A new architecture for network intrusion detection and prevention

Bul'ajoul, W ORCID logoORCID: https://orcid.org/0000-0003-4927-9500, James, A ORCID logoORCID: https://orcid.org/0000-0001-9274-7803 and Shaikh, S, 2019. A new architecture for network intrusion detection and prevention. IEEE Access, 7, pp. 18558-18573. ISSN 2169-3536

[thumbnail of 13565_bul'ajoul.pdf]
Preview
Text
13565_bul'ajoul.pdf - Published version

Download (4MB) | Preview

Abstract

This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. It shows that the NIDPS performance can be weak in the face of high-speed and high-load malicious traffic in terms of packet drops, outstanding packets without analysis, and failing to detect/prevent unwanted traffic. A novel quality of service (QoS) architecture has been designed to increase the intrusion detection and prevention performance. Our research has proposed and evaluated a solution using a novel QoS configuration in a multi-layer switch to organize packets/traffic and parallel techniques to increase the packet processing speed. The new architecture was tested under different traffic speeds, types, and tasks. The experimental results show that the architecture improves the network and security performance which is can cover up to 8 Gb/s with 0 packets dropped. This paper also shows that this number (8Gb/s) can be improved, but it depends on the system capacity which is always limited.

Item Type: Journal article
Publication Title: IEEE Access
Creators: Bul'ajoul, W., James, A. and Shaikh, S.
Publisher: IEEE (Institute of Electrical and Electronics Engineers)
Date: 31 January 2019
Volume: 7
ISSN: 2169-3536
Identifiers:
Number
Type
10.1109/access.2019.2895898
DOI
Rights: © 2019 IEEE. Translations and content mining are permitted for academic research only. Personal use is also permitted, but republication/redistribution requires IEEE permission. See http://www.ieee.org/publications_standards/publications/rights/index.html for more information.
Divisions: Schools > School of Science and Technology
Record created by: Jill Tomkinson
Date Added: 13 Mar 2019 14:59
Last Modified: 13 Mar 2019 14:59
URI: https://irep.ntu.ac.uk/id/eprint/35995

Actions (login required)

Edit View Edit View

Statistics

Views

Views per month over past year

Downloads

Downloads per month over past year