A study of methodologies used in intrusion detection and prevention systems (IDPS)

Author

Mudzingwa, David ; Agrawal, Rajeev

Author_Institution

Dept. of ECIT, North Carolina A&T State Univ., Greensboro, NC, USA

fYear

2012

fDate

15-18 March 2012

Firstpage

1

Lastpage

6

Abstract

Intrusion detection and prevention systems (IDPS) are security systems that are used to detect and prevent security threats to computer systems and computer networks. These systems are configured to detect and respond to security threats automatically there by reducing the risk to monitored computers and networks. Intrusion detection and prevention systems use different methodologies such as signature based, anomaly based, stateful protocol analysis, and a hybrid system that combines some or all of the other systems to detect and respond to security threats. The growth of systems that use a combination of methods creates some confusion when trying to choose a methodology and system to deploy. This paper seeks to offer a clear explanation of each methodology and then offer a way to compare these methodologies.

Keywords

computer network security; protocols; IDPS; computer monitoring; computer network security system; computer system security threat; intrusion detection and prevention system; protocol analysis; Accuracy; Databases; Intrusion detection; Monitoring; Protocols; Resistance; Anomaly Based Detection; Hybrid Based Detection; Intrusion Detection and Prevention Systems (IDPS); Signature Based Detection; Stateful Protocol Analysis Based Detection;

fLanguage

English

Publisher

ieee

Conference_Titel

Southeastcon, 2012 Proceedings of IEEE

Conference_Location

Orlando, FL

ISSN

1091-0050

Print_ISBN

978-1-4673-1374-2

Type

conf

DOI

10.1109/SECon.2012.6197080

Filename

6197080