eHIP: An energy-efficient hybrid intrusion prohibition system for cluster-based wireless sensor networks
Introduction
Wireless sensor network (WSN) is a new network paradigm that involves the deployment of hundreds – even thousands – of low-cost, energy-limited, small, and application-specific sensor nodes to create applications for factory monitoring and control, disaster response, military sensing, intelligent house control, and, etc. [1]. According to the individual requirements of those applications, WSN is self-organized and operates in an ad hoc fashion. In other words, after sensor nodes are deployed, they automatically establish routes and then proceed to sense surroundings. The information about surroundings is processed and transmitted to a data sink, a data requester in WSN. The assumptions in this paper are listed as follows:
- 1.
The sensor network investigated here is a homogenous network [2], [3], [4], [5], [6]. In other words, all sensor nodes are initially provided with the same resources, such as energy, computation ability, and communication ability before they are randomly deployed. However, once the network starts to operate, the amounts of consumed resources depend on the functionalities performed on each sensor node.
- 2.
Computation power is low and energy is limited in all sensor nodes.
- 3.
Data sink is provided with high computation power, large storage, and unlimited energy.
- 4.
The advantage of proposed system is on the basis of that the security of transmitted data in CWSN is classified. Therefore, we assume that two datagram categories exist in WSN. One is control messages, such as interest, advertisement, and route update messages. The other category is sensed data, the interesting information around sensor nodes for data sink. The information contained in control messages is more important than the information contained in sensed data.
- 5.
All sensor nodes are loosely time-synchronized to verify the message and avoid the repeat attack. Many existing loosely time synchronization protocols [7] are suitable for WSN.
- 6.
Once sensor nodes are deployed, their geographic positions are fixed.
Since WSN is typically deployed in an uncontrolled or unreachable environment, each sensor node carries a limited, generally irreplaceable energy source. Therefore, energy conservation is the most important performance objective [1], [2] to extend network lifetime while designing WSN protocols, such as media access control [8], routing [3], [4], [5], [6], data aggregation [9], and security protocols [10], [11], [12] for WSN.
A particular WSN, cluster-based WSN (CWSN), is characterized by adopting a cluster-based routing protocol (CRP). In CRP, a set of cluster heads will be selected after the duration of time which is either periodic or non-periodic. The selected cluster heads then serve as the cluster centers in a specific clustering algorithm which divides the remaining sensor nodes into several clusters. In other words, a cluster head becomes the center of a cluster and the other sensor nodes in this cluster are the member nodes of the cluster head. In CWSN, a member node delivers sensed data to data sink through its cluster head. Through use of CRP, energy can be conserved because sensed data from member nodes are aggregated to high-level information by a cluster head in a cluster. Such data aggregation extends network lifetime by filtering redundant and information-less sensed data. In light of the obvious advantages of CRP, many protocols based on the CRP principle, such as LEACH [3], TEEN [4], APTEEN [5] and PEGASIS [6], have been proposed. However, security is not the primary issue of those CRPs. In fact, WSN is usually deployed in security-sensitive environments, such as factories with automatic control systems, battlefield environments for use by the military, museums for security monitoring, and hospitals for observation of patient status. Therefore, verifying authenticity and integrity of delivered data and keeping the network available for its intended use at all times are absolute prerequisites [10], [11]. Moreover, because a cluster head is responsible for the aggregation of sensed data from its member nodes, an attacker usually considers the cluster head to be its first attack target. That is, there is a higher security demand on cluster heads in CWSN. In other words, the heterogeneous security mechanisms are required in CWSN. Thus, it is more difficult to solve the security issue for CWSN.
In this paper, we propose an energy-efficient hybrid intrusion prohibition (eHIP) system to improve CWSN security while emphasizing energy-conservation at the same time. The heterogeneous security mechanisms are exploited to improve the energy efficiency. The proposed eHIP consists of two subsystems: authentication-based intrusion prevention (AIP) and collaboration-based intrusion detection (CID). In AIP, because the importance of control messages and sensed data are different, two heterogeneous authentication mechanisms are proposed. In CID, because the security demand of cluster heads is different from the security demand of member nodes, two heterogeneous monitoring mechanisms are proposed. Such heterogeneous security mechanisms of eHIP system improve the energy efficiency in CWSN. Furthermore, eHIP can be applied to any existing CWSN because only the general elements – control messages, sensed data, cluster heads, and member nodes – are involved.
The rest of this paper is organized as follows. In Section 2, work relevant to eHIP is introduced. In Section 3, we give the system overview of eHIP and the details of AIP and CID subsystems. The simulation results used to evaluate the performance of eHIP are then presented in Section 4. Finally, our conclusions and possible future work arising from this paper are discussed in Section 5.
Section snippets
Symmetric key management
Encryption and authentication are required to secure WSN against malicious access. Therefore, an efficient key management protocol is essential for security-sensitive WSN. Among the existing CWSN key management protocols, LEAP proposed by Zhu et al. [12] is the most popular and complete. In LEAP, each sensor node equips keys of four types as follows:
- 1.
An individual key (IK) is pre-loaded and only shared with data sink.
- 2.
Several pair-wise keys (PK) are dynamically generated and uniquely shared with
System overview
In this paper, we proposed eHIP system, a hybrid security system which combines intrusion prevention system with intrusion detection system. The first line of defense in eHIP is authentication-based intrusion prevention (AIP). Two heterogeneous authentication mechanisms, control message verification (CMV) mechanism and sensed data verification (SDV) mechanism are proposed in AIP. The second line of defense in eHIP is collaboration-based intrusion detection (CID). Similarly, according to the
Simulation results
In this paper, eHIP is applied to LEACH [3] for simulation purposes. The Massachusetts Institute of Technology supports LEACH CAD tool [37] based on network simulator-2 (ns-2) [38]. The adopted radio propagation models are embedded in ns-2 as described in Section 2.3. The simulation parameters are listed in Table 3 [39]. The parameters in Table 3 are adopted in simulations for many approaches on wireless sensor network including LEACH, the underlying cluster-based routing protocol of proposed
Conclusion and future work
In this paper, the energy-efficient hybrid intrusion prohibition (eHIP) system is proposed to improve the energy efficiency while ensuring the security in cluster-based sensor networks (CWSN). The proposed eHIP system is composed of two subsystems named authentication-based intrusion prevention (AIP) and collaboration-based intrusion detection (CID). Both subsystems provide heterogeneous mechanisms for demands of different security levels in CWSN to improve the energy efficiency. Two
Acknowledgements
We would like to thank the reviewers and editor for their comments and suggestions on this paper. This paper is based partially on work supported by the National Science Council (NSC) of Taiwan, R.O.C., under grant No. NSC94-2213-E-006-081.
Wei-Tsung Su received the B.S. degree in Information and Computer Science from Chung Yuan Christian University, Taiwan in 2000. He is currently working for the Ph.D. degree in Computer Science and Information Engineering from National Cheng Kung University, Taiwan. His research interests include network security and wireless sensor network.
References (40)
- et al.
Wireless sensor networks: a survey
Computer Networks
(2002) - et al.
Handbook of Sensor Networks: Compact Wireless and Wired Sensing Systems
(2005) - W.B. Heinzelman, A. Chandrakasan, H. Balakrishnan, Energy efficient communication protocol for wireless microsensor...
- A. Manjeshwar, D.P. Agrawal, TEEN: a routing protocol for enhanced efficiency in wireless sensor networks, in: 15th...
- A. Manjeshwar, D.P. Agrawal, APTEEN: a hybrid protocol for efficient routing and comprehensive information retrieval in...
- S. Lindsey, C.S. Raghavendra, PEGASIS: power efficient gathering in sensor information systems, in: IEEE Aerospace...
- et al.
Time-diffusion synchronization protocol for wireless sensor networks
IEEE/ACM Transactions on Networking
(2005) - et al.
Medium access control with coordinated adaptive sleeping for wireless sensor networks
IEEE/ACM Transactions on Networking
(2004) - et al.
Minimizing energy consumption in large-scale sensor networks through distributed data compression and hierarchical aggregation
IEEE Journal on Selected Area in Communications
(2004) - et al.
Designing Secure Sensor Networks
IEEE Wireless Communication
(2004)
Denial of service in sensor networks
IEEE Computer
Wireless Communications: Principle and Practice
Cited by (56)
Heterogeneous ad hoc networks: Architectures, advances and challenges
2017, Ad Hoc NetworksGame theory for energy efficiency in Wireless Sensor Networks: Latest trends
2015, Journal of Network and Computer ApplicationsCitation Excerpt :Different proposals for security in WSNs that focus on energy efficiency could be found in the literature. eHIP (Su et al., 2007) tries to solve the intrusion detection and intrusion prohibition. SEEM (Nasser and Chen, 2007) uses multi-path communications to avoid draining the energy of the nodes of a single path, and avoids that malicious nodes get the traffic routed through themselves.
Traffic-and-resource-aware intrusion detection in wireless mesh networks
2014, Ad Hoc NetworksCitation Excerpt :This is because TRAIN only focuses on monitoring traffic paths not all communication links which results in less detection rates for some types of attacks (e.g., single-hop attacks). Energy-efficient intrusion detection in wireless networks has received some attention [27,48,49]. As in the case of other efforts in power-constrained WMN, some power-aware algorithms have been proposed for solar-powered WMN [50–52].
Shielding wireless sensor network using Markovian intrusion detection system with attack pattern mining
2013, Information SciencesCitation Excerpt :In addition, messages must be signed and enciphered prior to sending, and sufficient resources are not always available to handle these various tasks. To avoid having to deal with the encryption systems associated with the security requirements of the WSNs, we employed an intrusion detection system (IDS) to protect sensor nodes against attack [4,23]. We applied game theory to integrate the IDS with the WSNs.
An Efficient Hybrid IDS Deployment Architecture for Multi-Hop Clustered Wireless Sensor Networks
2022, IEEE Transactions on Information Forensics and SecurityCybersecurity Issues in Wireless Sensor Networks: Current Challenges and Solutions
2021, Wireless Personal Communications
Wei-Tsung Su received the B.S. degree in Information and Computer Science from Chung Yuan Christian University, Taiwan in 2000. He is currently working for the Ph.D. degree in Computer Science and Information Engineering from National Cheng Kung University, Taiwan. His research interests include network security and wireless sensor network.
Ko-Ming Chang received the B.S. and M.S. degrees in Computer Science and Information Engineering from National Chen Kung University, Taiwan in 2001 and 2003, respectively. He is currently devoting himself to software engineering at TECOM Co. in Science-Based Industrial Park, Hsin-Chu, Taiwan. His research interests include intrusion detection and wireless sensor network.
Yau-Hwang Kuo was born in Tainan, Taiwan in 1959. He received M.S. and Ph.D. degrees in Computer Engineering from National Cheng Kung University in 1984 and 1988. He was the President of Taiwanese AI Association from 1999 to 2000, the Director of Research Center for Computer System Technology from 1997 to 2000, the Managing Director of Chinese Fuzzy System Association from 1996 to 2000, the Director of Center for Research of E-life Digital Technology, and the coordinator of Computer Science and Information Engineering Program of National Science Council, from 2002 to 2005. He is currently Professor with the Department of Computer Science and Information Engineering, National Cheng Kung University. He is also the chairman of Computer Center, Ministry of Education, R.O.C. His research interests include intelligent computing, knowledge management, broadband communication, information retrieval, pattern recognition, and VLSI design.