A Survey of Intrusion Detection Systems Leveraging Host Data
| Autor: | Michael D. Iannacone, Maria S. Vincent, Robert A. Bridges, Tarrah R. Glass-Vanderlan, Qian Chen |
|---|---|
| Rok vydání: | 2019 |
| Předmět: |
General Computer Science
Computer science Windows Registry 020206 networking & telecommunications 02 engineering and technology Intrusion detection system Data science Data type Theoretical Computer Science Program analysis System call 0202 electrical engineering electronic engineering information engineering Enterprise private network 020201 artificial intelligence & image processing Anomaly detection Host (network) |
| Zdroj: | ACM Computing Surveys. 52:1-35 |
| ISSN: | 1557-7341 0360-0300 |
| DOI: | 10.1145/3344382 |
| Popis: | This survey focuses on intrusion detection systems (IDS) that leverage host-based data sources for detecting attacks on enterprise network. The host-based IDS (HIDS) literature is organized by the input data source, presenting targeted sub-surveys of HIDS research leveraging system logs, audit data, Windows Registry, file systems, and program analysis. While system calls are generally included in audit data, several publicly available system call datasets have spawned a flurry of IDS research on this topic, which merits a separate section. To accommodate current researchers, a section giving descriptions of publicly available datasets is included, outlining their characteristics and shortcomings when used for IDS evaluation. Related surveys are organized and described. All sections are accompanied by tables concisely organizing the literature and datasets discussed. Finally, challenges, trends, and broader observations are throughout the survey and in the conclusion along with future directions of IDS research. Overall, this survey was designed to allow easy access to the diverse types of data available on a host for sensing intrusion, the progressions of research using each, and the accessible datasets for prototyping in the area. |
| Databáze: | OpenAIRE |
| Externí odkaz: |
|