Abstract: Mobile ad hoc networks (MANETs) are typical distribution networks, which have unique characteristics and constraints such as none centralized control, dynamically changed network topology, and limited bandwidth. For the absence of fixed network infrastructure, MANETs are vulnerable to various types of denial of service (DoS) attacks. The gray hole attack is a kind of DoS attacks. In this attack, an adversary silently drops some or all of the data packets sent to it for further forwarding even when no congestion occurs. Firstly, related works, DSR protocol, aggregate signature algorithm and network model are introduced. Secondly, a scheme based on aggregate signature is proposed to trace packet dropping nodes. The proposal consists of three related algorithms: the creating proof algorithm, the checkup algorithm and the diagnosis algorithm. The first is for creating proof, the second is for checking up source route nodes, and the last is for locating the malicious nodes. Finally, the efficiency of the proposal is analyzed. The simulation results using ns-2 show that in a moderately changing network, most of the malicious nodes could be detected, the routing packet overhead is low, and the packet delivery rate is improved after abandoning routes containing bad nodes.