Lightweight Anomaly Intrusion Detection in Wireless Sensor Networks

Wireless Sensor Networks (WSNs) have an excellent application to monitor environments such as military surveillance and forest fire. However, WSNs are of interest to adversaries in many scenarios. They are susceptible to some types of attacks because they are deployed in open and unprotected environments. The WSNs are constituted of scarce resource devices. These security mechanisms which used for wired networks cannot be transferred directly to wireless sensor networks. In this paper we propose lightweight anomaly intrusions detection. In the scheme, we investigate different key features for WSNs and define some rules to building an efficient, accurate and effective Intrusion Detection Systems (IDSs). We also propose a moving window function method to gather the current activity data. The scheme fits the demands and restrictions of WSNs. The scheme does not need any cooperation among monitor nodes. Simulation results show that we proposed IDSs is efficient and accurate in detecting different kinds of attacks.

[1]  Hamid K. Aghajan,et al.  WiSNAP: a wireless image sensor network application platform , 2006, 2nd International Conference on Testbeds and Research Infrastructures for the Development of Networks and Communities, 2006. TRIDENTCOM 2006..

[2]  Dharma P. Agrawal,et al.  Security enhancements in AODV protocol for wireless ad hoc networks , 2001, IEEE 54th Vehicular Technology Conference. VTC Fall 2001. Proceedings (Cat. No.01CH37211).

[3]  J.A. Stankovic,et al.  Denial of Service in Sensor Networks , 2002, Computer.

[4]  Virgil D. Gligor,et al.  A key-management scheme for distributed sensor networks , 2002, CCS '02.

[5]  Noel A Cressie,et al.  Statistics for Spatial Data. , 1992 .

[6]  Mike Rees,et al.  5. Statistics for Spatial Data , 1993 .

[7]  Wenke Lee,et al.  Intrusion detection in wireless ad-hoc networks , 2000, MobiCom '00.

[8]  Venkata M. Mulpuru,et al.  Detecting selective forwarding attacks in wireless sensor networks , 2008 .

[9]  Peter G. Neumann,et al.  EMERALD: Event Monitoring Enabling Responses to Anomalous Live Disturbances , 1997, CCS 2002.

[10]  Richard A. Kemmerer,et al.  State Transition Analysis: A Rule-Based Intrusion Detection Approach , 1995, IEEE Trans. Software Eng..

[11]  Mani B. Srivastava,et al.  SensorSim: a simulation framework for sensor networks , 2000, MSWIM '00.

[12]  Vern Paxson,et al.  Bro: a system for detecting network intruders in real-time , 1998, Comput. Networks.

[13]  Haiguang Chen,et al.  A new kind of session keys based on message scheme for sensor networks , 2005, 2005 Asia-Pacific Microwave Conference Proceedings.

[14]  Yih-Chun Hu,et al.  Packet leashes: a defense against wormhole attacks in wireless networks , 2003, IEEE INFOCOM 2003. Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (IEEE Cat. No.03CH37428).

[15]  Mary Baker,et al.  Mitigating routing misbehavior in mobile ad hoc networks , 2000, MobiCom '00.

[16]  Koral Ilgun,et al.  USTAT: a real-time intrusion detection system for UNIX , 1993, Proceedings 1993 IEEE Computer Society Symposium on Research in Security and Privacy.

[17]  Jennifer C. Hou,et al.  A Simulation Framework for Sensor Networks in J-Sim , 2003 .

[18]  Antonio Alfredo Ferreira Loureiro,et al.  Malicious node detection in wireless sensor networks , 2004, 18th International Parallel and Distributed Processing Symposium, 2004. Proceedings..

[19]  Yunghsiang Sam Han,et al.  A key management scheme for wireless sensor networks using deployment knowledge , 2004, IEEE INFOCOM 2004.

[20]  Matt Welsh,et al.  Simulating the power consumption of large-scale sensor network applications , 2004, SenSys '04.