Abstract
Intrusion Detection System (IDS) is usually regarded as the second secure defense of network. However, traditional IDS cannot be suitable to deploy in Wireless Sensor Networks (WSN) because of the nature of WSN (e.g. self-origination, resource-constraint, etc). In this paper, we propose a kind of three-logic-layer architecture of Intrusion Detection System (IDS)-SAID by employing the agent technology and thought of immune mechanism. It has two work modes: 1) active work mode to improve the effectiveness and intelligence for unknown attacks; 2) passive work mode to detect and defend known attacks. The basic functions of these three layers, intrusion response, evolution approach of agent and knowledge base are also presented in this paper. Furthermore, we take advantages of local intrusion detection system and distributive & cooperative intrusion detection system to have a tradeoff among the security of WSN and communication overhead. We also design three kinds of light-weight agents: monitor agents, decision agents and defense agents in order to reduce communication overhead, computation complexity and memory cost. The analysis and experiment result illustrate that SAID has nice properties to defend attacks, and suitable to deploy in WSN.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Karlof, C., Wagner, D.: Secure routing in wireless sensor networks: Attacks and countermeasures. In: Proceedings of the 1st IEEE International. Workshop on Sensor Network Protocols and Applications, Anchorage, AK. May 11, 2003, IEEE, Los Alamitos (2003)
Newsome, J., Shi, E., Song, D., Perrig, A.: The Sybil Attack in Sensor Networks: Analysis & Defenses. In: IPSN’04, April 26–27 (2004)
Hu, Y.-C., Perrig, A., Johnso, D.B.: Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks. In: Proc. of the Twenty-second Annual Joint Conference of the IEEE Computer and Communications Societies (INFOCOM 2003), San Francisco, April, 2003, pp. 1976–1986. IEEE Computer Society Press, Los Alamitos (2003)
Alpcan, T., Basar, T., Game, A.: Theoretic Approach to Decision and Analysis in Network Intrusion Detecion. In: Proceeding of the 42nd IEEE conference on Decision and Control, December, 2003, IEEE Computer Society Press, Los Alamitos (2003)
Agah, A., Das, S.K., Basu, K.: A game theory based approach for security in wireless sensor networks. In: IPCCC 2004, IEEE Computer Society Press, Los Alamitos (2004)
Siraj, A., Vaughn, R.B., Bridges, S.M.: Intrusion Sensor Data Fusion in an Intelligent Intrusion Detection System Architecture. In: Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS’04) - Track 9 (2004)
Harmer, P.K., Williams, P.D., Gunsch, G.H., Lamont, G.B.: An artificial immune system architecture for computer security applications. IEEE Trans. Evolutionary Computation 6(3), 252–280 (2002)
Kruegel, C., Toth, T.: Applying Mobile Agent Technology to Intrusion Detection. In: Proceedings of the ICSE Workshop on Software Engineering and Mobility, Canada, May (2001)
Albers, P., Camp, O.: Security in Ad Hoc Networks: a General Intrusion Detection Architecture Enhancing Trust Based Approaches. In: First International Workshop on Wireless Information System, 4th International Conference on Enterprise Information System (2002)
Kachirski, O., Guha, R.: Elective Intrusion Detection Using Multiple Sensors in Wireless Ad Hoc Networks. In: Proceedings of the 36th Annual Hawaii International Conference on System Sciences (HICSS’03), 1 January, p. 57 (2003)
Banerjee, S., Groşan, C., Abraham, A., Mahanti, P.K.: Intrusion Detection on Sensor Networks Using Emotional Ants. International Journal of Applied Science and Computations 12(3), 152–173 (2005)
Zhang, Y., Lee, W., Huang, Y.: Intrusion Detection Techniques for Mobile Wireless Networks. ACM/Kluwer Wireless Networks Journal (ACM WINET)Â 9(5) (2003)
Sterne, D., Balasubramanyam, P., Carman, D., Wilson, B., Talpade, R., Ko, C., Balupari, R., Tseng, C.-Y., Bowen, T., Levitt, K., Rowe, J.: A General Cooperative Intrusion Detection Architecture for MANETs. In: Proceedings of the 3rd IEEE International Workshop on Information Assurance (IWIA’05), March 2005, pp. 57–70. IEEE Computer Society Press, Los Alamitos (2005)
Anantvalee, T., Wu, J.: A Survey on Intrusion Detection in Mobile Ad Hoc. In: Xiao, Y., Shen, X., Du, D.-Z. (eds.) Wireless/Mobile Network Security, pp. 170–196. Springer, Heidelberg (2006)
Su, C.-C., Chang, K.-M., Horng, M.-F., Kuo, Y.-H.: The New Intrusion Prevention and Detection Approaches for Clustering-based Sensor Networks. In: 2005 IEEE Wireless Communications and Networking Conference (WCNC05), New Orleans, USA, Mar. 2005, IEEE, Los Alamitos (2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2007 Springer Berlin Heidelberg
About this paper
Cite this paper
Ma, J., Zhang, S., Zhong, Y., Tong, X. (2007). SAID: A Self-Adaptive Intrusion Detection System in Wireless Sensor Networks. In: Lee, J.K., Yi, O., Yung, M. (eds) Information Security Applications. WISA 2006. Lecture Notes in Computer Science, vol 4298. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-71093-6_5
Download citation
DOI: https://doi.org/10.1007/978-3-540-71093-6_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-71092-9
Online ISBN: 978-3-540-71093-6
eBook Packages: Computer ScienceComputer Science (R0)