A survey of intrusion detection and prevention systems

被引：59

作者：

Patel A. ^{[1
,2
]}

Qassim Q. ^{[1
]}

Wills C. ^{[2
]}

机构：

[1] Department of Computer Science, Faculty of Information Science and Technology, National University of Malaysia, Bangi

[2] Faculty of Computing Information Systems and Mathematics, Kingston University, Kingston upon Thames

来源：

Information Management and Computer Security | 2010年 / 18卷 / 04期

关键词：

Data security; Information management; Risk management;

D O I：

10.1108/09685221011079199

中图分类号：

学科分类号：

摘要：

Purpose: The problem of protecting information and data flows has existed from the very first day of information exchange. Various approaches have been devised to protect and transfer such information securely. However, as technology and communications advance and information management systems become more and more powerful and distributed, the problem has taken on new and more complex dimensions and has become a major challenge. The widespread use of wired and wireless communication networks, internet, web applications and computing has increased the gravity of the problem. Organizations are totally dependent on reliable, secure and fault-tolerant systems, communications, applications and information bases. Unfortunately, serious security and privacy breaches still occur every day, creating an absolute necessity to provide secure and safe information security systems through the use of firewalls, intrusion detection and prevention systems (ID/PSs), encryption, authentication and other hardware and software solutions. This paper aims to address these issues. Design/methodology/approach: This survey presents an up-to-date comprehensive state of the art overview of ID/PSs based on risk analysis, a description of what ID/PSs are, the functions they serve, its two primary types and different methods of ID that may employ. Findings: As security incidents are increasing and are more aggressive, ID/PSs have also become increasingly necessary, they compliment the arsenal of security measures, working in conjunction with other information security tools such as malware filters and firewalls. Because of a growing number of intrusion events and also because the internet and local networks together with user applications have become so ubiquitous, the need arises to use sophisticated advanced techniques from autonomic computing, machine learning, artificial intelligence and data mining to make intelligent/smart ID/PSs. Originality/value: This paper perceives the requirements of developing a new detection mechanism to detect known and unknown threats, based on intelligent techniques such as machine learning and autonomic computing. © Emerald Group Publishing Limited 0968-5227.

引用

页码：277 / 290

页数：13

共 35 条

[1] Adams J., CheckFree's Hack Attack Has A Long tail, (2009)
[2] Alexander S., Hacker attacks Ceridian
[3] data from 27, 000 at risk, Star Tribune, (2010)
[4] Annese J., Former Federal Reserve Bank Employee From Elm Park Admits fraud, (2009)
[5] Beal V., Intrusion Detection (IDS) and Prevention (IPS) systems, (2005)
[6] Bosch S.I., Security Breach Compromises Information on 1, 400 District 86 grads, (2009)
[7] Bray C., Computer Technician Charged in Identity Theft (Bank of New York Mellon), (2009)
[8] Brown D.J., Suckow B., Wang T., A Survey of Intrusion Detection Systems, (2002)
[9] Chichakli R., Information Systems Risk management, (2009)
[10] Cluley G., 30, 000 Kaiser Permanente Workers Warned of Identity Theft risk, (2009)

← 1 2 3 4 →