blog
media download page
Essay / Intrusion Detection Challenges in Wireless Sensor Networks subsystem whose purpose is to detect events or changes in its environment and send the information to other electronic devices, often a computer processor. A wireless sensor network is a type of wireless network comprising a large number of circulating, self-managing, tiny, low-power devices called sensor nodes called motes. These networks certainly cover a large number of small, spatially distributed, battery-operated embedded devices that are networked to carefully collect, process, and transfer data to operators, and they have controlled computing and treatment. Nodes are tiny computers that work together to form the network. Say no to plagiarism. Get a tailor-made essay on “Why violent video games should not be banned”? Get the original essay WNS Applications These networks are used in environmental monitoring, such as forest detection, animal tracking, flood detection, forecasting and weather forecasting, as well as in the commercial field. applications such as forecasting and monitoring seismic activities. Military applications, such as tracking surveillance and environmental monitoring applications, use these networks. Sensor nodes from sensor networks are placed in the field of interest and are controlled remotely by a user. Enemy tracking and security detections are also carried out using these networks. Healthcare applications, such as tracking and monitoring patients and doctors, use these networks. The most frequently used wireless sensor network applications in the field of transportation systems, such as traffic monitoring, route management and parking lot monitoring, etc., use these networks. Rapid emergency response, industrial process monitoring, automated building temperature control, ecosystem and habitat monitoring, health monitoring of civil structures, etc., use these networks. many types of security attacks due to open wireless support, multi-hop decentralized communication and deployment in hostile and physically unprotected areas. Wireless sensor networks are vulnerable to security attacks due to the broadcast nature of the transmission medium. There are four aspects of a wireless sensor network that security must protect: privacy, data integrity, service availability, and energy. Attacks on WSNActive AttackActive attacks are used to hijack, temper, or drop packets. The unique features such as wireless support, contention-based media access, multi-hop nature, decentralized architecture and random deployment of these networks make them more vulnerable to security attacks at different layers. Passive AttackPassive attacks are silent in nature and are carried out to extract important information. information from the network. Passive attacks do not damage the network or network resources. Layered AttacksSince WSN is based on 5 OSI layers (physical layer, data link, network, transport and application), few attacks are also categorized by layers. Jamming: An adversary keeps sending unnecessary signalsmaking other nodes unable to communicate. Tampering: an attacker can physically tamper with nodes. Collision: the attacker only has to disrupt part of the transmission. Exhaustion: Repeated retransmission will cause battery exhaustion; In IEEE802. 11 based on MAC, continuous RTS requests cause battery drain in the targeted neighbor. Misdirection: transfers messages on wrong paths; provide incorrect route information. Negligence and greed: malicious and selfish nodes. Homing: Nodes with special responsibilities are vulnerable. Black holes: Attackers trick their neighbors into routing traffic to them, but do not relay the traffic. Flooding: an attacker sends many connections. establishment requests to the victim, causing them to run out of resources. Out of sync: An attacker forges messages carrying a wrong sequence number to one or both endpoints. Sybil attack: A malicious node behaves as if it were from a larger number of nodes, for example by impersonating other nodes or simply claiming false identities. In the worst case, an attacker can generate an arbitrary number of additional node identities, using a single physical device. Mote Attacks: The attacker compromises a few sensor nodes inside a WSN. An intrusion detection system (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. The components of the IDSMonitoring component are used for local event monitoring as well as neighbor monitoring. This component mainly monitors traffic patterns, internal events, and resource usage. The analysis and detection module is the main component based on a modeling algorithm. Network operations, behavior and activities are analyzed and decisions are made whether to declare them malicious or not. The alarm component is a response generator component, which generates an alarm if an intrusion is detected. Here, the signatures of different security attacks are kept in a database. This type of IDS is effective against well-known security attacks. Problem: However, new attacks are difficult to detect because their signatures would not be present in the database. The second type is anomaly-based IDS . This type is effective in detecting new attacks. Anomaly-based IDS monitors network activities and classifies them as normal or malicious using a heuristic approach. Most anomaly-based IDSs identify intrusions using threshold values; that is, any activity below a threshold is normal, while any condition above a threshold is classified as an intrusion. Problem: It sometimes fails to detect well-known security attacks. The reason is that anomaly-based IDSs do not maintain any database, but continuously monitor traffic patterns or system activities. Combination of anomaly-based and signature-based approaches. Hybrid mechanisms generally contain two detection modules; i.e. one module is responsible for detecting well-known attacks using signatures, while the other is responsible for detecting and learning normal and malicious patterns or monitoring deviations in network behavior compared to the normal profile. Hybrid IDSs are more accurate in terms of detecting attacks with fewer false positives. Challenge: such mechanisms consume more energy and more resources. THE.
Navigation
« Prev
1
2
3
4
5
Next »
Get In Touch