages, for example such
that are addressed to a specific recipient.
• Sending fake delivery receipts: The attacker sends
the information that he has delivered the message suc-
cessfully to the source node of the dropped message.
20
CHANTS’18, October 29, 2018, New Delhi, India.
• Propagating fake connections: The attacker claims
to have (good) connections to all or certain other nodes
to motivate his neighbors to forward messages via him.
Combinations of these attack patterns can be used to define
different types of attacker models, from a “simple” attacker
who drops all messages without interacting with other nodes,
to a “sneaky” attacker who only drops specific messages and
sends faked status information to other nodes. A reliable ad-
hoc network must be able to detect the attacker and exclude
him from the network, regardless of the attacker model used.
3 STATE OF THE ART
Several papers have addressed the mitigation of black-hole at-
tacks [2, 4, 6, 9, 10, 14, 18], and some have even developed con-
cepts suitable for mobile ad-hoc networks [1, 5, 7, 8, 11, 15, 16].
The methods presented in [1, 8, 11, 15] follow the idea that
all or certain nodes can monitor the network traffic of the
neighboring nodes within their radio range to identify mali-
cious behavior in different ways. All these approaches have in
common that they only provide good detection results when
the mobile ad-hoc network has a high node density, which can-
not be guaranteed in real-world scenarios. Furthermore, some
of them do not take into account that the nodes monitoring
the network could themselves be attackers or behave selfishly.
In [16] “Combined Faith Values” have been introduced and
later revised in [5] to form a collaborative evaluation system.
Before a node transmits a message to another node, it asks its
neighbors for their faith values for the target node in order to
assess its trustworthiness. This approach works only for the
spray and wait routing protocol and does not include a concept
to prevent nodes from giving fake ratings for their neighbors.
Another extension of the spray and wait protocol is pre-
sented in [7]. For each message sent, a number of allowed
duplicates is specified, then these duplicates are distributed
only to those nodes from which one has received the most mes-
sages. Using this concept, attackers who only drop messages
selectively cannot be detected. According to [5], this is more
suitable for stabilizing the network than for detecting attacks.
All the concepts examined are limited to certain routing
methods, require a very high node density, ignore selfish
nodes or address a single specific problem without consider-
ing the whole attacker model. As a result, there remain gaps
that attackers can exploit to undermine the security concept.
Therefore, none of the approaches has been designed for the
discussed scenario.
4 CONCEPT
4.1 System Architecture and Functionality
In order to establish an ad-hoc smartphone-based DTN which
is robust against packet drop attacks, a specific system archi-
tecture and data processing approach has been specified. The
CHANTS Session 1
underlying design can be used as a blueprint for mobile appli-
cations that allow the detection of blackhole attacks. Figure 2
shows the overall system architecture as well as the assumed
message and information processing flow.1 The architecture
is built upon five coarse-grained components:
(1) GUI : Provides means to the user for creating and send-
ing messages.
(2) Connection management: Discovers further nodes and
exchanges contact information for deriving an up-to-
date overall topology plan.
(3) Message processing: Routes and temporarily stores mes-
sages sent or forwarded by the node. Provides methods
to track transmitted messages within the network.
(4) Security management: Handles management of public
and private keys and verifies messages and connections.
(5) Statistics: Tracks statistics about contact probabilities
and calculates a reliability value for each known node.
To explain the interactions within this architecture, message
transmission and reception is discussed in the following.
For the purpose of message and control data transmission,
each node owns a public/private key pair. The public key is
made available to every further node, e.g. via broadcast. It is as-
sumed that attacks on this key distribution approach can be de-
tected due to inconsistencies in the provided public keys. The
overall communication in the network is specified as follows.
After the user has entered a message and selected a receiv-
ing node from the list of known nodes, the message is handed
over to the routing subsystem. Routing is done based on both
the known network topology plan and the calculated reliabil-
ity values for the other network nodes. After selecting the best
available route, which has the highest overall reliability and
contains only nodes with a reliability value above a specific
threshold, the message is passed on to the security subsystem.
Using the node’s private key, the message is signed and
transmitted via the contact management to the next node on
the calculated path. After receiving, the neighboring node
passes the message to its security subsystem, which checks
the validity of the signatures from all the nodes that previ-
ously forwarded and signed the message. Furthermore, the
statistics subsystem is informed about the new message.
Before a node routes the incoming message to the next node,
it sends an acknowledgement to the neighbor that passed the
message over. All the nodes that forward the message sign
it (including all existing signatures) and route it as described.
The final recipient of the message not only sends an acknowl-
edgement to the transmitting neighbor, but also to the sender
of the message, if that’s not the same node. This acknowledge-
ment is routed through the network like a normal message.
Using the signatures and acknowledgements, message drop-
ping can be localized and verified all over the network.
1 A more detailed description of our system architecture can be found in [17].
21
CHANTS’18, October 29, 2018, New Delhi, India.
4.2 Topology plan and Contact prediction
The topological information is built from so called connec-
tion proofs. Every node establishing a connection with any
other node generates essential information about this connec-
tion and broadcasts this information into the network. These
connection proof messages contain essentially: the MAC ad-
dresses of the connected nodes, current timestamps from both
nodes, the duration of former identical connections and the
amount of exchanged messages and acknowledgments, infor-
mation inconsistencies (such as different amount of transmit-
ted messages) detected for former connections. Besides this,
a specific value counting security incidents assumed during
former connections between both nodes is exchanged. If both
connecting peers agree on the same values during connection
establishment, they both sign the data and broadcast it to the
network. The other network nodes only add the propagated
connection to their topology plan if they receive the double-
signed connection proof from both nodes and only keep it in
the plan as long as both connected nodes broadcast the corre-
sponding connection proof in regular intervals. This prevents
attackers from claiming to have connections that do not exist.
Besides the plain topological information, a scoring value
sv is derived for each link to a known node that is currently not
connected. This value is later on used to rank paths to or via not
connected nodes in an appropriate manner. As basis for calcu-
lating this value, connection proof data is analyzed. The node
with the longest connection duration is selected and the link
between this node and the disconnected one is provided with
sv =s M AX where s M AX is the maximal scoring value specified
by configuration. Based on the determined longest connection
time, a linearly scaled value derived from the respective con-
nection duration is assigned to the links of the further nodes
that had been connected to the currently disconnected node.
4.3 Message tracing
If a message has not been acknowledged before a timeout
is reached, a message tracing message is transmitted by the
node waiting for the acknowledgement to the neighbor it
has previously passed the lost message to. Each node on the
path to the message’s destination will answer this tracing
message with a confirmation if it has forwarded the message
successfully. Afterwards, it forwards the tracing message to
the node to which it has previously passed the lost message.
The tracing message is thereby routed independently and can
be delivered on a different path than the original message. In
order to prove reception by the next node n+1 on the path, the
former acknowledgement of this node n+1 is embedded into
the confirmation message of node n. Due to this approach, ma-
licious behavior can be narrowed down within the network.
Thus, each node that can prove that it has passed the message
successfully to a neighbor is not assumed to be an attacker.
CHANTS Session 1
Figure 2: System architecture and processing flow
If a node’s routing algorithm decides that a message should
not be forwarded immediately but buffered, it sends a corre-
sponding notification to the sender of the message to let the
sender know where the message is stored currently. Using the
topology plan, the sender can then monitor when his message
could be forwarded and, if necessary, send a tracing message.
4.4 Node reliability score
Due to broadcasting of the connection proofs, each network
node gets statistics about the communication for each estab-
lished connection and calculates a reliability value for all other focused node. Considered misbehavior is an implementation
nodes based on three ratios derived from these statistic:
(1) qd : Ratio of the messages successfully transmitted di-
rectly via a currently existing connection to the node.
(2) qp : Ratio of the messages successfully transmitted di-
rectly via former connections to the node.
(3) qi : Ratio of the messages successfully transmitted indi-
rectly via other nodes to the node.
Thus, e.g. qd is calculated using the amount of messages
DMSGSENn sent directly to the neighboring node and the
amount of acknowledges DACKRECn received from this node
for these messages via formula 1.
ÍN DAC K RECn
n=1 DM SGS E N n
qd = (1)
N
The further two ratios are calculated in the same manner.
Using these three ratios, a node’s reliability value is finally
calculated using formula 2.
r = (fd ∗qd + fi ∗qi + fp ∗qp )∗(1−pn )c n ∗(1−ps )c s (2)
22
CHANTS’18, October 29, 2018, New Delhi, India.
The three ratios are weighted using the factors fd , fi and fp
with fd + fi + fp = 1. The overall score is reduced by the penalty
values pn and ps for each medium criticality (pn ) and high criti-
cality (ps ) security issue detected for the addressed node. Both
values have to be provided by configuration with ps >pn . The
penalty values are taken into account c n and c s times with
c n representing the amount of detected medium criticality
security issues and c s representing the amount of the high
criticality security issues, respectively. The detected security
issues are associated with an assumed misbehavior of the
matter. As medium criticality issues may be considered:
• Message has been transmitted with wrong signature
• Acknowledgement contains a wrong hashsum
• Huge information difference value in a connection proof
As highly criticality issues may be considered:
• Node is made responsible for dropping a message
• Node has changed a locally issued message signature
4.5 Routing
The next hop for message delivery is determined as follows:
(1) All nodes having a reliability value below a specific
threshold are removed from the overall set of nodes
taken into account during the further steps.
(2) The paths to the destination node are determined using
the topology resulting from the first step.
(3) Using the product of the nodes’ reliability values and the
future contact probabilities of currently not connected
nodes, an overall rank value is assigned to each path.
CHANTS Session 1
Figure 3: Screenshot of the Android application
(4) The first node of the highest ranked path is selected, and
the message is transmitted to this node as stated above.
Due to this approach, links to currently connected nodes
do not reduce the overall path rank because their validity has
been confirmed bidirectionally by both participating nodes.
5 EVALUATION
5.1 Evaluation approach and scenario
The overall concept has been implemented as an Android ap-
plication and tested using Android 4.3 to 8.0 devices. The app
uses Bluetooth sockets for the direct communication between
two nodes. Broadcasts are realized by transmitting (and for-
warding) messages to all connected neighbors. Figure 3 shows
a screenshot of the developed application. More precise, data
provided by the statistics component (see 4.1) is displayed.
The considered node has a rating of 0,71 due to six detected
security issues of normal criticality. Due to involvement in
many regular message exchanges specifically with directly
connected nodes, the overall rating is not fully spoiled.
Besides the possibility to build ad-hoc networks between
physical devices, our application offers a simulation mode to
simulate networks made of virtual nodes. For test purposes,
virtual nodes can act as attackers, with each individual node
having a concrete malicious behavior assigned.
To analyze the effectiveness of the approach and the in-
tensity of false-positive penalties, extensive tests were per-
formed on the basis of various (dynamically changing) net-
work topologies. In doing so, both simulated networks and
networks of physical mobile devices were considered.
The results presented in the following have been gathered
using the topology shown in figure 1. In the discussed scenario,
a timeout for acknowledgements of 5 seconds has been used,
23
CHANTS’18, October 29, 2018, New Delhi, India.
connection proofs and node statistics have been broadcasted
every 5 seconds. Furthermore, pn used in formula 2 has been
set to 0.05 and ps has been set to 0.1. The three weighting
factors fd , fi and fp have been set to 13 . The only (critical) se-
curity issue considered in the scenario was message dropping.
The attacking node M has dropped all messages it received. In
our test, messages were generated randomly by every node
in an interval between 2 to 4 seconds.
5.2 Evaluation results and discussion
Figure 4 shows the reliability score calculated by node A for
the nodes C, E and M depending on the times in seconds since
the simulation started. The two nodes C and E have been se-
lected as exemplary neighbor nodes that may suffer from false-
positive penalties. Due to a step by step creation of the overall
network, node A has a path to node M after 11 seconds only.
As figure 4 shows, the attacking node has a rating of less than
0.4 after a bit more than 30 seconds of total simulation time
(thus, 20 seconds after node A has learned about its existence).
Though, the reliability rating of the attacker briefly fluctuates
in the beginning, drops soon and stays on a low level after-
wards. Thus, the node is not considered during route selection
by node A anymore. Interesting to observe is the attacker’s
impact on the ratings of the nodes C and E. As node E has four
direct neighbors in total, its reliability score is not constantly
influenced by the attacker’s malicious behavior. Though, the
score briefly drops, the node is directly rehabilitated again.
This shows the strength of the approach (even in small net-
works) when there is solid connectivity of individual nodes.
However, it is also evident that node C is intensively penalized.
It has less neighbors than node E and is part of every path to
node H. Due to these topological aspects, the behavior of the
attacker has a quite huge influence on its reliability rating.
It is planned to further investigate the effects of the attacks
on the attacker’s neighbouring nodes and to introduce mech-
anisms to correct their reliability rating once an attacker has
been identified. Based on the briefly described findings and
further experiments, the core contribution of the approach
presented here can be summarized as follows:
(1) The approach is capable to detect malicious nodes after
only a few messages exchanges.
(2) It fulfills the core requirement to detect black-hole at-
tacks (even in small networks). The solution can be
applied even if only nine or less nodes are present.
(3) False-positive penalties depend on the connectivity of
single nodes and if they are part of alternative paths.
The third mentioned aspect can be easily avoided by a minor
extension to the discussed approach: As soon as the reliability
score of a node drops below a given threshold (e.g. 0.2), it is re-
moved from the network. Thus, the reliability scores of all fur-
ther nodes will increase again as long as they behave correctly.
CHANTS Session 1
Figure 4: Reliability scores of node C, E and M
6 SUMMARY AND OUTLOOK
To provide a robust DTN-based ad-hoc network, it is essential
to protect it against packet drop attacks. This requires not just
considering single attack patterns, but entire attacker models.
In this paper, we have presented a concept that leverages asym-
metric cryptography and is capable to detect the misbehaviour
of network nodes, to identify attackers and exclude them from
the network. We evaluated the approach extensively with
real and simulated networks. Our investigations have shown
that the concept effectively detects attacks and that attackers
can be identified after just a few dropped messages. If there
are alternative routes available with nodes that have better
reliability values than the attacker, the introduced routing
algorithm decides to abandon the attacker’s route immedi-
ately after the first dropped message. It is feasible to extend
the concept with further security mechanisms to increase the
stability of the network in certain situations. For example, the
parameters used to rate the reliability could be dynamically
adjusted at runtime. It is also conceivable to identify certain
patterns in the reliability values of neighboring nodes to iden-
tify attackers even more precisely and to protect the reliability
values of their neighboring nodes from being downgraded. In
addition, the performance of the approach (especially with
regard to delay, delivery rate and overhead) is to be measured.
REFERENCES
[1] P. Asuquo, H. Cruickshank, C. P. A. Ogah, A. Lei, and Z. Sun.
2016. A collaborative trust management scheme for emergency
communication using delay tolerant networks. In 2016 8th Ad-
vanced Satellite Multimedia Systems Conference and the 14th Signal
Processing for Space Communications Workshop (ASMS/SPSC). 1–6.
https://doi.org/10.1109/ASMS-SPSC.2016.7601469
[2] Abderrahmane Baadache and Ali Belmehdi. 2012. Fighting Against
Packet Dropping Misbehavior in Multi-hop Wireless Ad Hoc
Networks. J. Netw. Comput. Appl. 35, 3 (May 2012), 1130–1139.
https://doi.org/10.1016/j.jnca.2011.12.012
[3] C. Caini, P. Cornice, R. Firrincieli, M. Livini, and D. Lacamera. 2010.
DTN meets smartphones: Future prospects and tests. In IEEE 5th
International Symposium on Wireless Pervasive Computing 2010.
355–360. https://doi.org/10.1109/ISWPC.2010.5483772
24
CHANTS’18, October 29, 2018, New Delhi, India.
[4] M. Chuah, P. Yang, and J. Han. 2007. A Ferry-based Intrusion
Detection Scheme for Sparsely Connected Ad Hoc Networks.
In 2007 Fourth Annual International Conference on Mobile and
Ubiquitous Systems: Networking Services (MobiQuitous). 1–8.
https://doi.org/10.1109/MOBIQ.2007.4451068
[5] A. K. Gupta, I. Bhattacharya, P. S. Banerjee, and J. K. Mandal. 2014.
A Co-operative Approach to Thwart Selfish and Black-Hole Attacks
in DTN for Post Disaster Scenario. In 2014 Fourth International
Conference of Emerging Applications of Information Technology. 113–118.
https://doi.org/10.1109/EAIT.2014.24
[6] Garima Gupta, Preeti Nagrath, Sandhya Aneja, and Neelima Gupta.
2012. Reference Based Approach to Mitigate Blackhole Attacks in
Delay Tolerant Networks. In Proceedings of the 8H ACM Symposium on
QoS and Security for Wireless and Mobile Networks (Q2SWinet ’12). ACM,
New York, NY, USA, 85–88. https://doi.org/10.1145/2387218.2387237
[7] A. A. Hinai, H. Zhang, and Y. Chen. 2012. Mitigating Blackhole Attacks
in Delay Tolerant Networks. In 2012 13th International Conference
on Parallel and Distributed Computing, Applications and Technologies.
329–334. https://doi.org/10.1109/PDCAT.2012.95
[8] Yi-an Huang and Wenke Lee. 2003. A Cooperative Intrusion Detection
System for Ad Hoc Networks. In Proceedings of the 1st ACM Workshop
on Security of Ad Hoc and Sensor Networks (SASN ’03). ACM, New York,
NY, USA, 135–147. https://doi.org/10.1145/986858.986877
[9] F. Li, J. Wu, and A. Srinivasan. 2009. Thwarting Blackhole Attacks in
Disruption-Tolerant Networks using Encounter Tickets. In IEEE INFO-
COM 2009. 2428–2436. https://doi.org/10.1109/INFCOM.2009.5062170
[10] Q. Li, S. Zhu, and G. Cao. 2010. Routing in Socially Selfish De-
lay Tolerant Networks. In 2010 Proceedings IEEE INFOCOM. 1–9.
https://doi.org/10.1109/INFCOM.2010.5462138
[11] Sergio Marti, T. J. Giuli, Kevin Lai, and Mary Baker. 2000. Mitigating
Routing Misbehavior in Mobile Ad Hoc Networks. In Proceedings
of the 6th Annual International Conference on Mobile Computing
and Networking (MobiCom ’00). ACM, New York, NY, USA, 255–265.
https://doi.org/10.1145/345910.345955
[12] Hervé Ntareme, Marco Zennaro, and Björn Pehrson. 2011. Delay
Tolerant Network on Smartphones: Applications for Communication
Challenged Areas. In Proceedings of the 3rd Extreme Conference on Com-
munication: The Amazon Expedition (ExtremeCom ’11). ACM, New York,
NY, USA, Article 14, 6 pages. https://doi.org/10.1145/2414393.2414407
[13] L. Pelusi, A. Passarella, and M. Conti. 2006. Opportunistic net-
working: data forwarding in disconnected mobile ad hoc networks.
IEEE Communications Magazine 44, 11 (November 2006), 134–141.
https://doi.org/10.1109/MCOM.2006.248176
[14] Y. Ren, M. C. Chuah, J. Yang, and Y. Chen. 2010. MUTON: De-
tecting Malicious Nodes in Disruption-Tolerant Networks. In 2010
IEEE Wireless Communication and Networking Conference. 1–6.
https://doi.org/10.1109/WCNC.2010.5506574
[15] Ming-Yang Su, Kun-Lin Chiang, and Wei-Cheng Liao. 2010. Mitigation
of Black-Hole Nodes in Mobile Ad Hoc Networks. In Proceedings of
the International Symposium on Parallel and Distributed Processing with
Applications (ISPA ’10). IEEE Computer Society, Washington, DC, USA,
162–167. https://doi.org/10.1109/ISPA.2010.74
[16] Shuchita Upadhyaya and Karishma. [n. d.]. A Co-operative Mechanism
to Contrast Black-hole Attacks in Delay Tolerant Networks. IOSR
Journal of Computer Engineering.
[17] Manuel Weißbach. 2017. Ein Ansatz für ad-hoc Disruption-tolerant
Networks auf Android-Basis. Diploma thesis. Technische Universität
Dresden, Germany.
[18] G. Wu, J. Wang, L. Yao, and C. Lin. 2013. A Secure Social-Aware
Incentive Scheme for Delay Tolerant Networks. In 2013 12th IEEE
International Conference on Trust, Security and Privacy in Computing and
Communications. 813–820. https://doi.org/10.1109/TrustCom.2013.99