Intrusion Detection Systems: Development, Advancements, and Limitations
Keywords:
Intrusion Detection System; Signature-Based IDS; Anomaly-Based IDS; Machine Learning; Deep Learning; IoT Security; Cyber–Physical Systems; False Positives; Network SecurityAbstract
Intrusion Detection Systems (IDS) have evolved significantly over the past decades in response to the increasing complexity and frequency of cyber threats. Early IDS technologies were primarily signature-based, focusing on known attack patterns, which limited their ability to detect novel and sophisticated intrusions. To overcome these constraints, anomaly-based and specification-based IDS models were introduced, enabling improved detection of unknown attacks by identifying deviations from normal system behavior. With the advancement of Internet of Things (IoT), Industrial Control Systems (ICS), and Cyber–Physical Systems (CPS), IDS technologies have further incorporated machine learning and deep learning techniques to handle high-dimensional data and dynamic network environments. Despite these advancements, IDS solutions still face several limitations, including high false-positive rates, computational overhead, scalability challenges, real-time deployment constraints, and privacy concerns in distributed systems. This section critically examines the evolutionary phases of IDS technologies and highlights their inherent limitations, emphasizing the need for adaptive, lightweight, and privacy-preserving IDS frameworks for modern network infrastructures.
References
D. Aldous, “The continuum random tree. I,” The Annals of Probability, pp. 1–28, 1991.
D. Ruck, S. Rogers, M. Kabrisky, M. Oxley, and B. Suter, “The multilayer perceptron as an approximation to a Bayes optima ldiscriminant function,” IEEE Transactions on Neural Networks, vol. 1, no. 4, pp. 296–298, 1990 digital forensics. Digit. Investig. 22, 3–13.
Anderson, James P. “Computer Security Threat Monitoring and Surveillance”, 15 April 1980 http://seclab.cs.ucdavis.edu/projects/history/papers/ande80.pdf 107120.
N. Mhawi,AmmarAldallal,Soukeana Hassan (2022) “Advanced Feature-Selection-Based Hybrid Ensemble Learning Algorithms for Network Intrusion Detection Systems” 2022, 14(7), 1461; https://doi.org/10.3390/sym14071461, 17 July 2022
Cao, Y., et al., 2019. A topology-aware access control model for collaborative cyber–physical spaces: Specification and verification. Comput. Secur. 87,101478.
Chen, H.; Jiang, B.; Ding, S.X.; Huang, B. Data-driven fault diagnosis for traction systems in high-speed trains: A survey, challenges, and perspectives. IEEE Trans. Intell. Transp. Syst. 2020, 23, 1700–1716.
ChunyingZhang,WenjieWang,LuLiu,JingRen,Liya Wang (2022) “Three-Branch Random Forest Intrusion Detection Model” 2022, 10(23), 4460; https://doi.org/10.3390/math10234460, 26 November 2022
Doaa N. Mhawi,AmmarAldallal,Soukeana Hassan (2022) “Advanced Feature-Selection-Based Hybrid Ensemble Learning Algorithms for Network Intrusion Detection Systems” 2022, 14(7), 1461; https://doi.org/10.3390/sym14071461, 17 July 2022
G. Di Crescenzo, A. Ghosh, and R. Talpade, “Towards a theory of intrusion detection,” Lecture notes in computer science, vol. 3679, p. 267, 2005.
G. Gu, P. Fogla, D. Dagon, W. Lee, and B. Skoric, “Measuring ´ intrusion detection capability: An information-theoretic approach,” in Proceedings of ACM Symposium on Information, computer and communications security (ASIACCS06), pp. 90–101, ACM New York, NY, USA, 2006.
G. John and P. Langley, “Estimating continuous distributions in Bayesian classifiers,” in Proceedings of the Eleventh Conference on Uncertainty in Artificial Intelligence, pp. 338–345, 1995.
Hsiao-Chung Lin,PingWang,Kuo-Ming Chao,Wen-Hui Lin,Zong-Yu Yan (2021) “Ensemble Learning for Threat Classification in Network Intrusion Detection on a Security Monitoring System for Renewable Energy “ 2021, 11(23), 11283; https://doi.org/10.3390/app112311283, 29 November 2021
Htun, H.H.; Biehl, M.; Petkov, N. Survey of feature selection and extraction techniques for stock market prediction. Financ. Innov.2023, 9, 26.
M. Shyu, S. Chen, K. Sarinnapakorn, and L. Chang, “A novel anomaly detection scheme based on principal component classifier,” Proceedings of the IEEE Foundations and New Directions of Data Mining Workshop, in conjunction with the Third IEEE International Conference on Data Mining (ICDM03), pp. 172–179, 2003.
Mohammad, R.M.A.; Salah, K. Detecting malicious URLs using machine learning techniques: Review and research directions. IEEE Access 2022, 10, 121395–121417.
Cao, J., et al., 2021. Hybrid-triggered-based security controller design for networked control system under multiple cyber attacks. Inform. Sci. 548,
J. Gaffney Jr and J. Ulvila, “Evaluation of intrusion detectors: A decision theory approach,” in Proceedings of IEEE Symposium on Security and Privacy, (S&P), pp. 50–61, 2001.
J. McHugh, “Testing intrusion detection systems: a critique of the 1998 and 1999 darpa intrusion detection system evaluations as performed by lincoln laboratory,” ACM Transactions on Information and System Security, vol. 3, no. 4, pp. 262–294, 2000.
J. Quinlan, C4.5: Programs for Machine Learning. Morgan Kaufmann,1993.
Jabed Al Faysal,Sk Tahmid Mostafa ,Jannatul Sultana Tamanna, Khondoker Mirazul Mumenin,Md. Mashrur Arifin,Md. Abdul Awal,Atanu Shome,Sheikh Shanawaz Mostafa (2021) “XGB-RF: A Hybrid Machine Learning Approach for IoT Intrusion Detection” 2022, 3(1), 52-69; https://doi.org/10.3390/telecom3010003, 4 January 2022
K. Leung and C. Leckie, “Unsupervised anomaly detection in network intrusion detection using clusters,” Proceedings of the Twenty-eighth Australasian conference on Computer Science-Volume 38, pp. 333– 342, 2005.
L. Breiman, “Random Forests,” Machine Learning, vol. 45, no. 1, pp. 5–32, 2001.
L. Portnoy, E. Eskin, and S. Stolfo, “Intrusion detection with unlabeled data using clustering,” Proceedings of ACM CSS Workshop on Data Mining Applied to Security, Philadelphia, PA, November, 2001.
Liu, J.; Dong, Y.; Zha, L.; Tian, E.; Xie, X. Event-based security tracking control for networked control systems against stochasticcyber-attacks. Inf. Sci. 2022, 612, 306–321.
M. Mahoney and P. Chan, “An Analysis of the 1999 DARPA/Lincoln Laboratory Evaluation Data for Network Anomaly Detection,” LECTURE NOTES IN COMPUTER SCIENCE, pp. 220–238, 2003.
M. Shyu, S. Chen, K. Sarinnapakorn, and L. Chang, “A novel anomaly detection scheme based on principal component classifier,” Proceedings of the IEEE Foundations and New Directions of Data Mining Workshop, in conjunction with the Third IEEE International Conference on Data Mining (ICDM03), pp. 172–179, 2003.
Mohammad, R.M.A.; Salah, K. Detecting malicious URLs using machine learning techniques: Review and research directions. IEEE Access 2022, 10, 121395–121417.
Satish Kumar, Sunanda, and Sakshi Arora (2020) A Statistical Analysis on KDD Cup’99 Dataset for the Network Intrusion Detection System DOI: 10.1007/978-981-15-3852-0_9
Ambusaidi MA, He X, Nanda P, Tan Z (2016) Building an intrusion detection system using a filter-based feature selection algorithm. IEEE Trans Comput 65(10):2986–2998
KDD Cup 1999. Available on: http://kdd.ics.uci.edu/databases/kddcup 99/kddcup99.html, Ocotber 2007.
Downloads
How to Cite
Issue
Section
License
Copyright (c) 2024 International Journal of Engineering Science and Humanities
This work is licensed under a Creative Commons Attribution 4.0 International License.
