TY - GEN
T1 - Cost benefit deployment of DNIPS
AU - Rozenshine-Kemelmakher, E.
AU - Puzis, R.
AU - Felner, A.
AU - Elovici, Y.
PY - 2010
Y1 - 2010
N2 - Effective deployment of Real Time Distributed Network Intrusion Detection Systems (DNIDS) on High-speed and large-scale networks within limited budget constraints is a challenging task. In this paper we investigate algorithms aiming at optimizing the deployment of DNIDS systems. We use Group Betweenness Centrality (GBC) as an approximation of the DNIDS deployment utility. In this work we use two cost models. The first cost model assumes that all network intrusion detection devices have the same cost. The second model assumes that the cost of the device is relative to the traffic load on the network node on which it is installed. We evaluate two algorithms for finding the most prominent group in these cost models. The first algorithm is based on greedy choice of vertices and the second is based on heuristic search and finds the optimal deployment locations. We investigate combinations of heuristic functions based on solution cost and on solution utility and different node ordering strategies. We show that intelligent choice of the heuristic functions and node ordering can speed up the search. Empirical evaluation shows that while in the first cost model the greedy algorithm produces results that are negligibly close to optimal in the second cost model the difference between optimal and suboptimal solutions can be significant.
AB - Effective deployment of Real Time Distributed Network Intrusion Detection Systems (DNIDS) on High-speed and large-scale networks within limited budget constraints is a challenging task. In this paper we investigate algorithms aiming at optimizing the deployment of DNIDS systems. We use Group Betweenness Centrality (GBC) as an approximation of the DNIDS deployment utility. In this work we use two cost models. The first cost model assumes that all network intrusion detection devices have the same cost. The second model assumes that the cost of the device is relative to the traffic load on the network node on which it is installed. We evaluate two algorithms for finding the most prominent group in these cost models. The first algorithm is based on greedy choice of vertices and the second is based on heuristic search and finds the optimal deployment locations. We investigate combinations of heuristic functions based on solution cost and on solution utility and different node ordering strategies. We show that intelligent choice of the heuristic functions and node ordering can speed up the search. Empirical evaluation shows that while in the first cost model the greedy algorithm produces results that are negligibly close to optimal in the second cost model the difference between optimal and suboptimal solutions can be significant.
KW - Cost deployment
KW - Group betweenness centrality
KW - Heuristic search
KW - Large-scale networks
UR - http://www.scopus.com/inward/record.url?scp=77955355112&partnerID=8YFLogxK
U2 - 10.1109/icc.2010.5502182
DO - 10.1109/icc.2010.5502182
M3 - ???researchoutput.researchoutputtypes.contributiontobookanthology.conference???
AN - SCOPUS:77955355112
SN - 9781424464043
T3 - IEEE International Conference on Communications
BT - 2010 IEEE International Conference on Communications, ICC 2010
T2 - 2010 IEEE International Conference on Communications, ICC 2010
Y2 - 23 May 2010 through 27 May 2010
ER -