Survey of intrusion detection systems: techniques, datasets and challenges

1. Evaluation

1.1. Accuracy

1.2. Precision

1.3. Recall

2. Techniques

2.1. Signature-based

2.1.1. Exact matching

2.1.2. Fuzzy matching

2.2. Anomaly-based

2.2.1. Statistical-based

2.2.2. Machine learning-based

2.3. Hybrid

2.3.1. Combined signature and anomaly-based

2.3.2. Multi-level

3. Datasets

3.1. Real word datasets

3.1.1. KDD Cup 1999

3.1.2. NSL-KDD

3.2. Benchmark datasets

3.2.1. UNSW-NB15

3.2.2. CICIDS2017

4. Challenges

4.1. High false positive rates

4.1.1. Solution: Tuning the parameters

4.2. Need for continuous updating

4.2.1. Solution: Incremental learning

4.3. Difficulty in detecting zero-day attacks

4.3.1. Solution: Use of behavior-based detection