Martin Stehlík

Calibrating and Comparing Simulators for Wireless Sensor Networks

In this paper, we present our findings from the calibration and comparison of selected simulators for wireless sensor networks. This work is motivated by our current research on a framework that optimizes a network-based intrusion detection system for a given application. For this purpose, we need a simulator that supports realistic models for topology, antenna, radio propagation, noise, radio, medium access control and energy consumption - factors that can influence the performance of an intrusion detection system, which is intended to be run on the medium access control layer. In the paper, we consider four open-source simulators - Castalia, MiXiM, TOSSIM and WSNet. We compare these simulators and run a set of experiments on MICAz sensor nodes in the indoor and outdoor environment. Based on the data gathered from the real experiments, we calibrate the radio propagation and noise models of Castalia, MiXiM, TOSSIM and WSNet. Also, we calibrate the energy consumption model of Castalia, MiXiM and WSNet according to the MICAz datasheet. We present the results from the simulations and compare them between each other. Even though the simulators are set in the same way, their results significantly differ from each other. In the paper, we discuss possible reasons of the differences.

Improving Intrusion Detection Systems for Wireless Sensor Networks

A considerable amount of research has been undertaken in the field of intrusion detection in wireless sensor networks. Researchers proposed a number of relevant mechanisms, and it is not an easy task to select the right ones for a given application scenario. Even when a network operator knows what mechanism to use, it remains an open issue how to configure this particular mechanism in such a way that it is efficient for the particular needs. We propose a framework that optimizes the configuration of an intrusion detection system in terms of detection accuracy and memory usage. There is a variety of scenarios, and a single set of configuration values is not optimal for all of them. Therefore, we believe, such a framework is of a great value for a network operator who needs to optimize an intrusion detection system for his particular needs, e.g., attacker model, environment, node parameters.

Towards better selective forwarding and delay attacks detection in wireless sensor networks

A number of intrusion detection techniques have been proposed to detect different kinds of active attacks on wireless sensor networks (WSNs). Selective forwarding and delay attacks are two simple but effective attacks that can disrupt the communication in WSNs. We propose two parametrized collaborative intrusion detection techniques and optimize their parameters for given scenarios using extensive simulations and multiobjective evolutionary algorithms. Moreover, we sample the whole search space to enable evaluation of evolution performance. We evaluate the influence of changes of the number of malicious nodes on the intrusion detection performance.

On Node Capturing Attacker Strategies

In distributed environments, such as wireless networks, a common adversary is considered to take control over a fraction of the nodes and hence to affect the system behaviour. We have examined several key management schemes for wireless sensor networks where the adversary compromises all the secret keys stored on captured nodes. We propose a number of realistic movement strategies that an actual attacker could pursue to capture nodes and examine the fallout of these attack approaches.

Multi-Objective Optimization of Intrusion Detection Systems for Wireless Sensor Networks

Intrusion detection is an essential mechanism to protect wireless sensor networks against internal attacks that are relatively easy and not expensive to mount in these networks. Recently, we proposed, implemented and tested a framework that helps a network operator to find a trade-off between detection accuracy and usage of resources that are usually highly constrained in wireless sensor networks. We used a single-objective optimization evolutionary algorithm for this purpose. This approach, however, has its limitations. In order to eliminate them, we show benefits of multi-objective evolutionary algorithms for intrusion detection parametrization and examine two multi-objective evolutionary algorithms (NSGA-II and SPEA2). Our examination focuses on the impact of an evolutionary algorithm (and its parameters) on the optimality of found solutions, the speed of convergence and the number of evaluations.

Evaluation of Key Management Schemes in Wireless Sensor Networks

Evaluation of key management schemes is usually done analytically and by hand. As such, it is prone to mistakes and often focuses only on selected aspects of the schemes. In this paper we introduce our simulation framework for automated evaluation of key management schemes for wireless sensor networks. This framework contains a starting library of key management schemes.

Attack Detection Using Evolutionary Computation

Wireless sensor networks (WSNs) are often deployed in open and potentially hostile environments. An attacker can easily capture the sensor nodes or replace them with malicious devices that actively manipulate the communication. Several intrusion detection systems (IDSs) have been proposed to detect different kinds of active attacks by sensor nodes themselves. However, the optimization of the IDSs w.r.t. the accuracy and also sensor nodes’ resource consumption is often left unresolved. We use multi-objective evolutionary algorithms to optimize the IDS with respect to three objectives for each specific WSN application and environment. The optimization on two detection techniques aimed at a selective forwarding attack and a delay attack is evaluated. Moreover, we discuss various attacker strategies ranging from an attacker behavior to a deployment of the malicious sensor nodes in the WSN. The robustness of the IDS settings optimized for six different attacker strategies is evaluated.