Article Preview
Top1. Introduction
Wireless Sensor Networks (WSN) are spontaneous networks consisting of tens to several hundreds and sometimes thousands of nodes called sensors or motes. These nodes are dispersed in an environment called a collector field in order to perform autonomously three complementary tasks: to collect data (generally measurements of temperature, humidity, vibrations, radiation, etc.), to process them and finally to transmit theses data to the base station via a radio circuit. Figure 1 illustrates WSN architecture.
Figure 1.
Example of WSN architecture
The attractive features of WSNs (small size, low cost, flexibility and facility of installation, large types of sensors, wireless communication) have enabled this type of networks to invade several application areas and be present not only in the industrial sector but also in medical and everyday life applications (García-Hernando et al. 2008).
Nodes in a wireless sensor network are typically deployed in hostile environments and left unattended with low computing, memory, and energy capabilities with vulnerable wireless communication that can be easily observed and interfered with. All those constraints make the WSN not only an easy target for several types of attacks but also make the application of the existing solutions for wired or even wireless systems inappropriate.
Various types of attacks are possible on different layers of the sensor node and those that affect the overall performance of WSNs are known by denial of service attacks (dos). The first taxonomy of dos attacks for sensor networks has been discusses in (Wood and Stankovic 2002) and for whole attacks in (Roosta et al. 2006). The dos attacks on the routing protocols are the most attacks discussed in the literature (Karlof and Wagner 2003): sinkhole attack, blackhole attack, wormhole attack and selective forwarding attack. Therefore, a lot of solution has been proposed to improve security mechanisms for WSNs against dos routing attacks. Some related research are introduced and analyzed in following section.
In this paper, authors focus on sinkhole attack, which is one of the most destructive attack in WSNs (Ngai et al. 2006; Abdullah, et al. 2015; Raju and Parwekar 2016, Abdirahman and Sukhkirandeep 2019, Zhang and Liu 2019, Sejaphala and Velempini 2020). This attack consists to prevent the base station to receive packets from whole network by attracting all the traffic from neighboring nodes close to the base station based on fake routing information. WSNs are particularly vulnerable to sinkhole attacks due to the communication pattern “many to one” where sensor nodes route data to single base station. Sinkhole attack can be launched from a compromised node or a counterfeit node introduced inside the network. Once launched successfully, sinkhole node can be used to launch further attacks such as selective forwarding attack, wormhole attack, flooding attack, sybil attack and blackhole attack.
The objective of this work is to design and implement an efficient detection scheme based on SVM technique for intrusion detection system (ids) in WSN with energy saving (Lu et al. 2013) (Lu et al. 2014) (Lu et al. 2015). The proposed ids aims to detect a specific dos routing attack namely the sinkhole attack by using two routing information: hop count (HCNT) and destination sequence number (DSN) on ad hoc on demand distance vector (AODV) (Perkins et al. 2003) protocol. Authors experimented binary class support vector machines (SVM) to perform SVM classifier. The dataset used in different experimentations is provided by Garofalo and al in (Garofalo et al. 2013) for a comparison.