This paper proposes an instance-learning-based intrusion-detection system (IL-IDS) for wireless sensor networks (WSNs). The goal of the proposed system is to detect routing attacks on a WSN. Taking an existing ins...This paper proposes an instance-learning-based intrusion-detection system (IL-IDS) for wireless sensor networks (WSNs). The goal of the proposed system is to detect routing attacks on a WSN. Taking an existing instance-learning algorithm for wired networks as our basis, we propose IL-IDS for handling routing security problems in a WSN. Attacks on a routing protocol for a WSN include black hole attack and sinkhole attack. The basic idea of our system is to differentiate the changes between secure instances and attack instances. Considering the limited resources of sensor nodes, the existing algorithm cannot be used directly in a WSN. Our system mainly comprises four parts: feature vector selection, threshold selection, instance data processing, and instance determination. We create a feature vector form composed of the attributes that changes obviously when an attack occurs within the network. For the data processing in resource-constrained sensor nodes, we propose a data-reduction scheme based on the clustering algorithm. For instance determination, we provide a threshold-selection scheme and describe the concrete-instance-determination mechanism of the system. Finally, we simulate and evaluate the proposed IL-IDS for different types of attacks.展开更多
In recent years,following the development of space commutation,space information has become a critical part in space information network and will play a very significant role in winning future information war.A space ...In recent years,following the development of space commutation,space information has become a critical part in space information network and will play a very significant role in winning future information war.A space information network with characteristics such as complex structure,special communication requirement,long delay,dependence on remote maintenance,and fragile ecological environment contains enormous security risks.Therefore,ensuring space information network safety is important.Intrusion-detection model as an important part of a network security system becomes a hot issue in space network security.We propose an intrusion-detection method that integrates anomaly with misuse,which supports automatic updates from a remote ground,and design a distributed intrusion-detection model of space information network.展开更多
文摘This paper proposes an instance-learning-based intrusion-detection system (IL-IDS) for wireless sensor networks (WSNs). The goal of the proposed system is to detect routing attacks on a WSN. Taking an existing instance-learning algorithm for wired networks as our basis, we propose IL-IDS for handling routing security problems in a WSN. Attacks on a routing protocol for a WSN include black hole attack and sinkhole attack. The basic idea of our system is to differentiate the changes between secure instances and attack instances. Considering the limited resources of sensor nodes, the existing algorithm cannot be used directly in a WSN. Our system mainly comprises four parts: feature vector selection, threshold selection, instance data processing, and instance determination. We create a feature vector form composed of the attributes that changes obviously when an attack occurs within the network. For the data processing in resource-constrained sensor nodes, we propose a data-reduction scheme based on the clustering algorithm. For instance determination, we provide a threshold-selection scheme and describe the concrete-instance-determination mechanism of the system. Finally, we simulate and evaluate the proposed IL-IDS for different types of attacks.
基金supported in part by the National Natural Science Foundation of China(No.91438120)the Foundation of Key Laboratory of Aerospace Broadband Network Technology(No.KTKD20140603)the Foundation of Chinese Defense Advance Research Program of Science and Technology(No.9140A15030115DZ08042).
文摘In recent years,following the development of space commutation,space information has become a critical part in space information network and will play a very significant role in winning future information war.A space information network with characteristics such as complex structure,special communication requirement,long delay,dependence on remote maintenance,and fragile ecological environment contains enormous security risks.Therefore,ensuring space information network safety is important.Intrusion-detection model as an important part of a network security system becomes a hot issue in space network security.We propose an intrusion-detection method that integrates anomaly with misuse,which supports automatic updates from a remote ground,and design a distributed intrusion-detection model of space information network.