傅蓉蓉,郑康锋,芦天亮,杨义先

2012-01-01

Journal of Communications

Abstract:According to the challenges of intrusion detection technique for wireless sensor networks,a danger theory in-spired intrusion detection model was proposed by taking advantage of the working principle of artificial immune system.Due to the distributed and cooperative mechanism,the proposed model shows more advantages in detection performance and energy consumption than methods adopt promiscuous to get global knowledge.The simulation results show that compared to traditional Watchdog algorithm with single threshold and self-nonself(SNS)model,the model inspired by danger theory can provide highest correct detection rate and lowest false detection rate.Moreover,the model can also decrease the energy consumption of the system.

PAN Ju-long,LI Shan-ping,ZHANG Dao-yuan

DOI: https://doi.org/10.3785/j.issn.1008-973x.2012.01.12

2012-01-01

Abstract:A new method using game theoretic approach with multiple detecting nodes within one cluster was proposed after clusters were formed by using low-energy adaptive clustering hierarchy(LEACH)-C router protocol in order to detect and distinguish suspicious nodes in wireless sensor network.A suspicious node in a cluster is determined as malicious or normal one by the cluster-head using majority voting principle after all its neighbor's decisions are collected.A symmetrical encryption algorithm is used to secure the neighbor's result transmission.If the suspicious node is malicious,the final detecting result will be broadcasted to all nodes within this cluster and the suspicious one will be isolated in order to decrease the risk of invasion.The energy consume of both attacker and defender in the game is considered to fit the wireless sensor network environment.Experimental results show that the multiple detecting nodes scheme is feasible and effective to use game theoretic approach in wireless sensor network,and the detection precision is promoted.

Junkun Li,Jiming Chen,Ten H. Lai

DOI: https://doi.org/10.1109/tw.2013.072313.122083

2012-01-01

Abstract:Intrusion detection is a significant application in wireless sensor networks (WSNs). S. Kumar et al have introduced the concept of barrier coverage, which deploys sensors in a narrow belt region to guarantee that any intrusion across the region is to be detected. However, the practical issues have not been investigated such as scheduling sensors energy-efficiently while guaranteeing the detection probability of any intrusion across the region based on probabilistic sensing model, which is a more realistic sensing model. Besides, the intruders may be humans, animals, fighter planes or other things, which obviously have diverse moving speeds. In this paper, we analyze the detection probability of arbitrary path across the barrier of sensors theoretically and take the maximum speed of possible intruders into consideration since the sensor networks are designed for different intruders in different scenarios. Based on the theoretical analysis of detection probability, we formulate a Minimum Weight ∈-Barrier Problem about how to schedule sensors energy-efficiently. We show the problem NP-hard and propose a bounded approximation algorithm, called Minimum Weight Barrier Algorithm (MWBA) to schedule the activation of sensors. To evaluate our design, we analyze the performance of MWBA theoretically and also perform extensive simulations to demonstrate the effectiveness of our proposed algorithm.

Xin Xiao,Ruirui Zhang

DOI: https://doi.org/10.1007/s13369-017-2426-1

IF: 2.807

2017-01-01

Arabian Journal for Science and Engineering

Abstract:With the popularity of wireless sensor networks in areas such as military, environmental monitoring, and medical applications, the security problem is increasingly outstanding. The characteristics and constraint conditions of wireless sensor networks such as computing ability, storage space, and battery have brought huge challenges in intrusion detection study. Inspired by the dendritic cell differentiation theory of congenital immune mechanism in biological immune system, this paper put forward a real-time intrusion detection model. The model elaborates the biological differentiation mechanism of dendritic cells. In addition, the model abstracts the dendritic cell information fusion process, defines the meanings and functions of external signals which are applied to wireless sensor networks, and defines the mathematical evolution model of dendritic cells. This paper improves the dendritic cell algorithm, named DCA-RT, which implements the distributed deployment and performs real-time intrusion detection. In this paper, performances of the model are analyzed, including the scalability, robustness, and complexity, and experimental results show that the model has better detection performance and reduces the system energy consumption.

Ruirui Zhang,Xin Xiao

DOI: https://doi.org/10.1155/2019/5451263

IF: 2.336

2019-01-01

Journal of Sensors

Abstract:Inspired by the biological immune system, many researchers apply artificial immune principles to intrusion detection in wireless sensor networks, such as negative selection algorithms, danger theory, and dendritic cell algorithms. When applying the negative selection algorithm to wireless sensor networks, the characteristics of wireless sensor networks, such as frequent changes in network topology and limited resources, are not considered too much, which makes the detection effect to need improvement. In this paper, a negative selection algorithm based on spatial partition is proposed and applied to hierarchical wireless sensor networks. The algorithm first analyzes the distribution of self-set in the real-valued space then divides the real-valued space, and several subspaces are obtained. Selves are filled into different subspaces. We implement the negative selection algorithm in the subspace. The randomly generated candidate detector only needs to be tolerated with selves in the subspace where the detector is located, not all the selves. This operation reduces the time cost of distance calculation. In the detection process of detectors, the antigen which is to be detected only needs to match the mature detectors in the subspace where the antigen is located, rather than all the detectors. This operation speeds up the antigen detection process. Theoretical analysis and experimental results show that the algorithm has better time efficiency and quality of detectors, saves sensor node resources and reduces the energy consumption, and is an effective algorithm for wireless sensor network intrusion detection.

Zhang Ruirui,Li Tao,Xiao Xin,Shi Yuanquan

DOI: https://doi.org/10.1007/978-3-642-24091-1_28

2010-01-01

Abstract:A new method of intrusion detection based on the danger theory and the cloud model is presented in this paper. The main idea of danger signal generation mechanism of this method is stated as follows. Antigen apoptosis and necrosis will affect antibody concentrations. This paper has defined the concentration variability functions concerned and divided the risk levels. Changes of antibody concentrations in the immune system are determined by the cloud model, and then danger signals will be sent according to the changes. This method has successfully solved the problems of high false positive rate and high false negative rate. The theoretical analysis and experimental results show that the method is effective to intrusion detection with advantages of diversity, real-time and adaptability.

Yu Jiang,Jie Huang

DOI: https://doi.org/10.1155/2015/848636

IF: 1.938

2016-01-01

International Journal of Distributed Sensor Networks

Abstract:Wireless sensor network is vulnerable to malicious attacks because of the broadcast nature of wireless signal. In order to overcome the shortcomings of existing methods, this paper presents an intrusion tolerance method against malicious nodes. Different from the traditional intrusion tolerance methods based on encryption, authentication, and multirouting, the proposed method uses active protection to achieve intrusion tolerance. Small power consumption of many normal nodes is exchanged for large power consumption of relatively small number of malicious nodes to decrease the lifetime of malicious nodes. Theoretical analysis and test results show that the proposed methods not only prolong the lifetime of the sensor network but also achieve the effective protection against malicious nodes. The active protection method provides new ideas for the security in WSN.

Xinyu Huang,Yuanming Wu

DOI: https://doi.org/10.1109/jsen.2022.3166601

IF: 4.3

2022-01-01

IEEE Sensors Journal

Abstract:Wireless sensor networks (WSNs) are prone to attack due to open work conditions and broadcast communication. The selective forwarding attack, one of the inner attacks in WSNs, is the hardest attack to detect among denial of service (DoS) attacks. The malicious nodes which launch the selective forwarding attack will drop part of or all the data packets they received. Many proposed detection methods against selective forwarding attacks have low accuracy or high algorithm complexity, especially when the attacker works its way in the network along with several attacks, such as blackhole, wormhole, and Distributed Denial of Service (DDoS). Here, an artificial immune system based on the danger model is established to detect network attacks. To promote detection accuracy and reduce computation, we have proposed a screen-confirm scheme. In the screening phase, the scheme first obtains the danger signals from nodes' energy consumption, forwarding rate, connect duration, transmission frequency, and transmission time, then it screens out the suspected selective forwarding attacks from DoS attacks using a support vector machine (SVM). After that, in the confirming phase, we select an optimal danger threshold and calculate the outputs of the suspected ones, then confirm them by comparing outputs and threshold. The simulation results show that our scheme's missing detection rate (MDR) is close to 1.3% and keeps the false detection rate (FDR) lower than 4.3% when the malicious ratio is 10%. Moreover, compared with other related work, our proposed method offers a lower algorithm complexity.

engineering, electrical & electronic,instruments & instrumentation,physics, applied

XIE Bi-wei,HE Jing-sha

2012-01-01

Abstract:Wireless Sensor Networks (WSNs)?are vulnerable to security attacks which can reduce network performance or even cause network collapse. Intrusion detection technology acts as an active intrusion prevention technology, which can provide a dynamic monitoring system to counter the intrusions as a second line of defense. This paper proposed a new approach aiming at a high detection positives and low energy consumption by emphasizing the detection on critical nodes. Our proposal pays main attention on critical nodes to gain overall efficiency by calculating the potential damage cost (PDC) that the attacks cause.

Xu Huang,Muhammad R. Ahmed,Hongyan Cui,Li Shutao

2013-01-01

Abstract:The next generation of WSN will benefit when sensor data is added to blogs, virtual communities, and social network applications. Wireless sensor networks (WSNs) are popular now as distributed networks exposed to an open environment, collecting of self-organized nodes with limited computation and communication capabilities and energy covering deployed areas that interested by the controllers. WSNs have been as aware of environmental technologies such as sound, water contamination, temperature, pressure, motion and other pollutants. However, as wireless communication becomes all sectors of daily life, the security threats to WSNs become increasingly diversified, prevention based due to the open nature of the wireless medium. The node in a WSN is called compromised becomes another major problem of WSN security because it allows an adversary to enter inside the security perimeter of the network and launch attacks, which has raised a serious challenge for WSNs. This paper is focusing on investigating integrating wireless sensor networks with cloud computing with the case that internal attacks of WSNs with multi-hop and single sinker for the future network, such as compromised nodes in a deployed WSN, where we first present our novel protecting algorithm to WSN to protect it with the evidences that our novel algorithm works efficiently and effectively. Our new algorithm takes advantages from uncertain decisions, which means there is no need to know the structure before we check the network. It is involved in the posteriori probability of binary events represented by the beta family of density functions and Dempester Shafer theory (DST). AS it has no need to have any knowledge about the structure of the network, it will be flexible to use in real life.

CHAI Zheng-yi,LIU Fang

DOI: https://doi.org/10.3969/j.issn.1007-5321.2010.03.008

2010-01-01

Abstract:In order to effectively assess the risk of network risk,and to take effective prevention measures,featuring with real-time and quantitative detection,a danger-theory and Antibody-concentration based perception model for network risk is proposed.Based on dynamic self-sets,the mathematical model and dynamic equations for self-tolerance and various antibody are designed.The quantify description of antibody concentration is given.The candidate detector is generated from both random and detector genelib.Furthermore,the vaccination are introduced to enhance the active detection.Simulations are done to test the model.The experiments prove that the model can detect the intrusion attacks effectively and evaluate the risk of both host and network including each attack and the whole attacks.If the model is transformed properly,it also can be applied to the fields of virus detection and spam mail recognition.

Xueqiang Yin,Shining Li

DOI: https://doi.org/10.1186/s13638-019-1524-z

2019-01-01

EURASIP Journal on Wireless Communications and Networking

Abstract:Trust management is considered as an effective complementary mechanism to ensure the security of sensor networks. Based on historical behavior, the trust value can be evaluated and applied to estimate the reliability of the node. For the analysis of the possible attack behavior of malicious nodes, we proposed a trust evaluation model with entropy-based weight assignment for malicious node’s detection in wireless sensor networks. To mitigate the malicious attacks such as packet dropping or packet modifications, multidimensional trust indicators are derived from communication between adjacent sensor nodes, and direct and indirect trust values will be estimated based on the corresponding behaviors of those sensor nodes. In order to improve the validity of trust quantification and ensure the objectivity of evaluation, the entropy weight method is applied to determine the proper value of the weight. Finally, the indirect trust value and direct trust value are synthesized to obtain the overall trust. Experimental results show that the proposed scheme performs well in terms of the identification of malicious node.

George S. Oreku,Tamara Pazynyuk

DOI: https://doi.org/10.1007/978-3-319-21269-2_3

2016-01-01

Abstract:Wireless sensor networks have recently emerged as an important means to study and interact with physical world. In previous era, castles were surrounded by moats (deep trenches, filled with water, and even alligators) to prevent or discourage intrusion attempts. Today one can replace such barriers with stealthy and wireless sensors. In this paper, we develop mathematical foundations model using barriers concept to design secure wireless sensors nodes. Security becomes one of the major concerns when there are potential attacks against sensor network nodes. Thus we have designed fundamental security in disk shaped to provide basic security elements that can be implemented in various sensor nodes. The mathematical models introduced in this paper are flexible and efficient to be embedded in sensor nodes and can create a suitable nodes components security in hostile environments. We also demonstrate how these nodes can be deployed in wall and belt form to fulfill their tasks.

LIU Ning,FAN Xun-li,ZHAO Jian-hua

DOI: https://doi.org/10.3969/j.issn.1671-8755.2009.01.015

2009-01-01

Abstract:To improve the safety of wireless sensor network(WSN),this paper designs a intrusion detection system model for WSN,based on the character of its limited energy;a way to use Multi-node joint collaboration is come true,an algorithm based anomaly attack detection was applied on the intrusion detection node and an algorithm of how to choose the node with the largest energy was applied on the NC node.At the end,the experiment was carried out based on this model.Simulation results of this system has good safety with less resource overhead.

Xiheng ZHAO,Xiaomin HE,Liang XU,Xiuxi LI

DOI: https://doi.org/10.3969/j.issn.1004-1699.2014.05.017

2014-01-01

Abstract:Addressing to fault characteristic of wireless sensor networks( WSNs) and self-learning of fault diagnosis, an approach of node fault diagnosis algorithm based on immune danger theory for WSNs is presented in this paper. This method can identify dangerous sources with triggering thresholds of dangers. An antibody base is generated by the genetic algorithms. A multi-antibody classifier is based on the K-nearest neighbor and applied to diagnose faults for WSNs. The antibody base is updated by tracing the change of the fault data. The experiments show that the proposed method is more effective on performance of algorithms, more accurate on fault diagnosis, and less on computing resource of hardware,as well as of dynamically updating characteristics with a limit training data.

Du Ruiying,Xu Mingdi,Zhang Huanguo

DOI: https://doi.org/10.1007/bf02831804

2006-01-01

Abstract:Cryptography and authentication are traditional approach for providing network security. However, they are not sufficient for solving the problems which malicious nodes compromise whole wireless sensor network leading to invalid data transmission and wasting resource by using vicious behaviors. This paper puts forward an extended hierarchical trusted architecture for wireless sensor network, and establishes trusted congregations by three-tier framework. The method combines statistics, economics with encrypt mechanism for developing two trusted models which evaluate cluster head nodes and common sensor nodes respectively. The models form logical trusted-link from command node to common sensor nodes and guarantees the network can run in secure and reliable circumstance.

Rongrong Fu,Kangfeng Zheng,Tianliang Lu,Dongmei Zhang,Yixian Yang

DOI: https://doi.org/10.4304/jnw.7.8.1214-1219

2012-01-01

Abstract:The resource constraint characteristic of sensor nodes make wireless sensor networks (WSN) very vulnerable to resource depletion attack such as DoS/DDos attack. On the other hand, the resource constraint characteristic also makes anomaly detection a challenging problem in WSN. To address the challenge, this paper presents an anomaly detection framework by taking the advantages of artificial immune system (AIS) and fuzzy theory. The proposed framework incorporates three components: local danger sensing, co-stimulation and global recognition. Due to the hierarchical structure and cooperative mechanism, the proposed model shows more advantages in detection performance than conventional method. The simulation results show that compared to watchdog method, the proposed method can provide higher detection rate and lower false detection rate. Moreover, the propose method shows advantages in flexibility and adaptability.

Chun XU,Xiao-jie LIU,Tao LI,Hui ZHAO,Nian LIU,Sun-jun LIU

DOI: https://doi.org/10.3969/j.issn.1009-3087.2007.05.023

2007-01-01

Abstract:A new denial of service intrusion detection model based on the immune danger theory was presented, according to the characteristic of denial of service intrusion. The model and the antibody evolution algorithm were designed and realized. In the model, antigen/antibody was classified by consanguinity, the procedure of antigen ap-optosis and necrosis were defined, and both danger signal and risk of network were calculated. This model can detect denial of service intrusion by the danger signal and risk of network. The results of the experiment showed that the method can not only keep the advantages of self-learning and self-adaptation of intrusion detection based on tradition artificial immune artificial immune, but also decrease the false positive rate by 87.5%.

Jinquan Zeng,Yan Fu,Jianbing Hu,AnLong Chen,Lingxi Peng

2008-01-01

Journal of Information and Computational Science

Abstract:Artificial Immune System (AIS) has been successful in many realms, especially in computer security, and the correlative algorithms rely on self-nonself discrimination, as stipulated in classical immunology. But when the algorithms are used in practical applications, scaling problems of self and nonself, computational efficiency, and the changing problems of self and nonself have to be addressed. Meanwhile, immunologists are increasingly finding faults with traditional self-nonself discrimination and a new Danger Theory (DT) is emerging. This new theory suggests that Human Immune System (HIS) is more concerned with damages than nonself and HIS reacts to threats through the correlation of danger signals. Based on the DT, within the context of computer system, immune response model is presented. In the model, the definitions of the danger signal, response type and intensity, and etc. are given. Then the producing method of the danger signal is put forth, and they are significant in incorporating the DT into computer security applications. 1548-7741/Copyright © 2008 Binary Information Press October 2008.

Zhihua Zhang,Hongliang Zhu,Shoushan Luo,Yang Xin,Xiaoming Liu

DOI: https://doi.org/10.1109/access.2017.2717387

IF: 3.9

2017-01-01

IEEE Access

Abstract:Security problems have become obstacles in the practical application of wireless sensor networks (WSNs), and intrusion detection is the second line of defense. In this paper, an intrusion detection based on dynamic state context and hierarchical trust in WSNs is proposed, which is flexible and suitable for constantly changing WSNs characterized by changes in the perceptual environment, transitions of states of nodes, and variations in trust value. A multidimensional two-tier hierarchical trust mechanism in the level of sensor nodes (SNs) and cluster heads (CHs) considering interactive trust, honesty trust, and content trust is put forward, which combines direct evaluation and feedback-based evaluation in the fixed hop range. This means that the trust of SNs is evaluated by CHs, and the trust of CHs is evaluated by neighbor CHs and BS; in this way, the complexity of evaluation is reduced without evaluations by all other CHs in networks. Meanwhile, the intrusion detection mechanism based on a self-adaptive dynamic trust threshold is described, which improves the flexibility and applicability and is suitable for cluster-based WSNs. The experiment simulation and evaluation indicate that the mechanism we proposed outperforms the existing typical system in malicious detection and resource overhead.