Khalid Alsubhi

Learn More
Intrusion Detection Systems (IDSs) are designed to monitor user and/or network activity and generate alerts whenever abnormal activities are detected. The number of these alerts can be very large; making the task of security analysts difficult to manage. Furthermore, IDS alert management techniques, such as clustering and correlation, suffer from involving(More)
Nowadays, many cloud providers offer Virtual Network Function (VNF) services that are dynamically scaled according to the workload. Enterprises enjoy these services by only paying for the actual consumed resources. From a cloud provider's standpoint, the cost of these services must be kept as low as possible, while QoS is maintained and service downtime is(More)
Intrusion detection systems (IDSs) are designed to monitor a networked environment and generate alerts whenever abnormal activities are detected. The number of these alerts can be very large, making their evaluation by security analysts a difficult task. Management is complicated by the need to configure the different components of alert evaluation systems.(More)
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defense against a variety of attacks that can compromise the security and proper functioning of an enterprise information system. Although many IDPS systems have been proposed, their appropriate configuration and control for effective attacks detection/prevention and(More)
Intrusion Detection and/or Prevention Systems (IDPS) represent an important line of defense against the variety of attacks that can compromise the security and well functioning of an enterprise information system. IDPSes can be network or host-based and can collaborate in order to provide better detections of malicious traffic. Although several IDPS systems(More)
This paper aims to study the impact of security enforcement levels on the performance and usability of an enterprise information system. We develop a new analytical model to investigate the relationship between the Intrusion Detection and Prevention System performance and the rules mode selection. In particular, we analyze the IDPS rulechecking process(More)
Protection and performance are the major requirements for any Intrusion Detection and/or Prevention System (IDPS). Existing IDPSs do not seem to provide a satisfactory method of achieving these two conflicting goals. Intrusion Detection Systems (IDSs) fulfill the network performance requirement but exhibit poor protection under successive attacks. On the(More)
Intrusion Detection and/or Prevention Systems (IDPSs) are now a crucial defensive measure to defend against attacks intended to breach the security and operation of enterprise information systems. The IDPS configuration can, however, have a negative impact on network performance in terms of end-toend delay and packet loss. This paper proposes an analytical(More)
  • 1