National Journal of System and Information Technology

1. Shalvi Dave

2. Dr. Bhushan Trivedi

Received
04-Jun-2026
Accepted
-
Published
04-Jun-2026
Abstract
Intrusion Detection and Prevention Systems, IDPS, are mature network level defenses deployed in thousands of computer networks worldwide. The basic difference between detection and prevention technique lies in how it provides protection for network environments. An IDS monitors logged data and compares it with attack signatures to detect unwanted access. For such identification, IDS normally uses signatures or any unique characteristics of such attacks. In this paper, we have designed an algorithm to achieve dynamic access control. Dynamic access control requires implementation of three functionalities: traffic monitoring, validation and policy enforcement. In this algorithm, traffic monitoring and validation is done using anomaly based detection during access. For policy enforcement and preventing attacks, we have chosen VLAN Steering method. The reason for choosing VLAN steering is that it can be used with both out-of-band approach as well as in-band approach also. We need to implement both approaches to achieve access control dynamically. It helps to prevent insider as well as outsider attacks to a network. To prove the concept of blocking a malicious host after it is successfully admitted in a network, we present an example and a working algorithm for anomaly based detection. This algorithm uses IDS logged data from database for traffic monitoring and validation. It also updates signatures stored in signature database. An IPS sensor helps perform VLAN Steering in our system for quarantining suspicious hosts.
Locked
Subscribed
Open Access