Improving the Efficiency of Intrusion Detection Systems by Optimizing Rule Deployment Across Multiple IDSs

Arka Ghosh; Massimiliano Albanese; Preetam Mukherjee; Amir Alipour-Fanid

Research.Publish.Connect.

*Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

*Please fill out at least one Field.

Name:
Country:
Subject:

Advanced Search Affiliations Search

If you're looking for an exact phrase use quotation marks on text fields.

Proceedings

Proceedings Search *Please fill out at least one Field. *Value must be an number!

Title:
ISBN:
Year:
Acronym:
Subject:

Advanced Search Proceedings Search

If you're looking for an exact phrase use quotation marks on text fields.

Papers

Papers Search *Please fill out at least one Field.

Title:
Author:
Affiliation:
Subject:

Advanced Search Papers Search

If you're looking for an exact phrase use quotation marks on text fields.

Authors

Authors Search *Please fill out at least one Field.

Name:
Affiliation:
Country:
Conference:
Subject:

Advanced Search Authors Search

If you're looking for an exact phrase use quotation marks on text fields.

Advanced Search

Paper

Improving the Efficiency of Intrusion Detection Systems by Optimizing Rule Deployment Across Multiple IDSs

Topics: Distributed Systems Security; Intrusion Detection & Prevention; Network Security

In Proceedings of the 21st International Conference on Security and Cryptography SECRYPT - Volume 1, 536-543, 2024 , Dijon, France

Authors: Arka Ghosh ¹ ; Massimiliano Albanese ² ; Preetam Mukherjee ¹ and Amir Alipour-Fanid ³

Affiliations: ¹ Digital University Kerala, India ; ² George Mason University, U.S.A. ; ³ University of the District of Columbia, U.S.A.

Keyword(s): Intrusion Detection, IDS Rule Placement, Attack Graph, Optimization.

Abstract: Intrusion Detection Systems (IDS) are strategically installed on specific nodes of an enterprise network to detect ongoing attempts to exploit vulnerable systems. However, deploying a large number of detection rules in each IDS may reduce their efficiency and effectiveness, especially when an IDS is monitoring high-speed data communication channels. Existing research on optimal IDS placement strategies does not address the problem at such a level of granularity. This paper proposes a novel approach for strategic rule deployment subject to various practical constraints. Attack graph-based modeling, along with knowledge of the network topology, is employed to identify the set of suitable rules for deployment on individual IDSs, and capacity constraints are considered to balance the load across IDSs. We provide a formal specification of the optimization problem and propose a practical heuristic solution based on a genetic algorithm.

CC BY-NC-ND 4.0

Guest: Register as new SciTePress user now for free.

SciTePress user: please login.

My Papers

You are not signed in, therefore limits apply to your IP address 3.136.23.84

In the current month:

Recent papers: 100 available of 100 total

2⁺ years older papers: 200 available of 200 total

Paper citation in several formats:

Ghosh, A., Albanese, M., Mukherjee, P. and Alipour-Fanid, A. (2024). Improving the Efficiency of Intrusion Detection Systems by Optimizing Rule Deployment Across Multiple IDSs. In Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT; ISBN 978-989-758-709-2; ISSN 2184-7711, SciTePress, pages 536-543. DOI: 10.5220/0012814500003767

@conference{secrypt24,
author={Arka Ghosh and Massimiliano Albanese and Preetam Mukherjee and Amir Alipour{-}Fanid},
title={Improving the Efficiency of Intrusion Detection Systems by Optimizing Rule Deployment Across Multiple IDSs},
booktitle={Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT},
year={2024},
pages={536-543},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0012814500003767},
isbn={978-989-758-709-2},
issn={2184-7711},
}

TY - CONF

JO - Proceedings of the 21st International Conference on Security and Cryptography - SECRYPT
TI - Improving the Efficiency of Intrusion Detection Systems by Optimizing Rule Deployment Across Multiple IDSs
SN - 978-989-758-709-2
IS - 2184-7711
AU - Ghosh, A.
AU - Albanese, M.
AU - Mukherjee, P.
AU - Alipour-Fanid, A.
PY - 2024
SP - 536
EP - 543
DO - 10.5220/0012814500003767
PB - SciTePress