Abstract
This paper argues about the deployment positions of Network-based Intrusion Detection System and suggests the “Distributed Network Security Sensors” distributed among the nodes of the internal network to monitor traffic. We study the tradeoff between cost and monitoring coverage to determine the positions and processing rates of the sensors. To handle the uncertain nature of flow, we build fuzzy expected value optimization models and develop a hybrid intelligent algorithm to obtain the deployment strategy. From the experiments in actual and synthesized network topologies, we observe that a small number of low-speed sensors are sufficient to maintain a high monitoring coverage. It also depicts that deploying DSS is much more efficient in larger topologies.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Heberlein, L.T., Dias, G.V., Levitt, K.N., Mukherjee, B., Wood, J., Wolber, D.: A Network Security Monitor. In: IEEE Symposium on Research on Security and Privacy (1990)
Liu, B.: Theroy and Practice of Uncertain Programming. Physica-Verlag, Heidelberg (2002)
Jamin, S., Jin, C., Jin, Y., Raz, D., Shavitt, Y., Zhang, L.: On the Placement of Internet Instrumentation. In: INFOCOM (2000)
Suh, K., Guoy, Y., Kurose, J., Towsley, D.: Locating Network Monitors: Com-plexity, Heuristics, and Coverage. In: INFOCOM (2005)
Tang, X., Xu, J.: On Replica Placement for QoS-aware Content Distribution. In: INFOCOM (2004)
Kruegel, C., Valeur, F., Vigna, G., Kemmerer, R.A.: Stateful Intrusion Detection for High-Speed Networks. In: IEEE Symposium on Research on Security and Privacy (2002)
ISS, RealSecure Network Gigabit, http://www.iss.net/products_services/enterprise_protection/rsnetwork/gigabitsensor.php
Networks, T.: Attack Mitigator IPS 5500, http://www.toplayer.com/content/products/intrusion_detection/attack_mitigator.jsp
Carter, E.: Cisco Intrusion Detection System, 1st edn. Cisco Press (2001)
Clark, C., Lee, W., Schimmel, D., Contis, D., Kone, M., Thomas, A.: A Hardware Platform for Network Intrusion Detection and Prevention. In: Proceedings of The 3rd Workshop on Network Processors and Applications (NP3) (2004)
Zhou, C.V., Karunasekera, S., Leckie, C.: A Peer-to-Peer Collaborative Intrusion Detection System. In: International Conference on Networks 2005, Kuala Lumpur, Malaysia (2005)
Liu, B., Liu, Y.-K.: Expected Value of Fuzzy Variable and Fuzzy Expected Value Models. IEEE Transaction on Fuzzy System 10 (2002)
Haykin, S.: Neural Networks - A Comprehensive Foundation. Macmillan College Publishing Company, New York (1994)
Coley, D.A.: An Introduction to Genetic Algorithms for Scientists and Engineers. World Scientific, Singapore (1999)
Waxman, B.M.: Routing of Multipoint Connections. IEEE Journal on Selected Areas in Communications 6, 1617–1622 (1988)
Cohoon, J.P., Hedge, S.U., Martin, W.N., Richards, D.: Punctuated Equilibria: A Parallel Genetic Algorithm. In: Second International Conference on Genetic Algorithms (1987)
Tomassini, M.: Parallel and Distributed Evolutionary Algorithms. In: Evolutionary Algorithms in Engineering and Computer Science, John Wiley & Sons, Chichester (1999)
Huang, G.-B., Zhu, Q.-Y., Siew, C.-K.: Extreme learning machine: a new learning scheme of feedforward neural networks. In: 2004 IEEE International Joint Conference on Neural Networks (2004)
Li, M.-B., Huang, G.-B., Saratchandran, P., Sundararajan, N.: Fully Complex Extreme Learning Machine. Neurocomputing (2005)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Hu, C., Liu, Z., Chen, Z., Liu, B. (2006). Fuzzy Optimization for Security Sensors Deployment in Collaborative Intrusion Detection System. In: Wang, L., Jiao, L., Shi, G., Li, X., Liu, J. (eds) Fuzzy Systems and Knowledge Discovery. FSKD 2006. Lecture Notes in Computer Science(), vol 4223. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11881599_91
Download citation
DOI: https://doi.org/10.1007/11881599_91
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-45916-3
Online ISBN: 978-3-540-45917-0
eBook Packages: Computer ScienceComputer Science (R0)