Recent Trends in Cyber Criminology Research

Open Access  Subscription Access

This paper presents the design, implementation, and evaluation of a rule-based Intrusion Detection and Prevention System (IDPS) for network security. The proposed system employs signature-based detection, anomaly-based heuristics, and active prevention techniques to detect and mitigate various types of network intrusions with high efficiency. The system was developed to address the growing challenges in network security by providing a lightweight and effective approach that does not rely on machine learning algorithms. Our implementation utilizes Scapy for packet manipulation, custom rule engines, and stateful inspection to analyse network traffic patterns. Experimental results demonstrate that our system achieves over 95% detection accuracy while maintaining low false positive rates. The implementation proves practical viability for real-world deployment in diverse network environments, offering enhanced protection against common attack vectors including DoS, probe attempts, and unauthorized access.

R. Vishwakarma and A. K. Jain, "A Comprehensive Survey of Modern Intrusion Detection Techniques," Journal of Information Security and Applications, vol.70, article 103203, 2022.

S. Alelyani and H. Kumar, "Anomaly-based Network Intrusion Detection: Current Trends and Future Directions," ACM Computing Surveys, vol. 55, no. 2, pp. 1-36, 2023.

B. Liu, S. Zhang, and M. Wu, "NIDPS: A Novel Framework for Network Intrusion Detection and Prevention Systems in the Era of Zero Trust," IEEE Transactions on Network and Service Management, vol. 19, no. 4, pp. 4589-4603, 2022.

V. Kumar, D. Sinha, A. K. Das, S. C. Pandey, and R. T. Goswami, "Rule-Based Intrusion Detection and Prevention Systems: Performance Analysis and Deployment Considerations," Security and Communication Networks, vol. 2023, Article ID 8275643, 2023.

L. Zhou and F. Zhang, "Suricata and Beyond: Evolution of Open-Source Intrusion Detection and Prevention Systems," IEEE Security & Privacy, vol. 20, no. 3, pp. 62-71, 2022.

X. Chen, T. Wang, Y. Li, H. Zhang, and M. Wu, "HybridShield: A Hybrid Framework for Detecting and Preventing Network Intrusions in Encrypted Environments," Proceedings of the 2024 IEEE Symposium on Security and Privacy (SP), pp. 1145-1162, 2024.

K. Patel and T. Nguyen, "Accelerating Rule-Based Network Intrusion Detection through Hierarchical Processing Models," IEEE Transactions on Information Forensics and Security, vol. 18, pp. 4762-4777, 2023.

J. Yang, F. Lin, Y. Chen, and H. Zhang, "Performance Optimization Framework for Network Intrusion Prevention Systems in High-Speed Environments," Journal of Network and Computer Applications, vol. 210, article 103707, 2022.