DWT-based anomaly detection method for cyber security of wireless sensor networks

Critical infrastructures are exposed to many natural and man-made hazards and threats. Recently, in the era of moving previously disconnected (tele)-monitoring, control and supervisory systems (e.g., information and communication technologies or supervisory control and data acquisition) towards full network connection, the risk of cyber attacks on such systems is continuously growing. One of the current trends in information and communication technology systems controlling critical infrastructures (such as energy grids, telecommunication networks, or water systems) is deployment of wireless sensor networks. Therefore, the cyber security of the mentioned networks becomes an important challenge to be solved. In this paper, we propose a discrete wavelet transform-based method of anomaly detection in wireless sensor networks that could be deployed in critical infrastructures (e.g., in energy grids, to measure some parameters). The major contribution of the paper is the implementation of the innovative SNORT-based pre-processor using the effective anomaly detection methods based on discrete wavelet transform. We apply the discrete wavelet transform to 26 network traffic parameters measured in our realistic testbed. We also discuss which parameters of the traffic are most useful for such purpose. Moreover, we implement our method as an algorithm in a dedicated SNORT preprocessor in order to be compliant with this popular state of the art intrusion detection system. Copyright (c) 2016 John Wiley & Sons, Ltd.