International Journal of Science and Research (IJSR)

International Journal of Science and Research (IJSR)
Call for Papers | Fully Refereed | Open Access | Double Blind Peer Reviewed

ISSN: 2319-7064


Downloads: 157 | Views: 300 | Weekly Hits: ⮙1 | Monthly Hits: ⮙1

Research Paper | Computer Science & Engineering | India | Volume 7 Issue 3, March 2018 | Popularity: 7.2 / 10


     

Analysis and Design Modeling for Next Generation Network Intrusion Protection Systems

Nareshkumar Harale, B. B. Meshram


Abstract: the continued exponential growth of successful cyber intrusions against todays businesses has made it abundantly clear that traditional perimeter security measures are no longer effective. We evolved the network trust architecture from trust-untrust to Zero-Trust, With Zero Trust, essential security capabilities are deployed in a way that provides policy enforcement and protection for all users, devices, applications, data resources, and the communications traffic between them, regardless of location. Information exchange over the Internet, in spite of inclusion of advanced security controls, is always under innovative, inventive and prone to cyberattacks. TCP/IP protocol stack, the adapted standard for communication over network, suffers from inherent design vulnerabilities such as communication and session management protocols, routing protocols and security protocols are the major cause of major attacks. With the explosion of cyber security threats, such as viruses, worms, rootkits, malwares, Denial of Service attacks, accomplishing efficient and effective intrusion detection and prevention is become crucial and challenging too. In this paper, we propose a design and analysis model for next generation network intrusion detection and protection system as part of layered security strategy. The proposed system design provides intrusion detection for wide range of attacks with layered architecture and framework. The proposed network intrusion classification framework deals with cyberattacks on standard TCP/IP protocol, routing protocols and security protocols. It thereby forms the basis for detection of attack classes and applies signature based matching for known cyberattacks and data mining based machine learning approaches for unknown cyberattacks. Our proposed implemented software can effectively detect attacks even when malicious connections are hidden within normal events. The unsupervised learning algorithm applied to network audit data trails results in unknown intrusion detection. Association rule mining algorithms generate new rules from collected audit trail data resulting in increased intrusion prevention though integrated firewall systems. Intrusion response mechanisms can be initiated in real-time thereby minimizing the impact of network intrusions. Finally, we have shown that our approach can be validated and how the analysis results can be used for detecting and protection from the new network anomalies.


Keywords: Intrusion System, Network Intrusion Detection, Intrusion Prevention, Firewall system, Data Mining, Association rule, Network Security


Edition: Volume 7 Issue 3, March 2018


Pages: 651 - 658



Make Sure to Disable the Pop-Up Blocker of Web Browser




Text copied to Clipboard!
Nareshkumar Harale, B. B. Meshram, "Analysis and Design Modeling for Next Generation Network Intrusion Protection Systems", International Journal of Science and Research (IJSR), Volume 7 Issue 3, March 2018, pp. 651-658, https://www.ijsr.net/getabstract.php?paperid=11031803, DOI: https://www.doi.org/10.21275/11031803



Similar Articles

Downloads: 137 | Weekly Hits: ⮙2 | Monthly Hits: ⮙3

Research Paper, Computer Science & Engineering, India, Volume 4 Issue 2, February 2015

Pages: 2246 - 2249

Packet Analysis with Network Intrusion Detection System

Rashmi Hebbar, Mohan K

Share this Article

Downloads: 102

Research Paper, Computer Science & Engineering, India, Volume 4 Issue 5, May 2015

Pages: 2832 - 2836

Minimization of DDoS Attack using Firecol an Intrusion Prevention System

Bhagyashri Kotame, Shrinivas Sonkar

Share this Article

Downloads: 104

Research Paper, Computer Science & Engineering, India, Volume 4 Issue 4, April 2015

Pages: 1747 - 1751

Identification and Avoidance of DDoS Attack for Secured Data Communicationin Cloud

Aaqib Iqbal Wani, Janaki Raman V., N. Priya

Share this Article

Downloads: 106

Comparative Studies, Computer Science & Engineering, India, Volume 4 Issue 4, April 2015

Pages: 1966 - 1971

Comparative Analysis of Hybrid Intrusion Detection System and Intrusion Prevention System for MANET

Pallavi P Puri, Nitin R. Chopde

Share this Article

Downloads: 109

Survey Paper, Computer Science & Engineering, India, Volume 3 Issue 11, November 2014

Pages: 2071 - 2074

Survey on DDoS Attack in Cloud Network

Monalisa Shinde, Shripadrao Biradar

Share this Article



Top