An overview to Software Architecture in Intrusion Detection System

Today by growing network systems, security is a key feature of each network infrastructure. Network Intrusion Detection Systems (IDS) provide defense model for all security threats which are harmful to any network. The IDS could detect and block attack-related network traffic. The network control is a complex model. Implementation of an IDS could make delay in the network. Several software-based network intrusion detection systems are developed. However, the model has a problem with high speed traffic. This paper reviews of many type of software architecture in intrusion detection systems and describes the design and implementation of a high-performance network intrusion detection system that combines the use of software-based network intrusion detection sensors and a network processor board. The network processor which is a hardware-based model could acts as a customized load balancing splitter. This model cooperates with a set of modified content-based network intrusion detection sensors rather than IDS in processing network traffic and controls the high-speed.

[1]  Naranker Dulay,et al.  Specifying Distributed Software Architectures , 1995, ESEC.

[2]  S. March Security Models for Wireless Sensor Networks , 2006 .

[3]  William Stallings,et al.  Cryptography and network security , 1998 .

[4]  D. B. Davis,et al.  Sun Microsystems Inc. , 1993 .

[5]  Dorothy E. Denning,et al.  An Intrusion-Detection Model , 1987, IEEE Transactions on Software Engineering.

[6]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[7]  Barry W. Boehm,et al.  Software Requirements Negotiation and Renegotiation Aids: A Theory-W Based Spiral Approach , 1995, 1995 17th International Conference on Software Engineering.

[8]  Martin Roesch,et al.  Snort - Lightweight Intrusion Detection for Networks , 1999 .

[9]  Paul Clements,et al.  Predicting software quality by architecture-level evaluation , 1995 .

[10]  Christopher Krügel,et al.  Stateful intrusion detection for high-speed network's , 2002, Proceedings 2002 IEEE Symposium on Security and Privacy.

[11]  Evangelos P. Markatos,et al.  An active traffic splitter architecture for intrusion detection , 2003, 11th IEEE/ACM International Symposium on Modeling, Analysis and Simulation of Computer Telecommunications Systems, 2003. MASCOTS 2003..

[12]  Jaydip Sen,et al.  An Intrusion Detection Architecture for Clustered Wireless Ad Hoc Networks , 2010, 2010 2nd International Conference on Computational Intelligence, Communication Systems and Networks.

[13]  Paul Clements,et al.  Software architecture in practice , 1999, SEI series in software engineering.

[14]  William Stallings,et al.  Cryptography and Network Security: Principles and Practice , 1998 .

[15]  Mary Shaw,et al.  An Introduction to Software Architecture , 1993, Advances in Software Engineering and Knowledge Engineering.

[16]  Marimuthu Palaniswami,et al.  Detecting data anomalies in wireless sensor networks , 2010 .

[17]  E. Marder Foundations for the future. , 2002, Journal of neurophysiology.

[18]  John McHugh,et al.  Defending Yourself: The Role of Intrusion Detection Systems , 2000, IEEE Software.

[19]  Mehdi Bahrami,et al.  AGC4ISR, New Software Architecture for Autonomic Grid Computing , 2010, 2010 International Conference on Intelligent Systems, Modelling and Simulation.

[20]  Clemens A. Szyperski,et al.  Component software - beyond object-oriented programming , 2002 .

[21]  David Garlan,et al.  Exploiting style in architectural design environments , 1994, SIGSOFT '94.

[22]  Alexander L. Wolf,et al.  Software architecture , 2001 .

[23]  Alexander L. Wolf,et al.  Acm Sigsoft Software Engineering Notes Vol 17 No 4 Foundations for the Study of Software Architecture , 2022 .

[24]  David Garlan,et al.  Software architecture (panel): next steps towards an engineering discipline for software systems design , 1995, SIGSOFT FSE.

[25]  Anu Gokhale Computer and Network Security , 2002 .

[26]  Richard Monson-Haefel,et al.  Enterprise JavaBeans , 1999, Java series.

[27]  Evangelos P. Markatos,et al.  Code Generation for Packet Header Intrusion Analysis on the IXP1200 Network Processor , 2003, SCOPES.

[28]  B. J. Ferro Castro,et al.  Pattern-Oriented Software Architecture: A System of Patterns , 2009 .

[29]  Evangelos P. Markatos,et al.  Generating realistic workloads for network intrusion detection systems , 2004, WOSP '04.