Skip to main content
SpringerLink
Log in

Network Anomaly Detection in Wireless Sensor Networks: A Review

  • Conference paper
  • First Online:
Internet of Things, Smart Spaces, and Next Generation Networks and Systems (NEW2AN 2019, ruSMART 2019)

Part of the book series: Lecture Notes in Computer Science ((LNCCN,volume 11660))

Abstract

Wireless sensor networks function as one of the enablers for the large-scale deployment of Internet of Things in various applications, including critical infrastructure. However, the open communications environment of wireless systems, immature technologies and the inherent limitations of sensor nodes make wireless sensor networks an attractive target to malicious activities. The main contributions of this review include describing the true nature of wireless sensor networks through their characteristics and security threats as well as reflecting them to network anomaly detection by surveying recent studies in the field. The potential and feasibility of graph-based deep learning for detecting anomalies in these networks are also explored. Finally, some remarks on modelling anomaly detection methods, using appropriate datasets for validation purposes and interpreting complex machine learning models are given.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Notes

  1. 1.

    In this article the 5-layer OSI-model is considered, as in [4, 5].

  2. 2.

    Complexity may not also be stable: the amount of complexity can vary according to changes in the system, the environment or transmitted data.

  3. 3.

    Research across a range of disciplines is devoted to finding linear approximations of nonlinear phenomena, because they are easier to solve.

  4. 4.

    Especially the assumption of identically and independently distributed (i.i.d.) variables and presuming the density distribution of data points a priori may not be realistic.

  5. 5.

    To overcome the limitations of traditional autoencoders, the study employes a sparse autoencoder and multiple denoising autoencoders for the sub-networks.

  6. 6.

    In practical terms, there must not be a queue of packets awaiting to be processed by the model. Technically the packet processing rate must be higher than the expected maximum packet arrival rate.

  7. 7.

    A detection scheme is expected to have the capability of addressing a wide range of security issues.

  8. 8.

    Geometric deep learning is an umbrella term for emerging techniques, such as deep learning on graphs and manifolds, attempting to generalize deep neural models to non-Euclidean domains. For a comprehensive introductory-level reference with descriptive graphics and further details, see [22].

  9. 9.

    The proposed method uses three hidden layers in the convolutional encoder, but the authors note that more layers can be stacked for building a deeper network.

  10. 10.

    In general, spectral-based methods are computationally more expensive, assume a fixed input graph and are limited to work on undirected graphs whereas spatial-based methods can are more generalizable and can deal with directed graphs.

  11. 11.

    Graph neural networks with attention mechanisms are an example of spatial-based approaches.

  12. 12.

    Typically enhanced with LSTM or GRU.

  13. 13.

    The authors use the GCN introduced in [25] and used in DOMINANT.

  14. 14.

    The authors apply GRU but LSTM could be tested as well.

  15. 15.

    https://www.unb.ca/cic/datasets/ids-2017.html.

  16. 16.

    https://secplab.ppgia.pucpr.br/?q=trabid.

  17. 17.

    https://icsdweb.aegean.gr/awid/index.html.

References

  1. Rawat, P., Singh, K.D., Chaouchi, H., Bonnin, J.M.: Wireless sensor networks: a survey on recent developments and potential synergies. J. Supercomput. 68(1), 1–48 (2014)

    Article  Google Scholar 

  2. Xie, M., Han, S., Tian, B., Parvin, S.: Anomaly detection in wireless sensor networks: a survey. J. Netw. Comput. Appl. 34(1), 1302–1325 (2011)

    Article  Google Scholar 

  3. Dargie, W., Poellabauer, C.: Fundamentals of Wireless Sensor Networks - Theory and Practice. Wiley Series on Wireless Communications and Mobile Computing (2010)

    Google Scholar 

  4. Zou, Y., Zhu, J., Wang, X., Hanzo, L.: A survey on wireless security: technical challenges, recent advances, and future trends. Proc. IEEE 104(9), 1727–1765 (2016). https://doi.org/10.1109/JPROC.2016.2558521

    Article  Google Scholar 

  5. Tomić, I., McCann, J.: A survey of potential security issues in existing wireless sensor network protocols. IEEE Internet Things J. 4(6), 1910–1923 (2017)

    Article  Google Scholar 

  6. Butun, I., Salvatore, D.M., Sankar, R.: A survey of intrusion detection systems in wireless sensor networks. IEEE Commun. Surv. Tutorials 16(1), 266–282 (2014). https://doi.org/10.1109/SURV.2013.050113.00191

    Article  Google Scholar 

  7. Kumar, D.P., Amgoth, T., Annavarapu, C.S.R.: Machine learning algorithms for wireless sensor networks: a survey. Inf. Fusion 49(1), 1–25 (2019)

    Google Scholar 

  8. Sha, K., Wei, W., Yang, T.A., Wang, Z., Shi, W.: On security challenges and open issues in internet of things. Future Gener. Comput. Syst. 83(1), 326–337 (2018)

    Article  Google Scholar 

  9. CSA. https://downloads.cloudsecurityalliance.org/whitepapers/Security_Guidance_for_Early_Adopters_of_the_Internet_of_Things.pdf. Accessed 3 Mar 2019

  10. Mosenia, A., Jha, N.K.: A comprehensive study of security of internet-of-things. IEEE Trans. Emerg. Top. Comput. 5(4), 586–602 (2017)

    Article  Google Scholar 

  11. Labatut, V., Ozgovde, A.: Topological measures for the analysis of wireless sensor networks. Procedia Comput. Sci. 10, 397–404 (2012). https://doi.org/10.1016/j.procs.2012.06.052

    Article  Google Scholar 

  12. Akoglu, L., Tong, H., Koutra, D.: Graph based anomaly detection and description: a survey. Data Min. Knowl. Disc. 29(3), 626–688 (2015)

    Article  MathSciNet  Google Scholar 

  13. Rajasegarar, S., Leckie, C., Palaniswami, M.: Anomaly detection in wireless sensor networks. IEEE Wirel. Commun. 15(4), 34–40 (2008)

    Article  Google Scholar 

  14. Ball, J.E., Anderson, D.T., Chan, C.S.: A comprehensive survey of deep learning in remote sensing: theories, tools and challenges for the community. J. Appl. Remote Sens. 11(4), 042609 (2017). https://doi.org/10.1117/1.JRS.11.042609

    Article  Google Scholar 

  15. Liu, W., Wang, Z., Liu, X., Zeng, N., Liu, Y., Alsaadi, F.E.: A survey of deep neural network architectures and their applications. Neurocomputing 234(1), 11–26 (2017)

    Google Scholar 

  16. Chalapathy, R., Chawla, S.: Deep Learning for Anomaly Detection: A Survey (2019). A preprint. https://arxiv.org/abs/1901.03407. Accessed 3 May 2019

  17. Ma, T., Wang, F., Cheng, J., Yu, Y., Chen, X.: A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors (Basel) 16(10), 1701 (2016). https://doi.org/10.3390/s16101701

    Article  Google Scholar 

  18. Al-Hawawreh, M., Moustafa, N., Sitnikova, E.: Identification of malicious activities in industrial internet of things based on deep learning models. J. Inf. Secur. Appl. 41(1), 1–11 (2018)

    Google Scholar 

  19. Moustafa, N., Slay, J.: UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set). In: Military Communications and Information Systems Conference (MilCIS) (2015). https://doi.org/10.1109/MilCIS.2015.7348942

  20. Mirsky, Y., Doitshman, T., Elovici, Y., Shabtai, A.: Kitsune: an ensemble of autoencoders for online network intrusion detection. In: Network and Distributed Systems Security Symposium (NDSS) (2018). https://doi.org/10.14722/ndss.2018.23211

  21. Hamilton, W.L., Ying, R., Leskovec, J.: Representation Learning on Graphs: Methods and Applications (2018). https://arxiv.org/abs/1709.05584. Accessed 3 Mar 2019

  22. Bronstein, M.M., Bruna, J., LeCun, Y., Szlam, A., Vandergheynst, P.: Geometric deep learning: going beyond Euclidean data. IEEE Signal Process. Mag. 34(4), 18–42. IEEE (2017). https://doi.org/10.1109/MSP.2017.2693418

    Article  Google Scholar 

  23. Xu, K., Wang, Z., Witbrock, M., Wu, L., Feng, Y., Sheinin, V.: Graph2Seq: Graph to Sequence Learning with Attention-based Neural Networks (2018). https://arxiv.org/abs/1804.00823. Accessed 3 May 2019

  24. Ding, K., Li, J., Bhanushali, R., Liu, H.: Deep anomaly detection in attributed networks. In: SIAM International Conference on Data Mining (2019)

    Google Scholar 

  25. Kipf, T.N., Welling, M.: Semi-supervised classification with graph convolutional networks. In: Proceedings of the International Conference on Learning Representations (2017)

    Google Scholar 

  26. Wu, Z., Pan, S., Chen, F., Long, G., Zhang, C., Yu, P.S.: A Comprehensive Survey on Graph Neural Networks (2019). http://arxiv.org/abs/1901.00596. Accessed 4 May 2019

  27. Monti, F., Otness, K., Bronstein, M.M.: MotifNet: a motif-based graph convolutional network for directed graphs. In: Data Science Workshop (DSW). IEEE (2018). https://doi.org/10.1109/DSW.2018.8439897

  28. Wu, F., Fan, A., Baevski, A., Dauphin, Y.N., Auli, M.: Pay less attention with lightweight and dynamic convolutions (2019). https://arxiv.org/abs/1901.10430

  29. O’Reilly, C., Gluhak, A., Imran, M.A., Rajasegarar, S.: Anomaly detection in wireless sensor networks in a non-stationary environment. IEEE Commun. Surv. Tutorials 16(3), 1413–1432 (2014)

    Article  Google Scholar 

  30. Pareja, A., et al.: EvolveGCN: Evolving Graph Convolutional Networks for Dynamic Graphs (2019). https://arxiv.org/abs/1902.10191. Accessed 7 May 2019

  31. Ranshous, S., Shen, S., Koutra, D., Harenberg, S., Faloutsos, C., Samatova, N.F.: Anomaly detection in dynamic networks: a survey. WIREs Comput. Stat. 7(3) (2015). https://doi.org/10.1002/wics.1347

    Article  MathSciNet  Google Scholar 

  32. Ding, K., Li, J., Liu, H.: Interactive anomaly detection in attributed networks. In: Proceedings of the Twelfth ACM International Conference on Web Search and Data Mining (WSDM 2019) (2019). https://doi.org/10.1145/3289600.3290964

  33. Eswaran, D., Guha, S., Mishra, N.: SpotLogiht: detecting anomalies in streaming graphs. In: Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (KDD 2018), pp. 1378–1386. ACM, New York (2018). https://doi.org/10.1145/3219819.3220040

  34. Miz, V., Ricaud, B., Benzi, K., Vandergheynst, P.: Anomaly detection in the dynamics of web and social networks. (2019). https://arxiv.org/abs/1901.09688

  35. Xue, L., Luo, M., Peng, Z., Li, J., Chen, Y., Liu, J.: Anomaly detection in time-evolving attributed networks. In: Database Systems for Advanced Applications (2019). https://doi.org/10.1007/978-3-030-18590-9_19

    Chapter  Google Scholar 

  36. Yu, W., Cheng, W., Aggarwal, C.C., Chang, K., Chen, H., Wang, W.: NetWalk: a flexible deep embedding approach for anomaly detection in dynamic networks. In: In Proceedings of the 24th ACM SIGKDD International Conference on Knowledge Discovery & Data Mining (KDD 2018), pp. 2672–2681. ACM, New York (2018). https://doi.org/10.1145/3219819.3220024

  37. Ahmad, S., Lavin, A., Purdy, S., Agha, Z.: Unsupervised real-time anomaly detection for streaming data. Neurocomputing 262(1), 134–147 (2017)

    Article  Google Scholar 

  38. Cimini, G., Squartini, T., Saracco, F., Garlaschelli, D., Gabrielli, A., Galdarelli, G.: The Statistical Physics of Real-World Networks (2018). https://arxiv.org/abs/1810.05095

  39. Bodström, T., Hämäläinen, T.: A novel deep learning stack for APT detection. MDPI Appl. Sci. 9(6), 1055 (2019)

    Article  Google Scholar 

  40. Diverak, A., Parekh, M., Savla, V., Mishra, R.: Benchmarking datasets for anomaly-based network intrusion detection: KDD CUP 99 alternatives. In: 3rd International Conference on Computing, Communication and Security (ICCCS), pp. 1–8. IEEE (2018)

    Google Scholar 

  41. Ring, M., Wunderlich, S., Scheuring, D., Landes, D., Hotho, A.: A Survey of Network-based Intrusion Detection Data Sets (2019). https://arxiv.org/abs/1903.02460

  42. Montavon, G., Samek, W., Müller, K.: Methods for interpreting and understanding deep neural networks. Digital Sig. Process. 73(1), 1–15 (2018)

    MathSciNet  Google Scholar 

  43. Zhou, C., Paffenroth, R.C.: Anomaly detection with robust deep autoencoders. In: Proceedings of the 23rd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD 2017), pp. 665–674. ACM, New York (2018). https://doi.org/10.1145/3097983.3098052

Download references

Author information

Authors and Affiliations

  1. Faculty of Information Technology, University of Jyväskylä, P.O. Box 35, (Agora), 40014, Jyväskylä, Finland

    Rony Franca Leppänen & Timo Hämäläinen

Authors
  1. Rony Franca Leppänen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Timo Hämäläinen
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Rony Franca Leppänen .

Editor information

Editors and Affiliations

  1. Tampere University, Tampere, Finland

    Olga Galinina

  2. Tampere University, Tampere, Finland

    Sergey Andreev

  3. FRUCT Oy, Helsinki, Finland

    Sergey Balandin

  4. Tampere University, Tampere, Finland

    Yevgeni Koucheryavy

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Switzerland AG

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Leppänen, R.F., Hämäläinen, T. (2019). Network Anomaly Detection in Wireless Sensor Networks: A Review. In: Galinina, O., Andreev, S., Balandin, S., Koucheryavy, Y. (eds) Internet of Things, Smart Spaces, and Next Generation Networks and Systems. NEW2AN ruSMART 2019 2019. Lecture Notes in Computer Science(), vol 11660. Springer, Cham. https://doi.org/10.1007/978-3-030-30859-9_17

Download citation

  • DOI: https://doi.org/10.1007/978-3-030-30859-9_17

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-30858-2

  • Online ISBN: 978-3-030-30859-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation