Volume 10 - Issue 2
Identification of Attacks against Wireless Sensor Networks Based on Behaviour Analysis
- Viktoriia Korzhuk
ITMO University, St. Petersburg, Russia
vika@cit.ifmo.ru
- Anton Groznykh
ITMO University, St. Petersburg, Russia
groznykhanton@yandex.ru
- Alexander Menshikov
ITMO University, St. Petersburg, Russia
menshikov@corp.ifmo.ru
- Martin Strecker
ITMO University, St. Petersburg, Russia
martin.strecker@irit.fr
Keywords: wireless sensor network, information security, attack identification, behavior analysis
Abstract
The paper describes the problem of identification of network layer attacks on wireless sensor networks
for subsequent development of intrusion detection systems. 15 types of behaviour (including
14 states under attack and the normal state) and identification features are briefly specified. A technique
for attacks identifying based on a combination of Random Forest algorithm and probability
classifier is proposed. A study of the dependence of the accuracy of the probability classifier and the
average number of used features on a confidence level and a priori probability of the normal state,
which allows reducing the feature space to one feature, is described. For most attacks, there is a
relative constancy of the dependence values in the range from 0 to 0.7 � 0.15, after which a decrease
occurs, corresponding to the quality of identification. Recommendations to the algorithm parameters
are formed and its evaluation is carried out.