A taxonomy of network threats and the effect of current datasets on intrusion detection systems
Hindy, Hanan ORCID: https://orcid.org/0000-0002-5195-8193, Brosset, David
ORCID: https://orcid.org/0000-0002-9677-1445, Bayne, Ethan
ORCID: https://orcid.org/0000-0003-1853-2921, Seeam, Amar
ORCID: https://orcid.org/0000-0001-8203-1545, Tachtatzis, Christos
ORCID: https://orcid.org/0000-0001-9150-6805, Atkinson, Robert
ORCID: https://orcid.org/0000-0002-6206-2229 and Bellekens, Xavier
ORCID: https://orcid.org/0000-0003-1849-5788
(2020)
A taxonomy of network threats and the effect of current datasets on intrusion detection systems.
IEEE Access, 8
.
pp. 104650-104675.
ISSN 2169-3536
[Article]
(doi:10.1109/ACCESS.2020.3000179)
|
PDF
- Published version (with publisher's formatting)
Available under License Creative Commons Attribution 4.0. Download (3MB) | Preview |
Abstract
As the world moves towards being increasingly dependent on computers and automation, building secure applications, systems and networks are some of the main challenges faced in the current decade. The number of threats that individuals and businesses face is rising exponentially due to the increasing complexity of networks and services of modern networks. To alleviate the impact of these threats, researchers have proposed numerous solutions for anomaly detection; however, current tools often fail to adapt to ever-changing architectures, associated threats and zero-day attacks. This manuscript aims to pinpoint research gaps and shortcomings of current datasets, their impact on building Network Intrusion Detection Systems (NIDS) and the growing number of sophisticated threats. To this end, this manuscript provides researchers with two key pieces of information; a survey of prominent datasets, analyzing their use and impact on the development of the past decade's Intrusion Detection Systems (IDS) and a taxonomy of network threats and associated tools to carry out these attacks. The manuscript highlights that current IDS research covers only 33.3% of our threat taxonomy. Current datasets demonstrate a clear lack of real-network threats, attack representation and include a large number of deprecated threats, which together limit the detection accuracy of current machine learning IDS approaches. The unique combination of the taxonomy and the analysis of the datasets provided in this manuscript aims to improve the creation of datasets and the collection of real-world data. As a result, this will improve the efficiency of the next generation IDS and reflect network threats more accurately within new datasets.
Item Type: | Article |
---|---|
Sustainable Development Goals: | |
Theme: | |
Keywords (uncontrolled): | Anomaly detection, datasets, intrusion detection systems, network attacks, network security, security threats, survey, taxonomy |
Research Areas: | A. > School of Science and Technology > Computer and Communications Engineering |
Item ID: | 35296 |
Notes on copyright: | This work is licensed under a Creative Commons Attribution 4.0 License. For more information, see https://creativecommons.org/licenses/by/4.0/ |
Depositing User: | Amar Kumar Seeam |
Date Deposited: | 29 Sep 2022 10:06 |
Last Modified: | 10 Oct 2022 09:58 |
URI: | https://eprints.mdx.ac.uk/id/eprint/35296 |
Actions (login required)
![]() |
View Item |
Statistics
Additional statistics are available via IRStats2.