Energy efficiency of intrusion detection systems in wireless sensor networks

Security is a significant concern for many sensor network applications. Intrusion detection is one method of defending against attacks. However, standard intrusion detection is not suitable for sensor networks with limited battery power, memory and processing resources. This paper compares several approaches to intrusion detection in sensor networks. We investigate accuracy of detecting attacks, versus energy efficiency

Hierarchical Design Based Intrusion Detection System For Wireless Ad hoc Network

In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.Comment: 16 pages, International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010. arXiv admin note: text overlap with arXiv:1111.1933 by other author

Anomaly detection in unknown environments using wireless sensor networks

This dissertation addresses the problem of distributed anomaly detection in Wireless Sensor Networks (WSN). A challenge of designing such systems is that the sensor nodes are battery powered, often have different capabilities and generally operate in dynamic environments. Programming such sensor nodes at a large scale can be a tedious job if the system is not carefully designed. Data modeling in distributed systems is important for determining the normal operation mode of the system. Being able to model the expected sensor signatures for typical operations greatly simplifies the human designer’s job by enabling the system to autonomously characterize the expected sensor data streams. This, in turn, allows the system to perform autonomous anomaly detection to recognize when unexpected sensor signals are detected. This type of distributed sensor modeling can be used in a wide variety of sensor networks, such as detecting the presence of intruders, detecting sensor failures, and so forth. The advantage of this approach is that the human designer does not have to characterize the anomalous signatures in advance. The contributions of this approach include: (1) providing a way for a WSN to autonomously model sensor data with no prior knowledge of the environment; (2) enabling a distributed system to detect anomalies in both sensor signals and temporal events online; (3) providing a way to automatically extract semantic labels from temporal sequences; (4) providing a way for WSNs to save communication power by transmitting compressed temporal sequences; (5) enabling the system to detect time-related anomalies without prior knowledge of abnormal events; and, (6) providing a novel missing data estimation method that utilizes temporal and spatial information to replace missing values. The algorithms have been designed, developed, evaluated, and validated experimentally in synthesized data, and in real-world sensor network applications

System for Malicious Node Detection in IPv6-based Wireless Sensor Networks

U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6- temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere. Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM. Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor networks (WSN) as a consequence of tendency of their integration with other types of IPbased networks. This thesis deals with the security aspects of these IPv6-based WSN. After short review of the WSN concept, the implementation process of the IPv6 protocol into WSN is elaborated in more details. Afterwards, there is a detailed analysis of security threats and attacks which are present in IPv6-based WSN. For some of them possible countermeasures are given. Furthermore, the proposal of the novel and modular security framework for IPv6- based WSN is given. The structure and the functions of its modules are explained, and recommendations for their implementation are given. Also, the solution of adaptive distributed system for malicious node detection in IPv6-based WSN is given. The system is based on distributed algorithms and collective decision-making process. Proposed system introduces innovative concept of probability estimation for malicious behavior of sensor nodes. The system is implemented and tested through several different scenarios in three different network topologies. Finally, performed analysis showed that proposed system is energy efficient and has good capability for detection of malicious nodes

System for Malicious Node Detection in IPv6-based Wireless Sensor Networks

U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6- temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere. Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM. Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor networks (WSN) as a consequence of tendency of their integration with other types of IPbased networks. This thesis deals with the security aspects of these IPv6-based WSN. After short review of the WSN concept, the implementation process of the IPv6 protocol into WSN is elaborated in more details. Afterwards, there is a detailed analysis of security threats and attacks which are present in IPv6-based WSN. For some of them possible countermeasures are given. Furthermore, the proposal of the novel and modular security framework for IPv6- based WSN is given. The structure and the functions of its modules are explained, and recommendations for their implementation are given. Also, the solution of adaptive distributed system for malicious node detection in IPv6-based WSN is given. The system is based on distributed algorithms and collective decision-making process. Proposed system introduces innovative concept of probability estimation for malicious behavior of sensor nodes. The system is implemented and tested through several different scenarios in three different network topologies. Finally, performed analysis showed that proposed system is energy efficient and has good capability for detection of malicious nodes

System for Malicious Node Detection in IPv6-based Wireless Sensor Networks

U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6- temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere. Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM. Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor networks (WSN) as a consequence of tendency of their integration with other types of IPbased networks. This thesis deals with the security aspects of these IPv6-based WSN. After short review of the WSN concept, the implementation process of the IPv6 protocol into WSN is elaborated in more details. Afterwards, there is a detailed analysis of security threats and attacks which are present in IPv6-based WSN. For some of them possible countermeasures are given. Furthermore, the proposal of the novel and modular security framework for IPv6- based WSN is given. The structure and the functions of its modules are explained, and recommendations for their implementation are given. Also, the solution of adaptive distributed system for malicious node detection in IPv6-based WSN is given. The system is based on distributed algorithms and collective decision-making process. Proposed system introduces innovative concept of probability estimation for malicious behavior of sensor nodes. The system is implemented and tested through several different scenarios in three different network topologies. Finally, performed analysis showed that proposed system is energy efficient and has good capability for detection of malicious nodes