Multi - Tiered Architecture for Intrusion Prevention

Today with the Internet available as a general tool, access to any publicly reachable network is a way for the legit users to leverage network resources. On the other hand, it is a way for hackers and attackers to exploit a network whether it is for competitive, financial, revenge or for that matter any malicious purpose. Intrusion prevention is a key component of any security strategy in today’s IT infrastructures. It adds a indispensable layer for defense in depth strategy. Firewalls or authentication systems alone are no longer sufficient to cope with modern day attacks since, firewalls only deny malicious traffic from an unauthorized source however, does not have the capability to stop malicious traffic from authorized end points/sources. Similarly, an authenticated session once compromised, can become a source of Denial of Service (DoS) attack. This paper is dedicated to research on multi-tiered Intrusion Prevention [1] architecture which can not only cope with attacks however, also ensure that the attack vector is blocked and that the attack type is realized if not already known.