Security and Privacy in New Computing Environments. Second EAI International Conference, SPNCE 2019, Tianjin, China, April 13–14, 2019, Proceedings

Research Article

Design and Implementation of a Lightweight Intrusion Detection and Prevention System

Download
143 downloads
  • @INPROCEEDINGS{10.1007/978-3-030-21373-2_34,
        author={Xiaogang Wei},
        title={Design and Implementation of a Lightweight Intrusion Detection and Prevention System},
        proceedings={Security and Privacy in New Computing Environments. Second EAI International Conference, SPNCE 2019, Tianjin, China, April 13--14, 2019, Proceedings},
        proceedings_a={SPNCE},
        year={2019},
        month={6},
        keywords={Intrusion detection Intrusion prevention Traffic analysis Protocol identification},
        doi={10.1007/978-3-030-21373-2_34}
    }
    
  • Xiaogang Wei
    Year: 2019
    Design and Implementation of a Lightweight Intrusion Detection and Prevention System
    SPNCE
    Springer
    DOI: 10.1007/978-3-030-21373-2_34
Xiaogang Wei1,*
  • 1: NARI Group Corporation/State Grid Electric Power Research Institute
*Contact email: andrew_wee@163.com

Abstract

While mobile internet brings convenience to people, it also introduces many security risks. For security protection of specific business, the technical means such as traffic analysis and illegal protocol identification can effectively detect network attacks, because of the simple business protocol and small business access. This paper proposes a lightweight intrusion detection and prevention method, based on nDPI, adopting common network packet capture means for design and implementation of a lightweight intrusion detection and prevention system. The test results show that the system can detect the abnormal protocol through the traffic and trace back to the corresponding terminal, so as to handle the abnormal terminal response and block the abnormal connection initiated from the terminal, thereby achieving the purpose of intrusion prevention.