Group-based intrusion detection system in wireless sensor networks

Li, Guorui; He, Jingsha; Fu, Yingfang

doi:10.1016/j.comcom.2008.06.020

Cited by 74 publications

(36 citation statements)

References 20 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The base station is secure and able to detect all compromised nodes. Detection of compromised nodes can be actually achieved by means of an Intrusion Detection System (IDS) such as [27][28][29][30]. The BS maintains a blacklist containing the identity of compromised nodes.…”

Section: Network Modelmentioning

confidence: 99%

LNT: A logical neighbor tree secure group communication scheme for wireless sensor networks

et al. 2012

View full text Add to dashboard Cite

a b s t r a c tSecure group communication is a paradigm that primarily designates one-to-many communication security. The proposed works relevant to secure group communication have predominantly considered the whole network as being a single group managed by a central powerful node capable of supporting heavy communication, computation and storage cost. However, a typical Wireless Sensor Network (WSN) may contain several groups, and each one is maintained by a sensor node (the group controller) with constrained resources. Moreover, the previously proposed schemes require a multicast routing support to deliver the rekeying messages. Nevertheless, multicast routing can incur heavy storage and communication overheads in the case of a wireless sensor network. Due to these two major limitations, we have reckoned it necessary to propose a new secure group communication with a lightweight rekeying process. Our proposal overcomes the two limitations mentioned above, and can be applied to a homogeneous WSN with resource-constrained nodes with no need for a multicast routing support. Actually, the analysis and simulation results have clearly demonstrated that our scheme outperforms the previous well-known solutions.

show abstract

Section: Network Modelmentioning

confidence: 99%

LNT: A logical neighbor tree secure group communication scheme for wireless sensor networks

et al. 2012

View full text Add to dashboard Cite

show abstract

“…In [12], nodes are evaluated in terms of packet dropping rate, packet sending rate, forwarding delay time, and node readings. In [9], the attacks are detected by monitoring packet sending rate, packet dropping rate, packet mismatch rate, packet receiving rate, and received signal strength. As stated in [13], the works of [9,12] suffer from two major criticisms: (1) the circumstances, under which the assumption of multivariate normal distribution holds, are not explained, and (2) the network features such as packet sending, packet dropping, and packet receiving rates do not follow the normal distribution for tree-based routing protocol.…”

Section: Multifeature Profilementioning

confidence: 99%

“…In the one-feature profile, we use a single feature to describe and detect anomalous behavior. To detect the network malicious behavior, a node can measure the following features, as shown in Table 1 [9]. The disadvantage of this profile structure is that there is a need to assign one feature for each known attack.…”

Section: Introductionmentioning

confidence: 99%

Fortifying Intrusion Detection Systems in Dynamic Ad Hoc and Wireless Sensor Networks

Derhab

Bouras

Senouci

et al. 2014

International Journal of Distributed Sensor Networks

View full text Add to dashboard Cite

We investigate three aspects of dynamicity in ad hoc and wireless sensor networks and their impact on the efficiency of intrusion detection systems (IDSs). The first aspect is magnitude dynamicity, in which the IDS has to efficiently determine whether the changes occurring in the network are due to malicious behaviors or or due to normal changing of user requirements. The second aspect is nature dynamicity that occurs when a malicious node is continuously switching its behavior between normal and anomalous to cause maximum network disruption without being detected by the IDS. The third aspect, named spatiotemporal dynamicity, happens when a malicious node moves out of the IDS range before the latter can make an observation about its behavior. The first aspect is solved by defining a normal profile based on the invariants derived from the normal node behavior. The second aspect is handled by proposing an adaptive reputation fading strategy that allows fast redemption and fast capture of malicious node. The third aspect is solved by estimating the link duration between two nodes in dynamic network topology, which allows choosing the appropriate monitoring period. We provide analytical studies and simulation experiments to demonstrate the efficiency of the proposed solutions.

show abstract

“…The nodes in each cluster elect a leader node (cluster head) to serve as the IDS for the entire cluster. This approach aims to reduce the overall resource consumption of IDSs in the network (Li et al, 2008). The rest of this study is organized as follows: Section 2 presents the detailed leader based intrusion detection mechanism, sinkhole attack and its remedies, its routing algorithm.…”

Section: Introductionmentioning

confidence: 99%

A Leader Based Monitoring Approach for Sinkhole Attack in Wireless Sensor Network

Rajkumar

Rajamani²

2013

Journal of Computer Science

View full text Add to dashboard Cite

Security is one of an important factor to be considered seriously in wireless sensor networks. In WSN, in many ways intrusion may occur, in the past decades there is no perfect IDS, without any wasting of resources like time, energy, cost and number of physical items. The main objective is to ensure the security and improve the quality of network by applying a Leader based intrusion detection system in the Wireless Sensor Network (WSN). Here, we are focusing on the attack known as sinkhole attack which is considered as the biggest threat in wireless sensor network which spoils the complete communication and a data loss between a pair of nodes as source node and a destination node. In order to provide a complete solution to detect and avoid sinkhole attack a Leader Based Intrusion Detection System (LBIDS) is proposed. In this approach a leader is elected for each group nodes within the network, region wise and it do compares and calculates the behavior of every node, logically executes our detection module and monitors each node behaviour within the cluster for any sinkhole attack to occur. When a node gets detected as a compromised node, it informs that nodes status to the other leader within the WSN, so all the leaders in the network knows about the sink hole node information and the leaders stop communication with sinkhole Node.

show abstract

Group-based intrusion detection system in wireless sensor networks

Cited by 74 publications

References 20 publications

LNT: A logical neighbor tree secure group communication scheme for wireless sensor networks

LNT: A logical neighbor tree secure group communication scheme for wireless sensor networks

Fortifying Intrusion Detection Systems in Dynamic Ad Hoc and Wireless Sensor Networks

A Leader Based Monitoring Approach for Sinkhole Attack in Wireless Sensor Network

Contact Info

Product

Resources

About