By Topic

Deployment of DNIDS in Social Networks

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Meytal Tubi ; Deutsche Telekom Laboratories at Ben-Gurion University, Ben Gurion University, Be'er Sheva, 84105, Israel, ; Rami Puzis ; Yuval Elovici

Internet users form social networks as they communicate with each other. Computer worms and viruses exploit these social networks in order to propagate to other users. In this paper we present a new framework aimed at slowing down or even preventing the propagation of computer worms and viruses in social networks. In the first part of the framework a social network has to be derived for a given community of users. In the second part the group of users that have the highest influence on the communication in the social network has to be located. The group betweenness centrality measure is used to evaluate the influence of each candidate group. In the third part we analyze the threat propagation in the social network assuming that a distributed network intrusion detection system (DNIDS) is monitoring the traffic of the group. The analysis is performed using a network simulator that was developed for this purpose. In the fourth part a DNIDS has to be deployed on a range of ISPs in order to monitor and clean the traffic of the users belonging to the central group. We applied the new framework by deriving the social network of 1000 students, finding the most influential group of users, and analyzing the influence of the deployment of DNIDS using a simulation tool. The simulation results demonstrated the framework's ability to slow down or even prevent the propagation of threats by cleaning the traffic of central group of users.

Published in:

Intelligence and Security Informatics, 2007 IEEE

Date of Conference:

23-24 May 2007