Effectiveness of Intrusion Prevention Systems (IPS) in Fast Networks

TL;DR

This paper evaluates the performance of Intrusion Prevention Systems (IPS) in fast networks, identifying areas for improvement to enhance detection speed without compromising network performance.

Contribution

It introduces a combined qualitative and quantitative approach to improve IPS response times and effectiveness in high-speed network environments.

Findings

Identified key performance bottlenecks in IPS for fast networks

Proposed methods to reduce IPS response time

Demonstrated improved IPS performance without network slowdown

Abstract

Computer systems are facing biggest threat in the form of malicious data which causing denial of service, information theft, financial and credibility loss etc. No defense technique has been proved successful in handling these threats. Intrusion Detection and Prevention Systems (IDPSs) being best of available solutions. These techniques are getting more and more attention. Although Intrusion Prevention Systems (IPSs) show a good level of success in detecting and preventing intrusion attempts to networks, they show a visible deficiency in their performance when they are employed on fast networks. In this paper we have presented a design including quantitative and qualitative methods to identify improvement areas in IPSs. Focus group is used for qualitative analysis and experiment is used for quantitative analysis. This paper also describes how to reduce the responding time for IPS when an intrusion occurs on network, and how can IPS be made to perform its tasks successfully without effecting network speed negatively.