Detection and Mitigation of Attacks in Cluster based Wireless Sensor Networks using Rule based IDS

Abstract

Objectives: Wireless Sensor Network (WSN) is made up of numerous small nodes; the node senses the happenings in its surroundings and reports the changes to a base station. Most of the sensor nodes are battery operated and their lifetime is less. Methods/Statistical Analysis: The WSN is operated in an open environment, it is prone to misuse. The misuse can either internal or external. External attackers can be prevented by using encryption techniques whereas the internal attackers being a compromised node in the network are hard to prevent. To avoid any further damage by the internal attackers an Intrusion Detection System (IDS) is developed. Rule based detection methodology is adapted to detect the misuse in the network. Findings: Using rule based detection methodology the following attacks such as black hole attack, selective forwarding attack, hello flood attack and replay attack are detected and mitigated. All the mentioned attacks occur in the network layer and its intention is to alter the data communication path. In a network of N nodes, M clusters are formed with each cluster having a cluster head. One node in each cluster has the IDS and monitors the cluster members before the communication starts. Once the attackers are detected within each cluster, the routing protocol is changed accordingly such that the affected cluster heads will not take part in the communication process. Application/Improvements: In existing IDS the attacks are only detected and by using some encryption they are prevented before an attack can happen. In this method the attacks are mitigated prior to the actual data transmission.