出版社:Academy & Industry Research Collaboration Center (AIRCC)
摘要:Network Intrusion Detection and Prevention Systems (NIDPSs) are used to detect, prevent andreport evidence of attacks and malicious traffic. Our paper presents a study where we used opensource NIDPS software. We show that NIDPS detection performance can be weak in the face ofhigh-speed and high-load traffic in terms of missed alerts and missed logs. To counteract thisproblem, we have proposed and evaluated a solution that utilizes QoS, queues and paralleltechnologies in a multi-layer Cisco Catalyst Switch to increase NIDPSs detection performance.Our approach designs a novel QoS architecture to organise and improve throughput-forwardplantraffic in a layer 3 switch in order to improve NIDPS performance.
关键词:Network security; intrusion detection system; network intrusion detection system; open source;Cisco switch configuration & Quality of Service.
