Intrusion detection based on traffic analysis in wireless sensor networks

This paper proposes a lightweight, fast, and efficient traffic intensity-based intrusion detection method for wireless sensor networks (WSNs), containing a large number of nodes which transmit data periodically. Intrusion detection method is based on analysis of neighbor's behavior and thresholding technique, applied to selected parameters: the number of received packets in a time window of a given length and inter-arrival time of packets. It does not require installation of any additional hardware and extra communication costs; its computational requirements are negligible. The proposed technique ma be used in both hierarchical and flat WSNs. The paper contains recommendations to the choice of threshold value for each traffic parameter. The results of evaluation, which was performed in Castalia simulator for WSNs, demonstrate that the proposed intrusion detection technique has better accuracy in comparison to the common algorithms.

[1]  Huirong Fu,et al.  Design and implementation of an intrusion detection system for wireless sensor networks , 2007, 2007 IEEE International Conference on Electro/Information Technology.

[2]  Huirong Fu,et al.  Intrusion Detection System for Wireless Sensor Networks , 2008, Security and Management.

[3]  Mukesh Singhal,et al.  Security in wireless sensor networks , 2008, Wirel. Commun. Mob. Comput..

[4]  Vojislav B. Misic,et al.  Evaluating the Feasibility of Traffic-Based Intrusion Detection in an 802.15.4 Sensor Cluster , 2007, 21st International Conference on Advanced Information Networking and Applications (AINA '07).

[5]  Kishor S. Trivedi Probability and Statistics with Reliability, Queuing, and Computer Science Applications , 1984 .

[6]  Antonio Alfredo Ferreira Loureiro,et al.  Decentralized intrusion detection in wireless sensor networks , 2005, Q2SWinet '05.

[7]  Yong Wang,et al.  A survey of security issues in wireless sensor networks , 2006, IEEE Communications Surveys & Tutorials.

[8]  Fang Liu,et al.  Insider Attacker Detection in Wireless Sensor Networks , 2007, IEEE INFOCOM 2007 - 26th IEEE International Conference on Computer Communications.

[9]  Shu Wang,et al.  Applying an Intrusion Detection Algorithm to Wireless Sensor Networks , 2009, 2009 Second International Workshop on Knowledge Discovery and Data Mining.

[10]  Eui-nam Huh,et al.  Detecting Selective Forwarding Attacks in Wireless Sensor Networks Using Two-hops Neighbor Knowledge , 2008, 2008 Seventh IEEE International Symposium on Network Computing and Applications.

[11]  Venkata M. Mulpuru,et al.  Detecting selective forwarding attacks in wireless sensor networks , 2008 .

[12]  Y.A. Sekercioglu,et al.  Detecting Selective Forwarding Attacks in Wireless Sensor Networks using Support Vector Machines , 2007, 2007 3rd International Conference on Intelligent Sensors, Sensor Networks and Information.

[13]  Ioannis Chatzigiannakis,et al.  A decentralized intrusion detection system for increasing security of wireless sensor networks , 2007, 2007 IEEE Conference on Emerging Technologies and Factory Automation (EFTA 2007).

[14]  Rong Zheng,et al.  ANDES: an Anomaly Detection System for Wireless Sensor Networks , 2007, 2007 IEEE Internatonal Conference on Mobile Adhoc and Sensor Systems.

[15]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[16]  Scott F. Midkiff,et al.  Denial-of-Service in Wireless Sensor Networks: Attacks and Defenses , 2008, IEEE Pervasive Computing.

[17]  Bo Yu,et al.  CHEMAS: Identify suspect nodes in selective forwarding attacks , 2007, J. Parallel Distributed Comput..

[18]  Murat Çakiroglu,et al.  Jamming detection mechanisms for wireless sensor networks , 2008, Infoscale.