Intrusion Detection Systems in WSNs
VerifiedAdded on 2020/01/07
|5
|1680
|214
Essay
AI Summary
This assignment delves into the crucial topic of intrusion detection systems (IDS) within the context of Wireless Sensor Networks (WSNs). It provides a comprehensive overview of different IDS categories, including anomaly-based, signature-based, hybrid, and cross-layer systems. The assignment also outlines the key components of an IDS and discusses various security mechanisms employed in WSNs based on their deployment models: purely distributed, centralized, and distributed-centralized approaches. The discussion emphasizes the importance of considering resource constraints when designing security mechanisms for WSNs.
Contribute Materials
Your contribution can guide someone’s learning journey. Share your
documents today.
Efficient IDS(intrusion detection system) in WSN (Wireless sensor
network)
Security is rapidly replacing performance as the first and foremost concern in many networking
scenarios. This comprise of wireless sensor networks which are becoming increasingly
widespread for many environmental, logistics, engineering, health, and military applications.
While security averting is important so it cannot ensure that attacks will not be established and
that, once establish, they will not be successful. Therefore, detection of virulent intrusions forms
an important part of an integrated approach to security.
Wireless Sensor Networks (WSNs):
Wireless Sensor Networks (WSNs) contain of sensor nodes and sinks. Sensor nodes have the
power of self-healing and self-organizing. They are decentralized and distributed in nature where
exchange of messages takes place via multihop intermediate nodes.
Following are the components of sensor nodes:
1. Power unit
2. Sensor
3. Analogue –to- digital convertor
4. Processor
5. Communication/transceiver
6. Software
We consider two types of sensors network models:
1. Homogeneous
2. Heterogeneous
The main objective of a sensor node is to collect data from its surrounding environment and
convey it to the sink. Wireless Sensor Networks have many operations and are used in scenarios
such as detecting climate changed, monitoring environments and habitats, and various other
surveillance and military applications. Wireless Sensor Networks (WSNs) are exposed to various
kinds of security threats that can demote the interpretation of the network and may cause
the sensors to send wrong information to the sink. Key management, authentication and
secure routing protocols cannot warranty the required security for Wireless Sensor Networks.
Intrusion Detection System (IDS) provides a solution to this problem by anatomizing the
network in order to ascertain abnormal behavior of the sensor node(s). Researchers have
propound various approaches for determining intrusions in Wireless Sensor Networks during the
past few years. Wireless Sensor Networks in general and in nature are unattended and physically
reachable from the outside world, they could be endangered to physical attacks in the form of
network)
Security is rapidly replacing performance as the first and foremost concern in many networking
scenarios. This comprise of wireless sensor networks which are becoming increasingly
widespread for many environmental, logistics, engineering, health, and military applications.
While security averting is important so it cannot ensure that attacks will not be established and
that, once establish, they will not be successful. Therefore, detection of virulent intrusions forms
an important part of an integrated approach to security.
Wireless Sensor Networks (WSNs):
Wireless Sensor Networks (WSNs) contain of sensor nodes and sinks. Sensor nodes have the
power of self-healing and self-organizing. They are decentralized and distributed in nature where
exchange of messages takes place via multihop intermediate nodes.
Following are the components of sensor nodes:
1. Power unit
2. Sensor
3. Analogue –to- digital convertor
4. Processor
5. Communication/transceiver
6. Software
We consider two types of sensors network models:
1. Homogeneous
2. Heterogeneous
The main objective of a sensor node is to collect data from its surrounding environment and
convey it to the sink. Wireless Sensor Networks have many operations and are used in scenarios
such as detecting climate changed, monitoring environments and habitats, and various other
surveillance and military applications. Wireless Sensor Networks (WSNs) are exposed to various
kinds of security threats that can demote the interpretation of the network and may cause
the sensors to send wrong information to the sink. Key management, authentication and
secure routing protocols cannot warranty the required security for Wireless Sensor Networks.
Intrusion Detection System (IDS) provides a solution to this problem by anatomizing the
network in order to ascertain abnormal behavior of the sensor node(s). Researchers have
propound various approaches for determining intrusions in Wireless Sensor Networks during the
past few years. Wireless Sensor Networks in general and in nature are unattended and physically
reachable from the outside world, they could be endangered to physical attacks in the form of
Secure Best Marks with AI Grader
Need help grading? Try our AI Grader for instant feedback on your assignments.
node capture or node decimation. These types of attacks are difficult to protect against and
require smart prevention methods. It is compulsory for Wireless Sensor Networks to have
security measures in place as to avoid a break in from inserting compromised nodes in order to
demolish or disturb the network performance. Sensor nodes are small and include limited energy,
memory, bandwidth, and processing power. They can be deployed in inhospitable places, with
little or no human intervention thereafter. A sensor network is (or should be) able to handle
freely, from the moment sensor nodes as deployed in the space of interest to the time when
batteries are exhausted and sensor nodes stop working. They are deployed to the collapsing. This
generic scenario may be applied in many situations, and it should come as no surprise that
wireless sensor networks are becoming increasingly common in many environmental, business,
engineering, healthcare, military, surveillance, and other applications. Conventional security
mechanisms are not usually practical due to the sensor nodes having boundaries of
computational power, memory capacity, and battery power. Hence, specific security systems
should be intended to function under discipline of energy or memory. A moderately distributed
intrusion detection system with low memory and power demands is proposed here. It utilizes a
Bloom filter, which allows reduced signature code size. Multiple Bloom filters can be combined
to decrease the signature code for each Bloom filter array. The mechanism could then cope with
potential rejection of service attacks, unlike many previous detection systems with Bloom filters.
The mechanism was considered and authenticated through analysis and simulation.
Wireless sensor nodes are typically small, battery operated devices with three main subsystems:
The sensing subsystem consists of one or more sensors or transducers which convert the
monitored physical variable to an electrical, possibly digital, signal.
The computational subsystem is a small microcontroller with integrated memory; it
controls the operation of the other two subsystems.
The communication or radio subsystem enables the node to communicate with other
nodes in its vicinity through wireless transmissions.
It is difficult to guard and secure Wireless network system because:
1. Wireless medium is open and accessible to anyone.
2. Absence of any fixed infrastructure – in particular, there is no central or master controller
to monitor the operation of the network and analyze the data to detect intrusions.
3. Main problem with wireless sensor networks lies elsewhere: in their limited
computational and communication resources
In wireless sensor network (WSN), intrusion acts as a serious danger prejudicing the network, it
is necessary to avoid doing from these attacks by the becoming aware of intrusion which turns
out to be a challenging task. Apart from these hazards there triumph other kinds of restriction
attacks. The overall intrusion can be curbed down by 80%. In this work, consider trust based
nodes in a direction for communication of information from the source to destination. The
require smart prevention methods. It is compulsory for Wireless Sensor Networks to have
security measures in place as to avoid a break in from inserting compromised nodes in order to
demolish or disturb the network performance. Sensor nodes are small and include limited energy,
memory, bandwidth, and processing power. They can be deployed in inhospitable places, with
little or no human intervention thereafter. A sensor network is (or should be) able to handle
freely, from the moment sensor nodes as deployed in the space of interest to the time when
batteries are exhausted and sensor nodes stop working. They are deployed to the collapsing. This
generic scenario may be applied in many situations, and it should come as no surprise that
wireless sensor networks are becoming increasingly common in many environmental, business,
engineering, healthcare, military, surveillance, and other applications. Conventional security
mechanisms are not usually practical due to the sensor nodes having boundaries of
computational power, memory capacity, and battery power. Hence, specific security systems
should be intended to function under discipline of energy or memory. A moderately distributed
intrusion detection system with low memory and power demands is proposed here. It utilizes a
Bloom filter, which allows reduced signature code size. Multiple Bloom filters can be combined
to decrease the signature code for each Bloom filter array. The mechanism could then cope with
potential rejection of service attacks, unlike many previous detection systems with Bloom filters.
The mechanism was considered and authenticated through analysis and simulation.
Wireless sensor nodes are typically small, battery operated devices with three main subsystems:
The sensing subsystem consists of one or more sensors or transducers which convert the
monitored physical variable to an electrical, possibly digital, signal.
The computational subsystem is a small microcontroller with integrated memory; it
controls the operation of the other two subsystems.
The communication or radio subsystem enables the node to communicate with other
nodes in its vicinity through wireless transmissions.
It is difficult to guard and secure Wireless network system because:
1. Wireless medium is open and accessible to anyone.
2. Absence of any fixed infrastructure – in particular, there is no central or master controller
to monitor the operation of the network and analyze the data to detect intrusions.
3. Main problem with wireless sensor networks lies elsewhere: in their limited
computational and communication resources
In wireless sensor network (WSN), intrusion acts as a serious danger prejudicing the network, it
is necessary to avoid doing from these attacks by the becoming aware of intrusion which turns
out to be a challenging task. Apart from these hazards there triumph other kinds of restriction
attacks. The overall intrusion can be curbed down by 80%. In this work, consider trust based
nodes in a direction for communication of information from the source to destination. The
centralized and decentralized wireless sensor networks are taken into account through which the
trust behaviors of nodes are determined. In decentralized wireless sensor network, the leader or
cluster leader is designated based on the energy levels of the nodes. Since the Wireless Sensor
Network is differentiated by its limited resources, it implies many restrains compared to a
traditional computer network. These constrains can be summarized as:
(i) Node constraints; memory size, energy levels, and computing capability,
(ii) Network constraints; bandwidth, unreliable communications,
(iii) Physical limitations; due to remote management it is widely exposed to be tampered.
Intrusion Detection System (IDS):
An Intrusion Detection System (IDS) is referred to as a second line of defense, which is used for
intrusion detection only; that is, Intrusion Detection System can determine attacks but cannot
prevent or respond. Once the attack is found, the Intrusion Detection Systems raise an alarm to
inform the controller to take action.
There are two important classes of Intrusion Detection Systems. One is rule-based Intrusion
Detection System and the other is anomaly-based Intrusion Detection System. Rule-based
Intrusion Detection System is also known as signature-based Intrusion Detection System which
is used to detect intrusions with the help of built-in signatures.
Intrusion Detection System agent works in three phases and each phase has a unit such as:
• Collection unit
It collects the network data.
• Detection unit
It performs detection policy accordingly to find intrusions.
• Response unit
It generates alert in case of abnormal node detection
Widely thinking, Intrusion Detection System has three main components
(i) Monitoring component is used for local events covering as well as neighbors monitoring.
This component mostly monitors traffic patterns, internal events, and resource employing.
(ii) Analysis and detection module is the main component which is based on modeling
algorithm. Network operations, behavior, and activities are analyzed, and decisions are made to
declare them as malicious or not.
(iii) Alarm component is a response generating component, which generates an alarm in case
of detection of an intrusion.
trust behaviors of nodes are determined. In decentralized wireless sensor network, the leader or
cluster leader is designated based on the energy levels of the nodes. Since the Wireless Sensor
Network is differentiated by its limited resources, it implies many restrains compared to a
traditional computer network. These constrains can be summarized as:
(i) Node constraints; memory size, energy levels, and computing capability,
(ii) Network constraints; bandwidth, unreliable communications,
(iii) Physical limitations; due to remote management it is widely exposed to be tampered.
Intrusion Detection System (IDS):
An Intrusion Detection System (IDS) is referred to as a second line of defense, which is used for
intrusion detection only; that is, Intrusion Detection System can determine attacks but cannot
prevent or respond. Once the attack is found, the Intrusion Detection Systems raise an alarm to
inform the controller to take action.
There are two important classes of Intrusion Detection Systems. One is rule-based Intrusion
Detection System and the other is anomaly-based Intrusion Detection System. Rule-based
Intrusion Detection System is also known as signature-based Intrusion Detection System which
is used to detect intrusions with the help of built-in signatures.
Intrusion Detection System agent works in three phases and each phase has a unit such as:
• Collection unit
It collects the network data.
• Detection unit
It performs detection policy accordingly to find intrusions.
• Response unit
It generates alert in case of abnormal node detection
Widely thinking, Intrusion Detection System has three main components
(i) Monitoring component is used for local events covering as well as neighbors monitoring.
This component mostly monitors traffic patterns, internal events, and resource employing.
(ii) Analysis and detection module is the main component which is based on modeling
algorithm. Network operations, behavior, and activities are analyzed, and decisions are made to
declare them as malicious or not.
(iii) Alarm component is a response generating component, which generates an alarm in case
of detection of an intrusion.
Following are the categories of Intrusion Detection System:
Anomaly-based IDSs: are suitable for small-sized Wireless Sensor Networks where few nodes
communicate with the base station. In small sized Wireless Sensor Networks, the traffic
prototype is mostly the same, so unusual traffic pattern or changing behavior can be treated as an
intrusion. However such Intrusion Detection System may produce more false alarms and may not
be able to detect well-known intrusions. Anomaly-based Intrusion Detection Systems are usually
lightweight in nature and mostly use statistical, probabilistic, traffic analysis or intelligent
techniques.
Signature-based IDSs: are suitable for relatively large-sized WSNs, where more security threats
and attacks can include network operations. Signature-based IDS needs more resources and
calculations as compared to anomaly-based IDS. One of the important and complex activities is
the collection and insertion of new attack signatures in the databases. Such IDSs mostly use data
mining or pattern matching techniques.
Hybrid IDSs: are appropriate for large and sustainable Wireless Sensor Networks. These
Intrusion Detection Systems have both anomaly-based and signature-based modules, so they are
need of more supplies and divisions. To condense the practice of limited resources, such
mechanisms are mostly used in cluster based or hierarchical WSNs, in which some parts of the
network are used to execute anomaly recognition while other parts are accompanied with
signature-based detection.
Cross layer IDSs: are usually not consigned for a resource constraint networks such as Wireless
Sensor Networks, as it devours more resources by exchanging parameter across the protocol suits
for attack detection.
IDS-based security mechanisms for Wireless Sensor Networks:
These mechanisms are categorized into three major classes depending on the way they install
Intrusion Detection System agent in the network.
Purely distributed approach
Purely centralized approach
Distributed centralized approach
CONCLUSION:
While crafting a security mechanism, we must consider the limited resources of Wireless Sensor
Networks. Anomaly-based Intrusion Detection Systems are lightweight in nature; still they create
more false alarms. Signature-based Intrusion Detection Systems are apposite for relatively large-
sized Wireless Sensor Networks; nevertheless they have some overheads such as updating and
inserting new signatures. Cross layer Intrusion Detection Systems are usually not recommended
for networks having resources limitations, as more energy and computation are required for
exchanging multilayer parameters.
Anomaly-based IDSs: are suitable for small-sized Wireless Sensor Networks where few nodes
communicate with the base station. In small sized Wireless Sensor Networks, the traffic
prototype is mostly the same, so unusual traffic pattern or changing behavior can be treated as an
intrusion. However such Intrusion Detection System may produce more false alarms and may not
be able to detect well-known intrusions. Anomaly-based Intrusion Detection Systems are usually
lightweight in nature and mostly use statistical, probabilistic, traffic analysis or intelligent
techniques.
Signature-based IDSs: are suitable for relatively large-sized WSNs, where more security threats
and attacks can include network operations. Signature-based IDS needs more resources and
calculations as compared to anomaly-based IDS. One of the important and complex activities is
the collection and insertion of new attack signatures in the databases. Such IDSs mostly use data
mining or pattern matching techniques.
Hybrid IDSs: are appropriate for large and sustainable Wireless Sensor Networks. These
Intrusion Detection Systems have both anomaly-based and signature-based modules, so they are
need of more supplies and divisions. To condense the practice of limited resources, such
mechanisms are mostly used in cluster based or hierarchical WSNs, in which some parts of the
network are used to execute anomaly recognition while other parts are accompanied with
signature-based detection.
Cross layer IDSs: are usually not consigned for a resource constraint networks such as Wireless
Sensor Networks, as it devours more resources by exchanging parameter across the protocol suits
for attack detection.
IDS-based security mechanisms for Wireless Sensor Networks:
These mechanisms are categorized into three major classes depending on the way they install
Intrusion Detection System agent in the network.
Purely distributed approach
Purely centralized approach
Distributed centralized approach
CONCLUSION:
While crafting a security mechanism, we must consider the limited resources of Wireless Sensor
Networks. Anomaly-based Intrusion Detection Systems are lightweight in nature; still they create
more false alarms. Signature-based Intrusion Detection Systems are apposite for relatively large-
sized Wireless Sensor Networks; nevertheless they have some overheads such as updating and
inserting new signatures. Cross layer Intrusion Detection Systems are usually not recommended
for networks having resources limitations, as more energy and computation are required for
exchanging multilayer parameters.
Paraphrase This Document
Need a fresh take? Get an instant paraphrase of this document with our AI Paraphraser
1 out of 5
![[object Object]](/_next/image/?url=%2F_next%2Fstatic%2Fmedia%2Flogo.6d15ce61.png&w=640&q=75){kind=small}
Your All-in-One AI-Powered Toolkit for Academic Success.
+13062052269
info@desklib.com
Available 24*7 on WhatsApp / Email
![[object Object]](/_next/static/media/star-bottom.7253800d.svg)
Unlock your academic potential
© 2024 | Zucol Services PVT LTD | All rights reserved.