Cybersecurity: Design and Implementation of an Intrusion Detection and Prevention System

Abstract

Cyber security [1, 2] addresses several important issues in network security and performance including intrusion detection, cipher design, security overhead analysis, and tracing. In this article, an intrusion detection and prevention system (IDPS) is proposed and implemented using SNORT and Security Onion tools to detect and prevent anomaly intrusion; misuse of protocol and service ports, DoS based on crafted payloads, DoS based on volume (DDoS), buffer overflow or other cyber-attacks. The proposed system monitors the network or system activities, finds if any malicious operations occur and then prevents it. To show the efficiency of the proposed system, experiments have been done on numerous anomaly intrusion attacks using KDD database. The experimental results yield 96% detection accuracy. The detection and prevention processes take less than 3 s. The results show the feasibility of the methodology followed in this paper under different attack conditions and show the high robustness of the proposed system.