정보처리학회논문지C (The KIPS Transactions:PartC)

한국정보처리학회 (Korea Information Processing Society)
권호 표지
DOI QR코드

DOI QR Code

센서 네트워크에서 mHEED를 이용한 에너지 효율적인 분산 침입탐지 구조

Energy Efficient Distributed Intrusion Detection Architecture using mHEED on Sensor Networks

  • 김미희 (미국 North Carolina State University 컴퓨터공학과) ;
  • 김지선 (이화여자대학교 컴퓨터공학과) ;
  • 채기준 (이화여자대학교 컴퓨터학과)
  • 발행 : 2009.04.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

센서 네트워크는 유비쿼터스 컴퓨팅 구현을 위한 기반 네트워크 중의 하나로 그 중요성이 점차 부각되고 있으며, 네트워크 특성상 보안 기술 또한 기반 기술과 함께 중요하게 인식되고 있다. 현재까지 진행된 센서 네트워크 보안 기술은 암호화에 의존하는 인증 구조나 키 관리 구조에 대한 연구가 주를 이루었다. 그러나 센서 노드는 쉽게 포획이 가능하고 암호화 기술을 사용하는 환경에서도 키가 외부에 노출되기 쉽다. 공격자는 이를 이용하여 합법적인 노드로 가장하여 내부에서 네트워크를 공격할 수 있다. 따라서 네트워크의 보안을 보장하기 위해서는 한정된 자원의 많은 센서로 구성된 센서 네트워크 특성에 맞는 효율적인 침입탐지 구조가 개발되어야 한다. 본 논문에서는 센서 네트워크에서 에너지 효율성과 침입탐지 기능의 효율성을 함께 고려하여 침입탐지 기능을 분산적이고 동적으로 변화시킬 수 있는 분산 침입탐지 구조를 제안한다. 클러스터링 알고리즘인 HEED 알고리즘을 수정 (modified HEED, mHEED라 칭함)하여 각 라운드에서 노드의 에너지 잔량과 이웃 노드 수에 따라 분산 침입탐지노드가 선택되고, 침입탐지를 위한 코드와 이전 감시 결과가 이동 에이전트를 통해 전달이 되어 연속적인 감시 기능을 수행한다. 감시된 결과는 일반 센싱 정보에 첨부되어 전달되거나 긴급한 데이터의 경우 높은 우선순위 전달을 통해 중앙 침입탐지 시스템에 전달이된다. 시뮬레이션을 통해 기존 연구인 적응적 침입탐지 구조와 성능 비교를 수행하였고, 그 결과 에너지 효율성 및 오버헤드, 탐지가능성과 그 성능 측면에서 뛰어난 성능 향상을 입증할 수 있었다.

The importance of sensor networks as a base of ubiquitous computing realization is being highlighted, and espicially the security is recognized as an important research isuue, because of their characteristics.Several efforts are underway to provide security services in sensor networks, but most of them are preventive approaches based on cryptography. However, sensor nodes are extremely vulnerable to capture or key compromise. To ensure the security of the network, it is critical to develop security Intrusion Detection System (IDS) that can survive malicious attacks from "insiders" who have access to keying materials or the full control of some nodes, taking their charateristics into consideration. In this perper, we design a distributed and adaptive IDS architecture on sensor networks, respecting both of energy efficiency and IDS efficiency. Utilizing a modified HEED algorithm, a clustering algorithm, distributed IDS nodes (dIDS) are selected according to node's residual energy and degree. Then the monitoring results of dIDSswith detection codes are transferred to dIDSs in next round, in order to perform consecutive and integrated IDS process and urgent report are sent through high priority messages. With the simulation we show that the superiorities of our architecture in the the efficiency, overhead, and detection capability view, in comparison with a recent existent research, adaptive IDS.

키워드

참고문헌

  1. P. Brutch and C. Ko, 'Challenges in intrusion detection for wireless ad-hoc networks,' Proc. of the 2003 Symposium on Applications and the Internet Workshops (SAINT'03 Workshops), pp.368-373, 2003
  2. A. A. Strikos, 'A full approach for intrusion detection in wireless sensor networks,' School of Information and Communication Technology, KTH, March, 2007
  3. S. Doumit and D.P. Agrawal, 'Self-organized criticality & stochastic learning based intrusion detection system for wireless sensor network,' MILCOM 2003-IEEE Military Communications Conference, Vol.22, No.1, pp.609-614, 2003 https://doi.org/10.1109/MILCOM.2003.1290173
  4. C. Su, K. Chang, Y. Kuo, and M. Horng, 'The new intrusion prevention and detection approaches for clustering-based sensor networks,' 2005 IEEE Wireless Communications and Networking Conference (WCNC 2005), March, 2005 https://doi.org/10.1109/WCNC.2005.1424814
  5. S. Zhu, S. Setia, and S. Jajodia, 'LEAP: Efficient Security Mechanisms for Large-Scale Distributed Sensor Networks,' Proc. of the 10th ACM conference on Computer and communications security, 2003
  6. A. Agah, S. Das, K. Basu, and M. Asadi, 'Intrusion detection in sensor networks: A non-cooperative game approach,' 3rd IEEE International Symposium on Network Computing and Applications (NCA 2004), pp.343-346, August, 2004 https://doi.org/10.1109/NCA.2004.1347798
  7. A. da Silva, M. Martins, B. Rocha, A. Loureiro, L. Ruiz, and H. Wong, 'Decentralized intrusion detection in wireless sensor networks,' Proc. of the 1st ACM international workshop on Quality of service & security in wireless and mobile networks, 2005
  8. P. Kannadiga and M. Zulkernine, 'DIDMA: a distributed intrusion detection system using mobile agents,' First ACIS International Workshop on Self Assembling Wireless Networks (SNPD/SAWN 2005), pp.238-245, May, 2005
  9. Ketel, M., 'Applying the Mobile Agent Paradigm to Distributed Intrusion Detection in Wireless Sensor networks,' 40th Southeastern Symposium on System Theory (SSST 2008), pp.74-78, March, 2008
  10. P. Techateerawat and A. Jennings, 'Adaptive Intrusion Detection in Wireless Sensor Networks,' International Conference on Intelligent Pervasive Computing, 2007
  11. Youtao Zhang, Jun Yang, Weijia Li. 'Towards Energy-Efficient Code Dissemination in Wireless. Sensor Networks,' International Conference on Information Processing in Sensor Networks (IPSN 2008), April, 2008
  12. Jing Deng, Richard Han, Shivakant Mishra, 'Secure code distribution in dynamically programmable wireless sensor networks,' Proc. of the fifth international conference on Information processing in sensor networks 2006, pp.292-300, 2006
  13. Sangwon Hyun, Peng Ning, An Liu, Wenliang Du, 'Seluge: Secure and DoS-Resistant Code Dissemination in Wireless Sensor Networks,' Proc. of the 2008 International Conference on Information Processing in Sensor Networks (ipsn 2008), pp.445-456, April, 2008
  14. Wenyuan Xu, Ke Ma, Trappe, W., Yanyong Zhang, 'Jamming sensor networks: attack and defense strategies,' Network, IEEE, Vol.20, No.3, pp.41-47, 2006 https://doi.org/10.1109/MNET.2006.1637931
  15. D. Raymond et al., 'Effects of Denial of Sleep Attacks on Wireless Sensor Network MAC Protocols,' Proc. 7th Ann. IEEE Systems, Man, and Cybernetics (SMC) Information Assurance Workshop (IAW), IEEE Press, pp.297-304, 2006
  16. David R. Raymond, Scott F. Midkiff, 'Denial-of-Service in Wireless Sensor Networks: Attacks and Defenses,' IEEE Pervasive Computing, Vol.7, No.1, pp.74-81, 2008 https://doi.org/10.1109/MPRV.2008.6
  17. J. Newsome, E. Shi, D. Song, and A. Perrig, 'The sybil attack in sensor networks: analysis & defenses,' Proc. of the third international symposium on Information processing in sensor networks, ACM Press, pp.259-268. 2004 https://doi.org/10.1145/984622.984660
  18. J. Deng, R. Han, and S. Mishra. 'Countermeasuers against traffic analysis in wireless sensor networks,' Technical Report CU-CS-987-04, University of Colorado at Boulder, 2004
  19. B. Parno, A. Perrig, and V. Gligor, 'Distributed detection of node replication attacks in sensor networks,' Proc. of IEEE Symposium on Security and Privacy, May, 2005 https://doi.org/10.1109/SP.2005.8
  20. H. Chan and A. Perrig, 'Security and privacy in sensor networks,' IEEE Computer Magazine, pp.103-105, 2003
  21. O. Younis and S. Fahmy, 'HEED: A Hybrid, Energy-Efficient, Distributed Clustering Approach for Ad Hoc Sensor Networks,' IEEE Trans. Mobile Computing, Vol.3, No.4, pp.366-379, Oct.-Dec., 2004 https://doi.org/10.1109/TMC.2004.41
  22. O. Younis and S. Fahmy, 'Distributed Clustering in Ad-Hoc Sensor Networks: A Hybrid, Energy-Efficient Approach,' Proc. IEEE INFOCOM, Mar., 2004 https://doi.org/10.1109/INFCOM.2004.1354534
  23. 최경진, 윤명준, 심인보, 이재용, '무선 센서 네트워크에서의 에너지 효율적인 클러스터 헤드 선출 알고리즘', 한국통신학회논문지, Vol.32, No.6, 2007