Parallel Component Agent Architecture to Improve the Efficiency of Signature Based NIDS

Hafiz Gulfam Ahmad Umar, Chuandong Li, Zeeshan Ahmad
2014 Journal of Advances in Computer Networks  
To avoid increasing threats of intrusion or vulnerabilities, networks require flexible and efficient security systems. Intrusion detection system (IDS) is the basic component of any network defense scheme. Different IDS use several techniques for Intrusion detection. Signature base detection techniques are widely used in networks for fast response to detect threats. Regarding the intrusion detection technique, one of the main challenges is to control the huge traffic volume where each packet
more » ... ds to be compared with the known signature database and reduce the comparison time of signatures in it. In this paper we analyze different techniques and proposed a new architecture that can handle the attacks by using multiple agents with small databases at high success rate by dynamically updating the signature database. Proposed method reduces the IDS processing time and improves its efficiency. Index Terms-IDS, signature base, agent.
doi:10.7763/jacn.2014.v2.124 fatcat:a64go23wynerpcr5scgj7k2beu