Abstract
The Internet is the darling of the information age. Its rapid development has brought a lot of wealth to the society, but it has also brought about increasingly serious security problems. In particular, the widespread application of e-commerce has made network security the most important part of the development of network technology. Network security technology is increasingly valued by computer researchers. Most of the existing security products are passive. The firewall can only be statically disabled. Although the Intrusion Detection System can dynamically detect the intrusion behavior, it cannot block the detected attack behavior. However, the impact of the intrusion prevention system on network performance and the high intrusion detection false alarm rate restrict the development and application of the IPS system. Especially on gigabit high-speed networks, performance has become the primary bottleneck of IPS systems. In view of the above problems, this paper proposes a distributed intrusion detection and blocking system that can run efficiently on high-speed networks. Such systems are also known as intrusion prevention systems IPS. Explain the structure of distributed high-speed network intrusion prevention system, and also introduce the related implementation technology and the realization of each part of distributed intrusion prevention system.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Hachem HY (2013) Sophisticated multi-agent distributed denial of service attacks defense system. Dissertations & Theses - Gradworks
Pan C, Zhang H, Chen J (2012) Simulation design and application of distributed formation air defense system based on MAS. In: Control and decision conference. IEEE, pp 23–26
Shi Y, Sun Y, Troops P (2014) Distributed denial of service attack defense system survey. Comput Secur
Zhang DM, Zhang K, Mei-Bo L (2014) A distributed sea surface IR attack and defense simulation system. Electron Opt Control (3):58–61
Liu B, Bi J (2015) DISCS: a DIStributed Collaboration System for inter-AS spoofing defense. In: International conference on parallel processing. IEEE, pp 160–169
Kwon YJ (2015) A survey on defense mechanism against distributed denial of service (DDoS) attacks in control system. KEPCO J Electric Power Energy 1(1):55–59
Lin Z, Li K, Hou H et al (2018) MDFS: a mimic defense theory based architecture for distributed file system. In: IEEE international conference on big data. IEEE, pp 2670–2675
Li Y, Zhou C, Huang M et al (2016) Lead tolerance mechanism in Conyza canadensis: subcellular distribution, ultrastructure, antioxidative defense system, and phytochelatins. J Plant Res 129(2):251–262
Li H, Hu J, Ma H et al (2017) The architecture of distributed storage system under mimic defense theory. In: IEEE international conference on big data. IEEE, pp 2658–2663
Falkner K, Chiprianov V, Falkner N et al (2013) Model-driven performance prediction of distributed real-time embedded defense systems. In: International conference on engineering of complex computer systems. IEEE Computer Society, pp 155–158
Shen D, Yu W, Blasch EP et al (2015) Towards an integrated defense system for cyber security situation awareness experiment. In: Sensors and systems for space applications VIII. SPIE, vol 9469, pp 946908–946908-8
Liu J, Lai Y, Zhang S (2017) FL-GUARD: a detection and defense system for DDoS attack in SDN. In: International conference, pp 107–111
Ni P, Liu JM, Liu YL et al (2014) Research on mission planning for distributed multi-sensors in anti-TBM combat based on multi-agent system. Sens Lett 12(2):325–331(7)
Wang C, Miu TTN, Luo X et al (2017) SkyShield: a sketch-based defense system against application layer DDoS attacks. IEEE Trans Inf Forensics Secur 13(3):559–573
Huang Z, Sheng Y, Chen M et al (2018) Liquiritigenin and liquiritin alleviated MCT-induced HSOS by activating Nrf2 antioxidative defense system. Toxicol Appl Pharmacol 355:18–27
Zegzhda DP, Stepanova TV (2012) Stochastic model of interaction between botnets and distributed computer defense systems. In: International conference on mathematical methods, MODELS and architectures for computer network security: computer network security. Springer, pp 218–225
Lai SF, Su HK, Hsiao WH et al (2016) Design and implementation of cloud security defense system with software defined networking technologies. In: International conference on information and communication technology convergence. IEEE, pp 292–297
Behal S, Kumar K, Sachdeva M (2018) D-FAC: a novel Ï•-divergence based distributed DDoS defense system. J King Saud Univ
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Switzerland AG
About this paper
Cite this paper
Zheng, L. et al. (2020). Research on Distributed High Speed Network Intrusion Prevention System. In: Xu, Z., Choo, KK., Dehghantanha, A., Parizi, R., Hammoudeh, M. (eds) Cyber Security Intelligence and Analytics. CSIA 2019. Advances in Intelligent Systems and Computing, vol 928. Springer, Cham. https://doi.org/10.1007/978-3-030-15235-2_148
Download citation
DOI: https://doi.org/10.1007/978-3-030-15235-2_148
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-15234-5
Online ISBN: 978-3-030-15235-2
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)