Towards a CDS-based Intrusion Detection Deployment Scheme for Securing Industrial Wireless Sensor Networks

The use of wireless communication is a major trend in the so called Supervisory Control and Data Acquisition systems (SCADA). Consequently, Wireless Industrial Sensor Networks (WISN) were developed to meet real time and security requirements needed by SCADA systems. In term of security, WISN suffer from the same threats that those targeting classical WSN. Indeed, attackers mainly use wireless communication as a medium to launch these attacks. But as these networks are used to manage critical systems, consequences of such attacks can be more harmful. Therefore, additionally to the use of cryptographic and authentication mechanisms, Intrusion Detection Systems (IDS) are also used as a second line of defense. In this paper we propose an efficient IDS deployment scheme specially tailored to fit WISN characteristics. It builds a virtual wireless backbone that adds security purposes to the WISN. We also show that the proposed deployment scheme provides a good traffic monitoring capability with an acceptable number of monitoring nodes. It particularly allows detecting that a packet has been forged, deleted, modified or delayed during its transmission.

[1]  Samir Khuller,et al.  Approximation Algorithms for Connected Dominating Sets , 1996, Algorithmica.

[2]  S. Shankar Sastry,et al.  Understanding the physical and economic consequences of attacks on control systems , 2009, Int. J. Crit. Infrastructure Prot..

[3]  Jiguo Yu,et al.  Connected dominating sets in wireless ad hoc and sensor networks - A comprehensive survey , 2013, Comput. Commun..

[4]  Huirong Fu,et al.  Intrusion Detection System for Wireless Sensor Networks , 2008, Security and Management.

[5]  Dawn M. Tilbury,et al.  The Emergence of Industrial Control Networks for Manufacturing Control, Diagnostics, and Safety Data , 2007, Proceedings of the IEEE.

[6]  John R. Douceur,et al.  The Sybil Attack , 2002, IPTPS.

[7]  Roger Pierre Fabris Hoefel,et al.  IEEE 802.11 WLANs: A comparison on indoor coverage models , 2010, CCECE 2010.

[8]  Mohammed Haddad,et al.  A Self-stabilizing Algorithm for Edge Monitoring Problem , 2014, SSS.

[9]  S. Guha,et al.  Approximation Algorithms for Connected Dominating Sets , 1998, Algorithmica.

[10]  C. Karlof,et al.  Secure routing in wireless sensor networks: attacks and countermeasures , 2003, Proceedings of the First IEEE International Workshop on Sensor Network Protocols and Applications, 2003..

[11]  Rodrigo Roman,et al.  On the Vital Areas of Intrusion Detection Systems in Wireless Sensor Networks , 2013, IEEE Communications Surveys & Tutorials.

[12]  Nora Cuppens-Boulahia,et al.  Security Issue of WirelessHART Based SCADA Systems , 2015, CRiSIS.

[13]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[14]  Jianying Zhou,et al.  Applying intrusion detection systems to wireless sensor networks , 2006, CCNC 2006. 2006 3rd IEEE Consumer Communications and Networking Conference, 2006..

[15]  Xinbing Wang,et al.  Edge Self-Monitoring for Wireless Sensor Networks , 2011, IEEE Transactions on Parallel and Distributed Systems.

[16]  Luigi Coppolino,et al.  An Intrusion Detection System for Critical Information Infrastructures using Wireless Sensor Network technologies , 2010, 2010 5th International Conference on Critical Infrastructure (CRIS).

[17]  Makoto Takizawa,et al.  A Survey on Clustering Algorithms for Wireless Sensor Networks , 2010, 2010 13th International Conference on Network-Based Information Systems.

[18]  Issa M. Khalil,et al.  LiteWorp: Detection and isolation of the wormhole attack in static multihop wireless networks , 2007, Comput. Networks.

[19]  Ulf Lindqvist,et al.  An intrusion detection system for wireless process control systems , 2008, 2008 5th IEEE International Conference on Mobile Ad Hoc and Sensor Systems.

[20]  Mohamed F. Younis,et al.  Positioning of Base Stations in Wireless Sensor Networks , 2007, IEEE Communications Magazine.

[21]  Antonio Alfredo Ferreira Loureiro,et al.  Decentralized intrusion detection in wireless sensor networks , 2005, Q2SWinet '05.

[22]  Ing-Ray Chen,et al.  A survey of intrusion detection in wireless network applications , 2014, Comput. Commun..

[23]  A. Perrig,et al.  The Sybil attack in sensor networks: analysis & defenses , 2004, Third International Symposium on Information Processing in Sensor Networks, 2004. IPSN 2004.