A Practical Network-Based Intrusion Detection and Prevention System

While Internet and network technology have been growing rapidly, cyber attack incidents also increase accordingly. The increasing occurrence of network attacks is an important problem to network services. In this paper, we present a network based Intrusion Detection and Prevention System DPS), which can efficiently detect many well-known attack types and can immediately prevent the network system from network attacks. Our approach is simple and efficient and can be used with several machine learning algorithms. We actually implement the IDPS using different machine learning algorithms and test in an online network environment. The experimental results show that our IDPS can distinguish normal network activities from main attack types (Probe and Denial of Service) with high accuracy of detection rate in a few seconds and automatically prevent the victim's computer network from the attacks. In addition, we apply a well-known machine learning technique called C4.5 Decision Tree in our approach to consider unknown or new network attack types. Surprisingly, the supervised Decision Tree technique can work very well, when experiencing with untrained or unknown network attack types.