TY - JOUR
T1 - An Integral Cybersecurity Approach Using a Many-Objective Optimization Strategy
AU - Salinas, Omar
AU - Soto, Ricardo
AU - Crawford, Broderick
AU - Olivares, Rodrigo
N1 - Publisher Copyright:
© 2013 IEEE.
PY - 2023
Y1 - 2023
N2 - Data networks and computing devices have experienced exponential growth. Within a short span of time, they have opened new digital frontiers while also bringing forth new threats. These threats have the potential to increase costs and disrupt regular operations. Choosing a cybersecurity plan to address these threats requires balancing direct and indirect costs against the benefits of implementation and subsequent operation. In this study, we propose an efficient strategy for designing networking topologies by incorporating a Security Information and Event Management System. This system consists of a central server and Network Intrusion Detection Sensors, which gather data and promptly transmit information regarding suspicious activities to the server. The server then takes immediate action in case of incidents. To determine the optimal number and placement of sensors, a many-objective optimization approach is employed. The problem is mathematically modeled using linear programming. To solve the optimization problem, swarm intelligence techniques such as the particle swarm optimizer, the bat algorithm, and the black hole method are utilized. Various test scenarios were created by presenting low, medium, and complex instances of conventional networks. The results obtained using the black hole bio-inspired algorithm were particularly satisfying, surpassing the performance and resolution of the other methods.
AB - Data networks and computing devices have experienced exponential growth. Within a short span of time, they have opened new digital frontiers while also bringing forth new threats. These threats have the potential to increase costs and disrupt regular operations. Choosing a cybersecurity plan to address these threats requires balancing direct and indirect costs against the benefits of implementation and subsequent operation. In this study, we propose an efficient strategy for designing networking topologies by incorporating a Security Information and Event Management System. This system consists of a central server and Network Intrusion Detection Sensors, which gather data and promptly transmit information regarding suspicious activities to the server. The server then takes immediate action in case of incidents. To determine the optimal number and placement of sensors, a many-objective optimization approach is employed. The problem is mathematically modeled using linear programming. To solve the optimization problem, swarm intelligence techniques such as the particle swarm optimizer, the bat algorithm, and the black hole method are utilized. Various test scenarios were created by presenting low, medium, and complex instances of conventional networks. The results obtained using the black hole bio-inspired algorithm were particularly satisfying, surpassing the performance and resolution of the other methods.
KW - Security information and event management
KW - cybersecurity
KW - many-objective optimization strategy
KW - metaheuristics
KW - network intrusion detection system
UR - http://www.scopus.com/inward/record.url?scp=85168754874&partnerID=8YFLogxK
U2 - 10.1109/ACCESS.2023.3307492
DO - 10.1109/ACCESS.2023.3307492
M3 - Article
AN - SCOPUS:85168754874
SN - 2169-3536
VL - 11
SP - 91913
EP - 91936
JO - IEEE Access
JF - IEEE Access
ER -