In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs. However, security is one of the significant challenges for sensor network because of their deployment in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor network from external attacks, intrusion detection system needs to be introduced. Though intrusion prevention mechanism is one of the major and efficient methods against attacks, but there might be some attacks for which prevention method is not known. Besides preventing the system from some known attacks, intrusion detection system gather necessary information related to attack technique and help in the development of intrusion prevention system. In addition to reviewing the present attacks available in wireless sensor network this paper examines the current efforts to intrusion detection
system against wireless sensor network. In this paper we propose a hierarchical architectural design based intrusion detection system that fits the current demands and restrictions of wireless ad hoc sensor network. In this proposed intrusion detection system architecture we followed clustering mechanism to build a four level hierarchical network which enhances network scalability to large geographical area and use both anomaly and misuse detection techniques for intrusion detection. We introduce policy based detection mechanism as well as intrusion response together with GSM cell concept for intrusion detection architecture.
As of late, remote sensor organize (WSN) is
utilized in numerous application zones, for
example, checking, following, and controlling. For
some utilizations of WSN, security is an essential
necessity. In any case, security arrangements in
WSN vary from conventional systems because of
asset confinement and computational
requirements. This paper investigates security
arrangements: Tiny Sec, IEEE 802.15.4, Twists,
Mini SEC, LSec, LLSP, LISA, and Drawl in
WSN. The paper additionally introduces qualities,
security prerequisites, assaults, encryption
calculations, and operation modes. This paper is
thought to be valuable for security planners in
WSNs.
Co-operative Wireless Intrusion Detection System Using MIBs From SNMPIJNSA Journal
In emerging technology of Internet, security issues are becoming more challenging. In case of wired LAN it is somewhat in control, but in case of wireless networks due to exponential growth in attacks, it has made difficult to detect such security loopholes. Wireless network security is being addressed using firewalls, encryption techniques and wired IDS (Intrusion Detection System) methods. But the approaches which were used in wired network were not successful in producing effective results for wireless networks. It is so because of features of wireless network such as open medium, dynamic changing topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense etc. So, there is need for new approach which will efficiently detect intrusion in wireless network. Efficiency can be achieved by implementing distributive, co-operative based, multi-agent IDS. The proposed system supports all these three features. It includes mobile agents for intrusion detection which uses SNMP (Simple network Management Protocol) and MIB (Management Information Base) variables for mobile wireless networks.
A review of security attacks and intrusion detection schemes in wireless sens...ijwmn
Wireless sensor networks are currently the greatest innovation in the field of telecommunications. WSNs
have a wide range of potential applications, including security and surveillance, control, actuation and
maintenance of complex systems and fine-grain monitoring of indoor and outdoor environments. However
security is one of the major aspects of Wireless sensor networks due to the resource limitations of sensor
nodes. Those networks are facing several threats that affect their functioning and their life. In this paper we
present security attacks in wireless sensor networks, and we focus on comparison and analysis of recent
Intrusion Detection schemes in WSNs.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
As of late, remote sensor organize (WSN) is
utilized in numerous application zones, for
example, checking, following, and controlling. For
some utilizations of WSN, security is an essential
necessity. In any case, security arrangements in
WSN vary from conventional systems because of
asset confinement and computational
requirements. This paper investigates security
arrangements: Tiny Sec, IEEE 802.15.4, Twists,
Mini SEC, LSec, LLSP, LISA, and Drawl in
WSN. The paper additionally introduces qualities,
security prerequisites, assaults, encryption
calculations, and operation modes. This paper is
thought to be valuable for security planners in
WSNs.
Co-operative Wireless Intrusion Detection System Using MIBs From SNMPIJNSA Journal
In emerging technology of Internet, security issues are becoming more challenging. In case of wired LAN it is somewhat in control, but in case of wireless networks due to exponential growth in attacks, it has made difficult to detect such security loopholes. Wireless network security is being addressed using firewalls, encryption techniques and wired IDS (Intrusion Detection System) methods. But the approaches which were used in wired network were not successful in producing effective results for wireless networks. It is so because of features of wireless network such as open medium, dynamic changing topology, cooperative algorithms, lack of centralized monitoring and management point, and lack of a clear line of defense etc. So, there is need for new approach which will efficiently detect intrusion in wireless network. Efficiency can be achieved by implementing distributive, co-operative based, multi-agent IDS. The proposed system supports all these three features. It includes mobile agents for intrusion detection which uses SNMP (Simple network Management Protocol) and MIB (Management Information Base) variables for mobile wireless networks.
A review of security attacks and intrusion detection schemes in wireless sens...ijwmn
Wireless sensor networks are currently the greatest innovation in the field of telecommunications. WSNs
have a wide range of potential applications, including security and surveillance, control, actuation and
maintenance of complex systems and fine-grain monitoring of indoor and outdoor environments. However
security is one of the major aspects of Wireless sensor networks due to the resource limitations of sensor
nodes. Those networks are facing several threats that affect their functioning and their life. In this paper we
present security attacks in wireless sensor networks, and we focus on comparison and analysis of recent
Intrusion Detection schemes in WSNs.
A technical review and comparative analysis of machine learning techniques fo...IJECEIAES
Machine learning techniques are being widely used to develop an intrusion detection system (IDS) for detecting and classifying cyber attacks at the network-level and the host-level in a timely and automatic manner. However, Traditional Intrusion Detection Systems (IDS), based on traditional machine learning methods, lacks reliability and accuracy. Instead of the traditional machine learning used in previous researches, we think deep learning has the potential to perform better in extracting features of massive data considering the massive cyber traffic in real life. Generally Mobile Ad Hoc Networks have given the low physical security for mobile devices, because of the properties such as node mobility, lack of centralized management and limited bandwidth. To tackle these security issues, traditional cryptography schemes can-not completely safeguard MANETs in terms of novel threats and vulnerabilities, thus by applying Deep learning methods techniques in IDS are capable of adapting the dynamic environments of MANETs and enables the system to make decisions on intrusion while continuing to learn about their mobile environment. An IDS in MANET is a sensoring mechanism that monitors nodes and network activities in order to detect malicious actions and malicious attempt performed by Intruders. Recently, multiple deep learning approaches have been proposed to enhance the performance of intrusion detection system. In this paper, we made a systematic comparison of three models, Inceprtion architecture convolutional neural network (Inception-CNN), Bidirectional long short-term memory (BLSTM) and deep belief network (DBN) on the deep learning-based intrusion detection systems, using the NSL-KDD dataset containing information about intrusion and regular network connections, the goal is to provide basic guidance on the choice of deep learning models in MANET.
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread evolution of new emerging services, the quantity and impact of attacks have continuously increased, attackers continuously find vulnerabilities at various levels, from the network itself to operating system and applications, exploit them to crack system and services. Network defence and network monitoring has become an essential component of computer security to predict and prevent attacks. Unlike traditional Intrusion Detection System (IDS), Intrusion Detection and Prevention System (IDPS) have additional features to secure computer networks.
In this paper, we present a detailed study of how deployment of an IDPS plays a key role in its performance and the ability to detect and prevent known as well as unknown attacks. We categorize IDPS based on deployment as Network-based, host-based, and Perimeter-based and Hybrid. A detailed comparison is shown in this paper and finally we justify our proposed solution, which deploys agents at host-level to give better performance in terms of reduced rate of false positives and accurate detection and prevention.
As the Supervisory Control and Data Acquisition (SCADA) system are deployed in infrastructures which are critical to the survival of a nation, they have emerged as a potential terrain for cyber-war, thus attracting the considered attention of ‘nation-states’. The analysis of worms like ‘stuxnet’ ‘flame’ and ‘duqu’ reveals the hand of a ‘nation-state’ in their design and deployment. Hence, the necessity to understand various issues in the defence of SCADA systems arises. The forensics of the SCADA system provide deep insight into the design and deployment of the worm (the malware) once the system is attacked. This is precisely the scope of this essay.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
In order to the rapid growth of the network application, new kinds of network attacks are emerging
endlessly. So it is critical to protect the networks from attackers and the Intrusion detection
technology becomes popular. Therefore, it is necessary that this security concern must be articulate
right from the beginning of the network design and deployment. The intrusion detection technology is the
process of identifying network activity that can lead to a compromise of security policy. Lot of work has
been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a
novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and
manage misuse and anomaly detects
A NOVEL SECURITY PROTOCOL FOR WIRELESS SENSOR NETWORKS BASED ON ELLIPTIC CURV...IJCNCJournal
With the growing usage of wireless sensors in a variety of applications including Internet of Things, the security aspects of wireless sensor networks have been on priority for the researchers. Due to the constraints of resources in wireless sensor networks, it has been always a challenge to design efficient security protocols for wireless sensor networks. An novel elliptic curve signcryption based security protocol for wireless sensor networks has been presented in this paper, which provides anonymity, confidentiality, mutual authentication, forward security, secure key establishment, and key privacy at the same time providing resistance from replay attack, impersonation attack, insider attack, offline dictionary attack, and stolen-verifier attack. Results have revealed that the proposed elliptic curve signcryption based protocol consumes the least time in comparison to other protocols while providing the highest level of security.
Wireless Sensor Networks: An Overview on Security Issues and ChallengesIJAEMSJORNAL
Wireless Sensor Networks (WSNs) are formed by deploying as large number of sensor nodes in an area for the surveillance of generally remote locations. A typical sensor node is made up of different components to perform the task of sensing, processing and transmitting data. WSNs are used for many applications in diverse forms from indoor deployment to outdoor deployment. The basic requirement of every application is to use the secured network. Providing security to the sensor network is a very challenging issue along with saving its energy. Many security threats may affect the functioning of these networks. WSNs must be secured to keep an attacker from hindering the delivery of sensor information and from forging sensor information as these networks are build for remote surveillance and unauthorized changes in the sensed data may lead to wrong information to the decision makers. This paper gives brief description about various security issues and security threats in WSNs.
Protocols for Wireless Sensor Networks and Its SecurityIJERA Editor
This paper proposes a protocol for Wireless Sensor Networks and its security which are characterized by severely constrained computational and energy resources, and an ad hoc operational environment. The paper first introduces sensor networks, and discusses security issues and goals along with security problems, threats, and risks in sensor networks. It describes crippling attacks against all of them and suggests countermeasures and design considerations. It gives a brief introduction of proposed security protocol SPINS whose building blocks are SNEP and μTESLA which overcome all the important security threats and problems and achieves security goals like data confidentiality, freshness, authentication in order to provide a secure Wireless Sensor Network
TRUST FACTOR AND FUZZY-FIREFLY INTEGRATED PARTICLE SWARM OPTIMIZATION BASED I...IJCNCJournal
Mobile Ad hoc Networks (MANET) is one of the rapidly emanating technologies, which has gained attention in a wide range of applications in the fields of military, private sectors, commercials and natural calamities. Securing MANET is a dominant responsibility, and hence, a trust factor and fuzzy based intrusion detection and prevention system is proposed for routing in this paper. Based on the trust values of the nodes, the fuzzy system identifies the intruder, such that the path generated in the MANET is secured. Moreover, an optimization algorithm, entitled Fuzzy integrated Particle Swarm Optimization (FuzzyFPSO), is proposed by the concatenation of the Firefly Algorithm (FA) and Particle Swarm Optimization (PSO) for the optimal path selection in order to provide secure routing. The simulation of the proposed methodology is NS2 simulator and analysis is carried out considering four cases, like without attack, flooding attacks, black hole attack and selective packet drop attack concerning throughput, delay and detection rate. The remarkable evaluation measures of the proposed Fuzzy-FPSO are the maximal throughput of 0.634, minimal delay of 0.044 , maximal detection rate of 0.697 and minimal routing overhead of 0.24550 And the evaluation measure for the case without any attacks are the maximal throughput of 0.762, minimal delay of 0.029 ,maximal detection rate of 0.805 and minimal routing overhead of 0.11511.
Due to inherent limitations in wireless sensor networks, security is a crucial issue. While research in WSN security is progressing at tremendous pace, no comprehensive document lists the security issues and the threat models which pose unique threats to the wireless sensor networks. In this paper we have made an effort to document all the known security issues in wireless sensor networks and have provided the research direction towards countermeasures against the threats posed by these issues
Analysis of security threats in wireless sensor networkijwmn
Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide
in the past few years, so does the need for effective security mechanisms. The sensing technology
combined with processing power and wireless communication makes it lucrative for being exploited in
abundance in future. The inclusion of wireless communication technology also incurs various types of
security threats due to unattended installation of sensor nodes as sensor networks may interact with
sensitive data and /or operate in hostile unattended environments. These security concerns be addressed
from the beginning of the system design. The intent of this paper is to investigate the security related
issues in wireless sensor networks. In this paper we have explored general security threats in wireless
sensor network with extensive study.
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
Wireless sensor networks (WSNs) consists of small nodes with constrain capabilities. It enables numerous
applications with distributed network infrastructure. With its nature and application scenario, security of
WSN had drawn a great attention. In malicious environments for a functional WSN, security mechanisms
are essential. Malicious or internal attacker has gained attention as the most challenging attacks to
WSNs. Many works have been done to secure WSN from internal attacks but most of them relay on either
training data set or predefined thresholds. It is a great challenge to find or gain knowledge about the
Malicious. In this paper, we develop the algorithm in two stages. Initially, Abnormal Behaviour
Identification Mechanism (ABIM) which uses cosine similarity. Finally, Dempster-Shafer theory (DST)is
used. Which combine multiple evidences to identify the malicious or internal attacks in a WSN. In this
method we do not need any predefined threshold or tanning data set of the nodes.
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Networkpijans
Sensor nodes, when deployed to form Wireless sensor network operating under control of central authority
i.e. Base station are capable of exhibiting interesting applications due to their ability to be deployed
ubiquitously in hostile & pervasive environments. But due to same reason security is becoming a major
concern for these networks. Wireless sensor networks are vulnerable against various types of external and
internal attacks being limited by computation resources, smaller memory capacity, limited battery life,
processing power & lack of tamper resistant packaging. This survey paper is an attempt to analyze threats
to Wireless sensor networks and to report various research efforts in studying variety of routing attacks
which target the network layer. Particularly devastating attack is Wormhole attack- a Denial of Service
attack, where attackers create a low-latency link between two points in the network. With focus on survey of
existing methods of detecting Wormhole attacks, researchers are in process to identify and demarcate the
key research challenges for detection of Wormhole attacks in network layer.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
EFFICACY OF ATTACK DETECTION CAPABILITY OF IDPS BASED ON ITS DEPLOYMENT IN WI...IJNSA Journal
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defence against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Along with the widespread evolution of new emerging services, the quantity and impact of attacks have continuously increased, attackers continuously find vulnerabilities at various levels, from the network itself to operating system and applications, exploit them to crack system and services. Network defence and network monitoring has become an essential component of computer security to predict and prevent attacks. Unlike traditional Intrusion Detection System (IDS), Intrusion Detection and Prevention System (IDPS) have additional features to secure computer networks.
In this paper, we present a detailed study of how deployment of an IDPS plays a key role in its performance and the ability to detect and prevent known as well as unknown attacks. We categorize IDPS based on deployment as Network-based, host-based, and Perimeter-based and Hybrid. A detailed comparison is shown in this paper and finally we justify our proposed solution, which deploys agents at host-level to give better performance in terms of reduced rate of false positives and accurate detection and prevention.
As the Supervisory Control and Data Acquisition (SCADA) system are deployed in infrastructures which are critical to the survival of a nation, they have emerged as a potential terrain for cyber-war, thus attracting the considered attention of ‘nation-states’. The analysis of worms like ‘stuxnet’ ‘flame’ and ‘duqu’ reveals the hand of a ‘nation-state’ in their design and deployment. Hence, the necessity to understand various issues in the defence of SCADA systems arises. The forensics of the SCADA system provide deep insight into the design and deployment of the worm (the malware) once the system is attacked. This is precisely the scope of this essay.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
HYBRID ARCHITECTURE FOR DISTRIBUTED INTRUSION DETECTION SYSTEM IN WIRELESS NE...IJNSA Journal
In order to the rapid growth of the network application, new kinds of network attacks are emerging
endlessly. So it is critical to protect the networks from attackers and the Intrusion detection
technology becomes popular. Therefore, it is necessary that this security concern must be articulate
right from the beginning of the network design and deployment. The intrusion detection technology is the
process of identifying network activity that can lead to a compromise of security policy. Lot of work has
been done in detection of intruders. But the solutions are not satisfactory. In this paper, we propose a
novel Distributed Intrusion Detection System using Multi Agent In order to decrease false alarms and
manage misuse and anomaly detects
A NOVEL SECURITY PROTOCOL FOR WIRELESS SENSOR NETWORKS BASED ON ELLIPTIC CURV...IJCNCJournal
With the growing usage of wireless sensors in a variety of applications including Internet of Things, the security aspects of wireless sensor networks have been on priority for the researchers. Due to the constraints of resources in wireless sensor networks, it has been always a challenge to design efficient security protocols for wireless sensor networks. An novel elliptic curve signcryption based security protocol for wireless sensor networks has been presented in this paper, which provides anonymity, confidentiality, mutual authentication, forward security, secure key establishment, and key privacy at the same time providing resistance from replay attack, impersonation attack, insider attack, offline dictionary attack, and stolen-verifier attack. Results have revealed that the proposed elliptic curve signcryption based protocol consumes the least time in comparison to other protocols while providing the highest level of security.
Wireless Sensor Networks: An Overview on Security Issues and ChallengesIJAEMSJORNAL
Wireless Sensor Networks (WSNs) are formed by deploying as large number of sensor nodes in an area for the surveillance of generally remote locations. A typical sensor node is made up of different components to perform the task of sensing, processing and transmitting data. WSNs are used for many applications in diverse forms from indoor deployment to outdoor deployment. The basic requirement of every application is to use the secured network. Providing security to the sensor network is a very challenging issue along with saving its energy. Many security threats may affect the functioning of these networks. WSNs must be secured to keep an attacker from hindering the delivery of sensor information and from forging sensor information as these networks are build for remote surveillance and unauthorized changes in the sensed data may lead to wrong information to the decision makers. This paper gives brief description about various security issues and security threats in WSNs.
Protocols for Wireless Sensor Networks and Its SecurityIJERA Editor
This paper proposes a protocol for Wireless Sensor Networks and its security which are characterized by severely constrained computational and energy resources, and an ad hoc operational environment. The paper first introduces sensor networks, and discusses security issues and goals along with security problems, threats, and risks in sensor networks. It describes crippling attacks against all of them and suggests countermeasures and design considerations. It gives a brief introduction of proposed security protocol SPINS whose building blocks are SNEP and μTESLA which overcome all the important security threats and problems and achieves security goals like data confidentiality, freshness, authentication in order to provide a secure Wireless Sensor Network
TRUST FACTOR AND FUZZY-FIREFLY INTEGRATED PARTICLE SWARM OPTIMIZATION BASED I...IJCNCJournal
Mobile Ad hoc Networks (MANET) is one of the rapidly emanating technologies, which has gained attention in a wide range of applications in the fields of military, private sectors, commercials and natural calamities. Securing MANET is a dominant responsibility, and hence, a trust factor and fuzzy based intrusion detection and prevention system is proposed for routing in this paper. Based on the trust values of the nodes, the fuzzy system identifies the intruder, such that the path generated in the MANET is secured. Moreover, an optimization algorithm, entitled Fuzzy integrated Particle Swarm Optimization (FuzzyFPSO), is proposed by the concatenation of the Firefly Algorithm (FA) and Particle Swarm Optimization (PSO) for the optimal path selection in order to provide secure routing. The simulation of the proposed methodology is NS2 simulator and analysis is carried out considering four cases, like without attack, flooding attacks, black hole attack and selective packet drop attack concerning throughput, delay and detection rate. The remarkable evaluation measures of the proposed Fuzzy-FPSO are the maximal throughput of 0.634, minimal delay of 0.044 , maximal detection rate of 0.697 and minimal routing overhead of 0.24550 And the evaluation measure for the case without any attacks are the maximal throughput of 0.762, minimal delay of 0.029 ,maximal detection rate of 0.805 and minimal routing overhead of 0.11511.
Due to inherent limitations in wireless sensor networks, security is a crucial issue. While research in WSN security is progressing at tremendous pace, no comprehensive document lists the security issues and the threat models which pose unique threats to the wireless sensor networks. In this paper we have made an effort to document all the known security issues in wireless sensor networks and have provided the research direction towards countermeasures against the threats posed by these issues
Analysis of security threats in wireless sensor networkijwmn
Wireless Sensor Network(WSN) is an emerging technology and explored field of researchers worldwide
in the past few years, so does the need for effective security mechanisms. The sensing technology
combined with processing power and wireless communication makes it lucrative for being exploited in
abundance in future. The inclusion of wireless communication technology also incurs various types of
security threats due to unattended installation of sensor nodes as sensor networks may interact with
sensitive data and /or operate in hostile unattended environments. These security concerns be addressed
from the beginning of the system design. The intent of this paper is to investigate the security related
issues in wireless sensor networks. In this paper we have explored general security threats in wireless
sensor network with extensive study.
A NOVEL TWO-STAGE ALGORITHM PROTECTING INTERNAL ATTACK FROM WSNSIJCNC
Wireless sensor networks (WSNs) consists of small nodes with constrain capabilities. It enables numerous
applications with distributed network infrastructure. With its nature and application scenario, security of
WSN had drawn a great attention. In malicious environments for a functional WSN, security mechanisms
are essential. Malicious or internal attacker has gained attention as the most challenging attacks to
WSNs. Many works have been done to secure WSN from internal attacks but most of them relay on either
training data set or predefined thresholds. It is a great challenge to find or gain knowledge about the
Malicious. In this paper, we develop the algorithm in two stages. Initially, Abnormal Behaviour
Identification Mechanism (ABIM) which uses cosine similarity. Finally, Dempster-Shafer theory (DST)is
used. Which combine multiple evidences to identify the malicious or internal attacks in a WSN. In this
method we do not need any predefined threshold or tanning data set of the nodes.
A Survey on Security Issues to Detect Wormhole Attack in Wireless Sensor Networkpijans
Sensor nodes, when deployed to form Wireless sensor network operating under control of central authority
i.e. Base station are capable of exhibiting interesting applications due to their ability to be deployed
ubiquitously in hostile & pervasive environments. But due to same reason security is becoming a major
concern for these networks. Wireless sensor networks are vulnerable against various types of external and
internal attacks being limited by computation resources, smaller memory capacity, limited battery life,
processing power & lack of tamper resistant packaging. This survey paper is an attempt to analyze threats
to Wireless sensor networks and to report various research efforts in studying variety of routing attacks
which target the network layer. Particularly devastating attack is Wormhole attack- a Denial of Service
attack, where attackers create a low-latency link between two points in the network. With focus on survey of
existing methods of detecting Wormhole attacks, researchers are in process to identify and demarcate the
key research challenges for detection of Wormhole attacks in network layer.
International Journal of Engineering Research and Applications (IJERA) is an open access online peer reviewed international journal that publishes research and review articles in the fields of Computer Science, Neural Networks, Electrical Engineering, Software Engineering, Information Technology, Mechanical Engineering, Chemical Engineering, Plastic Engineering, Food Technology, Textile Engineering, Nano Technology & science, Power Electronics, Electronics & Communication Engineering, Computational mathematics, Image processing, Civil Engineering, Structural Engineering, Environmental Engineering, VLSI Testing & Low Power VLSI Design etc.
Wireless sensor networks are made up of number of tiny mobile nodes, which
have the capability of computation, sensing and wireless network communication. The
energy efficiency of each node in such kind of networks is one of the important issues under
consideration. Thus for these networks, sensor nodes life time is basically depends on use of
routing protocols for routing operations in WSN. There are various routing protocols
proposed by different researchers, which are considered as efficient on the basis of
performance of network lifetime and energy scavenging. There are different routing
protocols introduced for WSN such as flat routing protocols, clustering routing protocols,
hierarchical routing protocols etc. On the other hand, there are basically two types of
WSNs, homogeneous and heterogeneous sensor networks. As WSN is vulnerable to different
types of security threats, there are many security methods presented with their own
advantages and disadvantages. Most of security methods are applied only on homogeneous
WSN, but recently some methods were presented to provide the routing security in
heterogeneous WSNs as well. In this paper, the different security threats and Intrusions in
WSNs are presented, with review of different security methods.
In recent years, wireless sensor network (WSN) is used in several application areas resembling observance, tracking, and dominant in IoTs. for several applications of WSN, security is a crucial demand. However, security solutions in WSN disagree from ancient networks because of resource limitation and process constraints. This paper analyzes security solutions: TinySec, IEEE 802.15.4, SPINS, MiniSEC, LSec, LLSP, LISA, and LISP in WSN. This paper additionally presents characteristics, security needs, attacks, cryptography algorithms, and operation modes. This paper is taken into account to be helpful for security designers in WSNs.
Analysis of denial of service (dos) attacks in wireless sensor networkseSAT Publishing House
IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology
Three level intrusion detection system based on conditional generative advers...IJECEIAES
Security threat protection is important in the internet of things (IoT) applications since both the connected device and the captured data can be hacked or hijacked or both at the same time. To tackle the above-mentioned problem, we proposed three-level intrusion detection system conditional generative adversarial network (3LIDS-CGAN) model which includes four phases such as first-level intrusion detection system (IDS), second-level IDS, third-level IDS, and attack type classification. In first-level IDS, features of the incoming packets are extracted by the firewall. Based on the extracted features the packets are classified into three classes such as normal, malicious, and suspicious using support vector machine and golden eagle optimization. Suspicious packets are forwarded to the second-level IDS which classified the suspicious packets as normal or malicious. Here, signature-based intrusions are detected using attack history information, and anomaly-based intrusions are detected using event-based semantic mapping. In third-level IDS, adversary packets are detected using CGAN which automatically learns the adversarial environment and detects adversary packets accurately. Finally, proximal policy optimization is proposed to detect the attack type. Experiments are conducted using the NS-3.26 network simulator and performance is evaluated by various performance metrics which results that the proposed 3LIDS-CGAN model outperforming other existing works.
CROSS LAYER INTRUSION DETECTION SYSTEM FOR WIRELESS SENSOR NETWORKIJNSA Journal
The wireless sensor networks (WSN) are particularly vulnerable to various attacks at different layers of the protocol stack. Many intrusion detection system (IDS) have been proposed to secure WSNs. But all these systems operate in a single layer of the OSI model, or do not consider the interaction and collaboration between these layers. Consequently these systems are mostly inefficient and would drain out the WSN. In this paper we propose a new intrusion detection system based on cross layer interaction between the network, Mac and physical layers. Indeed we have addressed the problem of intrusion detection in a different way in which the concept of cross layer is widely used leading to the birth of a new type of IDS. We have experimentally evaluated our system using the NS simulator to demonstrate its effectiveness in detecting different types of attacks at multiple layers of the OSI model.
Attacks and counterattacks on wireless sensor networksijasuc
WSN is formed by autonomous nodes with partial memory, communication range, power, and bandwidth.
Their occupation depends on inspecting corporal and environmental conditions and communing through a
system and performing data processing. The application field is vast, comprising military, ecology,
healthcare, home or commercial and require a highly secured communication. The paper analyses different
types of attacks and counterattacks and provides solutions for the WSN threats.
Securing WSN communication using Enhanced Adaptive Acknowledgement ProtocolIJMTST Journal
Wireless Sensor Networking is one of the most important technologies that have different applications. The
security of wireless sensor networks is a big concern. Hence for secure communication it is important to
detect and prevent the attacks in network. Major focus is given on security and on detection and prevention of
attacks. Adversary can create gray-hole attack and black-hole attack simultaneously. There are many
methods which do not provide proper method to defend against these kinds of attacks. The Ad-hoc On
Demand Distance Vector (AODV) scheme is used for detecting Gray-Hole attack and Enhanced Adaptive
Acknowledgment (EAACK) mechanism is used for detecting black-hole attack in network. But only by
detecting and preventing the attacks, it does not provide the better security to wireless network. Therefore, to
secure network a hybrid mechanism is deployed in wireless sensor network. Security algorithm for wireless
sensor networks such as CAWS and Modern Encryption Standard (MES-1) is used for secure communication.
The CAWS and Modern Encryption Standard (MES-1) is an advanced cryptography method which is used for
encryption and decryption process to provide special security.
Intrusion Detection against DDoS Attack in WiMAX Network by Artificial Immune...Editor IJCATR
IEEE 802.16, known as WiMax, is at the top of communication technology because it is gaining a great position in the wireless networks. In this paper, an intrusion detection system for DDOS attacks diagnosis is proposed, inspired by artificial immune system. Since the detection unit on all subscriber stations in the network is WIMAX, proposed system is a fully distributed system. A risk theory is used for antigens detection in attack time. The proposed system decreases the attack effects and increases network performance. Results of simulation show that the proposed system improves negative selection time, detection Precision, and ability to identify new attacks compared to the similar algorithm.
Wireless ad hoc networks are autonomous nodes that communicate with each other in a
decentralized manner through multi hop radio network. Wireless nodes form a dynamic network
topology and communicate with each other directly without wireless access point. Wireless networks
are particularly vulnerable to intrusions, as they operate in open medium, and use cooperative
strategies for network communication.
AN IMPROVED WATCHDOG TECHNIQUE BASED ON POWER-AWARE HIERARCHICAL DESIGN FOR I...IJNSA Journal
Preserving security and confidentiality in wireless sensor networks (WSN) are crucial. Wireless sensor networks in comparison with wired networks are more substantially vulnerable to attacks and intrusions. In WSN, a third person can eavesdrop to the information or link to the network. So, preventing these intrusions by detecting them has become one of the most demanding challenges. This paper, proposes an
improved watchdog technique as an effective technique for detecting malicious nodes based on a power aware hierarchical model. This technique overcomes the common problems in the original Watchdog mechanism. The main purpose to present this model is reducing the power consumption as a key factor
for increasing the network's lifetime. For this reason, we simulated our model with Tiny-OS simulator and then, compared our results with non hierarchical model to ensure the improvement. The results indicate that, our proposed model is better in performance than the original models and it has increased the lifetime of the wireless sensor nodes by around 2611.492 seconds for a network with 100 sensors.
Similar to HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENSOR NETWORK (20)
Quality defects in TMT Bars, Possible causes and Potential Solutions.PrashantGoswami42
Maintaining high-quality standards in the production of TMT bars is crucial for ensuring structural integrity in construction. Addressing common defects through careful monitoring, standardized processes, and advanced technology can significantly improve the quality of TMT bars. Continuous training and adherence to quality control measures will also play a pivotal role in minimizing these defects.
COLLEGE BUS MANAGEMENT SYSTEM PROJECT REPORT.pdfKamal Acharya
The College Bus Management system is completely developed by Visual Basic .NET Version. The application is connect with most secured database language MS SQL Server. The application is develop by using best combination of front-end and back-end languages. The application is totally design like flat user interface. This flat user interface is more attractive user interface in 2017. The application is gives more important to the system functionality. The application is to manage the student’s details, driver’s details, bus details, bus route details, bus fees details and more. The application has only one unit for admin. The admin can manage the entire application. The admin can login into the application by using username and password of the admin. The application is develop for big and small colleges. It is more user friendly for non-computer person. Even they can easily learn how to manage the application within hours. The application is more secure by the admin. The system will give an effective output for the VB.Net and SQL Server given as input to the system. The compiled java program given as input to the system, after scanning the program will generate different reports. The application generates the report for users. The admin can view and download the report of the data. The application deliver the excel format reports. Because, excel formatted reports is very easy to understand the income and expense of the college bus. This application is mainly develop for windows operating system users. In 2017, 73% of people enterprises are using windows operating system. So the application will easily install for all the windows operating system users. The application-developed size is very low. The application consumes very low space in disk. Therefore, the user can allocate very minimum local disk space for this application.
Saudi Arabia stands as a titan in the global energy landscape, renowned for its abundant oil and gas resources. It's the largest exporter of petroleum and holds some of the world's most significant reserves. Let's delve into the top 10 oil and gas projects shaping Saudi Arabia's energy future in 2024.
Overview of the fundamental roles in Hydropower generation and the components involved in wider Electrical Engineering.
This paper presents the design and construction of hydroelectric dams from the hydrologist’s survey of the valley before construction, all aspects and involved disciplines, fluid dynamics, structural engineering, generation and mains frequency regulation to the very transmission of power through the network in the United Kingdom.
Author: Robbie Edward Sayers
Collaborators and co editors: Charlie Sims and Connor Healey.
(C) 2024 Robbie E. Sayers
About
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
Technical Specifications
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
Key Features
Indigenized remote control interface card suitable for MAFI system CCR equipment. Compatible for IDM8000 CCR. Backplane mounted serial and TCP/Ethernet communication module for CCR remote access. IDM 8000 CCR remote control on serial and TCP protocol.
• Remote control: Parallel or serial interface
• Compatible with MAFI CCR system
• Copatiable with IDM8000 CCR
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
Application
• Remote control: Parallel or serial interface.
• Compatible with MAFI CCR system.
• Compatible with IDM8000 CCR.
• Compatible with Backplane mount serial communication.
• Compatible with commercial and Defence aviation CCR system.
• Remote control system for accessing CCR and allied system over serial or TCP.
• Indigenized local Support/presence in India.
• Easy in configuration using DIP switches.
TECHNICAL TRAINING MANUAL GENERAL FAMILIARIZATION COURSEDuvanRamosGarzon1
AIRCRAFT GENERAL
The Single Aisle is the most advanced family aircraft in service today, with fly-by-wire flight controls.
The A318, A319, A320 and A321 are twin-engine subsonic medium range aircraft.
The family offers a choice of engines
Cosmetic shop management system project report.pdfKamal Acharya
Buying new cosmetic products is difficult. It can even be scary for those who have sensitive skin and are prone to skin trouble. The information needed to alleviate this problem is on the back of each product, but it's thought to interpret those ingredient lists unless you have a background in chemistry.
Instead of buying and hoping for the best, we can use data science to help us predict which products may be good fits for us. It includes various function programs to do the above mentioned tasks.
Data file handling has been effectively used in the program.
The automated cosmetic shop management system should deal with the automation of general workflow and administration process of the shop. The main processes of the system focus on customer's request where the system is able to search the most appropriate products and deliver it to the customers. It should help the employees to quickly identify the list of cosmetic product that have reached the minimum quantity and also keep a track of expired date for each cosmetic product. It should help the employees to find the rack number in which the product is placed.It is also Faster and more efficient way.
Welcome to WIPAC Monthly the magazine brought to you by the LinkedIn Group Water Industry Process Automation & Control.
In this month's edition, along with this month's industry news to celebrate the 13 years since the group was created we have articles including
A case study of the used of Advanced Process Control at the Wastewater Treatment works at Lleida in Spain
A look back on an article on smart wastewater networks in order to see how the industry has measured up in the interim around the adoption of Digital Transformation in the Water Industry.
HIERARCHICAL DESIGN BASED INTRUSION DETECTION SYSTEM FOR WIRELESS AD HOC SENSOR NETWORK
1. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
DOI : 10.5121/ijnsa.2010.2307 102
HIERARCHICAL DESIGN BASED INTRUSION
DETECTION SYSTEM FOR WIRELESS AD HOC
SENSOR NETWORK
Mohammad Saiful Islam Mamun
Department of Computer Science, Stamford University Bangladesh, 51, Siddeshwari,
Dhaka. E-mail : msimamun@kth.se
A.F.M. Sultanul Kabir
Department of Computer Science and Engineering, American International University
Bangladesh, Dhaka. afmk@kth.se
ABSTRACT
In recent years, wireless ad hoc sensor network becomes popular both in civil and military jobs.
However, security is one of the significant challenges for sensor network because of their deployment
in open and unprotected environment. As cryptographic mechanism is not enough to protect sensor
network from external attacks, intrusion detection system needs to be introduced. Though intrusion
prevention mechanism is one of the major and efficient methods against attacks, but there might be
some attacks for which prevention method is not known. Besides preventing the system from some
known attacks, intrusion detection system gather necessary information related to attack technique and
help in the development of intrusion prevention system. In addition to reviewing the present attacks
available in wireless sensor network this paper examines the current efforts to intrusion detection
system against wireless sensor network. In this paper we propose a hierarchical architectural design
based intrusion detection system that fits the current demands and restrictions of wireless ad hoc
sensor network. In this proposed intrusion detection system architecture we followed clustering
mechanism to build a four level hierarchical network which enhances network scalability to large
geographical area and use both anomaly and misuse detection techniques for intrusion detection. We
introduce policy based detection mechanism as well as intrusion response together with GSM cell
concept for intrusion detection architecture.
KEYWORD
WSN, IDS, Hierarchical Design, Security
1. INTRODUCTION
There has been a lot of research done on preventing or defending WSN from attackers and
intruders, but very limited work has been done for detection purpose. It will be difficult for
the network administrator to be aware of intrusions. There are some Intrusion Detection
Systems that are proposed or designed for Wireless Ad hoc network. Most of them work on
distributed environment; which means they work on individual nodes independently and try
to detect intrusion by studying abnormalities in their neighbors’ behavior. Thus, they require
the nodes to consume more of their processing power, battery backup, and storage space
which turn IDS to be more expensive, or become unfeasible for most of the applications.
Some of the IDS use mobile agents in distributed environment [8]. Mobile Agent supports
sensor mobility, intelligent routing of intrusion data throughout the network, eliminates
network dependency of specific nodes. But this mechanism still is not popular for IDS due to
mobile agents’ architectural inherited security vulnerability and heavy weight. Some of the
IDSs are attack-specific which make them concentrated to one type of attack [1] . Some of
2. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
103
them use centralized framework which make IDS capable exploiting a personal computer’s
high processing power, huge storage capabilities and unlimited battery back up [21]. Most of
the IDS are targeted to routing layer only [7] [21], but it can be enhanced to detect different
types of attacks at other networking layers as well. Most of the architectures are based on
anomaly detection [18] [2] which examine the statistical analysis of activities of nodes for
detection. Most of the IDS techniques utilize system log files, network traffic or packets in the
network to gather information for Intrusion detection. Some detects only intrusion and some
do more like acquiring more information e.g. type of attacks, locations of the intruder etc.
Though a handsome number of IDS mechanisms are proposed in Wireless ad hoc network but
very few of them can be applicable for Wireless Sensor network because of their resource
constrains. Self-Organized Criticality & Stochastic Learning based IDS [2], IDS for clustering
based sensor Networks [3], A non-cooperative game approach [4], Decentralized IDS [5] are
distinguished among them.
2. EXISTING CHALLENGES
Existing intrusion detection systems are not adequate to protect WSN from Inside and Outside
attackers. None of them are complete. E.g. most of the approaches offer clustering techniques
without mentioning how they will be formed and how will they behave with rest of the
system. Most of the existing IDSs deal with wired architecture except their wireless
counterpart. The architecture of WSN is even more sophisticated than ad hoc wireless
architecture. So, an IDS is needed with capability of detecting inside and outside, known and
unknown attacks with low false alarm rate. Existing IDS architecture that are specifically
designed for sensor networks are suffering from lack of resources e.g. high processing power,
huge storage capabilities, unlimited battery backup etc.
3. WIRELESS SENSOR NETWORK - AN OVERVIEW
According to NIST (National Institute of Standards and Technology) “a wireless ad hoc
sensor network consists of a number of sensors spread across a geographical area” [8]. The
term sensor network refers to a system which is a combination of sensors and actuators with
some general purpose computing elements. A sensor network can have hundreds or even
thousands of sensors; mobile or fixed locations; deployed to control or monitor [7].
A wireless sensor network comprises of sensor nodes to sense data from their ambience, and
passes it on to a centralized controlling and data collecting identity called base station.
Typically, base stations are powerful devices with a large storage capacity to store incoming
data. They generally provide gateway functionality to another network, or an access point for
human interface [21]. A base station may have an unlimited power supply and high
bandwidth links for communicating with other base stations. In contrast, wireless sensors
nodes are constrained to use low power, low bandwidth, and short range links.
4. SECURITY THREATS AND ISSUES
Various security issues and threats that are considered for wireless ad hoc network can be
applied for WSN. This is recited in some previous researches. But the security mechanism
used for wireless ad hoc networks cannot be deployed directly for WSNs because of their
architectural inequality. First, in ad hoc network, every node is usually held and managed by a
human user. Whereas in sensor network, all the nodes are independent and communication is
controlled by base station. Second, Computing resources and batteries are more constrained in
sensor nodes than in ad hoc nodes. Third, the purpose of sensor networks is very specific e.g.
measuring the physical information (such as temperature, sound etc.). Fourth, node density in
sensor networks is higher than in ad hoc networks [10]. Architectural aspect of WSN makes
the security mechanism more prosperous as the base station could be used intelligently.
3. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
104
According to the basic need of security attacks in WSN can be categorized:
• DoS, DDoS attacks which affect network availability
• Eavesdropping, sniffing which can threaten confidentiality
• Man-in-the-middle attacks which can affect packet integrity
• Signal jamming which affects communication
There are many research work has been done in the area of significant security problems.
Here summery of existing well-known threats are discussed.
Table 1: Threats and Attacks in WSN
Attacks Brief Description
Attack on Information in transit Information that is to be sent can be modified, altered,
replayed, spoofed, or vanished by attacker.
Hello flood Attacker with high radio range sends more Hello packet to
announce themselves to large number of nodes in the large
network persuading themselves as neighbor.
Sybil attack Fake multiple identities to attack on data integrity and
accessibility.
Wormhole attack Transmit information between two WSN nodes in secret.
Network partition attack Threats to accessibility though there is a path between the
nodes.
Black Hole Attack The attacker absorbs all the messages.
Sink Hole Attack Similar to black hole. Exception: the attacker advertises
wrong routing information
Selective Forwarding The attacker forwards messages on the basis of some Pre-
selected criterion
Simple Broadcast Flooding The attacker floods the network with broadcast Messages.
Simple Target Flooding The attacker tries to flood through some specific nodes.
False Identity Broadcast Flooding Similar to simple broadcast flooding, except the attacker
deceives with wrong source ID.
False Identity Target
Flooding
Similar to simple target flooding, except the attacker
deceives with wrong source ID.
Misdirection Attack The attacker misdirects the incoming packets to a distant
node.
5. IDS ARCHITECTURE
According to the Network Security Bible – “Intrusion detection and response is the task of
monitoring systems for evidence of intrusions or inappropriate usage and responding to this
evidence”[22]. The basic idea of IDS is to observe user as well as program activities inside
the system via auditing mechanism.
Depending on the data collection mechanism IDS can be classified into two categories: Host
based IDS monitors log files (applications, Operating system etc.) and then compare with logs
of present signature of known attacks from internal database. Network based IDS works in
different way. It monitors packets within communication and inspects suspicious packet
information.
4. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
105
Depending on how attacks are detected, IDS architecture can be categorized into three types:
Signature based IDS which monitors an occurrence of signatures or behaviors which is
matched with known attacks to detect an intrusion. This technique may exhibit low false
positive rate, but not good to detect previously unknown attacks. Anomaly based IDS defines
a profile of normal behavior and classifies any deviation of that profile as an intrusion. The
normal profile of system behavior is updated as the system learns the behavior. This type of
system can detect unknown attacks but it exhibits high false positive. In [11] another type of
Intrusion detection has been introduced. Specification based IDS defines a protocol or a
program’s correct operations. Intrusion is indicated according to those constraints. This type
of IDS may detect unknown attacks, while showing low false positive rate.
In [11] wireless ad hoc network architecture is defined into three basic categories which can
be adjusted to IDS in WSN architecture.
Stand alone
Each node acts as an independent IDS and detects attacks for itself only without sharing any
information with another IDS node of the system, even does not cooperate with other
systems. So, all intrusion detection decisions are based on information available to the
individual node. Its effect is too limited. This architecture is best suited in an environment
where all the nodes are capable of running an IDS [11].
Distributed and cooperative
Though each node runs its own IDS, finally they collaborate to form a global IDS. This
architecture is more suitable for flat wireless sensor networks, where a global IDS is initiated
due to the occurrence of inconclusive intrusions detected by individual node.
Hierarchical
This architecture has been proposed for multilayered wireless network. Here network is
divided into cluster with cluster-heads. Cluster-head acts like a small base station for the
nodes within the cluster. It also aggregates information from the member nodes about
malicious activities. Cluster-head detects attacks as member-nodes could potentially reroute,
modify or drop packet in transmission. At the same time all cluster-heads can cooperate with
central base station to form a global IDS.
To build an effective IDS model, several considerations take place.
First of all Detection Tasks: How will they be separated? Local agent or Global agent.
Whether Local or global agent, an IDS needs to consider how these agents would analyze the
threats. And what would be right sources of information?
Local Agent detects vulnerability of node’s internal Information. It supposed to be active
100% of the time to ensure maximum security. Here Physical/Logical Integrity,
Measurement Integrity, Protocol Integrity, Neighborhood are analyzed from nodes’ status.
Global Agent: To detect anomaly from external information of a node to achieve 100%
coverage of a sensor network. Here main challenges are balancing tasks and network
coverage. In case of hierarchical network, cluster head (CH) controls its section of the
network. CH is the part of global network. In case of flat network Spontaneous Watchdogs
concept is applied. Here premise is “For every packet circulating in the network, there are a
set of nodes that are able to receive both that packet and the relayed packet by the next hop.”
Second consideration is Sharing Information between agents. Information between agents can
be transmitted through cryptography, voting mechanism or trust depending on the network’s
resource constraint.
5. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
106
Third consideration is how to Notify Users. Generally users are behind Base stations. So,
different algorithms can be used to notify base station. E.g. uTesla use secure broadcast
algorithm.
There are different techniques for IDS in Wireless Sensor Network (WSN). Here we represent
some existing IDS models for WSN.
Table 2: Comparative study on existing IDS
Name of the
Intrusion Detection
System
Data
Collection
Mechanism
Detection
technique
Handled attacks Network
Architecture
Hybrid IDS for
Wireless Sensor
Network [6]
Network
based
Anomaly
based
Selective forwarding, sink
hole, Hello flood and
wormhole attacks
Hierarchical
Decentralized IDS in
WSN[5]
Network
based
Anomaly
based
Repetition, Message Delay,
Blackhole, Wormhole,
Data alteration, Jamming,
Message negligence, and
Selective Forwarding
Distributed
Intrusion Detection
in Routing attacks in
Sensor Network [1]
Host based Anomaly
based
DoS , active sinkhole
attacks, and passive
sinkhole.
Distributed
Sensor Network
Automated Intrusion
Detection System
(SNAIDS)[9]
Host based Signature
based
duplicate nodes, flooding,
Black hole, Sink hole
attack, selective
forwarding, misdirection.
Distributed
Self-Organized
critically &
stochastic learning
based IDS for
WSN[2]
Host based Anomaly
based
There is no guideline in
this IDS model of which
attacks it can resist and
which cannot.
Distributed
6. OUR MODEL
In this paper we propose a new model for IDS which concentrates on saving the power of
sensor nodes by distributing the responsibility of intrusion detection to three layer nodes with
the help of policy based network management system. The model uses a hierarchical overlay
design(HOD). We divided each area of sensor nodes into hexagonal region (like GSM cells).
Sensor nodes in each of the hexagonal area are monitored by a cluster node. Each cluster node
is then monitored by a regional node. In turn, Regional nodes will be controlled and
monitored by the Base station.
6. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
107
Figure 1: Hierarchical Overlay Design
This HOD based IDS combines two approaches of intrusion detection mechanisms (Signature
and anomaly) together to fight against existing threats. Signatures of well known attacks are
propagated from the base station to the leaf level node for detection. Signature repository at
each layer is updated as new forms of attacks are found in the system. As intermediate agents
are activated with predefined rules of system behavior, anomaly detection can take part from
the deviated behavior of predefined specification. Thus proposed IDS can identify known as
well as unknown attacks.
6.1 Detection Entities
Sensor Nodes have two types of functionality: Sensing and Routing. Each of the sensor nodes
will sense the environment and exchange data in between sensor nodes and cluster node. As
sensor nodes have much resource constraints, in this model, there is no IDS module installed
in the leaf level sensor nodes.
Cluster Node plays as a monitor node for the sensor nodes. One cluster node is assigned for
each of the hexagonal area. It will receive the data from sensor nodes, analyze and aggregate
the information and send it to regional node. It is more powerful than sensor nodes and has
intrusion detection capability built into it.
Regional Node will monitor and receive the data from neighboring cluster heads and send the
combined alarm to the upper layer base station. It is also a monitor node like the cluster nodes
with all the IDS functionalities. It makes the sensor network more scalable. If thousands of
sensor nodes are available at the leaf level then the whole area will be split into several
regions.
Base Station is the topmost part of architecture empowered with human support. It will
receive the information from Regional nodes and distribute the information to the users based
on their demand.
6.2 Policy based IDS
Policy implies predefined action pattern that is repeated by an entity whenever certain
conditions occur [13]. The architectural components of policy framework include a Policy
Enforcement Point (PEP), Policy Decision Point (PDP), and a Policy repository. The policy
rules stored in Policy repository are used by PDP to define rules or to show results. PDP
translates or interprets the available data to a device-dependent format and configures the
relevant PEPs. The PEP executes the logical entities that are decided by PDP [12]. These
capabilities provide powerful functions to configure the network as well as to re-configure the
system as necessary to response to network conditions with automation. In a large WSN
where Hierarchical Network Management is followed can be realized by policy mechanism to
achieve survivability, scalability and autonomy simultaneously. So in case of failure the
system enables one component to take over the management role of another component. One
of the major architectural advantages of hierarchical structure is any node can take over the
functionality of another node dynamically to ensure survivability. A flexible agent structure
ensures dynamic insertion of new management functionality.
Hierarchical network management integrates the advantage of two (Central and Distributed)
management models [14] and uses intermediate nodes (Regional and Cluster) to distribute the
detection tasks. Each intermediate manager has its own domain called Regional or Cluster
agent which collects and processed information from its domain and passes the required
7. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
108
information to the upper layer manager for further steps. All the intermediate nodes are also
used to distribute command/data/message from the upper layer manager to nodes within its
domain. It should be noted that there is no direct communication between the intermediate
members. Except the leaf level sensor nodes all the nodes in the higher level are configured
with higher energy and storage.
To achieve a policy-based management for IDS the proposed architecture features several
components that evaluate policies: a Base Policy decision Point (BPDP), a number of Policy
decision modules (PDMs) and Policy Enforcement Point(PEP).
BPDP: Base Policy Decision Point
RPA: Regional Policy Agent
LPA: Local Policy Agent
SN: Sensor Node
Figure 2: Hierarchical Architecture of IDS Policy Management
Base Policy Decision Point (BPDP) is the controlling component of the architecture. It
implements policies or intrusion rules generated by the Intrusion Detection Tool (IDT) from
receiving events, evaluating anomaly conditions and applying new rules, algorithms,
threshold values etc. IDT supports creation, deletion, modification, and examination of the
agent’s configurations and policies. It can add new entities e.g. new signature of intrusion,
modify or delete existing entities in RPA and LPA.
Policy Decision Modules (PDMs) are components that implement sophisticated algorithms in
relevant domains. LPAs and RPAs act as PDMs. LPA manages the sensor nodes which is
more powerful than sensor nodes. LPAs perform local policy-controlled configuration,
filtering, monitoring, and reporting which reduces management bandwidth and computational
overhead from leaf level sensor nodes to improve network performance and intrusion
detection efficiency. An RPA can manage multiple LPAs. At the peak BPDP manages and
controls all the RPAs.
Policy Enforcement Points (PEP) are low level Sensor Nodes.
Policies are disseminated from the BPDP to RPA to LPA as they are propagated from PDP to
LPA. Policy agents described above helps IDS by reacting to network status changes globally
or locally. It helps the network to be reconfigured automatically to deal with fault and
performance degradation according to intrusion response.
Base Station
Intrusion Detection Agent
Sensor Nodes
BPDP
RPA RPA
LPA LPA LPA LPA
SN SN SN SN SN SN SNSN
8. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
109
6.3 Structure of Intrusion Detection Agent ( IDA )
The hierarchical architecture of policy management for WSN is shown in the above figure. It
comprises of several hierarchical layers containing Intrusion Detection Agent (IDA) at each
layer. They are Base Policy Decision Point (BPDP), Regional Policy Agent( RPA), Local
Policy Agent (LPA), Sensor Node(SN).
An IDA consists of the following components: Preprocessor, Signature Processor, Anomaly
processor and Post processor. The functionalities are described as follows.
Figure 3: Intrusion Detection Agent Structure
Pre-Processor either collects the network traffic of the leaf level sensor when it acts as an
LPA or it receives reports from lower layer IDA. Collected sensor traffic data is then
abstracted to a set of variables called stimulus vector to make the network status
understandable to the higher layer processor of the agent.
Signature Processor maintains a reference model or database called Signature Record of the
typical known unauthorized malicious threats and high risk activities and compares the
reports from the preprocessor against the known attack signatures. If match is not found then
misuse intrusion is supposed to be detected and signature processor passes the relevant data to
the next higher layer for further processing.
Anomaly Processor analyzes the vector from the preprocessor to detect anomaly in network
traffic. Usually statistical method or artificial intelligence is used in order to detect this kind
of attack. Profile of normal activity which is propagated from Base station is stored in the
database. If the activities arrived from preprocessor deviates from the normal profile in a
statistically significant way, or exceeds some particular threshold value attacks are noticed.
Intrusion detection rules are basically policies which define the standard of access mechanism
and uses of sensor nodes. Here database acts as a Policy Information Base(PIB) or policy
repository.
Post Processor prepares and sends reports for the higher layer agent or base station. It can be
used to display the agent status through a user interface.
Pre Processor
Reports from lower level
sensor / IDA
Anomaly Processor
Post Processor
Signature Processor Signature
Record
9. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
110
6.5 Selection of IDS node
Activating every node as an IDS wastes energy. So minimization of number of nodes to run
intrusion detection is necessary. In [15] three strategies are mentioned involving selection of
Intrusion detection node.
Core defense selects IDS node around a centre point of a subset of network. It is assumed that
no intruder break into the central station in any cluster. This type of model defends from the
most inner part then retaliates to the outer area.
Boundary defense selects node along the boundary perimeter of the cluster. It provides
defense on intruder attack from breaking into the cluster from outside area of the network.
Distributed defense has an agent node selection algorithm which follows voting algorithm
from [16] in this model. Node selection procedure follows tree hierarchy.
Our model follows Core Defense strategy where cluster-head is the centre point to defend
intruders. In core defense strategy ratio of alerted nodes and the total number of nodes in the
network drops, this makes energy consumption very low which make it more economical in
their use of energy as it shows least number of broadcast message in case of attack. It has
strong defense in inner network. Here IDS needs to wait for intruder to reach the core area
[16] which is one of the drawbacks of this strategy as nodes can be captured without notice.
6.6 IDS mechanism in sensor nodes
Intrusions could be detected at multiple layers in sensor nodes (physical, Link, network and
application layer).
In Physical layer Jamming is the primary physical layer attack. Identifying jamming attack
can be done by the Received Signal Strength Indicator (RSSI) [17] [18], the average time
required to sense an idle channel (carrier sense time), and the packet delivery ratio (PDR). In
case of wireless medium, received signal strength has relation with the distance between
nodes. Node tampering and destruction are another physical layer attack that can be prevented
by placing nodes in secured place. During the initialization process Cluster node’s LPA will
store the RSSI value for the communication between Cluster node to leaf level sensor nodes
and sensor to sensor node. Later, at the time of monitoring, Anomaly processor in LPA will
monitor whether the received value is unexpected. If yes, it will feedback RPA by generating
appropriate alarm.
10. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
111
Figure 4: IDS mechanism
Link Layer attacks are collision, denial of sleep and packet replay etc. Here SMAC and Time
Division Multiple Access (TDMA) can be used to detect the anomaly. TDMA [18] is digital
transmission process where each cluster node will assign different time slots for different
sensor nodes in its region. During this slot every sensor node has access to the radio
frequency channel without interference. If any attacker send packet using source address of
any node, e.g. A, but that slot is not allocated to A then LPA’s Anomaly Processor can easily
detect that intrusion. S-MAC [18] protocol is used to assign a wakeup and sleep time for the
sensor nodes. As the sensor has limited power, S-MAC can be implemented for the energy
conservation. If any packet is received from source e.g. A in its sleeping period then LPA can
easily detect the inconsistency.
In Network Layer route tracing is used to detect whether the packet really comes from the best
route. If packet comes to the destination via different path rather than the desired path then the
Anomaly Processor can detect possible intrusion according to predefined rules.
Application Layer uses three level watchdogs. They are in base station, regional node, cluster
node. Sensor nodes will be monitored by upper layer watchdog cluster node and cluster nodes
will be monitored by regional node watchdog and finally the top level watchdog base station
will monitor the regional nodes. So, if any one node is compromised by the attacker then
higher layer watch dog can easily detect the attack and generate alarm.
7. INTRUSION RESPONSE
There are differences between intrusion detection and intrusion prevention. If a system has
intrusion prevention, it is assumed that intrusion detection is built in. IDSs are designed to
welcome intrusion to get into system; where as Intrusion Prevention System (IPS) actually
attempts to prevent access to the system from the very beginning. IPS operates similar to IDS
with one critical difference: “IPS can block the attack itself; while an IDS sits outside the line
of traffic and observes, an IPS sits directly in line of network traffic. Any traffic the IPS
identifies as malicious is prevented from entering the network [19].” So in case of IDS
“Intrusion Response” should be the right title for recovery.
There are two different approaches for intrusion response: Hot response or Policy based
response [20]. Hot response reacts by launching local action on the target machine to end
process, or on the target network component to block traffic. E.g. kill any process, Reset
connection etc. It does not prevent the occurrence of the attack in future. On the other hand
Policy based response works on more general scope. It considers the threats reported in the
alert, constraints and objectives of the information system of the network. It modifies or
11. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
112
creates new rules in the policy repository to prevent an attack in the future. In our proposed
IDS, Base station’s Policy decision point and other policy decision modules take part in the
response mechanism together. BPDP and PDM take part in response mechanism. Intrusion
can be detected either in Cluster node or Regional node. Finally base stations can be involved
anytime if network administrator wants to do so or to update signature database or policy
stored in intermediate agent. Intrusions are detected automatically according to the policy
implemented by BPDP. Re-action is also automatic but administrator may re-design the
architecture according requirements.
In [21] a novel intrusion detection and response system is implemented. We have applied
their idea in our response mechanism with some modification. Our IDS system considers each
sensor nodes into one of five classes: Fresh, Member, Unstable, Suspect or Malicious. We
have Local Policy Agent, Regional Policy Agent and finally Base Policy Decision Point to
take decision about the sensor node’s class placement. Routeguard mechanism use Pathrating
algorithm to keep any node within these five classes [21]. In our model, we have policy or
rules defined in Base station’s BPDP to select any node to be within these five classes as
shown in figure 4. When a new node is arrived, it will be classified as Fresh. For a pre-
selected period of time this new node will be in Fresh state. By this time LPA will check
whether this node is misbehaving or not. In this period the node is permitted to forward or
receive packets from another sensor node, but not its own generated packet. After particular
time its classification will be changed to Member automatically if no misbehave is detected.
Otherwise the node’s classification will be changed to Suspect state. In Member state nodes
are allowed to create, send, receive or forward packets. In this time Member nodes are
monitored by Watchdog at LPA in Cluster node. If the node misbehaves its state will be
changed to Unstable for short span of time. During Unstable state nodes are permitted to send
and receive packets except their own packets. In this state the node will be kept under close
observation of LPA. If it behaves well then it will be transferred to Member state. A node in
Unstable state will be converted to Suspect state in two cases: Either the node was in
Unstable state and interchanged its state within Member and Unstable state for a particular
amount of times (threshold value defined in LPA) within a predefined period or the node was
misbehaving for long time (threshold value). LPA’s Post processor sends “Danger alert” to
RPA whenever Suspect node is encountered. The suspected node is completely isolated from
the network. It is not allowed to send, receive, or forward packets and temporarily banned for
short time. Any packets received from suspected node are simply discarded. After a certain
period of time the node is reconnected and is monitored closely for extensive period of time
by Intrusion Detection Agent in all three layers. If watchdogs report well then node status will
be changed to Unstable. However if it continues misbehaving then it will be labeled as
Malicious. After declaring any node malicious that node permanently banned from this
network. To ensure that this malicious node will never try to reconnect, its MAC address or
any unique ID will be added to Signature Record Database of LPA.
12. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
113
Figure 5 : Operation of Intrusion Response
Survivability is one of the major factors that are predicted from every system. We consider
base stations to be failure free. But the Regional nodes or cluster nodes may be unreachable
due to failure or battery exhaustion. So, in case of failures or any physical damage of
Regional nodes or Cluster nodes, control of that node should be taken over by another stable
node. So in our proposed architecture if any Regional node fails, then its control is shifted to
the neighbor Regional node dynamically.
So, control of the Cluster nodes and sensor nodes belonging to that Regional node will be
shifted automatically to the neighbor node. In the same way if any cluster node fails then
control of that cluster node will be transferred to the neighbor Cluster node.
Figure 6: Cluster nodes failure
So in the proposed architecture if any LPA is unreachable due to failure or battery exhaustion
of cluster nodes, neighbor LPA will take the charges of leaf level sensor nodes which was in
the area of fault cluster node. In the same way due to Regional nodes failure neighbor
Regional node’s RPA will take over the functionality of all the cluster node’s LPA and sensor
nodes belonged to the faulty Regional node dynamically.
13. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
114
Figure 7 : Regional node’s failure
As we mentioned before Cluster nodes or regional nodes havenumberdirect communications
between them. So how will Cluster node or Regional node determine about the failure of its
neighbor? Actually in the proposed architecture Base station has direct or indirect connections
with all its leaf nodes. Base station has direct connection with Regional node. So if any
Regional node fails Base station can identify the problem and select one of its neighbor nodes
dynamically according to some predefined rule in BPDP. Then BPDP needs to supply the
policy, rules, or signatures of failed node to the selected new neighbor Regional node. In the
same way if any cluster node fails then neighbor cluster node will not be informed about its
failure. So in this case Regional node will take necessary action of selecting suitable neighbor
cluster node. Here policy, rules or signatures of the failed cluster node will be supplied by the
BPDP through relevant RPA. So RPA has the only responsibility to select appropriate
neighbor LPA of unreachable LPA. The rest of the work belongs to BPDP of Base station. As
Base station is much more powerful node with large storage; all the signatures, anomaly
detection rules or policies are stored primarily as backup in Base station. This back up system
increases reliability of the whole network system.
8. CONCLUSION
WSN are prone to intrusions and security threats. In this paper, we propose a novel
architecture of IDS for ad hoc sensor network based on hierarchical overlay design. We
propose a response mechanism also according to proposed architecture. Our design of IDS
improves on other related designs in the way it distributes the total task of detecting intrusion.
Our model decouples the total work of intrusion detection into a four level hierarchy which
results in a highly energy saving structure. Each monitor needs to monitor only a few nodes
within its range and thus needs not spend much power for it. Due to the hierarchical model,
the detection system works in a very structured way and can detect any intrusion effectively.
As a whole, every area is commanded by one cluster head so the detection is really fast and
the alarm is rippled to the base station via the region head enabling it to take proper action. In
this paper we consider cluster nodes or Regional nodes to be more powerful than ordinary
sensor nodes. Though it will increase the total cost of network set up, but to enhance
reliability, efficiency and effectiveness of IDS for a large geographical area where thousands
of sensor nodes take place, the cost is tolerable.
14. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
115
Policy based mechanism is a powerful approach to automating network management. The
management system for intrusion detection and response system described in this paper
shows that a well structured reduction in management traffic can be achievable by policy
management. This policy-based architecture upgrades adaptability and re-configurability of
network management system which has a good practical research value for large
geographically distributed network environment.
The IDS in wireless sensor network is an important topic for the research area. Still there are
no proper IDS in WSN field. Many previous proposed systems were based on three layer
architecture. But we introduced a four layer overlay hierarchical design to improve the
detection process and we brought GSM cell concept. We also introduced hierarchical watch
dog concept. Top layer base station, cluster node and regional node are three hierarchical
watchdogs. Our report proposes IDS in multiple layers to make our system architecture
robust.
9. FUTURE WORK
This paper provides a first-cut solution to four layer hierarchical policy based intrusion
detection system for WSN. So there is much room for further research in this area. Proposed
IDS system is highly extensible, in that as new attack or attack pattern are identified, new
detection algorithm can be incorporated to policy. Possible venues for future works include:
• Present model can be extended by exploring the secure communication between base
station, Regional node and cluster node.
• The setting of management functions of manager station more precisely.
• Election procedure to select cluster and regional node: Instead of choosing the cluster
node and regional node manually, there will be an election process that will
automatically detect the cluster node and regional node.
• Implementation of Risk Assessment System in the manager stations to improve the
reaction capability of intrusion detection system.
• In this paper we actually focus on the general idea of architectural design for IDS and
how a policy management system can be aggregated to the system. But an extensive
work needs to be done to define Detection and Response policy as well.
• Overall, more comprehensive research is needed to measure the current efficiency of
IDS, in terms of resources and policy, so that improvements of its future version(s)
are possible.
• Further study is required to determine IDS scalability. To the best of knowledge, its
scalability highly correlates with the scalability of the WSN application and the
policy management in use.
• Building our own Simulator: As all the previous research were based on three layer
architecture, so we are planning to create our own simulator that will simulate our
four layer design.
REFERENCES
[1]. Chong Eik Loo, Mun Yong Ng, Christopher Leckie, Marimuthu Palaniswami. Intrusion
Detection for Routing Attacks in Sensor Networks, International Journal of Distributed Sensor
Networks, Volume 2, Issue 4 December 2006 , pages 313 - 332 DOI: 10.1080/15501320600692044,
15. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
116
[2] S. Doumit and D.P. Agrawal,“Self-organized criticality & stochastic learning based intrusion
detection system for wireless sensor network”, MILCOM 2003 - IEEE Military Communications
Conference, vol. 22, no. 1, pp. 609-614, 2003
[3]. C.-C. Su, K.-M. Chang, Y.-H. Kuo, and M.- F. Horng, “The new intrusion prevention and
detection approaches for clustering-based sensor networks”, in 2005 IEEE Wireless
Communications and Networking Conference, WCNC 2005: Broadband Wirelss for the Masses -
Ready for Take-off, Mar 13-17 2005.
[4]. A. Agah, S. Das, K. Basu, and M. Asadi, “Intrusion detection in sensor networks: A non-
cooperative game approach”, in 3rd IEEE International Symposium on Network Computing and
Applications, (NCA 2004), Boston, MA, August 2004, pp. 343346.
[5]. A. da Silva, M. Martins, B. Rocha, A. Loureiro, L. Ruiz, and H. Wong, “Decentralized intrusion
detection in wireless sensor networks”, Proceedings of the 1st ACM international workshop on
Quality of service & security in wireless and mobile networks- 2005.
[6]. OTran Hoang Hai, Faraz Khan, and Eui-Nam Huh, “Hybrid Intrusion Detection System for
Wireless Sensor Network”, ICCSA 2007, LNCS 4706, Part II, pp. 383–396, 2007. Springer-Verlag
Berlin Heidelberg 2007
[7] C. Karlof and D. Wagner, “Secure routing in wireless sensor networks: Attacks and
countermeasures”, In Proceedings of the 1st IEEE International Workshop on Sensor Network
Protocols and Applications (Anchorage, AK, May 11, 2003).
[8] National Institute of Standards and Technology, “Wireless ad hoc sensor networks”, web:
http://w3.antd.nist.gov/wahn_ssn.shtml, retrieved 12th January,2008.
[9]. Sumit Gupta “Automatic detection of DOS routing attach in Wireless sensor network” MS
thesis, Faculty of the Department of Computer Science University of Houston , December 2006
[10 ] Rodrigo Roman, Jianying Zhou , Javier Lopez, “Applying Intrusion Detection Systems to
wireless sensor networks “,Consumer Communications and Networking Conference, 2006. CCNC
2006. 3rd IEEE, 8-10 Jan. 2006 Volume: 1, On page(s): 640- 644 ISBN: 1-4244-0085-6
[11]. P.Bruth and C. Ko, “ Challenges in Intrusion detection for wireless ad hoc networks” in
Application and the Internet Workshop =s, 2003 proceedings,2003 Symposium on, PP.368373,2003.
[12] R. Chadha, G. Lapiotis, S. Wright, “Policy-Based Networking”, IEEE Network special issue,
March/April 2002, Vol. 16 No. 2, guest editors.
[13] Linnyer Beatrys Ruiz Jose Marcos Nogueira and Antonio A. F. Loureiro. MANNA: A
Management Architecture for Wireless Sensor Networks IEEE Communications Magazine,
2003.2b: http://w3.antd.nist.gov/wahn_ssn.shtml, retrieved 1[68]. Zhou Ying, Xiao Debao, “Mobile
agent based Policy management for wireless sensor network”, ISBN: 0-7803-9335-X/05, 2005
IEEE.
2th
[14] W. Chen, N. Jain and S. Singh, “ANMP: Ad hoc Network Management protocol”, IEEE
Journal on Selected Areas in Communications17(8) (August 1999) 1506-1531.
[15] Piya Techateerawat, Andrew Jennings, “Energy Efficiency of Intrusion Detection Systems in
Wireless Sensor Networks”, Proceedings of the 2006 IEEE/WIC/ACM International Conference on
Web Intelligence and Intelligent Agent Technology (WI-IAT 2006 Workshops)(WI-IATW'06) 0-7695-
2749-3/06
16. International Journal of Network Security & Its Applications (IJNSA), Vol.2, No.3, July 2010
117
[16]O. Kachirski and R. Guha. “Intrusion Detection Using Mobile Agents in Wireless Ad Hoc
Networks”, Proceeding of the IEEE Workshop on Knowledge Media Networking, pp. 153-158, 2002
[17] D. R. Raymond and S. F. Midkiff, “Denial-of-Service in Wireless Sensor Networks: Attacks
and Defenses”, IEEE Pervasive Computing, vol. 7, no. 1, 2008, pp. 74-81.
[18] V. Bhuse, A. Gupta, “Anomaly intrusion detection in wireless sensor network” Journal of High
Speed Networks, Volume 15, Issue 1, pp 33-51, Jan 2006
[19]. Bharat Bhargava, Weichao Wang. Visualization of Wormholes in Sensor Networks. New York,
NY, USA: ACM Press, 2004.
[20] P. Albers et al., “Security in Ad Hoc Networks: a General Intrusion Detection Architecture
Enhancing Trust Based Approaches,” 1st Int’l. Wksp. Wireless Info. Sys., Ciudad Real, Spain, Apr.
3–6, 2002.
[21] Zhou, L. and Haas, Z. J., “Securing ad hoc networks”, IEEE Network, Volume 13, Issue 6,
Nov.-Dec. 1999, pp. 24 – 30. January,2008.
[22] FZhang, Y. and Lee W “Intrusion detection in Wireless Ad hoc Networks”, The 6th
annual
international conference on Mobile computing and networking, Boston MA, Aug 2000. PP:275-283