142/MAPLD 2005Sluzek 1

Development of a Reconfigurable

Sensor Network for Intrusion Detection

Andrzej Sluzek & Palaniappan Annamalai

Intelligent Systems Centre

Nanyang Technological University, Singapore

142/MAPLD 2005Sluzek 2

RATIONALE• Wireless sensor networks are to become an important tool for various security and/or surveillance applications.

• They may be used fully autonomously, but in a more realistic scenario, sensors network support human decisions by providing data that have been preliminarily analyzed, interpreted and prioritized.

AIMS• To embed a high level of autonomy and intelligence into FPGA-based nodes of multi-sensor networks.

• To develop a library of FPGA implementations of various mechanisms for data acquisition, processing and intelligent selection.

• To develop an experimental platform for testing various applications and scenarios.

142/MAPLD 2005Sluzek 3

DESIGN METHODOLOGY

• Two levels of sensor nodes

• First-level sensor nodes with basic sensing devices (proximity, vibration, acoustic, magnetic, etc.), low computational capabilities, and wireless transmission devices. They monitor conditions in the protected zone and act as preliminary detectors of possible intrusions.

• Second-level sensor nodes built around a higher-performance FPGA controlling an array of cameras. They perform more advanced data processing to confirm/reject the intrusion detections and to further classify the nature of intrusion (before alerting a human operator).

142/MAPLD 2005Sluzek 4

142/MAPLD 2005Sluzek 5

The first-level nodes:

• Generally use very simple detection technique (e.g. analog signals with binary signal thresholding) with limited (if any) signal processing capabilities.

• Are continuously active.

• Upon capturing a predefined combination of sensor signals from the monitored zone, a message is wirelessly transmitted to the second-level nodes (to those close enough to receive the message).

• Low energy consumption is a crucial issue since very long operational lifetime is expected.

• No online reprogrammability/reconfigurability is envisaged.

• Usually are motionless.

142/MAPLD 2005Sluzek 6

The second-level nodes:

• The cameras are generally inactive except for the occasional update of the background image.

• Are activated (capture several image frames) upon receiving a warning message from the first-level nodes.

• Perform complex image processing operation to confirm suspected intrusions and to classify their nature.

• In case of detecting a potentially dangerous intrusion, wirelessly transmit the picture of intruder to the higher level in the decision chain.

• Incorporate an FPGA module and can be online (e.g. wirelessly) reconfigured for different tasks or applications.

• Peak energy consumption may be high, but the average power requirements is reduced to the level providing long operational lifetime.

• Motionless or attached to a mobile platform.

142/MAPLD 2005Sluzek 7

Implementation details:

• The first-level node incorporates a wireless communication chip, a low-cost microcontroller (performing sensor data acquisition, generating the warning message and interfacing the wireless chip) and the sensors. Battery power supply is provided.

• A standard communication protocol for low-power wireless networks is used.

• The second-level node incorporates:

(a) the wireless components of the first-level node;

(b) a higher-performance FPGA device with external memory and CPLD module;

(c) CCD cameras;

(d) camera interfaces;

• Battery power supply for the second-level node is planned, but currently a power-supply adapter is used.

142/MAPLD 2005Sluzek 8

Implementation details (cont.):

• In the first model, selected fragments of commercially available development boards (with many redundant features) have been used – encircled red in the figures.

• Currently, dedicated platforms are built.

142/MAPLD 2005Sluzek 9

Exemplary methodologies for FPGA-implemented image processing and intrusion detection and classification:

1. Background update (details depend on the type of application).

2. A complicated operation (utilizing methods of mathematical morphology) of extracting the intruder’s silhouette from the background. Minor disturbances of the background (e.g. swaying trees, grass, vibrations of the device, etc.) are ignored.

3. Further analysis of intruder’s silhouette (e.g. using the method of moments and moment invariants that allow a broad classification of intruders in selected applications).

4. Analysis of intruder’s motion using silhouette variations in a sequence of two (or more) images. The moments of silhouette can be used.

142/MAPLD 2005Sluzek 10

Exemplary methodologies for FPGA-implemented image processing and intrusion detection and classification (cont.):

5. Detection of interest points in the intruder’s silhouettes (under development).

6. Transmission of the intruder’s image to the higher level in the decision chain.

7. Transmission of interest point to the higher level in the decision chain. Identification of particular intruders based on matching transmitted interest points to the database of known intruders (under development).

142/MAPLD 2005Sluzek 11

•In complex scenarios, the amount of data for a human inspection and/or assessment can be very large.•In dynamically changing situations , the required reaction time can be very short (if compared to human capabilities).

142/MAPLD 2005Sluzek 12

A hypothetical display presenting the only suspicious object detected by one of the cameras.

142/MAPLD 2005Sluzek 13

RE: Background update (details depend on the type of application).

142/MAPLD 2005Sluzek 14

RE: Extracting the intruder’s image and silhouette from the background.

142/MAPLD 2005Sluzek 15

RE: Extracting the intruder’s silhouette from the background.

142/MAPLD 2005Sluzek 16

RE: Further analysis of intruder’s silhouette (allowing a broad classification of intruders in selected applications).

Typical approach: using moment invariants

142/MAPLD 2005Sluzek 17

RE: Analysis of intruder’s motion using silhouette variations in a sequence of two (or more) images.

In this example, the intruder is apparently approaching the camera and turning to the left. The speed of motion can be estimated from the relative size of both silhouettes and their intersection.

142/MAPLD 2005Sluzek 18

RE: Detection of interest points in the intruder’s silhouettes (under development).

142/MAPLD 2005Sluzek 19

RE: Transmission of the intruder’s image to the higher level in the decision chain (alternative options available).

142/MAPLD 2005Sluzek 20

RE: Transmission of interest point to the higher level in the decision chain. Identification of particular intruders based on matching transmitted interest points to the database of known intruders (under development).

142/MAPLD 2005Sluzek 21

OTHER ISSUES

• Transmission of the image fragments using Advanced encryption standard (AES128) has been developed and implemented in the FPGA for the communication protocol used in the network.

• Additionally, experiments have been conducted to directly connect R/T devices to FPGA so that proprietary transmission protocols and methods can be used.