Published on

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide


  1. 1. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 6, June (2014), pp. 82-87 © IAEME 82 HIERARCHICAL INTRUSION DETECTION SYSTEM IN CLUSTER BASED WIRELESS SENSOR NETWORK USING MULTIPLE MOBILE BASE STATIONS Anurag Computer Science & Information Security, Patna, Bihar ABSTRACT One of the recent challenges in wireless sensor networks (WSNs) is the secure data transmission in an energy efficient manner. Secure Routing Protocols deals with secure routing of data to the base station via tiny sensors. These sensors are being limited in power, hence being more vulnerable to be attacked by an attacker. In this paper, we have proposed the Hierarchical Intrusion Detection System using multiple mobile base stations, which is an improvement over threshold hierarchical intrusion detection system (THIDS). The proposed method utilized the Monitor Nodes to raise the alarm and alert the base station whenever an attack in the cluster head is being detected. Using multiple mobile base stations will reduce the energy consumptions, (as compared to the stationary base stations). Our proposed method is much more secure and energy efficient. Keywords: Cluster-based wireless sensor network, Intrusion Detection System, Monitor Nodes, Multiple mobile base stations, Wireless Sensor Network. I.INTRODUCTION Wireless sensor network is an emerging field and hot research topic nowadays due to the varieties of target specific applications like surveillance, biological detection, home security, smart spaces, and environmental monitoring [I], [2], [3], [4] to name a few. Numerous conferences and seminars are being organized every year on it. Wireless sensor network mainly consists of the following equipments like-sensor nodes, transreceiver, microcontroller, external battery, memory and power source. The sensor motes senses the physical conditions of environment like temperature, pressure, humidity, wind speed etc. The transceivers than convert the information to the radio signals and vice versa and transmits the information to the other sensor node, also while receiving it convert the radio information into the usable form. The analogue signals being sensed by the sensor is converted to the digital signal and then sends them to the controller. The controller processes the data INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET) ISSN 0976 – 6367(Print) ISSN 0976 – 6375(Online) Volume 5, Issue 6, June (2014), pp. 82-87 © IAEME: www.iaeme.com/IJCET.asp Journal Impact Factor (2014): 8.5328 (Calculated by GISI) www.jifactor.com IJCET © I A E M E
  2. 2. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 6, June (2014), pp. 82-87 © IAEME 83 as well as controls the functionality of other components of the sensor nodes. These sensor nodes after sensing the information sends it to the base station and from there, it is available to the end user for its further utilization. These sensors can collect environmental information within their sensing ranges and have capability for further data processing. They can also transmit, relay, and receive information within their communication ranges. By the recent advances in hardware miniaturization, communication technologies and Low-Cost mass production, large scale networks with hundreds or even thousands of small, inexpensive, battery-powered, and wirelessly connected sensors have become possible and bring up a wide range of new applications Energy conservation is a primarily concern in wireless sensor networks which have to operate during long periods of time based on battery power. For instance, habitatal battlefield monitoring may require continuous operation of at least several months. Moreover, in the second case it might be difficult to replace batteries when these are drained out because of the inaccessible areas where these are deployed (usually sensor nodes are deployed randomly from airplanes. The main issue of the secure routing in wireless sensor network is to prevent interception, injection or altering the data as it passes from sensors nodes to base station via other sensor nodes. The main issue here is how to ensure secure data transmission in order to maximize the network lifetime. As sensors motes are of small size, it has limited memory, and small size battery, and thus it has minimal processing and computational power. So, judicious management of energy resources is being very necessary for maximizing its lifetime. So, we are going to design a security algorithm in wireless sensor network which maximizes the lifetime of the sensors with minimum consumption of energy. The rest of the paper is been organized as follows: In the next section, we will read the related work done till now in this field. Section III discusses the proposed work and finally, in section V, we will discuss the conclusion. 2. RELATED WORK Various research works has been done on secure routing protocol, but here we will discuss some few of them. In [5], energy efficient multipath routing protocol has been proposed which increase the lifetime of the wireless sensor node and network. The multipath routing uses multiple paths for data transmission which spread the number of nodes which saves the energy. It provides the effective load sharing to meet the Quality of service. The sink initiated proactive protocol secure Energy Efficient Node Disjoint Multipath Routing Protocol (EENDMRP) is being proposed which finds the multiple paths between the source and destination based on the rate of energy consumption. It uses a crypto system which uses the MD5 hash function and RSA public key algorithm. The public key distributed freely and private key distributed for each node. It has Route construction phase, Data transmission phase and transmits the data in wireless sensor network. It does not measure energy and QoS with link reliability while transferring the data. In [7], researches are much more oriented to the development of logical intrusion detection systems. An intrusion detection system (IDS) is by definition a system that handles the detection and the isolation of intruders present in the network through a collection of monitor nodes (MNs). A MN is a sensor node which has to control network’s traffic and to transmit alarm messages on detecting misbehaviors. Intrusion detection systems have been proposed in [8] which can detect different types of malicious behaviors targeting different levels in OSI model, using conventional or special techniques. In [9], energy efficient hybrid IDS (eHIDS) is introduced. The detection scheme combines both misuse and anomaly rules in order to identify abnormal communications in HWSNs. eHIDS agents are implanted only on clusters heads, which reduces significantly its energy consumption. The anomaly detection model includes general attacks on integrity, delay and transmission range. Whenever an intrusion is detected, MNs
  3. 3. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 6, June (2014), pp. 82-87 © IAEME 84 generate alarm. Authors claim that the proposed IDS has high detection rate, while it hasn’t been evaluated with specific and various attacks. In [10] OSPF has been proposed for secure efficient dynamic routing in wireless sensor network. This project provides secure efficient dynamic routing in wireless sensor network. The protocols that are being used just provide a data packet transfer without any proper time. With the implementation of open shortest path first protocol we can get a better routing path for with least cost path. Thus the implementation of this can give a better view in the data packet transferring. The Simulation of Secure Efficient Dynamic Routing in Wireless sensor network has been implemented using dijkstra’s algorithm for finding shortest path between the nodes. For providing security to the messages DES algorithm is used. The messages are encrypted and decrypted using this algorithm in order to provide security. User can be able to create number of nodes in the network. User can be able to send the packets using shortest path so that it reaches fast. User can also able to view the Routing Table at each node. User can also be able to view different nodes placed with their Node location and Node id. So from the Implementation it can be conclude that this technique is very cost effective, secure and simpler to configure. In [11], Threshold Hierarchical Intrusion Detection system has been proposed in which Mobile Node has the responsibility of sending alarm to the base station when the no. of blacklisted sensor nodes reaches the threshold. The suggested approach of this paper is based on this method, which will be explained in brief in the next section. 3. THRESHOLD HIERARCHICAL INTRUSION DETECTION SYSTEM This method attempts to detect the blacklisted nodes in the respective CHs by the help of Monitor Nodes to alert the other sensors and the Base station. In this system, each sensor node (including MNs) has a local list called the isolation list (or blacklist).Selective forwarding and black hole attacks are detected after that member node relay their data messages. MNs in each cluster start monitoring their CH, by hearing exchanged messages, during a period of time. If the MN finds that there is no data message sent by its CH, this last is henceforth considered as attacker. Consequently, the MN puts CH’s identifier in its blacklist, and diffuses a local alert message, containing the related ID to the neighboring nodes (which may be part of adjacent clusters). On the reception of the alert message, nodes update their blacklists by adding attacker ID. The monitoring and detection algorithm is detailed as follows: Detected attackers, whose IDs appear in node’s blacklist, will never be chosen as CHs in the future clusters reconstructions. This allows then sinkhole prevention. Insider malicious nodes finding themselves isolated from being CHs, may transmit falsified reports to the BS. So, for a complete isolation, MNs as well as the legitimate sensor nodes should send general alarms carrying their blacklists, to the BS. On account of the important energy cost of direct communications with the BS, general alert messages are sent only if the number of the detected intruders, in the blacklist, rises by a step equal to a specified threshold. On each time it receives such a general alert message, the BS updates its proper black list by adding the new intruders, allowing it to revoke the susceptible incoming malicious messages. The consumed energy ‫ܧ‬ெே೟ by THIDS on a monitor node is calculated as: ‫ܧ‬ெே೟ ൌ ‫ܧ‬ௗ ൅ ‫ܧ‬௉ ൅ ‫ܧ‬௔ Where ‫ܧ‬ௗ is the consumed energy to detect the intrusion on the CHs ‫ܧ‬௉ , is the processing energy on the blacklist (the checking and updating operations). ‫ܧ‬௔, is the needed energy for the alerting mechanism; the sending of both local and general alarms.
  4. 4. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 6, June (2014), pp. 82-87 © IAEME 85 4. HIERARCHICAL INTRUSION DETECTION SYSTEM USING MULTIPLE MOBILE BASE STATIONS 4.1. Working This approach tries to improve the THIDS method and alarms the base station about the blacklisted nodes. The proposed MHIDS follows certain assumptions which are as follows: 1. It is destined to cluster based WSNs, especially those where clusters are dynamically and periodically formed. 2. Each cluster should have a certain number of MNs that control the behavior of their CH. The number of MNs that should be defined in each cluster is determined according to a tradeoff between detection effectiveness and energy saving. 3. Each time clusters change, the selected MNs change as well. The cryptographic solution in the sensor nodes become infeasible when the there is an internal attack in the sensor network, as each of the sensor nodes already knows the key. So IDS approaches have been proposed which detects and isolate the inside malicious nodes present in the network. In THIDS, the alarm was being raised and sends to the base station only after the threshold value was being reached. The major drawback in this case is that the blacklisted nodes could still communicate with the base station and could still send the falsified message. Till the time the threshold value is being reached it may happen that base station receives and computes falsified messages which may be prove fatal (especially in some mission critical tasks). So, in this approaches, as soon as the malicious node is being detected by the Monitor Nodes ,the information will be send to the Base station and hence it will stops receiving information from that node. In this approach, we use three sink nodes which are mobile and change its position with respect to time. Mobile sink nodes will reduces the energy being consumed by the network. So, to prevent it, whenever MN detects the blacklisted CH, it sends the general alarm to the nearest Base station. The base station then stops receiving message from the blacklisted CHs. 4.2. Monitor and Detection Algorithm BL : the blacklist. T : time of intrusion detection beginning. Slot-time : time of TDMA slot. msg : message. CHid : cluster head ID. Begin T _ (length (TDMA) * Time-slot) + random delay. if ((time = T) and (ID != CHid)) then Wakeup (). if ( isMONITOR = true ) then listening (). if (no data message of CH is heard ) then Add_in_list (BL , CHid ). msg [data] = CHid. Send_local_ alert (msg). Send_general_alert(msg)://to nearest base station via MNs
  5. 5. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 6, June (2014), pp. 82-87 © IAEME 86 msg [data] = BL. end if. end if. end if. end if. End. In this technique, we have used three mobile base stations. Using the mobile base station will reduces the energy consumption to some extent. The alert message passes to the nearest Base station via nearest Monitor nodes and hence much energy is being saved .The blacklisted node will also be isolated from the CHs and hence could not send falsified information and hence secured data could be transmitted by this method. 5. CONCLUSION The presented approach of this paper tries to eradicate some problems in THIDS method and ensures the secure data transmission .The malicious node will be isolated and being removed from the network as soon as it being detected and hence is being much more secure. Using multiple mobile base station will reduces the energy consumption and will increase the network lifetime. We will simulate our result and will compare the result with existing THIDS. We have use IDS in the work. In the future, we will extend the use IDS for other types of attack as well and also we will use more number of Monitor Node for making it more efficient. However more work needed to be done in this field so that global solution could be achieved. REFERENCES [1] B. Badrinath, M. Srivastava, K. Mills, J. Scholtz, and K. S. Eds., "Special issue on smart spaces and environments," IEEE Personal Communications vol. 7, no. 5, 2000. [2] I.F.Akyildiz, W. Su, Y.Sankarasubramaniam, and E.Cayirci, "Wireless sensor networks: a survey," Computer Networks , 2002. [3] D. Li, K. Wong, Y. Hu, and A. Sayeed,""detection, classification and tracking of targets in distributed sensor networks"," IEEE Signal Processing Magazine, vol. 19, 2002. [4] P. Varshney., "Distributed detection and data fusion," Spinger-Verlag, New York, 1996. [5] Shiva Murthy G, Robert John D’Souza, and Golla Varaprasad. : Digital Signature-Based Secure Node Disjoint Multipath Routing Protocol for Wireless Sensor Networks, IEEE SENSORS JOURNAL, VOL. 12, NO. 10, (2012). [6] Shiva Murthy G, Robert John D’Souza and Golla Varaprasad, "Digital Signature-Based Secure Node Disjoint Multipath Routing Protocol for Wireless Sensor Networks", IEEE SENSORS JOURNAL, VOL. 12, NO. 10, OCTOBER 2012. [7] A. Abduvaliyev, et al, “On the Vital areas of Intrusion Detection Systems in Wireless Sensor Networks”, IEEE Communications Surveys & Tutorials, Vol. 15, No. 3, pp. 1223-1237, 2013. [8] E. Darra, S. K. Katsikas, “Attack Detection Capabilities of Intrusion Detection Systems for Wireless Sensor Networks”, IEEE Fourth International Conference on Information, Intelligence, Systems and Applications (IISA), Piraeus, 10-12 July 2013. [9] A. Abduvaliyev, S. Lee, Y. K. Lee, “Energy efficient hybrid intrusion detection system for wireless sensor networks,” International Conference on Electronics and Information Engineering (ICEIE), Vol. 2, pp. 25-29, Kyoto, 2010.
  6. 6. International Journal of Computer Engineering and Technology (IJCET), ISSN 0976-6367(Print), ISSN 0976 - 6375(Online), Volume 5, Issue 6, June (2014), pp. 82-87 © IAEME 87 [10] Shobha.K, Mamatha Jadhav.V, Simulation of a Secure Efficient Dynamic Routing In Wireless Sensor Network, International Journal of Engineering and Advanced Technology (IJEAT) ISSN: 2249 – 8958, Volume-2, Issue-5, June 2013. [11] Somia Sahraoui, Souheila Bouam, International Journal of Communication Networks and Information Security (IJCNIS) Secure Routing Optimization in Hierarchical Cluster-Based Wireless Sensor Networks, Vol. 5, No. 3, December 2013. [12] Neeraj Tiwari, Rahul Anshumali and Prabal Pratap Singh, “Wireless Sensor Networks: Limitation, Layerwise Security Threats, Intruder Detection”, International Journal of Electronics and Communication Engineering & Technology (IJECET), Volume 3, Issue 2, 2012, pp. 22 - 31, ISSN Print: 0976- 6464, ISSN Online: 0976 –6472. [13] S.R.Shankar and Dr.G.Kalivarathan, “Feasibility Studies of Wireless Sensor Network and its Implications”, International Journal of Electrical Engineering & Technology (IJEET), Volume 4, Issue 2, 2013, pp. 105 - 111, ISSN Print : 0976-6545, ISSN Online: 0976-6553. [14] Revathi Venkataraman, K.Sornalakshmi, M.Pushpalatha and T.Rama Rao, “Implementation of Authentication and Confidentiality in Wireless Sensor Network”, International Journal of Computer Engineering & Technology (IJCET), Volume 3, Issue 2, 2012, pp. 553 - 560, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375. [15] Anurag, “Energy Efficient K-Target Coverage in Wireless Sensor Network”, International Journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 3, 2013, pp. 254 - 259, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375. [16] Yogesh V Patil, Pratik Gite and Sanjay Thakur, “Automatic Cluster Formation and Assigning Address for Wireless Sensor Network”, International Journal of Computer Engineering & Technology (IJCET), Volume 4, Issue 4, 2013, pp. 116 - 121, ISSN Print: 0976 – 6367, ISSN Online: 0976 – 6375.