Download now Free registration required
In large-scale enterprise networks, multiple network intrusion detection and prevention systems are used to provide high quality protection. A challenging problem is to maintain load balancing of the systems, while minimizing the loss of information due to distributing traffic. Because anomaly-based detection and prevention of some intrusions require a single system to analyze attack correlated flows, this loss of information might severely reduce the accuracy of the detection and prevention. In this paper, the authors address this problem by first formalizing the load balancing problem as an optimization problem, considering both the load variance and the information loss.
- Format: PDF
- Size: 191.1 KB