A Survey and Taxonomy of Lightweight Intrusion Detection
Systems
Sang Min Lee1*, Dong Seong Kim2, and
Jong Sou Park1
1Korea Aerospace
University
Goyang, South Korea
{minuri33, jspark}@kau.ac.kr
2University of
Canterbury
Christchurch, New Zealand
dongseong.kim@canterbury.ac.nz
Abstract
Internet and computer networks are exposed to an ever increasing number of
security threats that can damage computer systems and communication channels.
Firewalls are used to defend systems but still they are not enough to provide
full protection to the systems. Then, the concern with Intrusion Detection
Systems (IDSs) has been growing for network security over the past years. Due
to the increasing of networks¡¯ speed and the amount of network traffic, it is
essential that IDSs need to be lightweight to cope with it. Therefore, two representative
methodologies have been applied to make IDSs lightweight, feature selection and
parameter optimization. In this paper, we introduce concepts and algorithms of
them and survey existing approaches which have used them. In particular, we
review the previous approaches according to three broad categories: spam,
Denial-of-Service (DoS) and Distributed Denial-of-Servive (DDoS) attacks
detection since they are the most threatening intrusions these days. Finally,
we conclude the survey by identifying trends and open challenges of lightweight
IDSs research and development. Our hope is that this paper sheds some light on
a fruitful direction of future research for lightweight IDSs.
.
Keywords: Intrusion detection system, parameters optimization,
feature selection
*Corresponding author: Computer Engineering Department,
Korea Aerospace University,
200-1, Hwajeon-dong, Dukyang-gu, Goyang-city, Gyeonggi-do,
South Korea
Journal of Internet
Services and Information Security (JISIS), 2(1/2):
119-131, February 2012 [pdf]