Abstract
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are now considered a mainstream security technology. IDS and IPS are designed to identify security breaches. However, one of the most important problems with current IDS and IPS is the lack of the “environmental awareness” (i.e. security policy, network topology and software). This ignorance triggers many false positives (false alerts) and false negatives (undetected attacks). In this paper, we propose a novel intrusion detection and prevention architecture where we integrate the characteristics and the properties of the protected system in the traffic analysis process. The experimental evaluation shows the effectiveness of our solution. In fact, we measure a reduction of 89.59 % of false positives and 79.18 % of false negatives.
Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
