Title :
ICAD: Indirect correlation based anomaly detection in dynamic WSNs
Author :
Gao, Yi ; Chen, Chun ; Bu, Jiajun ; Dong, Wei ; He, Daojing
Author_Institution :
Zhejiang Key Lab. of Service Robot, Zhejiang Univ., Hangzhou, China
Abstract :
Anomaly detection is an essential functionality of Wireless Sensor Networks (WSNs) due to their complex behaviors and the wireless dynamics. In dynamic WSNs, many characteristics such as network topology, locations of sensor nodes, change frequently over time. We observe that indirect correlations among multiple attributes of a sensor node can be utilized to capture and model the historical behaviors. Prior studies overlooked indirect correlations while in this study we exploit it for detecting anomaly efficiently and accurately. Therefore, we propose ICAD, an indirect correlation based anomaly detection approach. By applying the Markov chain, the state transition probability matrix is calculated and it is subsequently used to detect anomalies. Compared to prior approaches, ICAD can detect different types of anomalies simultaneously. Furthermore, ICAD is implemented based on TinyOS and evaluated in a test-bed with 17 TelosB motes. Evaluation results show that ICAD has high detection accuracy with acceptable overhead.
Keywords :
Markov processes; probability; telecommunication network topology; telecommunication security; wireless sensor networks; ICAD; Markov chain; TelosB motes; TinyOS and; dynamic WSN; indirect correlation based anomaly detection; network topology; state transition probability matrix; wireless sensor networks; Correlation; Markov processes; Network topology; Probability distribution; Random access memory; Training; Wireless sensor networks;
Conference_Titel :
Wireless Communications and Networking Conference (WCNC), 2011 IEEE
Conference_Location :
Cancun, Quintana Roo
Print_ISBN :
978-1-61284-255-4
DOI :
10.1109/WCNC.2011.5779209
