| The wireless sensor networks is a distributed sensing detection system, which is constituted by many wide spread nodes in a region. In this system sensor nodes gather and deal with data in the region. Then results data is transmitted to a sink node through multi-hop and finally to the console. So it implemented the data collection and the monitoring mission. Compared with traditional wireless networks, this wireless sensor network with low cost node, no infrastructure, well adapted to high dynamic topology, and other good characteristics, have received increasing attention.Wireless sensor networks (WSNs) are rapidly emerging as an important area in mobile computing research. Applications of WSNs are numerous and growing. WSNs are always unattended,and openning nature in the environment and broadcast nature of wireless communication will bring about enormous security hidden security dangers. Security measures must be applied to protect the network from a variety of attacks. Since prevention measures,such as encryption and authentication, are usually vulnerable to attacks, intrusion detection becomes an important second wall to protect the network,especially for the applications which require longer network lifetime. In this paper, the architecture of the intrusion detection and detection algorithm and placement strategy of intrusion detection modules in wireless sensor networks are studied based on the security of wireless sensor networks. Main research are presented in the followings.Although static sensor nodes have low computation and communication capabilities, they have specific properties ,and can acquire stable neighborhood information, which can be used for detection of anomalies in networking and behaviors of the neighbor nodes, to provide security for wireless sensor network. To make a sensor node capable of detecting an intruder, a simple dynamic statistical model of the neighboring nodes is needed to build, with a low-complexity detection algorithm to monitor packet reception power levels,arrival rate, and node traffic flow. A normal distribution based on the statistical model was proposed, based on the statistical model, a feature-based intrusion detection algorithm was introdeced. Respectively, in terms of packet reception power , arrival rate and node traffic flow, performance simulation and analysis.of the intrusion detection algorithm were performed. Simulation results show that the intrusion detection algorithm based on statistical models of normal distribution can detect abnormal neighbor nodes, but certain error existed. and the factors that influence the detection was qualitatively analysed.Signature-based detection is the mainstay of operational intrusion detection systems in wireless sensor networks. The effectiveness of the signature based intrusion detection techniques depends critically on the placement of the detection modules. By means of minimum cut-sets, minimum dominating sets in Graph Theory, an optimal Placement strategy of signature-based Intrusion Detection Modules wan proposed, by enabling the intrusion detection functionality on particular sensor nodes, which could improve detection rates. The proposed algorithms, based on the concepts of minimum cut-set and minimum dominating set, allow for a distributed implementation. The performance of the algorithms in identifying intrusions using signature-based detection techniques was studied via simulations. Simulations show that compared to Random Placement algorithm, the optimal Placement algorithm not only can improve detection rates,but also can converge very well.A distributed intrusion detection system against attacks in WSNs (wireless sensor networks, WSNs), which included a three-level hierarchical architecture for data collection, processing and transmission, and a distributed anomaly-based intrusion detection algorithm were presented. Local IDSs (intrusion detection systems, IDSs) were attached to each node of the WSNs, which were responsible for collecting raw data of network operation, and computing a local anomaly index, measuring the difference between the current node operation and normal operation. In this hierarchical system, node-level and cluster-level anomaly index were fused, producing cluster-level and network-level anomaly index respectively. The fusion algorithm was described mathematically and deduced theoretically. For performance evaluation,the ROC (Receiver Operating Characteristics, ROC) curves in simulation,for operations at the nodes, cluster heads and managers,was adopted. The overall results confirm the effectiveness of the architecture and algorithm described in the paper. Research shows that the fusion algorithm can greatly improve system's probability of detection.Identifying misbehaviors is an important task for intrusion detection in wireless sensor networks. The communication overhead and energy consumption should reach the minimum value to the greatest extent in the network when identifying misbehaviors. Our approach to this problem is based on a distributed, cluster-based anomaly detection algorithm, namely 3N algorithm. We minimize the communication overhead by clustering the sensor measurements and merging clusters before sending a description of the clusters to the other nodes. In order to evaluate our distributed scheme, we implemented our simulation and comparison between distributed detection algorithm and centralized detection algorithm. Results show that distributed scheme achieves comparable accuracy compared to a centralized scheme with a significant reduction in communication overhead.
|
PDF Full Text Request