A novel coding scheme to implement signature based IDS in IP based Sensor Networks

In signature based IDS (Intrusion Detection Systems), if incoming packet header matches a certain set of rules, its payload is scrutinized against a set of known patterns (also called signatures). As the number of patterns could range up to thousands, pattern matching consumes not only the storage but also the most of the CPU cycles to execute the complex pattern matching algorithms. Therefore, so far there is no signature based IDS which can work on resource constraint sensor nodes. This paper presents a dynamic coding mechanism, which helps in implementing a distributed signature based IDS (Intrusion Detection System) in IP-USN (IP based Ubiquitous Sensor Networks). The proposed scheme also allows building of lightweight IDS in terms of storage, messaging and energy consumption, which make it appropriate for resource constrained sensor devices.

[1]  Stefan Axelsson,et al.  Intrusion Detection Systems: A Survey and Taxonomy , 2002 .

[2]  Sandeep Kumar,et al.  Classification and detection of computer intrusions , 1996 .

[3]  Gabriel Montenegro,et al.  IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs): Overview, Assumptions, Problem Statement, and Goals , 2007, RFC.

[4]  Kristopher Kendall,et al.  A Database of Computer Attacks for the Evaluation of Intrusion Detection Systems , 1999 .

[5]  Salvatore J. Stolfo,et al.  Mining in a data-flow environment: experience in network intrusion detection , 1999, KDD '99.

[6]  Alfonso Valdes,et al.  Next-generation Intrusion Detection Expert System (NIDES)A Summary , 1997 .

[7]  Burton H. Bloom,et al.  Space/time trade-offs in hash coding with allowable errors , 1970, CACM.

[8]  N. Ye,et al.  A Scalable Clustering Technique for Intrusion Signature Recognition , 2001 .

[9]  John W. Lockwood,et al.  Fast and Scalable Pattern Matching for Network Intrusion Detection Systems , 2006, IEEE Journal on Selected Areas in Communications.

[10]  Syed Obaid Amin,et al.  A novel IPv6 traceback architecture using COPS protocol , 2008, Ann. des Télécommunications.

[11]  Giovanni Vigna,et al.  The STAT tool suite , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[12]  Johnny S. Wong,et al.  A taxonomy of intrusion response systems , 2007, Int. J. Inf. Comput. Secur..

[13]  Wendi Heinzelman,et al.  Energy-efficient communication protocol for wireless microsensor networks , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.

[14]  Graham A. Stephen String Searching Algorithms , 1994, Lecture Notes Series on Computing.