close
test_template

Intrusion Detection Challenges in Wireless Sensor Networks

Human-Written
download print

About this sample

About this sample

close
Human-Written

Words: 1396 |

Pages: 3|

7 min read

Published: Mar 19, 2020

Words: 1396|Pages: 3|7 min read

Published: Mar 19, 2020

Table of contents

  1. Wireless Sensor Networks
  2. WSN Applications
  3. WSN Security
  4. Attacks on WSN
  5. Active Attack
  6. Passive Attack
  7. Layer Wise Attacks
  8. Components of IDS
  9. Challenges
  10. Conclusion

Wireless Sensor Networks

A sensor is a device, module, or subsystem whose purpose is to detect events or changes in its environment and send the information to other electronics, frequently a computer processor. A Wireless Sensor Network is one kind of wireless network includes a large number of circulating, self-directed, minute, low powered devices named sensor nodes called motes. These networks certainly cover a huge number of spatially distributed, little, battery-operated, embedded devices that are networked to caringly collect, process, and transfer data to the operators, and it has controlled the capabilities of computing and processing. Nodes are the tiny computers, which work jointly to form the network.

WSN Applications

These networks are used in environmental tracking, such as forest detection, animal tracking, flood detection, forecasting and weather prediction, and also in commercial applications like seismic activities prediction and monitoring.

Military applications, such as tracking and environment monitoring surveillance applications use these networks. The sensor nodes from sensor networks are dropped to the field of interest and are remotely controlled by a user. Enemy tracking, security detections are also performed by using these networks.

Health applications, such as Tracking and monitoring of patients and doctors use these networks.

The most frequently used wireless sensor networks applications in the field of Transport systems such as monitoring of traffic, dynamic routing management and monitoring of parking lots, etc. , use these networks.

Rapid emergency response, industrial process monitoring, automated building climate control, ecosystem and habitat monitoring, civil structural health monitoring, etc. , use these networks.

WSN Security

WSNs are vulnerable to many types of security attacks due to open wireless medium, multihop decentralized communication, and deployment in hostile and physically nonprotected areas.

Wireless sensor networks are vulnerable to security attacks due to the broadcast nature of the transmission medium. There are four aspects of a wireless sensor network that security must protect:

  • confidentiality
  • data integrity
  • service availability and energy.

Attacks on WSN

Active Attack

Active attacks are used to misdirect, temper, or drop packets. The unique characteristics such as wireless medium, contention-based medium access, multihop nature, decentralized architecture, and random deployment of such networks make them more vulnerable to security attacks at various layers.

Passive Attack

Passive attacks are silent in nature and are conducted to extract important information from the network. Passive attacks do not harm the network or network resources.

Layer Wise Attacks

Since WSN is based on 5 OSI layer (physical, Data Link, Network, Transport & Application Layer), few attacks are also categorized by layers.

Jamming: An adversary keeps sending useless signals making other nodes unable to communicate.

Tampering: An Attacker can tamper with nodes physically.

Collision: Attacker only need to disrupt part of the transmission.

Exhaustion: Retransmission repeatedly will cause battery exhaustion; In IEEE802. 11 based MAC, continuous RTS requests cause battery exhaustion at targeted neighbor.

Misdirection: Forwards messages along wrong paths; provide wrong route information.

Neglect and greed: Malicious and selfish nodes.

Homing: Nodes have special responsibilities are vulnerable.

Black holes: Attackers make neighbors to route traffic to them, but don’t relay the traffic.

Flooding: An attacker sends many connection establishment requests to victim, making the victim run out of resources.

De-synchronization: An attacker forges messages carrying wrong sequence number to one or both endpoints.

Sybil Attack: A malicious node behaves as if it were a larger number of nodes, for example by impersonating other nodes or simply by claiming false identities. In the worst case, an attacker may generate an arbitrary number of additional node identities, using only one physical device.

Attacks on the Mote: the attacker compromises few of the sensor nodes inside a WSN. An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations.

Components of IDS

Monitoring component is used for local events monitoring as well as neighbor’s monitoring. This component mostly monitors traffic patterns, internal events, and resource utilization. Analysis and detection module is the main component which is based on modeling algorithm. Network operations, behavior, and activities are analyzed, and decisions are made to declare them as malicious or not.

Alarm component is a response generating component, which generates an alarm in case of detection of an intrusion.

Here the signatures of different security attacks are maintained in a database. This kind of IDS is effective against well-known security attacks.

Issue: However, new attacks are difficult to be detected as their signatures would not be present in the database.

The second type is anomaly-based IDS. This kind is effective to detect new attacks. Anomaly-based IDS monitors network activities and classifies them as either normal or malicious using heuristic approach. Most of anomaly-based IDSs identify intrusions using threshold values; that is, any activity below a threshold is normal, while any condition above a threshold is classified as an intrusion.

Issue: it sometimes misses to detect well-known security attacks. The reason is that anomaly-based IDSs do not maintain any database, but they continuously monitor traffic patterns or system activities.

Combination of both anomaly-based and signature-based approaches. Hybrid mechanisms usually contain two detection modules; that is, one module is responsible of detecting well-known attacks using signatures, while the other is responsible for detecting and learning normal and malicious patterns or monitor network behavior deviation from normal profile. Hybrid IDSs are more accurate in terms of attack detection with less number of false positives. Issue: such mechanisms consume more energy and more resources. Hybrid IDSs are generally not recommended for a resource constraint networks such as a WSN.

Cross layer design is a relatively new security technique in which different parameters across OSI layers are exchanged for optimal solution. Traditional IDS operate at a single layer of the OSI model and hence can monitor and detect intrusions at that particular layer. For example, network layer Intrusion Detection System can detect only routing attacks but cannot respond to MAC, physical, or transport layer anomalies. Cross layer IDSs have the capability to monitor and detect intrusions at multiple layers by communicating and exchanging parameters amongst different layers using cross layer interface. As we know, WSNs have many constraints in terms of computations, memory, and energy. Although cross layer IDS can detect many intrusions at different layers.

Issue: this technique consumes more energy and computational resources by monitoring, analyzing, and exchanging multilayer parameters.

Challenges

IDS have the ability to detect an intrusion and raise an alarm for appropriate action. Due to the energy and computational power limitations, designing appropriate IDS for WSN is a challenging task.

Anomaly-based IDSs are suitable for small-sized WSNs where few nodes communicate with the base station. In small sized WSNs, the traffic pattern is mostly the same, so unusual traffic pattern or changing behaviour can be treated as an intrusion. However such IDS may generate more false alarms and may not be able to detect well-known intrusions. Anomaly-based IDSs are usually lightweight in nature and mostly use statistical, probabilistic, traffic analysis or intelligent techniques.

Signature-based IDSs are suitable for relatively large-sized WSNs, where more security threats and attacks can compromise network operations. Signature-based IDS needs more resources and computations as compared to anomaly-based IDS. One of the important and complex activities is the compilation and insertion of new attack signatures in the databases. Such IDSs mostly use data mining or pattern matching techniques.

Hybrid IDSs are suitable for large and sustainable WSNs. These IDSs have both anomaly-based and signature-based modules, so they require more resources and computations. To reduce the usage of limited resources, such mechanisms are mostly used in cluster based or hierarchical WSNs, in which some parts of the network are used to execute anomaly detection while other parts are accompanied with signature-based detection.

Cross layer IDSs are usually not recommended for a resource constraint networks such as WSNs, as it consumes more resources by exchanging parameters across the protocol suits for attack detection.

Get a custom paper now from our expert writers.

Conclusion

While designing a security mechanism, we must consider the limited resources of WSNs. Anomaly-based IDSs are lightweight in nature; however they create more false alarms. Signature-based IDSs are suitable for relatively large-sized WSNs; however they have some overheads such as updating and inserting new signatures. Cross layer IDSs are usually not recommended for networks having resources limitations, as more energy and computation are required for exchanging multilayer parameters.

Image of Alex Wood
This essay was reviewed by
Alex Wood

Cite this Essay

Intrusion Detection Challenges In Wireless Sensor Networks. (2020, March 16). GradesFixer. Retrieved December 8, 2024, from https://gradesfixer.com/free-essay-examples/intrusion-detection-challenges-in-wireless-sensor-networks/
“Intrusion Detection Challenges In Wireless Sensor Networks.” GradesFixer, 16 Mar. 2020, gradesfixer.com/free-essay-examples/intrusion-detection-challenges-in-wireless-sensor-networks/
Intrusion Detection Challenges In Wireless Sensor Networks. [online]. Available at: <https://gradesfixer.com/free-essay-examples/intrusion-detection-challenges-in-wireless-sensor-networks/> [Accessed 8 Dec. 2024].
Intrusion Detection Challenges In Wireless Sensor Networks [Internet]. GradesFixer. 2020 Mar 16 [cited 2024 Dec 8]. Available from: https://gradesfixer.com/free-essay-examples/intrusion-detection-challenges-in-wireless-sensor-networks/
copy
Keep in mind: This sample was shared by another student.
  • 450+ experts on 30 subjects ready to help
  • Custom essay delivered in as few as 3 hours
Write my essay

Still can’t find what you need?

Browse our vast selection of original essay samples, each expertly formatted and styled

close

Where do you want us to send this sample?

    By clicking “Continue”, you agree to our terms of service and privacy policy.

    close

    Be careful. This essay is not unique

    This essay was donated by a student and is likely to have been used and submitted before

    Download this Sample

    Free samples may contain mistakes and not unique parts

    close

    Sorry, we could not paraphrase this essay. Our professional writers can rewrite it and get you a unique paper.

    close

    Thanks!

    Please check your inbox.

    We can write you a custom essay that will follow your exact instructions and meet the deadlines. Let's fix your grades together!

    clock-banner-side

    Get Your
    Personalized Essay in 3 Hours or Less!

    exit-popup-close
    We can help you get a better grade and deliver your task on time!
    • Instructions Followed To The Letter
    • Deadlines Met At Every Stage
    • Unique And Plagiarism Free
    Order your paper now