International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
A Comprehensive Survey on Security Issues of Delay Tolerant
Networks
T. Anusha Reddy1, N. Srihari Rao2
1
M.Tech. Student, CSE Dept, CMR Institute of Technology, Hyderabad, A.P.
2
Associate Prof., CSE Dept., CMR Institute of Technology, Hyderabad, A.P.,
MIAENG, MCSI, MISTE
Abstract
A potential low-cost solution to the problem
of connecting devices in areas, where end-to-end
connectivity cannot be assumed is required, and such
low-cost networks are known as Delay Tolerant
Networks (DTNs). In DTNs, intermediate nodes are
used to take custody of the transferred data and to
forward this data as the opportunity arises. There are
many issues we need to address with regard to DTN
networks such as recognition of mobility patterns,
optimal touting algorithms, latency reduction,
enhanced availability, and secured communication.
T
Hence, a survey is conducted through which we can
focus on the most important issue of security in
SR
DTNs.
Index Terms
IJC
DTN, Mobile Ad-Hoc Network (MANET),
Public Key, Private Key, Authentication, Attack,
Routing, Public Key Infrastructure (PKI)
I. Introduction
DTN is a computer network architecture which tries
to address the technical issues in heterogeneous
networks that may lack continuous network
connectivity. Examples of such networks [9] are
those operating in mobile or extreme terrestrial
environments, or planned networks in space.
Disruption may occur because of the limits of
wireless radio range, sparsity of mobile nodes, energy
resources, attack, and noise.
Delay and disruption-tolerant networks are
characterized by their lack of connectivity, resulting
in a lack of instantaneous end-to-end paths. In these
challenging environments, popular ad hoc routing
protocols such as AODV and DSR fail to establish
routes. This is due to the fact that these protocols try
to first establish a complete route and then, after the
route has been established, forward the actual data.
IJCSRTV1IS050080 www.ijcsrt.org
Vol. 1 Issue 5, October - 2013
However, when instantaneous end-to-end paths are
difficult or impossible to establish, routing protocols
must use store and forward approach, where data is
incrementally moved and stored throughout the
network hoping that it will eventually reach its
destination. A common technique used to maximize
the probability of a message being successfully
transferred is to replicate many copies of the message
in the hope that they will succeed in reaching its
destination. This is feasible only on networks with
huge amounts of local storage and internode
bandwidth relative to the expected traffic. In many
common problem spaces, this inefficiency is
outweighed by the increased efficiency. Shortened
delivery times are made possible by taking maximum
advantage of available unscheduled forwarding
opportunities.
In developing regions, especially rural areas,
DTNs can be used to provide network access for
education, health care or government services. They
also enhance low bandwidth Internet connections to
transfer large files at low cost, while using the
Internet connection for control messages. A typical
rural area DTN is shown in figure 1.
Bundle protocols
Bundle Protocol [9] defines a series of
contiguous data blocks as a bundle where each
bundle contains enough semantic information to
allow the application to make progress where an
individual block may not. Bundles are routed in a
store and forward manner between participating
nodes over varied network transport technologies
including both IP and non-IP based transports.
Bundle convergence layers are the transport layers
that carry the bundles across their local
networks. The bundle architecture therefore operates
as an overlay network and it provides a new naming
70

architecture based on Endpoint Identifiers (EIDs) and
coarse-grained class of service offerings.
Protocols using bundling must use
application-level preferences for sending bundles
across a network. Due to the store and forward nature
of delay-tolerant protocols, routing solutions for
delay-tolerant networks can benefit from exposure to
application-layer information. For example, network
scheduling can be influenced if application data must
be received in its entirety, quickly, or without
variation in packet delay. Bundle protocols collect
application data into bundles that can be sent across
heterogeneous network configurations with high-
level service guarantees.
T
SR
IJC
Fig. 1. A typical rural area DTN [ ]
Security
A major focus of the bundle protocol is to
address security issues. Though authentication and
privacy are often critical, security concerns for delay-
tolerant networks vary depending on the environment
and application,. These security guarantees are
difficult to establish in a network without persistent
connectivity because the network hinders
complicated cryptographic protocols, hinders key
exchange, and each device must identify other
intermittently visible devices. Solutions have
typically been modified from MANETs and
distributed security research, such as the use of
distributed certificate authorities and PKI schemes.
IJCSRTV1IS050080 www.ijcsrt.org
International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
Vol. 1 Issue 5, October - 2013
Original solutions from the delay-tolerant research
community include: 1) the use of identity-based
encryption, which allows nodes to receive
information encrypted with their public identifier,
and 2) the use of tamper-evident tables with a
gossiping protocol.
The organization of the remainder of the
paper is as follows. Section II presents the literature
survey on existing research work. Section III explains
the conclusions and future work.
II. Literature Survey
1. Erman Ayday et. al [1] proposed an iterative
algorithm for trust management and adversary
detection for DTNs. Adversaries use Byzantine
attacks to compromise one or more legitimate nodes
and fully control to cause serious damages to the
network in terms of latency and data availability. To
handle the adversarial behavior MANETs can use the
existing, traditional reputation based trust
management techniques but they do not apply well to
DTNs. A robust trust mechanism and an efficient and
low cost malicious node detection techniques for
DTNs referred as Iterative Trust and Reputation
Mechanism (ITRM) is proposed in [1]. ITRM is an
iterative malicious node detection mechanism for
DTNs and is inspired by the iterative decoding of low
density parity check codes over bipartite graphs. Like
other trust and reputation management mechanisms
ITRM has two main goals: 1) computing the service
quality i.e. reputation of the peers who are service
providers (SPs) by using the feedbacks from the
peers who used the service referred to as raters, 2)
determining the trustworthiness of the raters by
analyzing their feedback about SPs.
The two broad types of attacks that are
considered to be detected by ITRM in their work are:
1) attack on the network communication protocol, 2)
attack on the security mechanism. Packet drop and
packet injection comes under attack on the network
communication protocol category. Bad
mouthing/ballot stuffing on the trust management,
random attack on the trust management, Bad
mouthing/ballot stuffing on the detection scheme fall
under attack on the security mechanism. The
advantages of ITRM include detecting and isolating
malicious nodes from the network in a short time,
effectively detecting the malicious nodes even in the
presence of attacks on the trust and detection
mechanisms, and providing high data availability i.e.
high percentage of recovered messages by their final
destinations with low information latency.
71

2. Uddin, M.Y.S et. al [2] proposed SPREAD
(countermeasure against Spoofing by Replica
Adjustment), which provides solution by assessing
evidence of spoofing and offering countermeasures
designed for quota-based multi-copy routing
protocols. Address spoofing attacks in DTNs cause
more severe damage compared to other known
attacks, such as dropping packets. Spoofing reduces
packet delivery ratio to a low value either to a single
node or network-wide. Providing protection against
this attack without PKI in DTNs is very challenging.
SPREAD is a localized countermeasure against
spoofing attacks. This scheme focuses more on
assessing evidence in support of spoofing, instead of
detecting an individual spoofer. This solution
depends on reducing the weight of packet copies,
charged to the routing quota, when these packets are
given to a node suspected of spoofing. As the
spoofing evidence mounts against a node, the weight
reduction increases.
This scheme is designed to probabilistically
maintain the same number of packet copies in the
network as would be in the case of attack absence,
despite the actual occurrence of spoofing. In contrast
T
to static wireless networks, this scheme exploits two
unique features of DTNs in designing the
SR
countermeasure: 1) multi-copy routing and 2)
diversity of encounters. Multiple copies of the same
packet allow several ways of delivering packets to
IJC
destinations, even when a few of them are consumed
by attackers. Mobility of nodes causes diversity of
encounters that allows a given node to meet several
other nodes and not remain surrounded by attackers
all the time. This allows nodes to replicate their
packets bypassing attackers, as long as they are able
to keep enough copies per packet. The advantages of
SPREAD for DTNs are: 1) it makes DTNS robust
against spoofing attacks, 2) it does not overburden
the network, and 3) limits the overall overhead within
a certain bound.
3. Ali Talari et. al [3] proposed a method for
enhanced intermediate packet delivery in DTNs. To
improve the network reliability and to cope with
packet loss, rate less codes have been recently
employed in packet forwarding protocols of DTNs.
However, rate less decoders cannot recover any
source packets in intermediate range, where the
number of received coded packets is less than the
number of source packets. Applications such as
multimedia content delivery desire partial recovery of
source packets from the incomplete received encoded
packets.
IJCSRTV1IS050080 www.ijcsrt.org
International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
Vol. 1 Issue 5, October - 2013
New algorithms are designed to improve the
intermediate recovery rate of existing rate less-
coding-based routing algorithms. The rateless coded
symbols can be delivered in a carton order to improve
the intermediate packet recovery rate. The Sorted
Packet Forwarding (SPF) and Improved SPF (ISPF)
aim to sort coded symbols at source and destination
respectively. Modified SPF (MSPF) and Modified
ISPF (MISPF) employ a new less of rate less codes to
achieve even higher recovery rate less compared to
SPF and ISPF.
Routing algorithms proposed in [3] exploit
the average meeting time of nodes with source (S)
and destination (D) as network history. The meeting
history of ni’s (all nodes) with S is only maintained at
S, and the meeting history of node ni with D is
maintained in both ni and S. Here partial network
history is employed because nodes do not need to be
aware of other nodes’ average meeting times. Their
implementation is feasible in many networks.
4. A. Petz et. al [4] proposed a framework for
evaluating DTN mobility models. The performance
of DTN protocols is highly sensitive to the
underlying mobility model which determines the
node’s movements. DTN protocols exploit node
mobility to overcome unpredictable or otherwise bad
connectivity. Mobility models have to be designed
for: a) being independent of communication
protocols and data traffic patterns that are in use, b)
including characteristics that improve protocol
performance in the form of enhancing delivery and
network efficiency, c) increasing the mobility
models’ realism. Capturing the social patterns of
human mobility, transportation systems and animal
mobility will help in modeling node mobility.
In their work, they implemented random
way point mobility model and three DTN-specific
mobility models to evaluate the mobility statistics
package namely OMNET++. This work was carried
out in order to ensure that these models capture the
spirit of the intended mobility patterns.
Implementation of zebra mobility gives detailed
information regarding the specific mobility habits of
zebras. A village mobility scenario consists of the
villages and people who inhabit them. The villagers
are dispersed in the landscape, with villages below a
threshold distance from each other directly connected
by roads. These roads create a transportation network
by which people can move between villages. The
Truncated Levy Walk model [5] is a purely statistical
model which draws values from a random
distribution to determine the distance traveled and
72

angle of movement for each new destination, as well
as the pause time between movements. OMNET++
collects information about node movements in a
simulation and generates statistics which can be used
to compare different mobility models. These statistics
can also be used to reason about how different
characteristics of the mobility models affect routing
performance, and the function of other higher layer
protocols.
5. J. Burgess et. al [6] suggests that successful
DTNs will encourage participation and lack
authentication restrictions. The complexity of
authentication mechanisms for securing routing
protocols may dissuade node participation so strongly
which brings more losses than the potential attacker
impacts. Routing with packet replication provides
more robustness in the face of attacks than routing
without packet replication. Also, defense that uses
cryptographic hashes but not a central authority is
more effective in the case of the most effective attack
of acknowledgement counterfeiting. Malicious nodes
within a DTN may attempt to delay or destroy data in
transit to its destination. They may drop data, insert
data, flood the network with extra messages, corrupt
routing tables, counterfeit
Tnetwork
acknowledgements.
SR
The combination of two factors: a) the
routing protocols have been designed with an
IJC
expectation that nodes are often unavailable and the
DTN implicitly routes around the attacked nodes
which are equivalent to failed nodes, b) the
disconnected nature of the networks limits the
effectiveness of attackers attempting flooding or
dropping, makes DTNs less fragile than MANETs.
The best defense in a DTN against malicious packet
dropping attacks is the use of multiple paths. DTN
flooding is much less effective because a direct route
to a destination is not always available. Traditional
routers are often susceptible to injection of erroneous
routing information. The MaxProp and similar
protocols do not employ authentication hence
attackers can propagate erroneous information about
the routing tables of any node. In replicative routing
protocols, acknowledgements are a very effective
mechanism for packet delivery and as a result they
are an effective method for secret damage. In
MaxProp, acknowledgements of delivery are simply
the cryptographic hash of the packet. Unfortunately,
the cryptographic hash prevents an attacker from
propagating a false acknowledgement, which
victimizes intermediary nodes that have yet to see the
original packet. Hence victims would not receive the
in-transit packets from peers during transfer
opportunities, cutting off a possibly viable path to the
IJCSRTV1IS050080 www.ijcsrt.org
International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
Vol. 1 Issue 5, October - 2013
destination. These attacks can be defended without
authentication by using the fact that packet should
normally propagate from nodes closest to a packet’s
source to nodes closest to a packet’s destination.
6. A. Gate et. al [7] proposed security and
anonymity solutions for DTNs which are based on
identity based encryption (IBE). It is observed that
traditional PKI-based approach is not suitable for
DTNs. In a PKI, a user authenticates another user’s
public key using a certificate signed by a certificate
authority (CA). The limitations of DTNs need the
design of new security and privacy protocols for
DTNs. Their solution exploits the Sakai-Ohgishi-
Kasahara (SOK) key agreement scheme and
hierarchical identity-based encryption and signature
schemes. Mutual authentication between two DTN
nodes before initiating a data transfer provides secure
communication in a DTN. To achieve anonymous
communication, we require the sender and receiver
know each other’s identity, but observers and
network entities should not be able to determine the
identity of a sender or receiver. Their solution
provides anonymity through pseudonyms and
protocols that allow DTN routers to know the
pseudonym belonging to a valid user without learning
the identity of user.
The SOK key agreement scheme is based on
the Bonch-Franklin identity-based encryption scheme
(BF-IBE). In BF-IBE, private key generator (PKG) is
a trusted authority and after the system setup it
computes private keys for its users based on their
well-known identities i.e. their public keys. The SOK
key agreement scheme provides mutual
authentication using explicit key confirmation
between two PKG users. It also provides non-
interactive, implicit key authentication mechanism.
The SOK key agreement scheme does not provide
mechanisms for secure message transfer when the
two participants do not belong to the same domain
PKG. Though the IBE can be used for message
confidentiality and IBS can be used for source
authentication, these schemes lack scalability without
a PKG hierarchy. Hierarchical identity-based
cryptography (HIBC) can be used to provide a
scalable architecture for IBE and IBS. Since
extending SOK key agreement scheme to the HIBC
case where the two participants belong to two
different domain PKGs seems to be impossible, a
combination of HIBE and a HIBS scheme is used
instead.
7. K. Fall [8] proposed delay-tolerant network
architecture for challenged internets. Challenged
networks are the networks that violate the following
73

key assumptions made regarding the overall
performance characteristics of the underlying links in
order to achieve smooth operation: a) an end-to-end
path exists between a data source and its peers, b) the
maximum round-trip time between any node pairs in
the network is not excessive, and c) the end-to-end
packet drop probability is small. Challenged
internetworks are characterized by latency,
bandwidth limitations, error probability, node
longevity, or path stability that are largely worse than
is common to today’s Internet. Examples of
challenged networks are terrestrial mobile networks,
exotic media networks, military ad-hoc networks, and
sensor and sensor/actuator networks. In challenged
networks communication media is unusual and
oversubscribed, hence link capacity is a precious
resource. The access to the data forwarding service
should be protected by some authentication and
access control mechanism at least at important points
in the topology. Some mechanisms to enforce an
access control matrix to class of service is required if
multiple classes of service are available.
Delay Tolerant Message–Oriented Overlay
architecture is proposed in [8] to provide
interoperability between and among challenged
T security problem. We can overcome the security
networks. For DTNs an end-to-end approach to
SR
security is not appropriate for two reasons. Firstly,
end-to-end approach requires some end-to-end
exchange of challenges or keys, secondly it is
IJC
undesirable to carry unwanted traffic all the way to
its destination before an authentication and access
control check is performed. The participants to the
security model for the DTN architecture are the
network routers i.e. DTN forwarders and principals.
Each message includes an unchangeable postage
stamp containing a verifiable identity of the sender,
an approval and approving authority of the requested
class of service associated with the message, and
other cryptographic material to verify accuracy of the
message content.
The proposed scheme in [8] uses public key
cryptography as a starting point for keying. Routers
and principals are issued public/private key pairs, and
a principal sending a message must obtain a signed
copy of its public key from a certificate authority
known to DTN forwarders. At the first DTN router,
the signed public key is used to validate the sender
and requested class of service against an access
control list stored in the router. Accepted messages
are then resigned in the key of the router for transit.
First-hop routers only need cache per-user
certificates, and then only for adjacent users using
this approach. Non-edge core routers can depend on
the authentication of upstream routers to verify the
IJCSRTV1IS050080 www.ijcsrt.org
International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
Vol. 1 Issue 5, October - 2013
authenticity of messages. Advantage of this approach
include space savings, improvement to system
management as router keys are required to be
changed less frequently than end-user keys. Since
this architecture operates as an overlay above the
transport layers of the networks it interconnects, it
provides key services such as in-network data storage
and retransmission, interoperable naming,
authenticated forwarding and a coarse-grained class
of service.
III. Conclusions and Future Work
In this paper, we presented the literature
survey that we carried out on security issues of
DTNs. The presented survey reveals various aspects
of research work that is already carried out in DTNs
for providing security. Providing security is not
possible in one step but it requires consideration of
many facets of the problem. Here it is come to be
known that routing protocols, mobility models,
cryptographic techniques, authenticating needs etc
are the tasks which require researchers’ concentration
for providing robust security. In all these papers we
studied, we observed a pessimistic approach to the
problems by finding an optimistic way to reach an
excellent solution to DTN security.
Our future work is to implement various
algorithms that provide security for DTNs and
compare the results from all these implemented
methods. We are going to work to widen the
knowledge for understanding the security issues in
DTNs and providing solutions for security problems
to DTNs.
IV. References
1. Erman Ayday, and Faramarz Fekri, “An Iterative
Algorithm for Trust Management and Adversary
Detection for Delay- Tolerant Networks,” IEEE
Transactions on Mobile Computing, Vol.11,
No.9, September 2012, Pages: 1514-1531.
2. Md Yusuf Sarwar Uddin, Ahmad Khurshid, Hee
Dong Jung, Carl Gunter, Matthew Carsar, and
Tarek Abdelzaher. “Making DTNs Robust
Against Spoofing Attacks with Localized
Countermeasures, ” presented in 8th Annual
IEEE Communications Society Conference on
Sensor, Mesh and Ad Hoc Communications and
Networks (SECON), Salt Lake City, UT, ISSN:
2155-5486, 27-30 June 2011, Pages: 332-340.
3. Ali Talari, and Nazanin Rahnavard, “Enhanced
Intermediate Packet Delivery in Delay Tolarent
Networks,” State University, Stillwater, Millitary
74
 International Journal of Computer Science Research & Technology (IJCSRT)
ISSN: 2321-8827
Vol. 1 Issue 5, October - 2013

Communications Conference (MILCOM-2010),

2010, Pages: 575 – 580.
4. A. Petz, J. Enderle, and C. Julien, “A Framework
for Evaluating DTN Mobility Models,” Proc.
Second Int’l Conf. Simulation Tools and
Techniques, pp. 94:1-94:8, 2009.
5. S. Hong, I. Rhee, S.J. Kim, K. Lee, and S.
Chong, “Routing Performance Analysis of
Human-Driven Delay Tolerant Networks Using
the Truncated Levy Walk Model,” Proc. First
ACM SIGMOBILE Workshop Mobility Models,
pp. 25-32, 2008.
6. J. Burgess, G. Bissias, M. Corner, and B. Levine,
“Surviving Attacks on Disruption-Tolerant
Networks without Authentication,” Proc. Eighth
ACM Int’l Symp. Mobile Ad Hoc Networking
and Computing, pp. 61-70, 2007.
7. A. Kate, G. Zaverucha, and U. Hengartner,
“Anonymity and Security in Delay Tolerant
Networks,” Proc. Third Int’l Conf. Security and
Privacy in Comm. Networks (SecureComm ’07),
2007.
8. K. Fall, “A Delay-Tolerant Network Architecture
for Challenged Internets,” Proc. ACM
SIGCOMM, pp. 27-34, 2003.
9. http://en.wikipedia.org/wiki/Delay-
T
tolerant_networking
SR
Authors’ Biography
IJC

T.Anusha Reddy had B.Tech in Information Technology from Christu Jyothi Institute of
Technology & Science, Yeshwanthapur, Jangon. She is an M.Tech. Student in CSE Department of
CMR Institute of Technology, Hyderabad. She is currently working for her M.Tech. Research
project work under the guidance of Mr.N.Srihari Rao. Her areas of interest include Network
Security, Computer Networks, and Programming languages.

N.Srihari Rao had his B.E. from C.B.I.T., Hyderabad, and he had M.E. from Karunya Deemed
University, Coimbatore. He is currently working as Associate Professor in CSE Department of
CMR Institute of Technology, Hyderabad. He is working for Ph.D. in CSE Discipline at JNTUA
Univeristy, Anantapur. His areas of interest are Network Security, Data Mining, Image Processing,
and ICT for various fields.

IJCSRTV1IS050080 www.ijcsrt.org 75