Skip to main content

Advances, Systems and Applications

Table 1 A short comparison between anomaly IDS techniques with a focus on the advantages and disadvantages of each technique

From: Intrusion detection systems for IoT-based smart environments: a survey

Technique

Advantages

Disadvantages

Data mining

1- Models are created automatically

1- Based on historical data

 

2- Applicable in different environments

2- Depends on complex algorithms

 

3- Suitable for online datasets

 

Machine learning

1- High detection accuracy

1- Requires training data

 

2- Suitable for massive data volumes

2- Long training time

Statistical model

1- Suitable for online datasets

1- Based on historical behavior

 

2- System simplicity

2- Detection accuracy depends on statistical and mathematical operations

Rule model

1- Suitable for online datasets

1- Based on a set of rules

 

2- System simplicity

2- High false positive rate

Payload model

1- High detection accuracy for known attacks

1- Privacy issues

  

2- Long processing time

Protocol model

1- High detection accuracy for a specific type of attack

1- Designed for a specific type of protocol

Signal processing model

1- High detection accuracy

1- Depends on complex pattern-recognition methods

 

2- Low false positive rate

Â