Limits...
Detecting unknown attacks in wireless sensor networks that contain mobile nodes.

Banković Z, Fraga D, Moya JM, Vallejo JC - Sensors (Basel) (2012)

Bottom Line: The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques.These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion.The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.

View Article: PubMed Central - PubMed

Affiliation: Departamento de Ingeniería Electrónica, ETSI Telecomunicación, Universidad Politécnica de Madrid, Av. Complutense, 30, 28040 Madrid, Spain. zorana@die.upm.es

ABSTRACT
As wireless sensor networks are usually deployed in unattended areas, security policies cannot be updated in a timely fashion upon identification of new attacks. This gives enough time for attackers to cause significant damage. Thus, it is of great importance to provide protection from unknown attacks. However, existing solutions are mostly concentrated on known attacks. On the other hand, mobility can make the sensor network more resilient to failures, reactive to events, and able to support disparate missions with a common set of sensors, yet the problem of security becomes more complicated. In order to address the issue of security in networks with mobile nodes, we propose a machine learning solution for anomaly detection along with the feature extraction process that tries to detect temporal and spatial inconsistencies in the sequences of sensed values and the routing paths used to forward these values to the base station. We also propose a special way to treat mobile nodes, which is the main novelty of this work. The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques. These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion. The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.

Show MeSH

Related in: MedlinePlus

Reputation Evolution in Time and Space—Different Views.
© Copyright Policy
Related In: Results  -  Collection

License
getmorefigures.php?uid=PMC3472860&req=5

f2-sensors-12-10834: Reputation Evolution in Time and Space—Different Views.

Mentions: In order to illustrate the performance of the algorithm, in the first experiment the Sybil node is static (it is added at the position 26) and it has the valid ID of a mobile node. In Figure 2(a,b), we can observe from different angles that the reputations of both the Sybil node at the position 26 and the compromised mobile node have been significantly lowered, which means that we have successfully detected and confined the attack. In Figure 2(c), we present the top view, where we can distinguish the path of the compromised mobile node due to its decreased reputation.


Detecting unknown attacks in wireless sensor networks that contain mobile nodes.

Banković Z, Fraga D, Moya JM, Vallejo JC - Sensors (Basel) (2012)

Reputation Evolution in Time and Space—Different Views.
© Copyright Policy
Related In: Results  -  Collection

License
Show All Figures
getmorefigures.php?uid=PMC3472860&req=5

f2-sensors-12-10834: Reputation Evolution in Time and Space—Different Views.
Mentions: In order to illustrate the performance of the algorithm, in the first experiment the Sybil node is static (it is added at the position 26) and it has the valid ID of a mobile node. In Figure 2(a,b), we can observe from different angles that the reputations of both the Sybil node at the position 26 and the compromised mobile node have been significantly lowered, which means that we have successfully detected and confined the attack. In Figure 2(c), we present the top view, where we can distinguish the path of the compromised mobile node due to its decreased reputation.

Bottom Line: The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques.These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion.The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.

View Article: PubMed Central - PubMed

Affiliation: Departamento de Ingeniería Electrónica, ETSI Telecomunicación, Universidad Politécnica de Madrid, Av. Complutense, 30, 28040 Madrid, Spain. zorana@die.upm.es

ABSTRACT
As wireless sensor networks are usually deployed in unattended areas, security policies cannot be updated in a timely fashion upon identification of new attacks. This gives enough time for attackers to cause significant damage. Thus, it is of great importance to provide protection from unknown attacks. However, existing solutions are mostly concentrated on known attacks. On the other hand, mobility can make the sensor network more resilient to failures, reactive to events, and able to support disparate missions with a common set of sensors, yet the problem of security becomes more complicated. In order to address the issue of security in networks with mobile nodes, we propose a machine learning solution for anomaly detection along with the feature extraction process that tries to detect temporal and spatial inconsistencies in the sequences of sensed values and the routing paths used to forward these values to the base station. We also propose a special way to treat mobile nodes, which is the main novelty of this work. The data produced in the presence of an attacker are treated as outliers, and detected using clustering techniques. These techniques are further coupled with a reputation system, in this way isolating compromised nodes in timely fashion. The proposal exhibits good performances at detecting and confining previously unseen attacks, including the cases when mobile nodes are compromised.

Show MeSH
Related in: MedlinePlus