Skip to main content
SpringerLink
Log in

A Survey on Different Network Intrusion Detection Systems and CounterMeasure

  • Conference paper
  • First Online:
Emerging Research in Computing, Information, Communication and Applications

Part of the book series: Advances in Intelligent Systems and Computing ((AISC,volume 906))

Abstract

Recent studies have pulled tons of research in the domain of cloud security and various intrusion detection systems (IDSs). This is because of advancement in the different types of attacks on computer systems. Distributed denial of service (DDoS) attack is one of them wherein the attackers can compromise the cloud system by exploiting vulnerabilities. Initially, during the multi-step exploration, vulnerability with low frequency along with the virtual machine which is identified and compromised are included in DDoS attacks. In this context, various IDSs have been surveyed with different countermeasure techniques including some effective techniques to minimize the malicious activities within end systems or networks. The main aim of IDSs is to detect different attacks within networks and end systems or to be precise against any information systems which are very difficult to maintain in a secure state for a long duration. Some studies have shown that the use of host-based systems and the network-based systems help to improve the attack detection. This paper focuses on the study of various well-known IDS and various techniques to minimize malicious activities within the system.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Chung, C.-J., Cui, J. S., Khatkar, P., & Huang, D. (2013). Non-intrusive process-based monitoring system to mitigate and prevent VM vulnerability explorations. In 2013 9th International Conference Conference on Collaborative Computing: Networking, Applications and Worksharing (Collaboratecom) (pp. 21–30). IEEE.

    Google Scholar 

  2. Yongli, Z., Yungui, Z., Weiming, T., & Hongzhi, C. (2013). An improved feature selection algorithm based on MAHALANOBIS distance for network intrusion detection. In 2013 International Conference on Sensor Network Security Technology and Privacy Communication System (SNS & PCS) (pp. 69–73). IEEE.

    Google Scholar 

  3. Humphrey, M., Emerson, R., & Beekwilder, N. (2016). Unified, multi-level intrusion detection in private cloud infrastructures. In IEEE International Conference on Smart Cloud (SmartCloud) (pp. 11–15). IEEE.

    Google Scholar 

  4. Koli, M. S., & Chavan, M. K. (2017). An advanced method for detection of botnet traffic using intrusion detection system. In 2017 International Conference on Inventive Communication and Computational Technologies (ICICCT) (pp. 481–485). IEEE.

    Google Scholar 

  5. Alrajeh, N. A., Khan, S., & Shams, B. (2013). Intrusion detection systems in wireless sensor networks: A review. International Journal of Distributed Sensor Networks, 9(5), 167575.

    Article  Google Scholar 

  6. Wong, K., Dillabaugh, C., Seddigh, N., & Nandy, B. (2017). Enhancing Suricata intrusion detection system for cyber security in SCADA networks. In 2017 IEEE 30th Canadian Conference on Electrical and Computer Engineering (CCECE) (pp. 1–5). IEEE.

    Google Scholar 

  7. Roschke, S., Cheng, F., & Meinel, C. (2011). A new alert correlation algorithm based on attack graph. In Computational Intelligence in Security for Information Systems (pp. 58–67). Berlin: Springer.

    Google Scholar 

  8. Sheyner, O., Haines, J., Jha, S., Lippmann, R., & Wing, J. M. (2002). Automated generation and analysis of attack graphs. In 2002 IEEE Symposium on Security and privacy, 2002. Proceedings (pp. 273–284). IEEE.

    Google Scholar 

  9. Ou, X., Boyer, W. F., & McQueen, M. A. (2006). A scalable approach to attack graph generation. In Proceedings of the 13th ACM Conference on Computer and Communications Security (pp. 336–345). ACM.

    Google Scholar 

  10. Souissi, S. (2015). Toward a novel rule-based attack description and response language. In 2015 11th International Conference on Information Assurance and Security (IAS) (pp. 44–49). IEEE.

    Google Scholar 

  11. Abduvaliyev, A., Pathan, A.-S. K., Zhou, J., Roman, R., & Wong, W.-C. (2013). On the vital areas of intrusion detection systems in wireless sensor networks. IEEE Communications Surveys & Tutorials, 15(3), 1223–1237.

    Article  Google Scholar 

  12. Zonouz, S. A., Khurana, H., Sanders, W. H., & Yardley, T. M. (2014). RRE: A game-theoretic intrusion response and recovery engine. IEEE Transactions on Parallel and Distributed Systems, 25(2), 395–406.

    Article  Google Scholar 

  13. Roy, A., Kim, D. S., & Trivedi, K. S. (2010). Cyber security analysis using attack countermeasure trees. In Proceedings of the Sixth Annual Workshop on Cyber Security and Information Intelligence Research (p. 28). ACM.

    Google Scholar 

  14. Chung, C.-J., Khatkar, P., Xing, T., Lee, J., & Huang, D. (2013). Nice: Network intrusion detection and countermeasure selection in virtual network systems. IEEE Transactions on Dependable and Secure Computing, 10(4), 198–211.

    Article  Google Scholar 

  15. Vaarandi, R. (2013). Detecting anomalous network traffic in organizational private networks. In 2013 IEEE International Multi-Disciplinary Conference on Cognitive Methods in Situation Awareness and Decision Support (CogSIMA) (pp. 285–292). IEEE.

    Google Scholar 

  16. Mishra, P., Pilli, E. S., Varadharajan, V., & Tupakula, U. (2017). Out-VM monitoring for malicious network packet detection in cloud. In Asia Security and Privacy (ISEASP), 2017 ISEA (pp. 1–10). IEEE.

    Google Scholar 

  17. Payne, B. D., Martim, D. P. A., & Lee, W. (2007). Secure and flexible monitoring of virtual machines. In Computer Security Applications Conference, 2007. ACSAC 2007. Twenty-Third Annual (pp. 385–397). IEEE.

    Google Scholar 

  18. Stefanova, Z., & Ramachandran, K. (2017). Network attribute selection, classification and accuracy (NASCA) procedure for intrusion detection systems. In 2017 IEEE International Symposium on Technologies for Homeland Security (HST) (pp. 1–7). IEEE.

    Google Scholar 

  19. Ingle, L., & Pakle, G. K. (2016). NIDSV: Network based intrusion detection and counter-measure excerption in virtual environment using AODV protocol. In International Conference on Inventive Computation Technologies (ICICT) (Vol. 3, pp. 1–6). IEEE.

    Google Scholar 

  20. Wang, Z., & Zhu, Y. (2017). A centralized HIDS framework for private cloud. In 2017 18th IEEE/ACIS International Conference on Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing (SNPD) (pp. 115–120). IEEE.

    Google Scholar 

  21. Jin, R., He, X., & Dai, H. (2017). On the tradeoff between privacy and utility in collaborative intrusion detection systems—a game theoretical approach. In Proceedings of the Hot Topics in Science of Security: Symposium and Bootcamp (pp. 45–51). ACM.

    Google Scholar 

  22. Singhal, A., & Ou, X. (2017). Security risk analysis of enterprise networks using probabilistic attack graphs. In Network Security Metrics (pp. 53–73). Berlin: Springer.

    Google Scholar 

  23. Mitchell, R., & Chen, R. (2016). Modeling and analysis of attacks and counter defense mechanisms for cyber physical systems. IEEE Transactions on Reliability, 65(1), 350–358.

    Article  Google Scholar 

  24. Xu, J., Yuan, X., Yu, A., Kim, J. H., Kim, T., & Zhang, J. (2016). Developing and evaluating a hands-on lab for teaching local area network vulnerabilities. In Frontiers in Education Conference (FIE), 2016 IEEE (pp. 1–4). IEEE.

    Google Scholar 

  25. Yan, Q., & Yu, F. R. (2015). Distributed denial of service attacks in software-defined networking with cloud computing. IEEE Communications Magazine, 53(4), 52–59.

    Article  Google Scholar 

  26. Jiang, X., Wang, X., & Xu, D. (2007). Stealthy malware detection through VMM-based out-of-the-box semantic view reconstruction. In Proceedings of the 14th ACM Conference on Computer and communications Security (pp. 128–138). ACM.

    Google Scholar 

  27. Ning, P., Cui, Y., & Reeves, D. S. (2002). Constructing attack scenarios through correlation of intrusion alerts. In Proceedings of the 9th ACM Conference on Computer and Communications Security (pp. 245–254). ACM.

    Google Scholar 

  28. Yun, Y., Xi-shan, X., & Zhi-chang, Q. (2011). A probabilistic computing approach of attack graph-based nodes in large-scale network. Procedia Environmental Sciences, 10, 3–8.

    Article  Google Scholar 

  29. Hong, J. B., & Kim, D. S. (2016). Assessing the effectiveness of moving target defenses using security models. IEEE Transactions on Dependable and Secure Computing, 13(2), 163–177.

    Article  Google Scholar 

  30. Roy, A., Kim, D. S., Trivedi, K. S. (2012). Scalable optimal countermeasure selection using implicit enumeration on attack countermeasure trees. In 2012 42nd Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN) (pp. 1–12). IEEE.

    Google Scholar 

  31. Padhy, R. P., Patra, M. R., & Satapathy, S. C. (2011). Cloud computing: Security issues and research challenges. International Journal of Computer Science and Information Technology & Security (IJCSITS), 1(2), 136–146.

    Google Scholar 

  32. Ateniese, G., & Mangard, S. (2001). A new approach to DNS security (DNSSEC). In Proceedings of the 8th ACM conference on Computer and Communications Security (pp. 86–95). ACM.

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute of Technology, Nirma University, Ahmedabad, 382481, Gujarat, India

    Divya Rajput & Ankit Thakkar

Authors
  1. Divya Rajput
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ankit Thakkar
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Divya Rajput .

Editor information

Editors and Affiliations

  1. Central University of Karnataka, Kalaburagi, Karnataka, India

    N. R. Shetty

  2. National Institute of Advanced Studies, Bangalore, Karnataka, India

    L. M. Patnaik

  3. Nitte Meenakshi Institute of Technology, Bangalore, Karnataka, India

    H. C. Nagaraj

  4. Nitte Meenakshi Institute of Technology, Bangalore, Karnataka, India

    Prasad Naik Hamsavath

  5. Nitte Meenakshi Institute of Technology, Bangalore, Karnataka, India

    N. Nalini

Rights and permissions

Reprints and permissions

Copyright information

© 2019 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Rajput, D., Thakkar, A. (2019). A Survey on Different Network Intrusion Detection Systems and CounterMeasure. In: Shetty, N., Patnaik, L., Nagaraj, H., Hamsavath, P., Nalini, N. (eds) Emerging Research in Computing, Information, Communication and Applications. Advances in Intelligent Systems and Computing, vol 906. Springer, Singapore. https://doi.org/10.1007/978-981-13-6001-5_41

Download citation

  • DOI: https://doi.org/10.1007/978-981-13-6001-5_41

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-13-6000-8

  • Online ISBN: 978-981-13-6001-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation