一种基于特征的入侵检测模块的优化布置算法被引量：1

An Optimal Placement Algorithm of Signature-based Intrusion Detection Modules in Wireless Sensor Networks

下载PDF

导出

摘要特征检测是传感器网络中一种常用的入侵检测手段,针对入侵检测是否有效,在很大程度上取决于IDS模块的布置。现有IDS模块布置策略可能出现汇聚节点被淹没、网络资源利用率低、以及检测效率低等问题。为了提高检测精度,提出IDS优化布置算法,根据图论中最小割集和最小支配集的概念,把入侵检测模块布置在最小割集的传感器节点上,并通过图论中的最大流来实现最小割集的求解问题。最后通过仿真论证,根据特征检测的IDS布置算法进行仿真。结果表明,与随机布置算法相比,优化布置算法不仅提高检测率,具有良好的收敛性,而且使网络资源的利用效率也大为提高。 Signature-based detection is the mainstay of operational intrusion detection systems in wireless sensor networks.The effectiveness of the signature based intrusion detection techniques depends critically on the placement of the detection modules.Some problems may exist in current strategies,such as the overwhelming of a single sink node,resource usage,as well as the inefficiency.By means of minimum cut-sets,minimum dominating sets in Graph Theory,an optimal Placement strategy of signature-based Intrusion Detection Modules was proposed in this paper.The proposed algorithms,based on the concepts of minimum cut-set and minimum dominating set,enabled the intrusion detection functionality on particular sensor nodes.According to max-flow,minimum cut-sets computation problem was solved.The algorithm performance in identifying intrusions using signature-based detection techniques was studied via simulations.Results showed that the optimal Placement algorithm,compared with Random Placement algorithm,can improve detection rate and converge very well,and the utilization of network resources was also greatly enhanced.

作者王骐王青萍

机构地区湖北第二师范学院物理与电子信息学院

出处《计算机仿真》 CSCD 北大核心 2011年第6期136-140,295,共6页 Computer Simulation

关键词特征检测入侵检测系统模块最小割集最小支配集最大流算法仿真 Signature detection Intrusion detection system（IDS） module Minimum cut-Set（MCS） Minimum dominating-set Max-flow Algorithm simulation

分类号 TP301.6 [自动化与计算机技术—计算机系统结构]

引文网络
相关文献

参考文献9

1A Perrig, J Stankovie, D Wagner. Security in wireless sensor networks[J]. CACM, June 2004,47:53 - 57.
2F Anjum, et al. On Optimal Placement of Intrusion Detection Modules in Sensor Networks [ C ]. 1st International Conference on Broadband Networks. Washington: IEEE Press, 2004. 433 -439.
3S Bandyopadhyay, et al. Clustering distributed data streams in peer - to - peer environments [ J ]. Information Sciences, 2006, 176(14) : 1952 - 1985.
4I Onat and A Miri. An intrusion detection system for wireless sen- sor networks[J]. Wireless And Mobile Computing Networking And Communications, August 2005,3 : 253 - 259.
5D Subhadrabandhu, F Anjum and S Sarkar. On optimal placement of intrusion detection modules in sensor networks[ C]. Proceedings of the First International Conference on Broadband Networks, 2004. 690 - 699.
6R Szewczyk, A Mainwaring, J Polastre, J Anderson and D Culler. An analysis of a large scale habitat monitoring application[ C]. International conference on Embedded networked sensor systems. ACM Press, 2004. 21d - 226.
7A da Silva, M Martins, B Rocha, A Loureiro, L Ruiz and H Wong. Decentralized intrusion detection in wireless sensor net-works[ C]. Proceedings of the 1st ACM international workshop on Quality of service & security in wireless and mobilenetworks, 2005. 16 - 23.
8周贤伟,王培,覃伯平,申吉红.一种无线传感器网络异常检测技术研究[J].传感技术学报,2007,20(8):1870-1874. 被引量：13
9Y Chee, J Rabaey and A Niknejad. A class A/B low power amplifier for wireless sensor networks [ C ]. Proceedings of the 2004 International Symposium on Circuits and Systems, 2004,4 : 409 - 412.

二级参考文献12

1邓聚龙.灰色理论基础[M].武汉：华中科技大学出版社,2002..
2Akyildiz I F,Su W,Sankarasubramaniam Y,and Cayirci E.Wireless Sensor Networks:a Survey[J].Computer Networks,Elsevier Science,2002,38(4):393-442.
3Fei Hu,Neeraj K.Sharma.Security Considerations in Ad Hoc Sensor Networks[J].Ad Hoc Networks,2005,(3):69-89.
4Chris Karlof,David Wagner.Secure Routing in Wireless sensor Networks:Attacks and Countermeasures[C]//First IEEE International Workshop on Sensor Network Protocols and Applications,2003.5.
5Adrian Perrig,John Stankovic,David Wanger.Security in Wireless Sensor Networks[J].Communications of the ACM,2004,47(6):53-57.
6Yongguang Zhang,Wenke Lee.Intrusion Detection in Wireless Ad Hoc Networks[C]//Proc of The Sixth International Conference on Mobile Computing and Networking (MobiCom'2000),Boston,MA,2000:275-283.
7Chien Chung Su,Ko Ming Chang,Yau Hwang Kuo.The New Intrusion Prevention and Detection Approaches for Clustering-Based Sensor Networks[J].IEEE Communications So ciety/WCNC 2005:1927-1932.
8Oleg Kachirski,Ratan Guha.Intrusion Detection Using Mobile Agents in Wireless Ad Hoc Networks[C]//IEEE Workshop on Knowledge Media Networking(KMN'02).Kyoto,JAPAN,2002:153-158.
9Guy Helmer,Johnny s.k.Wong,Vasant Honavar,Les Miller,Yanxin Wang.Lightweight Agents for Intrusion Detection[J].The Journal of Systems and Software,2003,(67):109-122.
10J.Kennedy and R.C.Eberhart,A New Optimizer Using Particles Swarm Theory[C].Sixth International Symposium on Micro Machine and Human Science,Nagoya,Japan,1995.

共引文献12

1王骐,王殊,孟中楼.无线传感器网络中一种基于接收功率异常的入侵检测算法[J].计算机科学,2009,36(3):34-37. 被引量：6
2王骐,王殊,孟中楼.无线传感器网络中一种基于能效的入侵检测算法-3N算法研究[J].微电子学与计算机,2010,27(4):153-157. 被引量：1
3毛郁欣,魏贵义.基于多反馈路径的无线传感器网络安全路由机制[J].传感技术学报,2010,23(10):1486-1493. 被引量：2
4易晓梅,吴鹏,刘丽娟,戴丹.基于PSO-RBF无线传感器网络入侵检测技术研究[J].传感器与微系统,2011,30(9):9-11. 被引量：4
5王骐,王青萍,王怀兴.一种基于节点实时流量的异常检测算法[J].压电与声光,2011,33(5):823-826.
6唐琪,刘学军.无线传感器网络分布式离群数据检测研究[J].传感技术学报,2012,25(6):831-836. 被引量：1
7唐琪,刘学军.无线传感器网络离群时间序列检测研究[J].传感技术学报,2013,26(1):95-99. 被引量：3
8王岩,李洪亮.无线传感网络局部离群节点定位模型仿真[J].计算机仿真,2013,30(12):253-256. 被引量：5
9狄国义.无线网络通信中离群失联节点定位仿真分析[J].计算机仿真,2014,31(9):335-338. 被引量：5
10张庆.异常检测技术在移动设备及网络安全防护中的应用[J].电子设计工程,2014,22(20):55-57. 被引量：1

同被引文献12

1卢辉斌,徐刚.一种新的基于数据挖掘的入侵检测方法[J].微处理机,2006,27(4):58-60. 被引量：4
2罗敏,阴晓光,张焕国,王丽娜.基于孤立点检测的入侵检测方法研究[J].计算机工程与应用,2007,43(13):146-149. 被引量：6
3赵晓峰,叶震.基于加权多随机决策树的入侵检测模型[J].计算机应用,2007,27(5):1041-1043. 被引量：6
4Li Hanguang, Ni Yu. Intrusion detection technology research based on apriori algorithm [ C]//Proc of 2012 international conference on applied physics and industrial engineering. Hong Kong: [ s. n. ] ,2012 : 1615-1620.
5Wu Suyun, Yen E. Data mining-based intrusion detectors [ J ]. Expert Systems with Applications ,2009,36 ( 3 ) :5605-5612.
6Kamal A H M, Zhu Xingquan, Pandya A, et al. Feature Selec- tion with biased sample distributions [ C ]//Proceedings of the IEEE international conference on information reuse and inte- gration. Las Vegas, NV : IEEE ,2009:23-28.
7Kamal A H M, Zhu Xingquan, Pandya A S, et al. Feature se- lection for datasets with imbalanced class distributions [ J ]. In- ternational Journal of Software Engineering and Knowledge Engineering,2010,20 (2) :113-137.
8Tsai Chih-Fong, Hsu Yu-Feng, Lin Chia-Ying, et aL Intru- sion detection by machine learning: a review [ J ]. Expert Sys- tems with Applications ,2009,36 (10) : 11994-12000.
9黄斌,史亮,姜青山,吴楠楠.基于孤立点挖掘的入侵检测技术[J].计算机工程,2008,34(3):88-90. 被引量：11
10李睿,肖维民.基于孤立点挖掘的异常检测研究[J].计算机技术与发展,2009,19(6):168-170. 被引量：4

引证文献1

1李蓉,周维柏.基于多特征选取和类完全加权的入侵检测[J].计算机技术与发展,2014,24(7):145-148. 被引量：2

二级引证文献2

1刘华春,侯向宁,杨忠.基于聚类与关联的入侵检测系统研究设计[J].计算机技术与发展,2015,25(7):133-137.
2季姝,俞静.基于冗余数据压缩算法的经济信用风险研究[J].电子设计工程,2017,25(7):15-18. 被引量：3

1毕军,庄文玲.探析计算机网络安全中入侵检测系统模块的设计[J].电子技术与软件工程,2014(11):219-220. 被引量：2
2李健,顾国昌,张国印.入侵检测实现方法研究[J].应用科技,2004,31(7):34-36. 被引量：2
3孟晖,王海涛.Ad hoc网络中典型分簇算法的性能分析[J].解放军理工大学学报（自然科学版）,2006,7(6):531-536. 被引量：1
4吴柏君,林锋,周激流.基于最小支配集组簇的MF路由协议[J].计算机工程,2010,36(4):99-102. 被引量：1
5任晓玲,白雪,刘希玉.粘贴模型在两类特殊问题中的改进算法研究[J].计算机科学,2012,39(S3):252-255.
6廖飞雄,马良.禁忌遗传算法求解最小支配集[J].计算机工程与应用,2007,43(24):81-84. 被引量：3
7黄辉,郭帆,徐淑芳.基于改进蚁群算法的多态蠕虫特征提取[J].计算机应用,2013,33(12):3494-3498. 被引量：1
8王娇.基于人工免疫算法的传感器节点布置策略[J].电子测量技术,2015,38(6):97-99. 被引量：9
9唐海兵,秦怀青.利用决策树改进基于特征的入侵检测系统[J].微机发展,2005,15(4):102-105. 被引量：3
10唐谦,张大方,黄昆.基于信息增益率的决策树对入侵检测的改进[J].计算机工程,2006,32(7):146-148. 被引量：8

计算机仿真

2011年第6期

浏览历史

内容加载中请稍等...

一种基于特征的入侵检测模块的优化布置算法被引量：1

参考文献9

二级参考文献12

共引文献12

同被引文献12

引证文献1

二级引证文献2

相关作者

相关机构

相关主题

浏览历史

一种基于特征的入侵检测模块的优化布置算法 被引量：1

参考文献9

二级参考文献12

共引文献12

同被引文献12

引证文献1

二级引证文献2

相关作者

相关机构

相关主题

浏览历史

一种基于特征的入侵检测模块的优化布置算法被引量：1