V. Jyothsna scite author profile

V. Jyothsna

4Publications

147Citation Statements Received

22Citation Statements Given

How they've been cited

281

147

How they cite others

Affiliations

Publications

Order By: Most citations

A Review of Anomaly based Intrusion Detection Systems

Jyothsna¹

2011

IJCA

262

145

View full text Add to dashboard Cite

With the advent of anomaly-based intrusion detection systems, many approaches and techniques have been developed to track novel attacks on the systems. High detection rate of 98% at a low alarm rate of 1% can be achieved by using these techniques. Though anomaly-based approaches are efficient, signature-based detection is preferred for mainstream implementation of intrusion detection systems. As a variety of anomaly detection techniques were suggested, it is difficult to compare the strengths, weaknesses of these methods. The reason why industries don"t favor the anomaly-based intrusion detection methods can be well understood by validating the efficiencies of the all the methods. To investigate this issue, the current state of the experiment practice in the field of anomalybased intrusion detection is reviewed and survey recent studies in this. This paper contains summarization study and identification of the drawbacks of formerly surveyed works. General TermsComputer Networks, Network Security, Intrusion Detection Systems KeywordsIntrusion Detection, Anomaly-based Detection, Signature-based detection INTRODUCTIONNetwork intrusion detection systems (NIDS) are most efficient way of defending against network-based attacks aimed at computer systems [13,14]. These systems are used in almost all large-scale IT infrastructures [15]. Basically, there are two main types of intrusion detection systems: signature-based (SBS) and anomaly-based (ABS). SBS systems (e.g. Snort [16,7]) rely on pattern recognition techniques where they maintain the database of signatures of previously known attacks and compare them with analyzed data. An alarm is raised when the signatures are matched. On the other hand ABS systems (e.g. PAYL [18]) build a statistical model describing the normal network traffic, and any abnormal behavior that deviates from the model is identified. In contrast to signature-based systems, anomaly-based systems have the advantage that they can detect zero-day attacks, since novel attacks can be detected as soon as they take place. Whereas ABS (unlike SBS) requires a training phase to develop the database of general attacks and a careful setting of threshold level of detection makes it complex. In this paper focus is on anomaly-based systems, in particular on a specific kind of this ABS payload-based. These payload-based systems are particularly suitable to detect advanced attacks, and we describe the most prominent and the most recent of them in detail: respectively Wang and Stolfo"s PAYL [18] and our POSEIDON [19]. CATEGORIES OF INTRUSION DETECTION SYSTEMS 2.1 Signature Based DetectionSignature detection involves searching network traffic for a series of malicious bytes or packet sequences. The main advantage of this technique is that signatures are very easy to develop and understand if we know what network behavior we are trying to identify. For instance, we might use a signature that looks for particular strings within exploit particular bufferoverflow vulnerability. The events generated by signatureb...

show abstract

An IoT-Based BLYNK Server Application for Infant Monitoring Alert System to Detect Crying and Wetness of a Baby

Bhasha

Kumar

Baseer³

et al. 2021

View full text Add to dashboard Cite

A Network Intrusion Detection System with Hybrid Dimensionality Reduction and Neural Network Based Classifier

Jyothsna¹,

Sreedhar²,

Mukesh³

et al. 2020

View full text Add to dashboard Cite

Facemask detection using Deep Learning

Jyothsna¹,

Madhuri²,

Lakshmi³

et al. 2023

View full text Add to dashboard Cite

scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.

Contact Info

customersupport@researchsolutions.com

10624 S. Eastern Ave., Ste. A-614

Henderson, NV 89052, USA

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Blog Terms and Conditions API Terms Privacy Policy Contact Cookie Preferences Do Not Sell or Share My Personal Information

Made with 💙 for researchers

Part of the Research Solutions Family.

V. Jyothsna

A Review of Anomaly based Intrusion Detection Systems

An IoT-Based BLYNK Server Application for Infant Monitoring Alert System to Detect Crying and Wetness of a Baby

A Network Intrusion Detection System with Hybrid Dimensionality Reduction and Neural Network Based Classifier

Facemask detection using Deep Learning

Contact Info

Product

Resources

About