Mobile Ad-Hoc Networks: Protocol Design
552
A standard AODV request message is 48 bytes and a reply message is 44 bytes. The DITD
model uses request message of 60 bytes and reply messages of 56 bytes. Therefore, DITD
increases the routing control packet size by 12 bytes. DITD’s routing control packets contain
trust associated variables and flags to trigger back-tracked certificate distribution. The DITD
certificate control packets are 508 bytes in size as they included a 450 byte certificate. It is
noted that making the routing and certificate control packets separate and independent
from each other has a greater impact on reducing the per byte packet overhead. This
independency allows for concurrent processing of packets which is optimal in a fully
distributive ad hoc network.


Fig. 14. Control packet overhead for highly mobile network (0 second pause time)


Fig.15. Control packet overhead for partially stable network (250 second pause time)
0
50
100
150
200
250
300
350
0 10203040
Packets x 10
3
Speed (m/s)
AODV: pausetime = 0s

DITD: pausetime = 0s
0
50
100
150
200
250
300
350
0 10203040
Packets x10
3
Speed (m/s)
AODV: pausetime = 250s
DITD: pausetime = 250s
552
Mobile Ad-Hoc Networks: Protocol Design
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
553
End-to-End Delay
The average end-to-end delay results are presented in Figure 16 and Figure 17. It is observed
that the DITD model delivers packets with more delay than AODV. The additional delay is
attributed to the transmission delay, the packet queuing delay, and the processing delay of
additional certificate control packets. The processing delay includes verification. A
conventional certificate distribution scheme that follows the route discovery process would
require that certificates be verified before the routing packets are forwarded. DITD performs
verifications independent of the routing procedure. The request route is established
following the route request message RREQ to the destination and DITD performs
verifications independently without hindering the propagation of the RREQ message.





Fig. 16. Average end-to-end delay for highly mobile network (0 second pause time)
DITD uses back-track verification to minimize the number of verifications performed on the
reply route which follows the reply message RREP toward the source. Hass and Pearlman
[Haas & Pearlman, 2001] propose a solution which performs all verifications on the reply
route. This method minimizes the nuns performed in a networks lifetime but results in
delayed establishment of routes. If ECC (elliptic curve cryptography) type keys are used the
verification process could take up to 16 ms per verification [Zapata, 2006] such a delay is
unrealistic for multi hop routes requiring verification. DITD’s approach attempts to
minimize the delay incurred.
c. Trust Evaluation Results
In order to test the performance of the security evaluation scheme, a black hole attack was
simulated to show that DITD’s security evaluation scheme excludes malicious nodes from
trust and route establishment protecting the network from black hole type attacks. A black
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
0 10203040
Average Delay (s)

Speed (m/s)
AODV: pausetime = 0s
DITD: pausetime = 0s
553
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
Mobile Ad-Hoc Networks: Protocol Design
554
hole adversary model was designed on the ns-2.31 link layer (LL) which lies below the
routing layer. Modifications were made to the link layer agent ll.cc to simulate a black hole
attack. Each packet sent by the routing layer is checked at the link layer, the adversary
model silently drops all data packets while still allowing routing packets to be passed. This
creates the affect of a black hole attack. A second black hole adversary model was
implemented which includes a rushing type attack. The rushing attack was implemented by
allowing adversary nodes to forward routing packets immediately, removing the small jitter
delay that AODV implements. AODV uses this small delay to reduce the number of
collisions and ensure the shortest path is selected. The rushing attack gives an adversary
node a time advantage over normal nodes resulting in the adversary node becoming part of
considerably more routes.





Fig. 17. Average end-to-end delay for partially stable network (250 second pause time)
The same simulation scenario and traffic model was used to analyse the black hole attack.
The mobility was fixed with a pause time of 0 seconds and three speeds were investigated
(0.1m/s, 5m/s and 20m/s). A 50 node network was simulated with 6 different attack
scenarios. The attack scenarios were created by varying the number of black hole adversary
nodes added by 0 to10. Figure 18 shows the nam simulation file for a simulation scenario

with 10 adversary nodes. Each scenario was averaged over 10 seeds resulting in 720
iterations for the security evaluation scheme analysis. The black hole attack aims to drop
data packets and reduce the networks throughput. The effects of a black hole and rushing
attack are analysed using the packet delivery ratio performance metric.
0
0.1
0.2
0.3
0.4
0.5
0.6
0.7
0.8
0.9
1
0 10203040
Average Delay (s)
Speed (m/s)
AODV: pausetime = 250s
DITD: pausetime = 250s
554
Mobile Ad-Hoc Networks: Protocol Design
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
555

Black hole adversary node
Trusted node
Fig. 18. Sample nam simulation of black hole network simulation
Packet delivery

A black hole type problem is implemented to simulate the success of DITD’s security
evaluation scheme. The scenario assumes weighted nodes carry a security metric which
identifies fault detection or data transmission errors carried out by a monitoring system at
each node. An example of such a system is found in [Buchegger & Boudec, 2002]. The
weighted nodes are used to establish a weighted trust graph where each edge or route
carries a trust calculated by DITD’s security evaluation scheme. The effects of the black hole
attack upon AODV and DITD are compared in Figure 37 and Figure 38. It is observed that
as the number of adversary nodes increases the packet delivery ratio for the AODV model
decreases. The AODV model is vulnerable to black hole attacks and in the presence of 10
adversary nodes the packet delivery ratio is below 65%. The reduction in throughput is
expected as more data packets will be dropped by the presence of many adversary nodes.
DITD avoids the adversary nodes by implicitly excluding these nodes during route
establishment. The success of the protocol at low speeds is presented in Figure 19 and it is
observed that even in presence of 10 adversary nodes the packet delivery ratio is not less
than 90%. Figure 38 presents the success of the DITD model at a higher mobility of 20m/s.
The DITD model prevents the severe effects of black hole attacks showing better results
when 4 and greater than 4 adversary nodes are present. There is approximately a 10%
decrease in packet delivery ratio when compared to the low mobility scenario in Figure 19.
This reduction in packet delivery ratio is attributed to the increase in link breakages
apparent at higher speeds and the overhead incurred from the certificate exchange protocol.
The results of DITD in Figure 20 correlate to the packet delivery ratio at 20m/s in Figure 12.
A rushing attack was included for the simulations presented in Figure 21 and Figure 22. An
adversary node equipped with a rushing type attack will participate in more routes
maximising the effect of its attack. Figure 21 and Figure 22 show that when adversary nodes
employ a rushing attack the effects of the black hole attack are maximised. The packet
555
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
Mobile Ad-Hoc Networks: Protocol Design
556

delivery ratio of the AODV protocol is dropped to 40% when 10 adversary nodes are
present. This is considerably less when compared to the 60-65% packet delivery ratio that
AODV experiences under the same conditions with a standalone black hole attack. The
results of DITD under rushing attacks are unnoticeable when compared to DITD with no
rushing attacks. For low speeds, DITD provides a throughput rate of above 90% even in the
presence of 10 adversary nodes.


Figure 19: Packet Delivery Ratio for slow moving network under black hole attack
DITD provides a security scheme that excludes malicious nodes from participating in
trusted routes, therefore preventing black hole attacks and a number of other attacks
targeting the network layer. The inclusion of this trust evaluation scheme allows the
distribution of certificates to operate in the most trusted routing environment.


Fig. 20. Packet Delivery Ratio for fast moving network under black hole attack
0
10
20
30
40
50
60
70
80
90
100
024681012
Packets x103
Speed (m/s)

AODV: speed = 0.1m/s
AODV: speed = 5m/s
DITD: speed = 0.1m/s
0
20
40
60
80
100
024681012
PDR %
Speed (m/s)
AODV: speed = 20m/s
DITD: speed = 20m/s
556
Mobile Ad-Hoc Networks: Protocol Design
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
557
4.4 Design verification
The DITD model, in relation to the design requirements stated in Section-2.3, will now be
discussed. These requirements are based on the environment and functionality. The design
requirements are briefly revisited throughout the discussion that follows.
a. Environment
The DITD model is required to operate on the network layer in an on-demand, fully
distributive, self-organized manner. Implementation was performed on the network layer,
which avoided multi-layer design problems. The simulation environment is set-up with no
TTP member. This is similar to the way in which a certificate authority and network nodes are
responsible for their own routing and trust establishment. The successful operation of DITD in
the given environment is proven through simulation results, as presented in Section-6.

DITD is self-organized in nature. However, it is noted that DITD assumes the nodes are able
to create their own keying material prior to joining the network. Self-certificates provide a
strong binding between a user’s key and a unique identity. The generation of keying
material without the presence of a TTP is a complex problem. Solutions exist based on
identity-based key generation [Shamir, 1984] [Weimerkirch & Westhoff, 2003]. The author
suggests that further research in this area is carried out.


Fig. 21. Packet Delivery Ratio for slow moving network under black hole rush attack
b. Functionality
Certificate distribution is a requirement of the DITD model. DITD provides the distribution
of keying material in the form of self-certificates. Local certificate exchanges are made
between one-hop neighbors, which create direct trust relations. These direct trust relations
are chained together to share certificates across multi-hop channels.
The DITD model assumes the existence of a weighted conduct value at each node. This
allows the initial direct trust relations to have meaning. If this information is not available,
direct trust relationship need to be established over a location-limited channel to ensure
security, similar to infrared. Proximity based solutions are used in [Capkun et al, 2006]
[Scannell et al, 2009]. DITD’s simulation model assumes the availability of conduct
information. Certificates are observed in the trace table as they are successfully transmitted
to their desired destinations.
0
20
40
60
80
100
024681012
PDR %
Speed (m/s)

AODV: speed = 0.1m/s
AODV: speed = 5m/s
DITD: speed = 0.1m/s
557
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
Mobile Ad-Hoc Networks: Protocol Design
558
A second design requirement is that DITD must minimize the network overhead. The DITD
model distributes certificates which use separate unicast certificate control packets. The
certificates are triggered by the routing control packets. In comparison to AODV, DITD has
an approximate 38% increase in control packets for highly mobile, high speed networks.
The routing control packet size is increased by 12 bytes to include trust information and
certificate control packets are 508 bytes in size. These packets result in a serve control packet
overhead. The effects upon performance are reduced by: independency; concurrent
processing; and back-track verification. Despite the significant control packet overhead,
DITD merely reduces the packet delivery ratio by a 0-10% gap when compared to AODV.
This reduction is notable if compared to a convention certificate distribution method, which
increases the routing control packets by 450 bytes and results in over 50% reduction in
packet delivery ratio. The performance of DITD is improved with more stable networks
which have a higher pause time.
Simulations show that as the speed of nodes increase, the network performance decrease, as
a result of a rapidly changing topology and increased link breakages. Simulations also show
that mobility aids certificate distribution. However, DITD is not reliant on mobility and can
still successfully operate in low speed and stationary type networks. This allows DITD to
meet the requirement to provide secure communication at the start of the network lifetime.
Solutions in [Capkun et al, 2006] [Tanabe & Aida, 2007] depend on mobility to establish
trust and expect an initial time delay before trust is established. DITD provides secure
communication in a reactive manner without a significant time delay. DITD is not limited
by mobility, as it shows high throughput rates for low speed and stationary network

environments.
DITD is required to be robust in spite of changing topologies. The simulations presented in
Section- 6 were performed under varied pause times and speeds. This helped the
investigation of the performance of DITD under varying topology environments. The
simulation results show that DITD is robust in the presence of changing mobility, which will
inherently have frequent routing failures. As mentioned above, DITD only reduces the
throughput by a 0-10% gap across for changing topologies. It was observed that the DITD


Fig. 22. Packet Delivery Ratio for fast moving network under black hole rush attack
0
20
40
60
80
100
024681012
PDR %
Speed (m/s)
AODV: speed = 20m/s
DITD: speed = 20m/s
558
Mobile Ad-Hoc Networks: Protocol Design
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
559
model has an approximate 0.7 second end-to-end delay (0.4 seconds greater than AODV) for
high speed, highly mobile networks. This indicates that DITD is not feasible to use for audio
application, in highly mobile network environments. DITD’s average end-to-end delay is
reduced to 0.35 seconds (0.2 more than AODV) in a more stable network environment,

which is within acceptable limits for audio application.
The last functional requirement was the inclusion of trust evaluation scheme. The trust
evaluation scheme allows for the most trusted route to be selected and for malicious nodes
to be excluded from route participation. The success of the scheme is present in its
prevention against black hole attacks. Simulations show that a black hole attack of 10
adversary nodes causes a 35-40% reduction in packet delivery for the AODV routing
protocol. DITD avoids black hole and rushing attacks by excluding malicious nodes. In low
speed networks DITD achieves a 90-95% throughput rate in the presence of 10 adversary
nodes.
5. Contribution and future work
5.1 Summary of contribution
Mobile ad hoc networks allow for a new set of applications that benefit from the dynamic,
autonomous, and spontaneous mobile nature, inherent to these networks. However, the
very qualities that make these networks so attractive also provide designers with new
security challenges.
The focus of this work is upon trust establishment in mobile ad hoc network. This work
contributes to the body of work in the following ways:
x Background knowledge on mobile ad hoc networks is presented. Their application in
the military and commercial arena is investigated. A review of security attacks is
present. Such attacks include: black hole attacks; wormhole attacks; eavesdropping
attacks; byzantine attacks; resource consumption attacks; and routing table poisoning.
The author identifies that mobile ad hoc networks are most vulnerable to network layer
attacks and focus is placed on trust establishment on the network layer.
x Providing a comprehensive survey on the existing key management solutions for
mobile ad hoc networks. The solutions are intended for different types of ad hoc
networks and therefore their comparison is difficult. The solutions that are investigated
are:
x Off-line Trusted Third Party Models
x Partially Distributed Certificate Authority
x Fully Distributed Certificate Authority

x Cluster based Model
x Proximity-based Identification
x Self Issued Certificate Chaining
A discussion of the functionality and characteristics of each approach is presented. The
self-issued certificate model is identified as providing the lowest level of pre-
configuration and off-line trusted third party (TTP) involvement.
x A secure ad hoc routing survey. This work is vital to understanding trust establishment
on the network layer. The following solutions are presented:
x SEAD: Secure Efficient Ad Hoc Distance Vector Routing Protocol
x Ariadne: A secure on-demand routing protocol for ad hoc networks
559
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
Mobile Ad-Hoc Networks: Protocol Design
560
x ARAN: Authenticated Routing for Ad Hoc Networks
x SAODV: Secure Ad hoc On-demand Distance Vector (SAODV)
x SLSP: Secure Link-state routing
x ODSBR: On-Demand Secure Routing Byzantine Resilient Routing Protocol
x CONFIDANT: Reputation based solution
A comparative summary is presented focusing upon the security analysis and
operational requirements of each solution. The Ariadne, ARAN, SAODV, OSRP and
CONFIDANT are designed for on-demand ad hoc routing. All the protocols
investigated, except the CONFIDANT protocol, assumption pre-existing key
relationships or the presence of a key management system to perform the tasks of key
distribution and maintenance. The CONFIDANT protocol avoids key management by
establishing trust based solely on conduct. This part of the dissertation identifies an
open research field in area of key management on the routing layer of mobile ad hoc
networks.
x Presenting a novel security solution for mobile ad hoc networks. The solution is called

Direct Indirect Trust Distribution (DITD) and is designed for an on-demand, fully
distributive, self-organized, mobile ad hoc network. The scheme provides key
distribution in the form of separate unicast certificate exchanges. The certificate
exchange packets are independent from the routing control packets allow route
establishment to operate concurrently but independently from trust establishment. A
trust evaluation scheme is proposed that allows conduct based trust to influence to
selection of routes and implicitly exclude malicious attacking nodes. This scheme
allows the keying information to be distributed in a more secure manner.
x A comprehensive simulation study compares the performance of DITD and AODV, the
protocol on which DITD is based. Simulation results show that under changing
topologies DITD provides successful certificate distribution and trust evaluation with a
minimal throughput reduction of 0-10%. Simulations show that DITD does not rely on
mobility to distribute certificates and still performs in low speed communication
networks. A black hole and rushing attack adversary model is designed on the link
layer. Simulations show that DITD is successful in excluding malicious nodes from
participating in route and trust establishment. The work simulation results and the
discussions show that the proposed model can be implemented with low complexity
and provides the functionality of key distribution and security evaluation with trivial
effects on the network performance.
5.2 Future work
Future development will be made to enhance the DITD protocol, to further minimise the
performance overhead. Future work includes the implementation of a load balancing agent
to compliment and optimize the efficiency of DITD’s key management.
The proposed model is not a standalone security solution. Future work includes the
integration of the DITD scheme with a secure ad hoc routing protocol to realize a complete
security system.
The key management tasks are key distribution, key generation, key maintenance and key
revocation [Menezes et al, 1996b]. The DITD model addresses key distribution assuming
that keys are generated by participating nodes. The generation of a secure certificate binding
between a node and its public key is difficult without the presence of a trusted third party.

560
Mobile Ad-Hoc Networks: Protocol Design
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
561
Furthermore, the effects adversary nodes with multiple identities performing Sybil attacks is
a problem that is difficult to solve.
Trust evaluation schemes require that trust evidence be made available. Trust establishment
is made up of the following services: gathering, generation, discovery and evaluation of
trust evidence. This dissertation focuses upon the trust evaluation. Future work includes the
gathering and interpreting of trust evidence by using local network monitors.
Mobile ad hoc cluster based networks has found increasing application in the military
sector. Efficient and secure cluster based key management is a open research area to be
investigated in the future.
6. References
[Abdul-Rahman, 1997] A. Abdul-Rahman, "The PGP trust model," EDI-Forum: The Journal of
Electronic Commerce, vol. 10, pp. 27-31, 1997.
[Aram et al, 2003] K. Aram, K. Jonathan, and A. A. William, "Toward Secure Key
Distribution in Truly Ad-Hoc Networks," in Proceedings of the 2003 Symposium on
Applications and the Internet Workshops (SAINT'03 Workshops): IEEE Computer
Society, 2003.
[Awerbuch et al, 2002] B. Awerbuch, D. Holmer, C. Nita-Rotaru, and H. Rubens, "An on-
demand secure routing protocol resilient to byzantine failures," in Proceedings of the
1st ACM workshop on Wireless security Atlanta, GA, USA: ACM, 2002.
[Awerbuch et al, 2008 B. Awerbuch, R. Curtmola, D. Holmer, C. Nita-Rotaru, and H.
Rubens, "ODSBR: An on-demand secure Byzantine resilient routing protocol for
wireless ad hoc networks," ACM Trans. Inf. Syst. Secur., vol. 10, pp. 1-35, 2008.
[Basagni et al, 2001] S. Basagni, K. Herrin, D. Bruschi, and E. Rosti, "Secure pebblenets," in
Proceedings of the 2nd ACM international symposium on Mobile ad hoc networking
\& computing Long Beach, CA, USA: ACM, 2001.

[Broch, 1998] J. Broch, D. A. Maltz, D. B. Johnson, Y C. Hu, and J. Jetcheva, "A performance
comparison of multi-hop wireless ad hoc network routing protocols," in Proceedings
of the 4th annual ACM/IEEE international conference on Mobile computing and
networking Dallas, Texas, United States: ACM, 1998.
[Bruce, 2003] S. Bruce, Beyond Fear: Thinking Sensibly about Security in an Uncertain World:
Springer-Verlag New York, Inc., 2003.
[Buchegger & Boudec, 2002] S. Buchegger and J Y. L. Boudec, "Performance analysis of the
CONFIDANT protocol," in Proceedings of the 3rd ACM international symposium on
Mobile ad hoc networking \& computing Lausanne, Switzerland: ACM, 2002.
[Capkun et al., 2003] S. Capkun, L. Butty, and J P. Hubaux, "Self-Organized Public-Key
Management for Mobile Ad Hoc Networks," IEEE Transactions on Mobile
Computing, vol. 2, pp. 52-64, 2003.
[Capkun et al, 2006] S. Capkun, L. Buttyan, and J P. Hubaux, "Mobility Helps Peer-to-Peer
Security," IEEE Transactions on Mobile Computing, vol. 5, pp. 43-51, 2006.
[Chor et al, 1985] B. Chor, S. Goldwasser, S. Micali, and B. Awerbuch, "Verifiable secret
sharing and achieving simultaneity in the presence of faults (extended abstract),"
proc. 26th IEEE Annual Symposium on Foundations of Computer Science, October, 21-23
1985.
561
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
Mobile Ad-Hoc Networks: Protocol Design
562
[Davis, 2004] C. R. Davis, "A localized trust management scheme for ad hoc networks. ," In:
3
rd
International Conference on Networking (ICN’04), pp. 671–675, 2004.
[Desmendt & Jajodia, 1997] Y. Desmedt and S. Jajodia, "Redistributing Secret Shares to New
Access Structures and Its Applications," Department of Information and Software
Engineering, School of Information Technology and Engineering, George Mason

University, Technical ReportJuly 1997.
[Douceur, 2002] J. R. Douceur, "The Sybil Attack," in Revised Papers from the First
International Workshop on Peer-to-Peer Systems: Springer-Verlag, 2002.
[Eschenauer & Gligor, 2002] L. Eschenauer and V. D. Gligor, "A Key-Management Scheme
for Distributed Sensor Networks," proc. 9th ACM Conf. on Computer and
Communication Security (ACM CCS'02), November, 17-21 2002.
[Frankel et al, 1997] Y. Frankel, P. Gemmell, D. MacKenzie, and M. Yung, "Optimal
resilience proactive public key cryptosystems," proc. 38th Annual Symposium on
Foundations of Computer Science (FOCS '97), October, 19-22 1997.
[Grandison, 2003] T. Grandison, "Trust Management for Internet Applications," Imperial
College London, 2003.
[Haas & Pearlman, 2001] Haas Z.J. and M. R. Pearlman, "The performance of query control
schemes for the zone routing protocol," IEEE/ACM Trans. Netw., vol. 9, pp. 427-438,
2001.
[Hu et al, 2002] Hu Y.C., D. B. Johnson, and A. Perrig, "SEAD: Secure Efficient Distance
Vector Routing for Mobile Wireless Ad Hoc Networks," in Proceedings of the Fourth
IEEE Workshop on Mobile Computing Systems and Applications: IEEE Computer
Society, 2002.
[Hu et al, 2003b] Hu Y.C., A. Perrig, and D. B. Johnson, "Packet leashes: a defense against
wormhole attacks in wireless networks," in INFOCOM 2003. Twenty-Second Annual
Joint Conference of the IEEE Computer and Communications Societies. IEEE. vol. 3, 2003,
pp. 1976-1986 vol.3.
[Hu et al, 2005] Hu Y.C., A. Perrig, and D. B. Johnson, "Ariadne: a secure on-demand
routing protocol for ad hoc networks," Wirel. Netw., vol. 11, pp. 21-38, 2005.
[http://2007] "The Network Simulator," ver 2.31, Available at 2007.
[Johnson et al, 2001] Johnson D.B., D. A. Maltz, and J. Broch, "DSR: The Dynamic Source
Routing Protocol for Multi-Hop Wireless Ad Hoc Networks," in In Ad Hoc
Networking, edited by Charles E. Perkins, Chapter 5, 2001, pp. 139-172.
[Ke et al, 2000] Ke Q., I. David, D. Maltz, and D. B. Johnson, "Emulation of Multi-Hop
Wireless Ad Hoc Networks," in in The 7th International Workshop on Mobile

Multimedia Communications (MoMuC, 2000.
[Kiess&Mauve, 2007] Kiess W. and M. Mauve, "A survey on real-world implementations of
mobile ad-hoc networks," Ad Hoc Netw., vol. 5, pp. 324-339, 2007.
[Kscischang et al, 2001] Kschischang F.R., B. J. Frey, and H A. Loeliger, "Factor graphs and
the sum-product algorithm," IEEE Transactions on Information Theory, vol. 47, pp.
498-519, 2001.
[Menezes et al, 1996a] Menezes A., P. van Oorschot, and S. Vanstone, Handbook in Applied
Cryptography: CRC Press, 1996.
562
Mobile Ad-Hoc Networks: Protocol Design
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
563
[Menezes et al, 1996b] Menezes A.J., S. A. Vanstone, and P. C. V. Oorschot, Handbook of
Applied Cryptography: CRC Press, Inc., 1996.
[Mohri, 2002] Mohri M., "Semiring frameworks and algorithms for shortest-distance
problems," J. Autom. Lang. Comb., vol. 7, pp. 321-350, 2002
[Navidi, 2004] Navidi W., "Stationary Distributions for the Random Waypoint Mobility
Model," IEEE Transactions on Mobile Computing, vol. 3, pp. 99-108, 2004.
[Papadimitratos & Hass, 2002] Papadimitratos P. and Z. J. Haas, "Secure Routing for Mobile
Ad Hoc Networks," in proc. SCS Communication Network and Distributed System
Modeling and Simulation Conf. (CNDS'02), 2002.
[Papadimitratos & Hass, 2003] Papadimitratos P. and Z. J. Haas, "Secure Link State Routing
for Mobile Ad Hoc Networks," in Proceedings of the 2003 Symposium on Applications
and the Internet Workshops (SAINT'03 Workshops): IEEE Computer Society, 2003.
[Perkins & Bhagwat, 1994] Perkins C.E. and P. Bhagwat, "Highly dynamic Destination-
Sequenced Distance-Vector routing (DSDV) for mobile computers," SIGCOMM
Comput. Commun. Rev., vol. 24, pp. 234-244, 1994.
[Perkins et al, 2003] Perkins C., E. Belding-Royer, and S. Das, Ad hoc On-Demand Distance
Vector (AODV) Routing: RFC Editor, 2003.

[Perrig et al, 2001] Perrig A., R. Canetti, D. Song, and D. Tygar, "Efficient and Secure Source
Authentication for Multicast," Network and Distributed System Security
Symposium (NDSS'01), 2001.
[Publications FIP, 2008] F. I. P. S. Publications, "Secure Hash Standard (SHS)," National
Institute of Standards and TechnologyOctober 2008.
[Rivest, 1992] Rivest R., The MD5 Message-Digest Algorithm: RFC Editor, 1992
[Sanzgiri et al, 2002] Sanzgiri K., B. Dahill, B. N. Levine, C. Shields, and E. M. Belding-Royer,
"A Secure Routing Protocol for Ad Hoc Networks," in Proceedings of the 10th IEEE
International Conference on Network Protocols: IEEE Computer Society, 2002.
[Scannell et al, 2009] Scannell A., A. Varshavsky, A. LaMarca, and E. D. Lara, "Proximity-
based authentication of mobile devices," Int. J. Secur. Netw., vol. 4, pp. 4-16, 2009.
[Shamir, 1984] Shamir A., "Identity-Based Cryptosystems and Signature Schemes," in proc.
Advances in Cryptology: Crypto'84, 1984.
[Stalling, 2003] Stallings W., Cryptography and Network Security: Principles and Practices:
Prentice Hall, 2003.
[Stephan Eichler, 2006] Stephan Eichler C.R., "Challenges of Secure Routing in MANETs: A
Simulative Approach using AODV-SEC," in Mobile Adhoc and Sensor Systems
(MASS), 2006 IEEE International Conference on, 2006.
[Tanabe & Aida, 2007] Tanabe M. and M. Aida, "Secure communication method in mobile
wireless networks," in Proceedings of the 1st international conference on MOBILe
Wireless MiddleWARE, Operating Systems, and Applications Innsbruck, Austria: ICST
(Institute for Computer Sciences, Social-Informatics and Telecommunications
Engineering), 2007.
[Theodorakopoulos & Baras, 2006] Theodorakopoulos G. and J. S. Baras, "On Trust Models
and Trust Evaluation Metrics for Ad-Hoc Networks," IEEE Journal on Selected Areas
in Communications, vol. 24, pp. 318-328, 2006 2006.
563
Trust Establishment in Mobile Ad Hoc Networks:
Direct Trust Distribution-Performance and Simulation
Mobile Ad-Hoc Networks: Protocol Design

564
[Tseng et al, 2003] Tseng C.Y., P. Balasubramanyam, C. Ko, R. Limprasittiporn, J. Rowe, and
K. Levitt, "A specification-based intrusion detection system for AODV," in
Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks Fairfax,
Virginia: ACM, 2003.
[Weimerkirch & Westhoff, 2003] Weimerskirch A. and D. Westhoff, "Identity Certified
Authentication for Ad-hoc Networks," in proc. 1st ACM workshop on Security of ad
hoc and sensor networks, 2003.
[Zapata, 2002] Zapata M.G., "Secure ad hoc on-demand distance vector routing,"
SIGMOBILE Mob. Comput. Commun. Rev., vol. 6, pp. 106-107, 2002.
[Zapata, 2006] Zapata M.G., "Key management and delayed verification for ad hoc
networks," J. High Speed Netw., vol. 15, pp. 93-109, 2006.
[Zeng et al, 1998] Zeng X., R. Bagrodia, and M. Gerla, "GloMoSim: a Library for Parallel
Simulation for Large-scale Wireless Networks," in proc. 12th Workshop on Parallel
and Distributed Simulations (PADS '98), 1998.
564
Mobile Ad-Hoc Networks: Protocol Design
26
Data Delivery in Delay Tolerant Networks:
A Survey
Shyam Kapadia
1
, Bhaskar Krishnamachari
2
and Lin Zhang
3

1
Cisco Systems Inc., San Jose, CA
2

Department of Computer Science, Department of Electrical Engineering, University of
Southern California, Los Angeles, CA
3
Department of Electronic Engineering, Tsinghua University, Beijing
1,2
USA
3
China
1. Introduction
Delay-Tolerant Networks (Fall (2003)), also called disruption tolerant networks (DTNs),
represent a fairly new networking paradigm that allows inter-connection between devices
that current networking technology cannot provide. There are a wide variety of networks
where an end-to-end connection between a given source and destination may never be
present. Consequently, traditional routing protocols cannot be directly applied in these
scenarios for delivering data. However, if one were to take the graph formed by the nodes
based on their connectivity dictated by their radio range and consider the overlap not only
over space but also time then there is a high likelihood that the network will appear as a
single connected component. So while at any given instant, the network may not be
connected, it may still be possible to route data from a source to a destination. DTNs are
sometimes also called Intermittently-Connected Mobile Networks (ICMNs). The primary
goal in such networks is to get the information from a source to the destination; these
networks can tolerate a relatively higher delay.
A wide variety of ”challenged” networks fall under this category ranging from outer-space
networks, under-water networks, wireless sensor networks, vehicular networks, sparse
mobile ad-hoc networks etc. Students moving about in a college campus (Hsu & Helmy
(2006)), or buses moving about in a small metropolitan area (Burgess et al. (2006)), or a
wireless sensor network with some mobile nodes (Shah et al. (2003); Juang et al. (2002))
acting as relays to assist in the data-collection phase provide representative examples of
DTNs.
This chapter strives to provide a survey of some of the most relevant studies that have

appeared in the domain of data delivery in delay tolerant networks. First, we introduce
some fundamental challenges that are unique to DTNs. Then we present the major
parameters of interest that various proposed routing solutions have considered, examples
include end-to-end delay, throughput, mobility model of the nodes, energy efficiency,
storage etc. Subsequently, we provide a classification of various approaches to routing in
DTNs and pigeon-hole the major studies that have appeared in the last few years into the
classified categories.
Mobile Ad-Hoc Networks: Protocol Design

566
2. Challenges
In Delay-tolerant networks, at any given time instant, the network may not be connected.
Data is delivered in a DTN using a store-carry-forward model. Nodes in the network relay
data from source to the destination, where existing nodes in the network relay the data from
the source to the destination, in one or more hops, such that each node along the path
receives the data from the previous node and stores it locally. This node then carries the
data for a while, and upon contact with other nodes, forwards the data. In this way, the data
is finally delivered to the destination.
Whenever two nodes are in the vicinity of one another, they may exchange data, such an
opportunity is termed as a contact or encounter. In other words, a link is established between
these pair of nodes. This link is time-sensitive in that it is only valid for the duration when
the nodes are in range of one another. If one or both nodes move away, then this link is
broken. Moreover, at a time, there can be multiple links between a pair of nodes. For
example, in case of 2 cell phones in vicinity, there can be a high-bandwidth peer-to-peer link
(WiFi, IEEE 802.11 a/b/g) as well as a low bandwidth (EDGE/GPRS) link present
simultaneously. In that sense, the connectivity of a DTN can be modeled as a time-varying
multigraph. In the following, we enlist some of the unique challenges present in DTNs as
compared to traditional networks.
2.1 Encounter schedule
In order to deliver data from a given source to a destination, the source node can wait till it

encounters the destination node and then deliver the data directly to it. However,
depending on the particular setting, this may take a long time and may not even happen. If
the source node was an oracle and a priori it had information about the encounters between
every pair of nodes, then it can pre-calculate and determine the best path or best set of nodes
to forward its information in order to reach the destination node (Jain et al. (2004);
Ghandeharizadeh et al. (2006)). In most practical scenarios, the schedules of encounters may
not be known a priori. Even if the schedules are known to some extent, there may be errors
and consequently, routing should be able to adapt and still deliver data to the destination. In
the extreme case, where the mobility pattern of the nodes is random leading to memoryless
encounter schedules, no assumptions can be made about the node contact pattern. Hence,
the mobility model of the nodes is an important parameter that determines how the nodes
will encounter one another. While a random walk based mobility model has been
considered in a number of DTN studies due to its amenability to analysis, DTNs comprising
vehicles or students have been shown to follow a community-based mobility model (Hsu &
Helmy (2006)).
2.2 Network capacity
In general, the duration of an encounter as well as the link bandwidth dictate the amount of
data that can be exchanged between a pair of nodes. Another factor is contention in the
presence of multiple nodes trying to send data during a given encounter. This may also
determine whether a message from a source to a destination needs to be fragmented.
2.3 Storage
During an encounter, nodes may decide to exchange all their information. However, if the
nodes are storage-constrained, eventually, the node buffer will be exceeded resulting in data
Data Delivery in Delay Tolerant Networks: A Survey

567
loss. Consequently, the naive approach of exchanging all data on an encounter may not
scale or be applicable in all application settings. Intelligent schemes that restrict the number
of copies of a given data item in the DTN, as well as schemes that trigger deletion of stale
data (data already delivered to the destination of interest) are needed to efficiently utilize

node storage. If the network is formed of nodes that have heterogenous capacities where
some nodes are more powerful and less resource-constrained compared to others then this
can be leveraged to design a better data delivery strategy for such a DTN.
2.4 Energy
DTNs span a wide spectrum of application settings. Transmission and reception of data as
well as computation incurs power. In some settings, such as battery operated wireless
sensor networks, the resources may be highly constrained where it is important to take into
account the residual energy of a node while determining whether to exchange data during
an encounter. However, in other settings, such as vehicular networks, the constraints on
power may not be as severe. Data delivery techniques for DTNs should be able to adapt to
such a wide range of scenarios.
3. Metrics of interest
The vast majority of the routing schemes for delay tolerant networks aim at optimizing a
few metrics that affect their system performance. These are summarized below.
3.1 Message delivery ratio
This metric captures the number of successful deliveries in a DTN. In other words, how
many packets (or messages) generated by various sources were delivered to their intended
destinations in the network setting under consideration. Note that a message may be
associated with a delivery deadline. If this message is not delivered within an acceptable
amount of time specified by this deadline then it is considered a failed delivery. A modified
definition of the delivery ratio is the fraction of the messages correctly delivered to their
destinations within a specified period.
3.2 Delay
While the applications are able to tolerate larger delays in a DTN, as long as packets are
delivered to their intended destinations, this is a metric of interest which should be
optimized. Most DTN routing approaches aim to optimize both the delivery ratio as well as
the delay. Consider an example scenario in a college campus where a professor wishes to
broadcast a change in the timing of a lecture to all students or an executive trying to
communicate the change in the time of an upcoming meeting. In both cases, the message is
only valid if communicated before the start of the event (lecture or meeting). Consequently,

while the delay in DTNs does not need to be instantaneous, the goal should be to keep it as
short as possible subject to resource constraints.
3.3 Number of replicas
The efficiency of a data delivery mechanism generally improves as additional copies of a
packet are generated and transported by various relays. However, the increase in the
probability of data delivery comes at the cost of increase in the storage requirement at the
Mobile Ad-Hoc Networks: Protocol Design

568
individual nodes of a DTN. Hence, the number of replicas is an auxiliary metric that
accompanies the delay and packet delivery ratio to provide an all-round indication of the
performance of a given data delivery mechanism in a DTN.
3.4 Energy/Power
Usually the energy expended to achieve a given data delivery ratio and average delay is a
function of the total number of transmissions and receptions incurred by all the
participating nodes. This should include the energy expended due to idle receptions as well
as computation (for example, aggregation etc.). Most studies employ the number of packet
transmissions as an indicator of this metric. This metric is sometimes difficult to quantify
especially in cases where nodes have heterogenous resources. Also, energy may not be a big
concern in some application scenarios such as in the case of vehicular networks.
4. Data delivery mechanisms
In this section, we have classified routing schemes for DTNs into a small number of
categories based on their characteristics.
4.1 Epidemic routing schemes
One of the earliest and probably the simplest protocols proposed for data delivery in DTNs
is epidemic routing (Vahdat & Becker (2000)). The idea is whenever two nodes encounter
one another they will exchange all the messages they currently carry with each other. At the
end of the encounter, both will possess the same set of messages. As this process continues,
eventually, every node will be able to send information to every other node. So the packets
are basically flooded through the network much like the spread of a viral epidemic. This

represents the fastest possible way in which information can be disseminated in a network
with unlimited storage and unlimited bandwidth constraints. This scheme requires no
knowledge about the network or the nodes. However, in most practical scenarios, such a
scheme will result in inefficient use of the network resources such as power, bandwidth, and
buffer at each node. Moreover, messages may continue to exist in the network even after
they have been delivered to the destination. Epidemic routing serves as the baseline for
comparison for most of the DTN routing schemes.
Davis et al. (2001) improved the basic epidemic scheme with the introduction of adaptive
dropping policies. They restrict the size of the buffer at each node so that it can only store
the top K packets that are sorted in accordance with a dropping policy. They explore four
types of drop strategies, including Drop-Random (DRA), Drop-Least-Recently-Received
(DLR), Drop-Oldest (DOA) and Drop-Least-Encountered (DLE). Their simulation results
show that DLE and DOA yield the best performance. DLE seeks to drop packets based on
information about node location and movement while DOA drops packets that have been in
the network the longest relying on the premise that the globally oldest packets are the ones
that are likely to have already been delivered to their intended destinations.
Harras et al. (2005) propose a set of strategies for controlled flooding in DTNs. These include
schemes that have a Time-To-Live (TTL) as well as an expiry time associated with every
message. In addition, once a message is delivered to the destination, a healing process is
started to ’cure’ the network of the stale copies of this message. This is similar to the concept
of ”death certificates” proposed earlier in the context of replicated database maintenance
Data Delivery in Delay Tolerant Networks: A Survey

569
(Demers et al. (1987)). All these improvements reduce the resource consumption of epidemic
routing while having little impact on the average delivery delay. An aggressive death
certification scheme has been shown to reduce the storage required at each node (Small &
Haas (2005)) but the tradeoff is that such a scheme will consume more transmissions (Harras
& Almeroth (2006)) although it can be used to provide a notion of reliable message delivery
in DTNs.

4.2 Direct-contact schemes
This data delivery scheme is one of the simplest possible where a source delivers a packet to
a destination when it comes in direct-contact. In other words, the source waits till it comes in
radio range of the destination and then directly delivers the packet to the same. This scheme
does not consume any additional resources and makes no additional copies of the data.
However, the major limitation is that the delivery delay can be extremely large and in many
cases the source and the destination may never come in direct-contact of each other.
Perhaps the earliest incarnation of direct-contact based delivery schemes for DTNs is the
well-known infostation model (Frenkiel et al. (2000)). The idea is that infostations are
deployed at certain locations providing smaller “islands” of coverage which service the
needs of data-intensive mobile nodes as they pass by. This approach serves to maximize the
capacity of wireless data systems while reducing the cost of the services provided. The
authors present a capacity-delay-cost trade-off for the infostation model for both one-
dimensional and two-dimensional systems. In wireless sensor networks, a wide variety of
application scenarios involve mobile sink nodes collecting sensed data from sensors
deployed in a field. The sensors themselves may be static or mobile and are independent
sensing entities. In ZebraNet (Juang et al. (2002)), data sensed by sensors attached to zebras
is collected by humans as they drive by in a vehicle. In the context of vehicular networks,
Kapadia et al. (2009) have also employed direct-contact based data delivery. They present
comparative performance of a family of replication strategies that determine the number of
replicas for a given data item based on its popularity.
Shared Wireless Infostation Model (SWIM Small & Haas (2003)), represents a hybrid scheme
that extends the concept of an infostation through information sharing between nodes. The
idea is that the nodes, in this case sensors attached to whales, collect data that is shared
among themselves via replication and diffusion employing an epidemic routing like scheme
when two sensors are in the vicinity of one another. Subsequently, when the whales come to
the surface, the collected data is relayed to a small number of static on-shore base-stations.
By allowing the sensor nodes to share data, the capacity requirements at the individual
nodes goes up; however, the delay until one of the replicas reaches an infostation reduces.
The authors examine this fundamental capacity delay tradeoff in the context of a real-world

application.
4.3 One-hop relay schemes
In this scheme, the source delivers a packet to an intermediate node, aka relay, which in turn
delivers the same to the destination. Compared to direct-contact, this scheme only incurs an
overhead of one additional copy of a packet. A large number of application scenarios have
employed this scheme for successful data delivery. The mobility of the relay node may be
controlled or random. With Data Mules (Shah et al. (2003)), intermediate carriers that follow
a random walk mobility model are used to carry data from static sensors to base-stations.
Mobile Ad-Hoc Networks: Protocol Design

570
The individual sensor nodes transfer their data to the mule when it comes in radio range
and the collected data is in turn delivered to the sinks. The study shows that by increasing
the buffer capacity of the mules, fewer mules can service a sensor network albeit at the cost
of a higher data delivery delay.
In DakNet (Pentland et al. (2004)), vehicles loaded with Mobile Access Points (MAPs) are
used to transport data between village kiosks and centralized internet hubs. This represents
one of the earliest practical applications of deploying wireless technology, specifically IEEE
802.11, also documented as the first national e-governance initiative in India related to
computerizing land records in rural areas. Message Ferries (Zhao & Ammar (2003)) capture
a more generalized scenario where the movement of the ferries can be controlled to carry
data from a source node to a destination node. The initial proposal for ferries assumed that
the nodes had limited resources, were stationary, and consequently were not burdened with
the routing functionality. However, in follow-up works, the authors (Zhao et al. (2004;
2005)) extend the scheme to networks with mobile nodes and multiple ferries. This scheme
requires online collaboration between the ferries and mobile nodes. The nodes need to
proactively move so as to intersect with the path chosen by the ferries to transfer data to the
latter. This assumption in turn was relaxed in a recent study (Bin Tariq et al. (2006)) where
the message ferry routes were designed based on the mobility model of the nodes and
probabilistic node locations.

4.4 Routing based on knowledge oracles
Jain et al. (2004) present a family of algorithms for routing in delay tolerant networks based
on the presence of knowledge oracles. They model the DTN as a directed multigraph with
time-varying edge costs, based on propagation delay and edge capacity. The various
knowledge oracles considered provide information about the following (a) all future
contacts of nodes such as time of contact, duration of contact, bandwidth available for
information exchange during contact, (b) the future traffic-demand of the nodes, (c) the
instantaneous queue sizes at each node. Using information from one or more oracles,
various algorithms have been designed to send data from a source to a destination along a
single path using either source-routing or local-per-hop routing. The authors have extended
Dijkstra’s shortest path algorithm to use time-varying edge costs. The performance of
algorithms has been evaluated via simulations using a discrete-event simulator. The authors
also present a linear programming formulation that uses all the oracles to determine the
optimal routing for minimizing average delay in the network. The solution to this
optimization serves a base-line optimum. The results indicate that as algorithms are fed
more knowledge from the oracles, they provide better performance. However, in most
practical settings, where the future traffic demand and global instantaneous queue
knowledge may not be easily available, algorithms making per-hop decisions based on local
knowledge can route around congestions and provide a good performance.
In reality, complete knowledge of contact schedules may not always be available.
Additionally, the schedules may be imprecise and unpredictable. Jones et al. (2005) extend
some of the algorithms presented above to compute the edge costs based on a sliding
window of observed connectivity. They argue that an approach that defers the routing
decision as late as possible thereby allowing forwarding based on the most recent
information is better suited for DTNs. They introduce the concept of per-contact routing
where nodes frequently recompute their routing table, similar to a traditional link-state
routing protocol, whenever contact is made with another node. This routing information is
Data Delivery in Delay Tolerant Networks: A Survey

571

then redistributed through the network using an epidemic routing like protocol thereby
allowing nodes to take advantage of opportunistic connectivity and recompute routing for
each message stored in the message buffer. The authors show that this scheme shows
superior performance compared to epidemic routing as well as other schemes employing
wireless LAN traces of a student population collected from a college campus.
A variant of the earliest-delivery algorithm proposed above, has been employed in the
context of data delivery in vehicular networks by the Zebroids (Ghandeharizadeh et al.
(2006)) study. The idea is that the source has knowledge of the contacts between the vehicles
for a certain limited duration in the near future and based on this schedule, it determines the
delivery path of the packet via one or more carrier vehicles. The vehicles themselves have
storage constraints. Consequently while accepting a packet from its predecessor, if the
vehicle’s buffer is full, it employs a replacement policy to determine which packet must be
evicted to accommodate the new one. The authors evaluate a wide variety of replacement
policies and conclude that a policy that decides eviction candidates randomly provides
competent performance. This study also validates the performance of the proposed scheme
based on real-world encounter traces gathered from a small bus network in and around a
college campus (Burgess et al. (2006)).
Approximate knowledge of the trajectory of the nodes has also been employed to deliver data
in dynamic disconnected ad-hoc networks (Li & Rus (2000)). Given this information, the
authors present an algorithm to pro-actively change the trajectory of intermediate nodes in
order to deliver data between hosts. The goal is to minimize trajectory modifications while
getting the message across as fast as possible. The authors present an analytical framework to
prove the optimality of their proposed optimal relay path calculation algorithm.
4.5 Location-based schemes
In certain scenarios, the nodes may be aware of their location which can be used for
opportunistic forwarding in DTNs. The location information may be known in either a
physical (for example, from GPS devices attached to nodes or through a location service) or
a virtual coordinate space (designed to represent network topology taking obstacles into
account). On an encounter, a node forwards data to another node only if it is closer to the
destination. Hence, location-based routing is a form of greedy, geographical-based routing

(Takagi & Kleinrock (1984)). This minimal information is enough to perform routing and
deliver data to the destinations. Hence, location-based schemes are fairly efficient in that
they avoid the need to maintain any routing tables or exchange any additional control
information between the nodes. These schemes have a well-known limitation where they
suffer from a local minima phenomenon. Approaches such as perimeter forwarding (Karp &
Kung (2000)) have been suggested to address this limitation.
The MoVe scheme (LeBrun et al. (2005)) employs information about the motion vectors of
the mobile nodes in addition to the location information to perform routing in DTNs. Given
the location and relative node velocity information, the scheme calculates the closest
distance a mobile node is predicted to get to the destination when following its current
trajectory. So a node only forwards to a neighbor if the neighbor is predicted to be moving
toward the destination and getting closer to the destination than itself. The location-based
routing algorithms are shown to outperform others based on realistic mobility traces
obtained from GPS data collected from buses in the San Francisco MUNI system.
Leguay et al. (2006; 2005) propose a framework for routing in DTNs, called MobySpace,
where each node is represented by a point in a multi-dimensional Euclidean virtual space.
Mobile Ad-Hoc Networks: Protocol Design

572
Routing is done by forwarding messages toward nodes that have mobility patterns that are
more and more similar to the mobility pattern of the destination. The authors demonstrate
the feasibility of this framework through an example in which each dimension represents
the probability for a node to be found in a particular location. Real world mobility traces
(Henderson et al. (2004); Balazinska & Castro (2003)) of users show that the distribution of
the probabilities of visit to locations as well as session durations generally follow a power
law distribution. This property can be efficiently utilized by such a routing scheme. The
results show that this scheme can bring benefits in terms of enhanced message delivery and
reduced communication costs when compared with epidemic routing.
4.6 Gradient-based schemes
In gradient-based routing, the message follows a gradient of improving utility functions

toward the destination thereby delivering the packet with a low delay and using minimal
system resources. One of the early proposals, PROPHET (Lindgren et al. (2003)), employed
probabilistic routing using history of encounters of the node and transitivity. This strategy
was designed to take advantage of the non-random mobility behavior of the nodes as is the
case in typical real-world scenarios. The idea is that each node is associated with a metric
that represents its delivery predictability for a given destination. When a node carrying a
message encounters another node with a better metric to the destination, it passes the
message to it. The metrics are positively updated based on recent node encounters and
metrics for sparsely encountered nodes are appropriately aged. The connectivity
information is exchanged periodically among the nodes thereby allowing nodes to maintain
meaningful metrics. As nodes run out of memory, the eviction candidate is selected based
on a FIFO strategy although more intelligent eviction strategies have also been studied. The
PROPHET strategy has been shown to have superior performance as compared to epidemic
routing in case of a community mobility model.
Other researchers have proposed similar strategies in the case of ad-hoc networks using
other kinds of information to calculate the gradient metric such as age of last encounter
(Grossglauser & Vetterli (2003)), history of past encounters and the encounter rate (Nelson et
al. (2009)), etc. Gradient based routing is also sometimes called adaptive routing (Musolesi
et al. (2005)) since the metrics used for routing decisions essentially capture the context
information of the nodes such as the rate of change of connectivity of a host (i.e., the
likelihood of it meeting other hosts) and its current energy level (i.e., the likelihood of it
remaining alive to deliver the message). Context is defined as a set of attributes that describe
the aspects of the system that can be used to optimize the process of message delivery. The
authors have introduced a generic method that uses Kalman filters to combine and evaluate
the multiple dimensions of the context of the nodes to take routing decisions.
The Shortest Expected Path Routing (SEPR) is another scheme based on the link probability
calculated from the history of node encounters (Tan et al. (2003)). Each message in a nodes
cache is assigned an effective path length (EPL) based on the link probabilities along the
shortest path to the destination. A smaller EPL value indicates higher delivery probability.
When two nodes meet, they first exchange the link probability table and employ Dijkstra

algorithm to get expected path length to all other nodes in the network. This novel EPL
metric is employed for message forwarding as well as replacement when node buffer is full.
This algorithm is similar to a traditional link state routing protocol in that nodes update
their local tables on an encounter and in this way connectivity information is maintained in
the network in a distributed manner. Simulation results confirm that SEPR achieves a higher
delivery rate employing fewer message copies as compared to epidemic routing.
Data Delivery in Delay Tolerant Networks: A Survey

573
Gradient-based routing schemes suffer from a slow-start phase. Sufficient number of
encounters must happen before the nodes develop meaningful metrics for each destination.
In addition, this information needs to be propagated through the network. One solution to
address this shortcoming is the Seek and Focus scheme (Spyropoulos et al. (2004)). This
scheme initially forwards the message picking a neighbor at random until the metric utility
value reaches a certain threshold. Thereafter a gradient-based approach may be employed to
deliver the message to the destination.
4.7 Controlled replication schemes
Compared to traditional epidemic routing based schemes and its variants that rely on
reducing the consumption of network resources, Spray and Wait (Spyropoulos et al. (2005))
presents a novel way to achieve efficient routing in DTNs. The idea is that it reduces the
number of copies of a given message, and hence the number of transmissions for a given
message, to a fixed value L that can be tuned in accordance with the delivery delay
requirement. The scheme ‘sprays’ a number of copies of a message into the network to L
distinct relays and then ‘waits’ till one of these relays meets the destination. A number of
heuristics are presented about how the L copies are sprayed, for example, the source is
responsible for spraying all L copies or more optimally, each progressive node encountered
by a source or relay is handed over the responsibility to distribute half of the remaining
copies (called Binary Spray and Wait). This scheme requires no knowledge of the mobility of
the nodes. The expected delay of this scheme is analytically computed for the case of mobile
nodes performing random walks on the surface of a 2-dimensional torus and compared with

the optimal delay. This delay is independent of the size of the network and only depends on
the number of nodes. The scheme is shown to posses robust scalability as the node density
goes up.
A variant of this scheme called Spray and Focus (Spyropoulos et al. (2007)) provides further
improvements by taking advantage of the mobility information in the wait-phase. The idea
is that once the spray phase is over, each relay can then forward the packet further using a
single-copy utility based scheme instead of naively waiting to meet the destination. Hence,
this scheme combines the advantages of controlled replication along with those of gradient-
based schemes presented earlier. Simulation results with a variety of mobility models such
as random walk, random way-point, community-based etc. show significant improvements
in the delivery delay.
4.8 Network coding based schemes
As opposed to the traditional model of forwarding in DTNs where nodes may forward the
entire copy of the message to encountered relays, an alternate approach is to employ network
coding based schemes. In (Wang et al. (2005)), the authors provide an erasure-coding based
approach to forward data in DTNs. The idea is that the source node encodes a message and
generates a large number of code blocks guided by a replication factor r. The generated code
blocks are then equally split among the first k · r relays, for some constant k, and those relays
must deliver the coded blocks to the destination directly. The original message can be decoded
once 1/r coded blocks have been received. In other words, the message can be decoded as
soon as k relays deliver their data to the destination. Such a scheme is more robust to failures
of a few relays or some bad forwarding choices. The authors demonstrate via simulation
evaluation with both synthetic and real world traces that this scheme achieves better worst-
case delay performance that existing approaches with a fixed overhead.
Mobile Ad-Hoc Networks: Protocol Design

574
Study Scheme
Mobility
Model

Energy Delay
Copies
created
Storage
Drop Oldest
(Davis et al. (2001))
Epidemic
Routing
Random
Waypoint
X Many X
Infostations
(Frenkiel et al. (2000))
Direct Highway X None
Message Ferries
(Zhao & Ammar (2003))
One-hop
Relay
Nonrandom
Pro-active
X X One
Zebroids
(Ghandeharizadeh et al.
(2006))
Knowledge
Oracles
Random
with
predictions
X Many X

MoVe
(LeBrun et al. (2005))
Location
Bus
movement
X One X
Seek and Focus
(Spyropoulos et al. (2004))
Gradient
Random
Walk
X X One
Spray and Wait
(Spyropoulos et al. (2005))
Controlled
Replication
Random
Walk
X X Many
Erasure Coding
(Wang et al. (2005))
Source
Coding
Animal
movement
based
X X Many
Table 1. Related studies on intermittently connected networks.
Compared to the scheme proposed earlier that employs source coding, Widmer & Le
Boudec (2005) propose a network coding based protocol for routing in DTNs. The idea is

that intermediate nodes send out packets based on some linear combination of previously
received information. In this way, a receiver reconstructs the original message once it
receives enough encoded messages. A packet received by a node is considered innovative if
it increases the ”rank” of the set of received packets at this node. A parameter controls with
which probability the reception of innovative packets causes a node to send a packet. The
authors incorporate a mechanism of information aging in their protocol so that efficient
network coding can still be achieved with little available memory. The process of
determining how many and which messages will be coded together poses significant
challenges especially if this is to be done in a distributed manner.
On the basis of the classification introduced in this section, we provide a small summary of
DTN routing schemes in Table 1 depicting their representative characteristics.
5. Conclusions and future work
In this chapter, we have presented a survey of some of the most promising approaches
proposed for data delivery in DTNs. Our survey and classification has concluded that there
is no universal scheme that will be applicable in all scenarios. Depending on the particular
scenario in question, either one or more likely a combination of schemes will be applicable
to satisfy the needs of the application. A couple of other surveys for routing in delay tolerant
networks that compliment this study have also appeared in recent literature (Spyropoulos et
al. (2010); Jones & Ward (2006)). However, with so many choices available, some form of
industry-wide agreement on standardization of a subset of these techniques as well as a
Data Delivery in Delay Tolerant Networks: A Survey

575
DTN architecture is necessary. The Delay Tolerant Network Research Group (DTNRG) is
one such effort where an architecture for messaging in DTNs has been proposed (Cerf et al.
(2007)).
Delay Tolerant Networks are a reality. With a large amount of different devices such as the
smart-phones, netbooks, thin-clients etc. available in the market today, DTN routing has
become even more challenging since it has to adapt to a vast set of heterogeneous nodes
with different capabilities and networking technologies. Additionally, it has become

increasingly clear that DTNs must be able to reach the global Internet. One proposal that
enables communication between DTNs and the Internet is the Tetherless Communication
Architecture (Seth et al. (2005)). More and more real-world deployments of DTNs at
different scales that practically demonstrate the utility of the routing schemes and show
how they can be employed to either alleviate or solve practical problems will allow
researchers to drive the adoption of DTNs.
Finally, an important consideration for DTNs relates to issues of security, privacy,
anonymity, and trust. For DTN routing to function, intermediate nodes must cooperate and
agree to carry content of other users. In addition, the content must be transported securely
and possibly encrypted to protect the information as well as prevent man-in-the-middle
kind of attacks. The routing schemes themselves must have in-built mechanisms that
address all these issues. While there have been independent proposals to address some of
these aspects (Farrell & Cahill (2006); Seth & Keshav (2005); Kate et al. (2007)), a framework
that integrates all these aspects and provides a holistic solution for DTNs is still missing.
6. References
Balazinska, M. & Castro, P. (2003). Characterizing mobility and network usage in a
corporate wireless local-area network, MobiSys ’03: Proceedings of the 1st international
conference on Mobile systems, applications and services, ACM, New York, NY, USA, pp.
303–316.
Bin Tariq, M. M., Ammar, M. & Zegura, E. (2006). Message ferry route design for sparse ad
hoc networks with mobile nodes, MobiHoc ’06: Proceedings of the 7th ACM
international symposium on Mobile ad hoc networking and computing, ACM, New York,
NY, USA, pp. 37–48.
Burgess, J., Gallagher, B., Jensen, D. & Levine, B. (2006). MaxProp: Routing for Vehicle-
Based Disruption-Tolerant Networking, Proc. of IEEE Infocom.
Cerf, V., Burleigh, S., Hooke, A., Torgerson, L., Durst, R., Scott, K., Fall, K. & Weiss, H.
(2007). Delay-tolerant networking architecture.
URL:
Davis, J., Fagg, A. & Levine, B. (2001). Wearable computers as packet transport mechanisms
in highly-partitioned ad-hoc networks, Wearable Computers, 2001. Proceedings. Fifth

International Symposium on, pp. 141 –148.
Demers, A., Greene, D., Hauser, C., Irish, W., Larson, J., Shenker, S., Sturgis, H., Swinehart,
D. & Terry, D. (1987). Epidemic algorithms for replicated database maintenance,
PODC ’87: Proceedings of the sixth annual ACM Symposium on Principles of distributed
computing, ACM, New York, NY, USA, pp. 1–12.
Fall, K. (2003). A delay-tolerant network architecture for challenged internets, SIGCOMM
’03: Proceedings of the 2003 conference on Applications, technologies, architectures, and
protocols for computer communications, ACM, New York, NY, USA, pp. 27–34.