Popis: |
Wireless sensor networks (WSNs) are applied to various applications, ranging from military to civilian fields. Due to the critical nature of such applications, security issues are of significant importance. WSNs are vulnerable to different types of attacks since they are often deployed in hostile and unprotected environments. In this paper, we present a novel distributed intrusion detection approach, called PCADID, for detecting routing attacks in WSNs. In the approach, we partition a WSN into groups of sensor nodes. In each group, some nodes are selected as monitor nodes, which cooperate with each other to compose a global normal profile. Every monitor node establishes a subprofile of its own normal network traffic using principal component analysis (PCA) and sends it to other monitor nodes. Every monitor node composes the global normal profile based upon all received subprofiles and uses it to detect anomalies in its own network traffic. As the normal network behavior changes over time, the global normal profile is updated. We demonstrate that PCADID achieves a high detection rate with a low false alarm rate, while minimizes the communication overhead and energy consumption in the network. |