Skip to main content

Advances, Systems and Applications

Journal of Cloud Computing Cover Image

Table 1 A short comparison between anomaly IDS techniques with a focus on the advantages and disadvantages of each technique

From: Intrusion detection systems for IoT-based smart environments: a survey

Technique Advantages Disadvantages
Data mining 1- Models are created automatically 1- Based on historical data
  2- Applicable in different environments 2- Depends on complex algorithms
  3- Suitable for online datasets  
Machine learning 1- High detection accuracy 1- Requires training data
  2- Suitable for massive data volumes 2- Long training time
Statistical model 1- Suitable for online datasets 1- Based on historical behavior
  2- System simplicity 2- Detection accuracy depends on statistical and mathematical operations
Rule model 1- Suitable for online datasets 1- Based on a set of rules
  2- System simplicity 2- High false positive rate
Payload model 1- High detection accuracy for known attacks 1- Privacy issues
   2- Long processing time
Protocol model 1- High detection accuracy for a specific type of attack 1- Designed for a specific type of protocol
Signal processing model 1- High detection accuracy 1- Depends on complex pattern-recognition methods
  2- Low false positive rate