IDRA: A Distributed Open Intrusion Detection and Reaction Architecture

A self contained intrusion detection and reaction architecture (IDRA) is presented in this article. This architecture, which adopts distributed framework, is accordant with the standardizing trend and fully scalable. It can respond to network security incident rapidly, and then control the state of affairs in time. Authors first introduce the insufficiency of existing Intrusion Detection System (IDS), then present the IDRA’s protocol framework and system architecture, exhibit its advantage and finally analyze the IDRA’s feasibility.