Skip to main content

Table 5 Comparisons of IDS technology types, using examples from the literature. “P” indicates pre-defined attacks and “Z” indicates zero-day attacks

From: Survey of intrusion detection systems: techniques, datasets and challenges

Detection Source HIDS NIDS Capability
Detection methods SIDS Wagner and Soto (2002) Hubballi and Suryanarayanan (2014) P
AIDS Statistics based Ara, Louzada & Diniz (2017) Tan, et al. (2014); Camacho, et al. (2016) Z
Knowledge-based Mitchell and Chen (2015)
Creech and Hu (2014b)
Hendry and Yang (2008)
Shakshuki, et al. (2013)
Zargar, et al. (2013)
Machine learning Du, et al. (2014)
Wang, et al. (2010)
Elhag, et al. (2015);
Kim, et al. (2014); Hu, et al. (2014)
SIDS+ AIDS Alazab, et al. (2014); Stavroulakis and Stamp (2010); Liu, et al. (2015) P + Z