I. Introduction
Routing protocols are subject to a wide variety of attacks, many of which can be highly disruptive. Many sophisticated attacks are “insider attacks”, in which the attacker has access to legitimate nodes or certain cryptographic credentials. Attacks by independent insiders have been addressed in the literature, including [2]–[7]. However, much of the previous work focuses on providing a secure environment for “insider” nodes with respect to attacking “outsiders”. Current secure routing protocols rarely address attacks by multiple colluding insiders. The problem becomes more pronounced in open networks, where nodes are considered legitimate members by default. Previous work on probabilistic routing focuses on selfish routing, and does not directly address routing security.