2. Contents
๏ Introduction
๏ Why is intrusion detection is needed?
๏ security threats
๏ Intrusion detection systems
๏ Conclusion
๏ References
3. Introduction
๏ Wireless sensor networks (WSN) is composed of
thousands of small sized, low cost, low power sensor
nodes which communicate with one another
wirelessly
๏ Sensor nodes do not have much computational
power, limiting the kinds of networking protocols
and security mechanisms they can apply.
4. Why intrusion detection is needed?
๏ Because of the wireless nature of WSNs, security is a
major issue.
๏ Attacker can easily listen to all the traffic and inject
their own, especially if the WSN is deployed in a
hostile environment.
5. Security threats
โขThere are four aspects of a wireless sensor network
that security must protect: Confidentiality, data
integrity, service availability, and energy
โข Wireless sensor networks are vulnerable to security attacks
due to the broadcast nature of the transmission medium.
โข Types of attacks: Passive attacks and Active attacks
6. Contโฆ
๏ Passive attacks
โข Monitor and Eavesdropping
โข Traffic Analysis
๏ Active attacks
โข Spoofed, altered, or replayed routing information
โข Selective forwarding
8. Intrusion detection systems
๏ The task of Intrusion Detection Systems (IDS) is to
monitor computer networks and systems, detecting
possible intrusions in the network
๏ Alerting users after intrusions had been detected,
reconfiguring the network if this is possible.
9. Contโฆ
Depending on the detection techniques used, IDS can
be classified into three major categories :
๏ Signature or misuse based IDS:
โข Signature based IDS uses pre-known attack scenarios (or
signatures) and compare them with incoming packet traffic.
โข Once a new attack is launched, the pattern is carefully analyzed
and a signature is defined for it.
10. Contโฆ
๏ Anomaly based IDS
โข This approach is used to learn the usual behavior pattern of
the network
โข The attack is suspected once the network behaves out of its
regular way
11. Contโฆ
๏ specification based IDS
โข It is a combination both signature and anomaly based IDS
โข A genuine user is expected to behave in a certain way, or it can
be specific that a user should behave in this manner
12. conclusion
๏ As the WSN becomes necessary and used frequently
for many applications, the need for securing them is
also increasing due to the nature of their deployment
and their resource restrictions
๏ An intrusion detection systems aims to detect attacks
on sensor nodes or intrusions into the networks.
13. References
๏ J. NEWSOME, E. SHI, D. SONG, AND A. PERRIG, โTHE SYBIL
ATTACK IN SENSOR NETWORKS: ANALYSIS & DEFENSESโ,
PROC. OF THE THIRD INTERNATIONAL SYMPOSIUM ON
INFORMATION PROCESSING IN SENSOR NETWORKS, ACM,
PP. 259 268, 2004.
๏ Y.-C. HU, A. PERRIG, AND D.B.JOHNSON, โWORMHOLE
DETECTION IN WIRELESS AD HOC NETWORKS,โ
DEPARTMENT OF COMPUTER SCIENCE, RICE UNIVERSITY,
TECH. REP. TR01-384, JUNE 2002.
๏ A. HIJAZI AND N. NASSER, โUSING MOBILE AGENTS FOR
INTRUSION DETECTION IN WIRELESS AD HOC NETWORKSโ,
IN WIRELESS AND OPTICAL COMMUNICATIONS NETWORKS
(WOCN), 2005.
14. Contโฆ
๏ J. GUAN, D. X. LIU, AN INDUCTION LEARNING APPROACH
FOR BUILDING INTRUSION DETECTION MODELS USING
GENETIC ALGORITHMS, PROCEEDINGS OF FIFTH WORLD
CONGRESS ON INTELLIGENT CONTROL AND AUTOMATION
WCICA, 5, 4339-4342, 2004
๏ S. MARTI, T. GIULI, K. LAI, AND M. BAKER, MITIGATING
ROUTING MISBEHAVIOR IN MOBILE AD HOC NETWORKS, 6TH
ACM/IEEE INTERNATIONAL CONFERENCE ON MOBILE
COMPUTING AND NETWORKING AUGUST 2000.