Abstract
The complexity and scale of critical infrastructures, their strong security requirements and increasing costs require comprehensive methodologies for provisioning cost-effective distributed intrusion detection systems. This paper introduces a novel framework for designing resilient distributed intrusion detection systems. The framework leverages the output of a risk assessment methodology to identify and rank critical communications flows. These flows are integrated in an optimization problem that minimizes the number of deployed detection devices while enforcing a shortest-path routing algorithm to minimize communications delays. The framework engages a resilient distributed intrusion detection design algorithm that accounts for the possibility that detection devices may be compromised or fail. The algorithm optimally positions detection devices to ensure that the infrastructure is resilient to at most K communications path failures. Experimental results demonstrate the effectiveness of the distributed intrusion detection design framework.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callMore From: International Journal of Critical Infrastructure Protection
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
