27-09-2012, 05:46 PM
Group-based intrusion detection system in wireless sensor networks
1Group-based intrusion.pdf (Size: 1.3 MB / Downloads: 37)
ABSTRACT
Many mission critical wireless sensor networks require an efficient, lightweight and flexible intrusion
detection algorithm to identify malicious attackers. In this paper, we propose a distributed group-based
intrusion detection scheme that meets all the above requirements by partitioning the sensor networks
into many groups in which the sensors in each group are physically close to each other and are equipped
with the same sensing capability. Our intrusion detection algorithm takes simultaneously into consideration
of multiple attributes of the sensor nodes to detect malicious attackers precisely. We show through
experiments with real data that our algorithm can decrease the false alarm rate and increase the detection
accuracy compared with existing intrusion detection schemes while lowering the computation and
transmission power consumption.
Introduction
Wireless sensor networks have become one of the most
interesting and promising research and development areas over
the past few years. Such networks usually consist of hundreds
or even thousands of small-sized, low power, inexpensive sensors
to monitor some specific phenomenon cooperatively. The
characteristics of sensor networks such as flexibility, self-organization,
fault tolerance, high sensing fidelity, low cost and rapid
deployment have created many new and exciting applications
such as wildlife monitoring, disaster response, military surveillance,
smart building and industrial quality control, to name a
few [1].
In general, the sensors in a network are deployed in unattended
environment or even hostile circumstance, and communicate with
each other using wireless signals which can be eavesdropped very
easily. The constrained capacity of wireless sensor nodes such as
limitation in computation power, memory and battery lifetime further
increases the insecurity of wireless sensor networks. Many
different kinds of attacks against wireless sensor networks have
been identified so far, e.g., bogus routing and sensed data attack,
select forward attack, sink hole attack, worm hole attack, black
hole attack and hello flood attack, etc. [2].
Related work
In this section, we review some related work in the security of
wireless sensor networks in whichweclassify them into two categories:
prevention based techniques and detection based techniques.
Prevention based techniques
Encryption and authentication are two primary techniques to
secure wireless sensor networks against malicious access. The
core ideas behind such techniques rely on key management. Eschenauer
and Gligor proposed the basic probabilistic key predistribution
scheme in which each sensor is assigned a random subset
of keys from a key pool before the network is deployed so that
any two sensor nodes will have a certain probability to share at
least one key [3]. Chan et al. improved the above scheme and proposed
the q-composite key predistribution scheme [4], which requires
that two sensor nodes share at least q predistributed
keys as the basis for the establishment of a pairwise key between
the two nodes. Liu and Ning proposed a framework in which pairwise
keys are predistributed by using bivariate polynomials [5].
They also proposed two efficient instantiations, i.e., a grid-based
key predistribution scheme and a random subset assignment
scheme, for the establishment of pairwise keys in a wireless sensor
network. In addition, they proposed the closest pairwise key
predistribution scheme and the closest polynomials predistribution
scheme, which take advantage of sensor nodes’ expected
locations to predistribute appropriate keys to the sensors and thus
can improve the performance of key establishment [6]. Li et al.
proposed the hexagon-based key predistribution scheme that
can improve the effectiveness of key management in sensor network
by using the bivariate polynomial in a hexagonal coordinate
system based on the deployment information about expected
locations of the sensor nodes [7].
Conclusion
In this paper, we proposed the group-based intrusion detection
scheme for wireless sensor networks with the goal of detecting
malicious attackers. Our experiment results show that our scheme
can achieve a lower false alarm rate and a higher detection accuracy
rate than the existing detection schemes. At the same time,
it can also reduce the monitoring power consumption with the
requirement of grouping the sensor nodes in the network only
once.