Natural Computing

, Volume 10, Issue 1, pp 243–274 | Cite as

Priming: making the reaction to intrusion or fault predictable

  • Martin Drozda
  • Sven Schaust
  • Sebastian Schildt
  • Helena Szczerbicka


We propose and evaluate an immuno-inspired approach for misbehavior detection in ad hoc wireless networks. Misbehavior is the result of an intrusion, or a software or hardware failure. Our misbehavior detection approach is inspired by the role of co-stimulation and priming in the biological immune system (BIS). We translate priming into a computational paradigm that can increase robustness as well as stimulate energy efficiency of misbehavior detection. We provide a detailed energy consumption analysis with respect to the IEEE 802.11 and IEEE 802.15.4 protocols. We analyze the efficiency of misbehavior detection with co-stimulation and priming. This analysis is complemented with experimental results. We show that co-stimulation and priming introduce new options such as the ability to choose a trade-off between detection performance and energy efficiency. We provide a summary of the challenges related to the design of co-stimulation and priming based architectures. We argue that co-stimulation and priming are rather general paradigms with possible applications in other areas than misbehavior detection.


Ad hoc wireless network Sensor network Misbehavior detection Energy efficient design Co-stimulation Artificial immune system 



We would like to thank the reviewers for their very constructive and detailed comments. This work was supported by the German Research Foundation (DFG) under the Grant No. SZ 51/24-3 (Survivable Ad Hoc Networks—SANE).


  1. Ahlers E (2009) Funk-evolution. c’t Magazin für Computer und Technik 13:86–89Google Scholar
  2. Aickelin U, Bentley P, Cayzer S, Kim J, McLeod J (2003) Danger theory: the link between ais and ids? In: Timmis J, Bentley PJ, Hart E (eds) ICARIS ’03: proceedings of the international conference on artificial immune systems, Lecture Notes in Computer Science, vol 2787. Springer, Berlin/Heidelberg, Edinburgh, UK, pp 147–155. doi: 10.1007/978-3-540-45192-1_15
  3. Alpaydin E (2004) Introduction to machine learning. MIT Press, CambridgeGoogle Scholar
  4. Anantvalee T, Wu J (2007) A survey on intrusion detection in mobile ad hoc networks. In: Xiao Y, Shen XS, Du DZ (eds) Wireless network security. Signals and communication technology. Springer, Berlin, pp 159–180. doi: 10.1007/978-0-387-33112-6_7
  5. Bajaj L, Takai M, Ahuja R, Tang K, Bagrodia R, Gerla M (1999) GloMoSim: a scalable network simulation environment. UCLA Computer Science Department Technical Report 990027Google Scholar
  6. Barford P, Kline J, Plonka D, Ron A (2002) A signal analysis of network traffic anomalies. In: IMW ’02: proceedings of the 2nd ACM SIGCOMM workshop on internet measurement. ACM, Marseille, France, pp 71–82. doi: 10.1145/637201.637210
  7. Barr R, Haas Z, van Renesse R (2005) JiST: an efficient approach to simulation using virtual machines. Softw Pract Exp 35(6):539–576CrossRefGoogle Scholar
  8. Barrett C, Drozda M, Engelhart D, Kumar V, Marathe M, Morin M, Ravi S, Smith J (2005) Understanding protocol performance and robustness of ad hoc networks through structural analysis. In: Proceedings of the IEEE international conference on wireless and mobile computing, networking and communications (WiMob’2005), vol 3. Montreal, Canada, pp 65–72Google Scholar
  9. Bhuse V, Gupta A, Lilien L (2005) DPDSN: detection of packet-dropping attacks for wireless sensor networks. In: Proceedings of the fourth international trusted internet workshop, Goa, IndiaGoogle Scholar
  10. Drozda M, Schildt S, Schaust S, Szczerbicka H (2010) An immuno-inspired approach to misbehavior detection in ad hoc wireless networks. Computing Research Repository (CoRR).
  11. Feeney L, Nilsson M (2001) Investigating the energy consumption of a wireless network interface in an ad hoc networking environment. In: INFOCOM 2001: proceedings of twentieth annual joint conference of the IEEE computer and communications societies, vol 3. Anchorage, Alaska, pp 1548–1557Google Scholar
  12. Forrest S, Perelson A, Allen L, Cherukuri R (1994) Self-nonself discrimination in a computer. In: Proceedings of IEEE computer society symposium on research in security and privacy. Oakland, CA, USA, pp 202–212Google Scholar
  13. Frauwirth KA, Thompson CB (2002) Activation and inhibition of lymphocytes by costimulation. J Clin Investig 109(3):295–299. doi: 10.1172/JCI14941, Google Scholar
  14. Gonzalez O, Howarth M, Pavlou G (2007) Detection of packet forwarding misbehavior in mobile ad-hoc networks. In: Boavida F, Monteiro E, Mascolo S, Koucheryavy Y (eds) Proceedings of the international conference on wired/wireless internet communications, Lecture Notes in Computer Science, vol 4517. Springer, Berlin/Heidelberg, Coimbra, Portugal, pp 302–314. doi: 10.1007/978-3-540-72697-5_26
  15. Hofmeyr S, Forrest S (1999) Immunity by design: an artificial immune system. In: GECCO ’99: proceedings of genetic and evolutionary computation conference, vol 2. Morgan Kaufmann, Orlando, FL, USA, pp 1289–1296Google Scholar
  16. Hu Y, Perrig A, Johnson D (2003) Packet leashes: a defense against wormhole attacks in wireless networks. In: INFOCOM 2003: proceedings of the twenty-second annual joint conference of the IEEE computer and communications societies, vol 3. IEEE, San Francisco, CA, USA, pp 1976–1986Google Scholar
  17. Hu Y, Perrig A, Johnson D (2006) Wormhole attacks in wireless networks. IEEE J Sel Areas Commun 24(2):370–380CrossRefGoogle Scholar
  18. Huang Ya, Lee W (2003) A cooperative intrusion detection system for ad hoc networks. In: SASN ’03: proceedings of the 1st ACM workshop on security of ad hoc and sensor networks. ACM, Fairfax, VA, pp 135–147. doi: 10.1145/986858.986877
  19. IEEE Std. 802.11 (2007) Part 11: wireless LAN medium access control (MAC) and physical layer (PHY) specifications. IEEE Standard for Information Technology. doi: 10.1109/IEEESTD.2007.373646
  20. IEEE Std. 802.15.4 (2003) Part 15.4: wireless medium access control (MAC) and physical layer (PHY) specifications for low-rate wireless personal area networks (WPANs). IEEE Standard for Information Technology. doi: 10.1109/IEEESTD.2003.94389
  21. Johnson DB, Maltz DA (1996) Dynamic source routing in ad hoc wireless networks. In: Imielinski T, Korth HF (eds) Mobile computing. The Kluwer International Series in Engineering and Computer Science, vol 353. Springer, Berlin, pp 153–181. doi: 10.1007/978-0-585-29603-6_5
  22. Kohavi R, John G (1997) Wrappers for feature subset selection. Artif Intell 97(1–2):273–324zbMATHCrossRefGoogle Scholar
  23. Krishnamurthy S, Thamilarasu G, Bauckhage C (2009) Malady: a machine learning-based autonomous decision-making system for sensor networks. In: Proceedings of IEEE international conference on computational science and engineering, vol 2. IEEE Computer Society, Vancouver, Canada, pp 93–100. doi: 10.1109/CSE.2009.246
  24. Marti S, Giuli TJ, Lai K, Baker M (2000) Mitigating routing misbehavior in mobile ad hoc networks. In: MobiCom ’00: proceedings of the 6th annual international conference on mobile computing and networking. ACM, Boston, MA, USA, pp 255–265. doi: 10.1145/345910.345955
  25. Mierswa I, Wurst M, Klinkenberg R, Scholz M, Euler T (2006) Yale: rapid prototyping for complex data mining tasks. In: Proceedings of the 12th ACM SIGKDD international conference on knowledge discovery and data mining. ACM, Philadelphia, PA, USA, pp 935–940Google Scholar
  26. Murphy K, Travers P, Walport M (2008) Janeway’s immunobiology. Garland Publication, New YorkGoogle Scholar
  27. Perkins CE, Royer EM (1999) Ad hoc on-demand distance vector routing. In: Proceedings of the 2nd IEEE workshop on mobile computing systems and applications. IEEE Press, New Orleans, LA, USA, pp 90–100Google Scholar
  28. Rappaport T (2001) Wireless communications: principles and practice. Prentice Hall, Upper Saddle RiverGoogle Scholar
  29. Sarafijanovic S, Le Boudec JY (2004) An artificial immune system for misbehavior detection in mobile ad-hoc networks with virtual thymus, clustering, danger signal, and memory detectors. In: Nicosia G, Cutello V, Bentley PJ, Timmis J (eds) ICARIS ’04: proceedings of the international conference on artificial immune systems, Lecture Notes in Computer Science, vol 3239. Springer, Berlin/Heidelberg, Catania, Sicily, pp 342–356. doi: 10.1007/978-3-540-30220-9_28
  30. Scalable Networks (2010) Qualnet Simulator. Accessed 12 Aug 2010
  31. Schaust S, Drozda M (2008) Influence of network payload and traffic models on the detection performance of AIS. In: Procedings of international symposium on performance evaluation of computer and telecommunication systems (SPECTS). IEEE Press, Edinburgh, UK, pp 44–51Google Scholar
  32. Seward J (2010) BZIP2 data compression library. Accessed 12 Aug 2010
  33. Sterbenz JPG, Krishnan R, Hain RR, Jackson AW, Levin D, Ramanathan R, Zao J (2002) Survivable mobile wireless networks: issues, challenges, and research directions. In: WiSE ’02: proceedings of the 1st ACM workshop on wireless security. ACM, Atlanta, GA, USA, pp 31–40. doi: 10.1145/570681.570685
  34. Texas Instruments (2007) CC2420—2.4 GHz IEEE 802.15.4/ZigBee-ready RF transceiverGoogle Scholar
  35. Ubiquiti Networks (2010) XTREMERange2—carrier-class 2.4 GHz 802.11b/g radio module datasheet. Accessed 12 Aug 2010
  36. Vaidya N, Hameed S (1999) Scheduling data broadcast in asymmetric communication environments. Wirel Netw 5(3):171–182CrossRefGoogle Scholar
  37. Wistron NeWeb Corp. (2010) Wistron CM9 datasheet. Accessed 16 Aug 2010
  38. Yegneswaran V, Barford P, Ullrich J (2003) Internet intrusions: global characteristics and prevalence. In: SIGMETRICS ’03: proceedings of the 2003 ACM SIGMETRICS international conference on measurement and modeling of computer systems. ACM, San Diego, CA, USA, pp 138–147. doi: 10.1145/781027.781045
  39. Zhao F, Liu J, Liu J, Guibas L, Reich J (2003) Collaborative signal and information processing: an information-directed approach. Proc IEEE 91(8):1199–1209Google Scholar
  40. ZigBee Alliance (2005) ZigBee specification. Accessed 10 Aug 2010

Copyright information

© Springer Science+Business Media B.V. 2010

Authors and Affiliations

  • Martin Drozda
    • 1
  • Sven Schaust
    • 1
  • Sebastian Schildt
    • 2
  • Helena Szczerbicka
    • 1
  1. 1.Simulation and Modeling Group, Faculty of Electrical Engineering and Computer ScienceLeibniz University of HannoverHannoverGermany
  2. 2.Institute of Operating Systems and Computer NetworksTechnische Universität BraunschweigBraunschweigGermany

Personalised recommendations