From intrusion detection to attacker attribution: A comprehensive survey of unsupervised methods

Authors: Nisioti, A., Mylonas, A., Yoo, P. and Katos, V.

http://eprints.bournemouth.ac.uk/30985/

Journal: IEEE Communications Surveys and Tutorials

Publisher: IEEE

ISSN: 1553-877X

DOI: 10.1109/COMST.2018.2854724

This data was imported from Scopus:

Authors: Nisioti, A., Mylonas, A., Yoo, P.D. and Katos, V.

http://eprints.bournemouth.ac.uk/30985/

Journal: IEEE Communications Surveys and Tutorials

Volume: 20

Issue: 4

Pages: 3369-3388

eISSN: 1553-877X

DOI: 10.1109/COMST.2018.2854724

© 1998-2012 IEEE. Over the last five years there has been an increase in the frequency and diversity of network attacks. This holds true, as more and more organizations admit compromises on a daily basis. Many misuse and anomaly based intrusion detection systems (IDSs) that rely on either signatures, supervised or statistical methods have been proposed in the literature, but their trustworthiness is debatable. Moreover, as this paper uncovers, the current IDSs are based on obsolete attack classes that do not reflect the current attack trends. For these reasons, this paper provides a comprehensive overview of unsupervised and hybrid methods for intrusion detection, discussing their potential in the domain. We also present and highlight the importance of feature engineering techniques that have been proposed for intrusion detection. Furthermore, we discuss that current IDSs should evolve from simple detection to correlation and attribution. We descant how IDS data could be used to reconstruct and correlate attacks to identify attackers, with the use of advanced data analytics techniques. Finally, we argue how the present IDS attack classes can be extended to match the modern attacks and propose three new classes regarding the outgoing network communication.

This data was imported from Web of Science (Lite):

Authors: Nisioti, A., Mylonas, A., Yoo, P.D. and Katos, V.

http://eprints.bournemouth.ac.uk/30985/

Journal: IEEE COMMUNICATIONS SURVEYS AND TUTORIALS

Volume: 20

Issue: 4

Pages: 3369-3388

ISSN: 1553-877X

DOI: 10.1109/COMST.2018.2854724

The data on this page was last updated at 04:52 on April 20, 2019.