IEEE Access (Jan 2024)

A Systematic Literature Review on Host-Based Intrusion Detection Systems

  • Hami Satilmis,
  • Sedat Akleylek,
  • Zaliha Yuce Tok

DOI
https://doi.org/10.1109/ACCESS.2024.3367004
Journal volume & issue
Vol. 12
pp. 27237 – 27266

Abstract

Read online

With the advancements in computer networks and systems, the number of security vulnerabilities and cyber attacks targeting/using these vulnerabilities continues to increase. Consequently, various intrusion detection systems (IDS) have been developed to detect cyber attacks and ensure information security. IDSs are categorized into two classes based on the data sources: Network-based intrusion detection system (NIDS) and host-based intrusion detection system (HIDS). In this systematic literature review (SLR), studies are examined that focus on HIDS or propose methods applicable to HIDS, as well as those related to IDSs that can be converted into HIDSs. The studies published between 2020 and 2023 are collected from widely used academic databases through various query statements. Filtering based on specific selection and elimination criteria is undergone by the collected studies, resulting in 21 studies for examination. Subsequently, these studies and their advantages and disadvantages are discussed. In addition, while examining the studies, five research questions are addressed. Finally, the defects, potential areas for improvement, and future research directions related to HIDSs are discussed.

Keywords