SAID: a self-adaptive intrusion detection system in wireless sensor networks

  • Authors:

  • Jianqing Ma;Shiyong Zhang;Yiping Zhong;Xiaowen Tong

  • Affiliations:

  • Department of Computing and Information Technology, Fudan University, Shanghai, China;Department of Computing and Information Technology, Fudan University, Shanghai, China;Department of Computing and Information Technology, Fudan University, Shanghai, China;School of Software, Shanghai Jiao Tong University, Shanghai, China

  • Venue:
  • WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
  • Year:
  • 2006

Quantified Score

Hi-index 0.00

Visualization

Abstract

Intrusion Detection System (IDS) is usually regarded as the second secure defense of network. However, traditional IDS cannot be suitable to deploy in Wireless Sensor Networks (WSN) because of the nature of WSN (e.g. self-origination, resource-constraint, etc). In this paper, we propose a kind of three-logic-layer architecture of Intrusion Detection System (IDS)-SAID by employing the agent technology and thought of immune mechanism. It has two work modes: 1) active work mode to improve the effectiveness and intelligence for unknown attacks; 2) passive work mode to detect and defend known attacks. The basic functions of these three layers, intrusion response, evolution approach of agent and knowledge base are also presented in this paper. Furthermore, we take advantages of local intrusion detection system and distributive & cooperative intrusion detection system to have a tradeoff among the security of WSN and communication overhead. We also design three kinds of light-weight agents: monitor agents, decision agents and defense agents in order to reduce communication overhead, computation complexity and memory cost. The analysis and experiment result illustrate that SAID has nice properties to defend attacks, and suitable to deploy in WSN.