2021
DOI: 10.1007/s10664-021-10046-w
|View full text |Cite
|
Sign up to set email alerts
|

Dynamical analysis of diversity in rule-based open source network intrusion detection systems

Abstract: Diverse layers of defence play an important role in the design of defence-in-depth architectures. The use of Intrusion Detection Systems (IDSs) are ubiquitous in this design. But the selection of the “right” IDSs in various configurations is an important decision that the security architects need to make. Additionally, the ability of these IDSs to adapt to the evolving threat-landscape also needs to be investigated. To help with these decisions, we need rigorous quantitative analysis. In this paper, we present… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
14
0

Year Published

2022
2022
2024
2024

Publication Types

Select...
3
2
1
1

Relationship

1
6

Authors

Journals

citations
Cited by 21 publications
(14 citation statements)
references
References 24 publications
0
14
0
Order By: Relevance
“…In contrast, the results of this research delve into practical IDPS implementation within a networking system environment to defend against specific threats, emphasizing real-world application. The studies cited as [11], [12], [29], [30], [33], [36]- [38], on the other hand, differ significantly from this research outcome. Given these variations in goals and approaches, direct result comparisons can be challenging.…”
Section: E Data Analysismentioning
confidence: 52%
See 2 more Smart Citations
“…In contrast, the results of this research delve into practical IDPS implementation within a networking system environment to defend against specific threats, emphasizing real-world application. The studies cited as [11], [12], [29], [30], [33], [36]- [38], on the other hand, differ significantly from this research outcome. Given these variations in goals and approaches, direct result comparisons can be challenging.…”
Section: E Data Analysismentioning
confidence: 52%
“…Contributions from other research, as presented in the studies by [33]- [38], also provide valuable insights within the domain of IDPS. Researchers examine diversity analysis for open-source IDS, aiding security architects in optimizing system performance.…”
Section: Introductionmentioning
confidence: 97%
See 1 more Smart Citation
“…For the detailed inside architecture of an IDS, see [2]. Signature based IDSs use rules that usually have various fields-actions, protocols, source/destination IP, source/destination ports, message to be stored/displayed, regular expressions for payload etc.…”
Section: Signature Based Idsmentioning
confidence: 99%
“…This study improves upon the previous work by utilizing labelled PCAP data in conducting individual and cross-platform diversity analysis of Snort and Suricata IDSs. In addition, the study uses a larger rule set spanning four years, from 2017 to 2020, compared to [2], where the functional diversity analysis was based on a two-week rule set. The analysis involves two ex-periments using two different PCAP datasets from the Canadian Institute for Cybersecurity (CIC), CIC-IDS-2017 and CSE-CIC-IDS2018 [3], collected on July 6, 2017, andbetween Feb 22-23, 2018, respectively.…”
Section: Introductionmentioning
confidence: 99%