Download Slide 1

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

page
1
page
2
page
3
page
4
page
5
page
6
page
7
page
8
page
9
page
10
page
11
page
12
page
13
page
14
page
15
page
16
page
17
page
18
page
19
page
20
page
21
page
22
Document related concepts

Deep packet inspection wikipedia , lookup

Mobile security wikipedia , lookup

Distributed firewall wikipedia , lookup

Wireless security wikipedia , lookup

Cracking of wireless networks wikipedia , lookup

Transcript 
Intrusion Detection System for
Wireless Sensor Networks:
Design, Implementation and Evaluation
Dr. Huirong Fu
Outline
• Overview of Wireless Sensor Network
(WSN)
• Project Objective:
– how to detect attacks on WSN?
• Project Tasks:
– Intrusion detection system
• More Information
UnCoRe 2007
WSN Overview
•
•
•
•
Applications of WSNs
Components of a Sensor
WSN Communication Models
Attacks on WSN
UnCoRe 2007
3
Overview: Applications of WSNs
•
•
•
•
•
•
•
•
•
•
Military
Disaster Detection and Relief
Industry
Agriculture
Environmental Monitoring
Intelligent Buildings
Health/Medical
Law Enforcement
Transportation
Space Exploration
UnCoRe 2007
4
Overview: Components of a Sensor
•
•
•
•
•
Sensing Unit
Processing Unit
Storage Unit
Power Unit
Wireless
Transmitter/Receiver
UnCoRe 2007
5
Overview: Communication Models
• Hierarchical WSN
– Sensor Nodes
– Cluster Nodes
– Base Stations
• Distributed WSN
UnCoRe 2007
6
Overview: Attacks on WSN (1/3)
• DoS, DDoS attacks which affect network
availability
• Eavesdropping, sniffing which can threaten
confidential data
• Man-in-the-middle attacks which can affect
packet integrity
• Signal jamming which affects communication
UnCoRe 2007
Overview: Attacks on WSN (2/3)
UnCoRe 2007
Overview: Attacks on WSN (3/3)
UnCoRe 2007
Project Objective
• How to detect attacks on WSN?
– Intrusion Detection System (IDS): Design,
implementation and evaluation
UnCoRe 2007
Project Tasks
• Literature survey on IDS for WSN
– What have been proposed?
– Have they been implemented and evaluated?
– What are the Pros and Cons of each?
UnCoRe 2007
Project Tasks
• Make decision
– Shall we extend some of the works, or
– Design a novel IDS?
• Design, implementation and evaluation
– What are the requirements for an ideal IDS?
– What are the challenges?
– What are the hardware and software
available?
UnCoRe 2007
Existing security measures
• 2Intrusion detection based on AODV (Ad hoc
On-Demand Distance Vector Routing
Protocol)
– Pros
• Sophisticated algorithm for detecting and reacting to
a great variety of potential wireless network attacks
using an anomaly detection pattern
• Works well for ad-hoc wireless networks
– Cons
• Computationally expensive
• Currently not deployed on wireless sensor networks
UnCoRe 2007
Existing security measures
• 4Effective Intrusion Detection using Multiple Sensors
in Wireless Ad Hoc Networks
– Pros
• Mobile agent based intrusion detection
• Intelligent routing of intrusion data throughout the
network
• Lightweight implementation
– Cons
• Agent only deployed on a fraction of the network nodes
• Not deployed on completely wireless sensor networks
UnCoRe 2007
Existing security measures
• 3INSENS (Intrusion Tolerant Routing
Protocol for Wireless Sensor Networks)
– Pros
• Allows an alternative network route to be
established between non-malicious nodes
– Cons
• Does not provide intrusion detection, but rather
intrusion tolerance
• Still requires the sacrifice of a small number of
wireless sensor nodes
UnCoRe 2007
Our IDS System
• Uses Motelv’s TMote wireless sensors.
• Developed using MoteIv’s proprietary
software--TMote Tools
– Cygwin
– Java
– TinyOS programming language
– Enhanced with a plug-in for the Eclipse IDE
for programming and compiling the TinyOS
modules
UnCoRe 2007
IDS Wireless Sensor Setup
UnCoRe 2007
Our IDS System Design
• Uses anomaly detection pattern
• Establishes a baseline of “normal” traffic
between wireless sensor nodes over a
specified time interval
• Compares current traffic against this
baseline traffic over the same specified
time interval
• Makes a determination as to whether or
not a DoS attack is occurring
UnCoRe 2007
Our IDS System Design
• Communication
between wireless
sensor nodes
UnCoRe 2007
•Activity diagram for
Wireless Sensor Node
communication
Our IDS System Design cont’d
• Emulation of a DoS
attack
UnCoRe 2007
• Activity design for
Emulation of a DoS
attack
References
• 1Denial of Service in Sensor Networks
• 2Wireless Sensor Networks for Intrusion
Detection: Packet Traffic Modeling
• 3INSENS: Intrusion-Tolerant Routing in
Wireless Sensor Networks
• 4Effective Intrusion Detection Using
Multiple Sensors in Wireless Ad Hoc
Networks
UnCoRe 2007
References
• MoteIv
– http://www.moteiv.com/community/Moteiv_Co
mmunity
• TMote Tutorial
– http://cents.cs.berkeley.edu/tinywiki/index.php/
Tmote_Windows_install
• TinyOS
– http://www.tinyos.net/tinyos1.x/doc/tutorial/index.html
UnCoRe 2007
Related documents
An Ultra-Low Power Asynchronous-Logic In-Situ Self
An Ultra-Low Power Asynchronous-Logic In-Situ Self
harvesting-aware energy management for time
harvesting-aware energy management for time
Wireless Monitoring System
Wireless Monitoring System
pptx - Ann Gordon-Ross - University of Florida
pptx - Ann Gordon-Ross - University of Florida
Wireless Sensor Networks (WSNs)
Wireless Sensor Networks (WSNs)
H. Diall, K. Raja, I. Daskalopoulos, S. Hailes, T. Torfs, C. Van Hoof
H. Diall, K. Raja, I. Daskalopoulos, S. Hailes, T. Torfs, C. Van Hoof
Talk Abstracts - CSEE Research Day 2008
Talk Abstracts - CSEE Research Day 2008
Lecture18 - Philadelphia University
Lecture18 - Philadelphia University
body network - University of Virginia
body network - University of Virginia
Home monitoring of patients with Parkinson`s disease via wearable
Home monitoring of patients with Parkinson`s disease via wearable