Mutep Yahya Alyousef Nabih T Arar


With the rapid development and growth of the internet and networking, greater numbers of attacks are arising that threaten networks and information security alike. Thus, different types of intrusion detection systems (IDSs) have been introduced: either signature-based IDSs, anomaly-based IDSs, or a hybrid of both. Many IDSs that have adopted the signature-based method suffer from many challenges, one of these challenges is how to detect a new attack in the incoming traffic that its signature doesn’t stored in the known signatures database, while at the same time keeping the rate of false-positive alarms low. Many IDSs update their signatures databases from time to time through the internet or by relying on the network administrator to manually update the database with new attack signatures. Manual updating is a labour-intensive process, can be prone to errors, and is not always practical. This is a survey paper on the various studies regarding the updating process for known IDSs’ signatures databases over time.


Article Type
Original Articles

Most read articles by the same author(s)

Obs.: This plugin requires at least one statistics/report plugin to be enabled. If your statistics plugins provide more than one metric then please also select a main metric on the admin's site settings page and/or on the journal manager's settings pages.