Performance improvement of deep packet inspection for Intrusion Detection

The development in anomaly and misuse detection in this decade is crucial as web services grow vast. Managing secure network is a challenge today. The objectives vary according to the infrastructure management and security policy. There are various ways to check stateful packet inspection and Deep Packet inspection (DPI). Identify payload traffic using DPI, Network security, Privacy and QoS. The functions of DPI are protocol detection, anti-virus, anti-malware and Intrusion Detection System (IDS). The detection engine may support by a signatures or heuristics. Most of the algorithms do training and testing, it takes approximately double time. The paper suggests a new model to improve performance of Intrusion detection system by using in/out based attributes of records. It takes a comparative less time and good accuracy than the existing classifiers.

[1]  N. Kannaiya Raja,et al.  Two-Level Packet Inspection Using Sequential Differentiate Method , 2012, 2012 International Conference on Advances in Computing and Communications.

[2]  Long Zhang,et al.  Design of the Network Traffic Anomaly Detection System in Cloud Computing Environment , 2012, 2012 Fourth International Symposium on Information Science and Engineering.

[3]  B. Noble,et al.  On certain integrals of Lipschitz-Hankel type involving products of bessel functions , 1955, Philosophical Transactions of the Royal Society of London. Series A, Mathematical and Physical Sciences.

[4]  Ma Yan,et al.  Network traffic signature generation mechanism using principal component analysis , 2013, China Communications.

[5]  Milton L. Mueller,et al.  Deep packet inspection and bandwidth management: Battles over BitTorrent in Canada and the United States , 2012 .

[6]  Adetunmbi A. Olusola,et al.  Analysis of KDD '99 Intrusion Detection Dataset for Selection of Relevance Features , 2010 .

[7]  T. Yamamoto,et al.  High-Speed DPI Method Using Multi-Stage Packet Flow Analyses , 2012, 2012 9th Asia-Pacific Symposium on Information and Telecommunication Technologies (APSITT).

[8]  Fayez Gebali,et al.  A fast string search algorithm for deep packet classification , 2004, Comput. Commun..

[9]  Khaled Salah,et al.  Performance evaluation comparison of Snort NIDS under Linux and Windows Server , 2010, J. Netw. Comput. Appl..

[10]  Roman Klinger,et al.  Classical Probabilistic Models and Conditional Random Fields , 2007 .

[11]  Qiang Wei,et al.  A Predict Deterministic Finite Automaton for Practical Deep Packet Inspection , 2012 .

[12]  Donald F. Towsley,et al.  Detecting anomalies in network traffic using maximum entropy estimation , 2005, IMC '05.

[13]  Andrew McCallum,et al.  Conditional Random Fields: Probabilistic Models for Segmenting and Labeling Sequence Data , 2001, ICML.

[14]  Markus Fiedler,et al.  Modeling and analysis of web usage and experience based on link-level measurements , 2012, 2012 24th International Teletraffic Congress (ITC 24).