[go: up one dir, main page]
Skip to main content
SpringerLink
Log in

Fuzzy Optimization for Security Sensors Deployment in Collaborative Intrusion Detection System

  • Conference paper
Fuzzy Systems and Knowledge Discovery (FSKD 2006)

Part of the book series: Lecture Notes in Computer Science ((LNAI,volume 4223))

Included in the following conference series:

Abstract

This paper argues about the deployment positions of Network-based Intrusion Detection System and suggests the “Distributed Network Security Sensors” distributed among the nodes of the internal network to monitor traffic. We study the tradeoff between cost and monitoring coverage to determine the positions and processing rates of the sensors. To handle the uncertain nature of flow, we build fuzzy expected value optimization models and develop a hybrid intelligent algorithm to obtain the deployment strategy. From the experiments in actual and synthesized network topologies, we observe that a small number of low-speed sensors are sufficient to maintain a high monitoring coverage. It also depicts that deploying DSS is much more efficient in larger topologies.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Heberlein, L.T., Dias, G.V., Levitt, K.N., Mukherjee, B., Wood, J., Wolber, D.: A Network Security Monitor. In: IEEE Symposium on Research on Security and Privacy (1990)

    Google Scholar 

  2. Liu, B.: Theroy and Practice of Uncertain Programming. Physica-Verlag, Heidelberg (2002)

    Google Scholar 

  3. Jamin, S., Jin, C., Jin, Y., Raz, D., Shavitt, Y., Zhang, L.: On the Placement of Internet Instrumentation. In: INFOCOM (2000)

    Google Scholar 

  4. Suh, K., Guoy, Y., Kurose, J., Towsley, D.: Locating Network Monitors: Com-plexity, Heuristics, and Coverage. In: INFOCOM (2005)

    Google Scholar 

  5. Tang, X., Xu, J.: On Replica Placement for QoS-aware Content Distribution. In: INFOCOM (2004)

    Google Scholar 

  6. Kruegel, C., Valeur, F., Vigna, G., Kemmerer, R.A.: Stateful Intrusion Detection for High-Speed Networks. In: IEEE Symposium on Research on Security and Privacy (2002)

    Google Scholar 

  7. ISS, RealSecure Network Gigabit, http://www.iss.net/products_services/enterprise_protection/rsnetwork/gigabitsensor.php

  8. Networks, T.: Attack Mitigator IPS 5500, http://www.toplayer.com/content/products/intrusion_detection/attack_mitigator.jsp

  9. Carter, E.: Cisco Intrusion Detection System, 1st edn. Cisco Press (2001)

    Google Scholar 

  10. Clark, C., Lee, W., Schimmel, D., Contis, D., Kone, M., Thomas, A.: A Hardware Platform for Network Intrusion Detection and Prevention. In: Proceedings of The 3rd Workshop on Network Processors and Applications (NP3) (2004)

    Google Scholar 

  11. Zhou, C.V., Karunasekera, S., Leckie, C.: A Peer-to-Peer Collaborative Intrusion Detection System. In: International Conference on Networks 2005, Kuala Lumpur, Malaysia (2005)

    Google Scholar 

  12. Liu, B., Liu, Y.-K.: Expected Value of Fuzzy Variable and Fuzzy Expected Value Models. IEEE Transaction on Fuzzy System 10 (2002)

    Google Scholar 

  13. Haykin, S.: Neural Networks - A Comprehensive Foundation. Macmillan College Publishing Company, New York (1994)

    MATH  Google Scholar 

  14. Coley, D.A.: An Introduction to Genetic Algorithms for Scientists and Engineers. World Scientific, Singapore (1999)

    Google Scholar 

  15. Waxman, B.M.: Routing of Multipoint Connections. IEEE Journal on Selected Areas in Communications 6, 1617–1622 (1988)

    Article  Google Scholar 

  16. Cohoon, J.P., Hedge, S.U., Martin, W.N., Richards, D.: Punctuated Equilibria: A Parallel Genetic Algorithm. In: Second International Conference on Genetic Algorithms (1987)

    Google Scholar 

  17. Tomassini, M.: Parallel and Distributed Evolutionary Algorithms. In: Evolutionary Algorithms in Engineering and Computer Science, John Wiley & Sons, Chichester (1999)

    Google Scholar 

  18. Huang, G.-B., Zhu, Q.-Y., Siew, C.-K.: Extreme learning machine: a new learning scheme of feedforward neural networks. In: 2004 IEEE International Joint Conference on Neural Networks (2004)

    Google Scholar 

  19. Li, M.-B., Huang, G.-B., Saratchandran, P., Sundararajan, N.: Fully Complex Extreme Learning Machine. Neurocomputing (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dept. of Computer Science and Technology, Tsinghua University, Beijing, 100084, China

    Chengchen Hu, Zhen Liu, Zhen Chen & Bin Liu

Authors
  1. Chengchen Hu
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Zhen Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Zhen Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Bin Liu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of Electrical and Electronic Engineering, Nanyang Technological University,, Block S1, Nanyang Avenue, 639798, Singapore

    Lipo Wang

  2. Life Science Research Center, School of Electronic Engineering, Xidian University,, 710071, Xi’an, Shaanxi, China

    Licheng Jiao

  3. School of Electrical and Electronic Engineering, Xidian University, 710071, Xi’an, China

    Guanming Shi

  4. School of Information Technology and Electrical Engineering, The University of Queensland, 4072, Brisbane, Queensland, Australia

    Xue Li

  5. College of Mathematics and Information Science, Hebei Normal University, 050016, Shijiazhuang, Hebei, P.R. China

    Jing Liu

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Hu, C., Liu, Z., Chen, Z., Liu, B. (2006). Fuzzy Optimization for Security Sensors Deployment in Collaborative Intrusion Detection System. In: Wang, L., Jiao, L., Shi, G., Li, X., Liu, J. (eds) Fuzzy Systems and Knowledge Discovery. FSKD 2006. Lecture Notes in Computer Science(), vol 4223. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11881599_91

Download citation

  • DOI: https://doi.org/10.1007/11881599_91

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-45916-3

  • Online ISBN: 978-3-540-45917-0

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation