THE LOAD BALANCING OF SELF-SIMILAR TRAFFIC IN NETWORK INTRUSION DETECTION SYSTEMS
Open Access
- 1 January 2020
- journal article
- Published by Borys Grinchenko Kyiv University in Cybersecurity: Education, Science, Technique
- Vol. 3 (7), 17-30
- https://doi.org/10.28925/2663-4023.2020.7.1730
Abstract
The problem of load balancing in intrusion detection systems is considered in this paper. The analysis of existing problems of load balancing and modern methods of their solution are carried out. Types of intrusion detection systems and their description are given. A description of the intrusion detection system, its location, and the functioning of its elements in the computer system are provided. Comparative analysis of load balancing methods based on packet inspection and service time calculation is performed. An analysis of the causes of load imbalance in the intrusion detection system elements and the effects of load imbalance is also presented. A model of a network intrusion detection system based on packet signature analysis is presented. This paper describes the multifractal properties of traffic. Based on the analysis of intrusion detection systems, multifractal traffic properties and load balancing problem, the method of balancing is proposed, which is based on the funcsioning of the intrusion detection system elements and analysis of multifractal properties of incoming traffic. The proposed method takes into account the time of deep packet inspection required to compare a packet with signatures, which is calculated based on the calculation of the information flow multifractality degree. Load balancing rules are generated by the estimated average time of deep packet inspection and traffic multifractal parameters. This paper presents the simulation results of the proposed load balancing method compared to the standard method. It is shown that the load balancing method proposed in this paper provides for a uniform load distribution at the intrusion detection system elements. This allows for high speed and accuracy of intrusion detection with high-quality multifractal load balancing.Keywords
This publication has 20 references indexed in Scilit:
- Analysing performance issues of open-source intrusion detection systems in high-speed networksJournal of Information Security and Applications, 2020
- Method of self-similar load balancing in network intrusion detection systemPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2018
- MAC layer intrusion detection system by cooperation of cross layer in MANETPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2017
- The multifractal load balancing methodPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2015
- Intrusion Detection System (IDS): Anomaly Detection Using Outlier Detection ApproachProcedia Computer Science, 2015
- Optimising IDS Sensor PlacementPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2010
- Correlation-based load balancing for network intrusion detection and prevention systemsPublished by Association for Computing Machinery (ACM) ,2008
- Optimal IDS Sensor Placement and Alert Prioritization Using Attack GraphsJournal of Network and Systems Management, 2008
- On optimizing load balancing of intrusion detection and prevention systemsPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2008
- Dynamic load balancing for network intrusion detection systems based on distributed architecturesPublished by Institute of Electrical and Electronics Engineers (IEEE) ,2007