Cost benefit deployment of DNIPS

E. Rozenshine-Kemelmakher, R. Puzis, A. Felner, Y. Elovici

Research output: Chapter in Book/Report/Conference proceedingConference contributionpeer-review

Abstract

Effective deployment of Real Time Distributed Network Intrusion Detection Systems (DNIDS) on High-speed and large-scale networks within limited budget constraints is a challenging task. In this paper we investigate algorithms aiming at optimizing the deployment of DNIDS systems. We use Group Betweenness Centrality (GBC) as an approximation of the DNIDS deployment utility. In this work we use two cost models. The first cost model assumes that all network intrusion detection devices have the same cost. The second model assumes that the cost of the device is relative to the traffic load on the network node on which it is installed. We evaluate two algorithms for finding the most prominent group in these cost models. The first algorithm is based on greedy choice of vertices and the second is based on heuristic search and finds the optimal deployment locations. We investigate combinations of heuristic functions based on solution cost and on solution utility and different node ordering strategies. We show that intelligent choice of the heuristic functions and node ordering can speed up the search. Empirical evaluation shows that while in the first cost model the greedy algorithm produces results that are negligibly close to optimal in the second cost model the difference between optimal and suboptimal solutions can be significant.

Original languageEnglish
Title of host publication2010 IEEE International Conference on Communications, ICC 2010
DOIs
StatePublished - 2010
Externally publishedYes
Event2010 IEEE International Conference on Communications, ICC 2010 - Cape Town, South Africa
Duration: 23 May 201027 May 2010

Publication series

NameIEEE International Conference on Communications
ISSN (Print)0536-1486

Conference

Conference2010 IEEE International Conference on Communications, ICC 2010
Country/TerritorySouth Africa
CityCape Town
Period23/05/1027/05/10

Keywords

  • Cost deployment
  • Group betweenness centrality
  • Heuristic search
  • Large-scale networks

Fingerprint

Dive into the research topics of 'Cost benefit deployment of DNIPS'. Together they form a unique fingerprint.

Cite this