Intrusion detection systems (IDS) seek to identify malicious network traffic. Intrusion prevention systems (IPS) advance IDS technology with the ability to dynamically adjust network and systems configurations to block malicious traffic as it is detected. As Gonzalez, Paxson, and Weaver (2007) state, "stateful, in-depth, inline traffic analysis for intrusion detection and prevention is growing increasingly more difficult as the data rates of modern networks rise." In order to better understand the technical challenges and associated innovations associated with IDS and IPS, the author proposes to conduct a review of the literature on the subject of next-generation intrusion prevention systems.
