Intrusion-aware Alert Validation Algorithm for Cooperative Distributed Intrusion Detection Schemes of Wireless Sensor Networks

TL;DR

This paper introduces an intrusion-aware alert validation algorithm for wireless sensor networks that verifies intrusion claims, enhancing security by reducing false alerts with moderate communication overhead.

Contribution

It proposes a novel validation algorithm utilizing intrusion-aware reliability, addressing the challenge of verifying malicious intrusion claims in cooperative distributed detection.

Findings

Provides a validation algorithm that improves alert reliability.

Offers a security resiliency analysis of the proposed method.

Balances reliability and communication cost effectively.

Abstract

Existing anomaly and intrusion detection schemes of wireless sensor networks have mainly focused on the detection of intrusions. Once the intrusion is detected, an alerts or claims will be generated. However, any unidentified malicious nodes in the network could send faulty anomaly and intrusion claims about the legitimate nodes to the other nodes. Verifying the validity of such claims is a critical and challenging issue that is not considered in the existing cooperative-based distributed anomaly and intrusion detection schemes of wireless sensor networks. In this paper, we propose a validation algorithm that addresses this problem. This algorithm utilizes the concept of intrusion-aware reliability that helps to provide adequate reliability at a modest communication cost. In this paper, we also provide a security resiliency analysis of the proposed intrusion-aware alert validation algorithm.