An Efficient Method for Optimal Probe Deployment of Distributed IDS

Jing WANG  Naoya NITTA  Hiroyuki SEKI  

IEICE TRANSACTIONS on Information and Systems   Vol.E88-D    No.8    pp.1948-1957
Publication Date: 2005/08/01
Online ISSN: 
DOI: 10.1093/ietisy/e88-d.8.1948
Print ISSN: 0916-8532
Type of Manuscript: PAPER
Category: Dependable Computing
network security,  intrusion detection,  network IDS,  distributed IDS,  IDS partition deployment problem,  

Full Text: PDF>>
Buy this Article

A distributed network-oriented Intrusion Detection System (IDS) is a mechanism which detects misuse accesses to an intra-network by distributed IDSs on the network with decomposed attack scenarios. However, there are only ad hoc algorithms for determining a deployment of distributed IDSs and a partition of the attack scenarios. In this paper, we formally define this problem as the IDS partition deployment problem and design an efficient algorithm for a simplified version of the problem by graph theoretical techniques.