Hierarchical Design Based Intrusion Detection System For Wireless Ad hoc Network

In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.Comment: 16 pages, International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010. arXiv admin note: text overlap with arXiv:1111.1933 by other author

Resilient networking in wireless sensor networks

This report deals with security in wireless sensor networks (WSNs), especially in network layer. Multiple secure routing protocols have been proposed in the literature. However, they often use the cryptography to secure routing functionalities. The cryptography alone is not enough to defend against multiple attacks due to the node compromise. Therefore, we need more algorithmic solutions. In this report, we focus on the behavior of routing protocols to determine which properties make them more resilient to attacks. Our aim is to find some answers to the following questions. Are there any existing protocols, not designed initially for security, but which already contain some inherently resilient properties against attacks under which some portion of the network nodes is compromised? If yes, which specific behaviors are making these protocols more resilient? We propose in this report an overview of security strategies for WSNs in general, including existing attacks and defensive measures. In this report we focus at the network layer in particular, and an analysis of the behavior of four particular routing protocols is provided to determine their inherent resiliency to insider attacks. The protocols considered are: Dynamic Source Routing (DSR), Gradient-Based Routing (GBR), Greedy Forwarding (GF) and Random Walk Routing (RWR)

Secure Routing Optimization in Hierarchical Cluster-Based Wireless Sensor Networks

Popularity of wireless sensor networks (WSNs) is increasing continuously in different domains of daily life, as they provide efficient method of collecting valuable data from the surroundings for use in different applications. Routing in WSNs is the vital functionality that allows the flow of information generated by sensor nodes to the base station, while considering the severe energy constraint and the limitations of computational and storage resources. Indeed, this functionality may be vulnerable and must be in itself secured, since conventional routing protocols in WSNs provide efficient routing techniques with low power consumption, but they do not take into account the possible attacks. As sensor nodes may be easily captured and compromised, the classical cryptographic solutions become insufficient to provide optimal routing security, especially, for cluster-based WSNs, where cluster heads can be still among the compromised nodes. In this work, we propose a hierarchical, robust and well-adapted intrusion detection system, named THIDS, which is intended to be integrated into the secure hierarchical cluster-based routing protocols. We have chosen the protocol RLEACH to be equipped with the proposed IDS. The results of simulation performed under NS2 simulator show that the resulting protocol ORLEACH is much more resistant to compromised nodes exercising the most dangerous attacks

A Survey on Wireless Sensor Network Security

Wireless sensor networks (WSNs) have recently attracted a lot of interest in the research community due their wide range of applications. Due to distributed nature of these networks and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. This problem is more critical if the network is deployed for some mission-critical applications such as in a tactical battlefield. Random failure of nodes is also very likely in real-life deployment scenarios. Due to resource constraints in the sensor nodes, traditional security mechanisms with large overhead of computation and communication are infeasible in WSNs. Security in sensor networks is, therefore, a particularly challenging task. This paper discusses the current state of the art in security mechanisms for WSNs. Various types of attacks are discussed and their countermeasures presented. A brief discussion on the future direction of research in WSN security is also included.Comment: 24 pages, 4 figures, 2 table

Configurable Secured Adaptive Routing Protocol for Mobile Wireless Sensor Networks

This paper aims at designing, building, and simulating a secured routing protocol to defend against packet dropping attacks in mobile WSNs (MWSNs). This research addresses the gap in the literature by proposing Configurable Secured Adaptive Routing Protocol (CSARP). CSARP has four levels of protection to allow suitability for different types of network applications. The protocol allows the network admin to configure the required protection level and the ratio of cluster heads to all nodes. The protocol has an adaptive feature, which allows for better protection and preventing the spread of the threats in the network. The conducted CSARP simulations with different conditions showed the ability of CSARP to identify all malicious nodes and remove them from the network. CSARP provided more than 99.97% packets delivery rate with 0% data packet loss in the existence of 3 malicious nodes in comparison with 3.17% data packet loss without using CSARP. When compared with LEACH, CSARP showed an improvement in extending the lifetime of the network by up to 39.5%. The proposed protocol has proven to be better than the available security solutions in terms of configurability, adaptability, optimization for MWSNs, energy consumption optimization, and the suitability for different MWSNs applications and conditions