A study on network intrusion detection and prevention system current status and challenging issues

A network based Intrusion Prevention System sits in-line on the network, monitoring the incoming packets based on certain prescribed rules and if any bad traffic is detected, the same is dropped in real-time. A signature based detection system was developed to perform TCP port scans, Trace route scan, ping scan and packet sniffing to monitor network. This paper is going to enhance the signature based system to monitor network traffic, creation of per-flow packet traces and adaptive learning of intrusion. The existing Hawkeye solutions are used for the network intrusion detection and prevention system. In this paper we have proposed new model which will combine the three technique such as Adaptive weighted sampling algorithm, packet count flow classifier and Adaptive learning algorithms to the existing system.