An efficient intrusion detection framework in cluster-based wireless sensor networks
Article first published online: 30 JAN 2013
Copyright © 2013 John Wiley & Sons, Ltd.
Security and Communication Networks
Volume 6, Issue 10, pages 1211–1224, October 2013
How to Cite
Sedjelmaci, H., Senouci, S. M. and Feham, M. (2013), An efficient intrusion detection framework in cluster-based wireless sensor networks. Security Comm. Networks, 6: 1211–1224. doi: 10.1002/sec.687
- Issue published online: 23 SEP 2013
- Article first published online: 30 JAN 2013
- wireless sensor networks;
- intrusion detection system;
- detection rate;
- false positive;
In the last few years, the technological evolution in the field of wireless sensor networks was impressive, which made them extremely useful in various applications (military, commercial, etc.). In such applications, it is essential to protect the network from malicious attacks. This presents a demand for providing security mechanisms in these vulnerable networks. In this paper, we design a new framework for intrusion detection in cluster-based wireless sensor networks. Our detection framework is composed of different protocols that run at different levels. The first protocol is a specification-based detection protocol that runs at intrusion detection system (IDS) agents (low level). The second one is a binary classification detection protocol that runs at cluster head (CH) node (medium level). In addition, a reputation protocol is used at each CH to evaluate the trustworthiness level of its IDSs agents. Each CH monitors its CH neighbors on the basis of a specification detection protocol with the help of a vote mechanism applied at the base station (high level). We evaluated the performances of our framework in the presence of four well-known attacks: hello flood, selective forwarding, black hole, and wormhole attacks. We evaluated specifically the detection rate, false positive rate, energy consumption, and efficiency. Simulation results show that our detection framework exhibits high detection rate (almost 100%), low number of false positives, less time to detect the attack, and less energy consumption. Our intrusion detection framework outperforms other schemes proposed in the literature in terms of detection, false positive rate, and energy consumption. Copyright © 2013 John Wiley & Sons, Ltd.