4 May 2007 Enterprise network intrusion detection and prevention system (ENIDPS)
Author Affiliations +
Securing enterprise networks comes under two broad topics: Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS). The right combination of selected algorithms/techniques under both topics produces better security for a given network. This approach leads to using layers of physical, administrative, electronic, and encrypted systems to protect valuable resources. So far, there is no algorithm, which guarantees absolute protection for a given network from intruders. Intrusion Prevention Systems like IPSec, Firewall, Sender ID, Domain Keys Identified Mail (DKIM) etc. do not guarantee absolute security just like existing Intrusion Detection Systems. Our approach focuses on developing an IDS, which will detect all intruders that bypass the IPS and at the same time will be used in updating the IPS, since the IPS fail to prevent some intruders from entering a given network. The new IDS will employ both signature-based detection and anomaly detection as its analysis strategy. It should therefore be able to detect known and unknown intruders or attacks and further isolate those sources of attack within the network. Both real-time and off-line IDS predictions will be applied under the analysis and response stages. The basic IDS architecture will involve both centralized and distributed/heterogeneous architecture to ensure effective detection. Pro-active responses and corrective responses will be employed. The new security system, which will be made up of both IDS and IPS, should be less expensive to implement compared to existing ones. Finally, limitations of existing security systems have to be eliminated with the introduction of the new security system.
© (2007) COPYRIGHT Society of Photo-Optical Instrumentation Engineers (SPIE). Downloading of the abstract is permitted for personal use only.
C. M. Akujuobi, C. M. Akujuobi, N. K. Ampah, N. K. Ampah, } "Enterprise network intrusion detection and prevention system (ENIDPS)", Proc. SPIE 6538, Sensors, and Command, Control, Communications, and Intelligence (C3I) Technologies for Homeland Security and Homeland Defense VI, 653805 (4 May 2007); doi: 10.1117/12.719994; https://doi.org/10.1117/12.719994

Back to Top