Intrusion Detection for Routing Attacks in Sensor Networks

Security is a critical challenge for creating robust and reliable sensor networks. For example, routing attacks have the ability to disconnect a sensor network from its central base station. In this paper, we present a method for intrusion detection in wireless sensor networks. Our intrusion detection scheme uses a clustering algorithm to build a model of normal traffic behavior, and then uses this model of normal traffic to detect abnormal traffic patterns. A key advantage of our approach is that it is able to detect attacks that have not previously been seen. Moreover, our detection scheme is based on a set of traffic features that can potentially be applied to a wide range of routing attacks. In order to evaluate our intrusion detection scheme, we have extended a sensor network simulator to generate routing attacks in wireless sensor networks. We demonstrate that our intrusion detection scheme is able to achieve high detection accuracy with a low false positive rate for a variety of simulated routing attacks.

[1]  K. Ban,et al.  Multihop sensor network design for wide-band communications , 2003, Proc. IEEE.

[2]  Vinod Yegneswaran,et al.  Internet intrusions: global characteristics and prevalence , 2003, SIGMETRICS '03.

[3]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[4]  Anupam Joshi,et al.  Security in Sensor Networks , 2020, Texts in Computer Science.

[5]  Eleazar Eskin,et al.  A GEOMETRIC FRAMEWORK FOR UNSUPERVISED ANOMALY DETECTION: DETECTING INTRUSIONS IN UNLABELED DATA , 2002 .

[6]  S.A. Khan,et al.  Analyzing & Enhancing energy Efficient Communication Protocol for Wireless Micro-sensor Networks , 2005, 2005 International Conference on Information and Communication Technologies.

[7]  Charles E. Perkins,et al.  Ad-hoc on-demand distance vector routing , 1999, Proceedings WMCSA'99. Second IEEE Workshop on Mobile Computing Systems and Applications.

[8]  Biswanath Mukherjee,et al.  DIDS (distributed intrusion detection system)—motivation, architecture, and an early prototype , 1997 .

[9]  Saswati Sarkar,et al.  Signature based intrusion detection for wireless ad-hoc networks: a comparative study of various routing protocols , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[11]  Nael B. Abu-Ghazaleh,et al.  Infrastructure tradeoffs for sensor networks , 2002, WSNA '02.

[12]  Ratan K. Guha,et al.  Effective intrusion detection using multiple sensors in wireless ad hoc networks , 2003, 36th Annual Hawaii International Conference on System Sciences, 2003. Proceedings of the.

[13]  Ian T. Downard,et al.  Simulating Sensor Networks in NS-2 , 2004 .

[14]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[15]  Christopher Leckie,et al.  Adaptive Clustering for Network Intrusion Detection , 2004, PAKDD.

[16]  Johannes Gehrke,et al.  Query Processing in Sensor Networks , 2003, CIDR.

[17]  Calvin Ko,et al.  Challenges in intrusion detection for wireless ad-hoc networks , 2003, 2003 Symposium on Applications and the Internet Workshops, 2003. Proceedings..

[18]  D. P. Agrawal,et al.  Self-organized criticality and stochastic learning based intrusion detection system for wireless sensor networks , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[19]  Philip S. Yu,et al.  Cross-feature analysis for detecting ad-hoc routing anomalies , 2003, 23rd International Conference on Distributed Computing Systems, 2003. Proceedings..

[20]  Mukesh Singhal,et al.  Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..

[21]  Karl N. Levitt,et al.  A specification-based intrusion detection system for AODV , 2003, SASN '03.

[22]  Shivakant Mishra,et al.  INSENS: Intrusion-Tolerant Routing in Wireless Sensor Networks , 2002 .

[23]  George Kesidis,et al.  Secure routing in ad hoc networks and a related intrusion detection problem , 2003, IEEE Military Communications Conference, 2003. MILCOM 2003..

[24]  Ian F. Akyildiz,et al.  Sensor Networks , 2002, Encyclopedia of GIS.

[25]  Dharma P. Agrawal,et al.  SVM-based intrusion detection system for wireless ad hoc networks , 2003, 2003 IEEE 58th Vehicular Technology Conference. VTC 2003-Fall (IEEE Cat. No.03CH37484).

[26]  Leonid Portnoy,et al.  Intrusion detection with unlabeled data using clustering , 2000 .

[27]  Ricardo Staciarini Puttini,et al.  Security in Ad Hoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches , 2002, Wireless Information Systems.

[28]  G. G. Stokes "J." , 1890, The New Yale Book of Quotations.

[29]  Peter J. Denning,et al.  Internet Besieged: Countering Cyberspace Scofflaws , 1997 .

[30]  Chee-Yee Chong,et al.  Sensor networks: evolution, opportunities, and challenges , 2003, Proc. IEEE.

[31]  Kotagiri Ramamohanarao,et al.  Learning to Share Distributed Probabilistic Beliefs , 2002, ICML.

[32]  Wendi Heinzelman,et al.  Energy-efficient communication protocol for wireless microsensor networks , 2000, Proceedings of the 33rd Annual Hawaii International Conference on System Sciences.