A Review of Intrusion Detection System: Methodology, Classification
Article Sidebar
Main Article Content
Abstract: An Intrusion Detection System is the process of monitoring events within a computer network and analyzing them for unusual behavior. Moreover, IDS detects attempts at misuse, whether by authorized users or external parties who seek to abuse privileges or exploit security vulnerabilities. Computer intruders, who can be found across the internet, pose a significant threat, making it challenging to ensure that information systems are secure and maintained in a safe state throughout their lifetime and use. Intrusion Detection Systems can be software or hardware products designed to monitor system usage and identify any signs of an insecure state. This paper aims to review the methodology of intrusion detection systems and their classifications, summarizing the advantages and disadvantages of the most used approaches.
Downloads
References
Butun I, Morgera SD, Sankar R (2014) A survey of intrusion detection systems in wireless sensor networks. IEEE Commun Survey Tutorial 16(1):266–282. DOI: https://doi.org/10.1109/SURV.2013.050113.00191
Bai Y. and Kobayashi H., "Intrusion Detection Systems: Technology and Development", 17th International Conference on Advanced Information Networking Applications.
Creech G, Hu J, A semantic approach to host-based intrusion detection systems using Contiguous and Discontinuous system call patterns, 2014a, IEEE Trans Compute. DOI: https://doi.org/10.1109/TC.2013.13
D. Herrmann, "A practical guide to security engineering and information assurance", 2002, www.auerbach publications.com. DOI: https://doi.org/10.1201/9781420031492
DARPA1998 http://www.ll.mit.edu/IST/ideval/docs/1998.
Dorothy, Denning. “An intrusion-detection model,” IEEE Transactions on Software Engineering, Vol. SE-13, No.2. February, 1987. DOI: https://doi.org/10.1109/TSE.1987.232894
Heberlein, L. etal. "A Network Security Monitor." Proceedings of the IEEE Computer Society Symposium, Research in Security and Privacy, May 1990, pp. 296-303. DOI: https://doi.org/10.1109/RISP.1990.63859
H. Debar, M. Dacier, and A. Wespi, "A revised taxonomy for intrusion detection systems," in Annales des télécommunications, 2000, vol. 55, no. 7–8, pp. 361–378 DOI: https://doi.org/10.1007/BF02994844
Justin Lee, Stuart Moskovics, Lucas Silacci, “A Survey of Intrusion Detection Analysis Methods,” CSE 221, University of California, San Diego, Spring 1999.
KDDCup1999: http://kdd.ics.uci.edu/databases.
Khraisat A, Gondal I, Vamplew P. ‘An anomaly intrusion detection system using C5 decision tree classifier’, 2018, Springer International Publishing, Cham, pp 149–155 DOI: https://doi.org/10.1007/978-3-030-04503-6_14
Kreibich C, Crowcroft J, ‘creating intrusion detection signatures using honeypots’,2004, SIGCOMM Comput Commun Rev 34(1):51–56. DOI: https://doi.org/10.1145/972374.972384
Liao H-J , Lin C-HR, Lin Y-C, Tung K-Y,‘Intrusion detection system: a comprehensive review’.2013b, J Netw Comput Appl 36(1):16–24 DOI: https://doi.org/10.1016/j.jnca.2012.09.004
M. Ahmed , A. Naser Mahmood, and J. Hu, "A survey of network anomaly detection techniques," J Netw Comput Appl, vol. 60, pp. 19–31, 1// 2016 DOI: https://doi.org/10.1016/j.jnca.2015.11.016
Muhammad Nouman [Nafees], Neetesh Saxena, Álvaro A. Cárdenas, Santiago Grijalva, Pete Burnap. "Smart Grid Cyber-Physical Situational Awareness of Complex Operational Technology Attacks: A Review". ACM Computing Surveys, 2022.
Patcha, A., & Park, J. (2007). An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks, 51(12),2007. DOI: https://doi.org/10.1016/j.comnet.2007.02.001
S. Kiran, "Exploring a novel approach for providing software security using soft computing systems", International Journal of Security and Its Applications, Vol. 2, 2008.
S. Alexander, "An anomaly intrusion detection system based on intelligent user recognition", Ph.D. Thesis, Faculty of Information Technology, University of Jyväskylä, Finland, 2002.
Symantec, "Internet security threat report 2017," April, 7017 2017, vol. 22 Available: https://www.symantec.com/content/dam/symantec/docs/reports/ istr-22-2017-en.pdf
S. Axelsson, "Intrusion detection systems: a survey and taxonomy," technical report 2000
S. -i. Kim, N. Nwanze, W. Edmonds, B. Johnson and P. Field, "On network intrusion detection for deployment in the wild," 2012 IEEE Network Operations and Management Symposium, Maui, HI, USA, 2012, pp. 253-260. DOI: https://doi.org/10.1109/NOMS.2012.6211906
Victor Chang, Lewis Golightly, Paolo Modesti, Qianwen Xu, Le Minh Thao Doan, Karl Hall, Sreeja Boddu, Anna Kobusińska. "A Survey on Intrusion Detection Systems for Fog and Cloud Computing". Future Internet, 2022, https://doi.org/10.3390/fi14030089 DOI: https://doi.org/10.3390/fi14030089
Young S. and Aitel D., The hacker's handbook: the strategy behind breaking into and defending networks. CRC Press, 2003.
Yang W., Wan W., Guo L. and Zhang L.J., "An Efficient Intrusion Detection Model Based on Fast Inductive Learning", Internation Conference on Machine Learning and Cybernetics.
This work is licensed under a Creative Commons Attribution 4.0 International License.
All articles published in our journal are licensed under CC-BY 4.0, which permits authors to retain copyright of their work. This license allows for unrestricted use, sharing, and reproduction of the articles, provided that proper credit is given to the original authors and the source.