Deployment of DNIDS in social networks

Meytal Tubi, Rami Puzis, Yuval Elovici

2007 IEEE Intelligence and Security Informatics, 59-65, 2007

Internet users form social networks as they communicate with each other. Computer worms and viruses exploit these social networks in order to propagate to other users. In this paper we present a new framework aimed at slowing down or even preventing the propagation of computer worms and viruses in social networks. In the first part of the framework a social network has to be derived for a given community of users. In the second part the group of users that have the highest influence on the communication in the social network has to be located. The group betweenness centrality measure is used to evaluate the influence of each candidate group. In the third part we analyze the threat propagation in the social network assuming that a distributed network intrusion detection system (DNIDS) is monitoring the traffic of the group. The analysis is performed using a network simulator that was developed for this purpose …