chapter  16
16 Pages

Intrusion Detection System Architecture for Wireless Sensor Network

There has been a lot of research done on preventing or defending WSNs from attackers and intruders, but very limited work has been done for detection purposes. It will be difficult for the network administrator to be aware of intrusions. There are some intrusion detection systems that are proposed or designed for wireless ad hoc networks. Most of them work on distributed environments, which means they work on individual nodes independently and try to detect intrusion by studying abnormalities in their neighbors’ behavior. Thus, they require the nodes to consume more of their processing power, battery backup, and storage space, which makes IDSs more expensive or unfeasible for most of the applications. Some of the IDSs use mobile agents in distributed environments [8]. Mobile agents support sensor mobility and intelligent routing of intrusion data throughout the network, eliminate network dependency of specific nodes. But this mechanism still is not popular for IDSs due to mobile agents’ architectural inherited security vulnerability and heavy weight. Some of the IDSs are attack-specific, which make them concentrated to one type of attack [1]. Some of them use a centralized framework, which make an IDS capable of exploiting a personal computer’s high processing power, huge storage capabilities, and unlimited battery backup [21]. Most of the IDSs are targeted to the routing layer only [7,21], but it can be enhanced to detect different types of attacks at other networking layers as well. Most of the architectures are based on anomaly detection

16.1 Introduction .......................................................................................................................... 391 16.2 Existing Challenges .............................................................................................................. 392 16.3 Wireless Sensor Networks: An Overview ............................................................................ 392 16.4 Security Threats and Issues .................................................................................................. 392 16.5 IDS Architecture .................................................................................................................. 393 16.6 Our Model ............................................................................................................................. 397

16.6.1 Detection Entities...................................................................................................... 398 16.6.2 Policy-Based IDS ...................................................................................................... 398 16.6.3 Structure of Intrusion Detection Agent (IDA) .......................................................... 399 16.6.4 Selection of IDS Node ..............................................................................................400 16.6.5 IDS Mechanism in Sensor Nodes .............................................................................400