Here we propose a dynamic adjustment threshold approach included the long-term behavior change model and variety model for wireless sensor networks. When we got an observation value of one feature from the network, we could compare the obtained value with a threshold which is generated by these two models to test whether the obtained value is normal or not in WSN. When the anomalies occurred, the system could report alarms to base station. The advantages of our proposed scheme are that we could dynamically change the thresholds to fit the changes of node’s behaviors in the wireless sensor network that improves the precision of detecting anomalous behaviors in WSN environment especially node’s behaviors would change over time and also reduce the false alarm generating. In our experimental results, we used measured normal traffic data as an example to train our proposed scheme and then use measured traffic data which included abnormal values for testing. In Figure 5, we also see that the proposed scheme is efficient and can reduce the false alarms. In the future, we will try other statistical model to improve the efficiency of our trend model and variety model.
Reference
1. I.F. Akyildiz, W. Su, Y. Sankarasubramaniam, and E. Cayirci, “A Survey on Sensor Networks,” In IEEE Communication Magazine, August, 2002.
2. A. Perrig, J. Stankovic, and D. Wagner, “Security in Wireless Sensor Networks,” In Communications of the ACM, vol. 47, no. 6, June 2005
3. E. Shi, and A. Perrig, “Designing secure sensor networks,” In IEEE Wireless Communications, Dec 2004
4. L. Lamport, R. Shostak, and M. pease, “The Byzantine Generals Problem,”
In ACM Transaction Programming Languages and Systems, vol. 4, no. 3, pages 382-401, July 1982.
5. Chris Karlof, David Wagner, “Secure Routing in Wireless Sensor Networks:
Attacks and Countermeasures,” In Sensor Network Protocols and Applications, pages 113-127, May 2003.
6. A. Wood and J. Stankovic, “Denial of service in sensor networks,” In IEEE Computer, 35(10):54-62, October 2002.
7. Tanya Roosta, Shiuhpyng Shieh, Shankar Sastry, “Taxonomy of Security Attacks in Sensor Networks and Countermeasures.”
8. Fei GAO, Jizhou SUN, Zunce WEI, “THE PREDICTION ROLE OF HIDDEN MARKOV MODEL IN INTRUSION DETECTION,” In IEEE CCECE, vol. 2, pages 893-896, May 2003.
9. T. Park and K. G. Shin, “Lisp: A lightweight security protocol for wireless sensor networks,” In Transactions on Embedded Computing Systems, vol. 3, pages 634-660, 2004.
10. W. Du, J. Deng, Y. Han, S. Chen, and P. Varshney, “A Key Management Scheme for Wireless Sensor Networks Using Deployment Knowledge,” In IEEE Infocom, 2004.
11. D. Culler, D. Estrin, M. Srivastava, “Sensor Networks: an Overview,” In IEEE Magazine, Aug 2004.
12. D. E. Denning, “An Intrusion-Detection Model,” In IEEE Transactions on Software Engineering, vol. SE-13, no. 2, pages 222-232, Feb 1987
13. S. Staniford-Chen, S.Cheng, R. Crawford, and M. Dilger, “GRIDS – A Graph Based Intrusion Detection System for Large Networks,” In the 19th National Information Systems Security Conference, 1996.
14. L. Lazos, R. Poovendran, C. Meadows, P. Syverson, and L. W. Chang,
“Preventing Wormhole Attacks on Wireless Ad Hoc Networks: A Graph Theoretic Approach,” In IEEE Wireless Communications and Networking Conference (WCNC), 2005.
15. B. Carbunar, L. Loanidis, and C. Nita-Rotaru, “JANUS: Towards Robust and Malicious Resilient Routing in Hybrid Wireless Networks,” In ACM WiSe, Philadelphia, Pennsylvania, USA, October 2004.
16. Y-C. Hu, A. Perrig, and D. B. Johnson, “Rushing Attacks and Defense in Wireless Ad Hoc Network Routing Protocols,” In ACM WiSe, San Diego, Califonia, USA, September 2003.
17. Y-C. Hu, A. Perrig, D.B. Johnson, “Packet Leashes: A Defense against Wormhole Attacks in Wireless Ad Hoc Networks,” In IEEE INFOCOM, 2003.
18. S. S. Doumit, D. P. Agrawal, “Self-organized Critically & Stochastic Learning Based Intrusion Detection System for Wireless Sensor Networks,”
In MILCOM, Oct 2003.
19. Ana Paula R. da Silva, Marcelo H. T. Martins, Bruno P. S. Rocha, Antonio A.
F. Loureiro, Linnyer B. Ruiz, Hao Chi Wong, “Wireless network security I:
Decentralized intrusion detection in wireless sensor networks,” In Proceedings of the 1st ACM international workshop on Quality of service &
security in wireless and mobile networks, Oct 2005
20. Rodrigo Roman, Jianying Zhou, Javier Lopez, “Applying intrusion detection systems to wireless sensor networks,” In Consumer Communications and Networking Conference, 2006.
21. Agah, A.; Das, S.K.; Basu, K.; Asadi, M, “Intrusion detection in sensor networks: a non-cooperative game approach,” In Proceedings of Third IEEE International Symposium, pages 343 – 346, 2004
22. P. Techateerawat, A. Jennings, “Energy Efficiency of Intrusion Detection
Systems in Wireless Sensor Networks,” In 2006 IEEE/WIC/ACM International Conference, pages 227 – 230, Dec. 2006
23. Q. Fang, J. Gao, L. J Guibas, “Locating and Bypassing. Routing Holes in Sensor Networks,” In IEEE INFOCOM'04, March 2004.
24. W. Du, L. Fang, and P. Ning, “LAD: Localization Anomaly Detection for Wireless Sensor Networks,” In IPDPS, 2005.
25. Y.-P. Huang and C.-C. Huang, “The integration and application of fuzzy and grey modeling methods,” In Fuzzy Sets and Systems 78, pages 107-119, 1996
26. Y.-P. Huang and C.-H. Huang, “Real-valued genetic algorithms for fuzzy grey prediction system,” In Fuzzy Sets and Systems 87, pages 265-276,1997 27. Y.-P. Huang and Tai-Min Yu, “The hybrid grey-based models for temperature
prediction,” In IEEE SMC-B, Vol. 27, No. 2, , pages 284-292, Apr 1997 28. S.-F. Su, C.-B. Lin, Y.-T. Hsu, “A high precision global prediction approach
based on local prediction approaches,” In IEEE SMC-C, Vol.23, No.4, pages 416-425, Nov. 2002
29. Peyman Kabiri and Ali A. Ghorbani, “Research on Intrusion Detection and Response: A Survey,” In International Journal of Network Security, vol. 1, No. 2. pages 84-102, Sep 2005
30. F Anjum, D Subhadrabandhu, S Sarkar, R Shetty, “On optimal placement of intrusion detection modules in sensor networks,” In Broadband Networks, 2004
31. I Onat, A Miri, “An intrusion detection system for wireless sensor networks,”
In Wireless And Mobile Computing, Networking And Communication, 2005 32. ECH Ngai, J Liu, MR Lyu, “On the Intruder Detection for Sinkhole Attack in
Wireless Sensor Networks,” In IEEE ICC, 2006
33. C Baslie, M Gupta, Z Kalbarczyk, RK Iyer, “An Approach for Detecting and Distinguishing Errors versus Attacks in Sensor Networks,” In International Conference on Dependable Systems and Networks, 2006
34. J Newsome, E Shi, D Song, A Perrig, “The Sybil Attack in Sensor Networks:
Analysis & Defense,” In Information Processing in Sensor Networks, 2004.
35. Waldir Ribeiro Pires, J’unior Thiago, H. de Paula Figueiredo, Hao Chi Wong, Antonio A.F. Loureiro, “Malicious Node Detection inWireless Sensor Networks,” In Parallel and Distributed Proceeding Symposium, 2004
36. D. Subhadrabandhu, S. Sarkar, F. Anjum, “Efficacy of Misuse Detection in Adhoc Networks,” In Proceeding of the IEEE International Conference on Sensor and Ad hoc Communications and Networks (SECON), Santa Clara, CA, October 4-7, 2004
37. Yi-an Huang, Wenke Lee, “A Cooperative Intrusion Detection System for Ad Hoc Networks,” In Proceedings of the 1st ACM workshop on Security of ad hoc and sensor networks, Oct 2003
38. Yongguang Zhang, Wenke Lee, Yi-An Huang, “Intrusion detection techniques for mobile wireless networks,” In Wireless Networks, volume 9 Issue 5, Sep 2003