American Journal of Information Systems
ISSN (Print): 2374-1953 ISSN (Online): 2374-1988 Website: Editor-in-chief: Sergii Kavun
Open Access
Journal Browser
American Journal of Information Systems. 2016, 4(3), 69-88
DOI: 10.12691/ajis-4-3-2
Open AccessReview Article

A Survey on Secure Network: Intrusion Detection & Prevention Approaches

Manu Bijone1,

1M.Tech-Computer Science and Engineering, Lakshmi Narain College of Technology-Indore (RGPV, Bhopal), MP, India

Pub. Date: December 03, 2016

Cite this paper:
Manu Bijone. A Survey on Secure Network: Intrusion Detection & Prevention Approaches. American Journal of Information Systems. 2016; 4(3):69-88. doi: 10.12691/ajis-4-3-2


With the growth of the Internet and its potential, more and more people are getting connected to the Internet every day to take advantage of the e-Commerce. On one side, the Internet brings in tremendous potential to business in terms of reaching the end users. At the same time it also brings in lot of security risk to the business over the network. With the growth of cyber-attacks, information safety has become an important issue all over the world. Intrusion detection systems (IDSs) are an essential element for network security infrastructure and play a very important role in detecting large number of attacks. This survey paper introduces a detailed analysis of the network security problems and also represents a review of the current research. The main aim of the paper is to finds out the problem associated with network security for that various existing approaches related to intrusion detection and preventions are discussed. This survey focuses on presenting the different issues that must be addressed to build fully functional and practically usable intrusion detection systems (IDSs). It points out the state of the art in each area and suggests important open research issues.

network security intrusion detection system cyber attacks intrusion prevention system data security artificial neural networks computer network soft computing swarm intelligence fuzzy system

Creative CommonsThis work is licensed under a Creative Commons Attribution 4.0 International License. To view a copy of this license, visit


[1]  Shyam Nandan Kumar, “Cryptography during Data Sharing and Accessing Over Cloud.” International Transaction of Electrical and Computer Engineers System, vol. 3, no. 1 (2015): 12-18.
[2]  Shyam Nandan Kumar, “DecenCrypto Cloud: Decentralized Cryptography Technique for Secure Communication over the Clouds.” Journal of Computer Sciences and Applications, vol. 3, no. 3 (2015): 73-78.
[3]  Shyam Nandan Kumar, “Review on Network Security and Cryptography.” International Transaction of Electrical and Computer Engineers System, vol. 3, no. 1 (2015): 1-11.
[4]  Shyam Nandan Kumar, “World towards Advance Web Mining: A Review.” American Journal of Systems and Software, vol. 3, no. 2 (2015): 44-61.
[5]  Mark Handley, Vern Paxson, and Christian Kreibich, “Network Intrusion Detection: Evasion, Traffic Normalization, and End-to- End Protocol Semantics”, 10th USENIX Security Symposium, Washington, D.C., pp.13-17, August 2001.
[6]  Vern Paxson, “Bro: A System for Detecting Network Intruders in Real-Time,” Computer Networks, 31, pp. 2435-2463, Dec. 1999.
[7]  Y. Yasami and S. P. Mozaffari, “A novel unsupervised classification approach for network anomaly detection by k-Means clustering and ID3 decision tree learning methods,” The Journal of Supercomputing, vol. 53, pp. 231-245, 2010.
[8]  Michael E. Whitman; Herbert J. Mattord, “Principles of Information Security”, Cengage Learning EMEA, 2009.
[9]  Intrusion Detection System, Wikipedia,, Oct-2016.
[10]  Jeong H, Hyun W, Lim J, You I, “Anomaly teletraffic intrusion detection systems on hadoop-based platforms: A survey of some problems and solutions” (NBiS), 15th international conference on. IEEE, Melbourne, Australia, pp. 766-770.
[11]  Cheon J, Choe T-Y, “Distributed processing of snort alert log using hadoop”, Int J Eng Technol(0975-4024) 2013, 5(3): 2685-2690.
[12]  Lee Y, Lee Y, “Toward scalable internet traffic measurement and analysis with hadoop”, ACM SIGCOMM Comput Commun Rev, vol. 43(1), pp. 5-13.
[13]  Bass T, “Intrusion detection systems and multisensor data fusion”, Commun ACM 2000, 43(4), pp. 99-105.
[14]  Rouse M, “Security information and event management (SIEM), 2012.
[15]  K. Das, “Protocol anomaly detection for network-based intrusion detection”, GSEC Practical Assignment Version 1.2f SANS Institute, 2001.
[16]  F.N. Sabri, N.M. Norwawi, K. Seman, “Identifying false alarm rates for intrusion detection system with Data Mining”, IJCSNS International Journal of Computer Science and Network Security, vol.11, 2011.
[17]  S.X. Wu, W. Banzhaf, “The use of computational intelligence in intrusion detection systems: A Review”, Applied Soft Computing Journal 10, 2010.
[18]  S. Wu, E. Yen, “Data mining-based intrusion detectors”, Expert Systems with Applications 36, 2009.
[19]  Jelena Mirkovic, Sven Dietrich, David Dittrich and Peter Reiher, “Internet Denial of Service: Attack and Defense Mechanisms”, Prentice Hall PTR, 2005.
[20]  FBI agents bust 'Botmaster', Reuters News Service, November 4, 2005.
[21]  Alex Lam, “New IPS to Boost Security, Reliability and Performance of the Campus Network,” Newsletter of Computing Services Center, 2005.
[22]  Y. F. Jou, F. Gong, C. Sargor, X. Wu, S. Wu, H. Chang, and F. Wang, “Design and Implementation of a Scalable Intrusion Detection System for the Protection of Networks Infrastructure,” Proceedings of DARPA Information Survivability Conference and Exposition, vol. 2, pp. 69-83, January 2000.
[23]  E. Y. K. Chan et al., “IDR: An Intrusion Detection Router for Defending against Distributed Denial-of-Service (DDoS) Attacks,” 7th International Symposium on Parallel Architectures, Algorithms and Networks (ISPAN'04), pp. 581-586, May 2004.
[24]  “NIST – Guide to Intrusion Detection and Prevention Systems (IDPS)”, February 2007.
[25]  Robert C. Newman, “Computer Security: Protecting Digital Resources”, Jones & Bartlett Learning, 2009.
[26]  Tim Boyles, “CCNA Security Study Guide: Exam 640-553”, John Wiley and Sons, pp. 249, 2010.
[27]  Harold F. Tipton, Micki Krause, “Information Security Management Handbook”, CRC Press, pp. 1000, 2007.
[28]  Scarfone, Karen; Mell, Peter, “Guide to Intrusion Detection and Prevention Systems (IDPS)”, Computer Security Resource Center, National Institute of Standards and Technology (800-94), 2007.
[29]  OSSEC,, Oct-20116.
[30]  OSSEC, Wikipedia,, Oct-2016.
[31]  Open Source Tripwire, Wikipedia,, Oct-2016.
[32]  SNORT-Network Intrusion Detection & Prevention System,, Oct-2016.
[33]  SMART Watch,, Oct-2016.
[34]  BRO, Wikipedia,, Oct-2016.
[35]  Prelude Hybrid IDS, Wikipedia,, Oct-2016.
[36]  Suricata,, Oct-2016.
[37]  Oludele Awodele, Sunday Idowu, Omotola Anjorin, and Vincent J. Joshua, “A Multi-Layered Approach to the Design of Intelligent Intrusion Detection and Prevention System (IIDPS)”, Babcock University, vol. 6, 2009.
[38]  Song, J., Takakura, H., Okabe, Y., & Nakao, K., “Toward a more practical unsupervised anomaly detection system, Information Sciences”, 231, pp. 4-14, 2013.
[39]  Chopra, V., Saini, S., & Choudhary, A. K., “A Novel Approach for Intrusion Detection”, IJCSI, vol 8. Issue 4, pp. 294-297, 2011.
[40]  Zhao, G., Song, J., & Song, J., “Analysis about Performance of Multiclass SVM Applying in IDS”, International Conference on Information, Business and Education Technology (ICIBET 2013). Atlantis Press, 2013.
[41]  Araki, S., Yamaguchi, Y., Shimada, H., & Takakura, H., “Unknown Attack Detection by Multistage One-Class SVM Focusing on Communication Interval”, In Neural Information Processing, pp. 325-332, 2014, Springer International Publishing.
[42]  Enache, A. C., & Patriciu, V. V., “Intrusions detection based on Support Vector Machine optimized with swarm intelligence”, 9th International Symposium on Applied Computational Intelligence and Informatics (SACI), pp. 153-158, 2014, IEEE.
[43]  Catania, C. A., Bromberg, F., & Garino, C. G., “An autonomous labeling approach to support vector machines algorithms for network traffic anomaly detection”, Expert Systems with Applications, 39(2), pp. 1822-1829, 2012.
[44]  Yi, Y., Wu, J., & Xu, W., “Incremental SVM based on reserved set for network intrusion detection”, Expert Systems with Applications, 38(6), pp.7698-7707, 2011.
[45]  Atefi, K., Yahya, S., Dak, A. Y., and Atefi, A., “A hybrid intrusion detection system based on different machine learning algorithms”, 4th International Conference on Computing and Informatics, Sarawak, Malaysia, pp. 312-320, 2013.
[46]  Ahmad, I., Hussain, M., Alghamdi, A., and Alelaiwi, A., “Enhancing SVM performance in intrusion detection using optimal feature subset selection based on genetic principal components” Neural Computing and Applications, 24(7-8), pp.1671-1682, 2014.
[47]  Sung, A. H., & Mukkamala, S., “Identifying important features for intrusion detection using support vector machines and neural networks,” Symposium on Applications and the Internet, pp. 209-216, 2003, IEEE.
[48]  Y. Yasami and S. P. Mozaffari, “A novel unsupervised classification approach for network anomaly detection by k-Means clustering and ID3 decision tree learning methods,” The Journal of Supercomputing, vol. 53, pp. 231-245, 2010.
[49]  Garcia-Teodoro, Pedro, J. Diaz-Verdejo, Gabriel M.; Enrique V., “Anomaly-based network intrusion detection: Techniques, systems and challenges” computers & security, vol.28, no. 1, pp. 18, 28, 2009.
[50]  Dickerson; John E., Julie D., “Fuzzy network profiling for intrusion detection”, 19th International Conference of the North American Fuzzy Information Processing Society (NAFIPS), Atlanta, GA, pp. 301, 306, 2000.
[51]  Eskin; Eleazar, Andrew A., Michael P., Leonid P., Sal S., “A geometric framework for unsupervised anomaly detection: Detecting intrusions in unlabeled data”, D. Barbar and S. Jajodia (Eds.), Data Mining for Security Applications, Boston: Kluwer Academic Publishers, May 2002.
[52]  Honig; Andrew, Andrew H., Eleazar E., Salvatore S., “Adaptive model generation: An architecture for the deployment of data mining based intrusion detection systems”, D. Barbar and S. Jajodia (Eds.), Data Mining for Security Applications. Boston, Kluwer Academic Publishers, May 2002.
[53]  Ghosh; Anup K., Aaron S., Michael S., “Learning program behavior profiles for intrusion detection”, 1st USENIX, 9-12 Apr. 1999.
[54]  Shyam Nandan Kumar, “Technique for Security of Multimedia using Neural Network”, International Journal of Research in Engineering Technology and Management, vol. 2, issue 5, pp.1-7, 2014.
[55]  Jian P., Shambhu U., Faisal F., Venugopal G., “Data Mining for Intrusion Detection – Techniques, Applications and Systems”, Data Mining Techniques for Intrusion Detection and Computer Security, University at Buffalo, New York, 2004.
[56]  Varun C, Arindam B., Vipin K., “Anomaly Detection: A Survey”, ACM Computing Surveys, Vol. 41, No. 3, Article 15, July 2009.
[57]  Herve D., Marc D., Andreas W., “Towards a Taxonomy of Intrusion Detection Systems”, Computer Networks, Elsevier, vol. 31, pp. 805, 822, 1999.
[58]  Qayyum, A., Islam, M.H., Jamil, M., “Taxonomy of statistical based anomaly detection techniques for intrusion detection” IEEE Symposium on Emerging Technologies, pp. 270,276, 17-18 Sept. 2005.
[59]  A. Midzic, Z. Avdagic, and S. Omanovic, “Intrusion detection system modeling based on neural networks and fuzzy logic”, IEEE 20th Jubilee International Conference on Intelligent Engineering Systems (INES), 2016.
[60]  Lijun Dong, Min Du, Shengsheng Yu, and Rongtao Liao, “Secure Vault: An Intrusion Prevention Model for Ender-Users”, International Conference on Computational Intelligence and Security Workshops, CISW 2007.
[61]  Alaa Al-hamami, and Tahani Alawneh, “Developing a Host Intrusion Prevention System by Using Data Mining”, International Conference on Advanced Computer Science Applications and Technologies (ACSAT-2012).
[62]  Satomi Honda, Yuki Unno, Koji Maruhashi, Masahiko Takenaka, and Satoru Torii, “TOPASE: Detection of brute force attacks used disciplined IPs from IDS log”, IFIP/IEEE International Symposium on Integrated Network Management (IM), 2015.
[63]  Shyam Nandan Kumar, and Amit Vajpayee, “A Survey on Secure Cloud: Security and Privacy in Cloud Computing”, American Journal of Systems and Software, vol. 4, no. 1, pp. 14-26, 2016
[64]  Shyam Nandan Kumar, and Amit Vajpayee, “ASP: Advanced Security Protocol for Security and Privacy in Cloud Computing.” American Journal of Information Systems, vol. 4, no. 2, pp. 17-31. 2016.
[65]  Shyam Nandan Kumar, “Advanced Technique for Monitoring and Shielding in Wi-Fi Technology”, International Journal of Research in Engineering Technology and Management, vol. 2, issue 3, pp. 1-6, 2014.
[66]  T.F. Lunt, A. Tamaru, F. Gilham, R. Jagannathan, P.G. Neumann, H.S. Javitz, A. Valdes, T.D. Garvey, “A realtime intrusion detection expert system (IDES) - Final Technical Report, Technical Report”, SRI Computer Science Laboratory, SRI International, Melno Park, CA, February 1992.
[67]  M. Crosbie, B. Dole, T. Ellis, I. Irsul, E. SpaffSord, “IDIOT - Users Guide”, COAST Laboratory, Purdue University, 1398 Computer Science Building, West Lafayette, IN 47907-1398, September 1996.
[68]  J. Hochberg, K. Jackson, C. Stallings, J.F. McClary, D. DuBois, J. Ford, “NADIR: an automated system for detecting network intrusion and misuse”, Computers and Security vol. 12 (3), pp.235-248, 1993.
[69]  L. Heberlein, G. Dias, K. Levitt, B. Mukherjee, J. Wood, D. Wolber, “A network security monitor”, IEEE Symposium on Research in Security and Privacy, May 1990.
[70]  S.R. Snapp, S. Smaha, D.M. Teal, T. Grance, “The DIDS (distributed intrusion detection system) prototype”, USENIX Summer 1992 Technical Conference, San Antonio, TX, June 1992.
[71]  S. Cheung, R. Crawford, M. Dilger, J. Frank, J. Hoagland, K. Levitt, J. Rowe, S. Staniford-Chen, R. Yip, D. Zerkle, “The design of GrIDS: a graph-based intrusion detection system”, Technical Report CSE-99-2, Department of Computer Science, University of California at Davis, Davis, CA, January 1999.
[72]  P.A. Porras, P.G. Neumann, “EMERALD: Event monitoring enabling responses to anomalous live disturbances”, 20th National Information Systems Security Conference, National Institute of Standards and Technology, 1997.
[73]  J.S. Balasubramaniyan, J.O. Garcia-Fernandez, E. Spafford, D. Zamboni, “An architecture for intrusion detection using autonomous agents”, Technical Report 98-05, COAST Laboratory, Purdue University, May 1998.
[74]  Kuang, F., Xu, W., and Zhang, S., “A novel hybrid KPCA and SVM with GA model for intrusion detection”, Applied Soft Computing, vol. 18, pp.178-184, 2014.
[75]  Chitrakar, R., and Huang, C., “Selection of Candidate Support Vectors in incremental SVM for network intrusion detection”, Computers & Security, vol. 45, pp. 231-241, 2014.
[76]  Tavallaee M, Bagheri E, Lu W, Ghorbani AA, “A detailed analysis of the kdd cup 99 data set”, Second IEEE international conference on Computational intelligence for security and defense applications, IEEE Press, Piscataway, NJ, USA, CISDA’09, pp 53-58.
[77]  Rohit Shukla, and Maninder Singh, “PythonHoneyMonkey: Detecting malicious web URLs on client side honeypot systems”, 3rd International Conference on Reliability, Infocom Technologies and Optimization (ICRITO), 2014.
[78]  Wan YuWen, You JinXin, Guo Fan, and Xu ShuFang, “Polymorphic worms signature extraction based-on improved ant colony algorithm”, 9th International Conference on Computer Science & Education (ICCSE), 2014.
[79]  Monther Aldwairi, and Koloud Al-Khamaiseh, “Exhaust: Optimizing Wu-Manber pattern matching for intrusion detection using Bloom filters”, 2nd World Symposium on Web Applications and Networking (WSWAN), 2015.
[80]  Eduardo Viegas, Altair Santin, Andre Franca, Ricardo Jasinski, Volnei Pedroni, and Luiz Oliveira, “Towards an Energy-Efficient Anomaly-Based Intrusion Detection Engine for Embedded Systems”, IEEE Transactions on Computers, vol: PP, Issue: 99, pp.1-1, 2016.
[81]  Dipika Narsingyani, and Ompriya Kale, “Optimizing false positive in anomaly based intrusion detection using Genetic algorithm”, IEEE 3rd International Conference on MOOCs, Innovation and Technology in Education (MITE), 2015.
[82]  Manu Bijone, and Jitendra Dangra, “A Survey of Signature Based & Statistical Based Intrusion Detection Techniques”, IJSRD - International Journal for Scientific Research & Development, Vol. 4, Issue 08, pp. 583-585, 2016.
[83]  Geethapriya Thamilarasu, and Zhiyuan Ma, “Autonomous mobile agent based intrusion detection framework in wireless body area networks”, IEEE 16th International Symposium on a World of Wireless, Mobile and Multimedia Networks (WoWMoM), 2015.
[84]  N Santosh, R Saranyan, kumar P Senthil, and V. Vetriselvi, “16th International Conference on Advanced Computing and Communications, ADCOM 2008.
[85]  Hisham A. Kholidy, Abdelkarim Erradi, Sherif Abdelwahed, and Fabrizio Baiardi, “HA-CIDS: A Hierarchical and Autonomous IDS for Cloud Systems”, 2013 Fifth International Conference on Computational Intelligence, Communication Systems and Networks (CICSyN), IEEE.
[86]  Hisham A. Kholidy, Abdelkarim Erradi, Sherif Abdelwahed, and Fabrizio Baiardi, “A hierarchical, autonomous, and forecasting cloud IDS”, International Conference on Modelling, Identification & Control (ICMIC), 2013, IEEE.
[87]  I-Hsuan Huang, and Cheng-Zen Yang, “Design of an Active Intrusion Monitor System”, IEEE 37th Annual 2003 International Carnahan Conference on Security Technology.
[88]  Han-Pang Huang, and Chia-Ming Chang, “An active network-based intrusion detection and response systems”, IEEE International Conference on Networking, Sensing and Control, 2004.
[89]  Khattab M. Ali Alheeti, and Klaus McDonald-Maier, “Hybrid intrusion detection in connected self-driving vehicles”, 22nd International Conference on Automation and Computing (ICAC), 2016, IEEE.
[90]  Iftikhar Ahmad, Azween B Abdullah, and Abdullah S Alghamdi, “Remote to Local attack detection using supervised neural network”, International Conference for Internet Technology and Secured Transactions (ICITST), 2010, IEEE.
[91]  Zorana Bankovic, Slobodan Bojanic, Octavio Nieto-Taladriz, and Atta Badii, “Increasing Detection Rate of User-to-Root Attacks Using Genetic Algorithms”, International Conference on Emerging Security Information, Systems, and Technologies, IEEE, 2007.