Intrusion Detection: a Survey
نویسندگان
چکیده
This chapter provides the overview of the state of the art in intrusion detection research. Intrusion detection systems are software and/or hardware components that monitor computer systems and analyze events occurring in them for signs of intrusions. Due to widespread diversity and complexity of computer infrastructures, it is difficult to provide a completely secure computer system. Therefore, there are numerous security systems and intrusion detection systems that address different aspects of computer security. This chapter first provides taxonomy of computer intrusions, along with brief descriptions of major computer attack categories. Second, a common architecture of intrusion detection systems and their basic characteristics are presented. Third, taxonomy of intrusion detection systems based on five criteria (information source, analysis strategy, time aspects, architecture, response) is given. Finally, intrusion detection systems are classified according to each of these categories and the most representative research prototypes are briefly described.
منابع مشابه
A Survey of Anomaly Detection Approaches in Internet of Things
Internet of Things is an ever-growing network of heterogeneous and constraint nodes which are connected to each other and the Internet. Security plays an important role in such networks. Experience has proved that encryption and authentication are not enough for the security of networks and an Intrusion Detection System is required to detect and to prevent attacks from malicious nodes. In this ...
متن کاملA Survey of Application Level Intrusion Detection
This survey presents research for intrusion detection at the application level. The current approaches to intrusion detection are discussed and the aspects of collection, analysis and reaction models are introduced. The need for intrusion detection at application level is discussed. The majority of the survey introduces, categorizes and explains the past and present research efforts on the appl...
متن کاملIntrusion Detection Systems: A Survey and Taxonomy
This paper presents a taxonomy of intrusion detection systems that is then used to survey and classify a number of research prototypes. The taxonomy consists of a classification first of the detection principle, and second of certain operational aspects of the intrusion detection system as such. The systems are also grouped according to the increasing difficulty of the problem they attempt to a...
متن کاملVisualization Techniques for Intrusion Detection – a Survey
In traditional intrusion detection system (IDS) environments, little activity has been applied to using visual analysis as an aid to intrusion detection. With more information systems being attacked and attack techniques evolving, the task of detecting intrusions is becoming an increasingly difficult. Efficient information visualization is an important element required for urgent detection of i...
متن کاملA Survey of Intrusion Detection Systems
This paper is a survey of the research in the field of intrusion detection systems. Some previous surveys in the field are [2, 24, 3, 20, 16, 5]. An extensive literature exists on the topic of intrusion detection systems that use audit data for uncovering anomalous system behavior. It is possible to identify themes that are common to many of the available techniques. The intention of the paper ...
متن کاملA Hybrid Machine Learning Method for Intrusion Detection
Data security is an important area of concern for every computer system owner. An intrusion detection system is a device or software application that monitors a network or systems for malicious activity or policy violations. Already various techniques of artificial intelligence have been used for intrusion detection. The main challenge in this area is the running speed of the available implemen...
متن کامل