Secure Knowledge and Cluster-Based Intrusion Detection Mechanism for Smart Wireless Sensor Networks
Amjad Mehmood,
Akbar Khanan,
Muhammad Muneer Umar,
Salwani Abdullah,
Khairul Akram Zainol Ariffin,
Houbing Song
Affiliations
Amjad Mehmood
Institute of Information Technology, Kohat University of Science and Technology, Kohat, Pakistan
Akbar Khanan
Centre for Artificial Intelligence Technology, Research Centre for Software and Management, Faculty of Information Science and Technology, Universiti Kebangsaan Malaysia, Bangi, Malaysia
Muhammad Muneer Umar
Department of Management and Information Technology, Jubail Industrial College, Jubail, Saudi Arabia
Salwani Abdullah
Centre for Artificial Intelligence Technology, Research Centre for Software and Management, Faculty of Information Science and Technology, Universiti Kebangsaan Malaysia, Bangi, Malaysia
Khairul Akram Zainol Ariffin
Centre for Artificial Intelligence Technology, Research Centre for Software and Management, Faculty of Information Science and Technology, Universiti Kebangsaan Malaysia, Bangi, Malaysia
Wireless sensor networks, due to their nature, are more prone to security threats than other networks. Developments in WSNs have led to the introduction of many protocols specially developed for security purposes. Most of these protocols are not efficient in terms of putting an excessive computational and energy consumption burden on small nodes in WSNs. This paper proposes a knowledge-based context-aware approach for handling the intrusions generated by malicious nodes. The system operates on a knowledge base, located at the base station, which is used to store the events generated by the nodes inside the network. The events are categorized and the cluster heads (CHs) are acknowledged to block maliciously repeated activities generated. The CHs can also get informational records about the maliciousness of intruder nodes by using their inference engines. The mechanism of events logging and analysis by the base station greatly affects the performance of nodes in the network by reducing the extra security-related load on them.
