Research Article
Design and Implementation of a Lightweight Intrusion Detection and Prevention System
@INPROCEEDINGS{10.1007/978-3-030-21373-2_34, author={Xiaogang Wei}, title={Design and Implementation of a Lightweight Intrusion Detection and Prevention System}, proceedings={Security and Privacy in New Computing Environments. Second EAI International Conference, SPNCE 2019, Tianjin, China, April 13--14, 2019, Proceedings}, proceedings_a={SPNCE}, year={2019}, month={6}, keywords={Intrusion detection Intrusion prevention Traffic analysis Protocol identification}, doi={10.1007/978-3-030-21373-2_34} }- Xiaogang Wei
Year: 2019
Design and Implementation of a Lightweight Intrusion Detection and Prevention System
SPNCE
Springer
DOI: 10.1007/978-3-030-21373-2_34
Abstract
While mobile internet brings convenience to people, it also introduces many security risks. For security protection of specific business, the technical means such as traffic analysis and illegal protocol identification can effectively detect network attacks, because of the simple business protocol and small business access. This paper proposes a lightweight intrusion detection and prevention method, based on nDPI, adopting common network packet capture means for design and implementation of a lightweight intrusion detection and prevention system. The test results show that the system can detect the abnormal protocol through the traffic and trace back to the corresponding terminal, so as to handle the abnormal terminal response and block the abnormal connection initiated from the terminal, thereby achieving the purpose of intrusion prevention.