Intrusion detection system using anomaly technique in wireless sensor network

Abstract

In the recent research, it has been observed that finding out the compromised nodes in wireless sensor net-work(WSN) is a very difficult task. In WSN, nodes have limited power and low processing capacity. Moreover, a homogeneous sensor network comprises of nodes having similar behavior. These constraints make it difficult to identify compromised nodes in such a network. Compromised nodes are those nodes whose behavior are dissimilar from normal nodes. Compromised node can be harmful for the network. To solve the problem of finding compromised node we are using anomaly detection technique. In this technique the behavior of nodes is observed and checked whether it is normal or not. We select some Intrusion Detection System(IDS) agents on the basis of internal congestion within the node. IDS agent are trained to analyze the behavior of the nodes and are able to check the deviation in the behavior of the nodes. We provide a matrix to IDS agent, which is stored in their buffer. This matrix consist of parameters which are related to the behavior of the node. Input value of the matrix is 0 or 1, if the matrix result is 1 then the behavior of the node is abnormal(deviation from normal). The IDS agents send the unique identifier of the compromised node to the Base Station. Base Station will finally check how many messages a node can send to Base Station. If the number is greater than the maximum message limit then the node is considered to be compromised node. The algorithm which is proposed in this paper can be efficient for the small networks.