UPSI Digital Repository (UDRep)
Start | FAQ | About
Menu Icon
QR Code Link :

Type :Article
Subject :T Technology (General)
ISSN :0219-6220
Main Author :Alamoodi, Abdullah Hussein
Title :Multi-attribute decision-making for intrusion detection systems: a systematic review
Hits :94
Place of Production :Tanjung Malim
Publisher :Fakulti Komputeran dan Meta Teknologi
Year of Publication :2023
Notes :International Journal of Information Technology and Decision Making
Corporate Name :Universiti Pendidikan Sultan Idris
HTTP Link : Click to view web link
PDF Full Text :You have no permission to view this item.

Abstract : Universiti Pendidikan Sultan Idris
Intrusion detection systems (IDSs) employ sophisticated security techniques to detect malicious activities on hosts and/or networks. IDSs have been utilized to ensure the security of computer and network systems. However, numerous evaluation and selection issues related to several cybersecurity aspects of IDSs were solved using a decision support approach. The approach most often utilized for decision support in this regard is multi-Attribute decision-making (MADM). MADM can aid in selecting the most optimal solution from a huge pool of available alternatives when the appropriate evaluation attributes are provided. The openness of the MADM methods in solving numerous cybersecurity issues makes it largely efficient for IDS applications. We must first understand the available solutions and gaps in this area of research to provide an insightful analysis of the combination of MADM techniques with IDS and support researchers. Therefore, this study conducts a systematic review to organize the research landscape into a consistent taxonomy. A total of 28 articles were considered for this taxonomy and were classified into three main categories: data analysis and detection (n=4), response selection (n=7) and IDS evaluation (n=17). Each category was thoroughly analyzed in terms of a variety of aspects, including the issues and challenges confronted, as well as the contributions of each study. Furthermore, the datasets, evaluation attributes, MADM methods, evaluation and validation and bibliography analysis used by the selected articles are discussed. In this study, we highlighted the existing perspective and opportunities for MADM in the IDS literature through a systematic review, providing researchers with a valuable reference. 2023 World Scientific Publishing Company.

References

Abushark, Y. B., Khan, A. I., Alsolami, F., Almalawi, A., Alam, M. M., Agrawal, A., Kumar, R., & Khan, R. A. (2022). Cyber Security Analysis and Evaluation for Intrusion Detection Systems. Computers, Materials and Continua, 72(1), 1765–1783. https://doi.org/10.32604/cmc.2022.025604

Albahri, O. S., Zaidan, A. A., Salih, M. M., Zaidan, B. B., Khatari, M. A., Ahmed, M. A., Albahri, A. S., & Alazab, M. (2021). Multidimensional benchmarking of the active queue management methods of network congestion control based on extension of fuzzy decision by opinion score method. International Journal of Intelligent Systems, 36(2), 796–831. https://doi.org/10.1002/int.22322

Alharbi, A., Seh, A. H., Alosaimi, W., Alyami, H., Agrawal, A., Kumar, R., & Khan, R. A. (2021). Analyzing the impact of cyber security related attributes for intrusion detection systems. Sustainability (Switzerland), 13(22). https://doi.org/10.3390/su132212337

Alinezhad, A., & Khalili, J. (2019). New methods and applications in multiple attribute decision making (Madm). In International Series in Operations Research and Management Science (Vol. 277). https://doi.org/10.1007/978-3-030-15009-9

Alsalem, M. A., Mohammed, R., Albahri, O. S., Zaidan, A. A., Alamoodi, A. H., Dawood, K., Alnoor, A., Albahri, A. S., Zaidan, B. B., Aickelin, U., Alazab, M., & Jumaah, F. (2022). Rise of multiattribute decision-making in combating COVID-19: A systematic review of the state-of-the-art literature. International Journal of Intelligent Systems, 37(6), 3514–3624. https://doi.org/10.1002/int.22699

Alyami, H., Ansari, M. T. J., Alharbi, A., Alosaimi, W., Alshammari, M., Pandey, D., Agrawal, A., Kumar, R., & Khan, R. A. (2022). Effectiveness Evaluation of Different IDSs Using Integrated Fuzzy MCDM Model. Electronics (Switzerland), 11(6). https://doi.org/10.3390/electronics11060859

Beck, M., & Tews, E. (2009). Practical attacks against WEP and WPA. Proceedings of the 2nd ACM Conference on Wireless Network Security, WiSec’09, 79–85. https://doi.org/10.1145/1514274.1514286

Çavuşoğlu, Ü. (2019). A new hybrid approach for intrusion detection using machine learning methods. Applied Intelligence, 49(7), 2735–2761. https://doi.org/10.1007/s10489-018-01408-x

Choi, M.-K., Robles, R. J., Hong, C.-H., & Kim, T.-H. (2008). Wireless network security: Vulnerabilities, threats and countermeasures. International Journal of Multimedia and Ubiquitous Engineering, 3(3), 77–86.

Day, D. J., Flores, D. A., & Lallie, H. S. (2012). CONDOR: A hybrid IDS to offer improved intrusion detection. Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012, 931–936. https://doi.org/10.1109/TrustCom.2012.110

de La Hoz, E., de La Hoz, E., Ortiz, A., Ortega, J., & Martínez-Álvarez, A. (2014). Feature selection by multi-objective optimisation: Application to network anomaly detection by hierarchical self-organising maps. Knowledge-Based Systems, 71, 322–338. https://doi.org/10.1016/j.knosys.2014.08.013

Debar, H., Dacier, M., & Wespi, A. (1999). Towards a taxonomy of intrusion-detection systems. Computer Networks, 31(8), 805–822. https://doi.org/10.1016/S1389-1286(98)00017-6

Delgado, N., Gates, A. Q., & Roach, S. (2004). A taxonomy and catalog of runtime software-fault monitoring tools. IEEE Transactions on Software Engineering, 30(12), 859–872. https://doi.org/10.1109/TSE.2004.91

Denning, D. E. (1987). An Intrusion-Detection Model. IEEE Transactions on Software Engineering, SE-13(2), 222–232. https://doi.org/10.1109/TSE.1987.232894

DeSanctis, G., & Gallupe, R. B. (1987). FOUNDATION FOR THE STUDY OF GROUP DECISION SUPPORT SYSTEMS. Management Science, 33(5), 589–609. https://doi.org/10.1287/mnsc.33.5.589

El-Alfy, E.-S. M., & Al-Obeidat, F. N. (2014). A multicriterion fuzzy classification method with greedy attribute selection for anomaly-based intrusion detection. Procedia Computer Science, 34, 55–62. https://doi.org/10.1016/j.procs.2014.07.037

El-Alfy, E.-S. M., & Al-Obeidat, F. N. (2015). Detecting Cyber-Attacks on Wireless Mobile Networks Using Multicriterion Fuzzy Classifier with Genetic Attribute Selection. Mobile Information Systems, 2015. https://doi.org/10.1155/2015/585432

Estevez-Tapiador, J. M., Garcia-Teodoro, P., & Diaz-Verdejo, J. E. (2004). Anomaly detection methods in wired networks: A survey and taxonomy. Computer Communications, 27(16), 1569–1584. https://doi.org/10.1016/j.comcom.2004.07.002

Fei, L., & Deng, Y. (2020). Multi-criteria decision making in Pythagorean fuzzy environment. Applied Intelligence, 50(2), 537–561. https://doi.org/10.1007/s10489-019-01532-2

García-Teodoro, P., Díaz-Verdejo, J., Maciá-Fernández, G., & Vázquez, E. (2009). Anomaly-based network intrusion detection: Techniques, systems and challenges. Computers and Security, 28(1–2), 18–28. https://doi.org/10.1016/j.cose.2008.08.003

Ikram, S. T., Cherukuri, A. K., Poorva, B., Ushasree, P. S., Zhang, Y., Liu, X., & Li, G. (2021). Anomaly Detection Using XGBoost Ensemble of Deep Neural Network Models. Cybernetics and Information Technologies, 21(3), 175–188. https://doi.org/10.2478/cait-2021-0037

Inayat, Z., Gani, A., Anuar, N. B., Khan, M. K., & Anwar, S. (2016). Intrusion response systems: Foundations, design, and challenges. Journal of Network and Computer Applications, 62, 53–74. https://doi.org/10.1016/j.jnca.2015.12.006

Kabiri, P., & Ghorbani, A. A. (2005). Research on intrusion detection and response: A survey. International Journal of Network Security, 1(2), 84–102.

Khasawneh, M., Kajman, I., Alkhudaidy, R., & Althubyani, A. (2014). A Survey on Wi-Fi Protocols: WPA and WPA2. In Communications in Computer and Information Science: Vol. 420 CCIS. https://doi.org/10.1007/978-3-642-54525-2_44

Krishnan, E., Mohammed, R., Alnoor, A., Albahri, O. S., Zaidan, A. A., Alsattar, H., Albahri, A. S., Zaidan, B. B., Kou, G., Hamid, R. A., Alamoodi, A. H., & Alazab, M. (2021). Interval type 2 trapezoidal-fuzzy weighted with zero inconsistency combined with VIKOR for evaluating smart e-tourism applications. International Journal of Intelligent Systems, 36(9), 4723–4774. https://doi.org/10.1002/int.22489

Kunal, & Dua, M. (2020). Attribute Selection and Ensemble Classifier based Novel Approach to Intrusion Detection System. Procedia Computer Science, 167, 2191–2199. https://doi.org/10.1016/j.procs.2020.03.271

Lashkari, A. H., Danesh, M. M. S., & Samadi, B. (2009). A survey on wireless security protocols (WEP,WPA and WPA2/802.11i). Proceedings - 2009 2nd IEEE International Conference on Computer Science and Information Technology, ICCSIT 2009, 48–52. https://doi.org/10.1109/ICCSIT.2009.5234856

Li, L., Yu, Y., Bai, S., Hou, Y., & Chen, X. (2017). An Effective Two-Step Intrusion Detection Approach Based on Binary Classification and κ-NN. IEEE Access, 6, 12060–12073. https://doi.org/10.1109/ACCESS.2017.2787719

Liang, J., Ma, M., Sadiq, M., & Yeung, K.-H. (2019). A filter model for intrusion detection system in Vehicle Ad Hoc Networks: A hidden Markov methodology. Knowledge-Based Systems, 163, 611–623. https://doi.org/10.1016/j.knosys.2018.09.022

Liao, H.-J., Richard Lin, C.-H., Lin, Y.-C., & Tung, K.-Y. (2013). Intrusion detection system: A comprehensive review. Journal of Network and Computer Applications, 36(1), 16–24. https://doi.org/10.1016/j.jnca.2012.09.004

Liu, Q., Wang, D., Jia, Y., Luo, S., & Wang, C. (2022). A multi-task based deep learning approach for intrusion detection. Knowledge-Based Systems, 238. https://doi.org/10.1016/j.knosys.2021.107852

Lunt, T. F. (1993). A survey of intrusion detection techniques. Computers and Security, 12(4), 405–418. https://doi.org/10.1016/0167-4048(93)90029-5

Mishra, A., Nadkarni, K., & Patcha, A. (2004). Intrusion Detection in Wireless Ad Hoc Networks. IEEE Wireless Communications, 11(1), 48–60. https://doi.org/10.1109/MWC.2004.1269717

Mukherjee, B. (1994). The Role of Customer-Premises Bandwidth Management: In the evolving era of high-speed wide-area networking, customer premises bandwidth management should offer economic advantages well into the future. IEEE Network, 8(3), 26–41. https://doi.org/10.1109/65.283931

Mukkamala, S., & Sung, A. H. (2003). A Comparative Study of Techniques for Intrusion Detection. Proceedings of the International Conference on Tools with Artificial Intelligence, 570–577.

Nadeem, M., Al-Amri, J. F., Subahi, A. F., Seh, A. H., Khan, S. A., Agrawal, A., & Khan, R. A. (2022). Multi-level hesitant fuzzy based model for usable-security assessment. Intelligent Automation and Soft Computing, 31(1), 61–82. https://doi.org/10.32604/IASC.2022.019624

Nespoli, P., Papamartzivanos, D., Mármol, F. G., & Kambourakis, G. (2018). Optimal Countermeasures Selection Against Cyber Attacks: A Comprehensive Survey on Reaction Frameworks. IEEE Communications Surveys and Tutorials, 20(2), 1361–1396. https://doi.org/10.1109/COMST.2017.2781126

Patcha, A., & Park, J.-M. (2007). An overview of anomaly detection techniques: Existing solutions and latest technological trends. Computer Networks, 51(12), 3448–3470. https://doi.org/10.1016/j.comnet.2007.02.001

Peng, J.-J., Wang, J.-Q., Wang, J., Yang, L.-J., & Chen, X.-H. (2015). An extension of ELECTRE to multi-criteria decision-making problems with multi-hesitant fuzzy sets. Information Sciences, 307, 113–126. https://doi.org/10.1016/j.ins.2015.02.030

Priyadarshini, I., Kumar, R., Sharma, R., Singh, P. K., & Satapathy, S. C. (2021). Identifying cyber insecurities in trustworthy space and energy sector for smart grids. Computers and Electrical Engineering, 93. https://doi.org/10.1016/j.compeleceng.2021.107204

Puthal, D., Mohanty, S. P., Nanda, P., & Choppali, U. (2017). Building Security Perimeters to Protect Network Systems Against Cyber Threats [Future Directions]. IEEE Consumer Electronics Magazine, 6(4), 24–27. https://doi.org/10.1109/MCE.2017.2714744

Robinson, R. R. R., & Thomas, C. (2016). Ranking of machine learning algorithms based on the performance in classifying DDoS attacks. 2015 IEEE Recent Advances in Intelligent Computational Systems, RAICS 2015, 185–190. https://doi.org/10.1109/RAICS.2015.7488411

Salih, M. M., Zaidan, B. B., & Zaidan, A. A. (2020). Fuzzy decision by opinion score method. Applied Soft Computing Journal, 96. https://doi.org/10.1016/j.asoc.2020.106595

Shameli-Sendi, A., Louafi, H., He, W., & Cheriet, M. (2018). Dynamic Optimal Countermeasure Selection for Intrusion Response System. IEEE Transactions on Dependable and Secure Computing, 15(5), 755–770. https://doi.org/10.1109/TDSC.2016.2615622

Shanian, A., & Savadogo, O. (2006). A material selection model based on the concept of multiple attribute decision making. Materials and Design, 27(4), 329–337. https://doi.org/10.1016/j.matdes.2004.10.027

Singh, D. K., & Kaushik, P. (2019). Intrusion response prioritization based on fuzzy ELECTRE multiple criteria decision making technique. Journal of Information Security and Applications, 48. https://doi.org/10.1016/j.jisa.2019.102359

Smarandache, F. (2010). α-Discounting Method for Multi-Criteria Decision Making (α-D MCDM). 13th Conference on Information Fusion, Fusion 2010.

Sultana, N., Chilamkurti, N., Peng, W., & Alhadad, R. (2019). Survey on SDN based network intrusion detection system using machine learning approaches. Peer-to-Peer Networking and Applications, 12(2), 493–501. https://doi.org/10.1007/s12083-017-0630-0

Sumaiya Thaseen, I., & Aswani Kumar, C. (2017). Intrusion detection model using fusion of chi-square feature selection and multi class SVM. Journal of King Saud University - Computer and Information Sciences, 29(4), 462–472. https://doi.org/10.1016/j.jksuci.2015.12.004

Tabrizi, F. M., & Pattabiraman, K. (2016). Flexible Intrusion Detection Systems for Memory-Constrained Embedded Systems. Proceedings - 2015 11th European Dependable Computing Conference, EDCC 2015, 1–12. https://doi.org/10.1109/EDCC.2015.17

Torkayesh, A. E., Vandchali, H. R., & Tirkolaee, E. B. (2021). Multi-objective optimization for healthcare waste management network design with sustainability perspective. Sustainability (Switzerland), 13(15). https://doi.org/10.3390/su13158279

Tsai, C.-F., Hsu, Y.-F., Lin, C.-Y., & Lin, W.-Y. (2009). Intrusion detection by machine learning: A review. Expert Systems with Applications, 36(10), 11994–12000. https://doi.org/10.1016/j.eswa.2009.05.029

Tucker, C. J., Furnell, S. M., Ghita, B. V., & Brooke, P. J. (2007). A new taxonomy for comparing intrusion detection systems. Internet Research, 17(1), 88–98. https://doi.org/10.1108/10662240710730515

Verma, R., & Chandra, S. (2021). Interval-Valued Intuitionistic Fuzzy-Analytic Hierarchy Process for evaluating the impact of security attributes in Fog based Internet of Things paradigm. Computer Communications, 175, 35–46. https://doi.org/10.1016/j.comcom.2021.04.019

Vijayakumar, K. P., & Ganeshkumar, P. (2019). Jamming detection approach based on fuzzy assisted multicriteria decision-making system for wireless sensor networks. International Journal of Communication Systems, 32(12). https://doi.org/10.1002/dac.4010

Xiang, G., Jin, H., Zou, D., Zhang, X., Wen, S., & Zhao, F. (2010). VMDriver: A driver-based monitoring mechanism for virtualization. Proceedings of the IEEE Symposium on Reliable Distributed Systems, 72–81. https://doi.org/10.1109/SRDS.2010.38

Yan, Q., Gong, Q., & Deng, F.-A. (2016). Detection of DDoS attacks against wireless SDN controllers based on the fuzzy synthetic evaluation decision-making model. Ad-Hoc and Sensor Wireless Networks, 33(1–4), 275–299.

Yin, C., Zhu, Y., Fei, J., & He, X. (2017). A Deep Learning Approach for Intrusion Detection Using Recurrent Neural Networks. IEEE Access, 5, 21954–21961. https://doi.org/10.1109/ACCESS.2017.2762418

Yoon, M.-K., Mohan, S., Choi, J., Kim, J.-E., & Sha, L. (2013). SecureCore: A multicore-based intrusion detection architecture for real-time embedded systems. Real-Time Technology and Applications - Proceedings, 21–32. https://doi.org/10.1109/RTAS.2013.6531076

Young, C., Zambreno, J., Olufowobi, H., & Bloom, G. (2019). Survey of automotive controller area network intrusion detection systems. IEEE Design and Test, 36(6), 48–55. https://doi.org/10.1109/MDAT.2019.2899062

Zbakh, M., Elmahdi, K., Cherkaoui, R., & Enniari, S. (2015). A multi-criteria analysis of intrusion detection architectures in cloud environments. Proceedings of 2015 International Conference on Cloud Computing Technologies and Applications, CloudTech 2015. https://doi.org/10.1109/CloudTech.2015.7336967

Zimmer, C., Bhat, B., Mueller, F., & Mohan, S. (2010). Time-based intrusion detection in cyber-physical systems. Proceedings of the 1st ACM/IEEE International Conference on Cyber-Physical Systems, ICCPS ’10, 109–118. https://doi.org/10.1145/1795194.1795210


This material may be protected under Copyright Act which governs the making of photocopies or reproductions of copyrighted materials.
You may use the digitized material for private study, scholarship, or research.

Back to previous page
Installed and configured by Bahagian Automasi, Perpustakaan Tuanku Bainun, Universiti Pendidikan Sultan Idris
If you have enquiries, kindly contact us at pustakasys@upsi.edu.my or 016-3630263. Office hours only.