Title :
A study of methodologies used in intrusion detection and prevention systems (IDPS)
Author :
Mudzingwa, David ; Agrawal, Rajeev
Author_Institution :
Dept. of ECIT, North Carolina A&T State Univ., Greensboro, NC, USA
Abstract :
Intrusion detection and prevention systems (IDPS) are security systems that are used to detect and prevent security threats to computer systems and computer networks. These systems are configured to detect and respond to security threats automatically there by reducing the risk to monitored computers and networks. Intrusion detection and prevention systems use different methodologies such as signature based, anomaly based, stateful protocol analysis, and a hybrid system that combines some or all of the other systems to detect and respond to security threats. The growth of systems that use a combination of methods creates some confusion when trying to choose a methodology and system to deploy. This paper seeks to offer a clear explanation of each methodology and then offer a way to compare these methodologies.
Keywords :
computer network security; protocols; IDPS; computer monitoring; computer network security system; computer system security threat; intrusion detection and prevention system; protocol analysis; Accuracy; Databases; Intrusion detection; Monitoring; Protocols; Resistance; Anomaly Based Detection; Hybrid Based Detection; Intrusion Detection and Prevention Systems (IDPS); Signature Based Detection; Stateful Protocol Analysis Based Detection;
Conference_Titel :
Southeastcon, 2012 Proceedings of IEEE
Conference_Location :
Orlando, FL
Print_ISBN :
978-1-4673-1374-2
DOI :
10.1109/SECon.2012.6197080
