A dynamic graph-based cluster ensemble approach to detect security attacks in surveillance network

Diya Thomas*

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

1 Citation (Scopus)

Abstract

Wireless sensor networks (WSNs) are underlying network infrastructure for a variety of mission-critical surveillance applications. The network should be tolerant of unexpected failures of sensor nodes to meet the Quality of Service (QoS) requirements of these applications. One major cause of failure is active security attacks such as Denial of Service (DoS) attacks. This paper models the problem of detecting such attacks as an anomaly detection problem in a dynamic graph. The problem is addressed by employing a voting based cluster ensemble approach called the K-Means Spectral and Hierarchical ensemble (KSH) approach. The experimental result shows that KSH detected DoS attacks with better accuracy when compared to baseline approaches. sectionIntroduction and Motivation WSNs play a vital role in a variety of mission-critical surveillance applications, such as military surveillance. These applications demand different QoS, such as energy efficiency, coverage, and connectivity from the underlying network. To meet these QoS requirements, WSNs should be tolerant of sensor node failures. Active security attacks such as DoS attacks are one major cause of such failures. The famous Maroochy water treatment and Ukrainian power grid attacks are good instances of active security attacks over wireless sensor networks. Active security attacks are more dangerous in terms of severity it creates in the network. For instance, such an attack on WSNs deployed for military surveillance applications can lead to physical intrusions to happen without being undetected. WSNs are prone to such attacks due to its inherent constraints such as limited bandwidth, lack of tamper-proof hardware, and lack of physical line of defense such as Firewalls. Cryptographic solutions are one commonly used method in the literature to address these attacks. But, such solutions are not a viable option to detect attacks in resource constraint WSNs. A lightweight and energy-efficient intru-sion detection system can form a second line of defense in cases where such a solution fails. This paper proposes a lightweight graph-based intrusion detection system to detect active security attacks in the network. A graph model is an efficient way to represent complex relationships in the dataset. In [3], a static graph model is used to represent the sensor data. Anomalies are identified based on the spatial correlation. A graph-based spectral clustering approach on sensor data is proposed in [2]. MIDAS and MIDAS-R proposed in [4] are currently the two well-known approaches used to identify abrupt changes in a dynamic graph (representing social network). A thresholdbased scheme is applied to the graph data to detect the anomaly. In contrast to other approaches, the KSH utilizes a novel dynamic graph model that captures the spatial and temporal network changes caused by the attack. The remaining sections of this paper are organized as follows. Section 2 formulate the problem and elaborates in detail our proposed secure intrusion (anomaly) detection approach. The experiment conducted and the result obtained are discussed in Section 3. Finally, Section 4 concludes the paper.

Original languageEnglish
Title of host publicationInternational Conference on Embedded Wireless Systems and Networks, EWSN 2021
EditorsPolly Huang, Marco Zuniga, Guoliang Xing, Chiara Petrioli
Place of PublicationNew York, NY
PublisherAssociation for Computing Machinery
Pages1-2
Number of pages2
ISBN (Print)9780994988652
Publication statusPublished - 2021
EventInternational Conference on Embedded Wireless Systems and Networks, EWSN 2021 - Delft, Netherlands
Duration: 17 Feb 202119 Feb 2021

Publication series

NameInternational Conference on Embedded Wireless Systems and Networks
ISSN (Electronic)2562-2331

Conference

ConferenceInternational Conference on Embedded Wireless Systems and Networks, EWSN 2021
Country/TerritoryNetherlands
CityDelft
Period17/02/2119/02/21

Fingerprint

Dive into the research topics of 'A dynamic graph-based cluster ensemble approach to detect security attacks in surveillance network'. Together they form a unique fingerprint.

Cite this