======= Review 1 =======

> *** Recommendation: Your overall rating (Please try giving as few borderlines as possible).
A = (top 10% of reviewer's perception of all INFOCOM submissions, but not top 5%) (5)

> *** Contributions: What are the major issues addressed in the paper? Do you consider them important? Comment on the novelty, creativity, impact, and technical depth in the paper.

Authors propose a method to improve the efficiency of watchdog misbehavior detection in wireless networks.
They focus on tampering attacks in which the forwarded data packet is corrupted by a misbehaving node. The particular problem they solve is for the case when the misbehaving node's strength of attack is low, which result in false negative detection by watchdog. The authors then use source error detection to address this problem, which increases the chance that the watchdog successfully finds the adversary node. It is shown that by using the right error detection code, throughput can be maximized while the probability of not detecting an attack can be made arbitrarily small.

> *** Strengths: What are the major reasons to accept the paper? [Be brief.]

The novelty of the paper lies in the fact that while the proposed method can effectively find misbehaving nodes, it is simple and easy to implement. It is also modular as it can be added to any existing watchdog mechanisms to find out tampering attacks. In addition, the analysis is solid, and claims are rigorously addressed and a variety of possibilities and situations are taken into account.

> *** Weaknesses: What are the major reasons NOT to accept the paper? [Be brief.]

The analysis is done for some sample topologies, and the extension to multihop (> 2 hops) is just briefly mentioned.
Also, it is not explained how in the presence of adversary nodes, watchdog and source/destination nodes can be synchronized, and the possible complications are not discussed. In short, more discussion of
general situations seems to be helpful.

> *** Detailed Comments: Please provide detailed comments that will help the TPC assess the paper and help provide feedback to the authors.

Although the model considered by the authors is not the most general; authors provide a simple method to find misbehaving nodes in the network.
The analysis also seems to be correct and solid, and provides insightful guidelines for a practical design.

======= Review 2 =======

> *** Recommendation: Your overall rating (Please try giving as few borderlines as possible).
B = (top 30% of reviewer's perception of all INFOCOM submissions, but not top 20%) - weak accept (3)

> *** Contributions: What are the major issues addressed in the paper? Do you consider them important? Comment on the novelty, creativity, impact, and technical depth in the paper.

This paper proposes two schemes to (1) detect misbehavior in wireless network and (2) identify the misbehaving node. The detection is done by combining monitoring nodes (watchdogs) with error detection codes (MDS codes). 

The combination exploits the following observation. In order to evade the error detection scheme, attackers are forced to modify many packets. However, the modification of many packets will be detected by watchdogs. The effect of wireless is two fold: on the positive side, broadcast allows watchdogs to overhear and detect misbehavior. On the negative side, the erratic nature of wireless may prevent watchdogs from perfectly overhearing everything.

> *** Strengths: What are the major reasons to accept the paper? [Be brief.]

The idea of combining watchdogs and error detection codes is interesting:
- Applying error detection codes prevents attackers from evading watchdogs (evasion by keeping the number of tampered packets low).
- Watchdogs prevent attacker from evading of error detection codes (evasion by changing many packets).

The paper is also clearly written.

> *** Weaknesses: What are the major reasons NOT to accept the paper? [Be brief.]

The proposed scheme are applicable only to a limited set of simplified scenarios in wireless networks. The proposed schemes (both (1) and (2)) are only applicable when there is only 1 misbehaving node. The authors don't discuss how this work (or at least the main idea) can be extended to the case of multiple misbehaving nodes. The intermediate nodes are assumed simple, i.e., nodes that only relay/repeat. The methods are not applicable to when intermediate nodes do network coding. Also the view of the MAC in III.B is over-simplified.

No comparison to alternative methods.

> *** Detailed Comments: Please provide detailed comments that will help the TPC assess the paper and help provide feedback to the authors.

The related work discussion doesn't show how this work improves over other work (watchdog-variations and NC pollution work). In fact it is misleading: the review of pollution attacks and defenses in wireless with network coding is irrelevant here, as the system does not consider network coding. The term "coding" refers to e2e error correction.

The evaluation of the scheme focuses on understanding tradeoffs internal to the method. Any quantitative comparison to other methods/alternatives? E.g. how does the approach compares to:
Sid Jaggi, Michael Langberg, Sachin Katti, Tracy Ho, Dina Katabi, and Muriel Medard "Resilient Network Coding In The Presence of Byzantine Adversaries," IEEE INFOCOM, 2007?

In Sec. 4C, paragraph 3, the authors claim that the collaboration of destination nodes does not help in devising a better attack detection scheme. This claim is solely based on a subset of scenarios and thus is not fully justified. (There are other scenarios when the collaboration can be combined with only W1 or W3 which are not explored). Also, what does "better" means? (in term of successful detection or overhead or both?)

Do you suppose that you now the quality of the channel (q), when you select the coding?

Minor comment: the font used is not from the typical IEEETran.cls format.

======= Review 3 =======

> *** Recommendation: Your overall rating (Please try giving as few borderlines as possible).
B = (top 30% of reviewer's perception of all INFOCOM submissions, but not top 20%) - weak accept (3)

> *** Contributions: What are the major issues addressed in the paper? Do you consider them important? Comment on the novelty, creativity, impact, and technical depth in the paper.

This paper takes a closer look at the watchdog mechanism. The authors propose a lightweight misbehavior detection scheme which utilizing error detection coding by the source node in the misbehavior detection. This paper thoroughly analyzes the misbehavior detection and identification problem under several basic cases. It is incremental work on top of watchdog mechanism but thought-provoking.

> *** Strengths: What are the major reasons to accept the paper? [Be brief.]

The paper is very well organized and easy to understand. The explanation and analysis on each case are clear and thorough.

> *** Weaknesses: What are the major reasons NOT to accept the paper? [Be brief.]

The detection scheme is examined under the assumption that only one misbehaving node exists in the network. In a practical environment with two or more attackers, all the analyses will be invalid.

> *** Detailed Comments: Please provide detailed comments that will help the TPC assess the paper and help provide feedback to the authors.

The authors study the misbehavior detection in wireless networks, and propose a straightforward watchdog-style detection scheme by utilizing source coding. The idea is clear and thought-provoking. The analyses in the basic cases are thorough and easy to follow. It is especially interesting since the authors also consider packet collision on the watchdog node W. The proposed scheme can achieve a high detection probability since the scheme considered the missing probability of the watchdog nodes at the first place.

However, the major concern of the reviewer is whether the proposed scheme together with the analyses is practical in real ad hoc networks. All the analyses depend on the strong assumption that only one misbehaving node will exist in the network. This makes the impact of the proposed scheme very limited in practical wireless ad hoc networks.