MP-MID: Multi-Protocol Oriented Middleware-level Intrusion Detection method for wireless sensor networks
详细信息 查看全文
- 作者:Qi GuoAuthor Vitae ; Xiaohong LiAuthor Vitae ; Guangquan Xu ; losin@tju.edu.cnAuthor Vitae ; Zhiyong FengAuthor Vitae
- 关键词:Wireless sensor networks ; Intrusion detection ; AWN ; AODV
- 刊名:Future Generation Computer Systems
- 出版年:2017
- 出版时间:May 2017
- 年:2017
- 卷:70
- 期:Complete
- 页码:42-47
- 全文大小:1476 K
- 卷排序:70
文摘
It is very difficult to detect intrusions in wireless sensor networks (WSN), because of its dynamic network topology and diverse routing protocols. Traditional Intrusion Detection Systems (IDS) for WSN only focus attention on some one routing protocol, which lacks universality and flexibility. To solve the problem of multi-protocol intrusion detection, this paper proposes a universal method: MP-MID (Multi-Protocol Oriented Middleware-level Intrusion Detection). Our work can generate all known attack types for any routing protocol of WSN, and furthermore, all of them can be detected with the automatically generated rules. In this work, we formalize the routing protocol with the Process Algebra for Wireless Mesh Networks (AWN) language, and propose the conception of attack points to find out all attack types. Combining attack points with formalized protocol in AWN, we get co-sentences which represent the attack features in the protocol. With program slicing technology, all known attack types can be found out based on co-sentences. According to the characteristic of the key variables of the attack types, MP-MID can generate misused based detection or anomaly based detection. Our case study of ADOV (Ad hoc On-demand Distance Vector) protocol shows that our method generated all types of attacks, which outperforms other work. Experimental results show that our generated detection methods have a relatively high detection accuracy rate as we claimed. Our MP-MID method could be used as a flexible and universal tool to analyze and detect attack types for multi-protocol in WSN effectively.