Volume 2 - Issue 1 – 2
A Survey and Taxonomy of Lightweight Intrusion Detection Systems
- Sang Min Lee
Korea Aerospace University, Goyang, South Korea
minuri33@kau.ac.kr
- Dong Seong Kim
University of Canterbury, Christchurch, New Zealand
dongseong.kim@canterbury.ac.nz
- Jong Sou Park
Korea Aerospace University, Goyang, South Korea
jspark@kau.ac.kr
Keywords: Intrusion detection system, parameters optimization, feature selection
Abstract
Internet and computer networks are exposed to an ever increasing number of security threats that can
damage computer systems and communication channels. Firewalls are used to defend systems but
still they are not enough to provide full protection to the systems. Then, the concern with Intrusion
Detection Systems (IDSs) has been growing for network security over the past years. Due to the
increasing of networks’ speed and the amount of network traffic, it is essential that IDSs need to be
lightweight to cope with it. Therefore, two representative methodologies have been applied to make
IDSs lightweight, feature selection and parameter optimization. In this paper, we introduce concepts
and algorithms of them and survey existing approaches which have used them. In particular, we
review the previous approaches according to three broad categories: spam, Denial-of-Service (DoS)
and Distributed Denial-of-Servive (DDoS) attacks detection since they are the most threatening in-
trusions these days. Finally, we conclude the survey by identifying trends and open challenges of
lightweight IDSs research and development. Our hope is that this paper sheds some light on a fruit-
ful direction of future research for lightweight IDSs.