Design and Implementation of Intrusion Detection System (Ids) Sensor Deployment

Network intrusion detection systems provide proactive defense against security threats by detecting and blocking attack-related traffic. This task can be highly complex, and therefore, software-based network intrusion detection systems have difficulty in handling high speed links. This paper describes the design and implementation of a high-performance network intrusion detection system that combines the use of software-based network intrusion detection sensors deployment. In large network environments multiple intrusion detection sensors are needed to adequately monitor network traffic. However, deploying and managing additional sensors on a large network can be a demanding task, and organizations have to balance their desire for detecting intrusions throughout their network with financial and staffing limitations. This paper investigates how intrusion detection system (IDS) sensors should best be placed on a network when there are several competing evaluation criteria. This is a computationally difficult problem and we show how Multi-Objective Genetic Algorithms provide an excellent means of searching for optimal placement.