A Review of Anomaly-Based IDS’s and Techniques

International Journal of Computer Science (IJCS) Published by SK Research Group of Companies (SKRGC)

Abstract

Due to rapid growth and deployment of network technologies and global internet services has made better administration and protection of unauthorized networks activity a difficult research problem. This development is go along with by an exponential expansion in the number of network attacks over insecure channel, which have become more difficult, more categorized, more active, and more rigorous than ever. Modern network protection techniques are static, time-consuming in responding to attacks, and inefficient due to the large number of false alarms.

References

[1] Matt Bishop. Computer Security Art and Science. 2003.
[2] K. Lumpur, “An investigation and survey of response options for Intrusion Response Systems (IRSs),” 2010.
[3] N. Stakhanova, S. Basu, and J. Wong, “A taxonomy of intrusion response systems, International Journal of Information and Computer Security, vol. 1, no. 1, pp. 169–184, 2007.
[4] P. Horn, “Autonomic computing: IBM's perspective on the state of information technology," Computing Systems, vol. 15, no. Jan, p. 140, 2001.
[5] E. Bertino, A. Kamra, E. Terzi, and A. Vakali, “Intrusion detection in rbac-administered databases," in Proc. 21st Annual Computer Security Applications Conference. Washington, DC, USA: IEEE Computer Society, 2005, pp. 170-182.
[6] S.W. Lodin and C.L. Schuba, “Firewalls fend off invasions from the Net,” IEEE Spectrum, vol. 35, no. 2, 1998, pp. 26-34.
[7] A. Lazarevic, L. Ertoz, V. Kumar, A. Ozgur and J. Srivastava, “A comparative study of anomaly detection schemes in network intrusion detection,” Proc. the Third SIAM International Conference on Data Mining 2003, pp. 25–36.
[8] V. Kumar, J. Srivastava and A. Lazarevic, “Intrusion Detection: A Survey,” Managing Cyber Threats, Massive Computing 5, Springer US, 2005, pp. 19-78.
[9] R. Bace and P. Mell, Intrusion detection systems, US Dept. of Commerce, Technology Administration, National Institute of Standards and Technology, 2001.
[10] I. Ristic, Apache security, O'Reilly Media, Inc., 2005.
[11] S. Axelsson, Intrusion detection systems: A survey and taxonomy, Technical Report, Chalmers University of Technology, Dept. of Computer Engineering, 2000.
[12] P. Garcia-Teodoro, J. Diaz-Verdejo, G. Macia-Fernandez and E. Vazquez, “Anomaly-based network intrusion detection: Techniques, systems and challenges,” Computers & Security, vol. 28, no. 1-2, 2009, pp. 18-28.
[13] S. Zanero, ?Detecting 0-day attacks with learning intrusion detection system,? Blackhat Briefings, USA, 2004.
[14] S.E. Smaha, T.A.S. Inc and T.X. Austin, “Haystack: An intrusion detection system,” Proc. the IEEE fourth Aerospace Computer Security Applications Conference, IEEE Computer Society Press, 1988, pp. 37-44.
[15] T.F. Lunt, A. Tamaru, F. Gilham, R. Jagannathan, P.G.Neumann and C. Jalali, “IDES: a progress report [IntrusionDetection Expert System],” Proc. the Sixth Annual Computer Security Applications Conference, IEEE Computer Society Press, 1990, pp. 273-285.
[16] M. Bishop, Introduction to computer security, Addison-Wesley Professional, 2004.
[17] D.F. Gong, “White Paper: Deciphering Detection Techniques: Part II Anomaly-based Intrusion Detection,” Network Associates (McAfee Security), 2003.
[18] X. Zhang, L. Jia, H. Shi, Z. Tang, and X. Wang, “The Application of Machine Learning Methods to Intrusion Detection,” in 2012 Spring Congress on Engineering and Technology (S-CET), 2012, pp. 1-4.
[19] H. A. Kholidy, A. Erradi, S. Abdelwahed, and F. Baiardi, “Hacids: A hierarchical and autonomous ids for cloud systems,” in Computational Intelligence, Communication Systems and Networks (CICSyN), 2013 Fifth International Conference on, pp. 179–184, IEEE, 2013.
[20] Sperotto, Michel Mandjes, Ramin Sadre, Pieter-Tjerk de Boer,and Aiko Pras, “Autonomic Parameter Tuning of AnomalyBased IDSs: an SSH Case Study” IEEE TRANSACTIONS ON NETWORK AND SERVICE MANAGEMENT, VOL. 9, NO.2, JUNE 2012.
[21] Kleber M.M. Vieira, Fernando Schubert, Guilherme A.Geronimo, Rafael de Souza Mendes, Carlos B. Westphall,“Autonomic Intrusion Detection System in Cloud Computing with Big Data” 2014.

Keywords

IDS, Anomalies, Machine Learning, Support vector machine, Signature based Detection