The placement-configuration problem for intrusion detection nodes in wireless sensor networks

Authors:
Juan E. Tapiador;John A. Clark
Affiliations:
Department of Computer Science, Universidad Carlos III de Madrid, Avda. Universidad 30, 28911 Leganés, Madrid, Spain;Department of Computer Science, University of York, YO10 5GH York, UK
Venue:
Computers and Electrical Engineering
Year:
2013

Citing 10
Cited 1

Two-Stage Optimisation in the Design of Boolean Functions

ACISP '00 Proceedings of the 5th Australasian Conference on Information Security and Privacy
A formal approach to sensor placement and configuration in a network intrusion detection system

Proceedings of the 2006 international workshop on Software engineering for secure systems
Predicting the Resource Consumption of Network Intrusion Detection Systems

RAID '08 Proceedings of the 11th international symposium on Recent Advances in Intrusion Detection
Optimal IDS Sensor Placement and Alert Prioritization Using Attack Graphs

Journal of Network and Systems Management
Non-linear cryptanalysis revisited: heuristic search for approximations to S-boxes

Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Learning Autonomic Security Reconfiguration Policies

CIT '10 Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology
Using evolutionary computation technique for trade-off between performance peak-to average power ration reduction and computational complexity in OFDM systems

Computers and Electrical Engineering
LLACA: An adaptive localized clustering algorithm for wireless ad hoc networks

Computers and Electrical Engineering
Wire antennas optimized using genetic algorithm

Computers and Electrical Engineering
Scale-free topology evolution for wireless sensor networks with reconstruction mechanism

Computers and Electrical Engineering

Physical process resilience-aware network design for SCADA systems

Computers and Electrical Engineering

Quantified Score

Hi-index	0.00

Visualization

Abstract

The deployment and configuration of a distributed network intrusion detection system (NIDS) in a large Wireless Sensor Network (WSN) is an enormous challenge. A reduced number of devices equipped with detection capabilities have to be placed on strategic network locations and then appropriately configured in order to maximise the detection rate and minimise the amount of computational and physical resources consumed - fundamentally energy, which in turn depends on CPU, memory, and network usage. In practice, a major difficulty lies in the fact that the relationship between each node's tuning parameters and the overall cost/benefit rate achieved by the deployment is poorly understood. We call this the Placement-Configuration Problem (PCP). In this paper we formalise and study this problem both theoretically and empirically. We introduce a formal model of distributed NIDS upon which the cost/benefit tradeoffs can be appropriately derived. Subsequently we show that, in general, the PCP is hard (NP-complete) and present a heuristic local search algorithm to find near-optimal solutions for practical scenarios. Our analysis framework is general in the sense that it is applicable to a number of existing detection technologies for WSNs, and we discuss how further aspects can be easily introduced if required.