TY - JOUR
T1 - eHIP
T2 - An energy-efficient hybrid intrusion prohibition system for cluster-based wireless sensor networks
AU - Su, Wei Tsung
AU - Chang, Ko Ming
AU - Kuo, Yau Hwang
N1 - Funding Information:
We would like to thank the reviewers and editor for their comments and suggestions on this paper. This paper is based partially on work supported by the National Science Council (NSC) of Taiwan, R.O.C., under grant No. NSC94-2213-E-006-081.
PY - 2007/3/14
Y1 - 2007/3/14
N2 - Verifying authenticity and integrity of delivered data is indispensable for security-sensitive wireless sensor networks (WSN). Unfortunately, conventional security approaches are unsuitable for WSN because energy efficiency is really not an important issue. However, energy conservation is truly a critical issue in WSN. In this paper, a proposed hybrid security system, called energy-efficient hybrid intrusion prohibition (eHIP) system, combines intrusion prevention with intrusion detection to provide an energy-efficient and secure cluster-based WSN (CWSN). The eHIP system consists of authentication-based intrusion prevention (AIP) subsystem and collaboration-based intrusion detection (CID) subsystem. Both subsystems provide heterogeneous mechanisms for different demands of security levels in CWSN to improve energy efficiency. In AIP, two distinct authentication mechanisms are introduced to verify control messages and sensed data to prevent external attacks. These two authentication mechanisms are customized according to the relative importance of information contained in control messages and sensed data. However, because the security threat from compromised sensor nodes cannot be fully avoided by AIP, CID is therefore proposed. In CID, the concept of collaborative monitoring is proposed to balance the tradeoff between network security and energy efficiency. In order to evaluate the performance of eHIP, theoretical analyses and simulations of AIP and CID are also presented in this paper. Simulation results fully support the theoretical analysis of eHIP.
AB - Verifying authenticity and integrity of delivered data is indispensable for security-sensitive wireless sensor networks (WSN). Unfortunately, conventional security approaches are unsuitable for WSN because energy efficiency is really not an important issue. However, energy conservation is truly a critical issue in WSN. In this paper, a proposed hybrid security system, called energy-efficient hybrid intrusion prohibition (eHIP) system, combines intrusion prevention with intrusion detection to provide an energy-efficient and secure cluster-based WSN (CWSN). The eHIP system consists of authentication-based intrusion prevention (AIP) subsystem and collaboration-based intrusion detection (CID) subsystem. Both subsystems provide heterogeneous mechanisms for different demands of security levels in CWSN to improve energy efficiency. In AIP, two distinct authentication mechanisms are introduced to verify control messages and sensed data to prevent external attacks. These two authentication mechanisms are customized according to the relative importance of information contained in control messages and sensed data. However, because the security threat from compromised sensor nodes cannot be fully avoided by AIP, CID is therefore proposed. In CID, the concept of collaborative monitoring is proposed to balance the tradeoff between network security and energy efficiency. In order to evaluate the performance of eHIP, theoretical analyses and simulations of AIP and CID are also presented in this paper. Simulation results fully support the theoretical analysis of eHIP.
UR - http://www.scopus.com/inward/record.url?scp=33845719807&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=33845719807&partnerID=8YFLogxK
U2 - 10.1016/j.comnet.2006.07.008
DO - 10.1016/j.comnet.2006.07.008
M3 - Article
AN - SCOPUS:33845719807
SN - 1389-1286
VL - 51
SP - 1151
EP - 1168
JO - Computer Networks
JF - Computer Networks
IS - 4
ER -