Data networks and computing devices have experienced exponential growth. Within a short span of time, they have opened new digital frontiers while also bringing forth new threats. These threats have the potential to increase costs and disrupt regular operations. Choosing a cybersecurity plan to address these threats requires balancing direct and indirect costs against the benefits of implementation and subsequent operation. In this study, we propose an efficient strategy for designing networking topologies by incorporating a Security Information and Event Management System. This system consists of a central server and Network Intrusion Detection Sensors, which gather data and promptly transmit information regarding suspicious activities to the server. The server then takes immediate action in case of incidents. To determine the optimal number and placement of sensors, a many-objective optimization approach is employed. The problem is mathematically modeled using linear programming. To solve the optimization problem, swarm intelligence techniques such as the particle swarm optimizer, the bat algorithm, and the black hole method are utilized. Various test scenarios were created by presenting low, medium, and complex instances of conventional networks. The results obtained using the black hole bio-inspired algorithm were particularly satisfying, surpassing the performance and resolution of the other methods.
- Security information and event management
- many-objective optimization strategy
- network intrusion detection system