Cost benefit deployment of dnips

Emily Rozenshine-Kemelmakher, Rami Puzis, Ariel Felner, Yuval Elovici

2010 IEEE International Conference on Communications, 1-5, 2010

Effective deployment of Real Time Distributed Network Intrusion Detection Systems (DNIDS) on High- speed and large-scale networks within limited budget constraints is a challenging task. In this paper we investigate algorithms aiming at optimizing the deployment of DNIDS systems. We use Group Betweenness Centrality (GBC) as an approximation of the DNIDS deployment utility. In this work we use two cost models. The first cost model assumes that all network intrusion detection devices have the same cost. The second model assumes that the cost of the device is relative to the traffic load on the network node on which it is installed. We evaluate two algorithms for finding the most prominent group in these cost models. The first algorithm is based on greedy choice of vertices and the second is based on heuristic search and finds the optimal deployment locations. We investigate combinations of heuristic functions …