8 research outputs found
Energy efficiency of intrusion detection systems in wireless sensor networks
Security is a significant concern for many sensor network applications. Intrusion detection is one method of defending against attacks. However, standard intrusion detection is not suitable for sensor networks with limited battery power, memory and processing resources. This paper compares several approaches to intrusion detection in sensor networks. We investigate accuracy of detecting attacks, versus energy efficiency
Hierarchical Design Based Intrusion Detection System For Wireless Ad hoc Network
In recent years, wireless ad hoc sensor network becomes popular both in civil
and military jobs. However, security is one of the significant challenges for
sensor network because of their deployment in open and unprotected environment.
As cryptographic mechanism is not enough to protect sensor network from
external attacks, intrusion detection system needs to be introduced. Though
intrusion prevention mechanism is one of the major and efficient methods
against attacks, but there might be some attacks for which prevention method is
not known. Besides preventing the system from some known attacks, intrusion
detection system gather necessary information related to attack technique and
help in the development of intrusion prevention system. In addition to
reviewing the present attacks available in wireless sensor network this paper
examines the current efforts to intrusion detection system against wireless
sensor network. In this paper we propose a hierarchical architectural design
based intrusion detection system that fits the current demands and restrictions
of wireless ad hoc sensor network. In this proposed intrusion detection system
architecture we followed clustering mechanism to build a four level
hierarchical network which enhances network scalability to large geographical
area and use both anomaly and misuse detection techniques for intrusion
detection. We introduce policy based detection mechanism as well as intrusion
response together with GSM cell concept for intrusion detection architecture.Comment: 16 pages, International Journal of Network Security & Its
Applications (IJNSA), Vol.2, No.3, July 2010. arXiv admin note: text overlap
with arXiv:1111.1933 by other author
Anomaly detection in unknown environments using wireless sensor networks
This dissertation addresses the problem of distributed anomaly detection in Wireless Sensor Networks (WSN). A challenge of designing such systems is that the sensor nodes are battery powered, often have different capabilities and generally operate in dynamic environments. Programming such sensor nodes at a large scale can be a tedious job if the system is not carefully designed. Data modeling in distributed systems is important for determining the normal operation mode of the system. Being able to model the expected sensor signatures for typical operations greatly simplifies the human designer’s job by enabling the system to autonomously characterize the expected sensor data streams. This, in turn, allows the system to perform autonomous anomaly detection to recognize when unexpected sensor signals are detected. This type of distributed sensor modeling can be used in a wide variety of sensor networks, such as detecting the presence of intruders, detecting sensor failures, and so forth. The advantage of this approach is that the human designer does not have to characterize the anomalous signatures in advance.
The contributions of this approach include: (1) providing a way for a WSN to autonomously model sensor data with no prior knowledge of the environment; (2) enabling a distributed system to detect anomalies in both sensor signals and temporal events online; (3) providing a way to automatically extract semantic labels from temporal sequences; (4) providing a way for WSNs to save communication power by transmitting compressed temporal sequences; (5) enabling the system to detect time-related anomalies without prior knowledge of abnormal events; and, (6) providing a novel missing data estimation method that utilizes temporal and spatial information to replace missing values. The algorithms have been designed, developed, evaluated, and validated experimentally in synthesized data, and in real-world sensor network applications
System for Malicious Node Detection in IPv6-based Wireless Sensor Networks
U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske
mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža
temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6-
temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak
implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i
napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere.
Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM.
Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu
implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje
zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim
algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept
procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i
testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena
analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru
sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor
networks (WSN) as a consequence of tendency of their integration with other types of IPbased
networks. This thesis deals with the security aspects of these IPv6-based WSN. After
short review of the WSN concept, the implementation process of the IPv6 protocol into WSN
is elaborated in more details. Afterwards, there is a detailed analysis of security threats and
attacks which are present in IPv6-based WSN. For some of them possible countermeasures
are given. Furthermore, the proposal of the novel and modular security framework for IPv6-
based WSN is given. The structure and the functions of its modules are explained, and
recommendations for their implementation are given. Also, the solution of adaptive
distributed system for malicious node detection in IPv6-based WSN is given. The system is
based on distributed algorithms and collective decision-making process. Proposed system
introduces innovative concept of probability estimation for malicious behavior of sensor
nodes. The system is implemented and tested through several different scenarios in three
different network topologies. Finally, performed analysis showed that proposed system is
energy efficient and has good capability for detection of malicious nodes
System for Malicious Node Detection in IPv6-based Wireless Sensor Networks
U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske
mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža
temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6-
temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak
implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i
napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere.
Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM.
Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu
implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje
zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim
algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept
procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i
testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena
analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru
sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor
networks (WSN) as a consequence of tendency of their integration with other types of IPbased
networks. This thesis deals with the security aspects of these IPv6-based WSN. After
short review of the WSN concept, the implementation process of the IPv6 protocol into WSN
is elaborated in more details. Afterwards, there is a detailed analysis of security threats and
attacks which are present in IPv6-based WSN. For some of them possible countermeasures
are given. Furthermore, the proposal of the novel and modular security framework for IPv6-
based WSN is given. The structure and the functions of its modules are explained, and
recommendations for their implementation are given. Also, the solution of adaptive
distributed system for malicious node detection in IPv6-based WSN is given. The system is
based on distributed algorithms and collective decision-making process. Proposed system
introduces innovative concept of probability estimation for malicious behavior of sensor
nodes. The system is implemented and tested through several different scenarios in three
different network topologies. Finally, performed analysis showed that proposed system is
energy efficient and has good capability for detection of malicious nodes
System for Malicious Node Detection in IPv6-based Wireless Sensor Networks
U posljednje vrijeme javlja se trend implementacije IPv6 protokola u bežične senzorske
mreže (BSM) kao posljedica težnje ka njihovoj integraciji sa drugim vrstama mreža
temeljenih na IP protokolu. Ova disertacija bavi se sigurnosnim aspektima ovih IPv6-
temeljenih BSM. Nakon kraćeg pregleda koncepta BSM detaljnije se razrađuje postupak
implementacije IPv6 protokola u BSM. Potom slijedi detaljna analiza sigurnosnih prijetnji i
napada prisutnih u IPv6-temeljenim BSM. Za neke od njih dane su i moguće protumjere.
Nadalje, dan je prijedlog novog modularnog sigurnosnog okvira za IPv6 temeljene BSM.
Objašnjeni su struktura i funkcije njegovih modula, te su dane preporuke za njihovu
implementaciju. Također, dano je i rješenje distribuiranog adaptivnog sustava za otkrivanje
zlonamjernih čvorova u IPv6-temeljenim BSM. Sustav se temelji na distribuiranim
algoritmima i postupku kolektivnog odlučivanja. Predloženi sustav uvodi inovativni koncept
procjene vjerojatnosti zlonamjernog ponašanja senzorskih čvorova. Sustav je implementiran i
testiran kroz više različitih scenarija u tri različite mrežne topologije. U konačnici, provedena
analiza pokazala je da je predloženi sustav energetski učinkovit i da pokazuje dobru
sposobnost detekcije zlonamjernih čvorova.Recently occures the trend of implementation of the IPv6 protocol into wireless sensor
networks (WSN) as a consequence of tendency of their integration with other types of IPbased
networks. This thesis deals with the security aspects of these IPv6-based WSN. After
short review of the WSN concept, the implementation process of the IPv6 protocol into WSN
is elaborated in more details. Afterwards, there is a detailed analysis of security threats and
attacks which are present in IPv6-based WSN. For some of them possible countermeasures
are given. Furthermore, the proposal of the novel and modular security framework for IPv6-
based WSN is given. The structure and the functions of its modules are explained, and
recommendations for their implementation are given. Also, the solution of adaptive
distributed system for malicious node detection in IPv6-based WSN is given. The system is
based on distributed algorithms and collective decision-making process. Proposed system
introduces innovative concept of probability estimation for malicious behavior of sensor
nodes. The system is implemented and tested through several different scenarios in three
different network topologies. Finally, performed analysis showed that proposed system is
energy efficient and has good capability for detection of malicious nodes