Abstract
As WSNs gain popularity, they are becoming more and more necessary for traffic anomaly detection. Because worms, attacks, intrusions, and other kinds of malicious behaviors can be recognized by traffic analysis and anomaly detection, WSN traffic anomaly detection provides useful tools for timely reaction and appropriate prevention in network security. In the paper, we improve exploitation of GM(1,1) model to make traffic prediction and judge the traffic anomaly in WSNs. Based on our systematical researches on the characteristics of WSN traffic, the causes of WSN abnormal traffic, and latest related research and development, we better exploit the GM(1,1) model following four guidelines: using a sliding window to determine historical data for modeling, optimizing initial value of one-order grey differential equation, making traffic prediction by short step exponential weighted average method, and judging whether the traffic of the next moment is abnormal by Euclidean distance. Then, we propose a traffic anomaly detection algorithm for WSNs based on the improved exploitation of GM(1,1) model. Simulation results and comparative analyses demonstrate that our proposed WSN traffic anomaly detection algorithm can reduce the undetected rate and has better anomaly detection accuracy than traditional traffic anomaly detection algorithms.
Highlights
In recent years, the emergence of a variety of wireless sensor networks (WSNs) applications, such as military applications [1], home automation [2], smart building [3], health and medical applications [4], vehicle and target tracking [5], and industry domains [6, 7], has been prompted by the developments in the field of distributed computing and microelectromechanical systems
Intrusions, attacks, worms, and other kinds of malicious behaviors can be identified by traffic analysis and anomaly detection, so traffic anomaly detection in a WSN provides a sound basis for prevention and reaction in network security
A simulated and a part of real WSN traffic data consisting of humidity measurement collected during 6-hour period at intervals of 5 seconds in 2010 gathered from the University of North Carolina are used to carry out simulations
Summary
The emergence of a variety of wireless sensor networks (WSNs) applications, such as military applications [1], home automation [2], smart building [3], health and medical applications [4], vehicle and target tracking [5], and industry domains [6, 7], has been prompted by the developments in the field of distributed computing and microelectromechanical systems. A WSN is composed of a mass of battery-powered thick-deployed and lowpower sensor nodes with sensing, processing, and storage capabilities and wireless communication [6]. Monitoring a certain phenomenon, such as object tracking or environmental data, is the main purpose of sensor nodes composed of power, sensing, computing, and communication modules [8]. Intrusions, attacks, worms, and other kinds of malicious behaviors can be identified by traffic analysis and anomaly detection, so traffic anomaly detection in a WSN provides a sound basis for prevention and reaction in network security
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
