An overview to Software Architecture in Intrusion Detection System
This work addresses performance bottlenecks in network intrusion detection for high-speed environments, though it appears incremental by integrating existing hardware and software components.
The paper reviews software architectures for intrusion detection systems (IDS) and presents a design combining software-based sensors with a network processor board to handle high-speed traffic, aiming to reduce delays in network processing.
Today by growing network systems, security is a key feature of each network infrastructure. Network Intrusion Detection Systems (IDS) provide defense model for all security threats which are harmful to any network. The IDS could detect and block attack-related network traffic. The network control is a complex model. Implementation of an IDS could make delay in the network. Several software-based network intrusion detection systems are developed. However, the model has a problem with high speed traffic. This paper reviews of many type of software architecture in intrusion detection systems and describes the design and implementation of a high-performance network intrusion detection system that combines the use of software-based network intrusion detection sensors and a network processor board. The network processor which is a hardware-based model could acts as a customized load balancing splitter. This model cooperates with a set of modified content-based network intrusion detection sensors rather than IDS in processing network traffic and controls the high-speed.