ANDES: an Anomaly Detection System for Wireless Sensor Networks

In this paper, we propose ANDES, a framework for detecting and finding the root causes of anomalies in operational wireless sensor networks (WSNs). The key novelty of ANDES is that it correlates information from two sources: one in the data plane as a result of regular data collection in WSNs, the other in the management plane implemented via a separate routing protocol, making it resilient to routing anomaly in the data plane. Evaluation using a 32-node sensor testbed shows that ANDES is effective in detecting fail-stop failures and most routing anomalies with negligible computing and storage overhead.

[1]  David E. Culler,et al.  Telos: enabling ultra-low power wireless research , 2005, IPSN 2005. Fourth International Symposium on Information Processing in Sensor Networks, 2005..

[2]  Bharat K. Bhargava,et al.  Visualization of wormholes in sensor networks , 2004, WiSe '04.

[3]  Deborah Estrin,et al.  EmStar: A Software Environment for Developing and Deploying Wireless Sensor Networks , 2004, USENIX Annual Technical Conference, General Track.

[4]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[5]  Adrian Perrig,et al.  Distributed detection of node replication attacks in sensor networks , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[6]  Marimuthu Palaniswami,et al.  Intrusion Detection for Routing Attacks in Sensor Networks , 2006, Int. J. Distributed Sens. Networks.

[7]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[8]  David E. Culler,et al.  Design of an application-cooperative management system for wireless sensor networks , 2005, Proceeedings of the Second European Workshop on Wireless Sensor Networks, 2005..

[9]  Peng Ning,et al.  LAD: Localization anomaly detection for wireless sensor networks , 2006, J. Parallel Distributed Comput..

[10]  Michael S. Hsiao,et al.  Denial-of-service attacks on battery-powered mobile computers , 2004, Second IEEE Annual Conference on Pervasive Computing and Communications, 2004. Proceedings of the.

[11]  Ian F. Akyildiz,et al.  Wireless sensor networks: a survey , 2002, Comput. Networks.

[12]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[13]  Deborah Estrin,et al.  Sympathy for the sensor network debugger , 2005, SenSys '05.

[14]  David E. Culler,et al.  TOSSIM: accurate and scalable simulation of entire TinyOS applications , 2003, SenSys '03.

[15]  Marimuthu Palaniswami,et al.  Anomaly detection in wireless sensor networks , 2008, IEEE Wireless Communications.

[16]  M. Brownfield,et al.  Wireless sensor network denial of sleep attack , 2005, Proceedings from the Sixth Annual IEEE SMC Information Assurance Workshop.

[17]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[18]  Bo Yu,et al.  Detecting selective forwarding attacks in wireless sensor networks , 2006, Proceedings 20th IEEE International Parallel & Distributed Processing Symposium.