Advertisement

An Artificial Immune System for Misbehavior Detection in Mobile Ad-Hoc Networks with Virtual Thymus, Clustering, Danger Signal, and Memory Detectors

  • Slaviša Sarafijanović
  • Jean-Yves Le Boudec
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3239)

Abstract

In mobile ad-hoc networks, nodes act both as terminals and information relays, and they participate in a common routing protocol, such as Dynamic Source Routing (DSR). The networks are vulnerable to routing misbehavior, due to faulty or malicious nodes. Misbehavior detection systems aim at removing this vulnerability. For this purpose, we use an Artificial Immune System (AIS), a system inspired by the human immune system (HIS). Our goal is to build a system that, like its natural counterpart, automatically learns and detects new misbehavior.

In this paper we build on our previous work [1,2] and investigate the use of four concepts: (1) “virtual thymus”, a novel concept, introduced in this paper, that provides a dynamic description of normal behavior in the system; (2) “clustering”, a decision making mechanism for decreasing false positive detections (3) “danger signal”, a concept that is, according to the “danger signal theory” of the human immune system [11,12], crucial for correct final decisions making; in our case, the signal is exchanged among nodes, which makes our detection system distributed; (4) “memory detectors”, used for achieving faster secondary response of the detection system.

We implement our AIS in a network simulator and test it on two types of misbehavior. We analyze the performance and show the effects of the four concepts on the detection capabilities. In summary: thanks to the virtual thymus, the AIS does not require a preliminary learning phase in which misbehavior should be absent; the use of the clustering and the danger signal is useful for achieving low false positives; the use of memory detectors significantly accelerates the secondary response of the system.

Keywords

Packet Loss Danger Signal Malicious Node Route Discovery Human Immune System 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Le Boudec, J.Y., Sarafijanovic, S.: An Artificial Immune System Approach to Misbehavior Detection in Mobile Ad-Hoc Networks. In: Proceedings of Bio-ADIT 2004, Lausanne, Switzerland, January 2004, pp. 96–111 (2004)Google Scholar
  2. 2.
    Sarafijanovic, S., Le Boudec, J.Y.: An Artificial Immune System Approach with Secondary Response for Misbehavior Detection in Mobile Ad-Hoc Networks. TechReport IC/2003/65, EPFL-DI-ICA, Lausanne, Switzerland (November 2003)Google Scholar
  3. 3.
    Hofmeyr, S.A., Forrest, S.: Architecture for an Artificial Immune System. Evolutionary Computation 7(1), 45–68 (2000)Google Scholar
  4. 4.
    Somayaji, A., Forrest, S.: Automated Response Using System-Call Delays. In: Proceedings of the 9th USENIX Security Symposium, The USENIX Association, Berkeley, CA (2000)Google Scholar
  5. 5.
    Aickelin, U., Bentley, P., Cayzer, S., Kim, J., McLeod, J.: Danger Theory: The Link between AIS and IDS? In: Timmis, J., Bentley, P.J., Hart, E. (eds.) ICARIS 2003. LNCS, vol. 2787, pp. 147–155. Springer, Heidelberg (2003)CrossRefGoogle Scholar
  6. 6.
    Marti, S., Giuli, T.J., Lai, K., Baker, M.: Mitigating routing misbehavior in mobile ad hoc networks. In: Proceedings of MOBICOM 2000, pp. 255–265 (2000)Google Scholar
  7. 7.
    Buchegger, S., Le Boudec, J.-Y.: A Robust Reputation System for Mobile ad hoc Networks. Technical Report, IC/2003/50, EPFL-DI-ICA, Lausanne, Switzerland (July 2003)Google Scholar
  8. 8.
    Buchegger, S., Le Boudec, J.-Y.: Performance Analysis of the CONFIDANT protocol: Cooperation of nodes - Fairness In Distributed Ad-Hoc Networks. In: Proceedings of MobiHOC, June 2002, IEEE/ACM, Lausanne, CH (2002)Google Scholar
  9. 9.
    Buchegger, S., Le Boudec, J.-Y.: The Effect of Rumor Spreading in Reputation Systems for Mobile Ad-hoc Networks. In: Proceedings of WiOpt 2003: Modeling and Optimization in Mobile, Ad Hoc and Wireless Networks, Sophia-Antipolis, France (March 2003)Google Scholar
  10. 10.
    Kim, J., Bentley, P.J.: Evaluating Negative Selection in an Artificial Immune System for Network Intrusion Detection. In: Genetic and Evolutionary Computation Conference 2001 (GECCO 2001), San Francisko, July 7-11, pp. 1330–1337 (2001)Google Scholar
  11. 11.
    Matzinger, P.: Tolerance, Danger and the Extended Family. Annual Review of Immunology 12, 991–1045 (1994)CrossRefGoogle Scholar
  12. 12.
    Matzinger, P.: The Danger Model in it’s Historical Contex. Scandinavian Journal of Immunology 54, 4–9 (2001)CrossRefGoogle Scholar
  13. 13.
    Sompayrac, L.M.: How the Immune SystemWorks, 2nd edn. Blackwell Publishing, Malden (2003)Google Scholar
  14. 14.
    Goldsby, R.A., Kindt, T.J., Osborne, B.A., Kuby, J.: Immunology, 5th edn. W. H. Freeman and Company, New York (2003)Google Scholar
  15. 15.
    Zeng, X., Bagrodia, R., Gerla, M.: Glomosim:Alibrary for parallel simulation of large scale wireless networks. In: Proceedings of the 12th workshop on Parallel and Distributed Simulations PDAS 1998, in Banff, Alberta, Canada, May 26-29 (1998)Google Scholar
  16. 16.
  17. 17.
    Johnson, D.B., Maltz, D.A.: The dynamic source routing protocol for mobile ad hoc networks. Internet draft, Mobile Ad Hoc Network (MANET) Working Group, IETF (February 2003)Google Scholar
  18. 18.
    Iannaccone, G., Chuah, C.-N., Mortier, R., Bhattacharyya, S., Diot, C.: Analysis of Link Failures in an IP Backbone. In: Proceeding of IMW 2002, November 2002, ACM Press, Marseille (2002)Google Scholar
  19. 19.
    Le Boudec, J.Y., Sarafijanovic, S.: An Artificial Immune System Approach to Misbehavior Detection in Mobile Ad-Hoc Networks. In: Proceedings of Bio-ADIT 2004, Lausanne, Switzerland, January 2004, pp. 96–111 (2004)Google Scholar
  20. 20.
    de Castro, L.N., Timmis, J.: Artificial Immune Systems: A New Computational Intelligence Approach. Springer, Berlin (2002)zbMATHGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Slaviša Sarafijanović
    • 1
  • Jean-Yves Le Boudec
    • 1
  1. 1.EPFL/IC/ISC/LCALausanneSwitzerland

Personalised recommendations