| ¡¡ | Chinese Journal of Computers Full Text |
| Title | DoS Attack Detection Scheme for Sensor Networks Based on Traffic Prediction |
| Authors | CAO Xiao-Mei1),2) HAN Zhi-Jie3) CHEN Gui-Hai1) |
| Address | 1)(National Laboratory of Novel Software Technology, Nanjing University, Nanjing 210093) 2) (College of Computer, Nanjing University of Posts and Telecommunications, Nanjing 210003) 3) (Department of Computer Science and Technology, Soochew University, Suzhou, Jiangsu 215006) |
| Year | 2007 |
| Issue | No.10(1798¡ª1805) |
| Abstract & Background | Abstract In wireless sensor networks, how to accurately and rapidly detect denial of service(DoS) attacks, so as to ensure the availability of network infrastructure, is one of the most challenging security problems. This paper proposes a simple and efficient ARMA(2,1) traffic prediction model for sensor nodes based on linear prediction technique. Then a lightweight DoS attacks detection scheme, TPDD(Traffic Prediction based DoS attack Detection), is designed for wireless sensor networks. In TPDD, each node acts independently when predicting the traffic and detecting anomaly. Neither special hardware nor node¡¯s cooperation is needed. Furthermore, a mechanism evaluating reliability of alert is developed to reduce the false alerts caused by prediction or channel error. Simulation results show that ARMA(2,1) model can predict sensor network traffic precisely and swiftly; TPDD is an efficient DoS attacks detection scheme which can quickly detect DoS attacks with less resource overhead. keywords wireless sensor networks; intrusion detection; linear prediction; ARMA model; DoS attacks background The wireless sensor network is a new network technique and typically applied to military, rescue, and digital life environment. The open environment of WSN makes it vulnerable to a wide range of security attacks. Among these attacks, DoS attack is the most destructive one which seriously deplete node resources and damage network availability. Therefore, DoS attack detection scheme should be an indispensable part of WSN, especially for those mission-critical applications. So far, a few intrusion detection approaches have been proposed for WSN. Almost all of them detect attacks by analyzing large amount of data or traffic features and with node¡¯s cooperation. These methods may have higher detection accuracy. However, the complicated calculations and interactive process reduce the efficiency and timeliness of the detection results. To overcome the shortcomings of those methods, the authors propose TPDD, a traffic prediction based DoS attacks detection scheme, which can quickly detect various DoS attacks with less resource overhead. This work is supported by the National Basic Research Program(973 Program) of China under grant No.2006CB303004, the National Natural Science Foundation of China under grants No.60573131 and No.60673154, the National Science Foundation of Jiangsu Province under grants No.BK2005208 and No.BG2007039, and the Science-Technology Project of Henan Province of China under grant No.072102210044. Those projects are conducted around the theories and principles in nowadays network environments, i.e., wireless sensor networks, Internetware and P2P systems. The research team has focused on research of wireless sensor networks for over three years. They have published over 10 papers in highly-ranked international conferences and journals in the fields of security enhancement mechanisms, clustering algorithms and cluster-based routing mechanisms, coverage and topology management, etc. |