A Scheme for Detecting the Sinkhole for Secured WSN

Because of the limited computation capability as well as transmissions being broadcasted in a wireless sensor network (WSN) they are supposed to be more susceptible for attacks related to the security. As present wireless sensor networks have low-power constraints as well as increased complexity, thus for nodes’ performance analysis related to the embedded software and network simulation efficient approaches are required. Additionally, as these networks are used to deal with the sensitive information and operated in the adverse unattended environments, thus, security feature must be added in most of these wireless sensor networks. In this paper a novel scheme for detecting various sinkhole nodes for wireless sensor network (WSN). The results of this proposed scheme show the 1.75% fake positive rate and 96% of detection rate. In comparison to the previous schemes, these aspects are considerably better. In addition to these aspects, our scheme also achieves the communication as well as computational efficiencies. As a result of which, this proposed scheme proved to have better results in many applications.

Intrusion Detection and Prevention Systems in Wireless Networks

In society today, public and personal communication are often carried out through wireless technology. These technologies can be vulnerable to various types of attacks. Attackers can access the signal to listen or to cause more damage on the wireless networks. Intrusion Detection and Prevention System (IDPS) technology can be used to monitor and analyze the signal for any infiltration to prevent interception or other malicious intrusion. An overview description of IDPSs and their core functions, the primary types of intrusion detection mechanisms, and the limitations of IDPSs are discussed. This work perceives the requirements of developing new and sophisticated detection and prevention methods based on, and managed by, combining smart techniques including machine learning, data mining, and game theory along with risk analysis and assessment techniques. This assists wireless networks toremain secure and aids system administrators to effectively monitor their systems

A Survey on Intrusion Detection in Wireless Sensor Networks

ABSTRACT In recent years, the applications based on the Wireless Sensor Networks are growing very fast. The application areas include agriculture, healthcare, military, hospitality management, mobiles and many others. So these networks are very important for us and the security of the network from the various attacks is also a more important issue in WSN application now days. Stopping these attacks or enhancing the security of the WSN system various intrusion detection policies are developed till date to detect the node/s that is/are not working normally. Out of various detection techniques three major categories explored in this paper are Anomaly detection, Misuse detection and Specificationbased detection. Here in this review paper various attacks on Wireless Sensor Networks and existing Intrusion detection techniques are discussed to detect the compromised node/s. The paper also provides a brief discussion about the characteristics of the Wireless Sensor Networks and the classification of attacks

FEATURE SELECTION FOR INTRUSION DETECTION SYSTEM IN A CLUSTER-BASED HETEROGENEOUS WIRELESS SENSOR NETWORK

Wireless sensor network (WSN) has become one of the most promising networking solutions with exciting new applications for the near future. Notwithstanding the resource constrain of WSNs, it has continued to enjoy widespread deployment.  Security in WSN, however, remains an ongoing research trend as the deployed sensor nodes (SNs) are susceptible to various security challenges due to its architecture, hostile deployment environment and insecure routing protocols. In this work, we propose a feature selection method by combining three filter methods; Gain ratio, Chi-squared and ReliefF (triple-filter) in a cluster-based heterogeneous WSN prior to classification. This will increase the classification accuracy and reduce system complexity by extracting 14 important features from the 41 original features in the dataset. An intrusion detection benchmark dataset, NSL-KDD, is used for performance evaluation by considering detection rate, accuracy and the false alarm rate. Results obtained show that our proposed method can effectively reduce the number of features with a high classification accuracy and detection rate in comparison with other filter methods. In addition, this proposed feature selection method tends to reduce the total energy consumed by SNs during intrusion detection as compared with other filter selection methods, thereby extending the network lifetime and functionality for a reasonable period

Detecting Prominent Features and Classifying Network Traffic for Securing Internet of Things Based on Ensemble Methods

abstract: Rapid growth of internet and connected devices ranging from cloud systems to internet of things have raised critical concerns for securing these systems. In the recent past, security attacks on different kinds of devices have evolved in terms of complexity and diversity. One of the challenges is establishing secure communication in the network among various devices and systems. Despite being protected with authentication and encryption, the network still needs to be protected against cyber-attacks. For this, the network traffic has to be closely monitored and should detect anomalies and intrusions. Intrusion detection can be categorized as a network traffic classification problem in machine learning. Existing network traffic classification methods require a lot of training and data preprocessing, and this problem is more serious if the dataset size is huge. In addition, the machine learning and deep learning methods that have been used so far were trained on datasets that contain obsolete attacks. In this thesis, these problems are addressed by using ensemble methods applied on an up to date network attacks dataset. Ensemble methods use multiple learning algorithms to get better classification accuracy that could be obtained when the corresponding learning algorithm is applied alone. This dataset for network traffic classification has recent attack scenarios and contains over fifteen attacks. This approach shows that ensemble methods can be used to classify network traffic and detect intrusions with less training times of the model, and lesser pre-processing without feature selection. In addition, this thesis also shows that only with less than ten percent of the total features of input dataset will lead to similar accuracy that is achieved on whole dataset. This can heavily reduce the training times and classification duration in real-time scenarios.Dissertation/ThesisMasters Thesis Computer Science 201

Uma Revisão Sobre as Publicações de Sistemas de Detecção de Intrusão

O crescente registro de incidentes de segurança em redes de computadores tem motivado o desenvolvimento de estudos em detecção de intrusão, as principais técnicas de identificação de uma intrusão são baseadas em anomalias e assinaturas. Atualmente, a comunidade acadêmica explora preferencialmente pesquisas em redes baseadas em anomalias, entretanto, não existe um modelo comum de desenvolvimento destas propostas de modo que muitos autores descrevem, implementam e validam seus sistemas do modo heterogêneo. Neste artigo foi realizado uma pesquisa que investigou a produção científica de 112 publicações relacionadas a sistemas de detecção de intrusão. Alguns dos critérios utilizados para avaliação destes artigos foram fator de impacto, características de detecção utilizadas e a base de dados implementado. Os resultados obtidos demonstram que ocorreu um aumento da compreensão deste tema, entretanto futuros estudos serão necessários para explorar a validade dos novos métodos de avaliação em detecção de intrusão.

Non-intrusive anomaly detection for encrypted networks

The use of encryption is steadily increasing. Packet payloads that are encrypted are becoming increasingly difficult to analyze using IDSs. This investigation uses a new non-intrusive IDS approach to detect network intrusions using a K-Means clustering methodology. It was found that this approach was able to detect many intrusions for these datasets while maintaining the encrypted confidentiality of packet information. This work utilized the KDD \u2799 and NSL-KDD evaluation datasets for testing