About | Contact Us | Register | Login
ProceedingsSeriesJournalsSearchEAI
Security and Privacy in New Computing Environments. Second EAI International Conference, SPNCE 2019, Tianjin, China, April 13–14, 2019, Proceedings

Research Article

Design and Implementation of a Lightweight Intrusion Detection and Prevention System

Download(Requires a free EAI acccount)
341 downloads
Cite
BibTeX Plain Text
  • @INPROCEEDINGS{10.1007/978-3-030-21373-2_34,
        author={Xiaogang Wei},
        title={Design and Implementation of a Lightweight Intrusion Detection and Prevention System},
        proceedings={Security and Privacy in New Computing Environments. Second EAI International Conference, SPNCE 2019, Tianjin, China, April 13--14, 2019, Proceedings},
        proceedings_a={SPNCE},
        year={2019},
        month={6},
        keywords={Intrusion detection Intrusion prevention Traffic analysis Protocol identification},
        doi={10.1007/978-3-030-21373-2_34}
    }
    
  • Xiaogang Wei
    Year: 2019
    Design and Implementation of a Lightweight Intrusion Detection and Prevention System
    SPNCE
    Springer
    DOI: 10.1007/978-3-030-21373-2_34
Xiaogang Wei1,*
  • 1: NARI Group Corporation/State Grid Electric Power Research Institute
*Contact email: andrew_wee@163.com

Abstract

While mobile internet brings convenience to people, it also introduces many security risks. For security protection of specific business, the technical means such as traffic analysis and illegal protocol identification can effectively detect network attacks, because of the simple business protocol and small business access. This paper proposes a lightweight intrusion detection and prevention method, based on nDPI, adopting common network packet capture means for design and implementation of a lightweight intrusion detection and prevention system. The test results show that the system can detect the abnormal protocol through the traffic and trace back to the corresponding terminal, so as to handle the abnormal terminal response and block the abnormal connection initiated from the terminal, thereby achieving the purpose of intrusion prevention.

Keywords
Intrusion detection Intrusion prevention Traffic analysis Protocol identification
Published
2019-06-10
Appears in
SpringerLink
http://dx.doi.org/10.1007/978-3-030-21373-2_34
Copyright © 2019–2025 ICST
EBSCOProQuestDBLPDOAJPortico
EAI Logo

About EAI

  • Who We Are
  • Leadership
  • Research Areas
  • Partners
  • Media Center

Community

  • Membership
  • Conference
  • Recognition
  • Sponsor Us

Publish with EAI

  • Publishing
  • Journals
  • Proceedings
  • Books
  • EUDL