On the deployment strategy of distributed network security sensors

Author

Hu, Chengchen ; Liu, Zhen ; Chen, Zhen ; Liu, Bin

Author_Institution

Dept. of Comput. Sci. & Technol., Tsinghua Univ., Beijing, China

Volume

1

fYear

2005

fDate

16-18 Nov. 2005

Abstract

Current centralized network intrusion detection systems (NIDS) typically position their sensors at the network access aggregation points and have several limitations on performance and effectiveness. We propose the deployment of "distributed network security sensors (DNSS)" distributed among the nodes of the internal network to monitor traffic of the internal network. We study the tradeoff between deployment cost and monitoring coverage to determine the locations and processing rates of security sensors. Because of the uncertain nature of flow rates, we build a fuzzy optimization model and develop a hybrid intelligent algorithm to solve the problem. Using an actual network topology, we check the relationships among the deployment cost, sensors deployment, and the monitoring coverage. The results demonstrate that a small number of low-speed sensors are sufficient to maintain high monitoring coverage in a high-speed network.

Keywords

telecommunication security; wireless sensor networks; deployment strategy; distributed network security sensors; fuzzy optimization model; hybrid intelligent algorithm; network access aggregation; network intrusion detection systems; Computer science; Computer security; Costs; High-speed networks; Intelligent sensors; Intrusion detection; Monitoring; Sensor systems; Telecommunication traffic; Traffic control; Network Intrusion Detection Systems (NIDS); fuzzy optimization; network monitoring;

fLanguage

English

Publisher

ieee

Conference_Titel

Networks, 2005. Jointly held with the 2005 IEEE 7th Malaysia International Conference on Communication., 2005 13th IEEE International Conference on

ISSN

1531-2216

Print_ISBN

1-4244-0000-7

Type

conf

DOI

10.1109/ICON.2005.1635543

Filename

1635543