Designing an Agent-Based Intrusion Detection System for Heterogeneous Wireless Sensor Networks: Robust, Fault Tolerant and Dynamic Reconfigurable

Abstract: Protecting networks against different types of attacks is one of most important posed issue into the network and information security domains. This problem on Wireless Sensor Networks (WSNs), in attention to their special properties, has more importance. Now, there are some of proposed solutions to protect Wireless Sensor Networks (WSNs) against different types of intrusions; but no one of them has a comprehensive view to this problem and they are usually designed in single-purpose; but, the proposed design in… Show more

“…• A hardware or software or combinational system, with defensive-aggressive approach to protect information, systems and networks [3,8,17]; • Usable on host, network [2,11] and application levels;…”

“…• It analyzes the system or network traffic or controls the incoming connections to different ports, and then it detects the occurring sabotage/vandalism; • It can detects known attacks, unusual traffic, harmful data, misuse and unauthorized access to the systems and networks by internal users or external intruders [2,7]; • It inferences by using deterministic methods (based on patterns of known attacks) or nondeterministic methods (to detecting new attacks and anomalies); • It can determine the intruder's identity and tracking him/her/it; • It informs and notifies to the security manager by different types of warnings or notifications; sometimes, it disconnects the suspicious connections or blocks malicious traffic [2,3]; In general, three main functionalities of IDSs are including monitoring (evaluation), analyzing (detection) and responding (reporting) to the occurring attacks on computer systems and networks [3,8]. There are two stages to configure IDS, consisting of attack's signs and management arbitrary events [8].…”

“…According to Table1, HIDS installs on a computer system; it uses processor and memory of that system and protects only the hosting system [4,7,9,11]. It has an abnormal detector part which using statistical methods to detect abnormal behavior of users in comparison to their behavioral records [1,2,14]; also, it has an expert system part that detects the security threats and describes the vulnerabilities of the system, but independent from behavioral records of users; of course, it uses a rules-base, too.…”

“…As Table1 is showing, NIDS is a software process which installs on a special hardware system; in many cases, it operates as a sniffer and controls passing packets and active communications, and then it analyze network traffic in sophisticated, to find attacks [2,7,8,17]. NIDS can identify attacks, on network level; thus, it includes following steps:…”

Weaknesses, Vulnerabilities And Elusion Strategies Against Intrusion Detection Systems

“…• A hardware or software or combinational system, with defensive-aggressive approach to protect information, systems and networks [3,8,17]; • Usable on host, network [2,11] and application levels;…”

“…• It analyzes the system or network traffic or controls the incoming connections to different ports, and then it detects the occurring sabotage/vandalism; • It can detects known attacks, unusual traffic, harmful data, misuse and unauthorized access to the systems and networks by internal users or external intruders [2,7]; • It inferences by using deterministic methods (based on patterns of known attacks) or nondeterministic methods (to detecting new attacks and anomalies); • It can determine the intruder's identity and tracking him/her/it; • It informs and notifies to the security manager by different types of warnings or notifications; sometimes, it disconnects the suspicious connections or blocks malicious traffic [2,3]; In general, three main functionalities of IDSs are including monitoring (evaluation), analyzing (detection) and responding (reporting) to the occurring attacks on computer systems and networks [3,8]. There are two stages to configure IDS, consisting of attack's signs and management arbitrary events [8].…”

“…According to Table1, HIDS installs on a computer system; it uses processor and memory of that system and protects only the hosting system [4,7,9,11]. It has an abnormal detector part which using statistical methods to detect abnormal behavior of users in comparison to their behavioral records [1,2,14]; also, it has an expert system part that detects the security threats and describes the vulnerabilities of the system, but independent from behavioral records of users; of course, it uses a rules-base, too.…”

“…As Table1 is showing, NIDS is a software process which installs on a special hardware system; in many cases, it operates as a sniffer and controls passing packets and active communications, and then it analyze network traffic in sophisticated, to find attacks [2,7,8,17]. NIDS can identify attacks, on network level; thus, it includes following steps:…”

Weaknesses, Vulnerabilities And Elusion Strategies Against Intrusion Detection Systems

“…the Sink deployment location), which have more powerful resources and capabilities than usual sensor nodes. As shown in Figure1, cluster-heads (CHs) collect information from their nearby sensor nodes, aggregate and forward them to the base station (Sink) to process gathered data [1,3,4]. Factors such as wireless, unsafe, unprotected and shared nature of communication channel, untrusted and broadcast transmission media, deployment in hostile and open environments, automated and unattended nature and limited resources, make WSNs vulnerable and susceptible to many types of criteria; therefore, in attending to the WSNs' constraints in energy resources and radio transceiver power, clustering is a vital and complex requirement for these networks.…”

An Introduction to Various Basic Concepts of Clustering Techniques on Wireless Sensor Networks

Intrusion Detection System for IoT Heterogeneous Perceptual Network