Optimising IDS Sensor Placement

Hao Chen, John A. Clark, Siraj A. Shaikh, Howard Chivers, Philip Nobles

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In large network environments multiple intrusion detection sensors are needed to adequately monitor network traffic. However, deploying and managing additional sensors on a large network can be a demanding task, and organisations have to balance their desire for detecting intrusions throughout their network with financial and staffing limitations. This paper investigates how intrusion detection system (IDS) sensors should best be placed on a network when there are several competing evaluation criteria. This is a computationally difficult problem and we show how Multi-Objective Genetic Algorithms provide an excellent means of searching for optimal placements.

Original languageEnglish
Title of host publicationFIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS
Place of PublicationLOS ALAMITOS
PublisherIEEE Computer Society
Pages315-320
Number of pages6
ISBN (Print)978-0-7695-3965-2
DOIs
Publication statusPublished - 2010
Event5th International Conference on Availability, Reliability and Security - Cracow
Duration: 15 Feb 201018 Feb 2010

Conference

Conference5th International Conference on Availability, Reliability and Security
CityCracow
Period15/02/1018/02/10

Cite this