Ulster University Logo

Flow-based intrusion detection: Techniques and challenges

Umer, Muhammad Fahad, Sher, Muhammad and Bi, Yaxin (2017) Flow-based intrusion detection: Techniques and challenges. Computers & Security, 70 (16). pp. 238-254. [Journal article]

[img] Text - Accepted Version
522kB
[img] Text - Supplemental Material
Restricted to Repository staff only

120kB

DOI: 10.1016/j.cose.2017.05.009

Abstract

Flow-based intrusion detection is an innovative way of detecting intrusions in high-speed networks. Flow-based intrusion detection only inspects the packet header and does not analyze the packet payload. This paper gives an intro- duction to a flow-based intrusion detection system and surveys state of the art in flow-based intrusion detection. It also describes the available flow-based datasets used for evaluation of flow-based intrusion detection systems. The paper proposes a taxonomy for flow-based intrusion detection systems on the basis of the technique used for detection of maliciousness in IP flow records. We review the architecture and evaluation results of available flow-based intrusion detection systems and identify important research challenges for future research in the area of flow-based intrusion detection.

Item Type:Journal article
Keywords:IP flows, Flow-based intrusion detection, Flow-based datasets, Machine learning
Faculties and Schools:Faculty of Computing & Engineering
Faculty of Computing & Engineering > School of Computing and Mathematics
Research Institutes and Groups:Computer Science Research Institute
Computer Science Research Institute > Artificial Intelligence and Applications
ID Code:38948
Deposited By: Dr Yaxin Bi
Deposited On:01 Nov 2017 16:05
Last Modified:02 Jun 2018 22:23

Repository Staff Only: item control page