Rapidly expanding application areas of wireless sensor networks (WSNs) that include critical civilian and military applications intensify the security concerns especially in hostile unattended environments. In order to ensure the dependability and security of continued WSN services, there is a need of alternate defense line called intrusion detection system (IDS). WSNs are comprised of a huge number of energy-constrained nodes whose battery replacement or recharging is a challenging task after their deployment. In this present work, the authors develop a simple integrated IDS scheme (SIIS) that integrates the concept of clustering along with RC4 and digital signature. For heterogeneous systems, cluster-based protocols perform best as they work on divide and conquer strategy. In order to safeguard the transmitted data, a secured, lightweight digital signature scheme that employs symmetric cryptography is used along with RC4, a synchronous stream cipher that satisfies both efficiency and security for lightweight algorithms.
TopIntroduction
Wireless Sensor Networks (WSNs) comprise of several autonomous sensor nodes (SNs) distributed in varied areas of interest for gathering and cooperatively transmitting important data through a wireless medium to the most powerful node called the base station or sink node. WSNs have several applications in the fields of science and technology owing to its cheap and easy deployment process. These are used in gathering information related to human behavior, healthcare monitoring, military surveillance, highway traffic monitoring, monitoring of environmental and physical phenomenon such as earthquake, wildfire, and pollution, monitoring of industrial sites or manufacturing machine performance among others (Bao et al. 2021), (Madsen et al 2005). Security in WSNs is an important concern especially in the case of mission-critical applications, commercial application or for WSNs deployed in hostile environments. A confidential health record of a patient must not be known by the third party in healthcare application or a security gap existence in military application may lead to causalities in the battle field. It is essential to protect WSNs from varied security threats (Sharma et al. 2017), (Diaz and Sanchez 2016).
Adversary can eavesdrop onto the message being passed, compromise a node, inject fake messages, waste network resources and alter the data integrity (Pragya et al. 2017). This objective is very tough to achieve because of the constrained resources in WSNs such as energy, battery power, processing capabilities and memory. Also because of several reasons such as its distributed and open nature, deployment in unattended environment, WSNs are vulnerable to several types of attacks (Pragya et al. 2017), (Raghuram et al. 2018). These limitations of WSNs reduces the impact of traditional security countermeasures such as cryptography and key management. It is virtually impossible to design such a network in which the attackers cannot find any way for entry. Therefore, the network must consider the integration of fault tolerance capabilities and self-awareness. As the compromised node can launch wide range of attacks in a WSN, an alternate line of defense like IDS is required that is capable of detecting and reducing the threat by detecting the misbehaving nodes (Bhusan and Sahoo 2017b), (Butun et al. 2015), (Sagar and Lobiyal, 2015), (Rajeshkumar and Valluvan 2016).
Motivation: Any unauthorized or unwanted activity in the network that can be achieved actively (packet dropping, harmful packet forwarding, hole attacks) or passively (eavesdropping or information gathering) is referred to as intrusions. Intrusion detection system (IDS) detect suspicious activities within the network and triggers an alarm in case of any intrusion (Almomani et al. 2016). It provides information such as location of the intruder (regional node or single), time of intrusion entry (date and time), activity of the intrusion (passive or active) and type of intrusion. This information is helpful in mitigating and remedying the impact of the attack as some very fine and specific information about the intruder is found. Therefore, there is a need of IDS for maintaining the network security (Bhusan and Sahoo 2019) Due to unique and constrained characteristics of WSNs such as low transmission bandwidth, less data storage and memory size, and limited power supply, most of the security schemes including the IDSs designed for wired networks are not applicable directly for wireless environment. Also, there exists no specialized datasets containing the attacks and the normal profiles in WSNs which can be used to detect the signature of the attack. Therefore, it is a big challenge to design an efficient and effective IDS technique which is applicable for WSNs. This motivates us to design a secure and energy-efficient IDS scheme in this paper.
Our contribution: The major contribution of this paper can be summarized as follows.