Machine Learning Methods Assessment for Denial of Service Detection in Wireless Sensor Networks

Abstract

Intrusion Detection Systems (IDS) are important tools to detect malicious network traffic. Particularly, the efficient detection of Denial of Service (DoS) attacks poses a challenging issue especially in Internet of Things (IoT) scenarios composed of resource-constrained devices, as Wireless Sensor Networks (WSN). Additionally, machine learning classification methods have been presented as a prominent approach to DoS detection. However, a lack of a suitable and careful assessment of such methods becomes difficult to understand the real contribution of them to improve the detection of DoS attacks in WSNs. This work aiming at assessing the efficiency of machine learning classification approaches to detect (i) flooding, (ii) gray hole, and (iii) black hole DoS attacks in WSNs. Our evaluation is based on a WSN-based dataset, called WSN-DS, considering the accuracy and speediness metrics. Results reveal that—considering accuracy and speediness simultaneously—J48 method is recommended for detecting gray hole and black hole attacks, whereas the Random Tree method is the best option for flooding detection. Regarding the speediness, the J48 method is the fastest consuming 0.54µs of processing on average per sample.