![Sample our Computer Science journals, sign in here to start your access, latest two full volumes FREE to you for 14 days]({"type":"image" , "src" : "/sda/5928/TOC-Subject-Sample-2021-Computer-Science.jpg"})
Abstract
We present an approach to provide Intrusion Detection Systems (IDS) facilities into Wireless Sensors Networks (WSN). WSNs are usually composed of a large number of low power sensors. They require a careful consumption of the available energy in order to prolong the lifetime of the network. From the security point of view, the overhead added to standard protocols must be as light as possible according to the required security level. Starting from the DESERT tool [Citation14, Citation16, Citation25] which has been proposed for component-based software architectures, we derive a new framework that permits to dynamically enforce a set of properties of the sensors behavior. This is accomplished by an IDS specification that is automatically translated into few lines of code installed in the sensors. This realizes a distributed system that locally detects violation of the sensors interactions policies and is able to minimize the information sent among sensors in order to discover attacks across the network.
Notes
∗The research was partially funded by the European project COST Action 293, “Graphs and Algorithms in Communication Networks” (GRAAL). Preliminary results contained in this paper appeared in the [Citation15].
1Indeed we observe the interactions with its transmitting/receiving system, enabling it according to the specified polices.
2This specification is associated with the role definition, but in this paper we omit such detail.
3For the sake of brevity we do not show the syntax and the semantic of the predicates. These implementation details are described in [Citation25] where we show as each predicate is constituted by atomic formulae connected by means of and, or and not operators. Atomic formulae involve message parameters, constants and the usual operator = =, ! = , >, sizeof and so on.
4The instructions are specified in the same language used to implement the IDS.
5Each sensor playing the role C has its local copy of these variables.
6Note that, in our example, while a clusterhead is collecting messages (i.e., the system is either in q2 or q3 or q4), it is not allowed to receive a forward. This, in fact, can happen only at q1. In order to not waste messages, this means that, according to the scheduling at the MAC layer, there is some time that is a priori set up. During such a time a clusterhead can wait for other messages without incurring in any forward.
7Again, in order to not waste forward messages we may think of a buffer for the In-Range roles in which a forward is temporarily stored till a new ClusterHead is elected.
8Again, the automaton related to the Extern role is just the view of the ClusterHead automaton from an adjacent AVGN .
9This is is shown in the on-line extended version [Citation25].
10It is worth noticing that this technique is the one used to manage mobility.
11Note that dependencies are sufficient to impose an ordering on messages; this allows us to relax the assumption that a global system clock exists (see Section 4).
12Note that all other filters remain in the same state since the message (i.e., the dependency ?f(m, C)) is related to an invocation exiting from q.