Abstract
In this paper, a new hybrid intrusion detection model which combines the distributed and centralized strategies is proposed in this paper as follows. Firstly, considering the network anomalies, situation cannot be captured in real time on the base station; by introducing the CUSUM (cumulative summation) GLR (generalized likelihood ratio), an anomaly detection model which runs on the node is given. It can conduct real-time network monitoring. Based on the “link quality” and “majority rule,” a new algorithm to detect the “Sinkhole attack” in the base station is proposed, and a new model CUSUM_MV to detect intrusion is given. Secondly, the evidence theory is introduced to detect intrusion in wireless sensor network. We give the redundant information process mechanism in the relay node, an evidence-based intrusion detection model deployed on the base station and the intrusion detection model CUSUM_HDST. The hybrid model can detect not only Sinkhole and DoS attacks, but also other specific vulnerabilities. A simulation experiment on Castalia simulator is carried out, and results show that the proposed method has better performance than the traditional Sinkhole attacks detection method.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Hodge, V.J., O’Keefe, S., Weeks, M., Moulds, A.: Wireless sensor network for condition monitoring in the railway industry: a survey. IEEE Trans. Intell. Transp. Syst. 16(3), 1088–1105 (2015)
Fouchal, H., Hunel, P., Ramassamy, C.: Towards efficient deployment of wireless sensor networks. Secur. Comm. Netw. 9(17), 3927–3943 (2016)
Karlof, D.W.: Secure routing in wireless sensor networks: attacks and countermeasures. Ad Hoc Netw. J. Special Issue Sens. Netw. Appl. Protoc. 8(3), 293–315 (2003)
Jan, M.A., Nanda, P., He, X., Liu, R.P.: A Sybil attack detection scheme for a forest wildfire monitoring application. Fut. Gener. Comput. Syst. 80, 613–626 (2018)
Bhise, A.M., Kamble, S.D.: Review on detection and mitigation of sybil attack in the network. Procedia Comput. Sci. 78, 395–401 (2016)
Yadav, H., Tak, M.S.: A surevy on detection of sinkhole attack in wireless sensor network. Int. J. Eng. Techn. Res. V6, (11) (2017)
Ngai, E.C.H., Liu, J.C., Lyu, M.R.: An efficient intruder detection algorithm against Sinkhole attacks in wireless sensor networks. Comput. Commun. 12(30), 2353–2364 (2007)
Krontiris, I., Benenson, Z., Giannetsos, T., Dimitriou, T., et al.: Cooperative intrusion detection in wireless sensor networks. In: Roedig, U., Screenan, C.J. (Eds.) EWSN, pp. 263–278 (2009)
Shafiei, H., Khonsari, A., Derakhshi, H., et al.: Detection and mitigation of sinkhole attacks in wireless sensor networks. J. Comput. Syst. Sci. 12(1), 12–22 (2013)
Rajasegarar, S., Leckie, C., Palaniswami, M.: Hyperspherical cluster based distributed anomaly detection in wireless sensor networks. J. Parallel Distrib. Comput. 74(1), 1833–1847 (2014)
Fessant, F.L., Papadimitriou, A., Viana, A.C., et al.: A Sinkhole resilient protocol for wireless sensor networks: performance and security analysis. Comput. Commun. 12(35), 234–248 (2012)
Zhao, H.: The simulation experiment and research on an improved cumulative sum anomaly detection method. Appl. Mech. Mater. 743(38), 219–225 (2015)
Ozcelik, M.M., Irmak, E., Ozdemir, S.: A hybrid trust based intrusion detection system for wireless sensor networks. In: International Symposium on Networks, Computers and Communications. IEEE, pp. 1–6 (2017)
Sun, Y., Zhang, Y.: New developments of characteristic analysis in wireless sensor networks. IETE J. Res. 2, 221–227 (2016)
Zang, T., Yun, X., Zhang, Y., Men, C., Cui, X.: Botnets’ similarity analysis based on communication features and D–S evidence theory. J. Commun. 32(4), 66–76 (2011)
Yang, K., Ma, J., Yang, C.: Trusted routing based on D–S evidence theory in wireless mesh network. J. Commun. 32(5), 89–103 (2011)
Zhao, X., Liu, Y., Sun, J.: New network anomaly detection using transfer learning and D–S theory. Appl. Res. Comput. 33(4), 1137–1140 (2016)
Chen, Y., Liu, Y.: Application of extended D–S evidence theory in intrusion detection. Comput. Eng. Sci. 36(1), 83–87 (2014)
Chang, Y., Liu, F.: Wireless sensor intrusion detection system based on the theory of evidence. In: IEEE International Conference on Communication Software and Networks, pp. 2811–2814. IEEE (2016)
Super User: Wireless Sensor Network Simulator User Manual. NICTA, Australia (2013)
Song, X., Wang, C., Gao, J., Xi, H.: DLRDG: distributed linear regression-based hierarchical data gathering framework in wireless sensor network. Neural Comput. Appl. 23(7–8), 1999–2013 (2013)
Bacciu, D.: Unsupervised feature selection for sensor time-series in pervasive computing applications. Neural Comput. Appl. 27(5), 1077–1091 (2016)
Wang, G., Huang, C.: Energy-efficient beaconless real-time routing protocol for wireless sensor networks. Comput. Syst. Sci. Eng. 26(3) (2011)
Zhang, D.G., Zhou, S., Chen, J.: New Dv-distance method based on path for wireless sensor network. Intell. Autom. Soft Comput. 23(2), 219–225 (2017)
Acknowledgements
The work has been supported by the National Natural Science Foundation of China (No. 61672004), the Chongqing Research Program of Basic Research and Frontier Technology under Grant No. cstc2016jcyjA0590, and the CERNET Innovation Project. The author would like to thank the Program for Innovation Team Building at Institutions of Higher Education in Chongqing (CXTDX201601021) and Chongqing Municipal Engineering Research Center of Institutions of Higher Education.
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Shang, F., Zhou, D., Li, C. et al. Research on the intrusion detection model based on improved cumulative summation and evidence theory for wireless sensor network. Photon Netw Commun 37, 212–223 (2019). https://doi.org/10.1007/s11107-018-0810-8
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s11107-018-0810-8