Intrusion detection systems in

wireless sensor networks

Presented by
SHIVAM PANDEY
Contents

Introduction
Security Goals
Layering Based Security Approach
Types of Attacks
Intrusion detection systems
Components of IDS
IDS Detection Methodologies
Conclusion
Refferences
Introduction

Wireless sensor networks (WSN) multihop distributed

operations.
Composed of thousands of small sized, low cost, low
power sensor nodes.
Communicate with one another wirelessly.
No computational power, limiting the kinds of networking
protocols and security mechanisms they can apply.
Security is a major issue.
In a hostile environment attacker can easily listen to all
the traffic and inject their own.
 Aspects of a wireless sensor network
(security goals)

Confidentiality
Data integrity
Service availability
Non-repudiation
Layering Based Security Approach

Application Layer
-Manages data connection.
Transport Layer
-connection establishment.
Network Layer
-routing of cluster.
Data link layer
-multiplexing of data stream,error detection, encryption, mac.
Physical Layer
-signal detection, strength, frequency selection, generation.
Types of attacks

Passive attacks

Active attacks
Types of attacks
Intrusion detection systems

Monitor computer networks and systems

Detecting possible intrusions
Alert users
Reconfigure the network
Components Of IDS

Monitoring component
-Traffic pattern ,internal events ,resource utilization
Analysis & detection module
-Network operation analysis & detection
Alarm component
-Generates Alarm
Components Of IDS
IDS detection methodologies

Signature or misuse based IDS

-Uses pre-known attack scenarios
-Compare them with incoming packet traffic.
-Once a new attack is launched, the pattern is carefully analyzed and
a signature is defined for it.
Anomaly based IDS
-Used to learn the usual behavior pattern of the network
-The attack is suspected when network behaves out of its regular way
Hybrid based IDS
-A genuine user is expected to behave in a certain way, or it can be
specific that a user should behave in this manner
conclusion

As the WSN becomes necessary and used frequently

for many applications, the need for securing them is
also increasing due to the nature of their deployment
and their resource restrictions

An intrusion detection systems aims to detect attacks

on sensor nodes or intrusions into the networks.
References

J. NEWSOME, E. SHI, D. SONG, AND A. PERRIG, THE SYBIL

ATTACK IN SENSOR NETWORKS: ANALYSIS & DEFENSES, PROC.
OF THE THIRD INTERNATIONAL SYMPOSIUM ON INFORMATION
PROCESSING IN SENSOR NETWORKS, ACM, PP. 259 268, 2004.

Y.-C. HU, A. PERRIG, AND D.B.JOHNSON, WORMHOLE

DETECTION IN WIRELESS AD HOC NETWORKS, DEPARTMENT
OF COMPUTER SCIENCE, RICE UNIVERSITY, TECH. REP. TR01-
384, JUNE 2002.

A. HIJAZI AND N. NASSER, USING MOBILE AGENTS FOR

INTRUSION DETECTION IN WIRELESS AD HOC NETWORKS, IN
WIRELESS AND OPTICAL COMMUNICATIONS NETWORKS
(WOCN), 2005.
THANK YOU