Bohara Binita, Bhuyan Jay, Wu Fan, Ding Junhua
Dept.of Computer Science, Tuskegee University, Tuskegee, AL, USA.
Dept.of Information Science, University of North Texas, Texas, USA.
Int J Netw Secur Appl. 2020 Jan;12(1):1-18. doi: 10.5121/ijnsa.2020.12101.
In the present world, it is difficult to realize any computing application working on a standalone computing device without connecting it to the network. A large amount of data is transferred over the network from one device to another. As networking is expanding, security is becoming a major concern. Therefore, it has become important to maintain a high level of security to ensure that a safe and secure connection is established among the devices. An intrusion detection system (IDS) is therefore used to differentiate between the legitimate and illegitimate activities on the system. There are different techniques are used for detecting intrusions in the intrusion detection system. This paper presents the different clustering techniques that have been implemented by different researchers in their relevant articles. This survey was carried out on 30 papers and it presents what different datasets were used by different researchers and what evaluation metrics were used to evaluate the performance of IDS. This paper also highlights the pros and cons of each clustering technique used for IDS, which can be used as a basis for future work.
在当今世界,很难实现任何一个独立的计算设备在不连接网络的情况下运行计算应用程序。大量的数据通过网络从一个设备传输到另一个设备。随着网络的不断扩展,安全正成为一个主要问题。因此,保持高度的安全性以确保在设备之间建立安全可靠的连接变得至关重要。因此,入侵检测系统(IDS)被用于区分系统上的合法和非法活动。在入侵检测系统中使用了不同的技术来检测入侵。本文介绍了不同研究人员在其相关文章中实现的不同聚类技术。这项调查是在30篇论文上进行的,它展示了不同研究人员使用了哪些不同的数据集,以及使用了哪些评估指标来评估IDS的性能。本文还强调了用于IDS的每种聚类技术的优缺点,这可以作为未来工作的基础。
