One size does not fit all - how to approach intrusion detection in wireless sensor networks

A wireless sensor network (WSN) is a highly distributed network of resource constrained and wireless devices called sensor nodes. In the work we consider intrusion detection systems as they are proper mechanisms to defend internal attacks on WSNs. A wide diversity of WSN applications on one side and limited resources on other side implies that "one-fit-all" intrusion detection system is not optimal. We present a conceptual proposal for a suite of tools that enable an automatic design of intrusion detection system that will be (near) optimal for a given network topology, capabilities of sensor nodes and anticipated attacks

Minimization of DDoS false alarm rate in Network Security; Refining fusion through correlation

Intrusion Detection Systems are designed to monitor a network environment and generate alerts whenever abnormal activities are detected. However, the number of these alerts can be very large making their evaluation a difficult task for a security analyst. Alert management techniques reduce alert volume significantly and potentially improve detection performance of an Intrusion Detection System. This thesis work presents a framework to improve the effectiveness and efficiency of an Intrusion Detection System by significantly reducing the false positive alerts and increasing the ability to spot an actual intrusion for Distributed Denial of Service attacks. Proposed sensor fusion technique addresses the issues relating the optimality of decision-making through correlation in multiple sensors framework. The fusion process is based on combining belief through Dempster Shafer rule of combination along with associating belief with each type of alert and combining them by using Subjective Logic based on Jøsang theory. Moreover, the reliability factor for any Intrusion Detection System is also addressed accordingly in order to minimize the chance of false diagnose of the final network state. A considerable number of simulations are conducted in order to determine the optimal performance of the proposed prototype

Intrusion detection model of wireless sensor networks based on game theory and an autoregressive model

© 2018 Elsevier Inc. An effective security strategy for Wireless Sensor Networks (WSNs) is imperative to counteract security threats. Meanwhile, energy consumption directly affects the network lifetime of a wireless sensor. Thus, an attempt to exploit a low-consumption Intrusion Detection System (IDS) to detect malicious attacks makes a lot of sense. Existing Intrusion Detection Systems can only detect specific attacks and their network lifetime is short due to their high energy consumption. For the purpose of reducing energy consumption and ensuring high efficiency, this paper proposes an intrusion detection model based on game theory and an autoregressive model. The paper not only improves the autoregressive theory model into a non-cooperative, complete-information, static game model, but also predicts attack pattern reliably. The proposed approach improves on previous approaches in two main ways: (1) it takes energy consumption of the intrusion detection process into account, and (2) it obtains the optimal defense strategy that balances the system's detection efficiency and energy consumption by analyzing the model's mixed Nash equilibrium solution. In the simulation experiment, the running time of the process is regarded as the main indicator of energy consumption of the system. The simulation results show that our proposed IDS not only effectively predicts the attack time and the next targeted cluster based on the game theory, but also reduces energy consumption

Improved Intrusion Detection System using Quantal Response Equilibrium-based Game Model and Rule-based Classification

Wireless sensor network has large number of low-cost tiny nodes with sensing capability.  These provide low cost solutions to many real world problems such as such as defence, Internet of things, healthcare, environment monitoring and so on. The sensor nodes of these networks are placed in vulnerable environment. Hence, the security of these networks is very important. Intrusion Detection System (IDS) plays an important role in providing a security to such type of networks. The sensor nodes of the network have limited power and, traditional security mechanisms such as key-management, encryption decryption and authentication techniques cannot be installed on the nodes. Hence, there is a need of special security mechanism to handle the intrusions. In this paper, intrusion detection system is designed and implemented using game theory and machine learning to identify multiple attacks. Game theory is designed and used to apply the IDS optimally in WSN. The game model is designed by defining the players and the corresponding strategies. Quantal Response Equilibrium (QRE) concept of game theory is used to select the strategies in optimal way for the intrusion’s detection. Further, these intrusions are classified as denial of service attack, rank attack or selective forwarding attacks using supervised machine learning technique based on different parameters and rules. Results show that all the attacks are detected with good detection rate and the proposed approach provides optimal usage of IDS

Self organization of sensor networks for energy-efficient border coverage

Networking together hundreds or thousands of cheap sensor nodes allows users to accurately monitor a remote environment by intelligently combining the data from the individual nodes. As sensor nodes are typically battery operated, it is important to efficiently use the limited energy of the nodes to extend the lifetime of the wireless sensor network (WSN). One of the fundamental issues in WSNs is the coverage problem. In this paper, the border coverage problem in WSNs is rigorously analyzed. Most existing results related to the coverage problem in wireless sensor networks focused on planar networks; however, three dimensional (3D) modeling of the sensor network would reflect more accurately real-life situations. Unlike previous works in this area, we provide distributed algorithms that allow the selection and activation of an optimal border cover for both 2D and 3D regions of interest. We also provide self-healing algorithms as an optimization to our border coverage algorithms which allow the sensor network to adaptively reconfigure and repair itself in order to improve its own performance. Border coverage is crucial for optimizing sensor placement for intrusion detection and a number of other practical applications

Sleep Deprivation Attack Detection in Wireless Sensor Network

Deployment of sensor network in hostile environment makes it mainly vulnerable to battery drainage attacks because it is impossible to recharge or replace the battery power of sensor nodes. Among different types of security threats, low power sensor nodes are immensely affected by the attacks which cause random drainage of the energy level of sensors, leading to death of the nodes. The most dangerous type of attack in this category is sleep deprivation, where target of the intruder is to maximize the power consumption of sensor nodes, so that their lifetime is minimized. Most of the existing works on sleep deprivation attack detection involve a lot of overhead, leading to poor throughput. The need of the day is to design a model for detecting intrusions accurately in an energy efficient manner. This paper proposes a hierarchical framework based on distributed collaborative mechanism for detecting sleep deprivation torture in wireless sensor network efficiently. Proposed model uses anomaly detection technique in two steps to reduce the probability of false intrusion.Comment: 7 pages,4 figures, IJCA Journal February 201

Markov Decision Processes with Applications in Wireless Sensor Networks: A Survey

Wireless sensor networks (WSNs) consist of autonomous and resource-limited devices. The devices cooperate to monitor one or more physical phenomena within an area of interest. WSNs operate as stochastic systems because of randomness in the monitored environments. For long service time and low maintenance cost, WSNs require adaptive and robust methods to address data exchange, topology formulation, resource and power optimization, sensing coverage and object detection, and security challenges. In these problems, sensor nodes are to make optimized decisions from a set of accessible strategies to achieve design goals. This survey reviews numerous applications of the Markov decision process (MDP) framework, a powerful decision-making tool to develop adaptive algorithms and protocols for WSNs. Furthermore, various solution methods are discussed and compared to serve as a guide for using MDPs in WSNs