A Survey on Different Network Intrusion Detection Systems and CounterMeasure

  • Divya RajputEmail author
  • Ankit Thakkar
Conference paper
Part of the Advances in Intelligent Systems and Computing book series (AISC, volume 906)


Recent studies have pulled tons of research in the domain of cloud security and various intrusion detection systems (IDSs). This is because of advancement in the different types of attacks on computer systems. Distributed denial of service (DDoS) attack is one of them wherein the attackers can compromise the cloud system by exploiting vulnerabilities. Initially, during the multi-step exploration, vulnerability with low frequency along with the virtual machine which is identified and compromised are included in DDoS attacks. In this context, various IDSs have been surveyed with different countermeasure techniques including some effective techniques to minimize the malicious activities within end systems or networks. The main aim of IDSs is to detect different attacks within networks and end systems or to be precise against any information systems which are very difficult to maintain in a secure state for a long duration. Some studies have shown that the use of host-based systems and the network-based systems help to improve the attack detection. This paper focuses on the study of various well-known IDS and various techniques to minimize malicious activities within the system.


Graph model Zombie detection Network security Cloud computing Intrusion detection systems DDoS attacks Cloud security Survey 


  1. 1.
    Chung, C.-J., Cui, J. S., Khatkar, P., & Huang, D. (2013). Non-intrusive process-based monitoring system to mitigate and prevent VM vulnerability explorations. In 2013 9th International Conference Conference on Collaborative Computing: Networking, Applications and Worksharing (Collaboratecom) (pp. 21–30). IEEE.Google Scholar
  2. 2.
    Yongli, Z., Yungui, Z., Weiming, T., & Hongzhi, C. (2013). An improved feature selection algorithm based on MAHALANOBIS distance for network intrusion detection. In 2013 International Conference on Sensor Network Security Technology and Privacy Communication System (SNS & PCS) (pp. 69–73). IEEE.Google Scholar
  3. 3.
    Humphrey, M., Emerson, R., & Beekwilder, N. (2016). Unified, multi-level intrusion detection in private cloud infrastructures. In IEEE International Conference on Smart Cloud (SmartCloud) (pp. 11–15). IEEE.Google Scholar
  4. 4.
    Koli, M. S., & Chavan, M. K. (2017). An advanced method for detection of botnet traffic using intrusion detection system. In 2017 International Conference on Inventive Communication and Computational Technologies (ICICCT) (pp. 481–485). IEEE.Google Scholar
  5. 5.
    Alrajeh, N. A., Khan, S., & Shams, B. (2013). Intrusion detection systems in wireless sensor networks: A review. International Journal of Distributed Sensor Networks, 9(5), 167575.CrossRefGoogle Scholar
  6. 6.
    Wong, K., Dillabaugh, C., Seddigh, N., & Nandy, B. (2017). Enhancing Suricata intrusion detection system for cyber security in SCADA networks. In 2017 IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE) (pp. 1–5). IEEE.Google Scholar
  7. 7.
    Roschke, S., Cheng, F., & Meinel, C. (2011). A new alert correlation algorithm based on attack graph. In Computational Intelligence in Security for Information Systems (pp. 58–67). Berlin: Springer.Google Scholar
  8. 8.
    Sheyner, O., Haines, J., Jha, S., Lippmann, R., & Wing, J. M. (2002). Automated generation and analysis of attack graphs. In 2002 IEEE Symposium on Security and privacy, 2002. Proceedings (pp. 273–284). IEEE.Google Scholar
  9. 9.
    Ou, X., Boyer, W. F., & McQueen, M. A. (2006). A scalable approach to attack graph generation. In Proceedings of the 13th ACM Conference on Computer and Communications Security (pp. 336–345). ACM.Google Scholar
  10. 10.
    Souissi, S. (2015). Toward a novel rule-based attack description and response language. In 2015 11th International Conference on Information Assurance and Security (IAS) (pp. 44–49). IEEE.Google Scholar
  11. 11.
    Abduvaliyev, A., Pathan, A.-S. K., Zhou, J., Roman, R., & Wong, W.-C. (2013). On the vital areas of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials, 15(3), 1223–1237.CrossRefGoogle Scholar
  12. 12.
    Zonouz, S. A., Khurana, H., Sanders, W. H., & Yardley, T. M. (2014). RRE: A game-theoretic intrusion response and recovery engine. IEEE Transactions on Parallel and Distributed Systems, 25(2), 395–406.CrossRefGoogle Scholar
  13. 13.
    Roy, A., Kim, D. S., & Trivedi, K. S. (2010). Cyber security analysis using attack countermeasure trees. In Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (p. 28). ACM.Google Scholar
  14. 14.
    Chung, C.-J., Khatkar, P., Xing, T., Lee, J., & Huang, D. (2013). Nice: Network intrusion detection and countermeasure selection in virtual network systems. IEEE Transactions on Dependable and Secure Computing, 10(4), 198–211.CrossRefGoogle Scholar
  15. 15.
    Vaarandi, R. (2013). Detecting anomalous network traffic in organizational private networks. In 2013 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA) (pp. 285–292). IEEE.Google Scholar
  16. 16.
    Mishra, P., Pilli, E. S., Varadharajan, V., & Tupakula, U. (2017). Out-VM monitoring for malicious network packet detection in cloud. In Asia Security and Privacy (ISEASP), 2017 ISEA (pp. 1–10). IEEE.Google Scholar
  17. 17.
    Payne, B. D., Martim, D. P. A., & Lee, W. (2007). Secure and flexible monitoring of virtual machines. In Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual (pp. 385–397). IEEE.Google Scholar
  18. 18.
    Stefanova, Z., & Ramachandran, K. (2017). Network attribute selection, classification and accuracy (NASCA) procedure for intrusion detection systems. In 2017 IEEE International Symposium on Technologies for Homeland Security (HST) (pp. 1–7). IEEE.Google Scholar
  19. 19.
    Ingle, L., & Pakle, G. K. (2016). NIDSV: Network based intrusion detection and counter-measure excerption in virtual environment using AODV protocol. In International Conference on Inventive Computation Technologies (ICICT) (Vol. 3, pp. 1–6). IEEE.Google Scholar
  20. 20.
    Wang, Z., & Zhu, Y. (2017). A centralized HIDS framework for private cloud. In 2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD) (pp. 115–120). IEEE.Google Scholar
  21. 21.
    Jin, R., He, X., & Dai, H. (2017). On the tradeoff between privacy and utility in collaborative intrusion detection systems—a game theoretical approach. In Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp (pp. 45–51). ACM.Google Scholar
  22. 22.
    Singhal, A., & Ou, X. (2017). Security risk analysis of enterprise networks using probabilistic attack graphs. In Network Security Metrics (pp. 53–73). Berlin: Springer.Google Scholar
  23. 23.
    Mitchell, R., & Chen, R. (2016). Modeling and analysis of attacks and counter defense mechanisms for cyber physical systems. IEEE Transactions on Reliability, 65(1), 350–358.CrossRefGoogle Scholar
  24. 24.
    Xu, J., Yuan, X., Yu, A., Kim, J. H., Kim, T., & Zhang, J. (2016). Developing and evaluating a hands-on lab for teaching local area network vulnerabilities. In Frontiers in Education Conference (FIE), 2016 IEEE (pp. 1–4). IEEE.Google Scholar
  25. 25.
    Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine, 53(4), 52–59.CrossRefGoogle Scholar
  26. 26.
    Jiang, X., Wang, X., & Xu, D. (2007). Stealthy malware detection through VMM-based out-of-the-box semantic view reconstruction. In Proceedings of the 14th ACM Conference on Computer and communications Security (pp. 128–138). ACM.Google Scholar
  27. 27.
    Ning, P., Cui, Y., & Reeves, D. S. (2002). Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 245–254). ACM.Google Scholar
  28. 28.
    Yun, Y., Xi-shan, X., & Zhi-chang, Q. (2011). A probabilistic computing approach of attack graph-based nodes in large-scale network. Procedia Environmental Sciences, 10, 3–8.CrossRefGoogle Scholar
  29. 29.
    Hong, J. B., & Kim, D. S. (2016). Assessing the effectiveness of moving target defenses using security models. IEEE Transactions on Dependable and Secure Computing, 13(2), 163–177.CrossRefGoogle Scholar
  30. 30.
    Roy, A., Kim, D. S., Trivedi, K. S. (2012). Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees. In 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (pp. 1–12). IEEE.Google Scholar
  31. 31.
    Padhy, R. P., Patra, M. R., & Satapathy, S. C. (2011). Cloud computing: Security issues and research challenges. International Journal of Computer Science and Information Technology & Security (IJCSITS), 1(2), 136–146.Google Scholar
  32. 32.
    Ateniese, G., & Mangard, S. (2001). A new approach to DNS security (DNSSEC). In Proceedings of the 8th ACM conference on Computer and Communications Security (pp. 86–95). ACM.Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2019

Authors and Affiliations

  1. 1.Institute of TechnologyNirma UniversityAhmedabadIndia

Personalised recommendations