2. Contents
Introduction
Why is intrusion detection is needed?
security threats
Intrusion detection systems
Conclusion
References
3. Introduction
Wireless sensor networks (WSN) is composed of
thousands of small sized, low cost, low power sensor
nodes which communicate with one another
wirelessly
Sensor nodes do not have much computational
power, limiting the kinds of networking protocols
and security mechanisms they can apply.
4. Why intrusion detection is needed?
Because of the wireless nature of WSNs, security is a
major issue.
Attacker can easily listen to all the traffic and inject
their own, especially if the WSN is deployed in a
hostile environment.
5. Security threats
•There are four aspects of a wireless sensor network
that security must protect: Confidentiality, data
integrity, service availability, and energy
• Wireless sensor networks are vulnerable to security attacks
due to the broadcast nature of the transmission medium.
• Types of attacks: Passive attacks and Active attacks
6. Cont…
Passive attacks
• Monitor and Eavesdropping
• Traffic Analysis
Active attacks
• Spoofed, altered, or replayed routing information
• Selective forwarding
8. Intrusion detection systems
The task of Intrusion Detection Systems (IDS) is to
monitor computer networks and systems, detecting
possible intrusions in the network
Alerting users after intrusions had been detected,
reconfiguring the network if this is possible.
9. Cont…
Depending on the detection techniques used, IDS can
be classified into three major categories :
Signature or misuse based IDS:
• Signature based IDS uses pre-known attack scenarios (or
signatures) and compare them with incoming packet traffic.
• Once a new attack is launched, the pattern is carefully analyzed
and a signature is defined for it.
10. Cont…
Anomaly based IDS
• This approach is used to learn the usual behavior pattern of
the network
• The attack is suspected once the network behaves out of its
regular way
11. Cont…
specification based IDS
• It is a combination both signature and anomaly based IDS
• A genuine user is expected to behave in a certain way, or it can
be specific that a user should behave in this manner
12. conclusion
As the WSN becomes necessary and used frequently
for many applications, the need for securing them is
also increasing due to the nature of their deployment
and their resource restrictions
An intrusion detection systems aims to detect attacks
on sensor nodes or intrusions into the networks.
13. References
J. NEWSOME, E. SHI, D. SONG, AND A. PERRIG, “THE SYBIL
ATTACK IN SENSOR NETWORKS: ANALYSIS & DEFENSES”,
PROC. OF THE THIRD INTERNATIONAL SYMPOSIUM ON
INFORMATION PROCESSING IN SENSOR NETWORKS, ACM,
PP. 259 268, 2004.
Y.-C. HU, A. PERRIG, AND D.B.JOHNSON, “WORMHOLE
DETECTION IN WIRELESS AD HOC NETWORKS,”
DEPARTMENT OF COMPUTER SCIENCE, RICE UNIVERSITY,
TECH. REP. TR01-384, JUNE 2002.
A. HIJAZI AND N. NASSER, “USING MOBILE AGENTS FOR
INTRUSION DETECTION IN WIRELESS AD HOC NETWORKS”,
IN WIRELESS AND OPTICAL COMMUNICATIONS NETWORKS
(WOCN), 2005.
14. Cont…
J. GUAN, D. X. LIU, AN INDUCTION LEARNING APPROACH
FOR BUILDING INTRUSION DETECTION MODELS USING
GENETIC ALGORITHMS, PROCEEDINGS OF FIFTH WORLD
CONGRESS ON INTELLIGENT CONTROL AND AUTOMATION
WCICA, 5, 4339-4342, 2004
S. MARTI, T. GIULI, K. LAI, AND M. BAKER, MITIGATING
ROUTING MISBEHAVIOR IN MOBILE AD HOC NETWORKS, 6TH
ACM/IEEE INTERNATIONAL CONFERENCE ON MOBILE
COMPUTING AND NETWORKING AUGUST 2000.