Photonic Network Communications

, Volume 37, Issue 2, pp 212–223 | Cite as

Research on the intrusion detection model based on improved cumulative summation and evidence theory for wireless sensor network

  • Fengjun ShangEmail author
  • Dan Zhou
  • Cheng Li
  • Hanyun Ye
  • Yuting Zhao
Original Paper


In this paper, a new hybrid intrusion detection model which combines the distributed and centralized strategies is proposed in this paper as follows. Firstly, considering the network anomalies, situation cannot be captured in real time on the base station; by introducing the CUSUM (cumulative summation) GLR (generalized likelihood ratio), an anomaly detection model which runs on the node is given. It can conduct real-time network monitoring. Based on the “link quality” and “majority rule,” a new algorithm to detect the “Sinkhole attack” in the base station is proposed, and a new model CUSUM_MV to detect intrusion is given. Secondly, the evidence theory is introduced to detect intrusion in wireless sensor network. We give the redundant information process mechanism in the relay node, an evidence-based intrusion detection model deployed on the base station and the intrusion detection model CUSUM_HDST. The hybrid model can detect not only Sinkhole and DoS attacks, but also other specific vulnerabilities. A simulation experiment on Castalia simulator is carried out, and results show that the proposed method has better performance than the traditional Sinkhole attacks detection method.


Wireless sensor networks Intrusion detection CUSUM GLR Castalia D–S evidence theory 



The work has been supported by the National Natural Science Foundation of China (No. 61672004), the Chongqing Research Program of Basic Research and Frontier Technology under Grant No. cstc2016jcyjA0590, and the CERNET Innovation Project. The author would like to thank the Program for Innovation Team Building at Institutions of Higher Education in Chongqing (CXTDX201601021) and Chongqing Municipal Engineering Research Center of Institutions of Higher Education.


  1. 1.
    Hodge, V.J., O’Keefe, S., Weeks, M., Moulds, A.: Wireless sensor network for condition monitoring in the railway industry: a survey. IEEE Trans. Intell. Transp. Syst. 16(3), 1088–1105 (2015)CrossRefGoogle Scholar
  2. 2.
    Fouchal, H., Hunel, P., Ramassamy, C.: Towards efficient deployment of wireless sensor networks. Secur. Comm. Netw. 9(17), 3927–3943 (2016)CrossRefGoogle Scholar
  3. 3.
    Karlof, D.W.: Secure routing in wireless sensor networks: attacks and countermeasures. Ad Hoc Netw. J. Special Issue Sens. Netw. Appl. Protoc. 8(3), 293–315 (2003)Google Scholar
  4. 4.
    Jan, M.A., Nanda, P., He, X., Liu, R.P.: A Sybil attack detection scheme for a forest wildfire monitoring application. Fut. Gener. Comput. Syst. 80, 613–626 (2018)CrossRefGoogle Scholar
  5. 5.
    Bhise, A.M., Kamble, S.D.: Review on detection and mitigation of sybil attack in the network. Procedia Comput. Sci. 78, 395–401 (2016)CrossRefGoogle Scholar
  6. 6.
    Yadav, H., Tak, M.S.: A surevy on detection of sinkhole attack in wireless sensor network. Int. J. Eng. Techn. Res. V6, (11) (2017)Google Scholar
  7. 7.
    Ngai, E.C.H., Liu, J.C., Lyu, M.R.: An efficient intruder detection algorithm against Sinkhole attacks in wireless sensor networks. Comput. Commun. 12(30), 2353–2364 (2007)CrossRefGoogle Scholar
  8. 8.
    Krontiris, I., Benenson, Z., Giannetsos, T., Dimitriou, T., et al.: Cooperative intrusion detection in wireless sensor networks. In: Roedig, U., Screenan, C.J. (Eds.) EWSN, pp. 263–278 (2009)Google Scholar
  9. 9.
    Shafiei, H., Khonsari, A., Derakhshi, H., et al.: Detection and mitigation of sinkhole attacks in wireless sensor networks. J. Comput. Syst. Sci. 12(1), 12–22 (2013)zbMATHGoogle Scholar
  10. 10.
    Rajasegarar, S., Leckie, C., Palaniswami, M.: Hyperspherical cluster based distributed anomaly detection in wireless sensor networks. J. Parallel Distrib. Comput. 74(1), 1833–1847 (2014)CrossRefGoogle Scholar
  11. 11.
    Fessant, F.L., Papadimitriou, A., Viana, A.C., et al.: A Sinkhole resilient protocol for wireless sensor networks: performance and security analysis. Comput. Commun. 12(35), 234–248 (2012)CrossRefGoogle Scholar
  12. 12.
    Zhao, H.: The simulation experiment and research on an improved cumulative sum anomaly detection method. Appl. Mech. Mater. 743(38), 219–225 (2015)CrossRefGoogle Scholar
  13. 13.
    Ozcelik, M.M., Irmak, E., Ozdemir, S.: A hybrid trust based intrusion detection system for wireless sensor networks. In: International Symposium on Networks, Computers and Communications. IEEE, pp. 1–6 (2017)Google Scholar
  14. 14.
    Sun, Y., Zhang, Y.: New developments of characteristic analysis in wireless sensor networks. IETE J. Res. 2, 221–227 (2016)CrossRefGoogle Scholar
  15. 15.
    Zang, T., Yun, X., Zhang, Y., Men, C., Cui, X.: Botnets’ similarity analysis based on communication features and D–S evidence theory. J. Commun. 32(4), 66–76 (2011)Google Scholar
  16. 16.
    Yang, K., Ma, J., Yang, C.: Trusted routing based on D–S evidence theory in wireless mesh network. J. Commun. 32(5), 89–103 (2011)Google Scholar
  17. 17.
    Zhao, X., Liu, Y., Sun, J.: New network anomaly detection using transfer learning and D–S theory. Appl. Res. Comput. 33(4), 1137–1140 (2016)Google Scholar
  18. 18.
    Chen, Y., Liu, Y.: Application of extended D–S evidence theory in intrusion detection. Comput. Eng. Sci. 36(1), 83–87 (2014)Google Scholar
  19. 19.
    Chang, Y., Liu, F.: Wireless sensor intrusion detection system based on the theory of evidence. In: IEEE International Conference on Communication Software and Networks, pp. 2811–2814. IEEE (2016)Google Scholar
  20. 20.
    Super User: Wireless Sensor Network Simulator User Manual. NICTA, Australia (2013)Google Scholar
  21. 21.
    Song, X., Wang, C., Gao, J., Xi, H.: DLRDG: distributed linear regression-based hierarchical data gathering framework in wireless sensor network. Neural Comput. Appl. 23(7–8), 1999–2013 (2013)CrossRefGoogle Scholar
  22. 22.
    Bacciu, D.: Unsupervised feature selection for sensor time-series in pervasive computing applications. Neural Comput. Appl. 27(5), 1077–1091 (2016)CrossRefGoogle Scholar
  23. 23.
    Wang, G., Huang, C.: Energy-efficient beaconless real-time routing protocol for wireless sensor networks. Comput. Syst. Sci. Eng. 26(3) (2011)Google Scholar
  24. 24.
    Zhang, D.G., Zhou, S., Chen, J.: New Dv-distance method based on path for wireless sensor network. Intell. Autom. Soft Comput. 23(2), 219–225 (2017)CrossRefGoogle Scholar

Copyright information

© Springer Science+Business Media, LLC, part of Springer Nature 2018

Authors and Affiliations

  • Fengjun Shang
    • 1
    Email author
  • Dan Zhou
    • 1
  • Cheng Li
    • 1
  • Hanyun Ye
    • 1
  • Yuting Zhao
    • 1
  1. 1.College of Computer Science and TechnologyChongqing University of Posts and TelecommunicationsChongqingChina

Personalised recommendations