Abstract: This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. Precise organization traffic recognizable proof is a significant reason for network traffic checking and information investigation, and is the way to work on the nature of client administration. In this paper, through the examination of two organization traffic ID strategies in light of machine learning and profound parcel review, an organization traffic distinguishing proof strategy in view of machine learning and profound bundle examination is proposed. This strategy utilizes profound parcel assessment innovation to distinguish most organization traffic, diminishes the responsibility that should be recognized by machine learning. This paper presents an investigation, involving experiments, which shows that current network intrusion, detection, and prevention systems (NIDPSs) have several shortcomings in detecting or preventing rising unwanted traffic and have several threats in high-speed environments. It shows that the NIDPS performance can be weak in the face of high-speed and high-load malicious traffic in terms of packet drops, outstanding packets without analysis, and failing to detect/prevent unwanted traffic. A novel quality of service (QoS) architecture has been designed to increase the intrusion detection and prevention performance. Our exploration has proposed and assessed an answer involving an original QoS setup in a multi-facet change to sort out parcels/traffic and equal procedures to build the bundle handling speed. The new engineering was tried under various traffic velocities, types, and errands. The trial results show that the design works on the organization and security execution which is can conceal to 8 Gb/s with 0 bundles dropped. This paper likewise shows that this number (8Gb/s) can be improved, yet it relies upon the framework limit which is constantly restricted.
Keywords: Intrusion detection, traffic identification, MDIP, network security, open source, quality of service, security
| DOI: 10.17148/IJARCCE.2023.12409