A Survey and Taxonomy of Lightweight Intrusion Detection Systems

Internet and computer networks are exposed to an ever increasing number of security threats that can damage computer systems and communication channels. Firewalls are used to defend systems but still they are not enough to provide full protection to the systems. Then, the concern with Intrusion Detection Systems (IDSs) has been growing for network security over the past years. Due to the increasing of networks’ speed and the amount of network traffic, it is essential that IDSs need to be lightweight to cope with it. Therefore, two representative methodologies have been applied to make IDSs lightweight, feature selection and parameter optimization. In this paper, we introduce concepts and algorithms of them and survey existing approaches which have used them. In particular, we review the previous approaches according to three broad categories: spam, Denial-of-Service (DoS) and Distributed Denial-of-Servive (DDoS) attacks detection since they are the most threatening intrusions these days. Finally, we conclude the survey by identifying trends and open challenges of lightweight IDSs research and development. Our hope is that this paper sheds some light on a fruitful direction of future research for lightweight IDSs.