IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.

8, August 2023 159

Stackelberg Game between Multi-Leader and Multi-Follower

for Detecting Black Hole and Warm Hole Attacks In WSN
S.Suganthi,
Research Scholar, Mother Teresa Women’s University, Kodaikanal

Dr.D.Usha,
Assistant Professor, Mother Teresa Women’s University, Kodaikanal

Abstract take the decisions based on their leader’s decision. In a

Objective: proposed game the cluster head acts as multi leaders which
 To detect black hole and warm hole attacks in can optimizes the major upper level problem and all other
wireless sensor networks. agents nodes acts a followers who joined with leaders which
 To give a solution for energy depletion and can handle the lower-level problems. Generally, the
security breach in wireless sensor networks. follower take a decision after observing the leaders decision
 To address the security problem using strategic and the leader expect the response from the follower and
decision support system. selects their own optimal strategy for taking a decision. At
Methods: The proposed stackelberg game is used to make the same time, all followers select their own optimal
the spirited relations between multi leaders and multi responses by competing with each other by the leaders
followers. In this game, all cluster heads are acts as leaders, choice. Many researchers doing their research in [2]
whereas agent nodes are acts as followers. The game is Stackelberg game and applied wide applications in various
initially modeled as Quadratic Programming and also use areas. In a proposed game in this paper, several cluster
backtracking search optimization algorithm for getting heads can act the position as leaders and the remaining
threshold value to determine the optimal strategies of both players can act as the position as followers, it becomes a
defender and attacker. multi-leader-follower game. Multi-leader-follower game[3]
Findings: To find optimal payoffs of multi leaders and take place from some oligopoly markets[4]. For example,
multi followers are based on their utility functions. The the large care companies called as the leaders have produce
attacks are easily detected based on some defined rules and new-fashioned cars they make the decision to produce the
optimum results of the game. Finally, the simulations are cars and quantities [5]. After observing the decisions of the
executed in matlab and the impacts of detection of black large car companies (leaders), all other smaller companies
hole and warm hole attacks are also presented in this paper. (followers) choose their optimal strategies to produce the
Novelty: The novelty of this study is to considering the quantities and qualities of the cars followed from the
stackelberg game with backtracking search optimization leaders[6]. Generally the attacks characteristics of warm
algorithm (BSOA). BSOA is based on iterative process hole is two malicious or attacker node combined together to
which tries to minimize the objective function. Thus we make a tunnel[7]. The attacker node automatically receives
obtain the better optimization results than the earlier the packet and sends it to other destination node through the
approaches. tunnel without the knowledge of the network[8]. Due to this
Keywords: attack the attacker node may drops all the packets or make
Stackelberg Game, Black hole attack, warm hole attack, the changes of original node behavior. In a black hole attack,
backtracking search optimization. the attacker or malicious node falsely advertises the shortest
path to all neighboring nodes. It will automatically generate
a black hole region by sending the fake route to all other
1. Introduction nodes.

Game theory is one of the interactive decision- The rest of the paper is organized as follows. Section
making methodology which follows the techniques in a 2 presents a detailed study of related work, section 3
mathematical way. Generally, a formal game should consist describes the proposed network model and section 4
of three elements such as the players of the game, the formulates the game between players. Section 5 gives a
techniques are available for each player, and the optimal brief overview of strategic space Section 6 discusses the
payoffs of each player. In a proposed stackelberg game experimental results obtained using MATLAB and section
contains multi leaders and multi followers[1]. The followers

Manuscript received August 5, 2023

Manuscript revised August 20, 2023
https://doi.org/10.22937/IJCSNS.2023.23.8.19
160 IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.8, August 2023

7 concludes the paper by giving some ideas for future work

in section

2. Network Model
Many papers describe the taxonomies of different
layers attacks. Most of those papers show attacks classified
by protocol stack layers(9). Some of papers show attacks
classified on passive and active presented TPP Game
algorithm that aims at modeling, analyzing the cooperation
and trustable behavior between the nodes. In presented the
Stackelberg game framework was employed to model and
analyze the transmitting-jamming problem, and the anti-
jamming power control game was investigated in wireless
networks. In the cooperative transmission game was studied,
and the equilibrium solution was obtained. In the authors
formulated an attacker-defender Stackelberg game(10) Received Signal Strength Indicator (RSSI) is the
between a jammer and a target node, and the timing channel measured power of a received radio signal [9]. The attacks
was exploited. In a secure offloading game was formulated, are detected based on Packet delivery Rate (PDR) and
and the Stackelberg equilibrium was derived. In we Packet Forwarding Rate (PFR). Threshold RSSI value for
investigated the anti-jamming channel selection problem in
an adversarial environment, and proposed a hierarchical black hole attack is 𝑇 _ 40. Threshold RSSI value
learning approach to obtain the desirable solutions. Note for warm hole attack is 𝑇 _ 55. Threshold Packet
that a survey on the jamming and anti-jamming techniques delivery rate in black hole attack is𝑇 _ 90. Threshold
in wireless networks can be found in. Therefore, the rapid value of packet delivery rate in warm hole attack is
detection of the worm outbreak propagation in the IoT with
𝑇 _ 80.
limited resources by IDS has become an urgent problem to
be solved(11). Herein, such IoT devices with embedded
IDS are collectively referred to as “sensors”. The The cluster head has selected using particle swarm
"scheduling strategy" mentioned in the following chapters optimization refer as Figure 2. During the transmission of
of this paper is mainly aimed at methods of “sensor” data from cluster head to all other agent nodes refer in figure
combination opening(12). 3, some attacker node may indicate highest Received Signal
strength value and packet delivery rate.

3. Network Model All the received values are recorded. In this situation
some normal nodes may choose wrong path. If the newly
Network Topology generated RSSI value may exceed the threshold RSSI value
The network topology of the proposed system for analyzing then it will be assumed as some nodes may affect by a black
Black hole and warm hole attack is given in figure 1. hole attack.
IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.8, August 2023 161

The proposed algorithm can compute the threshold

Received Signal Strength Indicator value and Threshold
Packet delivery rate value. The threshold value is based on
bandwidth, data flow rate, link strength, outcome of the
defender. The threshold value T automatically passes to the
indicators of the game. The proposed game which decides
whether to allow the packets or redirect or drop a data flow
based on the Threshold value T.

4. Game Formulation
Game theory is the formal, mathematical methodology
for interaction between players like people, agents or robots
which has been applied in diverse areas such as business,
economics, and management to solve problems. In this
section we have identified the attacked nodes through some
gaming strategy. Competition among the players is one of
the significant topics.
We use stackelberg game model which is applied to find the
best non malicious nodes in a sensor environment is
depicted in figure 5.
In a Stackelberg model, leader chooses a strategy first
and then follower observes this decision and makes his own
strategy choice. Intuitively, the first player chooses the best
possible point based on the second player’s best response
function. Generally the game includes the following three
comprise:
Player set: Players set contains Leaders and Followers
Leaders denoted as N
Followers denoted as M
Strategy set: A - Denotes the set of actions, i-denotes the
During the path finding process, some attacker node strategy. The set of actions of a game is denotes as 𝐴 = 𝐴1 ×
can automatically create a tunnel with some other attacker
𝐴2 × … × 𝐴𝑛. a-denotes the player which is defined as 𝑎𝑖 ∈
node. So the packet delivery process may automatically
deviate the valid route to wrong route. In this scenario the (𝑎𝑖, 𝑎− ) 𝑎𝑖 denotes the player a with 𝑖 strategy while 𝑎−𝑖
Received signal strength value and packet delivery rate can denotes other players’ strategies.
be monitored. If the monitored value is greater than Utility functions: The utility function or outcome of player
threshold received signal strength value and packet delivery 𝑖 denoted by ui (ai,a−i). The payoff function is measured by
rate then it is assumed as some nodes may affect by a warm outcome of ith player strategy and other players’ strategies.
hole attack is illusted in figure 4. In a game theory players are considered rational decision
makers they choose the best strategy to maximize their
benefit function.

5. Players and the Strategic Space

We establish a Stackelberg game between the defender
and attacker. Practically the cluster head plays the role of
the game leader and makes the first move by choosing its
detection strategy whereas all other agent nodes are acts as
the followers that observe the leader’s strategy and choose
their best responses to it in terms of attack detection
strategies is illustrated in Figure 5.

Figure 4 – Packet Drop / Loss

 162IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.8, August 2023

Figure 5 – Stackelberg Game

∇ f(x) 𝜆 ∇ 𝑔 x =0
The game is modeled initially as Quadratic Programming. 𝜆 ∇ 𝑔 x)=0 ∀ i
The backtracking search optimization for getting threshold 𝑔 x)≤0, 𝜆 0
ə ə ə ə
value to determine the optimal strategies of both defender ∇ f(x) = …….
ə ə ə ə
and attacker.
Let us define two utility matrices for the leader and the
Quadratic Programming: follower
Quadratic programming is a special class of non linear , ,
𝑈 = Ri,j and 𝑈 = Ci,j
optimization problem. We assume quadratic Objectives:
QL(PL,PF); L- Leader, F-Follower, P-Players , QF(PL,PF) In a multi leader follower game, the algorithm for Leader’s
with the structure Choice is as follows:
𝑀𝑖𝑛 𝑓 𝑥 XT Q X + CTX Algorithm 1: Leader’s Choice
Subject to AX= b, x≥0 Input: Leader variables
Is given by the linear system Output: Objective function
𝑄 𝐸 𝑋 𝐶 N- Leader(L)
=
𝐸 0 𝑌 𝑑 L=1…N
Quadratic Programming for Leader and follower: Decision Variable xL ɛ ℝnL
𝑃 Vector tuple x:= (x1….xN) ɛ ℝn
X=
𝑃 n:= ∑ 𝑛
𝑃 𝐶 𝐶 𝑃 𝐶 𝑃 (xL,x-L) ɛ ℝnL + n –L , n-L := n-nL
QL = +
𝑃 𝐶 𝐶 𝑃 𝐶 𝑃 Objective function or Utility function
𝑃 0 𝐶 𝑃 ƟL : ℝn+m → ℝ is dependent on xL to x-L , ∀ y
QF = + 𝐶 𝑃
𝑃 𝐶 𝐶 𝑃
Leader Strategy :
QL,QF≥0
xL (x-L ) ɛ ℝnL is dependent on xL to x-L and independent on
followers y
All feasible regions must be a convex set that means all
Leader solve the following optimization problem
linear constraints QL,QF must be in convex set. To minimize
Min QL (xL , x-L, y)
the objective function, we have to reduce the radius of the
Subject to xL ɛ XL
circle. To find more than one variables we use khuntucker
f(x,y):= ∇𝒙 , ƟL
condition.
Algorithm 2: Follower’s Choice
𝑀𝑖𝑛 𝑓 𝑥 XT Q X + CTX Input: Follower variables
Subject to AX≤ b , AX-b≤0 Output: Objective function of follower
X≥0, -X≤0 M-Follower(F)
F=1…M
Khuntucker Condition Response Variable yF ɛ ℝmF

Manuscript received August 5, 2023

Manuscript revised August 20, 2023
https://doi.org/10.22937/IJCSNS.2023.23.8.19
IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.8, August 2023 163

Vector tuple y:= (y1….ym) ɛ ℝm 𝑜𝑙𝑑𝑝 𝑝 , the historical population is used in the
n:= ∑ 𝑛 calculation of the search-direction matrix.
(xF,x-F) ɛ ℝmF + m –F , m-F := m-mF 7. 𝑀 𝑃 3 𝑃𝑟𝑒 𝑃 // 3 is random number ~
Objective function or Utility function N(0,1)
ƟF : ℝn+m → ℝ is dependent on yF to y-F , ∀ x
Follower Strategy : Step 4: Crossover
YF (y-F , x) ℝmF is dependent on leaders x BSA’s crossover process generates the final form of the trial
Follower solve the following optimization problem population T. The initial value of the trial population is
Min QF (x, yF, y-F) Mutant, as set in the mutation process. Trial individuals
Subject to yF ɛ YF with better fitness values for the optimization problem are
F(x,y):= ∇𝒚 , ƟF used to evolve the target population individuals. BSA’s
crossover process has two steps.
The first step calculates a binary integer-valued matrix
Backtracking Search Optimization
(map) of size N. D that indicates the individuals of T to be
After applying quadratic programming we can get the
manipulated by using the relevant individuals of P. If map
optimized nodes. Generally backtracking search is applied
n, m = 1, where n ϵ {1,2,3…,N} and m ϵ {1,2,3…,D}, T is
to have multiple solutions and need all those solution.
updated with T n, m := P n ,m In Algorithm-2 (on line 3)
Backtracking algorithm which is mainly used to execute a
indicates the ceiling function, defined as rand ~ U (0, 1).
multiple sequence of decisions, which is performed
BSA’s crossover strategy is quite different from the
recursively until satisfying certain constraints.
crossover strategies used in EA’s and its variants. The mix
𝐺 = Global Minimizer Game matrix
rate parameter (mixrate) in BSA’s crossover process
𝐺 = Minimum of Minimum Game matrix
controls the number of elements of individuals that will
N= Number of agent nodes mutate in a trial by using ceil (mixrate. rand. D).
D= population size The function of the mix rate is quite different from the
𝑃 , = Player of i,j strategy crossover rate used in EA’s. Two predefined strategies are
randomly used to define BSA’s map. The first strategy uses
Pre i,j = All other players i,j strategy mixrate. The second strategy allows only one randomly
fitpi = Fitness function player with strategy i chosen individual to mutate in each trial. BSA’s crossover
process is more complex than the process used in EA’s.
Algorithm 3: Some individuals of the trial population obtained at the end
Input: 𝑂 , 𝑁, 𝐷, 𝑚𝑎𝑥 , 𝑚𝑖𝑥 , 𝑙𝑜𝑤 , 𝑢𝑝, 𝑒𝑝𝑜𝑐ℎ𝑒𝑠 of BSA’s crossover process can overflow the allowed search
Output:𝐺 , 𝐺 space limits as a result of BSA’s mutation strategy. The
individuals beyond the search-space limits are regenerated
Step1: Initialization using Algorithm-3.
1. 𝑃 , ~𝑈 𝑙𝑜𝑤 𝑢𝑝 ) // i=1..N , j=1..D,U- is the 8. 𝐶𝑟 : , : 1
uniform distribution 9. 𝐼𝑓 𝑐 𝑑 𝑡ℎ𝑒𝑛
For k=1 from N
Step 2: Selection –IBSA has the option of redefining old 𝐶𝑟 , : 0
∗
population, it is used to randomly change the order of the
𝐸𝑛𝑑 𝑓𝑜𝑟
individuals in old population
Else
2. 𝐺 𝑖𝑛𝑓,D=30,N= 𝐴𝑔𝑒𝑛𝑡 ;
𝐹𝑜𝑟 𝑘 1 𝑓𝑟𝑜𝑚 𝑁
3. 𝑃 , lim lim 𝑢𝑝 𝑙𝑜𝑤 𝑙𝑜𝑤 𝐶𝑟 : 0
→ →
4. 𝑃𝑟𝑒 , lim lim 𝑢𝑝 𝑙𝑜𝑤 𝑙𝑜𝑤 𝐸𝑛𝑑 𝑓𝑜𝑟
→ →
𝑇 𝑀
5. 𝑓𝑖𝑡 lim 𝑂 𝑃
→ //Boundary control mechanism
6. 𝐹𝑜𝑟 𝑦 1 𝑡𝑜 𝑚𝑎𝑥 𝑇,
𝐼𝑓 𝑎 𝑏 𝑡ℎ𝑒𝑛 𝑃𝑟𝑒 𝑃 𝑟𝑎𝑛𝑑 𝑢𝑝 𝑙𝑜𝑤 𝑙𝑜𝑤 𝑖𝑓 𝑇 , 𝑙𝑜𝑤 𝑂𝑅 𝑇 ,
𝑃𝑟𝑒 𝑝𝑒𝑟𝑚𝑢𝑡𝑖𝑛𝑔 𝑃𝑟𝑒 // permuting function is a lim lim
→ → 𝑇, 𝑒𝑙𝑠𝑒
random shuffling function
𝐸𝑛𝑑 𝑖𝑓
𝑆𝑡𝑒𝑝 3: 𝑀𝑢𝑡𝑎𝑡𝑖𝑜𝑛
Step 5: Selection – II
The mutation process generates the initial form of the trial
In BSA’s Selection-II stage, the Ti’s that have better fitness
population called 𝑀
values than the corresponding Pi’s are used to update the
𝑀 𝑃 𝐹 𝑃𝑟𝑒 𝑃 // where F controls the
Pi’s based on a greedy selection. If the best individual of P
amplitude of the search direction matrix
(Pbest) has a better fitness value than the global minimum
164 IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.8, August 2023

value obtained so far by BSA, the global minimizer is

updated to be Pbest , and the global minimum value is
updated to be the fitness value of Pbest. The structure of
BSA is quite simple; thus it is easily adapted to different
numerical optimization problems.
10. 𝑓𝑖𝑡 𝑂 𝑇
𝑓𝑖𝑡 𝑖𝑓 𝑓𝑖𝑡 𝑓𝑖𝑡
11. 𝑓𝑖𝑡 lim
→ 0 𝑒𝑙𝑠𝑒
12. 𝑓𝑖𝑡 min 𝑓𝑖𝑡
13. If 𝑓𝑖𝑡 𝐺 𝑡ℎ𝑒𝑛
𝐺 𝑓𝑖𝑡 // the global minimum value is Figure 6 – Blackhole & Warmhole Attack
updated to be fitness value of population
𝐺 𝑃
A wormhole attack is composed of two attackers through a
𝐸𝑛𝑑 𝑖𝑓 wormhole tunnel. To establish a wormhole attack, attackers
14. 𝐸𝑛𝑑 𝑓𝑜𝑟 create a direct link, referred to as a wormhole tunnel
between them. A wormhole tunnel can be established by
//detection of normal as well as malicious node means of a wired link or a high quality wireless out of band
15. 𝑙𝑎𝑏𝑒𝑙 max 𝐵𝑒𝑠𝑡 𝑚𝑒𝑎𝑛 𝐺 links, or a logical link via packet encapsulation. After
𝑁𝑜𝑟 building a wormhole tunnel, one attacker receives and
copies packets from its neighbors and forwards them to the
1 𝑖𝑓 max 𝐵𝑒𝑠𝑡 𝑚𝑒𝑎𝑛 𝐺 other colluding attacker through the wormhole tunnel. This
latter node receives these tunneled packets and replays them
0 𝑜𝑡ℎ𝑒𝑟𝑤𝑖𝑠𝑒 into the network in its vicinity. In a wormhole attack using
The follower employs the same strategy to find best nodes a wired link or a high quality wireless out-of-band link,
or any strategy with the same payoff. attackers are directly linked to each other, so that they can
communicate quickly. On the other hand, a wormhole using
Attack Model: packet encapsulation is relatively much slower. But it can
Blackhole and Warmhole Attacks: be launched easily since it does not need any special
In black hole attack, a malicious node advertises itself for hardware or any special routing protocol. In this scenario
having the shortest path to the destination node or to the the Received signal strength value and packet delivery rate
packet it wants to intercept. This hostile node advertises its can be monitored. If the monitored value is greater than
availability of fresh routes irrespective of checking its threshold received signal strength value and packet delivery
routing table. In this way attacker node will always have the rate then it is assumed as some nodes may affect by a warm
availability in replying to the route request and thus hole attack.
intercept the data packet and retain it. The malicious node
received the reply message by the requesting node before Algorithm 4: Detection of various attacks
the reception of reply from actual node. Hence, a malicious Input:𝑃𝐷𝑅_𝑛𝑜𝑑𝑒_𝐼𝑑, 𝑅𝑆𝑆𝐼_𝑛𝑜𝑑𝑒_𝐼𝑑, 𝐷𝑃𝑅_𝑛𝑜𝑑𝑒_𝐼𝑑
and forged route is created. Because of the malicious node Output: Malicious and normal node Attack ID
may indicate highest Received Signal Strength value(RSSI)
and packet delivery rate(PDR). PDR- Packet Delivery Rate
If the newly generated RSSI value may exceed the threshold RSSI-Received Signal Strength Indicator
RSSI value then it will be assumed as some nodes may DPR=Duplicate Packet Rate
affect by a black hole attack. When this route is establish, it For i=1:to size of 𝑁
may happens whether to drop all the packets or forward it
𝑖𝑓 𝑃𝐷𝑅_𝑛𝑜𝑑𝑒_𝐼𝑑 𝑖 𝑇 && 𝑅𝑆𝑆𝐼_𝑛𝑜𝑑𝑒_𝐼𝑑 𝑖
to the unknown address. The general scenario of blackhole
and warmhole attacks is showed in Figure 6. 𝑇 _
𝐵𝐻 𝑖
𝑒𝑙𝑠𝑒𝐼𝑓 𝑅𝑆𝑆𝐼_𝑛𝑜𝑑𝑒_𝐼𝑑 𝑖
𝑇 _ && 𝑃𝐷𝑅_𝑛𝑜𝑑𝑒_𝐼𝑑 𝑖 𝑇 _
𝑊𝐻 𝑖
else
𝑁𝑜𝑟_𝑛𝑜𝑑𝑒 𝑖
End if
End for
IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.8, August 2023 165

After applying all the above algorithms the optimum results taken. The Y-axis is denoted as Number of rounds the
can be obtained. algorithm is going to be implemented. Numerical values
used for evaluation as shown in Table 1,2,3,4,5,6 and the
evaluation measures are depicted as Accuracy in figure 7,
6. Simulation Results sensitivity shows figure 8, Figure 9 as Detection Rate,
Figure 10 shows that F-Score, Figure 11 shows that False
The proposed algorithm can be implemented in matlab positive rate, Figure 12 shows that false negative rate of the
code and the convergence is calculated. The performance proposed system.
evaluation will be computed based on some parametric
measures. The X-axis is denotes as number of nodes are

Table 1 : ACCURACY
20 40 60 80 100
overall 94.52518 97.15385 98.89155 98.74127 98.9011
BH 84.80255 89.28571 92.89041 95.38462 97.77419
WH 80.31325 87.2069 95.59459 96.93939 97.74468

Table 2: Sensitivity:
20 40 60 80 100
over all 93.43697 95.59459 96.56098 97.2973 98.53922
BH 82.29197 85.36585 93.52326 94.30769 95.33962
WH 78.34247 83.39535 91.90909 93.58 924.5926

Table 3: Detection Rate:

20 40 60 80 100
over all 98.8 98.9 99.8 100 100
BH 97.8 98.6 98.9 100 100
WH 97.7 98.4 99.5 100 100

Table 4: F-Score
20 40 60 80 100

over all 91.59034 93.70817 96.61836 96.35974 97.08738

BH 79.65243 84.64329 92.1659 91.46341 93.45794
WH 74.77906 80.73818 90.09009 89.19722 91.74312

Table 5: False Positive

20 40 60 80 100
over all 0.006 0.003 0.082 0.064 0.052
BH 0.005 0.001 0.073 0.014 0.002
WH 0.004 0.095 0.061 0.02 0.085

Table 6: False Negative

20 40 60 80 100
over all 0.072 0.082 0.095 0.074 0.063
BH 0.063 0.061 0.093 0.002 0.066
WH 0.068 0.04 0.072 0.085 0.092
166 IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.8, August 2023
IJCSNS International Journal of Computer Science and Network Security, VOL.23 No.8, August 2023 167

1643 - 1650. Retrieved from

http://sersc.org/journals/index.php/IJAST/article/view/1105
7. Conclusion 1.
[5] Ruirui Zhang1and Xin Xiao. Intrusion Detection in Wireless
Wireless sensor networks are seriously vulnerable to Sensor Networks with an Improved NSA Based on Space
attacks, and their ability of resistance against the attacks is Division. Journal of Sensors. 2019. 1-20 Doi:
one of the critical challenges in the development of these 10.1155/2019/5451263.
networks. Security is recognized as a world-wide challenge [6] Zulfiqar Ali Zardari, Kamran Ali Memon, Reehan Ali Shah,
SanaullahDehraj, Iftikhar Ahmed. A lightweight technique
and game theory is an increasingly important paradigm for for detection and prevention of wormhole attack in
handling security breaches. Two main weaknesses of the MANET.2020; 1-6. DOI: 10.4108/eai.13-7-2018.165515.
traditional intrusion detection systems are as follows: 1) [7] Lina Mallozzi , and Roberta Messalli. Multi-Leader Multi-
from a technical perspective, they are highly complicated Follower Model with Aggregative Uncertainty. 2017; 8(25).
and 2) they rely on the temporary methods based on trial doi:10.3390/g8030025.
and error. Smart solutions have shown that although they [8] Lili Chen,Zhen Wang,Fenghua Li, Yunchuan Guo and Kui
have their own specific complexities, they are faster in Geng. A Stackelberg Security Game for Adversarial
speed and much more optimal in performance. The results Outbreak Detection in the Internet of Things. 2020; 20(804),
obtained in this paper, which is based on the game theory, doi:10.3390/s20030804
[9] Mehetre, D., Roslin, S., & Wagh, S. Detection and prevention
confirmed that smart methods can have better performance of black hole and selective forwarding attack in clustered
compared to the other strategies in terms of accuracy, WSN with Active Trust. 2019; Cluster Computing, 22, 1313–
specificity, detection rate and false alarm rate. 1328. https://doi.org/10.1007/s10586-017-1622-9.
[10] Pedro Manso et.al. SDN-Based Intrusion Detection System
for Early Detection and Mitigation of DDoS Attacks.
References Information 2019, 10, 106; doi:10.3390/info10030106.
[11] Muhammad Asim Khan, Mansoor Khan. A Review on
[1] F. Yao, L. Jia, Y. Sun, Y. Xu, S. Feng, and Y. Zhu. A Security Attacks and Solution in Wireless Sensor Networks.
hierarchical learning approach to anti-jamming channel American Journal of American Journal of Computer Science
selection strategies, 2017; 1-13. DOI: and Information Technology. 2019; 7 (1: 31). 1-7. DOI:
https://doi.org/10.1007/s11276-017-1551-9. 10.21767/2349-3917.100031
[2] Er.Harpal, Dr.Gaurav Tejpal and Dr.Sonal Sharma. Machine [12] Zeljko Gavric1, and Dejan Simic. Overview of DOS attacks
Learning Based Watchdog Protocol For Wormhole Attack on wireless sensor networks and experimental results for
Detection In Wireless Sensor Networks. International Journal simulation of interference attacks. Ingenieria e Investigation.
of Computer Science and Information Security (IJCSIS). 2018; 38(1). 130-138.
2017; 15(9). 54-63. https://sites.google.com/site/ijcsis/ DOI:10.15446/ing.investig.v38n165453.
[3] Tamilarasi, N., Santhi, S.G. Detection of Wormhole Attack
and Secure Path Selection in Wireless Sensor Network.
Wireless Pers Commun. 2020;
https://doi.org/10.1007/s11277-020-07365-4.
[4] Dr. B. Padminidevi, Mrs.C.Selvarathi. Implementation Of
Network Security Using Wormhole Attack. International
Journal of Advanced Science and Technology, 2017; 29(7s).