Yi Gao,Chun Chen,Jiajun Bu,Wei Dong,Lei Ra,Xianghua Xu

2015-01-01

Abstract:Anomaly detection is an essential functionality of Wireless Sensor Networks (WSNs). However, the dynamic nature of WSNs makes the anomaly detection challenging. The environmental dynamics or internal topological dynamics pose difficulties to differentiate abnormal behaviors from normal ones. We observe that indirect correlations among multiple attributes of a sensor node can be utilized to capture and model the dynamic behaviors. Prior studies overlooked indirect correlations while in this study we exploit it for detecting anomaly efficiently and accurately. We propose ICAD, an indirect correlation based anomaly detection approach. By applying the Markov chain, the dynamic behaviors are modeled and subsequently used to detect anomalies. Compared with prior approaches, ICAD can detect different types of anomalies simultaneously and the performance is not sensitive to network dynamics. ICAD is implemented based on TinyOS/TelosB platform. Evaluation results show that ICAD achieves high detection accuracy with low overhead.

Zhidan Liu,Wei Xing,Yongchao Wang,Dongming Lu

2013-01-01

Abstract:Keeping data collecting while preserving the scarce energy of sensor nodes is always one of the most crucial problems in wireless sensor networks. In this paper, we propose the DCS scheme to effectively exploit the ubiquitous temporal-spatial correlation in most natural phenomena for energy-efficient data collection of wireless sensor networks. Specifically, for temporal correlation, we build lightweight AR model locally to capture data distribution at sensor node; for spatial correlation, by making use of our novel definition of similarity measure between sensor nodes, we perform centralized model clustering, which is a kind of clustering that emphasizes data similarity between nodes but ignores geographical distance, to group sensor nodes with similar data distribution on both magnitude and trend into the same cluster. Then through scheduling sensor nodes to report readings alternately and performing dual-prediction at both sensor nodes and Sink, DCS acquires sensing readings without compromising too much data accuracy loss. Simulation results illustrate the efficiency of DCS scheme on a data set synthesized from real-world temperature data, i.e., 82.94% communication overhead reduction while keeping data error as low as 0.0456°C when user-provided error-tolerance threshold sets as 0.2°C.

Wei-wei Fang,Ji-ming Chen,Lei Shu,Tian-shu Chu,De-pei Qian

DOI: https://doi.org/10.1631/jzus.c0910204

2010-01-01

Journal of Zhejiang University SCIENCE C

Abstract:Congestion in wireless sensor networks (WSNs) not only causes severe information loss but also leads to excessive energy consumption. To address this problem, a novel scheme for congestion avoidance, detection and alleviation (CADA) in WSNs is proposed in this paper. By exploiting data characteristics, a small number of representative nodes are chosen from those in the event area as data sources, so that the source traffic can be suppressed proactively to avoid potential congestion. Once congestion occurs inevitably due to traffic mergence, it will be detected in a timely way by the hotspot node based on a combination of buffer occupancy and channel utilization. Congestion is then alleviated reactively by either dynamic traffic multiplexing or source rate regulation in accordance with the specific hotspot scenarios. Extensive simulation results under typical congestion scenarios are presented to illuminate the distinguished performance of the proposed scheme.

Zai-wen Ni,Fan Wang,Xiao-peng Hu

DOI: https://doi.org/10.1142/9789813140011_0076

2016-01-01

Abstract:The past few years have seen an increased interest in the potential use of wireless sensor networks (WSNs) in applications. Unreliability and a dynamic nature are frequently present in the field of WSN, making anomaly detection necessary. Although events are often functions of more than one attribute and the energy in sensors is limited, the combination of data fusion and spatiotemporal correlations can overcome these limitations effectively. In this paper, we propose a spatiotemporal correlation-based anomaly detection model to differentiate normal and abnormal events in WSNs. The update phase occurs when abnormal events are detected. We demonstrate the usability and advantages of applying the spatiotemporal relevance in anomaly detection. Experimental results indicate its high performance in handling multi-dimensional sensor data.

Zhongmin Wang,Rui Gao,Cong Gao,Yanping Chen,Fengwei Wang,Gao, Rui

DOI: https://doi.org/10.1007/s11277-024-10930-w

IF: 2.017

2024-03-21

Wireless Personal Communications

Abstract:Wireless sensor devices are affected by internal constraints and the external environment, generating abnormal data. Currently, many anomaly detection schemes ignore the correlation between screening nodes, wasting resources due to excessive communication. Therefore, this paper proposes a distributed anomaly detection scheme based on adaptive grouping using the correlation between nodes in wireless sensor networks. Limiting the scope of collaboration between nodes can reduce the waste of resources due to excessive communication. Since the computing resources of sensor nodes are limited, an edge-cloud framework is established. The scheme uses Spatio-temporal correlation and graph theory for wireless sensor networks to determine node groups with solid correlations on the cloud server. Based on the grouping results, anomaly detection is implemented locally. A Bayesian network model is constructed at the node within the group, and outlier detection is realized by inference on nodes. A correlation consistency evaluation method is proposed to improve anomaly detection accuracy to check the data consistency on the cluster head. The proposed scheme is verified by a generated data set and the real data of Intel Berkeley Research Lab. The effectiveness of the proposed method is verified by comparing it with three existing algorithms. Experimental results show that the method improves detection accuracy and reduces false detection.

telecommunications

Gang Li,Bin He,Hongwei Huang,Limin Tang

DOI: https://doi.org/10.3390/s16101601

IF: 3.9

2016-01-01

Sensors

Abstract:The spatial–temporal correlation is an important feature of sensor data in wireless sensor networks (WSNs). Most of the existing works based on the spatial–temporal correlation can be divided into two parts: redundancy reduction and anomaly detection. These two parts are pursued separately in existing works. In this work, the combination of temporal data-driven sleep scheduling (TDSS) and spatial data-driven anomaly detection is proposed, where TDSS can reduce data redundancy. The TDSS model is inspired by transmission control protocol (TCP) congestion control. Based on long and linear cluster structure in the tunnel monitoring system, cooperative TDSS and spatial data-driven anomaly detection are then proposed. To realize synchronous acquisition in the same ring for analyzing the situation of every ring, TDSS is implemented in a cooperative way in the cluster. To keep the precision of sensor data, spatial data-driven anomaly detection based on the spatial correlation and Kriging method is realized to generate an anomaly indicator. The experiment results show that cooperative TDSS can realize non-uniform sensing effectively to reduce the energy consumption. In addition, spatial data-driven anomaly detection is quite significant for maintaining and improving the precision of sensor data.

Honglei Gao,Guolong Chen,Wenzhong Guo

DOI: https://doi.org/10.1109/cse.2009.262

2009-01-01

Abstract:Trusted and reliable wireless sensor networks (WSNs) rely on the accurate and rapid detection of anomalies. However, the security model in wired networks is not suited for WSNs because of their energy constraints. In this paper, a traffic prediction model based on gene expression programming (GEP-ADS) is proposed, to predict the time series of normal traffic. Then we present a lightweight anomaly detection scheme (ADS) in WSNs. In the ADS, no more cooperation between sensor nodes is required, which dramatically decrease theenergy consumption. Another key advantage of our approach is that GEP-ADS could solve the problem that the traditional time series methods can't make an accurate prediction without the pre-knowledge. In order to evaluate our ADS, we have simulated several routing attacks, and fully discussed the parameter setting influence on our ADS. The simulation results show that our ADS is able to achieve high detection accuracy with a low false positive rate.

Rongrong Fu,Kangfeng Zheng,Tianliang Lu,Dongmei Zhang,Yixian Yang

DOI: https://doi.org/10.4304/jnw.7.8.1214-1219

2012-01-01

Abstract:The resource constraint characteristic of sensor nodes make wireless sensor networks (WSN) very vulnerable to resource depletion attack such as DoS/DDos attack. On the other hand, the resource constraint characteristic also makes anomaly detection a challenging problem in WSN. To address the challenge, this paper presents an anomaly detection framework by taking the advantages of artificial immune system (AIS) and fuzzy theory. The proposed framework incorporates three components: local danger sensing, co-stimulation and global recognition. Due to the hierarchical structure and cooperative mechanism, the proposed model shows more advantages in detection performance than conventional method. The simulation results show that compared to watchdog method, the proposed method can provide higher detection rate and lower false detection rate. Moreover, the propose method shows advantages in flexibility and adaptability.

Haiguang Chen,Peng Han,Xi Zhou,Chuanshan Gao

DOI: https://doi.org/10.1007/978-3-540-71549-8_9

2007-01-01

Abstract:Wireless Sensor Networks (WSNs) have an excellent application to monitor environments such as military surveillance and forest fire. However, WSNs are of interest to adversaries in many scenarios. They are susceptible to some types of attacks because they are deployed in open and unprotected environments. The WSNs are constituted of scarce resource devices. These security mechanisms which used for wired networks cannot be transferred directly to wireless sensor networks. In this paper we propose lightweight anomaly intrusions detection. In the scheme, we investigate different key features for WSNs and define some rules to building an efficient, accurate and effective Intrusion Detection Systems (IDSs). We also propose a moving window function method to gather the current activity data. The scheme fits the demands and restrictions of WSNs. The scheme does not need any cooperation among monitor nodes. Simulation results show that we proposed IDSs is efficient and accurate in detecting different kinds of attacks.

Wei SU,Ya-ping LIN,Zhi-qiang YOU,Yu-peng HU,Si-wang ZHOU

DOI: https://doi.org/10.3969/j.issn.1001-3695.2008.06.077

2008-01-01

Abstract:Wireless sensor networks(WSN) are characterized by the dense deployment of sensor nodes that continuously observe physical phenomenon.Due to high density in the network topology,sensor observations was highly correlated in the space domain.It could improve network performance drastically to adopt the spatial correlation.This paper proposed a circular spatial correlation model,which was more suitable for the application of WSN in anomaly detection.According to the fact that the observations of nodes,which had the same distance from an event source,were more correlated,and utilized the least square estimation to estimate the information of the event source based on the energy attenuation model.This paper also discussed the spatial correlation among the observations of nodes based on the new model.Experimental results show that,for the application of anomaly detection in WSN,estimation approach is two orders of magnitude accurate than that of the previous model when the number of representative nodes is larger than some small number.Consequently,the new model is able to exploit the spatial correlation more accurately and provides a better framework for the development of spatial correlation-based medium access control(MAC) protocol in WSN.

Xian-wei ZHOU,Pei WANG,Bo-ping QIN,Ji-hong SHEN

DOI: https://doi.org/10.3969/j.issn.1004-1699.2007.08.040

2007-01-01

Abstract:We propose a light local intrusion detection system (stand-alone IDS) for wireless sensor networks. Four kinds of agents: monitoring agent, detecting agent, response agent and controlling agent, one database connection interface and a response interface compose this system. Each Agent runs independently and carries out its assigned tasks. We also propose an intelligent optimization GM(1, 1) arithmetic as an anomaly detection technology to realize one detection agent, the experiment results will show that the arithmetic has good veracity even when modeling data is scarce.

XIAO Zheng-hong,XIE Zhan-fu,CHEN Zhi-gang

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2009.07.056

2009-01-01

Abstract:The results of analyzed in WSN intrusion detection system,an anomaly intrusion detection approach has been proposed by combing correlation coefficient,where the correlation coefficient of traffic prediction series and real traffic series of node is used to identify anomalous nodes. Experimental results demonstrate the efficiency of the proposed approach,compared with other methods,it has higher detection rate when the intensity of attacking is weaker.

Zhiping Kang,Honglin Yu,Qingyu Xiong,Haibo Hu

DOI: https://doi.org/10.1155/2014/709390

IF: 1.938

2014-01-01

International Journal of Distributed Sensor Networks

Abstract:Wireless sensor networks (WSNs) have been used extensively in a range of applications to facilitate real-time critical decision-making and situation monitoring. Accurate data analysis and decision-making rely on the quality of the WSN data that have been gathered. However, sensor nodes are prone to faults and are often unreliable because of their intrinsic natures or the harsh environments in which they are used. Using dust data from faulty sensors not only has negative effects on the analysis results and the decisions made but also shortens the network lifetime and can waste huge amounts of limited valuable resources. In this paper, the quality of a WSN service is assessed, focusing on abnormal data derived from faulty sensors. The aim was to develop an effective strategy for locating faulty sensor nodes in WSNs. The proposed fault detection strategy is decentralized, coordinate-free, and node-based, and it uses time series analysis and spatial correlations in the collected data. Experiments using a real dataset from the Intel Berkeley Research Laboratory showed that the algorithm can give a high level of accuracy and a low false alarm rate when detecting faults even when there are many faulty sensors.

Chunyan An,Yingyi Liu,Qi Li,Pengbo Si

DOI: https://doi.org/10.3390/electronics13173482

IF: 2.9

2024-09-03

Electronics

Abstract:As electronic sensors and sensor networks advance, perception data are increasingly characterized by mixed attributes. Traditional anomaly detection methods predominantly focus on numerical attributes. In this paper, we introduce a weighted neighborhood information network (WNIN)-enabled anomaly detection method tailored for mixed-attribute data from electronic sensors and sensor networks. Firstly, we employ the analytic hierarchy process (AHP) to analyze the security of sensor networks, leveraging a hierarchical electronic sensor network model to construct a hierarchical perception security architecture for anomaly detection. Subsequently, a neighborhood information system is established to ascertain the relationships between data objects with mixed attributes. We then develop the WNIN to encapsulate the relationships, and a state-transferring probability matrix based on data object similarity is derived. Ultimately, a random wandering process within the WNIN is executed, and the importance of data objects is evaluated using the steady-state distribution vector, thereby determining the anomaly data. Simulation outcomes reveal that our proposed method attains superior anomaly detection rates compared with existing methods.

engineering, electrical & electronic,computer science, information systems,physics, applied

Qian Liu,Yang,Xuesong Qiu

DOI: https://doi.org/10.1109/apnoms.2015.7275424

2015-01-01

Abstract:Fault detection in wireless sensor networks is a crucial and challenging task. Many detection approaches relying on specific rules or inference models have been proposed to distinguish faulty sensors by exploring spatial-temporal correlations among sensor readings. However, these approaches may require high communication overhead or computational cost, and many potential faulty sensors that may not generate anomalous sensor readings remain undetected. In this paper, we propose a metric-correlation-based distributed fault detection (MCDFD) approach. It is motivated by the fact that the correlations between sensor nodes' system metrics usually perform regularly, whereas abnormity of such correlations indicates failures. MCDFD explores sensor nodes' internal metric correlations using correlation value matrixes. An improved cumulative summation (CUSUM) algorithm is used to track gradual changes or abrupt changes. Once any changes occur in correlation value time sequences, potential failures can be detected. The apply of metric correlations has made MCDFD with high-energy efficiency and low computational complexity, since no communication overhead is incurred and CUSUM algorithm is simple for computation. Simulation results demonstrate MCDFD performs well in respects of higher detection accuracy and lower false positive rate even under high node failure ratios and dense distribution conditions.

Fangfang Li,Zhibo Feng

DOI: https://doi.org/10.1109/ICCSNT.2011.6182185

2012-01-01

Abstract:Wireless Sensor Networks (WSNs) have developed rapidly for recent years, and have been widely used in various applications. But sensor nodes are vulnerable to noises to yield errors for their limited power and energy. In this paper, an efficient real-time event detection approach based on temporal-spatial correlations of sensing data is proposed. The method can eliminate the influence of errors by temporal linear compare and spatial vertical compare to the accuracy of query results, at the same time, it can satisfy real time requirements issued by the users. Experimental results validate that this approach can improve the precision and reliability of event detection.

Shashank Gavel,Ajay Singh Raghuvanshi,Sudarshan Tiwari

DOI: https://doi.org/10.1002/nem.2144

2020-12-02

International Journal of Network Management

Abstract:Real‐time sensing plays an important role in ensuring the reliability of industrial wireless sensor networks (IWSNs). Sensor nodes in IWSNs have inherent limitations that give rise to different anomalies in the network. These anomalies can lead to disastrous and harmful situations or even serious system failures. This article presents a formulation to the design of an anomaly detection scheme for detecting the anomalous node along with the type of anomaly. The proposed scheme is divided into two major parts. First, spatiotemporal correlation within a cluster is obtained for the normal and anomalous behavior of sensor nodes. Second, the multilevel hybrid classifier is used by combining the sequential minimal optimization support vector machine (SMO‐SVM) as a binary classifier with optimally pruned extreme learning machine (OP‐ELM) as a multiclass classifier for detection of an anomalous node and type of anomalies, respectively. Mahalanobis distance‐based lightweight K‐Medoid clustering is used to build a new set of training datasets that represents the original training dataset, by significantly reducing the training time of a multilevel hybrid classifier. Results are analyzed using standard WSN datasets. The proposed model shows high accuracy, i.e., 94.79% and detection rate, i.e., 94.6% with a reduced false positive rate as compared to existing hybrid methods.

computer science, information systems,telecommunications

Po-Yu Chen,Shusen Yang,Julie A. McCann

DOI: https://doi.org/10.1109/TIE.2014.2350451

2015-01-01

Abstract:Reliable real-time sensing plays a vital role in ensuring the reliability and safety of industrial cyber-physical systems (CPSs) such as wireless sensor and actuator networks. For many reasons, such as harsh industrial environments, fault-prone sensors, or malicious attacks, sensor readings may be abnormal or faulty. This could lead to serious system performance degradation or even catastrophic failure. Current anomaly detection approaches are either centralized and complicated or restricted due to strict assumptions, which are not suitable for practical large-scale networked industrial sensing systems (NISSs), where sensing devices are connected via digital communications, such as wireless sensor networks or smart grid systems. In this paper, we introduce a fully distributed general anomaly detection (GAD) scheme, which uses graph theory and exploits spatiotemporal correlations of physical processes to carry out real-time anomaly detection for general large-scale NISSs. We formally prove the scalability of our GAD approach and evaluate the performance of GAD for two industrial applications: building structure monitoring and smart grids. Extensive trace-driven simulations validate our theoretical analysis and demonstrate that our approach can significantly outperform state-of-the-art approaches in terms of detection accuracy and efficiency.

Nengsong Peng,Weiwei Zhang,Hongfei Ling,Yuzhao Zhang,Lixin Zheng

DOI: https://doi.org/10.3390/info9090236

2018-09-18

Information

Abstract:A key issue in wireless sensor network applications is how to accurately detect anomalies in an unstable environment and determine whether an event has occurred. This instability includes the harsh environment, node energy insufficiency, hardware and software breakdown, etc. In this paper, a fault-tolerant anomaly detection method (FTAD) is proposed based on the spatial-temporal correlation of sensor networks. This method divides the sensor network into a fault neighborhood, event and fault mixed neighborhood, event boundary neighborhood and other regions for anomaly detection, respectively, to achieve fault tolerance. The results of experiment show that under the condition that 45% of sensor nodes are failing, the hit rate of event detection remains at about 97% and the false negative rate of events is above 92%.

Daniel-Ioan Curiac,Constantin Volosencu

DOI: https://doi.org/10.1016/j.eswa.2012.02.036

IF: 8.5

2012-08-01

Expert Systems with Applications

Abstract:Wireless sensor networks are often used to monitor and measure physical characteristics from remote and sometimes hostile environments. In these circumstances the sensing data accuracy is a crucial attribute for the way these applications complete their objectives, requiring efficient solutions to discover sensor anomalies. Such solutions are hard to be found mainly because the intricate defining of the correct sensor behavior in a complex and dynamic environment. This paper tackles the sensing anomaly detection from a new perspective by modeling the correct operation of sensors not by one, but by five different dynamical models, acting synergically to provide a reliable solution. Our methodology relies on an ensemble based system composed of a set of diverse binary classifiers, adequately selected, to implement a complex decisional system on network base station. Moreover, every time a sensing anomaly is discovered, our ensemble offers a reliable estimation to replace the erroneous measurement provided by sensor.

computer science, artificial intelligence,engineering, electrical & electronic,operations research & management science