Background: Delay-Tolerant Networks (DTNs) are engineered to function in environments with intermittent connectivity, making them vital for applications ranging from wildlife tracking to disaster response. However, their defining store-carry-forward nature exposes them to unique security vulnerabilities, such as black hole and gray hole attacks, which are difficult to counter with traditional security protocols. Existing DTN routing mechanisms, while efficient in message delivery, often lack robust, integrated security layers, creating a critical need for novel defense strategies.
Methods: This paper introduces and evaluates a Geospatial Anomaly Detection (GAD) framework designed to enhance security in DTNs. Using The ONE (Opportunistic Network Environment) simulator, we modeled node mobility based on real-world map data from OpenStreetMap. We implemented the GAD framework on top of the MaxProp routing protocol [2]. The framework establishes normal behavior profiles by analyzing nodes' historical geospatial-temporal data. Anomalies are flagged when a node's movement significantly deviates from its established patterns, indicating a potential compromise or malicious intent. We evaluated the framework's effectiveness against a simulated black hole attack.
Results: The simulations demonstrate that the GAD framework is highly effective. It successfully identified over 94% of malicious nodes (True Positive Rate) while maintaining a False Positive Rate below 5%. Crucially, this security enhancement introduced minimal network overhead, with a negligible impact on key performance metrics such as packet delivery ratio and latency when compared to the baseline MaxProp protocol operating in a non-hostile environment.
Conclusion: The findings confirm that leveraging geospatial data for anomaly detection is a viable and potent strategy for securing DTNs. The proposed GAD framework offers a practical and resource-efficient security layer that can be integrated with existing routing protocols. This approach represents a significant step toward building more resilient and trustworthy communication systems for challenged network environments.
