Dissertation Defenses
- Related Topics
- Main
List of Archives:
Dissertation Defenses - Current Dissertation Defenses
- Templates
for
formatting theses
& dissertations - WMU Academic Skills Center
- Word
Processing
and Editing Sources - Graduate
College
Financial Aid - Career
& Student
Employment Services - Research
& Service
Assistantships - Online
Application
Form
(Now payable by CC Online) - Office
of Student
Financial Aid - Graduate Catalog
Doctoral Dissertation Announcement
Candidate: Vijay Bhuse
Degree of:
Doctor of Philosophy
Department: Computer Science
Title: Lightweight intrusion detection: A second line of defense for unguarded wireless sensor networks
Committee:
Dr. Ajay Gupta (Advisor),
Dr. Mohsen Guizani,
Dr. Leszek Lilien
Dr. Aaron Striegel.
Date: Monday, January 29, 2007 9:00 a.m. - 11:00 p.m.
Parkview Campus D210
Abstract: Wireless sensor networks (WSN) are a unique class of ad hoc networks formed of stationary nodes with stringent resources (in terms of battery power, processor speed, memory and radio range). They have specific communication and traffic patterns. It is envisioned that when deployed in large scale, they can deeply monitor the surroundings.
Making sensor networks secure is especially challenging because of wireless medium, resource constraints of nodes and the fact that WSN is physically unguarded. Sensor nodes can be physically compromised which leads to the loss of a secret information. Cryptography based techniques alone are incapable of securing WSN. The code of sensor nodes can be altered to pose attacks. Even new sensors can be added just to pose attacks. Hence, intrusion detection techniques must be designed to detect most dangerous attacks. Further, these techniques should be lightweight because of resource constrained nature of WSN.
We identify challenges in intrusion detection for WSN. We find that masquerade/Sybil and packet dropping are the precursors for many other attacks. Therefore we first focus on proposing lightweight detection techniques for most dangerous attacks such as masquerade, Sybil, packet dropping, sinkhole, data-forging by an aggregator, exhaustion, HELLO flood and infusing invalid information. We also propose techniques which add new nodes securely, allow sensor nodes to send anomalies or information about detected attacks/attackers to the base station and isolate detected attackers.
MG method for detecting masquerade/Sybil is based on overhearing the communication of immediate neighbors. This is a novel and fundamental contribution and can be used for any wireless network. Another technique (SRP method) verifies the number of packets sent and received from nodes based on their id.
For periodic monitoring type of applications, we propose a technique to detect packet dropping and sinkhole which estimates the number of packets a node should receive/send from/to its neighbors. Estimating the number of packets is possible because sensor nodes send data periodically to the base station using a deterministic traffic pattern. The proposed mechanism also detects exhaustion and HELLO flood attacks. Our technique (DPDSN) detects packet dropping paths and detects packet dropping nodes only if there is a need to do so.
We also propose overhearing based technique for detecting data forging by sensor nodes and aggregator. Our work in detecting invalid source of information (IASN) is based on expecting certain kind of data from a certain neighbor. We embed the process of mapping neighbors to data in the routing protocol itself.
Our solutions take into consideration important WSN characteristics like coverage, connectivity, data aggregation, communication patterns and periodic traffic. We analyze the probability of success and overhead of these techniques. These solutions do not substitute cryptography based techniques which generally provide the first line of defense. Instead they compliment the first line of defense. These solutions are necessary because physical capture of a sensor node is easily possible.