Host–Based Intrusion Detection Systems

2014 ◽  
pp. 184-213
Author(s):  
Vít Bukač ◽  
Vashek Matyáš
Keyword(s):  
Intrusion Detection ◽  
Detection Method ◽  
State Of The Art ◽  
Research Trends ◽  
The State ◽  
Intrusion Detection Systems ◽  
Future Directions ◽  
Detection Systems ◽  
Research Findings ◽  
Art Research

In this chapter, the reader explores both the founding ideas and the state-of-the-art research on host-based intrusion detection systems. HIDSs are categorized by their intrusion detection method. Each category is thoroughly investigated, and its limitations and benefits are discussed. Seminal research findings and ideas are presented and supplied with comments. Separate sections are devoted to the protection against tampering and to the HIDS evasion techniques that are employed by attackers. Existing research trends are highlighted, and possible future directions are suggested.

scholarly journals The Use of Artificial-Intelligence-Based Ensembles for Intrusion Detection: A Review

2012 ◽  
Vol 2012 ◽  
pp. 1-20 ◽  
Author(s):  
Gulshan Kumar ◽  
Krishan Kumar
Keyword(s):  
Artificial Intelligence ◽  
Intrusion Detection ◽  
Supervised Learning ◽  
Ensemble Learning ◽  
Classification Performance ◽  
Intrusion Detection Systems ◽  
Future Directions ◽  
Comprehensive Review ◽  
Detection Systems ◽  
Combination Methods

In supervised learning-based classification, ensembles have been successfully employed to different application domains. In the literature, many researchers have proposed different ensembles by considering different combination methods, training datasets, base classifiers, and many other factors. Artificial-intelligence-(AI-) based techniques play prominent role in development of ensemble for intrusion detection (ID) and have many benefits over other techniques. However, there is no comprehensive review of ensembles in general and AI-based ensembles for ID to examine and understand their current research status to solve the ID problem. Here, an updated review of ensembles and their taxonomies has been presented in general. The paper also presents the updated review of various AI-based ensembles for ID (in particular) during last decade. The related studies of AI-based ensembles are compared by set of evaluation metrics driven from (1) architecture & approach followed; (2) different methods utilized in different phases of ensemble learning; (3) other measures used to evaluate classification performance of the ensembles. The paper also provides the future directions of the research in this area. The paper will help the better understanding of different directions in which research of ensembles has been done in general and specifically: field of intrusion detection systems (IDSs).

Intrusion Detection Systems for Mitigating SQL Injection Attacks

2020 ◽  
Vol 14 (2) ◽  
pp. 20-40 ◽  
Author(s):  
Rui Filipe Silva ◽  
Raul Barbosa ◽  
Jorge Bernardino
Keyword(s):  
Intrusion Detection ◽  
The State ◽  
Intrusion Detection Systems ◽  
Sql Injection ◽  
Detection Systems ◽  
Injection Attacks ◽  
Security Infrastructure ◽  
State Of Practice ◽  
Sql Injection Attacks ◽  
Database Protection

Databases are widely used by organizations to store business-critical information, which makes them one of the most attractive targets for security attacks. SQL Injection is the most common attack to webpages with dynamic content. To mitigate it, organizations use Intrusion Detection Systems (IDS) as part of the security infrastructure, to detect this type of attack. However, the authors observe a gap between the comprehensive state-of-the-art in detecting SQL Injection attacks and the state-of-practice regarding existing tools capable of detecting such attacks. The majority of IDS implementations provide little or no protection against SQL Injection attacks, with exceptions like the tools Bro and ModSecurity. In this article, the authors compare these tools using the CSIC dataset in order to examine the state-of-practice in database protection from SQL Injection attacks, identifying the main characteristics and implementation details needed for IDSs to successfully detect such attacks. The experiments indicate that signature-based IDS provide the greatest coverage against SQL Injection.

Cutting the Gordian Knot

2008 ◽  
pp. 531-546
Author(s):  
John Felix Charles Joseph ◽  
Amitabha Das ◽  
Boon-Chong Seet ◽  
Bu-Sung Lee
Keyword(s):  
Intrusion Detection ◽  
Ad Hoc Networks ◽  
Routing Protocols ◽  
Intrusion Detection System ◽  
Ad Hoc ◽  
Detection System ◽  
Intrusion Detection Systems ◽  
Future Directions ◽  
Detection Systems ◽  
Hoc Networks

Intrusion detection in ad hoc networks is a challenge because of the inherent characteristics of these networks, such as, the absence of centralized nodes, the lack of infrastructure, and so forth. Furthermore, in addition to application-based attacks, ad hoc networks are prone to attacks targeting routing protocols. Issues in intrusion detection in ad hoc networks are addressed by numerous research proposals in literature. In this chapter, we first enumerate the properties of ad hoc networks which hinder intrusion detection systems. After that, significant intrusion detection system (IDS) architectures and methodologies proposed in the literature are elucidated. Strengths and weaknesses of these works are studied and are explained. Finally, the future directions which will lead to the successful deployment of intrusion detection in ad hoc networks are discussed.

Toward Constructing a Balanced Intrusion Detection Dataset

2021 ◽  
Vol 2 (3) ◽  
pp. 132-142
Author(s):  
Amer Abulmajeed Abdulrahman Alsameraee ◽  
Mahmood Khalel Ibrahem
Keyword(s):  
Intrusion Detection ◽  
Large Scale ◽  
State Of The Art ◽  
Class Imbalance ◽  
Sampling Technique ◽  
Machine Learning Algorithms ◽  
Intrusion Detection Systems ◽  
Detection Methods ◽  
Effective Solution ◽  
Detection Systems

Several Intrusion Detection Systems (IDS) have been proposed in the current decade. Most datasets which associate with intrusion detection dataset suffer from an imbalance class problem. This problem limits the performance of classifier for minority classes. This paper has presented a novel class imbalance processing technology for large scale multiclass dataset, referred to as BMCD. Our algorithm is based on adapting the Synthetic Minority Over-Sampling Technique (SMOTE) with multiclass dataset to improve the detection rate of minority classes while ensuring efficiency. In this work we have been combined five individual CICIDS2017 dataset to create one multiclass dataset which contains several types of attacks. To prove the efficiency of our algorithm, several machine learning algorithms have been applied on combined dataset with and without using BMCD algorithm. The experimental results have concluded that BMCD provides an effective solution to imbalanced intrusion detection and outperforms the state-of-the-art intrusion detection methods.

Disadvantages of Modern Intrusion Detection Systems

2006 ◽  
Vol 65 (10) ◽  
pp. 929-936
Author(s):  
A. V. Agranovskiy ◽  
S. A. Repalov ◽  
R. A. Khadi ◽  
M. B. Yakubets
Keyword(s):  
Intrusion Detection ◽  
Intrusion Detection Systems ◽  
Detection Systems
Sign in / Sign up

Export Citation Format

Share Document