ArticlePDF Available

Intrusion Detection System in Wireless Sensor Network Using Conditional Generative Adversarial Network


Abstract and Figures

Wireless communication networks have much data to sense, process, and transmit. It tends to develop a security mechanism to care for these needs for such modern-day systems. An intrusion detection system (IDS) is a solution that has recently gained the researcher's attention with the application of deep learning techniques in IDS. In this paper, we propose an IDS model that uses a deep learning algorithm, conditional generative adversarial network (CGAN), enabling unsupervised learning in the model and adding an eXtreme gradient boosting (XGBoost) classifier for faster comparison and visualization of results. The proposed method can reduce the need to deploy extra sensors to generate fake data to fool the intruder 1.2-2.6%, as the proposed system generates this fake data. The parameters were selected to give optimal results to our model without significant alterations and complications. The model learns from its dataset samples with the multiple-layer network for a refined training process. We aimed that the proposed model could improve the accuracy and thus, decrease the false detection rate and obtain good precision in the cases of both the datasets, NSL-KDD and the CICIDS2017, which can be used as a detector for cyber intrusions. The false alarm rate of the proposed model decreases by about 1.827%.
This content is subject to copyright. Terms and conditions apply.
Wireless Personal Communications
1 3
Intrusion Detection System inWireless Sensor Network Using
Conditional Generative Adversarial Network
TanyaSood1· SatyarthaPrakash2· SandeepSharma3 · AbhilashSingh4·
Accepted: 7 May 2022
© The Author(s), under exclusive licence to Springer Science+Business Media, LLC, part of Springer Nature 2022
Wireless communication networks have much data to sense, process, and transmit. It tends
to develop a security mechanism to care for these needs for such modern-day systems.
An intrusion detection system (IDS) is a solution that has recently gained the researcher’s
attention with the application of deep learning techniques in IDS. In this paper, we pro-
pose an IDS model that uses a deep learning algorithm, conditional generative adversarial
network (CGAN), enabling unsupervised learning in the model and adding an eXtreme
gradient boosting (XGBoost) classifier for faster comparison and visualization of results.
The proposed method can reduce the need to deploy extra sensors to generate fake data to
fool the intruder 1.2–2.6%, as the proposed system generates this fake data. The parameters
were selected to give optimal results to our model without significant alterations and com-
plications. The model learns from its dataset samples with the multiple-layer network for
a refined training process. We aimed that the proposed model could improve the accuracy
and thus, decrease the false detection rate and obtain good precision in the cases of both
the datasets, NSL-KDD and the CICIDS2017, which can be used as a detector for cyber
intrusions. The false alarm rate of the proposed model decreases by about 1.827%.
Keywords Wireless sensor networks· Deep learning· GANs· XGBoost· Security· IDS·
Confusion matrix
1 Introduction
Over the years, wireless networks have been used in a wide array of applications like—out-
door and indoor monitoring applications, communication, and internet services. There is
a wide variety of data being transmitted in these deployed networks. This variety of net-
works in today’s scenario comes with a dire need for security enhancements because of
the several different types of attacks and security breaches possible in today’s world. With
the continuously increasing data transmission between various entities and networks, we
also need suitable network protection strategies. There have been various security methods
* Sandeep Sharma
Extended author information available on the last page of the article
T.Sood et al.
1 3
implemented and adapted in the networks until now, like cryptographic systems [1], base
system protection [2], location verification [3], intrusion verification and detection [4],
doubly near-far problem [5], and so on. The networks these days have large amounts of
data and information to be processed; this leads to the drainage of their energy and mem-
ory capacities. Wireless information and data are simultaneously transferred in wireless
networks to decrease the battery drain problem [6]. The security mechanism chosen for
these networks may lead to more energy and memory consumption, leading to the failure
of sensors, failure of a network entity, loss of data, and thus, a network failure altogether. A
solution to these limitations may lie in Intrusion Detection Systems.
An intrusion detection system (IDS) is a security application that recognizes the secu-
rity breaches by outsiders and insiders in a system. An IDS can thus be understood as a
wholesome entity that monitors the behavior of a system and responds to the abnormalities
in its functioning. Modern-day systems deal with a vast amount of data, and thus, devel-
oping more intelligent and platform-friendly solutions is necessary. The security systems
should be flexible in their operations across various platforms and provide maximum secu-
rity. Thus, a viable solution to develop such an entity that tackles these present-day prob-
lems is the integration of machine learning to ease the process of monitoring and securing
the wireless networks and take care of its limitations.
Wireless Sensor Networks (WSNs) consist of low-power sensors capable of sensing and
transmitting information through wireless channels. These are battery constraint devices,
and one must use them efficiently; otherwise, if the battery is drained, the node is dead, and
a dark zone with no network coverage occurs. The WSNs find applications in various filed
like data aggregation, information sensing, environment monitoring, digital agriculture,
smart agriculture, remote sensing, healthcare, and military applications like border surveil-
lance [7, 8]. There is always no man’s land between the line of control (LOC) between any
two nations. There are army personnel and troops deployed to patrol their areas, but moni-
toring humans is not always feasible. Any intruder crossing these crucial areas can harm
the army deployment and arrangements, causing great harm to the nation’s security. Wire-
less sensor networks are deployed to have the best possible surveillance against intrusion to
strengthen detection in vulnerable border areas [9].
For securing such fields, a typical communication system is to be established. Such
a scenario requires adding newer entities to the networks and hence generates a massive
amount of data in those networks with the communicating entities. Monitoring in these
areas is continuously done without any interruption, and hence there exists a fast-grow-
ing data exchange scenario. The challenge here is to develop a solution to increase data
transmission speeds and modernize how the entities communicate. Security is an equally
important aspect other than the communication system and needs to be addressed. Network
security is an aspect that takes care of the network and its services altogether. It protects
againstunauthorized access to unapproved network modifications and maintains the funda-
mental integrity and confidentiality between the users to protect the data exchanged within
the network. Various security measures have been adopted to secure the wireless sensor
networks from unwanted threats likecryptography, code-testing techniques, secure loca-
tion, secure routing techniques, etc. [2]. However, measures like a key exchange, firewalls,
antivirus, network analyzers, etc. [10] have worked well in the past, but these models prove
incompetent in more extensive networks.
Moreover, the previous models, like cryptographic key exchange systems, can be cum-
bersome when applied to a more extensive sensor network. They would exploit the sensor’s
limited memory and energy capacity, and key management can be a problematic task [11].
Thus, we need to use a solution to monitor a scalable network of any size at a wholesome
Intrusion Detection System inWireless Sensor Network Using…
1 3
level [12]. One viable solution for such problems is the Intrusion Detection System (IDS).
It is a network security measure that takes over the security of the hardware and the soft-
ware involved in a network [13]. It aids in the overall protection of the network and pro-
vides us with a much easier solution. The IDS can monitor the total traffic transmitted to
the network and keep track of the system logs. Whenever it observes an abnormality or vul-
nerability in the system, it alerts the administrator. It eases the complexity of the network
and thus is more comfortable in monitoring and maintenance. The use of AI technologies
[14]and fuzzy-based decision tree mechanism [15, 16] in building such IDSs is a growing
area of research, as it can ease human intervention in network monitoring tasks [17].
Recently, drones have been deployed to secure premises of high-security zones where
the open challenge is to predict the drone’s flight’s direction of arrival (DoA) [18]. How-
ever, when we talk about a sensor-based system, the sensors are deployed randomly in clus-
ters which are formed based on any fuzzy-based [19], nature-inspired [20] or any other
conventional algorithm [21]. The node deployment plays a critical role in the performance
of the system. Node localized at the right place and with minimum localization error [22]
substantiallyboosts the system’s performance. If a node is not appropriately placed, poten-
tial intruders can enter the system and alleviate the attacks in the sensor network deployed
system. It is countered by choosing a trust-based system [23, 24]. Any IDS detects a suspi-
cious activity with the help of any technique such as machine learning [25] and deep learn-
ing, which trains the system against various scenarios. Then with the help of the trained
scenarios, any intrusion can be detected [26]. The deployed sensor nodes require a mobility
model for random movement in the region of interest. The mobility model is selected in
such a way as to decrease energy consumption and enhance the QoS of the system [27].
Author’s Contribution: In this paper, we propose one such IDS, based on Deep Learn-
ing methods, which can train itself to distinguish between normal and attack class data.
The proposed method prevents theadministrator from supervising network traffic and save
energy and time. The system would detect the fraud data itself and alert any attacks occur-
ring in the network when combined with an alerting system. This model can reduce the
number of sensor nodes in the sensor network. Moreover, it can reduce the need to deploy
extra sensor nodes to create adversary data to confuse the attacker. Our proposed system is
also capable of generating more fake data and thus, can help reduce the size of the sensor
Paper Organization Section 2 talks and sums up the referred literature regarding the
various previous developments that have taken place in this area of research. Section3
deals with the proposed system model, the IDS algorithm, and the system’s basic enti-
ties. We summarize the simulation parameters and discuss the inferences drawn from the
obtained results in Sect.4. The paper is concluded in Sect.5 with its future scope.
2 Related Works
The security of wireless networks has been an open challenge for researchers over the
years. Technological advancements have aided developers and researchers in finding and
implementing newer security solutions. However, it has also led the attackers to crack the
traditional techniques more easily. For example, ransomware attacks affect a vast number
of systems worldwide. Therefore, it created a necessity to develop newer and more techno-
logically advanced models to tackle such attacks.
T.Sood et al.
1 3
Previously, many methods have been used to develop the IDSs. Although the various
deep learning methods introduced have an excellent accuracy measure, the methods used
have their drawbacks, which may prove to be constraints in the application phase. The
authors [28] introduced an IDS using the Support Vector Machine (SVM) algorithm and
Deep Learning on the Port Scan data, similar to one part of our experiment. However,
the deep learning model depicts good accuracy over the SVM model. The SVM method
generally faces disadvantages in dealing with more massive datasets, which might pose an
issue in applying more extensive networks and more enormous datasets. In [29], the author
talks about how the deep learning techniques have established their efficacy in ML and
intrusion detection. In the image classification tasks, the systems might have discrepancies
that benefit the attackers. It might lead to having doubts about deploying the deep learning
networks in the intrusion detection field. The author has researched these deep learning
algorithms against excellent attack algorithms like JSMA, DeepFool, FGSM, etc., on the
NSL-KDD dataset. The author did not work upon transferability with different inputs in
the same neural network, between the different NNs, or with well-known ML techniques
like SVM. In [30], the authors propose SVM and Autoencoders to introduce a Network
Intrusion Detection System (NIDS) based on Self Taught Learning (STL). They manage
to obtain good classification accuracy and compare it to various other methods. However,
the autoencoders are not very competent in data regeneration; their performance is not very
satisfactory in this respect. The GANs can perform better when compared to autoencod-
ers. Deep neural networks (DNN) study various datasets [31]. The framework is a multi-
layered hybrid DNN that is to be used as an IDS. The results are reasonably accurate in all
the datasets. However, the stability of the results is not constant in the datasets, which can
be used to further improve the results by using other deep learning methodologies.
This paper is similar to [32] in using a GAN model for developing a security system.
The authors presented a sensor network security technique, which was accurate. However,
our work is different as we have developed a detection system based on the CGAN model,
which is a better way to learn from classed data. Also, our model uses XGBoost for visuali-
zation of results, unlike [32], which required a cross-platform working effort.
Further, our work shows an increase in the accuracy and precision of the output and
works on a faster and lesser complex model. It can work on a single platform for all the
tasks, from preprocessing the data to visualization results. The results thus obtained are
much faster and decrease the computational time. The proposed IDS has shown a signifi-
cantly lower false detection rate, which has been one of the constraints of the Intrusion
Detection Systems in general. The following section discusses the algorithm involved in
the proposed work and the concepts.
3 System Model
Before we discuss the system model, we need to know about the basics of our model—
GAN, CGAN, and XGBoost. The data is first taken in and trained by the CGAN model
and then passed on to the XGBoost classifier to validate the obtained results. Therefore, we
first shed light on the problem we aim to fix, explain these basic concepts, and discuss our
proposed model.
Intrusion Detection System inWireless Sensor Network Using…
1 3
3.1 Problem Statement
This work focuses on a new unsupervised learning algorithm and its application to secure
IDS. This framework will produce fake data to confuse the attacker. It can secure the
network and transmit data between the sender and the receiver, compared to the other
approaches of IDS developed using Deep Learning. This technique eliminates the need
for fake sensor nodes or fake data-producing entities, increasing the network’s energy and
memory consumption. The two frameworks discussed in the following subsections and
considered after the literature survey have been found to have limited research on the pos-
sible applications of the CGAN and XGBoost. Thus, we take on the task of presenting an
amalgamated framework of the two algorithms and studying their results.
3.2 Generative Adversarial Networks (GAN)
A ‘GAN’ is a neural network that can create new data without any prerequisites or from
scratch. In the original formulation of GANs, proposed by Ian Goodfellow etal. in [33], the
discriminator network model generates an estimated probability that if a given image/data
was real or generated. The discriminator would then have access to both the generated and
actual data, which would lead it to generate the estimate about both types of inputs. The
discrepancy between the discriminator’s results and the actual values is calculated as the
loss. The G network is intended to get familiar with the organization of the training data. In
contrast, the D network is intended to find the similarity of the data coming from the train-
ing (real) data instead of the generator data (attack/fake).
Figure1 is a representation of the GAN’s working. As we can see from the figure,
the noise input (z) is taken and mapped into a latent space, usually real data size. Then,
this noise is input into the Generator (G) and processed according to the network condi-
tions defined. This output ‘test’data becomes the input to the discriminator (D), which
compares the real data (x) and the Generator’s test data,and then gives the output. The
output of D is in the form of weights assigned to the results, like 0 for ‘fake’data and 1
for ‘real‘data. This output is then fed back to the G network and D network. G adheres
feedback to improve the generated data, and this process goes on for the defined
Fig. 1 Two model training in GAN
T.Sood et al.
1 3
number of steps. These G and D networks work in union to learn from the feedback and
thus, be able to generate new data [34].
The generator’s capacity to create new data that resembles genuine examples is
improved. The perception is to bewilder the intruder/ attacker and keep them from dif-
ferentiating between the data from the generator and the valid data from the datasets.
The Discriminator differentiates between real and fake data [32] by enhancing the prob-
ability of the valid data to ‘1’and limiting the probability of fake samples being ‘0’.
Conditional Generative Adversarial Network (CGAN)
Conditional GAN is a variant of GAN, a Machine Learning structure for the train-
ing of the generative models. The authors introduced this concept in [35]. The CGAN
architecture allows the generator and discriminator to train themselves with supplemen-
tary information, like class labels or other data. There should be some extra data or
information over which the generator and discriminator should be fed to train the model
better. The conditional training can be done in a CGAN if we provide this extra data to
the generator and the discriminator. These work well for the data where we have condi-
tional requirements, and it works well with data like text and images [36]. This model
thus helped us in developing our IDS. The functioning of the CGAN is not different
from the underlying GAN and differs only in the selection of data to be input. The
basic structure of the CGAN, as proposed in [35], is shown with some modifications in
Fig. 2 CGAN model
Intrusion Detection System inWireless Sensor Network Using…
1 3
3.3 eXtreme Gradient Bossting Algorithm (XGBoost)
XGBoost is a decision-tree-based Machine Learning (ML) algorithm that uses a gradient-
boosting algorithm structure. In prediction problems or challenges, including unstructured
information, Artificial Neural Systems will, in general, beat every other algorithm or struc-
ture [37]. Nonetheless, about little to medium organized/tabular data, decision-tree-based
calculations are viewed as top-tier. XGBoost is a sparsity-aware algorithm for irregular/
sparse data for an estimated tree-based learning algorithm [38]. It is a scalable framework
that supports the majority of scenarios.
It is also a preferred classification model due to the following advantages that it offers
It is about ten times faster than the previous classification methods.
It enables parallel processing by using various cores for the processing.
Cross-validation is a parameter that already exists in the framework, and there is no
need to install any external package for it.
It can deal with missing values, unlike Logical Regression.
XGBoost can deal with over-fitting problems and also flooding of data as happens in
case of DDoS attacks.
Tree pruning, i.e., reducing the size of a tree by removing the parts that offer none or
significantly fewer instances for classification, is done till the maximum depth of the
tree and does not only terminate after achieving a negative gradient.
The user can define various evaluation metrics and an objective function of choice.
3.4 Datasets
The two datasets studied, chosen, and considered for experimenting with to study the func-
tioning of our IDS are mentioned below:
NSL-KDD dataset: The NSL-KDD dataset [40] is one of the many datasets availa-
ble for cybersecurity study and experimentation and has a variable ratio of attack and
standard class data. This dataset is a successor of the KDD99 dataset, which had prob-
lems like redundant and duplicate data. The NSL-KDD dataset has 42 attributes, which
contain labels such as protocol type, service, and label (attacks/normal). We have
selected this dataset to be one of the two datasets for obtaining our IDS results, as this
dataset is often used as a benchmark in various studies of IDSs. The training set con-
sists of 67,343 standard class data and 58,630 attack class data.
CICIDS2017 dataset: The CICIDS2017 dataset [41] is another such dataset present
for the studying of cybersecurity and developing newer network protection systems.
This dataset is up-to-date with the latest attack information. The information labels
include source and destination IP addresses and attack labels like DDoS, PortScan,
Infiltration, etc. A dataset is a benchmark dataset if it covers 11 criteria, for example,
complete traffic, labelled dataset, attack diversity, etc. This dataset has many different
datasets labelled with different attacks that have been monitored over various systems.
It consists of 78 attribute labels. We have only used one of these datasets to study in our
model. We have considered the ‘Friday-WorkingHours-Afternoon-PortScan’ dataset to
study our second batch of data to obtain the system’s results. The PortScan attack sends
T.Sood et al.
1 3
the client request to several server port addresses that might be present on a host [42] to
find a vulnerable active port and then exploit the services it provides. This dataset has a
total of 1,27,537 ‘BENIGN’ class data and about 1,58,930 ‘PortScan’ attack class data.
3.5 Work Flow
The system workflow (Fig.3) depicts the constituent blocks that form the main founda-
tion of our work. First, the dataset is input into the network; we take the NSL-KDD
dataset and the CICIDS2017 dataset to our framework. The data is then passed onto pre-
processing. At this stage, data is usually unclean i.e. data might have missing values; the
data may have classes that the other program may not support. We pre-process the data
and convert it into a binary form using data science operations. We check for missing
values and even them out using suitable methods. Binarization is the labeling of string
data about our data.
After the pre-processing, data is sent to the CGAN model, which uses a Generator
and a Discriminator. The Generator is used to generate data samples, while the Dis-
criminator network can be understood as a critic network used to correct the generator
We then obtain the output of the CGANs’ training, compare the generated fraud data
with the actual fraud data, and obtain the accuracy measure of this generated data; we
move on to the next step in our framework. It is the step where we utilize the XGB
Classifier for the data classification and results from visualization. This classifier recog-
nizes the different classes of data present in the dataset, defines them, and provides the
visualization results of the same-this classification and visualization of the data aid in
understanding the patterns in the data under consideration. Here, the XGBoost Classi-
fier helps us rapidly while not requiring many program run times. This data classifica-
tion also helps to recognize how efficiently the system generated thefraud data to detect
the actual fraud data.
We use some samples of the original fraud data and some of the generated fraud data
and use them as inputs to the classifier to obtain accuracy. The data accuracy measured
by the classifier is the accuracy of our proposed IDS. We also check the classifier’s
accuracy, which tells us if the classifier could recognize the data correctly and to what
Fig. 3 System workflow
Intrusion Detection System inWireless Sensor Network Using…
1 3
3.6 Proposed IDS Algorithm
The proposed algorithm aims to create an IDS that works faster and better than the pre-
viously developed or introduced models.
The algorithm begins by introducing the inputs and outputs for the system’s working
under consideration. These are the fundamental entities that will help build the system as
it is supposed to be to achieve our research objectives. The datasets taken in as the inputs
to the system are NSL-KDD and CICIDS2017 datasets. The specifications of both data-
sets, their inclusive entities, etc., have been discussed later. Now, as mentioned in the
algorithm, the inputs are taken according to the specifications of the system we want to
administrate. The working of the two models, as in the algorithm, is explained below. In
the algorithm, input samples from dataset X are fed to the CGAN network. These samples
are taken according to a mini-batch size, i.e., some samples would be randomly selected
according to the number defined for the mini-batch. Then, we define how many steps we
need to complete the training for the functioning to start, and this can be tailored according
to one’s need for refining the results. The number of iterations mentioned is the number of
steps the modelrequires to complete training. The generator network then starts to take
noise samples, n, in the defined number, and tries to mould them into the form of the real
data. After this first step, it passes the data to the discriminator to compare and check with
the real data. The discriminator checks this data by the generator and compares it with the
real data samples x, which are equal to the noise samples. The discriminator gives feedback
to the generator about how real or fake this data was, by assigning weights to the results
as 0 for fake and 1 for real. The generator takes this input from the discriminator and then
repeats the process until the number of steps is completed. The next step is the classifier.
The classifier has a certain number of samples (m) from the actual data in the dataset and
similar data from the generated output by the CGAN. Then, the classifier compares the two
types of data given to it and then provides us with the accuracy of the data generated by the
The next step is the classifier. The classifier has a certain number of samples (m) from
the actual data in the dataset and similar data from the generated output by the CGAN.
T.Sood et al.
1 3
Then, the classifier compares the two types of data given to it and then provides us with the
accuracy of the data generated by the CGAN.
The classifier can produce a confusion matrix to tell us about the CGAN’s performance
and how accurately and precisely it has generated the data. It tells us about the class-wise
distribution of data in the created set, i.e., it may reveal whether the samples created that
are said to be ‘Normal’data belong to the ‘Normal’data class, and so on. We will explain
the confusion matrix by referring to a dummy matrix in the next section.
4 Simulation Results andDiscussions
The proposed model has been implemented using Python, and the experimentation has
been carried out using Keras 2.3.1 and Tensorflow 2.1.0. We have supported the scikit-
learn, Seaborn, and XGBoost features for evaluation and result extraction. The work
has been carried out on a system equipped with Intel(R) Core(TM) i5 CPU@2.5 GHz
processor. We used a Python 3 Jupyter Notebook 6.0.3 Platform for the coding and
We discuss the simulation settings, evaluation parameters, and the results obtained in
the upcoming sections.
4.1 Generator Network Parameters
The Generator’s function generates fake samples from the dataset samples fed to it. G will
improve its results based on the feedback received from D. We created the Generator with
four fully connected layers. Reshaping of the data was done according to the binary class
data. We took a mini-batch size of 128 and employed an Adam Optimizer on the model,
with a 0.0001 learning rate momentum of 0.9 for 5000 steps. Refer toTable1 for further
details regarding the simulation parameters.
4.2 Discriminator Network Parameters
Discriminator receives inputs from both G and real samples of the dataset and aims to dif-
ferentiate between them. G and D are trained while contesting with each other. The learn-
ing rate was specified as 0.0001, using the Adam Optimizer, the activation function as
tanh, mini-batch size was specified as 128, and the values of
. Here,
Table 1 Simulation parameters of generator network
S. no. Parameter Description Value
1. Mini-batch size Creates small batches of the entire data of the size
defined here
2. Optimizer Attribute to reduce losses Adam
3. Learning rate Enables to traverse the data slope while being able to
cover the data points
4. Activation function Adds non-linearity to function tanh
5. Momentum Helps in faster convergence of vectors 0.9
6. Layers in the network Receiving and processing inputs happens here 4
Intrusion Detection System inWireless Sensor Network Using…
1 3
are decay rates of the moving averages of the gradients.
controls the exponen-
tial decay of the moving average for the first moment, whereas
does the same for the
second moment.
4.3 XGBoost Parameters
The XGBoost Classifier is ten times faster than the other decision-tree-based algorithms.
It is also accurate and provides excellent results on sparse or tabular data such as ours. In
the XGBoost Classifier, various parameters can be used and tuned according to one’s own
needs and the tasks desired to be performed using the classifier. The parameters we used
for our system are listed below, with a short description of their purpose and the value we
set for the same.
objective: It is used in defining the loss function that needs to be minimized.
max_depth: It defines the tree-depth. The model gets more complicated with the
increase in the tree depth. Bigger models require more considerable tree depth.
eval_metric: It is used to calculate the model’s accuracy on the testing data.
The values of these parameters are tabulated in Table2 for ready reference.
4.4 Confusion Matrix
The confusion matrix is a vital source of information about network performance in any
Artificial Intelligence application/algorithm. The basic structure of a binary-class confu-
sion matrix is shown in Fig.4. There are values distributed over two main classes of data
that are actual and predicted values. These values then get divided up to form the four lead-
ing constituent labels of the confusion matrix, namely—True Positive (TP), False Positive
(FP), True Negative (TN),and False Negative (FN). The ‘positive’ value in the case of
our data would be the ‘Normal’ class data, and the ‘negative’ value would be that of the
Attack’ class data. The significance of the four labels is, as explained: True Positive value
is assigned to a sample if the sample classified by the model as a positive sample is positive
in the dataset, i.e., its actual value is also positive. True Negative is assigned to a sample
if the model has classified the sample as a negative sample. It does so due to the negative
class in the dataset. A False Positive value occurs when the predicted results differ from the
actual results. When the expected value infers a positive value, the real value is a negative
class value. TheFalse Negative result is the opposite of the False Positive label. The out-
come predicted as unfavourable by the model is the actual class data in the original dataset.
The confusion matrix is responsible for visualizing the output quality of the model. The
classification outputs of a dataset shown in a confusion matrix are the vital components of
Table 2 XGBoost Parameters Parameter Value
Objective Binary:logistic
Max_depth 4
Eval_metric Auc
T.Sood et al.
1 3
measuring the correctness of the model’s predictions. Refer toFig.4, which represents the
confusion matrix, when studied, shows that the elements in the blue diagonal boxes repre-
sent the correct/truly classified labels. The items in the pink boxes represent the incorrectly
classified labels by the model. A higher count of values in the diagonal (blue) boxes results
in a better confusion matrix of the generation/classification/prediction model, resulting in
better model accuracy.
Using the different parameters—TP, TN, FP, and FN, of the confusion matrix, one can
calculate various measures related to finding how good the model is a prediction/classifica-
tion performance was. Several steps help to do so, for instance, Recall, Sensitivity, etc. We
are only concerned with calculating the Accuracy and Precision of the model, which are
formulated asfollows:
It measures the accuracy and precision of the model, which we intend to find out to check
the correctness of our proposed IDS.
4.5 Results
The model proposes to build an intrusion detection system. The IDS we propose is
based on the generative adversarial network algorithm and uses the XGBoost algorithm.
We have carried out the experiments for 5000 samples of data from both datasets. We
varied the dataset feature sizes to obtain results on the different values of the dataset.
The variations in the dataset result in limiting the amount of available data for training
and testing, which further affects the training and testing of the model, as it has lesser
(TP +TN)
(TP +FP +TN +FN)
(TP +FP)
Fig. 4 Confusion matrix
Intrusion Detection System inWireless Sensor Network Using…
1 3
instances to learn from and lesser instances to compare. Therefore, we change the fea-
ture size of the datasets to see the effect of this change and check our system’s response
to these conditions. We establish whether or not the accuracy and precision of our sys-
tem are affected by this change and whetherthe system is stable for these changes. The
accuracy is calculated according to Eq.1 and the precision according to Eq.2. These
results are depicted and discussed below.
For NSL-KDD dataset
These results are obtained while experimenting with the feature size of the NSL-
KDD dataset. We experimented with the feature sizes at the original 40 feature size,
30 feature size, and 20 feature size. The plots for the losses are shown in Fig.5.
These losses depict that our model has converged the losses during the learning
process and has reached an optimum value where learning is completed. Therefore,
it depicts the stability of the training of our model. The results for the confusion
matrix obtained for the original feature size, i.e., 40, can be seen in Table3. The
confusion matrices obtained for the varied feature sizes 30 and 20 can be seen in the
Tables4 and 5, respectively. We have summed up their accuracies and the precision
measures in Table6. We observed minute changes in the accuracies across all the
feature sizes and obtained almost accurate predictions in the case of the varied fea-
ture sizes. The precision measure, which tells the correctness of the obtained posi-
tive classes, is constant. Thus, we could reduce the false detection and have obtained
Table 3 Confusion matrix for 40
features Pred 0 Pred 1
True 0 1176 0
True 1 1 1175
Table 4 Confusion matrix for 30
features Pred 0 Pred 1
True 0 353 0
True 1 2 351
Table 5 Confusion matrix for 20
features Pred 0 Pred 1
True 0 242 0
True 1 2 240
Table 6 Accuracy and precisions
for NSL-KDD data set Table number Title Accuracy (%) Precision (%)
Table3For 40 features 99.95 100
Table4For 30 features 99.71 100
Table5For 20 features 99.58 100
T.Sood et al.
1 3
good accuracy and precision measures for the same. We might, therefore, say that
the system performs well and is stable across varied conditions.
For CICIDS2017 dataset
We particularly considered the ‘Friday-Working Hours-Afternoon-PortScan’ data-
set from the many datasets available in CICIDS2017. We considered the different fea-
ture sizes, and as this is a wider and much bigger dataset than NSL-KDD, we took
the liberty to experiment with more changes in the feature sizes. Hence, we found the
results for feature size 78, feature size 68, feature size 58, and feature size 48. We also
depict the losses, and we may observe that the losses have converged to similar values
throughout the 5000 step training, and the system has reached an optimum stage. The
lossesare shown in Fig.6. The results obtained for the original feature size, i.e.,78, can
be seen in Table7. The confusion matrices obtained from varying the feature sizes to
68, 58 and 48 can be seen in the Tables8, 9 and 10, respectively. We have mentioned
all their accuracies and precision in Table11. We could observe the changes in the
accuracies for this dataset as well. Across all the feature sizes, the accuracy measure
was almost accurate, and the false detection was minimal. We could thus, reduce false
detection by 1.827% and have obtained good accuracies for the same. We might, there-
fore, say that the system performs well and is stable across varied conditions.
We can draw upon the results obtained through both the datasets and infer that the
decrease in dataset features is a parameter that can create a difference in the model’s over-
all accuracy. Thus, we can observe changes in our accuracy and precision measures and
all the used values. The losses converged in both cases, thus, implying that the system has
been optimally trained. We might also observe that the data sets have played a role in the
Fig. 5 Losses for NSL-KDD dataset
Intrusion Detection System inWireless Sensor Network Using…
1 3
Fig. 6 Losses for CICIDS2017 dataset
Table 7 Confusion matrix for 78
features Pred 0 Pred 1
True 0 1234 1
True 1 0 1235
Table 8 Confusion matrix for 68
features Pred 0 Pred 1
True 0 740 1
True 1 0 741
Table 9 Confusion matrix for 58
features Pred 0 Pred 1
True 0 600 0
True 1 1 599
Table 10 Confusion matrix for
48 features Pred 0 Pred 1
True 0 493 1
True 1 0 494
T.Sood et al.
1 3
model’s changing accuracy and precision. The precision measures are better in the case of
NSL-KDD. However, we get better accuracy using the CICIDS2017 dataset than the NSL-
KDD dataset. It may be the case because the NSL-KDD has much lesser attribute classes
of data than the CICIDS2017 dataset, which leads to better data availability for the training
and, thus, provides better accuracy. We compiled all the accuracy and precision measures
that we obtained from the experiments over different values and have presented them in an
orderly fashion in Tables6 and 11.
5 Conclusion
This work aims to propose an Intrusion Detection System based on CGAN and the eXtreme
Gradient Boosting Algorithm. Our proposed framework is a robust IDS based on Deep
Learning to give it an advantage over other previously introduced IDSs (as referred toin
Sect.2), which may not be competent in today’s rapidly changing and growing environ-
ment. A self-learning model proves to be more accurate when provided with more samples.
The quality of samples in the running batch may also affect the accuracy and precision of
the system. The proposed IDS provides excellent accuracy and precision under given con-
straints; besides, the model was applied with different datasets and dimensions. We show
the model’s efficacy in the ‘Accuracy’ and ‘Precision’ measure of the system. We get a
decent value for both these parameters with the model that we have developed and altered
for the said conditions. The proposed model can reduce the average number of sensors
deployed by about 1.2–2.6% for our selected features, deployment strategy, and distribu-
tion, along with the false alarm rate that shows a reduction of 1.827%. The limitation of
the proposed work is that due to the non-availability of a higher-end computing system,
we could not study the model for a more extensive dataset with more samples. However,
the samples chosen offer a considerable range of fraud and standard data to the training
model. The future scope of the research may involve considering the usage of the complete
datasets and keeping the features constant. One might also check the model’s work by sub-
jecting it to changes in the CGAN model. Also, changing the layer density of the neural
networks can be studied for further work and betterment of the IDS.
Acknowledgements We want to acknowledge Madhav Institute of Technology & Science Gwalior, Gautam
Buddha University Greater Noida, and IISER Bhopal for providing institutional support. We thank the edi-
tor and the anonymous reviewers for providing us with their helpful comments and suggestions to finally
improve the manuscript in the current form.
Funding This research received no external funding.
Data Availability Data will be made available on reasonable request to the corresponding author.
Table 11 Accuracy and
precisions for CICIDS dataset Table number Title Accuracy (%) Precision (%)
Table7For 78 features 99.95 99.91
Table8For 68 features 99.93 99.93
Table9For 58 features 99.91 100
Table10 For 48 features 99.89 99.92
Intrusion Detection System inWireless Sensor Network Using…
1 3
Conflict of interest We also declare that we do not have conflicts of interest with any person or agency.
1. Aysal, T. C., & Barner, K. E. (2008). Sensor data cryptography in wireless sensor networks. IEEE
Transactions on Information Forensics and Security, 3(2), 273–289.
2. Chen, X., Makki, K., Yen, K., & Pissinou, N. (2009). Sensor network security: A survey. IEEE Com-
munications Surveys & Tutorials, 11(2), 52–73.
3. Kotiyal, V., Singh, A., Sharma, S., Nagar, J., & Lee, C.-C. (2021). Ecs-nl: An enhanced cuckoo search
algorithm for node localisation in wireless sensor networks. Sensors, 21(11), 3576.
4. Singh, A., Amutha, J., Nagar, J., Sharma, S., & Lee, C.-C. (2022). Lt-fs-id: Log-transformed feature
learning and feature-scaling-based machine learning algorithms to predict the k-barriers for intrusion
detection using wireless sensor network. Sensors, 22(03), 1070.
5. Singh, J., Chaturvedi, A., Sharma, S., & Singh, A. (2021). A novel model to eliminate the doubly near-
far problem in wireless powered communication network. IET Communications, 15, 1539–1547.
6. Sharma, S., Kumar, R., Singh, A., & Singh, J. (2020). Wireless information and power transfer using
single and multiple path relays. International Journal of Communication Systems, 33(14), e4464.
7. Amutha, J., Sharma, S., & Nagar, J. (2020). WSN strategies based on sensors, deployment, sensing
models, coverage and energy efficiency: Review, approaches and open issues. Wireless Personal Com-
munications, 111(2), 1089–1115.
8. Amutha, J., Nagar, J., & Sharma, S. (2021). A distributed border surveillance (DBS) system for rectan-
gular and circular region of interest with wireless sensor networks in shadowed environments. Wireless
Personal Communications, 117(3), 2135–2155.
9. Sharma, S., & Nagar, J. (2020). Intrusion detection in mobile sensor networks: A case study for differ-
ent intrusion paths. Wireless Personal Communications, 115, 2569–2589.
10. Pandey, S. (2011). Modern network security: Issues and challenges. IJEST, 3, 4351–4356.
11. Roy, A.S., Maitra, B.N., Nath, C.J., Agarwal, D.S., & Nath, E.A. (2012) Ultra encryption standard
(ues) version-ii: Symmetric key cryptosystem using generalized modified Vernam cipher method, per-
mutation method, columnar transposition method and ttjsa method. In Proceedings of the international
conference on foundations of computer science (FCS) (p.1). The Steering Committee of The World
Congress in Computer Science, Computer 2012.
12. Zhang, Y., Meratnia, N., & Havinga, P. (2010). Outlier detection techniques for wireless sensor net-
works: A survey. IEEE Communications Surveys & Tutorials, 12(2), 159–170.
13. Liu, H., & Lang, B. (2019). Machine learning and deep learning methods for intrusion detection sys-
tems: A survey. Applied Sciences, 9(20), 4396.
14. Alsheikh, M. A., Lin, S., Niyato, D., & Tan, H.-P. (2014). Machine learning in wireless sensor net-
works: Algorithms, strategies, and applications. IEEE Communications Surveys & Tutorials, 16(4),
15. Nancy, P., Muthurajkumar, S., Ganapathy, S., Kumar, S. S., Selvi, M., & Arputharaj, K. (2020). Intru-
sion detection using dynamic feature selection and fuzzy temporal decision tree classification for wire-
less sensor networks. IET Communications, 14(5), 888–895.
16. Ganapathy, S., Kulothungan, K., Muthurajkumar, S., Vijayalakshmi, M., Yogesh, P., & Kannan, A.
(2013). Intelligent feature selection and classification techniques for intrusion detection in networks: A
survey. EURASIP Journal on Wireless Communications and Networking, 2013(1), 1–16.
17. Depren, O., Topallar, M., Anarim, E., & Ciliz, M. K. (2005). An intelligent intrusion detection sys-
tem (IDS) for anomaly and misuse detection in computer networks. Expert Systems with Applications,
29(4), 713–722.
18. Balamurugan, N., Mohan, S., Adimoolam, M., John, A., Wang, W., etal. (2022). DOA tracking for
seamless connectivity in beamformed IoT-based drones. Computer Standards & Interfaces, 79,
19. Kumar, S. S., Palanichamy, Y., Selvi, M., Ganapathy, S., Kannan, A., & Perumal, S. P. (2021). Energy
efficient secured k means based unequal fuzzy clustering algorithm for efficient reprogramming in
wireless sensor networks. Wireless Networks, 27, 3873–3894.
20. Singh, A., Sharma, S., & Singh, J. (2021). Nature-inspired algorithms for wireless sensor networks: A
comprehensive survey. Computer Science Review, 39, 100342.
T.Sood et al.
1 3
21. Amutha, J., Sharma, S., & Sharma, S. K. (2021). Strategies based on various aspects of cluster-
ing in wireless sensor networks using classical, optimization and machine learning techniques:
Review, taxonomy, research findings, challenges and future directions. Computer Science Review,
40, 100376.
22. Singh, A., Kotiyal, V., Sharma, S., Nagar, J., & Lee, C.-C. (2020). A machine learning approach to
predict the average localization error with applications to wireless sensor networks. IEEE Access,
8, 208253–208263.
23. Khan, T., Singh, K., Hasan, M. H., Ahmad, K., Reddy, G. T., Mohan, S., & Ahmadian, A. (2021).
Eters: A comprehensive energy aware trust-based efficient routing scheme for adversarial WSNs.
Future Generation Computer Systems, 125, 921–943.
24. Selvi, M., Thangaramya, K., Ganapathy, S., Kulothungan, K., Nehemiah, H. K., & Kannan, A.
(2019). An energy aware trust based secure routing algorithm for effective communication in wire-
less sensor networks. Wireless Personal Communications, 105(4), 1475–1490.
25. Singh, A., Nagar, J., Sharma, S., & Kotiyal, V. (2021). A gaussian process regression approach
to predict the k-barrier coverage probability for intrusion detection in wireless sensor networks.
Expert Systems With Applications, 172, 114603.
26. Vallathan, G., John, A., Thirumalai, C., Mohan, S., Srivastava, G., & Lin, J.C.-W. (2021). Suspi-
cious activity detection using deep learning in secure assisted living IoT environments. The Journal
of Supercomputing, 77(4), 3242–3260.
27. Yadav, A. K., Singh, K., Ahmadian, A., Mohan, S., Shah, S. B. H., & Alnumay, W. S. (2021).
Emmm: Energy-efficient mobility management model for context-aware transactions over mobile
communication. Sustainable Computing: Informatics and Systems, 30, 100499.
28. Aksu, D., & Aydin, M.A. (2018). Detecting port scan attempts with comparative analysis of deep
learning and support vector machine algorithms. In 2018 International congress on big data, deep
learning and fighting cyber terrorism (IBIGDELFT) (pp.77–80). IEEE.
29. Wang, Z. (2018). Deep learning-based intrusion detection with adversaries. IEEE Access, 6,
30. Al-Qatf, M., Lasheng, Y., Al-Habib, M., & Al-Sabahi, K. (2018). Deep learning approach combin-
ing sparse autoencoder with SVM for network intrusion detection. IEEE Access, 6, 52843–52856.
31. Vinayakumar, R., Alazab, M., Soman, K., Poornachandran, P., Al-Nemrat, A., & Venkatraman,
S. (2019). Deep learning approach for intelligent intrusion detection system. IEEE Access, 7,
32. Alshinina, R. A., & Elleithy, K. M. (2018). A highly accurate deep learning based approach for
developing wireless sensor network middleware. IEEE Access, 6, 29885–29898.
33. Goodfellow, I., Pouget-Abadie, J., Mirza, M., Xu, B., Warde-Farley, D., Ozair, S., Courville, A., &
Bengio, Y. (2014). Generative adversarial nets. In Advances in neural information processing sys-
tems (pp.2672–2680).
34. Odena, A. (2016) Semi-supervised learning with generative adversarial networks. arXiv preprint
arXiv: 1606. 01583, 2016.
35. Mirza, M., & Osindero, S. (2014) Conditional generative adversarial nets. arXiv preprint arXiv:
1411. 1784, 2014.
36. Sricharan, K., Bala, R., Shreve, M., Ding, H., Saketh, K., & Sun, J. (2017). Semi-supervised condi-
tional gans. arXiv preprint arXiv: 1708. 05789, 2017.
37. Chen, Z., Jiang, F., Cheng, Y., Gu, X., Liu, W., & Peng, J. (2018). Xgboost classifier for DDOS
attack detection and analysis in SDN-based cloud. In 2018 IEEE international conference on big
data and smart computing (bigcomp) (pp.251–256). IEEE.
38. Chen, T., & Guestrin, C. (2016). Xgboost: A scalable tree boosting system. In Proceedings
of the 22nd ACM SIGKDD international conference on knowledge discovery and data mining
39. Dhaliwal, S. S., Nahid, A.-A., & Abbas, R. (2018). Effective intrusion detection system using xgboost.
Information, 9(7), 149.
40. University of New Brunswick, NSL-KDD. (2009). http:// nsl. cs. unb. ca/ nsl- kdd/.
41. University of New Brunswick, CICIDS2017. (2017). https:// www. unb. ca/ cic/ datas ets/ ids- 2017. html.
42. Gadge, J., & Patil, A. A. (2008) Port scan detection. In 2008 16th IEEE international conference on
networks (pp.1–6). IEEE.
Publisher’s Note Springer Nature remains neutral with regard to jurisdictional claims in published maps and
institutional affiliations.
Intrusion Detection System inWireless Sensor Network Using…
1 3
Tanya Sood received her Integrated Dual Degree (B.Tech. and
M.Tech.) in Electronics and Communication Engineering with special-
ization in Wireless Communication and Networks in 2020 from Gau-
tam Buddha University, Greater Noida, India. She is currently working
as an analyst at IQVIA. Her research interest includes WSNs and their
applications, data analysis, deep learning, and machine learning. She is
currently working with IoT applications in healthcare.
Satryartha Prakash received his Integrated Dual Degree (B.Tech. and
M.Tech.) in Electronics and Communication Engineering with special-
ization in Wireless Communication and Networks from Gautam Bud-
dha University, Greater Noida, India. He is currently working as a Sen-
ior Project Fellow at CSIR-Institute of Genomics and Integrative
Biology, New Delhi, India.
Sandeep Sharma received a B.Tech. Degree in Electronics Engineer-
ing from RGPV, Bhopal, India, in 2001 and an M.Tech. Degree in
Digital Communication from Devi Ahilya University, Indore, India, in
2005. He is a Ph.D. in Electronics and Communication Engineering
from Gautam Buddha University, Greater Noida, India, in 2016. Cur-
rently, he is an Assistant Professor in the Department of Electronics
Engineering at Madhav Institute of Technology and Science, Gwalior
(M.P.), India. Before joining MITS Gwalior, he was with Gautam Bud-
dha University, Greater Noida. His research interest includes wireless
sensor networks, wireless network security, physical layer authentica-
tion, intrusion detection in wireless networks, cross-layer design, and
machine learning applications in WSNs.He has published 40 research
papers in reputed international journals and more than 43 papers pub-
lished in international conferences.He also authored 6 book chapters
which were published with reputed publishers like Springer, Taylor &
Francis CRC Press. Dr. Sharma is a recipient of the Best Conference
Paper in the international conference ICCCS, 2016, and the Young
Scientist Award in 2019 for his research work. He is an active reviewer of IET Communications, IEEE
Wireless Comm. Letters, Journal of Information Technology (Springer), Personal and Ubiquitous Comput-
ing (Springer), Multimedia Tools and Applications (Springer), International Journal of Computer Applica-
tions in Technology (Inderscience), International Journal of Communication Systems (Wiley), Journal of
The Institution of Engineers (India): Series B, Journal of Intelligent and Fuzzy Systems, Neural Networks
(Elsevier),Expert System with Applications (Elsevier), Soft Computing (Elsevier),Artificial Intelligence
Review(Springer), Sensor (MDPI),Electronics (MDPI), Designs (MDPI).
T.Sood et al.
1 3
Abhilash Singh received his Integrated Dual Degree (B.Tech. and
M.Tech.) in Electronics and Communication Engineering with special-
ization in Wireless Communication and Networks in 2017 from Gau-
tam Buddha University, Greater Noida, India. He is currently working
on his Ph.D. Degree in Remote Sensing from the Indian Institute of
Science Education and Research Bhopal, Bhopal, India. Since 2018,
he has been working on a NASA-ISRO Synthetic Aperture Radar
(NISAR) project at IISER Bhopal, Bhopal, India. He has been publish-
ing research articles in peer-reviewed conferences and internationally
reputed journals. His current research interest includes microwave
remote sensing, machine learning, bio-inspired algorithms, wireless
sensor network, and wireless communication. Mr. Abhilash was a
recipient of gold medal awards from the University for being a first
rank holder in his UG and PG. He received the prestigious "DST-
INSPIRE" Fellowship to carry out his doctoral degree from the
Department of Science and Technology (DST), India’s Ministry of
Science and Technology. He also received the DAAD fellow-
ship,travel grant from American Geophysical Union (AGU), and AGUEcohydrology Early Career Tiny
Grant. Recently, he gotfeatured as a ’leaf’in themeet a leaf series of AGU ecohydrology section.He is an
active reviewer of Remote Sensing of Environment,Artificial Intelligence Review,Complex & Intelligent
Systems,Journal of Intelligent and Fuzzy Systems,Advances in Space Research,IEEE Access,The Journal
of Open Source Software, Wireless Personal Communications, Journal of The Institution of Engineers
(India) Series B, andJournal of Ambient Intelligence and Humanized Computing.He is a member of IEEE
(student), European Geophysical Union (EGU), American Geophysical Union (AGU), ISPRS, and the
Indian Radio Science Society (InRaSS).
Hemant Choubey received a B.Tech. Degree in Electronics and Com-
munication Engineering from RGPV, Bhopal, India, in 2009 and an
M.Tech. Degree in Digital Communication from University Institute
of Technology, RGPV, Bhopal,India, in 2013. He is a Ph.D. in Elec-
tronics and Communication Engineering from MANIT, Bho-
pal,India, in 2020. Currently he is working as an Assistant Professor
in the Department of Electronics Engineering, MITS, Gwalior, India.
Before MITS, he was with TIT&S Bhopal, India as a Head of Elec-
tronics and Communication Engineering Department during 2016–
2021.His research interests include Digital Communication, Biomedi-
cal Signal Processing, and Chaotic Communication. Dr. Choubey has
published many papers in reputed international journals and confer-
ences.He also on the board of Editor and reviewer of several reputed
international journals. He is also a member of many international
Authors and Aliations
TanyaSood1· SatyarthaPrakash2· SandeepSharma3 · AbhilashSingh4·
Tanya Sood
Satyartha Prakash
Abhilash Singh
Hemant Choubey
Intrusion Detection System inWireless Sensor Network Using…
1 3
1 School ofInformation andCommunication Technology, Gautam Buddha University (GBU),
GreaterNoida, UttarPradesh201312, India
2 CSIR- Institute forGenomics andIntegrative Biology (IGIB), NewDelhi110025, India
3 Department ofElectronics Engineering, Madhav Institute ofTechnology andScience,
Gwalior474005, India
4 Fluvial Geomorphology andRemote Sensing Laboratory, Indian Institute ofScience Education
andResearch Bhopal, Bhopal462066, India
... (20) (14) N Ti k = Ti max − Ti k − Ti min real * N max − real * N min The e represents the delta function and it is scaled by given Eq. (21) Similarly, the context layer weight is enhanced by utilizing Eq. (22) Additionally, the synaptic delay and neuron thresholds are computed by Eq. (23)(24) where, implies threshold value of neurons, implies learning rate of synaptic threshold, Learning denotes learning rate of synaptic delay, Err implies error value. Finally, the computed threshold value of neurons can categories the intruders as Normal, Black hole, Gray hole, Flooding, Scheduling attacks efficiently. ...
... They employed LEACH protocol to gather data via Network Simulator 2. The performance metrics is evaluated to validate the performance of the proposed method. Then the proposed IDS-WSN-EESNN approach is compared to the existing IDS-WSN-CGAN-XG Boost [21], IDS-WSN-DNN [23], IDS-WSN-SBS-Light GBM [26] and IDS-WSN-LDAN [24] methods. The simulation parameter of IDS-WSN-EESNN is represented in Table 2. Table 3. ...
Full-text available
One of the essential elements of the cyber-physical system is the wireless sensor network (WSN), which is a multi-hop, self-organizing wireless network made up of numerous stationary or moving sensors. It collaborates, collects, processes and transmits the information of objects sensed in the geographic area enclosed by the network, and transmits this data to the network user. Several common WSN attacks exist, including Blackhole, Gray hole, Flooding, and Scheduling, which can quickly harm the WSN system. Owing to sensor node’s constrained resources, extensive redundancy, and strong correlation of network data, the intrusion detection schemes for WSN have low detection rate, high rates of false alarms, and substantial calculation overhead. To overwhelm these issues, an Enhanced Elman Spike Neural Network fostered Intrusion detection framework (IDS-WSN-EESNN) is proposed in this manuscript. First, the Balancing Composite Motion Optimization Algorithm (BCMOA) is employed to lessen the data dimension and computational overhead in original traffic data’s feature space. Then, EESNN is applied to identify different network attacks. WSN-DS dataset based the experimental results prove that the proposed IDS-WSN-EESNN approach attains 30.42%, 28.24%, 23.03% and 32.63% higher accuracy, 95.02%, 91.52%, 92.67% and 92.9% lower error rate and 25.13%, 21.75%, 27.54% and 23.08% lower computation time compared with the existing methods.
... There are now such well machine learning-based [16][17][18] intrusion detection methods have been developed for WSNs, which includes decision trees, random forests, naive Bayes, logistic regression, and deep learning models. Most of the existing works [19,20] facing the problems associated to the factors of ineffective detection performance, high false positives, computational burden, and complexity in intrusion detection. Thus, the proposed work aims to develop an effective and competent IDS framework for assuring the security of WSNs. ...
Full-text available
Wireless sensor networks (WSNs) are targets of intrusion, which seeks to make these networks less capable of performing their duties or even completely eradicate them. The Intrusion Detection System (IDS) is highly important for WSN, since it aids in the identification and detection of harmful attacks that impair the network's regular functionality. In order to strengthen the security of WSN, several machine learning and deep learning approaches are employed in the traditional works. However, its main drawbacks are computational burden, system complexity, poor network performance outcomes, and high false alarms. Therefore, the goal of this study is to develop an intelligent IDS framework for significantly enhancing WSN security through the use of deep learning model. Here, the min-max normalization and data discretization operations are carried out to produce the preprocessed dataset. Then, an Intelligent Prairie Dog Optimization (IPDO) algorithm is used to reduce the dimensionality of features by identifying the best optimal solution with a higher convergence rate. Moreover, a Deep Auto-Neural Network (DANN) based classification method is used to properly forecast the class of data with less false alarms and higher detection rate. For evaluation, a thorough analysis is conducted to evaluate the performance and detection results of the proposed IPDO-DANN model.
... There are now such well machine learning-based [16][17][18] intrusion detection methods have been developed for WSNs, which includes decision trees, random forests, naive Bayes, logistic regression, and deep learning models. Most of the existing works [19,20] facing the problems associated to the factors of ineffective detection performance, high false positives, computational burden, and complexity in intrusion detection. Thus, the proposed work aims to develop an effective and competent IDS framework for assuring the security of WSNs. ...
Full-text available
Wireless sensor networks (WSNs) are targets of intrusion, which seeks to make these networks less capable of performing their duties or even completely eradicate them. The Intrusion Detection System (IDS) is highly important for WSN, since it aids in the identification and detection of harmful attacks that impair the network's regular functionality. In order to strengthen the security of WSN, several machine learning and deep learning approaches are employed in the traditional works. However, its main drawbacks are computational burden, system complexity, poor network performance outcomes, and high false alarms. Therefore, the goal of this study is to develop an intelligent IDS framework for significantly enhancing WSN security through the use of deep learning model. Here, the min-max normalization and data discretization operations are carried out to produce the preprocessed dataset. Then, an Intelligent Prairie Dog Optimization (IPDO) algorithm is used to reduce the dimensionality of features by identifying the best optimal solution with a higher convergence rate. Moreover, a Deep Auto-Neural Network (DANN) based classification method is used to properly forecast the class of data with less false alarms and higher detection rate. For evaluation, a thorough analysis is conducted to evaluate the performance and detection results of the proposed IPDO-DANN model.
... These deployments differ in the data types sent across the network. In today's environment, there is an urgent need for increased security for WSN [5]. A network intrusion detection system (IDS) detects and exploits network traffic in various security threats. ...
Full-text available
A Wireless Sensor Network (WSN) consists of many sensor nodes that collect data from various environmental conditions using the Internet of Things (IoT) and are often used to monitor and tune network environments. In this case, the presence of malicious nodes in the network leads to transmission security challenges, as it is believed to be a significant problem for successfully delivering captured data. Therefore, it is essential to protect network communication from security threats by detecting dangerous behavior for each sensor node and separating malicious nodes. This can be achieved by deploying an Intrusion Detection System (IDS) at the sensor nodes. However, limitations exist when dealing with high-dimensional data with complex underlying distributions. To tackle this issues, we introduce the Multi-layer Perceptron Neural Network (MLPNN) algorithm and the Adaptive-Network-Based Fuzzy Inference System (ANFIS) algorithm for secure communication in WSN. Initially, we gathered a dataset called Darknet Internet Traffic from an online source. This dataset was organized using the Min–Max Scaling (MMS) technique. Afterwards, our proposed method identifies the network traffic using Traffic Intensive Cumulative Rate (TICR) method. Based on the network traffic, we analyze the transmission delay and optimal route using Trust factor Evaluation Rate (TFER). Next, it picks the best features of malicious activity using the ANFIS algorithm. Lately, our proposed MLPNN classifier with ReLU activation function has been used to categorize malicious activity and improve security in the network. Therefore, the proposed classifier's significant advantages in this paper include increased classification accuracy, precision, recall, and F1-score.
... In addition, no country can establish checkpoints at every location along the border area; thus, a vast region between the and functions autonomously in a decentralised manner Singh et al., 2021b;Kotiyal et al., 2021). Therefore, WSNs are highly in demand for monitoring, surveillance, intrusion detection, and reconnaissance purposes along international borders (Bhadwal et al., 2019;Arjun et al., 2019;Singh and Singh, 2021;Sood et al., 2022;Shukla et al., 2023). In addition, SNs are cheap, demand less power, are widely available, and quickly installable in emergency conditions where human intervention is almost negligible; therefore, WSNs also have many civilian applications such as industrial monitoring, precision agriculture, forest fire detection, health monitoring, remote landslides detection, structural health monitoring, and several others (Noel et al., 2017;Aponte-Luis et al., 2018;Nagar and Sharma, 2018;Ghosh et al., 2018;Singh et al., 2019;Kumar et al., 2020). ...
Full-text available
Drastic advancement in computing technology and the dramatic increase in the usage of explainable machine learning algorithms provide a promising platform for developing robust intrusion detection algorithms. However, the development of these algorithms is constrained by their applicability over specific scenarios of Wireless Sensor Networks (WSNs). We introduced a hybrid framework by combining Probabilistic Principal Component Analysis (P 2 CA) and Generalised Additive Model (GAM), which is performing well for all the scenarios of WSNs. To demonstrate our framework's broad applicability, we evaluated its performance over three publicly available intrusion detection datasets (i.e., LT-FS-ID, AutoML-ID, and FF-ANN-ID), each from different scenarios. Our findings highlight that the presented framework can accurately predict the number of −barriers for all three datasets. Furthermore, we conducted a comprehensive performance comparison between our proposed framework and benchmark algorithms, which revealed that our approach outperforms all of them. Additionally, we evaluated the framework's versatility by testing its performance on datasets unrelated to intrusion detection, specifically ALE datasets. Notably, our approach accurately predicted the response variable in these datasets and exceeded the performance of its primary algorithm, further demonstrating its robustness and adaptability. The implications of this research are substantial. By developing a robust intrusion detection framework that performs well across diverse WSN scenarios, we address a critical need for reliable network security in various domains, including industrial IoT, smart cities, and environmental monitoring. Our findings not only enhance the understanding of intrusion detection in WSNs but also pave the way for developing more sophisticated and adaptable systems to safeguard sensitive data and critical infrastructure.
... Sharma et al. [17] studied the intrusion detection problem by generating synthetic attacks using the conditional generative adversarial network and by detecting these attacks using the XGBoost classifier [18] over two publicly available datasets: NSL-KDD [4] and CICIDS2017 [5]. ...
Full-text available
Intrusion detection systems can defectively perform when they are adjusted with datasets that are unbalanced in terms of attack data and non-attack data. Most datasets contain more non-attack data than attack data, and this circumstance can introduce biases in intrusion detection systems, making them vulnerable to cyberattacks. As an approach to remedy this issue, we considered the Conditional Tabular Generative Adversarial Network (CTGAN), with its hyperparameters optimized using the tree-structured Parzen estimator (TPE), to balance an insider threat tabular dataset called the CMU-CERT, which is formed by discrete-value and continuous-value columns. We showed through this method that the mean absolute errors between the probability mass functions (PMFs) of the actual data and the PMFs of the data generated using the CTGAN can be relatively small. Then, from the optimized CTGAN, we generated synthetic insider threat data and combined them with the actual ones to balance the original dataset. We used the resulting dataset for an intrusion detection system implemented with the Adversarial Environment Reinforcement Learning (AE-RL) algorithm in a multi-agent framework formed by an attacker and a defender. We showed that the performance of detecting intrusions using the framework of the CTGAN and the AE-RL is significantly improved with respect to the case where the dataset is not balanced, giving an F1-score of 0.7617.
... El-Sofany, Hosam [15] in their study propose model to overcome the drawbacks of the Denial of service (DOS) of how to overcome to trace back from the attackers with the machine learning technique approaches. The author proposes the DOS attack detection model on the cloud by applying the ML techniques. ...
Cloud is the highly used technology in software industry for different purposes such as data transaction, automation, migration and data storage. As the cloud usage is more, security is the major concern related to data storage and data transaction. Companies employ many techniques for cloud security and detect the attack on cloud. This article addresses on improving the cloud security by detecting the outbreaks. Close by several categories of security attacks on cloud such as encryption techniques to prevent the attacks, machine learning algorithm to identify the type of the attack and cryptographic techniques to deny the attack on cloud. With the intension of improvising cloud security to detect the data attack on cloud blockchain technology has been introduced. Along with blockchain other technologies like deep learning algorithm and encryption techniques also been used to identify and prevent the attack on cloud. Lately, the appropriateness area of block chain has been expanded like in business, clinical and IT areas for the expanded security. Currently in the cloud market blockchain provides the highest security for data storage and data transaction which is based on distributed network without a centralized control.
Full-text available
With the global adoption of Internet services, service providers are having a difficult time securing their systems, especially against new attacks and intrusions. Various anomalous detection approaches have been developed for protecting WSN from cyber-attacks. However, those systems suffer from the major issues of a high number of false alarms, increased over-fitting, and complexity. Therefore, this paper motivates to develop a novel and intelligent IDS framework for protecting WSN from cyber-attacks. For this purpose, an Intensive Binary Pigeon Optimization (IBiPO) and Bi-directional Long Short Term Memory (Bi-LSTM) mechanisms are developed for accurate intrusion detection and classification.
Full-text available
The dramatic increase in the computational facilities integrated with the explainable machine learning algorithms allows us to do fast intrusion detection and prevention at border areas using Wireless Sensor Networks (WSNs). This study proposed a novel approach to accurately predict the number of barriers required for fast intrusion detection and prevention. To do so, we extracted four features through Monte Carlo simulation: area of the Region of Interest (RoI), sensing range of the sensors, transmission range of the sensor, and the number of sensors. We evaluated feature importance and feature sensitivity to measure the relevancy and riskiness of the selected features. We applied log transformation and feature scaling on the feature set and trained the tuned Support Vector Regression (SVR) model (i.e., LT-FS-SVR model). We found that the model accurately predicts the number of barriers with a correlation coefficient (R) = 0.98, Root Mean Square Error (RMSE) = 6.47, and bias = 12.35. For a fair evaluation, we compared the performance of the proposed approach with the benchmark algorithms, namely, Gaussian Process Regression (GPR), Generalised Regression Neural Network (GRNN), Artificial Neural Network (ANN), and Random Forest (RF). We found that the proposed model outperforms all the benchmark algorithms
Full-text available
Wireless Sensor Networks (WSNs) is a collection of tiny distributed sensor nodes that have been used to sense the physical parameters of the environment where it has been deployed. Data dissemination is an important activity performed in WSNs in order to administer and manage them. Gossiping makes the network to transmit the same data item multiple times by multiple sensor nodes to their neighbors until they reach the required nodes which are in need of them. These multiple transmissions result in a problem called a Redundant Broadcast Storm Problem (RBSP). Moreover, the RBSP results in too many senders’ problem and also leads to the consumption of more energy in the network. In data dissemination, providing energy efficiency and security are the two major challenging issues. In such a scenario, the attackers may make use of the weakness in security provisions available in the network and they can perform unauthorized activities to disrupt the process of data dissemination. Hence, it is necessary to address the issues of RBSP, energy consumption, security and too many senders problem in order to enhance the reliability and security of communication in WSN for data dissemination. In this paper, a novel protocol named Cluster based Secured Data dissemination Protocol (CSDP) has been proposed for providing energy efficient and secured dissemination of data. The proposed protocol is a distributed protocol which considers the route discovery process, cluster formation, cluster head selection, cluster based routing and security through the design of a new digital signature based authentication algorithm, trust based security enhancement and encryption techniques for effective key management. The major contributions of the proposed work include the proposal of cryptography based public key and private key generation algorithms, techniques for trust score computation and malicious node identification and finally the effective prevention of malicious activities for enhancing the security of the network. Moreover, this work considers node identification techniques for effective clustering of nodes and performs optimal route discovery and secured transmission of packets. This work is novel with respect to multicast based data dissemination protocol, proposal of combined signature generation and verification schemes, encryption based key management and distributed data collection and communication techniques. In addition, an Intelligent Fuzzy based Unequal Clustering algorithm is used to perform effective clustering process and the traffic analyzer to identify the intruders by monitoring the node’s behaviors and their trust values. The proposed protocol has been extensively tested with realistic simulation parameters using NS2 simulator. The simulation results obtained from this work have proved that the proposed protocol improves the level of security through the proposal of a time efficient encryption and decryption algorithm with increase in packet delivery ratio and network throughput and at the same time it reduces the energy consumption as well as delay in data dissemination.
Full-text available
Node localisation plays a critical role in setting up Wireless Sensor Networks (WSNs). A sensor in WSNs senses, processes and transmits the sensed information simultaneously. Along with the sensed information, it is crucial to have the positional information associated with the information source. A promising method to localise these randomly deployed sensors is to use bio-inspired meta-heuristic algorithms. In this way, a node localisation problem is converted to an optimisation problem. Afterwards, the optimisation problem is solved for an optimal solution by minimising the errors. Various bio-inspired algorithms, including the conventional Cuckoo Search (CS) and modified CS algorithm, have already been explored. However, these algorithms demand a predetermined number of iterations to reach the optimal solution, even when not required. In this way, they unnecessarily exploit the limited resources of the sensors resulting in a slow search process. This paper proposes an Enhanced Cuckoo Search (ECS) algorithm to minimise the Average Localisation Error (ALE) and the time taken to localise an unknown node. In this algorithm, we have implemented an Early Stopping (ES) mechanism, which improves the search process significantly by exiting the search loop whenever the optimal solution is reached. Further, we have evaluated the ECS algorithm and compared it with the modified CS algorithm. While doing so, note that the proposed algorithm localised all the localisable nodes in the network with an ALE of 0.5-0.8 m. In addition, the proposed algorithm also shows an 80% decrease in the average time taken to localise all the localisable nodes. Consequently, the performance of the proposed ECS algorithm makes it desirable to implement in practical scenarios for node localisation.
Full-text available
In this paper, the newly emerging wireless powered communication network is studied. In doing so, the performance of the global controller (GC) is evaluated, which coordinates the wireless energy transmissions between two sensor nodes. Both the sensors have the same harvested energy for uplink (UL) transmission of information through time-division-multiple-access. Afterwards, the information transmission time is optimised to maximise the common throughput of both the sensors with a total time constraint based on the user's UL channels along with the same harvested energy value. Further, due to the "doubly near-far" phenomenon, a remote sensor from the GC, which has poor channel conditions than a nearer user, has to transmit more time in the UL for maximum common throughput. To overcome this problem, the energy exchange (EEx) model is proposed where both sensors first harvest the same amount of wireless energy and then exchange energy to nullify the different channel conditions between sensors and GC to send their independent information in the UL. Simulation results demonstrate the EEx Model's effectiveness over without energy exchange (WEEx) model in eliminating the doubly near-far problem in wireless powered communication network but at the cost of maximum sum-throughput. The maximum sum-throughput of the proposed EEx model is 35% lower than the WEEx model. However, the average BER in the proposed EEx model is 74.6% lower than the WEEx model, which increases the reliability of the model.
In recent times, there has been a surge of interest around the usage of adaptive antenna arrays of Internet of Things (IoT) based Drones in the communication systems. Adaptive antenna arrays have the ability to form customized radiation patterns based on the changes in the environment by employing methods for estimating Direction of Arrival (DOA) and adaptive beamforming. Nevertheless, upon deploying adaptive antenna arrays in complex IoT platforms, the radiation patterns that result from the use of such adaptive algorithms may be adjusted to the preceding location of the node and not attuned to the current location. These issues that arise due to mobility can be resolved by continuously tracking the DOA of the intended target. As DOA is time varying in an IoT Drone environment, existing algorithms for estimating the DOA like MUltiple SIgnal Classification (MUSIC) and Estimation of Signal Parameter via Rotational Invariance Techniques (ESPRIT) cannot be used to track the signal subspace recursively, as they are based on batch eigenvalue decomposition which is highly time consuming with a time complexity of O(n3). Furthermore, DOA estimation algorithms do not result in robust subspace estimates when the Signal to Noise Ratio (SNR) is low.The main novelty of the proposed work is a low computational complexity subspace tracking algorithm for tracking DOA in order to provide seamless connectivity. Simulation results show that the proposed DOA tracking takes lesser time for tracking the current location of the drone target as opposed to conventional DOA estimation methods. Furthermore,it is observed that the tracking process remains unaffected by SNR.
Trust-based secure routing schemes are more effective than cryptographic routing protocols to convey energy-efficient data in WSNs since cryptographic protocols require high computation, more convergence time as well as storage space. The paper presents a well-organized trust estimation-based routing scheme (ETERS) that consists multi-trust (communication trust, energy trust, data trust) approach to alleviate several internal attacks like badmouthing, Sybil, selective forwarding, on-off, black hole, and grey-hole attacks for clustered WSN. The proposed multi-trust approach is used to analyze the credibility of sensitive monitored data. A novel and efficient cluster head selection algorithm (ECHSA) is employed to improve the performance of the cluster head (CH) selection process in clustered WSN. ECHSA allows the facility to elect a robust CH after a certain period to perform an equal load balance on all CHs. ETERS utilizes the Beta distribution-based trust function because recovery of trust values under attacks is faster in Beta distribution than Gaussian and Dirichlet distribution. ETERS also incorporates an irregular attenuation factor during the evaluation of communication trust to reflect the effect of various external factors such as natural calamity (earthquake), network congestion, etc., based on the trust values. However, a trust-based attack detection algorithm (TADA) assesses the reliability of SNs to detect internal attacks. TADA employs IDs, locations, and triple trust to detect internal attacks. Additionally, the proposed trust system employs an adjustable dynamic sliding length logical timing window to eradicate the limitations of existing trust models. Furthermore, a trust-based secure routing algorithm is incorporated to dynamically detect misbehavior in terms of packet forwarding for energy-efficient communication among sensor nodes. ETERS is compared with QEBSR, ATRP, ELPC, and SQEER to examine its performance. Experimental results on the MATLAB simulation platform exhibit excellent performance in terms of severity analysis, attack detection, and prevention to protect WSN, energy consumption under i) normal ii) attack scenario, latency(in sec.), packet delivery ratio (PDR), and throughput (in %) in the existence of spiteful nodes.
Wireless Sensor Networks (WSNs) have attracted various academic researchers, engineers, science, and technology communities. This attraction is due to their broad research areas such as energy efficiency, data communication, coverage, connectivity, load balancing, security, reliability, scalability, and network lifetime. Researchers are looking towards cost-effective approaches to improve the existing solutions that reveal novel schemes, methods, concepts, protocols, and algorithms in the desired domain. Generally, review studies provide complete, easy access or solution to these concepts. Considering this as a driving force and the impact of clustering on the deterioration of energy consumption in wireless sensor networks, this review focus on clustering methods based on different aspects. This study’s significant contribution is to provide a brief review in the field of clustering in wireless sensor networks based on three different categories, such as classical, optimization, and machine learning techniques. For each of these categories, various performance metrics and parameters are provided, and a comparative assessment of the corresponding aspects like cluster head selection, routing protocols, reliability, security, and unequal clustering are discussed. Various advantages, limitations, applications of each method, research gaps, challenges, and research directions are considered in this study, motivating the researchers to carry out further research by providing relevant information in cluster-based wireless sensor networks.
Sensors in Wireless Sensor Network (WSN) sense, process, and transmit information simultaneously. They mainly find applications in agriculture monitoring, environment monitoring, smart city development and defence. These applications demand high-end performance from the WSN. However, the performance of a WSN is highly vulnerable to various types of security threats. Any intrusion may reduce the performance of the WSN and result in fatal problems. Hence, fast intrusion detection and prevention is of great use. This paper aims towards fast detection and prevention of any intrusion using a machine learning approach based on Gaussian Process Regression (GPR) model. We proposed three methods (S-GPR, C-GPR and GPR) based on feature scaling for accurate prediction of k-barrier coverage probability. We have selected the number of nodes, sensing range, Sensor to Intruder Velocity Ratio (SIVR), Mobile to Static Node Ratio (MSNR), angle of the intrusion path and required k as the potential features. These features are extracted using an analytical approach. Simulation results demonstrate that the proposed method III accurately predicts the k-barrier coverage probability and outperforms the other two methods (I and II) with a correlation coefficient (R = 0.85) and Root Mean Square Error (RMSE = 0.095). Further, the proposed methods achieve a higher accuracy as compared to other benchmark schemes.
The rapid advancements in wireless technology and enhanced computing power of handheld devices, enable the users to perform transactions anywhere, anytime during roaming. Carrying out ongoing transactions during roaming is a crucial field for research in the field of mobile communication. In order to ensure a high quality of service (QoS), an energy-efficient handover process is essential for accomplishing the ongoing transaction. The performance of mobile communication is mainly deteriorated by the roaming and low battery power requirement of mobile host. Due to limited channel availability, most of the handover requests are failed. Energy-efficient enhanced mobility management queuing model is proposed by combining two existing schemes GE/GE/C/N/FCFS and scheme GE/GE/C/N/PR to strengthen the performance. In this research, EMMM scales down the dropping rate of handover transaction request (HTR) and new transaction request (NTR).The proposed model has achieved the enhancement of channel utilization along with the reduction in handover failure and low drop and blocking rate of HTR and NTR, respectively.
In order to solve the critical issues in Wireless Sensor Networks (WSNs), with concern for limited sensor lifetime, nature-inspired algorithms are emerging as a suitable method. Getting optimal network coverage is one of those challenging issues that need to be examined critically before any network setup. Optimal network coverage not only minimizes the consumption of limited energy of battery driven sensors but also reduce the sensing of redundant information. In this paper, we focus on nature-inspired optimization algorithms concerning the optimal coverage in WSNs. In the first half of the paper, we have briefly discussed the taxonomy of the optimization algorithms along with the problem domains in WSNs. In the second half of the paper, we have compared the performance of two nature-inspired algorithms for getting optimal coverage in WSNs. The first one is a combined Improved Genetic Algorithm and Binary Ant Colony Algorithm (IGA-BACA), and the second one is Lion Optimization (LO). The simulation results confirm that LO gives better network coverage, and the convergence rate of LO is faster than that of IGA-BACA. Further, we observed that the optimal coverage is achieved at a lesser number of generations in LO as compared to IGA-BACA. This review will help researchers to explore the applications in this field as well as beyond this area.