Limits...
A distributed signature detection method for detecting intrusions in sensor systems.

Kim I, Oh D, Yoon MK, Yi K, Ro WW - Sensors (Basel) (2013)

Bottom Line: In addition, the first step is modified to achieve efficient performance under limited computation resources.The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method.The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors.

View Article: PubMed Central - PubMed

Affiliation: School of Electrical and Electronic Engineering, Yonsei University, Seoul 120-749, Korea. ilkyu.kim19@gmail.com

ABSTRACT
Sensor nodes in wireless sensor networks are easily exposed to open and unprotected regions. A security solution is strongly recommended to prevent networks against malicious attacks. Although many intrusion detection systems have been developed, most systems are difficult to implement for the sensor nodes owing to limited computation resources. To address this problem, we develop a novel distributed network intrusion detection system based on the Wu-Manber algorithm. In the proposed system, the algorithm is divided into two steps; the first step is dedicated to a sensor node, and the second step is assigned to a base station. In addition, the first step is modified to achieve efficient performance under limited computation resources. We conduct evaluations with random string sets and actual intrusion signatures to show the performance improvement of the proposed method. The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method. The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors.

No MeSH data available.


Related in: MedlinePlus

The packet messages between sensor nodes and a base station.
© Copyright Policy
Related In: Results  -  Collection

License
getmorefigures.php?uid=PMC3673066&req=5

f5-sensors-13-03998: The packet messages between sensor nodes and a base station.

Mentions: Figure 5 indicates the overall message transmissions to conduct pattern matching between the sensor nodes and the base station. The payload data is transmitted by the encapsulated packet. Although the general WM system needs only the data field “string” in the packet payload to process the sensing data, additional fields that occupy small payload sizes are added. As we discussed in Sections 2.2 and 3.2, the sensor node compares the string field with the suffix and prefix tables. If a suspicious substring is detected, the position of the suffix is written on the checker array, and the total number of intrusion candidates is written on the counter field. The base station examines the partial substrings of the packet's payload using the bookmark data. The size of the packet is sufficient enough to contain the two additional fields because the ZigBee protocol provides a bandwidth of up to 20 KBps [2]. In addition, the data is compatible with other systems because the system uses general packet structures with minor conversions.


A distributed signature detection method for detecting intrusions in sensor systems.

Kim I, Oh D, Yoon MK, Yi K, Ro WW - Sensors (Basel) (2013)

The packet messages between sensor nodes and a base station.
© Copyright Policy
Related In: Results  -  Collection

License
Show All Figures
getmorefigures.php?uid=PMC3673066&req=5

f5-sensors-13-03998: The packet messages between sensor nodes and a base station.
Mentions: Figure 5 indicates the overall message transmissions to conduct pattern matching between the sensor nodes and the base station. The payload data is transmitted by the encapsulated packet. Although the general WM system needs only the data field “string” in the packet payload to process the sensing data, additional fields that occupy small payload sizes are added. As we discussed in Sections 2.2 and 3.2, the sensor node compares the string field with the suffix and prefix tables. If a suspicious substring is detected, the position of the suffix is written on the checker array, and the total number of intrusion candidates is written on the counter field. The base station examines the partial substrings of the packet's payload using the bookmark data. The size of the packet is sufficient enough to contain the two additional fields because the ZigBee protocol provides a bandwidth of up to 20 KBps [2]. In addition, the data is compatible with other systems because the system uses general packet structures with minor conversions.

Bottom Line: In addition, the first step is modified to achieve efficient performance under limited computation resources.The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method.The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors.

View Article: PubMed Central - PubMed

Affiliation: School of Electrical and Electronic Engineering, Yonsei University, Seoul 120-749, Korea. ilkyu.kim19@gmail.com

ABSTRACT
Sensor nodes in wireless sensor networks are easily exposed to open and unprotected regions. A security solution is strongly recommended to prevent networks against malicious attacks. Although many intrusion detection systems have been developed, most systems are difficult to implement for the sensor nodes owing to limited computation resources. To address this problem, we develop a novel distributed network intrusion detection system based on the Wu-Manber algorithm. In the proposed system, the algorithm is divided into two steps; the first step is dedicated to a sensor node, and the second step is assigned to a base station. In addition, the first step is modified to achieve efficient performance under limited computation resources. We conduct evaluations with random string sets and actual intrusion signatures to show the performance improvement of the proposed method. The proposed method achieves a speedup factor of 25.96 and reduces 43.94% of packet transmissions to the base station compared with the previously proposed method. The system achieves efficient utilization of the sensor nodes and provides a structural basis of cooperative systems among the sensors.

No MeSH data available.


Related in: MedlinePlus