This ppt will give you basic informa

1. Intrusion detection systems in
wireless sensor networks
Presented by
B. Lavanya
CSE

2. Contents
 Introduction
 Why is intrusion detection is needed?
 security threats
 Intrusion detection systems
 Conclusion
 References

3. Introduction
 Wireless sensor networks (WSN) is composed of
thousands of small sized, low cost, low power sensor
nodes which communicate with one another
wirelessly
 Sensor nodes do not have much computational
power, limiting the kinds of networking protocols
and security mechanisms they can apply.

4. Why intrusion detection is needed?
 Because of the wireless nature of WSNs, security is a
major issue.
 Attacker can easily listen to all the traffic and inject
their own, especially if the WSN is deployed in a
hostile environment.

5. Security threats
•There are four aspects of a wireless sensor network
that security must protect: Confidentiality, data
integrity, service availability, and energy
• Wireless sensor networks are vulnerable to security attacks
due to the broadcast nature of the transmission medium.
• Types of attacks: Passive attacks and Active attacks

6. Cont…
 Passive attacks
• Monitor and Eavesdropping
• Traffic Analysis
 Active attacks
• Spoofed, altered, or replayed routing information
• Selective forwarding

7. Cont…
• Sinkhole attacks
• Sybil attacks
• Wormholes
• HELLO flood attacks
• Acknowledgement spoofing

8. Intrusion detection systems
 The task of Intrusion Detection Systems (IDS) is to
monitor computer networks and systems, detecting
possible intrusions in the network
 Alerting users after intrusions had been detected,
reconfiguring the network if this is possible.

9. Cont…
Depending on the detection techniques used, IDS can
be classified into three major categories :
 Signature or misuse based IDS:
• Signature based IDS uses pre-known attack scenarios (or
signatures) and compare them with incoming packet traffic.
• Once a new attack is launched, the pattern is carefully analyzed
and a signature is defined for it.

10. Cont…
 Anomaly based IDS
• This approach is used to learn the usual behavior pattern of
the network
• The attack is suspected once the network behaves out of its
regular way

11. Cont…
 specification based IDS
• It is a combination both signature and anomaly based IDS
• A genuine user is expected to behave in a certain way, or it can
be specific that a user should behave in this manner

12. conclusion
 As the WSN becomes necessary and used frequently
for many applications, the need for securing them is
also increasing due to the nature of their deployment
and their resource restrictions
 An intrusion detection systems aims to detect attacks
on sensor nodes or intrusions into the networks.

13. References
 J. NEWSOME, E. SHI, D. SONG, AND A. PERRIG, “THE SYBIL
ATTACK IN SENSOR NETWORKS: ANALYSIS & DEFENSES”,
PROC. OF THE THIRD INTERNATIONAL SYMPOSIUM ON
INFORMATION PROCESSING IN SENSOR NETWORKS, ACM,
PP. 259 268, 2004.
 Y.-C. HU, A. PERRIG, AND D.B.JOHNSON, “WORMHOLE
DETECTION IN WIRELESS AD HOC NETWORKS,”
DEPARTMENT OF COMPUTER SCIENCE, RICE UNIVERSITY,
TECH. REP. TR01-384, JUNE 2002.
 A. HIJAZI AND N. NASSER, “USING MOBILE AGENTS FOR
INTRUSION DETECTION IN WIRELESS AD HOC NETWORKS”,
IN WIRELESS AND OPTICAL COMMUNICATIONS NETWORKS
(WOCN), 2005.

14. Cont…
 J. GUAN, D. X. LIU, AN INDUCTION LEARNING APPROACH
FOR BUILDING INTRUSION DETECTION MODELS USING
GENETIC ALGORITHMS, PROCEEDINGS OF FIFTH WORLD
CONGRESS ON INTELLIGENT CONTROL AND AUTOMATION
WCICA, 5, 4339-4342, 2004
 S. MARTI, T. GIULI, K. LAI, AND M. BAKER, MITIGATING
ROUTING MISBEHAVIOR IN MOBILE AD HOC NETWORKS, 6TH
ACM/IEEE INTERNATIONAL CONFERENCE ON MOBILE
COMPUTING AND NETWORKING AUGUST 2000.

15. THANK YOU