Abstract
Network threats and hazards are evolving at a high-speed rate in recent years. Many mechanisms (such as firewalls, anti-virus, anti-malware, and spam filters) are being used as security tools to protect networks. An intrusion detection system (IDS) is also an effective and powerful network security system to detect unauthorized and abnormal network traffic flow. This article presents a review of the research trends in network-based intrusion detection systems (NIDS), their approaches, and the most common datasets used to evaluate IDS Models. The analysis presented in this paper is based on the number of citations acquired by an article published, the total count of articles published related to intrusion detection in a year, and most cited research articles related to the intrusion detection system in journals and conferences separately. Based on the published articles in the intrusion detection field for the last 15 years, this article also discusses the state-of-the-arts of NIDS, commonly used NIDS, citation-based analysis of benchmark datasets, and NIDS techniques used for intrusion detection. A citation and publication-based comparative analysis to quantify the popularity of various approaches are also presented in this paper. The study in this article may be helpful to the novices and researchers interested in evaluating research trends in NIDS and their related applications.
Highlights
T ODAY’S era is of information and communication, and the numbers of host/terminal are continuously increasing in the scenario of computer networking
If area under the curve (AUC) is less than or equal to 0.5, it means misclassification is more than 50 percent, and the performance is poor for intrusion detection model [117]
This review is established based on numerous research papers in different journals/publications between 2005 and 2020
Summary
T ODAY’S era is of information and communication, and the numbers of host/terminal are continuously increasing in the scenario of computer networking. Namely firewalls, access control, anti-virus, anti-malware software, application security, behavioral analytic, data loss prevention, distributed denial of service (DDoS) prevention, and network segmentation are commonly used in the computer world to promote internet security mechanisms due to their capabilities of content filtering, blocking data outflow, and alerting and preventing malicious activities. An intrusion detection system with anti-virus has a significant impact on computer network security mechanisms that provides a more prominent scenario for protecting a computer network from the unauthenticated access control service. In the perspective of information systems, intrusion refers to any attempt that compromises the integrity, availability, confidentiality, or bypasses the security mechanism in a computer or a network [1]
Sign-in/Register to view highlights & summary Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
