MP-MID: Multi-Protocol Oriented Middleware-level Intrusion Detection method for wireless sensor networks |
| |
| Affiliation: | 1. Department of Electrical and Computer Engineering, The University of British Columbia, Vancouver, BC, V6T 1Z4, Canada;2. Tianjin Key Laboratory of Advanced Networking, School of Computer Science and Technology, Tianjin University, Tianjin 300350, China;1. School of Computer Science and Technology, Tianjin University, Tianjin 300350, China;2. Tianjin Key Laboratory of Advanced Networking (TANK), Tianjin 300350, China;3. Biomedical Cybernetics Group, Biotechnology Center (BIOTEC), Center for Molecular and Cellular Bioengineering (CMCB), Technische Universität Dresden, Tatzberg 47/49, Dresden 01307, Germany;1. School of Computer Science and Technology, Tianjin University, Tianjin, China;2. School of Computer Software, Tianjin University, Tianjin, China;3. National Supercomputer Center in Tianjin, Tianjin, China;1. Key Lab of Computing and Communication Software of Anhui Province, School of Computer Science and Technology, University of Science and Technology of China, Hefei, Anhui 230027, PR China;2. School of Electrical Engineering and Automation, Harbin Institute of Technology, Harbin, Hei Longjiang 15000, PR China;3. Department of Electrical, Computer, and Systems Engineering, Rensselaer Polytechnic Institute, Troy, NY 12180, USA |
| |
| Abstract: | It is very difficult to detect intrusions in wireless sensor networks (WSN), because of its dynamic network topology and diverse routing protocols. Traditional Intrusion Detection Systems (IDS) for WSN only focus attention on some one routing protocol, which lacks universality and flexibility. To solve the problem of multi-protocol intrusion detection, this paper proposes a universal method: MP-MID (Multi-Protocol Oriented Middleware-level Intrusion Detection). Our work can generate all known attack types for any routing protocol of WSN, and furthermore, all of them can be detected with the automatically generated rules. In this work, we formalize the routing protocol with the Process Algebra for Wireless Mesh Networks (AWN) language, and propose the conception of attack points to find out all attack types. Combining attack points with formalized protocol in AWN, we get co-sentences which represent the attack features in the protocol. With program slicing technology, all known attack types can be found out based on co-sentences. According to the characteristic of the key variables of the attack types, MP-MID can generate misused based detection or anomaly based detection. Our case study of ADOV (Ad hoc On-demand Distance Vector) protocol shows that our method generated all types of attacks, which outperforms other work. Experimental results show that our generated detection methods have a relatively high detection accuracy rate as we claimed. Our MP-MID method could be used as a flexible and universal tool to analyze and detect attack types for multi-protocol in WSN effectively. |
| |
| Keywords: | Wireless sensor networks Intrusion detection AWN AODV |
| 本文献已被 ScienceDirect 等数据库收录! |
|
