| Attack type | Attacker behavior |
| Selective forwarding, black-hole, grey-hole | A malicious node discards part or all packets |
| Sinkhole attack | A malicious node tries to attract traffic advertising and fake routing information, and then it does not forward it |
| Replay attack | A malicious node continues to send the same data repeatedly |
| Link spoofing attack | A malicious node can deceive the link layer verification mechanism, so that the sender of the packet thinks that the packet has been forwarded successfully |
| Modification attack | A malicious node modifies the data packets that it forwards |
| Sybil attack | An attacker presents multiple identities |
| Collusion attack | Many powerful attackers work in collusion to implement attacks |
| Flooding attack | A malicious node sends a large number of packets to overwhelm the normal nodes |
| Bad mouthing attack | A malicious node provides dishonest recommendations |