Journal of Emerging Trends in Computing and Information Sciences Systematic Review and Comparison of Anomaly Based Network Intrusion Detection Systems Based on Efficiency

Currently, anomaly based network intrusion detection (ANID) is the solution for novel and sophisticated attacks. This review focuses on the comparison of Anomaly based Network Intrusion Detection Systems (ANIDS) based on efficiency. A collection of ANIDS that were trained and tested using KDD cup 99 dataset in the period 2002 to 2012 (May) are considered for this review paper. A total of 258 papers were reviewed .Among the ANIDS using kdd’99 dataset 70.58% are machine learning based. It is observed that the fuzzy based ANIDS constitute 37.5 %. It is concluded that Fuzzy based ANIDS gave good Detection Rate (DR), and SVM based ANIDS gave good False Alarm Rate (FAR) consistently based on the efficiency comparison performed.

[1]  Arputharaj Kannan,et al.  Decision tree based light weight intrusion detection using a wrapper approach , 2012, Expert Syst. Appl..

[2]  S. Karthikeyan,et al.  An ensemble design of intrusion detection system for handling uncertainty using Neutrosophic Logic Classifier , 2012, Knowl. Based Syst..

[3]  C. Lucas,et al.  Intrusion detection using a fuzzy genetics-based learning algorithm , 2007, J. Netw. Comput. Appl..

[4]  John Mhugh The 1998 Lincoln Laboratory IDS evaluation : A critique , 2000 .

[5]  Mohammad Saniee Abadeh,et al.  A parallel genetic local search algorithm for intrusion detection in computer networks , 2007, Eng. Appl. Artif. Intell..

[6]  Mu-qing Wu,et al.  KFDA and clustering based multiclass SVM for intrusion detection , 2008 .

[7]  Philippe Owezarski,et al.  Unsupervised Network Intrusion Detection Systems: Detecting the Unknown without Knowledge , 2012, Comput. Commun..

[8]  Won Suk Lee,et al.  An anomaly intrusion detection method by clustering normal user behavior , 2003, Comput. Secur..

[9]  Sam Kwong,et al.  Genetic-fuzzy rule mining approach and evaluation of feature selection techniques for anomaly intrusion detection , 2007, Pattern Recognition.

[10]  Zhengxin Chen,et al.  Multiple criteria mathematical programming for multi-class classification and application in network intrusion detection , 2009, Inf. Sci..

[11]  Malcolm I. Heywood,et al.  A Hierarchical SOM based Intrusion Detection System , 2008 .

[12]  Shi-Jinn Horng,et al.  A novel intrusion detection system based on hierarchical clustering and support vector machines , 2011, Expert Syst. Appl..

[13]  D. S. Yeung,et al.  Network intrusion detection in covariance feature space , 2007, Pattern Recognit..

[14]  Ajith Abraham,et al.  Modeling intrusion detection system using hybrid intelligent systems , 2007, J. Netw. Comput. Appl..

[15]  Arturo Ribagorda,et al.  Autonomous decision on intrusion detection with trained BDI agents , 2008, Comput. Commun..

[16]  Li Guo,et al.  An active learning based TCM-KNN algorithm for supervised network intrusion detection , 2007, Comput. Secur..

[17]  Clayton R. Pereira,et al.  An Optimum-Path Forest framework for intrusion detection in computer networks , 2012, Eng. Appl. Artif. Intell..

[18]  Chih-Fong Tsai,et al.  A triangle area based nearest neighbors approach to intrusion detection , 2010, Pattern Recognit..

[19]  Yun Wang,et al.  A multinomial logistic regression modeling approach for anomaly intrusion detection , 2005, Comput. Secur..

[20]  Zhenyu Liu,et al.  A method of SVM with Normalization in Intrusion Detection , 2011 .

[21]  Wei Zhang,et al.  A genetic clustering method for intrusion detection , 2004, Pattern Recognit..

[22]  Rachid Beghdad,et al.  Modelling intrusion detection as an allocation problem , 2009, Pattern Recognit. Lett..

[23]  Adel Nadjaran Toosi,et al.  A new approach to intrusion detection based on an evolutionary soft computing model using neuro-fuzzy classifiers , 2007, Comput. Commun..

[24]  Sam Kwong,et al.  Anomaly intrusion detection using multi-objective genetic fuzzy system and agent-based evolutionary computation framework , 2005, Fifth IEEE International Conference on Data Mining (ICDM'05).

[25]  Lizhong Xiao,et al.  K-means Algorithm Based on Particle Swarm Optimization Algorithm for Anomaly Intrusion Detection , 2006, 2006 6th World Congress on Intelligent Control and Automation.

[26]  Georgios Kambourakis,et al.  Swarm intelligence in intrusion detection: A survey , 2011, Comput. Secur..

[27]  Hamid Mohamadi,et al.  Design and analysis of genetic fuzzy systems for intrusion detection in computer networks , 2011, Expert Syst. Appl..

[28]  Noorhaniza Wahid,et al.  A hybrid network intrusion detection system using simplified swarm optimization (SSO) , 2012, Appl. Soft Comput..

[29]  Pearl Brereton,et al.  Performing systematic literature reviews in software engineering , 2006, ICSE.

[30]  Yinhui Li,et al.  An efficient intrusion detection system based on support vector machines and gradually feature removal method , 2012, Expert Syst. Appl..

[31]  Ali A. Ghorbani,et al.  IEEE TRANSACTIONS ON SYSTEMS, MAN, AND CYBERNETICS—PART C: APPLICATIONS AND REVIEWS 1 Toward Credible Evaluation of Anomaly-Based Intrusion-Detection Methods , 2022 .

[32]  Tansel Özyer,et al.  Intrusion detection by integrating boosting genetic fuzzy classifier and data mining criteria for rule pre-screening , 2007, J. Netw. Comput. Appl..

[33]  Jun He,et al.  A hybrid artificial immune system and Self Organising Map for network intrusion detection , 2008, Inf. Sci..

[34]  Jian Ma,et al.  A new approach to intrusion detection using Artificial Neural Networks and fuzzy clustering , 2010, Expert Syst. Appl..

[35]  Soheila Dehghanzadeh,et al.  Optimizing Fuzzy K-means for network anomaly detection using PSO , 2008, 2008 IEEE/ACS International Conference on Computer Systems and Applications.

[36]  Wei Xu,et al.  Incremental SVM based on reserved set for network intrusion detection , 2011, Expert Syst. Appl..

[37]  O. Dieste,et al.  Developing Search Strategies for Detecting Relevant Experiments for Systematic Reviews , 2007, First International Symposium on Empirical Software Engineering and Measurement (ESEM 2007).