Misuse and Anomaly Based Combined Hybrid Approaches for Intrusion Detection: A Survey

Abstract: Intrusion Detection Systems (IDS) can be defined with various detection techniques. Misuse based and anomaly based detection techniques are some of the techniques used for identifying the known and unknown attacks. This paper shows a survey on both misuse and anomaly based detection techniques for IDS where it is observed that these two techniques when applied at a time gives better results than when applied individually on a particular dataset and it has been depicted in this paper by considering a case study where decision support system and expert rule based approach are applied on KDD 99 dataset for observing both normal and abnormal behaviour of the data.

Keywords: Intrusion Detection Systems, Misuse based systems, Anomaly based systems