DWT-based anomaly detection method for cyber security of wireless sensor networks

Critical infrastructures are exposed to many natural and man-made hazards and threats. Recently, in the era of moving previously disconnected tele-monitoring, control and supervisory systems e.g., information and communication technologies or supervisory control and data acquisition towards full network connection, the risk of cyber attacks on such systems is continuously growing. One of the current trends in information and communication technology systems controlling critical infrastructures such as energy grids, telecommunication networks, or water systems is deployment of wireless sensor networks. Therefore, the cyber security of the mentioned networks becomes an important challenge to be solved. In this paper, we propose a discrete wavelet transform-based method of anomaly detection in wireless sensor networks that could be deployed in critical infrastructures e.g., in energy grids, to measure some parameters. The major contribution of the paper is the implementation of the innovative SNORT-based pre-processor using the effective anomaly detection methods based on discrete wavelet transform. We apply the discrete wavelet transform to 26 network traffic parameters measured in our realistic testbed. We also discuss which parameters of the traffic are most useful for such purpose. Moreover, we implement our method as an algorithm in a dedicated SNORT preprocessor in order to be compliant with this popular state of the art intrusion detection system. Copyright © 2016 John Wiley & Sons, Ltd.

[1]  David A. Wagner,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Ad Hoc Networks.

[2]  Ran Wolff,et al.  In-Network Outlier Detection in Wireless Sensor Networks , 2006, ICDCS.

[3]  David E. Culler,et al.  SPINS: security protocols for sensor networks , 2001, MobiCom '01.

[4]  B. Strulo,et al.  Securing Mobile Ad hoc Networks — A Motivational Approach , 2003 .

[5]  Miodrag Potkonjak,et al.  On communication security in wireless ad-hoc sensor networks , 2002, Proceedings. Eleventh IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[6]  Erdal Cayirci,et al.  Security in Wireless Ad Hoc and Sensor Networks , 2009 .

[7]  Marimuthu Palaniswami,et al.  Quarter Sphere Based Distributed Anomaly Detection in Wireless Sensor Networks , 2007, 2007 IEEE International Conference on Communications.

[8]  Hiren Kumar Deva Sarma,et al.  Security Threats in Wireless Sensor Networks , 2006, Proceedings 40th Annual 2006 International Carnahan Conference on Security Technology.

[9]  Supakit Siripanadorn,et al.  Anomaly detection in wireless sensor networks using self-organizing map and wavelets , 2010 .

[10]  C.-C. Jay Kuo,et al.  Distributed spatio-temporal outlier detection in sensor networks , 2005, SPIE Defense + Commercial Sensing.

[11]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.

[12]  Biswanath Mukherjee,et al.  Wireless sensor network survey , 2008, Comput. Networks.

[13]  Symeon Papavassiliou,et al.  Hierarchical Anomaly Detection in Distributed Large-Scale Sensor Networks , 2006, 11th IEEE Symposium on Computers and Communications (ISCC'06).

[14]  Shivakant Mishra,et al.  A Performance Evaluation of Intrusion-Tolerant Routing in Wireless Sensor Networks , 2003, IPSN.

[15]  Biming Tian,et al.  Anomaly detection in wireless sensor networks: A survey , 2011, J. Netw. Comput. Appl..

[16]  Xiuzhen Cheng,et al.  Localized Outlying and Boundary Data Detection in Sensor Networks , 2007 .

[17]  Jianzhong Li,et al.  Unsupervised Outlier Detection in Sensor Networks Using Aggregation Tree , 2007, ADMA.

[18]  David A. Wagner,et al.  Security in wireless sensor networks , 2004, SASN '04.

[19]  Ingrid Daubechies,et al.  Where do wavelets come from? A personal point of view , 1996, Proc. IEEE.

[20]  Maria E. Orlowska,et al.  On the Optimal Robot Routing Problem in Wireless Sensor Networks , 2007 .

[21]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[22]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[23]  Eyal Amir,et al.  Real-time Bayesian Anomaly Detection for Environmental Sensor Data , 2007 .

[24]  Nirvana Meratnia,et al.  Outlier Detection Techniques for Wireless Sensor Networks: A Survey , 2008, IEEE Communications Surveys & Tutorials.

[25]  Ingrid Daubechies,et al.  Ten Lectures on Wavelets , 1992 .

[26]  M. Palaniswami,et al.  Distributed Anomaly Detection in Wireless Sensor Networks , 2006, 2006 10th IEEE Singapore International Conference on Communication Systems.

[27]  V. Alarcón-Aquino,et al.  Anomaly detection in communication networks using wavelets , 2001 .

[28]  I. Daubechies Orthonormal bases of compactly supported wavelets , 1988 .

[29]  Shivakant Mishra,et al.  INSENS: Intrusion-Tolerant Routing in Wireless Sensor Networks ; CU-CS-939-02 , 2002 .

[30]  Anupam Joshi,et al.  Security in Sensor Networks , 2020, Texts in Computer Science.

[31]  S. Mallat A wavelet tour of signal processing , 1998 .