Title :
A study on network intrusion detection and prevention system current status and challenging issues
Author :
Vasanthi, S. ; Chandrasekar, S.
Author_Institution :
Dept. of Inf. Technol., Sona Coll. of Technol., Salem, India
Abstract :
A network based Intrusion Prevention System sits in-line on the network, monitoring the incoming packets based on certain prescribed rules and if any bad traffic is detected, the same is dropped in real-time. A signature based detection system was developed to perform TCP port scans, Trace route scan, ping scan and packet sniffing to monitor network. This paper is going to enhance the signature based system to monitor network traffic, creation of per-flow packet traces and adaptive learning of intrusion. The existing Hawkeye solutions are used for the network intrusion detection and prevention system. In this paper we have proposed new model which will combine the three technique such as Adaptive weighted sampling algorithm, packet count flow classifier and Adaptive learning algorithms to the existing system.
Keywords :
computer network security; digital signatures; learning (artificial intelligence); pattern classification; telecommunication traffic; Hawkeye solutions; TCP port scans; adaptive weighted sampling algorithm; incoming packet monitoring; intrusion adaptive learning algorithm; network based intrusion prevention system; network intrusion detection; network traffic monitoring; packet count flow classifier; packet sniffing; perflow packet trace creation; ping scan; prevention system current status; signature based detection system; trace route scan; Advances of Network Security; HawkEye Solutions; Intrusion Detection System; Intrusion Prevention System; Sampling algorithms;
Conference_Titel :
Advances in Recent Technologies in Communication and Computing (ARTCom 2011), 3rd International Conference on
Conference_Location :
Bangalore
DOI :
10.1049/ic.2011.0075