Intrusion Detection Challenges In Wireless Sensor Networks: [Essay Example], 1396 words GradesFixer

Haven't found the right essay?

Get an expert to write your essay!


Professional writers and researchers


Sources and citation are provided


3 hour delivery

This essay has been submitted by a student. This is not an example of the work written by professional essay writers.

Intrusion Detection Challenges in Wireless Sensor Networks

Download Print

Pssst… we can write an original essay just for you.

Any subject. Any type of essay.

We’ll even meet a 3-hour deadline.

Get your price

121 writers online

Download PDF

Wireless Sensor Networks

A sensor is a device, module, or subsystem whose purpose is to detect events or changes in its environment and send the information to other electronics, frequently a computer processor. A Wireless Sensor Network is one kind of wireless network includes a large number of circulating, self-directed, minute, low powered devices named sensor nodes called motes. These networks certainly cover a huge number of spatially distributed, little, battery-operated, embedded devices that are networked to caringly collect, process, and transfer data to the operators, and it has controlled the capabilities of computing and processing. Nodes are the tiny computers, which work jointly to form the network.

WSN Applications

These networks are used in environmental tracking, such as forest detection, animal tracking, flood detection, forecasting and weather prediction, and also in commercial applications like seismic activities prediction and monitoring.

Military applications, such as tracking and environment monitoring surveillance applications use these networks. The sensor nodes from sensor networks are dropped to the field of interest and are remotely controlled by a user. Enemy tracking, security detections are also performed by using these networks.

Health applications, such as Tracking and monitoring of patients and doctors use these networks.

The most frequently used wireless sensor networks applications in the field of Transport systems such as monitoring of traffic, dynamic routing management and monitoring of parking lots, etc. , use these networks.

Rapid emergency response, industrial process monitoring, automated building climate control, ecosystem and habitat monitoring, civil structural health monitoring, etc. , use these networks.

WSN Security

WSNs are vulnerable to many types of security attacks due to open wireless medium, multihop decentralized communication, and deployment in hostile and physically nonprotected areas.

Wireless sensor networks are vulnerable to security attacks due to the broadcast nature of the transmission medium. There are four aspects of a wireless sensor network that security must protect:

  • confidentiality
  • data integrity
  • service availability and energy.

Attacks on WSN

There are mainly two types of attack:

Active Attack

Active attacks are used to misdirect, temper, or drop packets. The unique characteristics such as wireless medium, contention-based medium access, multihop nature, decentralized architecture, and random deployment of such networks make them more vulnerable to security attacks at various layers.

Passive Attack

Passive attacks are silent in nature and are conducted to extract important information from the network. Passive attacks do not harm the network or network resources.

Layer Wise Attacks

Since WSN is based on 5 OSI layer (physical, Data Link, Network, Transport & Application Layer), few attacks are also categorized by layers.

Jamming: An adversary keeps sending useless signals making other nodes unable to communicate.

Tampering: An Attacker can tamper with nodes physically.

Collision: Attacker only need to disrupt part of the transmission.

Exhaustion: Retransmission repeatedly will cause battery exhaustion; In IEEE802. 11 based MAC, continuous RTS requests cause battery exhaustion at targeted neighbor.

Misdirection: Forwards messages along wrong paths; provide wrong route information.

Neglect and greed: Malicious and selfish nodes.

Homing: Nodes have special responsibilities are vulnerable.

Black holes: Attackers make neighbors to route traffic to them, but don’t relay the traffic.

Flooding: An attacker sends many connection establishment requests to victim, making the victim run out of resources.

De-synchronization: An attacker forges messages carrying wrong sequence number to one or both endpoints.

Beside these attacks there are few more

Sybil Attack: A malicious node behaves as if it were a larger number of nodes, for example by impersonating other nodes or simply by claiming false identities. In the worst case, an attacker may generate an arbitrary number of additional node identities, using only one physical device.

Attacks on the Mote: the attacker compromises few of the sensor nodes inside a WSN. An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations.

Components of IDS

Monitoring component is used for local events monitoring as well as neighbor’s monitoring. This component mostly monitors traffic patterns, internal events, and resource utilization. Analysis and detection module is the main component which is based on modeling algorithm. Network operations, behavior, and activities are analyzed, and decisions are made to declare them as malicious or not.

Alarm component is a response generating component, which generates an alarm in case of detection of an intrusion.

Types of IDS Based on identification techniques Ids is classified as:

Signature Based IDS

Here the signatures of different security attacks are maintained in a database. This kind of IDS is effective against well-known security attacks.

Issue: However, new attacks are difficult to be detected as their signatures would not be present in the database.

Anomaly Based IDS

The second type is anomaly-based IDS. This kind is effective to detect new attacks. Anomaly-based IDS monitors network activities and classifies them as either normal or malicious using heuristic approach. Most of anomaly-based IDSs identify intrusions using threshold values; that is, any activity below a threshold is normal, while any condition above a threshold is classified as an intrusion.

Issue: it sometimes misses to detect well-known security attacks. The reason is that anomaly-based IDSs do not maintain any database, but they continuously monitor traffic patterns or system activities.

Hybrid IDS

Combination of both anomaly-based and signature-based approaches. Hybrid mechanisms usually contain two detection modules; that is, one module is responsible of detecting well-known attacks using signatures, while the other is responsible for detecting and learning normal and malicious patterns or monitor network behavior deviation from normal profile. Hybrid IDSs are more accurate in terms of attack detection with less number of false positives. Issue: such mechanisms consume more energy and more resources. Hybrid IDSs are generally not recommended for a resource constraint networks such as a WSN.

Cross-Layer IDS

Cross layer design is a relatively new security technique in which different parameters across OSI layers are exchanged for optimal solution. Traditional IDS operate at a single layer of the OSI model and hence can monitor and detect intrusions at that particular layer. For example, network layer Intrusion Detection System can detect only routing attacks but cannot respond to MAC, physical, or transport layer anomalies. Cross layer IDSs have the capability to monitor and detect intrusions at multiple layers by communicating and exchanging parameters amongst different layers using cross layer interface. As we know, WSNs have many constraints in terms of computations, memory, and energy. Although cross layer IDS can detect many intrusions at different layers.

Issue: this technique consumes more energy and computational resources by monitoring, analyzing, and exchanging multilayer parameters.


IDS have the ability to detect an intrusion and raise an alarm for appropriate action. Due to the energy and computational power limitations, designing appropriate IDS for WSN is a challenging task.

Anomaly-based IDSs are suitable for small-sized WSNs where few nodes communicate with the base station. In small sized WSNs, the traffic pattern is mostly the same, so unusual traffic pattern or changing behaviour can be treated as an intrusion. However such IDS may generate more false alarms and may not be able to detect well-known intrusions. Anomaly-based IDSs are usually lightweight in nature and mostly use statistical, probabilistic, traffic analysis or intelligent techniques.

Signature-based IDSs are suitable for relatively large-sized WSNs, where more security threats and attacks can compromise network operations. Signature-based IDS needs more resources and computations as compared to anomaly-based IDS. One of the important and complex activities is the compilation and insertion of new attack signatures in the databases. Such IDSs mostly use data mining or pattern matching techniques.

Hybrid IDSs are suitable for large and sustainable WSNs. These IDSs have both anomaly-based and signature-based modules, so they require more resources and computations. To reduce the usage of limited resources, such mechanisms are mostly used in cluster based or hierarchical WSNs, in which some parts of the network are used to execute anomaly detection while other parts are accompanied with signature-based detection.

Cross layer IDSs are usually not recommended for a resource constraint networks such as WSNs, as it consumes more resources by exchanging parameters across the protocol suits for attack detection.


While designing a security mechanism, we must consider the limited resources of WSNs. Anomaly-based IDSs are lightweight in nature; however they create more false alarms. Signature-based IDSs are suitable for relatively large-sized WSNs; however they have some overheads such as updating and inserting new signatures. Cross layer IDSs are usually not recommended for networks having resources limitations, as more energy and computation are required for exchanging multilayer parameters.

Remember: This is just a sample from a fellow student.

Your time is important. Let us write you an essay from scratch

100% plagiarism free

Sources and citations are provided

Find Free Essays

We provide you with original essay samples, perfect formatting and styling

Cite this Essay

To export a reference to this article please select a referencing style below:

Intrusion Detection Challenges In Wireless Sensor Networks. (2020, March 16). GradesFixer. Retrieved November 30, 2020, from
“Intrusion Detection Challenges In Wireless Sensor Networks.” GradesFixer, 16 Mar. 2020,
Intrusion Detection Challenges In Wireless Sensor Networks. [online]. Available at: <> [Accessed 30 Nov. 2020].
Intrusion Detection Challenges In Wireless Sensor Networks [Internet]. GradesFixer. 2020 Mar 16 [cited 2020 Nov 30]. Available from:
copy to clipboard

Sorry, copying is not allowed on our website. If you’d like this or any other sample, we’ll happily email it to you.

    By clicking “Send”, you agree to our Terms of service and Privacy statement. We will occasionally send you account related emails.


    Attention! this essay is not unique. You can get 100% plagiarism FREE essay in 30sec

    Recieve 100% plagiarism-Free paper just for 4.99$ on email
    get unique paper
    *Public papers are open and may contain not unique content
    download public sample

    Sorry, we cannot unicalize this essay. You can order Unique paper and our professionals Rewrite it for you



    Your essay sample has been sent.

    Want us to write one just for you? We can custom edit this essay into an original, 100% plagiarism free essay.

    thanks-icon Order now

    Hi there!

    Are you interested in getting a customized paper?

    Check it out!
    Having trouble finding the perfect essay? We’ve got you covered. Hire a writer uses cookies. By continuing we’ll assume you board with our cookie policy.