Journal article 404 views
A New Architecture for Network Intrusion Detection and Prevention
Waleed Bul'ajoul 
,
Anne James,
Siraj Shaikh
,
Anne James,
Siraj Shaikh
IEEE Access, Volume: 7, Pages: 18558 - 18573
Swansea University Author:
Siraj Shaikh
Full text not available from this repository: check for access using links below.
DOI (Published version): 10.1109/access.2019.2895898
Abstract
This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. It shows that the NIDP...
| Published in: | IEEE Access |
|---|---|
| ISSN: | 2169-3536 |
| Published: |
Institute of Electrical and Electronics Engineers (IEEE)
2019
|
| Online Access: |
Check full text
|
| URI: | https://cronfa.swan.ac.uk/Record/cronfa61041 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| first_indexed |
2022-10-14T15:01:58Z |
|---|---|
| last_indexed |
2023-01-13T19:21:35Z |
| id |
cronfa61041 |
| recordtype |
SURis |
| fullrecord |
<?xml version="1.0"?><rfc1807><datestamp>2022-10-17T11:22:57.1163973</datestamp><bib-version>v2</bib-version><id>61041</id><entry>2022-09-05</entry><title>A New Architecture for Network Intrusion Detection and Prevention</title><swanseaauthors><author><sid>50117e8faac2d0937989e14847105704</sid><ORCID>0000-0002-0726-3319</ORCID><firstname>Siraj</firstname><surname>Shaikh</surname><name>Siraj Shaikh</name><active>true</active><ethesisStudent>false</ethesisStudent></author></swanseaauthors><date>2022-09-05</date><deptcode>SCS</deptcode><abstract>This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. It shows that the NIDPS performance can be weak in the face of high-speed and high-load malicious traffic in terms of packet drops, outstanding packets without analysis, and failing to detect/prevent unwanted traffic. A novel quality of service (QoS) architecture has been designed to increase the intrusion detection and prevention performance. Our research has proposed and evaluated a solution using a novel QoS configuration in a multi-layer switch to organize packets/traffic and parallel techniques to increase the packet processing speed. The new architecture was tested under different traffic speeds, types, and tasks. The experimental results show that the architecture improves the network and security performance which is can cover up to 8 Gb/s with 0 packets dropped. This paper also shows that this number (8Gb/s) can be improved, but it depends on the system capacity which is always limited.</abstract><type>Journal Article</type><journal>IEEE Access</journal><volume>7</volume><journalNumber/><paginationStart>18558</paginationStart><paginationEnd>18573</paginationEnd><publisher>Institute of Electrical and Electronics Engineers (IEEE)</publisher><placeOfPublication/><isbnPrint/><isbnElectronic/><issnPrint/><issnElectronic>2169-3536</issnElectronic><keywords/><publishedDay>20</publishedDay><publishedMonth>2</publishedMonth><publishedYear>2019</publishedYear><publishedDate>2019-02-20</publishedDate><doi>10.1109/access.2019.2895898</doi><url/><notes/><college>COLLEGE NANME</college><department>Computer Science</department><CollegeCode>COLLEGE CODE</CollegeCode><DepartmentCode>SCS</DepartmentCode><institution>Swansea University</institution><apcterm/><funders>Nottingham Trent University; University of Omar Al-Mukhtar, Al-Bayda, Libya</funders><projectreference/><lastEdited>2022-10-17T11:22:57.1163973</lastEdited><Created>2022-09-05T22:37:07.2479845</Created><path><level id="1">Faculty of Science and Engineering</level><level id="2">School of Mathematics and Computer Science - Computer Science</level></path><authors><author><firstname>Waleed</firstname><surname>Bul'ajoul</surname><orcid>0000-0003-4927-9500</orcid><order>1</order></author><author><firstname>Anne</firstname><surname>James</surname><order>2</order></author><author><firstname>Siraj</firstname><surname>Shaikh</surname><orcid>0000-0002-0726-3319</orcid><order>3</order></author></authors><documents/><OutputDurs/></rfc1807> |
| spelling |
2022-10-17T11:22:57.1163973 v2 61041 2022-09-05 A New Architecture for Network Intrusion Detection and Prevention 50117e8faac2d0937989e14847105704 0000-0002-0726-3319 Siraj Shaikh Siraj Shaikh true false 2022-09-05 SCS This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. It shows that the NIDPS performance can be weak in the face of high-speed and high-load malicious traffic in terms of packet drops, outstanding packets without analysis, and failing to detect/prevent unwanted traffic. A novel quality of service (QoS) architecture has been designed to increase the intrusion detection and prevention performance. Our research has proposed and evaluated a solution using a novel QoS configuration in a multi-layer switch to organize packets/traffic and parallel techniques to increase the packet processing speed. The new architecture was tested under different traffic speeds, types, and tasks. The experimental results show that the architecture improves the network and security performance which is can cover up to 8 Gb/s with 0 packets dropped. This paper also shows that this number (8Gb/s) can be improved, but it depends on the system capacity which is always limited. Journal Article IEEE Access 7 18558 18573 Institute of Electrical and Electronics Engineers (IEEE) 2169-3536 20 2 2019 2019-02-20 10.1109/access.2019.2895898 COLLEGE NANME Computer Science COLLEGE CODE SCS Swansea University Nottingham Trent University; University of Omar Al-Mukhtar, Al-Bayda, Libya 2022-10-17T11:22:57.1163973 2022-09-05T22:37:07.2479845 Faculty of Science and Engineering School of Mathematics and Computer Science - Computer Science Waleed Bul'ajoul 0000-0003-4927-9500 1 Anne James 2 Siraj Shaikh 0000-0002-0726-3319 3 |
| title |
A New Architecture for Network Intrusion Detection and Prevention |
| spellingShingle |
A New Architecture for Network Intrusion Detection and Prevention Siraj Shaikh |
| title_short |
A New Architecture for Network Intrusion Detection and Prevention |
| title_full |
A New Architecture for Network Intrusion Detection and Prevention |
| title_fullStr |
A New Architecture for Network Intrusion Detection and Prevention |
| title_full_unstemmed |
A New Architecture for Network Intrusion Detection and Prevention |
| title_sort |
A New Architecture for Network Intrusion Detection and Prevention |
| author_id_str_mv |
50117e8faac2d0937989e14847105704 |
| author_id_fullname_str_mv |
50117e8faac2d0937989e14847105704_***_Siraj Shaikh |
| author |
Siraj Shaikh |
| author2 |
Waleed Bul'ajoul Anne James Siraj Shaikh |
| format |
Journal article |
| container_title |
IEEE Access |
| container_volume |
7 |
| container_start_page |
18558 |
| publishDate |
2019 |
| institution |
Swansea University |
| issn |
2169-3536 |
| doi_str_mv |
10.1109/access.2019.2895898 |
| publisher |
Institute of Electrical and Electronics Engineers (IEEE) |
| college_str |
Faculty of Science and Engineering |
| hierarchytype |
|
| hierarchy_top_id |
facultyofscienceandengineering |
| hierarchy_top_title |
Faculty of Science and Engineering |
| hierarchy_parent_id |
facultyofscienceandengineering |
| hierarchy_parent_title |
Faculty of Science and Engineering |
| department_str |
School of Mathematics and Computer Science - Computer Science{{{_:::_}}}Faculty of Science and Engineering{{{_:::_}}}School of Mathematics and Computer Science - Computer Science |
| document_store_str |
0 |
| active_str |
0 |
| description |
This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. It shows that the NIDPS performance can be weak in the face of high-speed and high-load malicious traffic in terms of packet drops, outstanding packets without analysis, and failing to detect/prevent unwanted traffic. A novel quality of service (QoS) architecture has been designed to increase the intrusion detection and prevention performance. Our research has proposed and evaluated a solution using a novel QoS configuration in a multi-layer switch to organize packets/traffic and parallel techniques to increase the packet processing speed. The new architecture was tested under different traffic speeds, types, and tasks. The experimental results show that the architecture improves the network and security performance which is can cover up to 8 Gb/s with 0 packets dropped. This paper also shows that this number (8Gb/s) can be improved, but it depends on the system capacity which is always limited. |
| published_date |
2019-02-20T04:19:38Z |
| _version_ |
1763754302001643520 |
| score |
11.0133505 |