Abstract
In this paper, we investigate the problem of selective routing attack in wireless sensor networks by considering a novel threat, named the upstream-node effect, which limits the accuracy of the monitoring functions in deciding whether a monitored node is legitimate or malicious. To address this limitation, we propose a one-dimensional one-class classifier, named relaxed flow conservation constraint, as an intrusion detection scheme to counter the upstream node attack. Each node uses four types of relaxed flow conservation constraints to monitor all of its neighbors. Three constraints are applied by using one-hop knowledge, and the fourth one is calculated by monitoring two-hop information. The latter is obtained by proposing two-hop energy-efficient and secure reporting scheme. We theoretically analyze the security and performance of the proposed intrusion detection method. We also show the superiority of relaxed flow conservation constraint in defending against upstream node attack compared to other schemes. The simulation results show that the proposed intrusion detection system achieves good results in terms of detection effectiveness.
Highlights
A Wireless Sensor Network (WSN) [1] is a set of tiny sensor nodes, which are resource-constrained in terms of energy, bandwidth, processing, and storage capacities.The main task of a WSN is to collect/aggregate data from the sensor nodes to a base station using a hop-by-hop communication
Contrary to the state-of-the art methods, we show that the relaxed flow conservation constraint prevents the upstream node effect
We study the performance of the proposed intrusion detection system against selective routing attacks using GloMoSim simulator [49]
Summary
The main task of a WSN is to collect/aggregate data from the sensor nodes to a base station (or sink) using a hop-by-hop communication. In the periodic-based class, each sensor node periodically sends its measurement towards the sink. An adversary can perform node capture attack by physically accessing the sensor node and uploading a malicious code to launch different types of attacks [2,3]. To avoid this situation, some preventive security mechanisms such as authentication, cryptography, and key management could be implemented [4,5]. It is necessary to deploy intrusion detection systems (IDSes) [6,7,8,9] to deal with other non-preventive
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
