Fuzzy Optimization for Security Sensors Deployment in Collaborative Intrusion Detection System

  • Chengchen Hu
  • Zhen Liu
  • Zhen Chen
  • Bin Liu
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4223)


This paper argues about the deployment positions of Network-based Intrusion Detection System and suggests the “Distributed Network Security Sensors” distributed among the nodes of the internal network to monitor traffic. We study the tradeoff between cost and monitoring coverage to determine the positions and processing rates of the sensors. To handle the uncertain nature of flow, we build fuzzy expected value optimization models and develop a hybrid intelligent algorithm to obtain the deployment strategy. From the experiments in actual and synthesized network topologies, we observe that a small number of low-speed sensors are sufficient to maintain a high monitoring coverage. It also depicts that deploying DSS is much more efficient in larger topologies.


Artificial Neural Network Extreme Learn Machine Intrusion Detection Intrusion Detection System Fuzzy Variable 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Heberlein, L.T., Dias, G.V., Levitt, K.N., Mukherjee, B., Wood, J., Wolber, D.: A Network Security Monitor. In: IEEE Symposium on Research on Security and Privacy (1990)Google Scholar
  2. 2.
    Liu, B.: Theroy and Practice of Uncertain Programming. Physica-Verlag, Heidelberg (2002)Google Scholar
  3. 3.
    Jamin, S., Jin, C., Jin, Y., Raz, D., Shavitt, Y., Zhang, L.: On the Placement of Internet Instrumentation. In: INFOCOM (2000)Google Scholar
  4. 4.
    Suh, K., Guoy, Y., Kurose, J., Towsley, D.: Locating Network Monitors: Com-plexity, Heuristics, and Coverage. In: INFOCOM (2005)Google Scholar
  5. 5.
    Tang, X., Xu, J.: On Replica Placement for QoS-aware Content Distribution. In: INFOCOM (2004)Google Scholar
  6. 6.
    Kruegel, C., Valeur, F., Vigna, G., Kemmerer, R.A.: Stateful Intrusion Detection for High-Speed Networks. In: IEEE Symposium on Research on Security and Privacy (2002)Google Scholar
  7. 7.
  8. 8.
  9. 9.
    Carter, E.: Cisco Intrusion Detection System, 1st edn. Cisco Press (2001)Google Scholar
  10. 10.
    Clark, C., Lee, W., Schimmel, D., Contis, D., Kone, M., Thomas, A.: A Hardware Platform for Network Intrusion Detection and Prevention. In: Proceedings of The 3rd Workshop on Network Processors and Applications (NP3) (2004)Google Scholar
  11. 11.
    Zhou, C.V., Karunasekera, S., Leckie, C.: A Peer-to-Peer Collaborative Intrusion Detection System. In: International Conference on Networks 2005, Kuala Lumpur, Malaysia (2005)Google Scholar
  12. 12.
    Liu, B., Liu, Y.-K.: Expected Value of Fuzzy Variable and Fuzzy Expected Value Models. IEEE Transaction on Fuzzy System 10 (2002)Google Scholar
  13. 13.
    Haykin, S.: Neural Networks - A Comprehensive Foundation. Macmillan College Publishing Company, New York (1994)MATHGoogle Scholar
  14. 14.
    Coley, D.A.: An Introduction to Genetic Algorithms for Scientists and Engineers. World Scientific, Singapore (1999)Google Scholar
  15. 15.
    Waxman, B.M.: Routing of Multipoint Connections. IEEE Journal on Selected Areas in Communications 6, 1617–1622 (1988)CrossRefGoogle Scholar
  16. 16.
    Cohoon, J.P., Hedge, S.U., Martin, W.N., Richards, D.: Punctuated Equilibria: A Parallel Genetic Algorithm. In: Second International Conference on Genetic Algorithms (1987)Google Scholar
  17. 17.
    Tomassini, M.: Parallel and Distributed Evolutionary Algorithms. In: Evolutionary Algorithms in Engineering and Computer Science, John Wiley & Sons, Chichester (1999)Google Scholar
  18. 18.
    Huang, G.-B., Zhu, Q.-Y., Siew, C.-K.: Extreme learning machine: a new learning scheme of feedforward neural networks. In: 2004 IEEE International Joint Conference on Neural Networks (2004)Google Scholar
  19. 19.
    Li, M.-B., Huang, G.-B., Saratchandran, P., Sundararajan, N.: Fully Complex Extreme Learning Machine. Neurocomputing (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Chengchen Hu
    • 1
  • Zhen Liu
    • 1
  • Zhen Chen
    • 1
  • Bin Liu
    • 1
  1. 1.Dept. of Computer Science and TechnologyTsinghua UniversityBeijingChina

Personalised recommendations