Abstract
Due to the features like distributed structure, open wireless network system etc. the Wireless Sensor Networks (WSN) are pruned to security attacks at various levels. These attacks may have significant influence on the efficiency of WSN. During the anomalous attacks, attackers manage to get unauthorized accesses to the network and harm the network system and services to make them ineffective. A counter mechanism is essential to overcome the influence of the attacks and sustain the efficiency of the network. In that process it is required to find the evidence for the activities of the attacker in the network. In the present research work, an attempt has been made to develop and implement a mechanism or scheme to find the evidence for the existence of an attacker in the network and to provide security measure to the WSN system by filtering the attacker to prevent the attacks. This is achieved by designing and implementing an Attacker Evidence System (AES) as a simple network security measure in wireless sensor networks systems. The proposed AES is designed for homogeneous and heterogeneous WSN models considering single and multiple-sensing detection schemes. The present security measure and its simulation results have been presented and discussed. The results reveal that the present AES works as per expectations for both the types WSNs and can be a proto-type for further extensions.
Keywords
Similar content being viewed by others
1 Introduction
Now-a-days, it has become essential for every organization to have its own security policy as per its requirements based upon its adopted technology like Communication Network, Parallel Computing System, Distributed Computing System, Cloud System, Adhoc Network, Mobile Network, Wireless Sensor Network etc. This security policy may be intended to protect organization through pro-active policy stance [1]. From the literature it is well understood that Computer Security is concerned with the loss or harm to the hardware, software or information of an organization. It also includes denial, disruption and misdirection of the services and facilities provided by the computer system [2,3,4,5,6]. The Computer Security may be considered as combination of System Security, Network Security and Data or Information Security. Data security or Information Security deals with security issues, policies and services of data under communication. Data Security provides security services for threats concerned with data confidentiality, authentication, integrity, non-repudiation, access control and availability [7,8,9,10]. As Information Systems are designed in multilayered structures, the above security issues have their influence at different layers of the systems and affect the performance of the Systems [11]. In this context, the security issue like confidentiality is becoming a challenge task in the environment of new technologies such as cloud computing, wireless communication systems etc. [12]. One aspect of the confidentiality of an Information System is unauthorized access to the network by a third party to steal important information or causing damage to the efficiency of the Information System [7,8,9,10]. An unauthorized access to the computer networking system is known as attack/hack/intrusion and is one of the most serious threats to the Computer Security. Hence, it is essential to design a security measure to detect the attacker to assess the vulnerability of the system or to protect the system from misuse [7]. An Attacker Evidence system (AES) is software and/or hardware based security scheme to detect the attempts of an attacker intended to misuse the systems such as network or the Internet [13].
A wireless sensor networks (WSN) is a wireless network consisting of spatially distributed autonomous devices using sensors to cooperatively monitor physical or environmental conditions [14]. The WSN have many applications such as military, civil, healthcare, home automation, traffic control etc. It normally constitutes a wireless adhoc network associating with a multi-hop routing algorithm [15]. A WSN is an adhoc distributed system consisting of several wirelessly connected sensor nodes and can be deployed to collect information about surrounding environment [16]. WSNs are highly vulnerable to security attacks at various levels due to various factors like distributed nature, multi-hops, open wireless medium etc. [16,17,18]. Hence an effective security measure is to be designed to overcome the attacks like intrusion or hacking in WSN. An Attacker Evidence system (AES) can be designed and implemented to detect and prevent from security attacks [19]. Survey reveals that earlier, several researchers have designed and implemented Intrusion Detection Systems for WSN in different scenarios such as Anomaly-based IDS, Signature-based IDS, and Cross layer IDS etc. [13, 17, 18]. The probability of creating more false alarms is a problem with Anomaly-based IDSs, even though they are lightweight in nature. Overheads like updating and inserting new signatures and suitability to larger WSN are the disadvantages with Signature-based IDSs. As the WSNs have resource limitation, the Cross layer IDSs are usually not suitable [13, 17, 18]. Based upon the capability the WSNs can be classified as homogeneous and heterogeneous. Large sensing range, more power and broad casting power management information are the significant features of Heterogeneous WSNs in comparison with homogeneous WSNs [13, 14]. The two important conditions for ensuring detection probability in WSNs are the network connectivity and broad cast reach ability in a secured manner [14, 18, 20]. A few have considered the case of IDS for heterogeneous WSN security in comparison with homogeneous one with a simple simulation method. A comparative study may be considered for both homogeneous and heterogeneous WSNs in terms of intrusion/hacker detection. Hence this is the motivation for the present work to design and implement an Attacker Evidence system (AES) for homogeneous and heterogeneous WSNs by using a simple simulation method. This simple method may be a proto-type but would be useful to extend further. To the best of our knowledge, our effort is the first to address this issue both in homogeneous and heterogeneous WSNs for a simple simulation using Attacker Evidence system (AES).
2 Earlier Intrusion Detection Systems (IDS) and WSN
Various attacker/intrusion/hacker detection systems have been designed and implemented in different scenario and detailed information is available in vast literature [13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29]. It is already understood that An Intrusion Detection system (IDS) is software and/or hardware based security scheme to detect the attempts of an intruder intended to misuse the systems such as network or the Internet [13]. From [14], the IDS comprise of mainly three components namely sensors, console and central engine. The security events of the WSN are produced by sensors. The WSN events and their related alerts are monitored by console. The centrals records events and set rules for generation of alerts. The intrusion detection is possible in two ways: intrusion detection by a single sensor or multiple sensors collective cooperation. As the former is ineffective in some cases, multiple sensor detection can be considered for intrusion detection. The data flow in homogeneous and heterogeneous wireless sensors is as shown in Fig. 1. S and D indicate Source and Detector and R1, R2, and R3 are receiving nodes in WSN. The directions indicate the flow of data through the networks. The intruder may be denoted by a cloud symbol.
3 Attacker Evidence System (AES)
With reference to [14], the presently proposed simple Attacker Evidence System (AES) can be designed in five modules: 1. WSN construction, 2. Generation of Packets. 3. Identifying authorized and unauthorized port. 4. Inter-Domain Packet Filter construction and 5. Valid packet reception. In the first module WSN is designed such a way that each node is connected to the neighboring nodes and each port number is authorized by all nodes. In the second module a browser is designed to convert selected data into a fixed size of packet. These packets are sent from source to detector. In the third module in order to find authorized and unauthorized port a detection mechanism is designed. This module checks whether the path is authorized or unauthorized using the port number and if path is authorized the packet is send to valid destination. Otherwise the packet will be deleted. In the fourth module the Inter-Domain Packet Filter is designed. The Packet Filter filters the packets received from other than the designated port number and authorized packets will be send to destination. Finally, the valid packet reception module receives all the valid Packets. Thus only valid packets reach the destination from the source node [30]. The design logic for the Attacker Evidence System (AES) is shown in Fig. 2. The system design comprises of mainly data input and output mechanisms. 1. Input Design: (i) Source file browsing (ii) Conversion of selected data into fixed size packets. (iii) Write program to hack the packet (iv) Selection of port number to send the packet (v) Sending packet from source to detector. 2. Output Design: (i) Filtering and discarding of packet from unauthorized port (ii) Sending authorized packets to destination. The functional flow of data, data input, intruder detection, packet filtering, and reception packets are shown in data flow diagram (Fig. 2).
At first the user will input the data from a file and sends this packet to the detector and the detector filters the received packets. In case the packet is authorized it will be sent to a valid receiver. If the packet is an unauthorized one, then it will be discarded into the sink. Thus the design plan is implemented in four modules: Network construction module, Detector module, Packet filter module and Receive packet module. The corresponding software design plan is shown in Figs. 3 and 4. The Network Construct module is a network, with attributes Construct and with responsibilities container.add(c); The Detector module comprises the attributes analyzing and responsibilities void server(); The packet filter contains attributes Testing and responsibilites r1.server; Finally the sink module contains attributes Receive packets and responsibilites get.packet().
-
(a)
User Requirement Specification: The main user requirements are User Characteristics, Functional Requirements, and Non Functional Requirements. The user requirements are briefly outlined below:
-
1.
User Characteristics: A user interface is used to search the data and services. An operational user interface can be used to add new data as and when required. Provision for operations like update/delete the data. No access rights for the user to access the system.
-
2.
Functional Requirements: (i) Frame a packet and send the packet over the network. (ii) Write the instruction program to hack the packet over inappropriate, incorrect, anomalous attackers. (iii) This should be for both homogeneous and heterogeneous WSN models.
-
3.
Non-Functional Requirements: (i) Usability: A procedure is designed to establish connection between a sender and a receiver with no third party intervention. (ii) Reliability: The java platform makes the system more reliable. (iii) Performance: The system performance depends on the high level languages and the advanced network technologies. (iv) Supportability: A cross platform supported system is to be designed. (v) Implementation: The system is implemented in java network programming environment with Windows xp professional platform.
-
(b)
System Requirements: The system requirements for the AES are: Hardware: Pentium IV 2.6 GHz Processor, 512 MB DD RAM, 20 GB Hard Disk, LG 52X CD Drive, Standard Keyboard, Mouse, Internet/Networking. Software: Java, JFrameBuilder and Window’s Xp.
4 AES Implementation
The architecture of a WSN node is as shown in Fig. 5. According to the networking principles each node contains the data of authorized ports of all other nodes in the network. Each node can verify whether a packet is from an authorized port or not by running a suitable algorithm and accordingly takes the decision for next action. All the operations, respective screen display operations and screen displays involved in the simulation at source, detector and receiver level are presented in Table 1. Predefined authorized and unauthorized ports data has been stored in files and the files have been browsed to select the ports for communicating packets through the WSN. The present AES has been simulated in the environment of Java, JFrame Builder and Window’s XP operation system using the specified hardware and software. The simulated results that have been obtained by implementing the operations as per the Table 1 have been reported in Table 2. Also important screen shots have been presented for better understanding of the simulated results and the process of AES in Fig. 6.
5 Conclusions
In the present research work we have designed and implemented an Attacker Evidence system (AES) as a simple network security measure in a wireless networks system considering both a homogeneous and heterogeneous structures. Also we considered the two sensing detection models: single-sensing detection and multiple-sensing detection. The implemented security measure scheme and its simulated results have been presented and discussed. From Tables 1 and 2, it is evident that the AES is working as per the expectations. The attacker is being detected and reported properly. The screening of the packets from unauthorized ports and at the same time allowing the valid packets to the receiver are also executed as per the expectations. Thus the present AES can be useful to send information in a secured manner through the WSN. By using multiple sensors network in the present scheme we could not only detect the presence of malicious elements but also preventing the attacks by filtering and discarding them. A comparison can be done from the results for both homogeneous and heterogeneous WSNs in terms of attacker detection and it is inferred that the mechanism is more effective in later one. Thus the present Attacker Evidence System (AES) shows the existence of the attacker and also prevents the attack and in turn acts as security measure for a wireless network system which is the objective of the present research work. In scope, the present Attacker Evidence System (AES) may be a proto-type, but the simulation can be extended to study intrusion detection probability within a certain intrusion distance under various application scenarios. The model can be further improved for a larger and more realistic WSN by characterizing attacker detection probability with respect to the intrusion distance and the network parameters like node density, sensing range, transmission range etc. The model can be further enhanced for attacker/hacker/intrusion detections in internet applications and parallel computer interconnection networks.
References
Garret, C.: Importance of Security Policy (2012). http://www.slideshare.net/charlesgarrett/importance-of-a-security-policy-11380022
New firewall can protect your phone from security threat. http://www.deccanchronicle.com/technology/in-other-news/060717 (2017)
http://searchitoperations.techtarget.com/definition/hardware-security (2017)
https://www.itgovernance.co.uk/shop/category/information-security 2017
Stallings, W.: Cryptography and Network Security-Principles and Practices, 4th edn. Pearson Education (2006)
Stallings, W.: Data and Computer Communications, 5th edn. PHI (1999)
Forouzan, B.A. : Cryptography and Network Security, Special Indian Edition, TMH (2007)
Forouzan, B.A.: TCP/IP Protocol Suite, TMH (2000)
Kisielnicki, A., Sroka, H.: Systemy informacyjne biznesu, Warszawa: Placet, S. 17 (2005). ISBN 83-85428-94-1
Wawak, S.: The importance of information security management in crisis prevention in the company. In: Proceedings of ISBAGECC-2017 (2017). http://www.academia.edu/1649676
Alrajeh, N.A., Khan, S., Shams, B.: A review -intrusion detection systems in wireless sensor networks. Int. J. Distrib. Sens. Netw. 2013, 1–9 (2013). https://doi.org/10.1155/2013/304628
Agrawal, D.P., Zeng, Q.A.: Intrusion detection in wireless ad-hoc networks. In: Introduction to Wireless and Mobile Systems, 4th edn., p. 28 (2014)
Sharma, U., Bahl, N.: A review on security issues and attacks in wireless sensor networks. Int. J. Adv. Res. Comput. Sci. (IJARCS) 8(4), 387–391 (2017)
Zheng, J., Jamalipour, A. (eds.): Wireless Sensor Networks: A Networking Perspective. John Wiley, Hoboken (2009)
Butun, I., Morgera, S.D., Shankar, R.: A survey of intrusion detection system in wireless sensor networks. IEEE Commun. Surv. Tutorials 16(1), 266–282 (2014)
Simenthy, J.R., Vijayan, K.: Advanced intrusion detection system for wireless sensor networks. IJAREEIE 3(3), 167–172 (2014)
Amita, G., Subir, H.: A survey on energy efficient intrusion detection in wireless sensor networks. JAISE 9(2), 239–261 (2017)
Mitche, R., Chen, I.R.: A survey on intrusion detection in wireless sensor network applications. Comput. Commun. 42, 1–23 (2014)
Singh, J., Thaper, V.: Intrusion detection system in wireless sensor networks. IJCSCE 1, 2 (2012)
Kamaev, A., Finogeev, A.G., Finogeev, A.A., Parygin, D.S.: Journal of Physics: Conference Series, vol. 803(1) (2017)
Sathya, D., Krishneswari, K.: A Novel Cross Layer Rule Based Intrusion Detection System to Detect the Attacks Coming from Different Layers in WSN (2016). http://nopr.niscair.res.in/handle/123456789/34052
Yarvis, M., Kushalnagar, N., Singh, H., Rangarajan, A., Liu, Y., Singh, S.: Exploiting Heterogeneity in Sensor Networks, 5th edn., vol. 8. AK Press (2007)
Wang, X., Yoo, Y., Wang, Y., Agrawal, D.P.: Impact of Node Density and Sensing Range on Intrusion Detection in Wireless Sensor Networks, 6th edn., vol. 2. ECW Press (2006)
www.ijcsit.com; 1000projects.org; www.ijetr.org; www.ukessays.com; www.jpinfo.org; www.rroij.com; etd.ohiolink.edu; forums.havenworld.co.uk; www.ijrte.org; theglobaljournals.com
Acknowledgements
B. Srinivasa Rao is very much thankful to Dr. L. Pratap Reddy, Professor, Department of ECE, JNTUH, Hyderabad, for his valuable suggestions. Also thankful to the Management of GRIET for their encouragement and cooperation for pursuing his Ph.D. work.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made. The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
Copyright information
© 2018 The Author(s)
About this paper
Cite this paper
Srinivasa Rao, B., Premchand, P. (2018). Attacker Evidence System in WSN. In: Sharma, R., Mantri, A., Dua, S. (eds) Computing, Analytics and Networks. ICAN 2017. Communications in Computer and Information Science, vol 805. Springer, Singapore. https://doi.org/10.1007/978-981-13-0755-3_13
Download citation
DOI: https://doi.org/10.1007/978-981-13-0755-3_13
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-0754-6
Online ISBN: 978-981-13-0755-3
eBook Packages: Computer ScienceComputer Science (R0)