Journal of applied mathematics & informatics

한국전산응용수학회 (The Korean Society for Computational and Applied Mathematics)
권호 표지
DOI QR코드

DOI QR Code

A SURVEY ON INTRUSION DETECTION SYSTEMS IN COMPUTER NETWORKS

  • 투고 : 2012.01.01
  • 심사 : 2012.03.14
  • 발행 : 2012.09.30
PDF 다운로드
⟨ 이전 논문 다음 논문 ⟩

초록

In recent years, using computer networks (wired and wireless networks) has been widespread in many applications. As computer networks become increasingly complex, the accompanied potential threats also grow to be more sophisticated and as such security has become one of the major concerns in them. Prevention methods alone are not sufficient to make them secure; therefore, detection should be added as another defense before an attacker can breach the system. Intrusion Detection Systems (IDSs) have become a key component in ensuring systems and networks security. An IDS monitors network activities in order to detect malicious actions performed by intruders and then initiate the appropriate countermeasures. In this paper, we present a survey and taxonomy of intrusion detection systems and then evaluate and compare them.

키워드

참고문헌

  1. B. Wu, J. Chen, J. Wu and M. Cardei, A survey on attacks and countermeasures in mobile ad hoc networks, Wireless/Mobile Network Security, Vol. 17(2007).
  2. Y. Deswarte and D. Powell, Internet security: An intrusion-tolerance approach, Proceeding of the IEEE Vol. 94(2006), No.2, 432-441. https://doi.org/10.1109/JPROC.2005.862320
  3. M. N. Lima, A. Luiz dos Santos and G. Pujolle, A survey of survivability in mobile ad hoc networks, IEEE Communications Surveys & Tutorials, Vol. 11(2009), No.1, 66-77. https://doi.org/10.1109/SURV.2009.090106
  4. P. E. Verssimo, N. F. Neves and M. P. Correia, Intrusion-tolerant architectures: concepts and design, Technical Report DI-FCUL TR- 03-5, University of Lisbon, Portugal, (2003).
  5. Malicious- and Accidental-Fault Tolerance for Internet Applications, (2007), (http://www.maftia.org).
  6. Organically Assured and Survivable Information System (OASIS), (2007), (http://www.tolerantsystems.org).
  7. C. Xenakis, C. Panos and I. Stavrakakis, A comparative evaluation of intrusion detection architectures for mobile ad hoc networks, Computers & Security, Vol. 30(2010), 63-80.
  8. R. Heady, G. Luger, A. Maccabe and M. Servilla, The architecture of a network level intrusion detection system, Technical Report, University of New Mexico, (1990).
  9. S. Sen and J. A. Clark, Intrusion detection in mobile ad hoc networks, In: Guide to Wireless Ad Hoc Networks, S. Misra, I. Woungang and S.C. Misra (Eds.), Springer, 2009.
  10. T. Anantvalee and J. Wu, A survey on intrusion detection in mobile ad hoc networks, Wireless/Mobile Network Security, Springer, Chapter 7, 170-196, 2006.
  11. M. Kuchaki Rafsanjani, A. Movaghar and F. Koroupi, Investigating intrusion detection systems in manet and comparing idss for detecting misbehaving nodes, Proceedings of the World Academy of Science, Engineering and Technology, Vol. 44(2008).
  12. S. Sahu and S. K. Shandily, A comprehensive survey on intrusion detection in MANET, International Journal of Information Technology and Knowledge Management, Vol. 2(2010), No.2, 305-310.
  13. Y. Li and L. Guo, An active learning based TCM-KNN algorithm for supervised network intrusion detection, Computers & Security, Vol. 26(2007),No.(7-8), 459-467. https://doi.org/10.1016/j.cose.2007.10.002
  14. Y. Zhang, W. Lee and Y. Huang, Intrusion detection techniques for mobile wireless networks, ACM/Kluwer Wireless Networks Journal (ACM WINET), Vol. 9(2003), No.5.
  15. J. P. Anderson, Computer Security Threat Monitoring and Surveillance, Technical Report, James P. Anderson Co., Fort Washington, PA, (1980).
  16. D.E. Denning, An intrusion detection model, IEEE Transactions on Software Engineering, Vol. 13(1987), No.2, 222- 231.
  17. L. T. Heberlein, G. V. Dias, K. N. Levitt, B. Mukherjee, J. Wood and D. Wolber, A network security monitor, Proceedings of the IEEE Symposium on Security and Privacy, (1990), 296-304.
  18. A. Patcha and J. M. Park, A game theoretic formulation for intrusion detection in mobile ad hoc networks, International Journal of Network Security, Vol. 2(2006), No.2, 131-137.
  19. L. R. Halme and R. K. Bauer, AINT misbehaving: a taxonomy of anti-intrusion techniques, Proceedings of the 18th National Information Systems Security Conference, Vol. 14(1995), No.7, 606-606(1).
  20. J. Cannady and J. Harrell, A comparative analysis of current intrusion detection technologies, Proceedings of the 4th Technology for Information Security Conference (TISC96), (1996), Houston.
  21. Y. Bai and H. Kobayashi, Intrusion detection systems: technology and development, Proceedings of the 17th International Conference on Advanced Information Networking and Applications (AINA), (2003), 710-715.
  22. S. Axelsson, Intrusion detection systems a survey and taxonomy, Technical Report, No.99-15, Dept. of Computer Engineering, Chalmers University of Technology, Sweden, (2000).
  23. D. Herv, D. Marc and W. Andreas, Towards a taxonomy of intrusion-detection systems, Computer Networks, Vol. 31(1999), No.8, 805-822. https://doi.org/10.1016/S1389-1286(98)00017-6
  24. T. S. Sobh, Wired and wireless intrusion detection system: classifications, good characteristics and state-of-the-art, Computer Standards Interfaces, Vol. 28(2006), No.6, 670-694. https://doi.org/10.1016/j.csi.2005.07.002
  25. P. Brutch and C. Ko, Challenges in intrusion detection for wireless ad-hoc networks, Proceedings of the Symposium on Applications and the Internet Workshops (SAINT'03 Workshops), (2003), 368373.
  26. A. Mishra, K. Nadkarni and A. Patcha, Intrusion detection in wireless ad hoc networks, IEEE Wireless Communications, Vol. 11(2004), No.1, 48-60.
  27. M. A. Azer, S. M. El-Kassas and M. S. El-Soudani, A survey on anomaly detection methods for ad hoc networks, Ubiquitous Computing and Communication Journal, Vol. 2(2005), No. 3, 6776.
  28. B. Sun, L. Osborne, X. Yang and S. Guizani, Intrusion detection techniques in mobile ad hoc and wireless sensor networks, IEEE Wireless Communications, Vol. 14(2007), No.5, 56-63. https://doi.org/10.1109/MWC.2007.4396943
  29. S. Mandala, A. Ngadi and A. H. Abdullah, A survey on MANETs intrusion detection, International Journal of Computer Science and Security, Vol. 2(2007), No.1, 1-11.
  30. Y. Li and J. Wei, Guidelines on selecting intrusion detection methods in MANET, Proceedings of the 21st Annual Conference for Information Systems Educators (ISECON), (2004), Rhode Island, USA.
  31. A. Hijazi and N. Nasser, Using mobile agents for intrusion detection in wireless ad hoc network, Proceedings of the Wireless and Optical Communications Networks (WOCN), (2005).
  32. B. Sun, Intrusion detection in mobile ad hoc networks, Ph. D thesis, Texas A&M University, May 2004.
  33. C. Ko, G. Fink and K. Levitt, Execution monitoring of security-critical programs in distributed systems: a specification-based approach, Proceedings of the IEEE Symposium on Security and Privacy, Oakland, CA, (1997), 134-144.
  34. P. Uppuluri and R. Sekar, Experiences with specification-based intrusion detection, Proceeding of the 4th International Symposium on Recent Advances in Intrusion Detection, (2001).
  35. H. Yang, H. Luo, F. Ye, S. Lu and U. Zhang, Security in mobile ad hoc networks: challenges and solutions, IEEE Wireless Communications, Vol. 11(2004), No.1, 38-47.
  36. Y. C. Hu and A. Perrig, A survey of secure wireless ad hoc routing, Security and Privacy Magazine, Vol. 2(2004), No.3, 28-39.
  37. J. Allen, A. Christie, W. Fithen, J. McHugh, J. Pickel and E. Stoner, State of the Practice of Intrusion Detection Technologies, Technical Report, CMU/SEI-99-TR-028, January 2000.
  38. Cisco Systems, Inc., Cisco IDS Host Sensor, Data Sheet, (2002), (http://www.cisco.com/warp/public/cc/pd/sqsw/sqidsz/prodlit/hid25_ds.htm).
  39. M. Roesch, Snort Lightweight intrusion detection for networks, Proceeding of the 13th System Administration Conference (LISA'99), Berkeley, CA, (1999), 229-238.
  40. G. A. Jacoby, Battery-based intrusion detection, Ph. D Thesis, Virginia Polytechnic Institute and State University April 12, 2005.
  41. H. Han, X. L. Lu, J. Lu, C. Bo and R. L. Yong, Data mining aided signature discovery in network-based intrusion detection syste, Operating Systems Review, Vol. 36(2002), No.4, 7-13. https://doi.org/10.1145/583800.583801
  42. W. A. Jansen, Intrusion detection with mobile agents, Computer Communication, Vol. 25(2002), No.15, 1392-1401. https://doi.org/10.1016/S0140-3664(02)00040-3