A Multi-objective Optimisation Approach to IDS Sensor Placement
作者: Hao Chen , John A. Clark , Juan E. Tapiador , Siraj A. Shaikh , Howard Chivers
DOI: 10.1007/978-3-642-04091-7_13
关键词: Machine learning 、 Constant false alarm rate 、 Artificial intelligence 、 Data mining 、 Difficult problem 、 Intrusion detection system 、 Engineering
摘要: This paper investigates how intrusion detection system (IDS) sensors should best be placed on a network when there are several competing evaluation criteria. is computationally difficult problem and we show Multi-Objective Genetic Algorithms provide an excellent means of searching for optimal placements.
springer.com
core.ac.uk
coventry.ac.uk
york.ac.uk
sci-hub.st 参考文章(10)
Siraj A. Shaikh, Howard Chivers, Philip Nobles, John A. Clark, Hao Chen, Network reconnaissance Network Security. ,vol. 2008, pp. 12- 16 ,(2008) , 10.1016/S1353-4858(08)70129-6
Eckart Zitzler, Marco Laumanns, Lothar Thiele, SPEA2: Improving the strength pareto evolutionary algorithm Technical Report, Gloriastrasse 35. ,vol. 103, ,(2001) , 10.3929/ETHZ-A-004284029
David E. Goldberg, Genetic algorithms in search, optimization, and machine learning ,(1988)
Siraj A. Shaikh, Howard Chivers, Philip Nobles, John A. Clark, Hao Chen, A Deployment Value Model for Intrusion Detection Sensors information security and assurance. pp. 250- 259 ,(2009) , 10.1007/978-3-642-02617-1_26
Teerawat Issariyakul, Ekram Hossain, Introduction to Network Simulator NS2 ,(2008)
Carlos A. Coello, An updated survey of GA-based multiobjective optimization techniques ACM Computing Surveys. ,vol. 32, pp. 109- 143 ,(2000) , 10.1145/358923.358929
Guofei Gu, Prahlad Fogla, David Dagon, Wenke Lee, Boris Skorić, Measuring intrusion detection capability Proceedings of the 2006 ACM Symposium on Information, computer and communications security - ASIACCS '06. pp. 90- 101 ,(2006) , 10.1145/1128817.1128834
Marco Rolando, Matteo Rossi, Niccolò Sanarico, Dino Mandrioli, A formal approach to sensor placement and configuration in a network intrusion detection system Proceedings of the 2006 international workshop on Software engineering for secure systems - SESS '06. pp. 65- 71 ,(2006) , 10.1145/1137627.1137638
Wei Lu, Issa Traore, Detecting New Forms of Network Intrusion Using Genetic Programming computational intelligence. ,vol. 20, pp. 475- 494 ,(2004) , 10.1111/J.0824-7935.2004.00247.X
Steven Noel, Sushil Jajodia, Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs Journal of Network and Systems Management. ,vol. 16, pp. 259- 275 ,(2008) , 10.1007/S10922-008-9109-X