无线传感器网络异常入侵检测技术研究
|
摘要
无线传感器网络(Wireless Sensor Networks, WSNs)涉及的技术有传感器技术、嵌入式计算技术、网络技术、无线通信技术、分布式信息处理技术等,能够通过各种集成化的微型传感器协作的实时监测、感知各种环境或监测对象的信息,可广泛用于国防军事、国家安全、环境监测、交通管理、医疗卫生、制造业、反恐抗灾等领域,也是物联网获取信息的主要方式。由于无线传感器网络缺乏基础设施以及在空间上的开放性,使得攻击者可以很容易地窃听、拦截、伪造、篡改数据信息。由于传感器节点部署区域的特殊性,攻击者可能对被俘节点本身进行破坏或破解。无线传感器网络中高速动态变化的路由拓扑使得其正常与异常操作间没有明确的界限,发出错误信息的节点,可能是被俘节点,也可能是由于正在快速移动而暂时失去同步的节点,一般入侵检测系统很难识别出是真正的入侵还是系统的暂时性故障。无线传感器网络中的节点能量有限,使得WSNs易受到资源消耗型攻击。因此无线传感器网络需要有效的安全机制来阻止和预防各种网络攻击保证数据的机密性、完整性和可用性。本文针对无线传感器网络的特点,以异常入侵检测为主要研究内容,重点针对网络流量预测技术、统计分析技术、安全路由攻击检测技术,数据挖掘和智能处理技术在异常入侵检测中的应用进行分析、研究,提出有效的检测方案,本文的研究工作与主要成果包括:
首先,针对现有方案仅仅通过监控节点(传感器节点、邻居节点、簇头节点)流量的变化来判断网络是否受到攻击的误判风险,提出了一种将流量预测和相关系数矩阵相结合基于阀值的异常入侵检测方法,该方法通过比较连续m个相关系数来进行异常检测。同时对三种典型的流量预测模型:自回归滑动平均模型、Kalman滤波、混沌时间序列分析方法在无线传感器网络异常入侵检测系统中的应用进行了比较,仿真结果表明本节所提出的方案在流量攻击的程度较弱时,具有较高的检测率
第二,统计分析技术是异常入侵检测中常用的技术之一,具有计算复杂度低,容易部署等特点。然而无论是均值与标准差模型、卡方检验方法、累积和(CUSUM)方法,门限参数的确定依然是比较困难的。针对CUSUM算法单一检测门限引起的检测延迟较长,检测率偏低的问题。提出了一种适用于WSNs的Multi-CUSUM算法,该算法首先根据流量序列均值的大小选择具有不同门限参数的CUSUM算法,对门限参数的优化选择一种随流量序列个数增多而增大的方式。理论分析与实验结果表明基于Multi-CUSUM算法的异常检测方案对于WSNs来说是一个比较理想的检测方案,该方案与当前典型的WSNs入侵检测方案相比较具有更优越的性能。
第三,安全路由协议是无线传感网络感知数据正确传输的保证。然而无线传感器网络中各种典型路由协议在设计时只对网络的应用进行了尽可能的完善并没有充分考虑路由安全方面的问题。基于异构无线传感器网络体系结构,提出了一种具有异常入侵检测功能的安全路由协议SRPAD。为优化路由选择,利用一种改进的蚁群算法搜索从簇头节点到基站节点的优化路由,提出了安全路由协议中根据节点流量、能量消耗的均值和方差变化检测异常攻击的方法。理论分析和仿真实验证明了本节所提出的SRPAD协议的可行性和有效性。从异常入侵检测的角度为无线传感器网络安全路由协议的研究提供了一种思路。
第四,提出了基于贝叶斯(Bayes)分类的分布式入侵检测方案,为满足无线传感器网络轻量级计算的特点,该方案提出了基于K最近邻算法的WSNs分簇方法,并证明了WSNs中节点的K最近邻分簇是唯一的。方案中贝叶斯分类方法被用来进行簇内节点的异常检测,平均概率的方法被用来进行簇头节点异常行为的检测。通过模拟不同数据传输率下的攻击流量,构建了基于规则的检测策略。仿真结果和分析说明了提出的基于Bayes分类算法的入侵检测方法是适合WSNs特点的有效检测方案。
第五,智能处理算法的一些特征如适应性、容错、高计算速度和差错恢复适合入侵检测系统的特性。基于“同类相近”的思想,提出了K-means-SVM异常入侵检测算法,同时从理论上分析了该算法的推广能力。该方法首先利用K-means算法对传感器网络中的节点进行聚类,对该算法难以解决的初始聚类参数K的问题,提出了一种带自调节参数K的计算方法,通过改进K-means算法初始聚类点的选择,克服了K-means算法初始聚类点选择的随机性和盲目性,有效的提高聚类的效率,在此基础上通过选择Multi-SVM算法来提高对不同类型攻击的异常检测效率,实验表明本文所提方法和WSNs中一些典型的异常检测方法相比具有更高的检测率和更低的误检率。
Because of advances in sensor technology, embedded technique, network technology, wireless communication and distributed information processing technology, wireless sensor networks (WSNs) are designed and developed, which can collect and process real-time environmental information through various microsensors, and has a wide range of potential applications including national defense, environment monitoring, traffic management, medical systems, manufacturing industry, counter-terrorism, anti-disaster, etc. It also provides a kind of method to obtain information for the Internet of Things. For lack of infrastructural facilities and the characteristics of open communication medium in WSNs, the attacker can easily eavesdrop, intercept, forge and tamper data information. Because of particularity of deployment of WSNs nodes, the attacker may inflict damage or decode on captured nodes.The high-speed dynamic routing topology makes it no clear boundaries for the normal operating and abnormal operating. The nodes that send wrong message may be the captured nodes, it may be also the fast moving nodes, which are temporary nodes of loss of synchronization. The general intrusion detection systems are difficult to identify the real invasion or a temporary system failure. WSNs node's energy is limited, this makes WSNs more vulnerable to resource consumption attacks. Therefore, an effective security mechanism is needed to stop and prevent network attacks to ensure data confidentiality, integrity and availability. Regarding the features of WSNs, the research of anomaly intrusion detection was focused on by this dissertation from aspects of traffic forecasting techniques, statistical analysis techniques, secure routing attack detection technology and intelligent technology. The main contributions of this dissertation are as follows:
First, the existing anomaly intrusion detection methods depend only on the deviation of real traffic and forecast traffic of nodes (cluster head node, monitor nodes, neighbors nodes) to determine if the nodes are attacked or not, where there is the risk of wrong judgment. An anomaly intrusion detection approach has been proposed based on threshold, combined with correlation coefficient matrix and traffic prediction, where this method adopts the deviation of correlation coefficients m to detection anomaly intrusion. In addition, the results of applications of Chaos and Times Series Analysis, Autoregressive Moving Average (ARMA), Kalman Filter have been analyzed in WSNs intrusion detection system. Experimental results demonstrate the efficiency of the proposed approach, compared with other methods, it has higher detection rate when the intensity of attacking is weaker.
Second, the statistical analysis is the most commonly used techniques in anomaly intrusion detection, with low computational complexity, easy deployment. However, the threshold parameters are still difficult to determine for mean and standard deviation model, chi-square test method, CUSUM method. Given that the single detection threshold of the cumulative sum (CUSUM) algorithm causes longer detection delays and a lower detection rate, a multi-class CUSUM algorithm is hereby proposed. Firstly a maximum and minimum thresholds that sensor node are able to reach during sending packet were set to eliminate abnormal flow to enhance the detection efficiency. Secondly, CUSUM algorithms of different thresholds, all of which are selected according to the mean of traffic sequences, are applied to detect anomalous nodes. This study aims to optimize threshold parameters, the size of which increases with the number of traffic sequence. Using the NS2tool, the different values of network traffic sequence were generated and simulated. Based on these values, the detection rates of the CUSUM algorithm and multi-class CUSUM algorithms, as well as their false positive rates, are then evaluated. Theory analysis and simulation experiment results show that the proposed algorithm achieves a higher and more accurate rate of detection and lower false positive rates than do the current important intrusion detection schemes of WSNs.
Third, a secure routing protocol is essential for wireless sensor networks (WSN) to ensure the exactness of sensed data transmission. However, the typical routing protocol of the wireless sensor network only makes complement to the network application, it doesn't consider the safety aspects of the network sufficiently. Based on the architecture of heterogeneous WSNs, a secure routing protocol with anomaly detection (SRPAD) is hereby proposed. To resolve the optimizing problems of routing overhead, this paper proposes an improved ant colony algorithm to search the lowest cost routing from cluster nodes to base station, and based on the results, we can detect whether or not there are router attacks according to the variant condition on average, their variance of data traffic, and energy consumption of monitoring cluster nodes. Theory analysis and simulation experiment results show that the proposed protocol is effective in data transfer, with low consumed energy. In addition, the proposed protocol has a higher detection rate and lower false positive, compared with the current important protocol of WSNs.
Fourth, A Bayesian network based anomaly detection scheme is proposed and designed, where a new clustering approach is presented by using the K nearest neighbor algorithm, and the partition of clusters of WSNs is proved to be the only one. Bayesian classification algorithm is used to detect anomaly nodes in inter-cluster, the anomaly detection of cluster-head nodes is detected by using average probability approach. By using network simulation tool NS2, network attack traffic was generated and simulated, intrusion detection rules were developed, and based on this, its detection rate, and average detection rate, false positive rate and average false positive rate were evaluated. Simulation results demonstrate that the scheme achieves higher accuracy rate of detection and lower false positive rate than the current important intrusion detection schemes of WSNs.
Fifth, the characteristics of intelligent processing algorithm, such as adaptation, fault tolerance, high computational speed and error resilience in the face of noise information fit the requirements of building a good intrusion detection model. Based on the principle that sensor nodes situated spatially close to each other tend to have similar behavior, an anomaly intrusion detection method is hereby proposed, and the generalization ability of algorithm is theoretically analyzed. To solve the problem of k-means algorithm that requires initializing parameters, this section proposes an improved k-means algorithm with a strategy using adjustable parameters. By applying improved k-means algorithm to WSNs, we can obtain clustering results, and based on the results, an SVM multi-classification algorithm is applied to different clusters for anomaly intrusion detection. Experimental results on the Intel Berkeley Laboratory testing datasets show that the proposed method can efficiently detect abnormal behaviors. In addition, the proposed method has a high detection rate and low false positive rate compared with the current important intrusion detection schemes of WSNs.
首先,针对现有方案仅仅通过监控节点(传感器节点、邻居节点、簇头节点)流量的变化来判断网络是否受到攻击的误判风险,提出了一种将流量预测和相关系数矩阵相结合基于阀值的异常入侵检测方法,该方法通过比较连续m个相关系数来进行异常检测。同时对三种典型的流量预测模型:自回归滑动平均模型、Kalman滤波、混沌时间序列分析方法在无线传感器网络异常入侵检测系统中的应用进行了比较,仿真结果表明本节所提出的方案在流量攻击的程度较弱时,具有较高的检测率
第二,统计分析技术是异常入侵检测中常用的技术之一,具有计算复杂度低,容易部署等特点。然而无论是均值与标准差模型、卡方检验方法、累积和(CUSUM)方法,门限参数的确定依然是比较困难的。针对CUSUM算法单一检测门限引起的检测延迟较长,检测率偏低的问题。提出了一种适用于WSNs的Multi-CUSUM算法,该算法首先根据流量序列均值的大小选择具有不同门限参数的CUSUM算法,对门限参数的优化选择一种随流量序列个数增多而增大的方式。理论分析与实验结果表明基于Multi-CUSUM算法的异常检测方案对于WSNs来说是一个比较理想的检测方案,该方案与当前典型的WSNs入侵检测方案相比较具有更优越的性能。
第三,安全路由协议是无线传感网络感知数据正确传输的保证。然而无线传感器网络中各种典型路由协议在设计时只对网络的应用进行了尽可能的完善并没有充分考虑路由安全方面的问题。基于异构无线传感器网络体系结构,提出了一种具有异常入侵检测功能的安全路由协议SRPAD。为优化路由选择,利用一种改进的蚁群算法搜索从簇头节点到基站节点的优化路由,提出了安全路由协议中根据节点流量、能量消耗的均值和方差变化检测异常攻击的方法。理论分析和仿真实验证明了本节所提出的SRPAD协议的可行性和有效性。从异常入侵检测的角度为无线传感器网络安全路由协议的研究提供了一种思路。
第四,提出了基于贝叶斯(Bayes)分类的分布式入侵检测方案,为满足无线传感器网络轻量级计算的特点,该方案提出了基于K最近邻算法的WSNs分簇方法,并证明了WSNs中节点的K最近邻分簇是唯一的。方案中贝叶斯分类方法被用来进行簇内节点的异常检测,平均概率的方法被用来进行簇头节点异常行为的检测。通过模拟不同数据传输率下的攻击流量,构建了基于规则的检测策略。仿真结果和分析说明了提出的基于Bayes分类算法的入侵检测方法是适合WSNs特点的有效检测方案。
第五,智能处理算法的一些特征如适应性、容错、高计算速度和差错恢复适合入侵检测系统的特性。基于“同类相近”的思想,提出了K-means-SVM异常入侵检测算法,同时从理论上分析了该算法的推广能力。该方法首先利用K-means算法对传感器网络中的节点进行聚类,对该算法难以解决的初始聚类参数K的问题,提出了一种带自调节参数K的计算方法,通过改进K-means算法初始聚类点的选择,克服了K-means算法初始聚类点选择的随机性和盲目性,有效的提高聚类的效率,在此基础上通过选择Multi-SVM算法来提高对不同类型攻击的异常检测效率,实验表明本文所提方法和WSNs中一些典型的异常检测方法相比具有更高的检测率和更低的误检率。
Because of advances in sensor technology, embedded technique, network technology, wireless communication and distributed information processing technology, wireless sensor networks (WSNs) are designed and developed, which can collect and process real-time environmental information through various microsensors, and has a wide range of potential applications including national defense, environment monitoring, traffic management, medical systems, manufacturing industry, counter-terrorism, anti-disaster, etc. It also provides a kind of method to obtain information for the Internet of Things. For lack of infrastructural facilities and the characteristics of open communication medium in WSNs, the attacker can easily eavesdrop, intercept, forge and tamper data information. Because of particularity of deployment of WSNs nodes, the attacker may inflict damage or decode on captured nodes.The high-speed dynamic routing topology makes it no clear boundaries for the normal operating and abnormal operating. The nodes that send wrong message may be the captured nodes, it may be also the fast moving nodes, which are temporary nodes of loss of synchronization. The general intrusion detection systems are difficult to identify the real invasion or a temporary system failure. WSNs node's energy is limited, this makes WSNs more vulnerable to resource consumption attacks. Therefore, an effective security mechanism is needed to stop and prevent network attacks to ensure data confidentiality, integrity and availability. Regarding the features of WSNs, the research of anomaly intrusion detection was focused on by this dissertation from aspects of traffic forecasting techniques, statistical analysis techniques, secure routing attack detection technology and intelligent technology. The main contributions of this dissertation are as follows:
First, the existing anomaly intrusion detection methods depend only on the deviation of real traffic and forecast traffic of nodes (cluster head node, monitor nodes, neighbors nodes) to determine if the nodes are attacked or not, where there is the risk of wrong judgment. An anomaly intrusion detection approach has been proposed based on threshold, combined with correlation coefficient matrix and traffic prediction, where this method adopts the deviation of correlation coefficients m to detection anomaly intrusion. In addition, the results of applications of Chaos and Times Series Analysis, Autoregressive Moving Average (ARMA), Kalman Filter have been analyzed in WSNs intrusion detection system. Experimental results demonstrate the efficiency of the proposed approach, compared with other methods, it has higher detection rate when the intensity of attacking is weaker.
Second, the statistical analysis is the most commonly used techniques in anomaly intrusion detection, with low computational complexity, easy deployment. However, the threshold parameters are still difficult to determine for mean and standard deviation model, chi-square test method, CUSUM method. Given that the single detection threshold of the cumulative sum (CUSUM) algorithm causes longer detection delays and a lower detection rate, a multi-class CUSUM algorithm is hereby proposed. Firstly a maximum and minimum thresholds that sensor node are able to reach during sending packet were set to eliminate abnormal flow to enhance the detection efficiency. Secondly, CUSUM algorithms of different thresholds, all of which are selected according to the mean of traffic sequences, are applied to detect anomalous nodes. This study aims to optimize threshold parameters, the size of which increases with the number of traffic sequence. Using the NS2tool, the different values of network traffic sequence were generated and simulated. Based on these values, the detection rates of the CUSUM algorithm and multi-class CUSUM algorithms, as well as their false positive rates, are then evaluated. Theory analysis and simulation experiment results show that the proposed algorithm achieves a higher and more accurate rate of detection and lower false positive rates than do the current important intrusion detection schemes of WSNs.
Third, a secure routing protocol is essential for wireless sensor networks (WSN) to ensure the exactness of sensed data transmission. However, the typical routing protocol of the wireless sensor network only makes complement to the network application, it doesn't consider the safety aspects of the network sufficiently. Based on the architecture of heterogeneous WSNs, a secure routing protocol with anomaly detection (SRPAD) is hereby proposed. To resolve the optimizing problems of routing overhead, this paper proposes an improved ant colony algorithm to search the lowest cost routing from cluster nodes to base station, and based on the results, we can detect whether or not there are router attacks according to the variant condition on average, their variance of data traffic, and energy consumption of monitoring cluster nodes. Theory analysis and simulation experiment results show that the proposed protocol is effective in data transfer, with low consumed energy. In addition, the proposed protocol has a higher detection rate and lower false positive, compared with the current important protocol of WSNs.
Fourth, A Bayesian network based anomaly detection scheme is proposed and designed, where a new clustering approach is presented by using the K nearest neighbor algorithm, and the partition of clusters of WSNs is proved to be the only one. Bayesian classification algorithm is used to detect anomaly nodes in inter-cluster, the anomaly detection of cluster-head nodes is detected by using average probability approach. By using network simulation tool NS2, network attack traffic was generated and simulated, intrusion detection rules were developed, and based on this, its detection rate, and average detection rate, false positive rate and average false positive rate were evaluated. Simulation results demonstrate that the scheme achieves higher accuracy rate of detection and lower false positive rate than the current important intrusion detection schemes of WSNs.
Fifth, the characteristics of intelligent processing algorithm, such as adaptation, fault tolerance, high computational speed and error resilience in the face of noise information fit the requirements of building a good intrusion detection model. Based on the principle that sensor nodes situated spatially close to each other tend to have similar behavior, an anomaly intrusion detection method is hereby proposed, and the generalization ability of algorithm is theoretically analyzed. To solve the problem of k-means algorithm that requires initializing parameters, this section proposes an improved k-means algorithm with a strategy using adjustable parameters. By applying improved k-means algorithm to WSNs, we can obtain clustering results, and based on the results, an SVM multi-classification algorithm is applied to different clusters for anomaly intrusion detection. Experimental results on the Intel Berkeley Laboratory testing datasets show that the proposed method can efficiently detect abnormal behaviors. In addition, the proposed method has a high detection rate and low false positive rate compared with the current important intrusion detection schemes of WSNs.
引文
[1]Pottie G.J., Kaiser W.J. Wireless integrated network sensors[J]. Communications of the ACM,2000,43(5):51-58.
[2]任丰原,黄海宁,林闯.无线传感器网络[J].软件学报,2003,14(7):1282-1291.
[3]Luigi Atzori, Antonio Iera, Giacomo Morabito. The Internet of Things:A survey[J]. Computer Networks,2010,54:2787-2805.
[4]李建中,高宏.无线传感器网络研究进展[J].计算机研究与发展,2008,45(1):1-15
[5]Ashfaq Hussain Farooqi and Farrukh Aslam Khan. Intrusion Detection Systems for Wireless Sensor Networks:A Survey. FGCN/ACN 2009, CCIS 56, pp.234-241
[6]Sun B, Osborne L, Xiao Y, Guizani S. Intrusion Detection Techniques in Mobile Ad Hoc and Wireless Sensor Networks[J]. IEEE Wireless Communications,2007, 10:56-63
[7]段丹青.入侵检测算法及关键技术研究[博士学位论文],中南大学,2007.
[8]Onat I, MIRIA. An intrusion detection system for wireless sensor networks [C] //Proc of IEEE International Conference on Wirelessand Mobile Computing, Networking and Communications (WiMOB2005).2005.
[9]曹晓梅,韩志杰,陈贵海.基于流量预测的传感器网络拒绝服务攻击检测方案.计算机学报,2007,30(10):1798-1805.
[10]Ioannis Krontiris, Zinaida Benenson, Thanassis Giannetsos etc. Cooperative Intrusion Detection in Wireless Sensor Networks. EWSN 2009, LNCS 5432, pp. 263-278.
[11]Jiayu Tang, Pingzhi Fan. A RSSI-Based Cooperative Anomaly Detection Scheme for Wireless Sensor Networks[C]//proceedings of the International Conference on Wireless Communications, Networking and Mobile Computing,2007,PP:2783-2786
[12]Mao Yuxin. A semantic-based intrusion detection framework for wireless sensor network[C]//proceedings of the International Conference on Networked Computing, 2010:pp1-5.
[13]Onat I, Miri A. A real-time node-based traffic anomaly detection algorithm for wireless sensor networks. Presented at the 2005 systems communications, August 2005.
[14]Onat I, Miri A. An intrusion detection system for wireless sensor networks. Presented at the 2005 IEEE international conference on wireless and mobile computing networking and communications, August 2005.
[15]liu F, et al. Insider attacker detection in wireless sensor network. Presented at the 26th IEEE international conference on computer communications May 2007.
[16]Dallas et al. Hop-count monitoring:detecting sinkhole attacks in wireless sensor networks. Presented at the 15th IEEE international conference on networks,2007.
[17]Curiac et al. Malicious node detection in wireless sensor networks using an autoregression technique. Presented at the 3rd international conference on networking and services, June 2007.
[18]Compromised sensor nodes detection:a quantitative approach. Presented at the 28th international conference on distributed computing systems workshops, June 2008.
[19]Yan K Q, Wang S C, Wang, S S, Liu C W. Hybrid Intrusion Detection System for enhancing the security of a cluster-based Wireless Sensor Network,2010 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT),1(114-118).
[20]Su C C, CHANG Ko-ming, Kuo Y H, et al. The new intrusion p revention and detection approaches for clustering-based sensor networks[C]//Proc of IEEE Wireless Communications and Networking Conference.2005:1927-1932.
[21]Wang H, et al. Intrusion detection for wireless sensor networks based on multi-agent and refined clustering. Presented at the international conference on communications and mobile computing, January 2009.
[22]Subramaniam S, et al. Online outlier detection in sensor data using non-parametric models. Presented at the 32nd international conference on very large data bases, September 2006.
[23]Zhang Y-Y, et al. Inside attack detection in hierarchical wireless sensor networks. Presented at the 3rd international conference on innovative computing information and control, June 2008.
[24]Masud M, et al. Anomaly detection by clustering ellipsoids in wireless sensor networks. Presented at the 5th international conference on intelligent sensors, sensor networks and information processing,2009.
[25]Rahul K, et al. Reduced complexity intrusion detection in sensor networks using genetic algorithm. Presented at the IEEE international conference on communications,2009.
[26]Yan-hui Li, Dong-yang Fu, Ming Wan Lei Li. Intrusion detection model based on hierarchical structure in Wireless sensor networks [C]//Proceedings of the International Conference on Electrical and Control Engineering,2010, pp:2816-2819.
[27]Ngai C H. Intrusion detection for wireless sensor networks [D].Hong Kong:Dept of Computer Science and Engineering, The Chinese University of Hong Kong. 2005.
[28]Rajasegarar S, Leckie C, Palaniswami M, BezdekJ C. Distributed Anomaly Detection in Wireless Sensor Networks[C]//Proceedings of the 10th IEEE Singapore International Conference on Communicat-ion systems.Singapore,2006:1-5.
[29]Nikos Komninos, Christos Douligeris. LIDF:Layered intrusion detection framework for ad-hoc networks[J].Ad Hoc Networks,2009(7):171-182.
[30]Lei Li,Yan-hui Li,Dong-yang Fu,Ming Wan. Intrusion detection model based on hierarchical structure in Wireless sensor networks,2010 International Conference on Electrical and Control Engineering (ICECE), pp:2816-2819.
[31]Tseng Chin-Yang, Poornima Balasubramanyam, et al. A Specification-Based Intrusion Detection System for AODV,2003 ACM Workshop on Security of Ad Hoc and Sensor Networks Fairfax, VA, USA,2003.
[32]A. da Silva et al. Decentralized Intrusion Detection in Wireless Sensor Networks, Proc.1st ACM Int'l. Wksp. QoS & Sec. in Wireless and Mobile Networks,2005, pp:16-23.
[33]Yong Wang, Garhan Attebury, Byrav Ramamurthy. A survey of security issues in wireless sensor networks, Communications Surveys & Tutorials, IEEE In Communications Surveys & Tutorials,2006,9(2):2-23.
[34]周贤伟、覃佰平、徐福华,无线传感器网络与安全,北京:国防工业出版社, 2007.
[35]裴庆祺,沈玉龙,马建峰.无线传感器网络安全技术综述[J].通信学报,2007,28(8):113-121.
[36]Miao Xie, Song Han, Biming Tian, Sazia Parvin. Anomaly detection in wireless sensor networks:A survey. Journal of Network and Computer Applications.2011, 34(4):1302-1325.
[37]Han Zhijie, Wang Ruchuang. Intrusion Detection for Wireless Sensor Network Based on Traffic Prediction Model.2012 International Conference on Solid State Devices and Materials Science, Physics Procedia,2012,25:2072-2080.
[38]Sang Min Lee, Dong Seong Kim, Je Hak Lee, Jong SouPark. Detection of DdoS attacks using optimized traffic matrix.Computers and Mathematics with Applications,2012,63:501-510.
[39]Andriy Stetsko, Lukas Folkman, Vashek Matyas. Neighbor-based Intrusion Detection for Wireless Sensor Networks[C]//proceedings of the Sixth International Conference on Wireless and Mobile Communications,2010, pp:420-425.
[40]Palpanas T, et al. Distributed deviation detection in sensor networks. SIGMOD Record 2003:32(December):77-82.
[41]Zhang, et al. Inside attack detection in hierarchical wireless sensor network. Presented at the 3rd international conference on innovative computing information and control, june 2008.
[42]Tiwari M,et al. Designing intrusion detection to detect black hole and selective forwarding attack in WSN based on local information. Presented at the fourth international conference on computer sciences and convergence information technology,2009.
[43]S. Rajasegarar et al., "Quarter Sphere Based Distributed Anomaly Detection in Wireless Sensor Networks," IEEE ICC'07, Glasgow, U.K., June 2007.
[44]Tian Jingwen,Gao Meijuan,Zhou Shiru. Wireless Sensor Network for Community Intrusion Detection System Based on Classify Support Vector Machine [C]//Zhuhai,China:Proceedings of the 2009 IEEE International Conference on Information and Automation,2009:1217-1221.
[45]M Moshtaghi, TC Havens, JC Bezdek, L Park etc. Clustering ellipses for anomaly detection. Pattern Recognition,2011,44(1):55-69.
[46]WANG Huai-bin, YUAN Zheng, WANG Chun-dong. Intrusion Detection for Wireless Sensor Networks Based on Multi-Agent and Refined Clustering[C]// Proceedings of the 2009 International Conference on Communications and Mobile Computing,2009:450-454.
[47]Rahul et al,2009. Reduced complexity intrusion detection in sensor networks. Presented at the 10th IEEE Singapore international conference on communications, 2009.
[48]John Zhong Lei, Ali A Ghorbani. Improved competitive learning neural networks for network intrusion and fraud detection. Neurocomputing 2012,75:135-145.
[49]AGAH A, DAS S K, BASU K, et al. Intrusion detection in sensor networks:a non-coorperative game approach[C]//Proc of the 3 rd IEEE International Symposium on Network Computing and Applicaton (NCA 2004).2004.
[50]Maryam Mohi, Ali Movaghar, Pooya Moradian Zadeh. A Bayesian Game Approach for Preventing DoS Attacks in Wireless Sensor Networks[C]//proceedings of the International Conference on Communications and Mobile computing,2010, pp:507-511.
[51]Dipankar Dasgupta, Senhua Yu, Fernando Nino. Recent Advances in Artificial Immune Systems:Models and Applications. Applied Soft Computing,2011,11: 1574-1578.
[52]Liu Yang,Yu Fengqi. Immunity-based intrusion detection for wireless sensor networks [C]//Hong Kong,China:Proc Int Jt Conf Neural Networks,2008:439-444.
[53]Min Lin,Shi Nan. An Intrusion Detection Algorithm for Wireless Sensor Network Based on Trust Management Module[C]//Wuhan,China:Internet Technology and Applications,2010 International Conference on,2010:1-4.
[54]Ju Long, Li Hongjuan.An Improved Intrusion Detection Scheme Based on Weighted Trust Evaluation for Wireless Sensor Networks[C]//Sanya:Ubiquitous Information Technologies and Applications (CUTE),2010 Proceedings of the 5th International Conference on,2010:1-6.
[55]Zorana Bankovic,JoseM Moya, Alvaro Araujo et al. Distributed intrusion detection system for wireless sensor networks based on a Reputation system coupled with kernel self-organizing maps. Integrated Computer-Aided Engineering,2010, (17) 87-102.
[56]Su C-C, et al. The new intrusion prevention and detection approaches for clustering-based sensor networks. Presented at the IEEE wireless communications and networking conference, March 2005.
[57]LOO C E, NGM Y, LECKIE C, et al. Intrusion detection for routing attacks in sensor networks[J]. International Journal of Distributed Sensor Networks,2006,2 (4):313-332.
[58]Tong Wang, Zhe Liang, Chun-hui Zhao. A Detection Method for Routing Attacks of Wireless Sensor Network Based on Fuzzy C-means Clustering,2009 Sixth International Conference on Fuzzy Systems and Knowledge Discovery,pp:45-449。
[59]Zorana Bankovi, Juan Carlos Vallejo, Pedro Malagon et al. Eliminating Routing Protocol Anomalies in Wireless Sensor Networks using AI Techniques, Proceedings of the 3rd ACM workshop on Artificial intelligence and security,2010:8-13.
[60]liu F, et al. Insider attacker detection in wireless sensor network. Presented at the 26th IEEE international conference on computer communications May 2007.
[61]Onat I, Miri A. A real-time node-based traffic anomaly detection algorithm for wireless sensor networks. Presented at the 2005 systems communications August 2005.
[62]Li T, et al. Compromised sensor nodes detection:a quantitative approach. Presented at the 28th international conference on distributed computing systems workshops, June 2008.
[63]Yu Z, Tsai JJP. A Framework of Machine Learning Based Intrusion Detection for Wireless Sensor Networks[C]//Proce- edings of the 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008),2008:272-27.
[64]Silva APRd, et al. Decentralized intrusion detection in wireless sensor networks. Presented at the 1st ACM internation worksshop on quality of service and security in wireless and mobile networks,2005.
[65]ioannis(2007). Towards intrusion detection in wireless sensor networks. Presented at the 13th European wireless conference, April 2007.
[66]杨丹,胡光岷,李宗林,姚兴苗.全局的多流量相关异常检测算法[J],电子科技大学学报,2008,37(6):823-827
[67]Tran Van Phuong, Hung Le Xuan, Seong Jin Cho, Young-Koo Lee, Sungyoung, Lee. An Anomaly Detection Algorithm for Detecting Attacks in Wireless Sensor Networks. ISI 2006:735-736
[68]Sun B, Jin X, Wu K, Xiao Y. Integration of Secure In-Network Aggregation and System Monitoring for Wireless Sensor Networks [C]. Proceedings of the IEEE International Conference on Communications (ICC'07).Glasgow,U,K,2007:1466-1471.
[69]Ponomarchuk, Yulia and Seo, Dae-Wha. Intrusion Detection Based on Traffic Analysis in Wireless Sensor Networks[C]//Proceedings of the Wireless and Optical Communications Conference (WOCC 2010),2010:1-7.
[70]Stetsko, A, Folkman, L, Matyas, V. Neighbor-Based Intrusion Detection for Wireless Sensor Networks[C]//Proceedings of the Sixth International Conference on Wireless and Mobile Communications(ICWMC 2010),2010:420-425.
[71]徐佩霞,李辉,张锦刚.网络流量的混沌特性研究[J].应用科学学报,2002,20(4):413-415.
[72]韩敏.混沌时间序列预测理论与方法[M].北京:中国水电水利出版社,2007.
[73]孙延凯,陈松灿.典型相关分析研究进展.机器学习及其应用2007,北京:清华大学出版社,2007.
[74]程光、龚俭、丁伟.基于抽样测量的高速网络实时异常检测模型[J].软件学报,2003,14(3):594-599.
[75]陈伟,何炎祥,彭文灵.一种轻量级的拒绝服务攻击检测方法[J].计算机学报,2006,29(8):1392-1400.
[76]于明,陈卫东,周希元.一种自适应非参量CUSUM控制图算法[J].计算机科学。2008,35(7):25-28.
[77]T.Peng, C,Leckie, and K, Ramamohanarao.Information sharing for distributed intrusion detection systems [J]. Journal of Network and Computer Applications, 30(3):877-899.
[78]Xiao Zhenghong, Chen Zhigang, Deng Xiaoheng. Anomaly Detection Based on a Multi-class CUSUM Algorithm for WSN. JOURNAL OF COMPUTERS,2010, 5(2):306-313.
[79]Adnan Nadeem, Michael Howarth. Adaptive Intrusion Detection & Prevention of Denial of Service attacks in MANETs. IWCMC'09, pp.926-930,2009.
[80]濮晓龙.关于累积和(CUSUM)检验的改进.应用数学学报,2003,26(2):226-241.
[81]Karlof C, Wagner D. Secure routing in wireless sensor networks:attacks and countermeasures[J]. Ad Hoc Networks,2003,1 (2-3):293-315.
[82]Marcos A. Simplicio Jr, Paulo S.L.M, et al. A survey on key management mechanisms for distributed Wireless Sensor Networks[J]. Computer Networks 2010,54(15):2591-2612.
[83]Stavrou E, Pitsillides A. A survey on secure multipath routing protocols in WSNs[J]. Computer Networks,2010,54(13):2215-2238.
[84]Perrig A, Szewczyk R, Wen V, et al. SPINS:Security protocols for sensor networks[J]. Wireless Networks,2001,8(5):521-534.
[85]Deng J, Han R, Mishra S. INSENS:Intrusion Tolerant Routing in Wireless Sensor Networks[C]. The 23rd IEEE International Conference on Distributed Computing Systems(IDCS 2003)
[86]王潮,贾翔宇,林强,基于可信度的无线传感器网络安全路由算法[J].通信学报,2008,29(11):105-112.
[87]冯涛,马建峰.防御无线传感器网络Sybil攻击的新方法[J].通信学报,2008,29(6):13-19.
[88]Park N, Oh S H, Lee W. Anomaly intrusion detection by clustering transactional audit streams in a host computer[J]. Information Sciences.2010, 180(12):2375-2389.
[89]X. Du, M. Guizani, Y. Xiao. Two Tier Secure Routing Protocol for Heterogeneous Sensor Networks. IEEE Transactions on Wireless Communications,2007,6(9): 3395-3401.
[90]马春光,张秉政,孙原,王慧强.基于按对平衡设计的异构无线传感器网络密钥预分配方案[J].通信学报,2010,31(1):37-43.
[91]Kausar F, Saeed M Q, Masood A. Key Management and Secure Routing in Heterogeneous Sensor Networks[A]. IEEE International Conference on Wireless & Mobile Computing, Networking & Communication[C].2008.549-554.
[92]Vladimir N. Vapnik著,张学工译.统计学习理论的本质[M].清华大学出版社,2000.
[93]何清,赵卫中,史忠植.分类超曲面算法复杂度研究[J].计算机学报,2010,33(4):666-671.
[94]李明,王燕,年福忠.智能信息处理与应用[M].电子工业出版社,2010.
[95]Marcos A. Simplicio Jr, Paulo S.L.M, et al. A survey on key management mechanisms for distributed Wireless Sensor Networks[J]. Computer Networks 2010,54(15):2591-2612.
[96]Stavrou E, Pitsillides A. A survey on secure multipath routing protocols in WSNs[J]. Computer Networks,2010,54(13):2215-2238.
[97]Xiang C, Yong P C, Meng L S. Design of Multiple-level Hybrid Classifier for Intrusion Detection System Using Bayesian Clustering and Decision Trees [J]. Pattern Recognition Letters,2008,29(7):918-924.
[98]Christopher Kruegel Darren Mutz WilliamRobertson Fredrik Valeur. BayesianEventClassification for Intrusion Detection[C]//proceeding of the 19th Annual Computer Security Applications Conference,2003, pp:14-23.
[99]Cheng Xiang, Png Chin Yong, Lim Swee Meng. Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees. Pattern Recognition Letters,2008,29(7):918-924.
[100]Jemili, F. Zaghdoud, M. Ben Ahmed, M. A Framework for an Adaptive Intrusion Detection System using Bayesian Network.66-70.
[101]Jing Xu, Christian R. Shelton. Intrusion Detection using Continuous Time Bayesian Networks. Journal of Artificial Intelligence Research.2010, (39):745-774.
[102]Dewan Md. Farid, Mohammad Zahidur Rahman. Anomaly Network Intrusion Detection Based on Improved Self Adaptive Bayesian Algorithm. Journal of Computers,2010,5(1):23-31.
[103]M. Mehdi, S. Zair, A. Anou and M. Bensebti. A Bayesian Networks in Intrusion Detection Systems. Journal of Computer Science 3 (5):259-265,2007.
[104]Dewan Md. Farid, Nouria Harbi, Mohammad Zahidur Rahman. Combining Naive Bayes and Decision Tree For Adaptive Intrusion Detection. International Journal of Network Security & Its Applications (IJNSA),2010,2(2):12-25.
[105]肖政宏,陈志刚,李庆华.WSN中基于分布式机器学习的异常检测仿真研究.系统仿真学报,2011,23(1):181-187.
[106]刘大有,刘杰,金弟.基于K最近邻划分的聚类算法研究[C].中国人工智能进展:2007(上),2007:169-173.
[107]Shelly Xiaonan Wu, Wolfgang Banzhaf. The use of computational intelligence in intrusion detection systems:A review[J]. Applied Soft Computing, 2010,10(1):1-35.
[108]K C Nalavade, B B Meshram. Intrusion Prevention Systems:Data Mining Approach, International Conference and Workshop on Emerging Trends in Technology (ICWET 2010),pp:211-214.
[109]Meijuan Gao, Jingwen Tian. Wireless Sensor Network for Community Intrusion Detection System Based on Improved Genetic Algorithm Neural Network, 2009 International Conference on Industrial and Information Systems,2009: 199-202.
[110]Yang Liu, Fengqi Yu. Immunity-based intrusion detection for wireless sensor networks[C]//Proceeding of the 2008 International Joint Conference on Neural Networks,2008:439-444.
[111]Mohi M, Movaghar A, Zadeh P M. A Bayesian Game Approach for Preventing DoS Attacks in Wireless Sensor Networks[C]//proceeding of the 2009 International Conference on Communications and Mobile Computing, 2009,pp:507-511.
[112]Ayday E, Fekri F. A protocol for data availability in Mobile Ad-Hoc Networks in the presence of insider attacks, Ad Hoc Networks [J],2010,8 (2):181-192.
[113]Yanmin Zhu, Yuan Jian. A Game-Theoretic Approach to Anti-jamming in Sensor Networks[C]//Proceeding of the 2010 IEEE 16th International Conference on Parallel and Distributed Systems,2010,617-624.
[114]C. I. Ezeife, Md Zillur Rahman。NeuDetect:a neural network data mining wireless network intrusion detection system, IDEAS'10 Proceedings of the Fourteenth International Database Engineering & Applications Symposium, pp:38-41
[115]孙吉贵,刘杰,赵连宇.聚类算法研究.软件学报,2008,19(1):48-61
[116]李雄飞,李军.数据挖掘与知识发现.北京:高等教育出版社,2003
[117]王培崇,基于群智能技术的网络入侵检测算法研究(博士学位论文),中国矿业大学(北京),2010.6
[118]肖敏,韩继军,肖德宝等.基于聚类的入侵检测研究综述.计算机应用,2008,28(6):34-38
[119]Zhong Shi, Khoshgoftaar T M. Nath, S V. A clustering approach to wireless network intrusion detection[c]//Proceedings of 17th IEEE International Conference on Tools with Artificial In telligence (ICTAI05). Washington:IEEE Computer Society,2005:190-196.
[120]Heinzelman W B, Chandrakasan A P, Balakrishnan, H. An application-specific protocol architecture for wireless microsensor networks[J]. IEEE Transactions on Wireless Communications,2002,1(4):660-670.
[121]Liu Yuanchao, Wang Xiaolong, Liu Bingquan. An adapted algorithm of choosing initial values for K-means document clustering. Chinese High Technology Letters,2006,16(1):11-15.
[122]Z. Wang, C. L. Wang, L. Liu, "Improvement on bintree multi-class categorization algorithm based on SVM", Journal of Wuhan Institute of Technology, vol.32, No.7, pp89-93, July 2010.
[123]梁之舜,邓集贤,杨维权,司徒荣,邓永录.概率论及数理统计(第二版)北京:高等教育出版社,1998.
[124]任双桥,杨德贵,黎湘,庄钊文.分片支撑矢量机.计算机学报,2009,32(1):77-85.
[125]Guorui Li, Jingsha He, Yingfang Fu. Group-based intrusion detection system in wireless sensor networks. Computer Communications,31 (2008) 4324-4332
[2]任丰原,黄海宁,林闯.无线传感器网络[J].软件学报,2003,14(7):1282-1291.
[3]Luigi Atzori, Antonio Iera, Giacomo Morabito. The Internet of Things:A survey[J]. Computer Networks,2010,54:2787-2805.
[4]李建中,高宏.无线传感器网络研究进展[J].计算机研究与发展,2008,45(1):1-15
[5]Ashfaq Hussain Farooqi and Farrukh Aslam Khan. Intrusion Detection Systems for Wireless Sensor Networks:A Survey. FGCN/ACN 2009, CCIS 56, pp.234-241
[6]Sun B, Osborne L, Xiao Y, Guizani S. Intrusion Detection Techniques in Mobile Ad Hoc and Wireless Sensor Networks[J]. IEEE Wireless Communications,2007, 10:56-63
[7]段丹青.入侵检测算法及关键技术研究[博士学位论文],中南大学,2007.
[8]Onat I, MIRIA. An intrusion detection system for wireless sensor networks [C] //Proc of IEEE International Conference on Wirelessand Mobile Computing, Networking and Communications (WiMOB2005).2005.
[9]曹晓梅,韩志杰,陈贵海.基于流量预测的传感器网络拒绝服务攻击检测方案.计算机学报,2007,30(10):1798-1805.
[10]Ioannis Krontiris, Zinaida Benenson, Thanassis Giannetsos etc. Cooperative Intrusion Detection in Wireless Sensor Networks. EWSN 2009, LNCS 5432, pp. 263-278.
[11]Jiayu Tang, Pingzhi Fan. A RSSI-Based Cooperative Anomaly Detection Scheme for Wireless Sensor Networks[C]//proceedings of the International Conference on Wireless Communications, Networking and Mobile Computing,2007,PP:2783-2786
[12]Mao Yuxin. A semantic-based intrusion detection framework for wireless sensor network[C]//proceedings of the International Conference on Networked Computing, 2010:pp1-5.
[13]Onat I, Miri A. A real-time node-based traffic anomaly detection algorithm for wireless sensor networks. Presented at the 2005 systems communications, August 2005.
[14]Onat I, Miri A. An intrusion detection system for wireless sensor networks. Presented at the 2005 IEEE international conference on wireless and mobile computing networking and communications, August 2005.
[15]liu F, et al. Insider attacker detection in wireless sensor network. Presented at the 26th IEEE international conference on computer communications May 2007.
[16]Dallas et al. Hop-count monitoring:detecting sinkhole attacks in wireless sensor networks. Presented at the 15th IEEE international conference on networks,2007.
[17]Curiac et al. Malicious node detection in wireless sensor networks using an autoregression technique. Presented at the 3rd international conference on networking and services, June 2007.
[18]Compromised sensor nodes detection:a quantitative approach. Presented at the 28th international conference on distributed computing systems workshops, June 2008.
[19]Yan K Q, Wang S C, Wang, S S, Liu C W. Hybrid Intrusion Detection System for enhancing the security of a cluster-based Wireless Sensor Network,2010 3rd IEEE International Conference on Computer Science and Information Technology (ICCSIT),1(114-118).
[20]Su C C, CHANG Ko-ming, Kuo Y H, et al. The new intrusion p revention and detection approaches for clustering-based sensor networks[C]//Proc of IEEE Wireless Communications and Networking Conference.2005:1927-1932.
[21]Wang H, et al. Intrusion detection for wireless sensor networks based on multi-agent and refined clustering. Presented at the international conference on communications and mobile computing, January 2009.
[22]Subramaniam S, et al. Online outlier detection in sensor data using non-parametric models. Presented at the 32nd international conference on very large data bases, September 2006.
[23]Zhang Y-Y, et al. Inside attack detection in hierarchical wireless sensor networks. Presented at the 3rd international conference on innovative computing information and control, June 2008.
[24]Masud M, et al. Anomaly detection by clustering ellipsoids in wireless sensor networks. Presented at the 5th international conference on intelligent sensors, sensor networks and information processing,2009.
[25]Rahul K, et al. Reduced complexity intrusion detection in sensor networks using genetic algorithm. Presented at the IEEE international conference on communications,2009.
[26]Yan-hui Li, Dong-yang Fu, Ming Wan Lei Li. Intrusion detection model based on hierarchical structure in Wireless sensor networks [C]//Proceedings of the International Conference on Electrical and Control Engineering,2010, pp:2816-2819.
[27]Ngai C H. Intrusion detection for wireless sensor networks [D].Hong Kong:Dept of Computer Science and Engineering, The Chinese University of Hong Kong. 2005.
[28]Rajasegarar S, Leckie C, Palaniswami M, BezdekJ C. Distributed Anomaly Detection in Wireless Sensor Networks[C]//Proceedings of the 10th IEEE Singapore International Conference on Communicat-ion systems.Singapore,2006:1-5.
[29]Nikos Komninos, Christos Douligeris. LIDF:Layered intrusion detection framework for ad-hoc networks[J].Ad Hoc Networks,2009(7):171-182.
[30]Lei Li,Yan-hui Li,Dong-yang Fu,Ming Wan. Intrusion detection model based on hierarchical structure in Wireless sensor networks,2010 International Conference on Electrical and Control Engineering (ICECE), pp:2816-2819.
[31]Tseng Chin-Yang, Poornima Balasubramanyam, et al. A Specification-Based Intrusion Detection System for AODV,2003 ACM Workshop on Security of Ad Hoc and Sensor Networks Fairfax, VA, USA,2003.
[32]A. da Silva et al. Decentralized Intrusion Detection in Wireless Sensor Networks, Proc.1st ACM Int'l. Wksp. QoS & Sec. in Wireless and Mobile Networks,2005, pp:16-23.
[33]Yong Wang, Garhan Attebury, Byrav Ramamurthy. A survey of security issues in wireless sensor networks, Communications Surveys & Tutorials, IEEE In Communications Surveys & Tutorials,2006,9(2):2-23.
[34]周贤伟、覃佰平、徐福华,无线传感器网络与安全,北京:国防工业出版社, 2007.
[35]裴庆祺,沈玉龙,马建峰.无线传感器网络安全技术综述[J].通信学报,2007,28(8):113-121.
[36]Miao Xie, Song Han, Biming Tian, Sazia Parvin. Anomaly detection in wireless sensor networks:A survey. Journal of Network and Computer Applications.2011, 34(4):1302-1325.
[37]Han Zhijie, Wang Ruchuang. Intrusion Detection for Wireless Sensor Network Based on Traffic Prediction Model.2012 International Conference on Solid State Devices and Materials Science, Physics Procedia,2012,25:2072-2080.
[38]Sang Min Lee, Dong Seong Kim, Je Hak Lee, Jong SouPark. Detection of DdoS attacks using optimized traffic matrix.Computers and Mathematics with Applications,2012,63:501-510.
[39]Andriy Stetsko, Lukas Folkman, Vashek Matyas. Neighbor-based Intrusion Detection for Wireless Sensor Networks[C]//proceedings of the Sixth International Conference on Wireless and Mobile Communications,2010, pp:420-425.
[40]Palpanas T, et al. Distributed deviation detection in sensor networks. SIGMOD Record 2003:32(December):77-82.
[41]Zhang, et al. Inside attack detection in hierarchical wireless sensor network. Presented at the 3rd international conference on innovative computing information and control, june 2008.
[42]Tiwari M,et al. Designing intrusion detection to detect black hole and selective forwarding attack in WSN based on local information. Presented at the fourth international conference on computer sciences and convergence information technology,2009.
[43]S. Rajasegarar et al., "Quarter Sphere Based Distributed Anomaly Detection in Wireless Sensor Networks," IEEE ICC'07, Glasgow, U.K., June 2007.
[44]Tian Jingwen,Gao Meijuan,Zhou Shiru. Wireless Sensor Network for Community Intrusion Detection System Based on Classify Support Vector Machine [C]//Zhuhai,China:Proceedings of the 2009 IEEE International Conference on Information and Automation,2009:1217-1221.
[45]M Moshtaghi, TC Havens, JC Bezdek, L Park etc. Clustering ellipses for anomaly detection. Pattern Recognition,2011,44(1):55-69.
[46]WANG Huai-bin, YUAN Zheng, WANG Chun-dong. Intrusion Detection for Wireless Sensor Networks Based on Multi-Agent and Refined Clustering[C]// Proceedings of the 2009 International Conference on Communications and Mobile Computing,2009:450-454.
[47]Rahul et al,2009. Reduced complexity intrusion detection in sensor networks. Presented at the 10th IEEE Singapore international conference on communications, 2009.
[48]John Zhong Lei, Ali A Ghorbani. Improved competitive learning neural networks for network intrusion and fraud detection. Neurocomputing 2012,75:135-145.
[49]AGAH A, DAS S K, BASU K, et al. Intrusion detection in sensor networks:a non-coorperative game approach[C]//Proc of the 3 rd IEEE International Symposium on Network Computing and Applicaton (NCA 2004).2004.
[50]Maryam Mohi, Ali Movaghar, Pooya Moradian Zadeh. A Bayesian Game Approach for Preventing DoS Attacks in Wireless Sensor Networks[C]//proceedings of the International Conference on Communications and Mobile computing,2010, pp:507-511.
[51]Dipankar Dasgupta, Senhua Yu, Fernando Nino. Recent Advances in Artificial Immune Systems:Models and Applications. Applied Soft Computing,2011,11: 1574-1578.
[52]Liu Yang,Yu Fengqi. Immunity-based intrusion detection for wireless sensor networks [C]//Hong Kong,China:Proc Int Jt Conf Neural Networks,2008:439-444.
[53]Min Lin,Shi Nan. An Intrusion Detection Algorithm for Wireless Sensor Network Based on Trust Management Module[C]//Wuhan,China:Internet Technology and Applications,2010 International Conference on,2010:1-4.
[54]Ju Long, Li Hongjuan.An Improved Intrusion Detection Scheme Based on Weighted Trust Evaluation for Wireless Sensor Networks[C]//Sanya:Ubiquitous Information Technologies and Applications (CUTE),2010 Proceedings of the 5th International Conference on,2010:1-6.
[55]Zorana Bankovic,JoseM Moya, Alvaro Araujo et al. Distributed intrusion detection system for wireless sensor networks based on a Reputation system coupled with kernel self-organizing maps. Integrated Computer-Aided Engineering,2010, (17) 87-102.
[56]Su C-C, et al. The new intrusion prevention and detection approaches for clustering-based sensor networks. Presented at the IEEE wireless communications and networking conference, March 2005.
[57]LOO C E, NGM Y, LECKIE C, et al. Intrusion detection for routing attacks in sensor networks[J]. International Journal of Distributed Sensor Networks,2006,2 (4):313-332.
[58]Tong Wang, Zhe Liang, Chun-hui Zhao. A Detection Method for Routing Attacks of Wireless Sensor Network Based on Fuzzy C-means Clustering,2009 Sixth International Conference on Fuzzy Systems and Knowledge Discovery,pp:45-449。
[59]Zorana Bankovi, Juan Carlos Vallejo, Pedro Malagon et al. Eliminating Routing Protocol Anomalies in Wireless Sensor Networks using AI Techniques, Proceedings of the 3rd ACM workshop on Artificial intelligence and security,2010:8-13.
[60]liu F, et al. Insider attacker detection in wireless sensor network. Presented at the 26th IEEE international conference on computer communications May 2007.
[61]Onat I, Miri A. A real-time node-based traffic anomaly detection algorithm for wireless sensor networks. Presented at the 2005 systems communications August 2005.
[62]Li T, et al. Compromised sensor nodes detection:a quantitative approach. Presented at the 28th international conference on distributed computing systems workshops, June 2008.
[63]Yu Z, Tsai JJP. A Framework of Machine Learning Based Intrusion Detection for Wireless Sensor Networks[C]//Proce- edings of the 2008 IEEE International Conference on Sensor Networks, Ubiquitous, and Trustworthy Computing (sutc 2008),2008:272-27.
[64]Silva APRd, et al. Decentralized intrusion detection in wireless sensor networks. Presented at the 1st ACM internation worksshop on quality of service and security in wireless and mobile networks,2005.
[65]ioannis(2007). Towards intrusion detection in wireless sensor networks. Presented at the 13th European wireless conference, April 2007.
[66]杨丹,胡光岷,李宗林,姚兴苗.全局的多流量相关异常检测算法[J],电子科技大学学报,2008,37(6):823-827
[67]Tran Van Phuong, Hung Le Xuan, Seong Jin Cho, Young-Koo Lee, Sungyoung, Lee. An Anomaly Detection Algorithm for Detecting Attacks in Wireless Sensor Networks. ISI 2006:735-736
[68]Sun B, Jin X, Wu K, Xiao Y. Integration of Secure In-Network Aggregation and System Monitoring for Wireless Sensor Networks [C]. Proceedings of the IEEE International Conference on Communications (ICC'07).Glasgow,U,K,2007:1466-1471.
[69]Ponomarchuk, Yulia and Seo, Dae-Wha. Intrusion Detection Based on Traffic Analysis in Wireless Sensor Networks[C]//Proceedings of the Wireless and Optical Communications Conference (WOCC 2010),2010:1-7.
[70]Stetsko, A, Folkman, L, Matyas, V. Neighbor-Based Intrusion Detection for Wireless Sensor Networks[C]//Proceedings of the Sixth International Conference on Wireless and Mobile Communications(ICWMC 2010),2010:420-425.
[71]徐佩霞,李辉,张锦刚.网络流量的混沌特性研究[J].应用科学学报,2002,20(4):413-415.
[72]韩敏.混沌时间序列预测理论与方法[M].北京:中国水电水利出版社,2007.
[73]孙延凯,陈松灿.典型相关分析研究进展.机器学习及其应用2007,北京:清华大学出版社,2007.
[74]程光、龚俭、丁伟.基于抽样测量的高速网络实时异常检测模型[J].软件学报,2003,14(3):594-599.
[75]陈伟,何炎祥,彭文灵.一种轻量级的拒绝服务攻击检测方法[J].计算机学报,2006,29(8):1392-1400.
[76]于明,陈卫东,周希元.一种自适应非参量CUSUM控制图算法[J].计算机科学。2008,35(7):25-28.
[77]T.Peng, C,Leckie, and K, Ramamohanarao.Information sharing for distributed intrusion detection systems [J]. Journal of Network and Computer Applications, 30(3):877-899.
[78]Xiao Zhenghong, Chen Zhigang, Deng Xiaoheng. Anomaly Detection Based on a Multi-class CUSUM Algorithm for WSN. JOURNAL OF COMPUTERS,2010, 5(2):306-313.
[79]Adnan Nadeem, Michael Howarth. Adaptive Intrusion Detection & Prevention of Denial of Service attacks in MANETs. IWCMC'09, pp.926-930,2009.
[80]濮晓龙.关于累积和(CUSUM)检验的改进.应用数学学报,2003,26(2):226-241.
[81]Karlof C, Wagner D. Secure routing in wireless sensor networks:attacks and countermeasures[J]. Ad Hoc Networks,2003,1 (2-3):293-315.
[82]Marcos A. Simplicio Jr, Paulo S.L.M, et al. A survey on key management mechanisms for distributed Wireless Sensor Networks[J]. Computer Networks 2010,54(15):2591-2612.
[83]Stavrou E, Pitsillides A. A survey on secure multipath routing protocols in WSNs[J]. Computer Networks,2010,54(13):2215-2238.
[84]Perrig A, Szewczyk R, Wen V, et al. SPINS:Security protocols for sensor networks[J]. Wireless Networks,2001,8(5):521-534.
[85]Deng J, Han R, Mishra S. INSENS:Intrusion Tolerant Routing in Wireless Sensor Networks[C]. The 23rd IEEE International Conference on Distributed Computing Systems(IDCS 2003)
[86]王潮,贾翔宇,林强,基于可信度的无线传感器网络安全路由算法[J].通信学报,2008,29(11):105-112.
[87]冯涛,马建峰.防御无线传感器网络Sybil攻击的新方法[J].通信学报,2008,29(6):13-19.
[88]Park N, Oh S H, Lee W. Anomaly intrusion detection by clustering transactional audit streams in a host computer[J]. Information Sciences.2010, 180(12):2375-2389.
[89]X. Du, M. Guizani, Y. Xiao. Two Tier Secure Routing Protocol for Heterogeneous Sensor Networks. IEEE Transactions on Wireless Communications,2007,6(9): 3395-3401.
[90]马春光,张秉政,孙原,王慧强.基于按对平衡设计的异构无线传感器网络密钥预分配方案[J].通信学报,2010,31(1):37-43.
[91]Kausar F, Saeed M Q, Masood A. Key Management and Secure Routing in Heterogeneous Sensor Networks[A]. IEEE International Conference on Wireless & Mobile Computing, Networking & Communication[C].2008.549-554.
[92]Vladimir N. Vapnik著,张学工译.统计学习理论的本质[M].清华大学出版社,2000.
[93]何清,赵卫中,史忠植.分类超曲面算法复杂度研究[J].计算机学报,2010,33(4):666-671.
[94]李明,王燕,年福忠.智能信息处理与应用[M].电子工业出版社,2010.
[95]Marcos A. Simplicio Jr, Paulo S.L.M, et al. A survey on key management mechanisms for distributed Wireless Sensor Networks[J]. Computer Networks 2010,54(15):2591-2612.
[96]Stavrou E, Pitsillides A. A survey on secure multipath routing protocols in WSNs[J]. Computer Networks,2010,54(13):2215-2238.
[97]Xiang C, Yong P C, Meng L S. Design of Multiple-level Hybrid Classifier for Intrusion Detection System Using Bayesian Clustering and Decision Trees [J]. Pattern Recognition Letters,2008,29(7):918-924.
[98]Christopher Kruegel Darren Mutz WilliamRobertson Fredrik Valeur. BayesianEventClassification for Intrusion Detection[C]//proceeding of the 19th Annual Computer Security Applications Conference,2003, pp:14-23.
[99]Cheng Xiang, Png Chin Yong, Lim Swee Meng. Design of multiple-level hybrid classifier for intrusion detection system using Bayesian clustering and decision trees. Pattern Recognition Letters,2008,29(7):918-924.
[100]Jemili, F. Zaghdoud, M. Ben Ahmed, M. A Framework for an Adaptive Intrusion Detection System using Bayesian Network.66-70.
[101]Jing Xu, Christian R. Shelton. Intrusion Detection using Continuous Time Bayesian Networks. Journal of Artificial Intelligence Research.2010, (39):745-774.
[102]Dewan Md. Farid, Mohammad Zahidur Rahman. Anomaly Network Intrusion Detection Based on Improved Self Adaptive Bayesian Algorithm. Journal of Computers,2010,5(1):23-31.
[103]M. Mehdi, S. Zair, A. Anou and M. Bensebti. A Bayesian Networks in Intrusion Detection Systems. Journal of Computer Science 3 (5):259-265,2007.
[104]Dewan Md. Farid, Nouria Harbi, Mohammad Zahidur Rahman. Combining Naive Bayes and Decision Tree For Adaptive Intrusion Detection. International Journal of Network Security & Its Applications (IJNSA),2010,2(2):12-25.
[105]肖政宏,陈志刚,李庆华.WSN中基于分布式机器学习的异常检测仿真研究.系统仿真学报,2011,23(1):181-187.
[106]刘大有,刘杰,金弟.基于K最近邻划分的聚类算法研究[C].中国人工智能进展:2007(上),2007:169-173.
[107]Shelly Xiaonan Wu, Wolfgang Banzhaf. The use of computational intelligence in intrusion detection systems:A review[J]. Applied Soft Computing, 2010,10(1):1-35.
[108]K C Nalavade, B B Meshram. Intrusion Prevention Systems:Data Mining Approach, International Conference and Workshop on Emerging Trends in Technology (ICWET 2010),pp:211-214.
[109]Meijuan Gao, Jingwen Tian. Wireless Sensor Network for Community Intrusion Detection System Based on Improved Genetic Algorithm Neural Network, 2009 International Conference on Industrial and Information Systems,2009: 199-202.
[110]Yang Liu, Fengqi Yu. Immunity-based intrusion detection for wireless sensor networks[C]//Proceeding of the 2008 International Joint Conference on Neural Networks,2008:439-444.
[111]Mohi M, Movaghar A, Zadeh P M. A Bayesian Game Approach for Preventing DoS Attacks in Wireless Sensor Networks[C]//proceeding of the 2009 International Conference on Communications and Mobile Computing, 2009,pp:507-511.
[112]Ayday E, Fekri F. A protocol for data availability in Mobile Ad-Hoc Networks in the presence of insider attacks, Ad Hoc Networks [J],2010,8 (2):181-192.
[113]Yanmin Zhu, Yuan Jian. A Game-Theoretic Approach to Anti-jamming in Sensor Networks[C]//Proceeding of the 2010 IEEE 16th International Conference on Parallel and Distributed Systems,2010,617-624.
[114]C. I. Ezeife, Md Zillur Rahman。NeuDetect:a neural network data mining wireless network intrusion detection system, IDEAS'10 Proceedings of the Fourteenth International Database Engineering & Applications Symposium, pp:38-41
[115]孙吉贵,刘杰,赵连宇.聚类算法研究.软件学报,2008,19(1):48-61
[116]李雄飞,李军.数据挖掘与知识发现.北京:高等教育出版社,2003
[117]王培崇,基于群智能技术的网络入侵检测算法研究(博士学位论文),中国矿业大学(北京),2010.6
[118]肖敏,韩继军,肖德宝等.基于聚类的入侵检测研究综述.计算机应用,2008,28(6):34-38
[119]Zhong Shi, Khoshgoftaar T M. Nath, S V. A clustering approach to wireless network intrusion detection[c]//Proceedings of 17th IEEE International Conference on Tools with Artificial In telligence (ICTAI05). Washington:IEEE Computer Society,2005:190-196.
[120]Heinzelman W B, Chandrakasan A P, Balakrishnan, H. An application-specific protocol architecture for wireless microsensor networks[J]. IEEE Transactions on Wireless Communications,2002,1(4):660-670.
[121]Liu Yuanchao, Wang Xiaolong, Liu Bingquan. An adapted algorithm of choosing initial values for K-means document clustering. Chinese High Technology Letters,2006,16(1):11-15.
[122]Z. Wang, C. L. Wang, L. Liu, "Improvement on bintree multi-class categorization algorithm based on SVM", Journal of Wuhan Institute of Technology, vol.32, No.7, pp89-93, July 2010.
[123]梁之舜,邓集贤,杨维权,司徒荣,邓永录.概率论及数理统计(第二版)北京:高等教育出版社,1998.
[124]任双桥,杨德贵,黎湘,庄钊文.分片支撑矢量机.计算机学报,2009,32(1):77-85.
[125]Guorui Li, Jingsha He, Yingfang Fu. Group-based intrusion detection system in wireless sensor networks. Computer Communications,31 (2008) 4324-4332
© 2004-2018 中国地质图书馆版权所有 京ICP备05064691号 京公网安备11010802017129号 地址:北京市海淀区学院路29号 邮编:100083 电话:办公室:(+86 10)66554848;文献借阅、咨询服务、科技查新:66554700 |