Methods of intrusion detection in information security incident detection: a comparative study

The advance development in technology have made internet and online application and network usage become one of the important element in human life. With the high demand from the corporate and enterprise, more and more security appliances were developed and deployed, such as IDS (Intrusion Detection...

Full description

Bibliographic Details
Main Authors: Tan, Fui Bee, Yau, Ti Dun, M. N. M., Kahar
Format: Conference or Workshop Item
Language:English
Published: Universiti Malaysia Pahang 2018
Subjects:
Online Access:http://umpir.ump.edu.my/id/eprint/23042/
http://umpir.ump.edu.my/id/eprint/23042/
http://umpir.ump.edu.my/id/eprint/23042/7/Methods%20of%20intrusion%20detection%20in%20information%20security%20incident%20detection9.pdf
Description
Summary:The advance development in technology have made internet and online application and network usage become one of the important element in human life. With the high demand from the corporate and enterprise, more and more security appliances were developed and deployed, such as IDS (Intrusion Detection Systems), IPS (Intrusion Prevention Systems), Firewall, and SIEM (Security Information and Event Management). All these security tools have serve same purpose which is to safe guard the whole enterprise network. However, every single tool has different ways of detection and accuracy of the detection. This was due to each solution deploy was highly depended with the algorithms reside in the program loaded in the security tools. These algorithms and methods provide fast and high rate of detection. However, it also produces high false alarm rate (low accuracy) and unable to handle high volume of data. This have attracted researchers to find algorithms and methods that can detect intrusions in a short period of time within a huge volume of data with high accuracy. The objective of this paper is to study and make a comparison among the available intrusion detections algorithms and methods in the intrusion detections. Focus will be given to research that have produced new intrusion detection algorithms, framework and model as well as their gaps in the research. Their research results and gaps can lead to any possible future research to identify new intrusion detection methods.