Thi-Nga, D. and Ta, C.H. and Vu, V.S. and Le, D.V. (2020) An Optimal Packet Assignment Algorithm for Multi-level Network Intrusion Detection Systems. In: 6th EAI International Conference on Industrial Networks and Intelligent Systems, INISCOM 2020, 24 August 2020 through 28 August 2020.
Iniscom_2020_conference_paper (1).pdf
Download (383kB) | Preview
Abstract
With the outbreaks of recent cyber-attacks, a network intrusion detection system (NIDS) which can detect and classify abnormal traffic data has drawn a lot of attention. Although detection time and accuracy are important factors, there is no work considering both contrastive objectives in an NIDS. In order to quickly and accurately respond to network threats, intrusion detection algorithms should be implemented on both fog and cloud devices, which have different levels of computing capacity and detection time, in a collaborative manner. Therefore, this work proposes a packet assignment algorithm that assigns detection and classification tasks for appropriate processing devices. Specifically, we formulate a novel optimization problem that minimizes detection time while achieving accuracy performance and computational constraints. Then, an optimal packet assignment algorithm that allocates as many packets as possible to fog devices in order to shorten the detection time is proposed. The experimental results on a state-of-the-art network dataset (UNSW-NB15) show that the proposed packet assignment algorithm produces similar performance to the optimal solution with regard to the detection time and accuracy. © 2020, ICST Institute for Computer Sciences, Social Informatics and Telecommunications Engineering.
Item Type: | Conference or Workshop Item (Paper) |
---|---|
Divisions: | Faculties > Faculty of Radio-Electronic Engineering |
Identification Number: | 10.1007/978-3-030-63083-6_23 |
Uncontrolled Keywords: | Computer crime; Intelligent systems; Network security; Packet networks; Assignment algorithms; Classification tasks; Computational constraints; Computing capacity; Intrusion detection algorithms; Multi-level networks; Network intrusion detection systems; Optimization problems; Intrusion detection |
Additional Information: | Conference code: 252119. Language of original document: English. |
URI: | http://eprints.lqdtu.edu.vn/id/eprint/9103 |