Security and Communication Networks

Review Article

A Closer Look at Intrusion Detection System for Web Applications

Table 4

Comparison of IDS.


Reference	Detection Approach	IDS Type	Data Monitored Type	State	IDS Mode	Response Mechanism	Attack Description	Incremental Learning	Security Measures

[29]	SD	HIDS	Logs	Stateful	Detection	Passive	No	No	IV AC BD
[26]	AD	HIDS	Logs, Get	Stateless	Detection	Passive	No	No	IV
[27]	SD	HIDS	Logs, Get, Post, Header	Stateful	Detection	Passive	No	No	IV AC SV
[30]	PD	HIDS	Get, Post, Header	Stateful	Prevention	Active & Dynamic	Yes	No	IV AC
[17]	HD	HIDS	Get, Header	Stateless	Detection	Passive	No	No	IV
[22]	AD	HIDS	Logs, Get	Stateful	Detection	Passive	No	No	IV BD
[33]	SD	HIDS	Logs	Stateful	Detection	Passive	No	No	AC
[31]	AD	HIDS	Logs, Get	Stateless	Detection	Passive	Yes	No	IV
[32]	AD	HIDS	Get	Stateless	Prevention	Active & Dynamic	No	No	IV
[28]	AD	HIDS	Application Variables	Stateful	Detection	Passive	No	No	IV AC
[34]	AD	HIDS	Get, Post, Header	Stateless	Detection	Passive	No	Yes	IV
[35]	AD	NIDS	Get, Header	Stateless	Detection	Passive	No	No	IV
[36]	AD	HIDS	Get, Post, Header	Stateless	Detection	Passive	No	No	IV
[38]	AD	HIDS	Get, Post, Response	Stateless	Detection	Passive	No	Yes	IV
[39]	AD	HIDS	Get	Stateless	Prevention	Active & Dynamic	No	Yes	IV AC
[40]	AD	NIDS	Logs, Get, Post	Stateless	Detection	Passive	No	No	IV
[41]	AD	HIDS	Get	Stateless	Detection	Passive	No	No	IV
[42]	PD	HIDS	Get, Post, Header	Stateless	Detection	Passive	No	Yes	IV
[43]	AD	HIDS	Get, Post, Header	Stateless	Prevention	Active & Dynamic	No	No	IV
[44]	AD	HIDS	Get, Header	Stateless	Detection	Passive	No	No	IV
[45]	AD	HIDS	Get, Post, Header	Stateless	Detection	Passive	No	No	IV
[46]	AD	NIDS	Get, Post, Header	Stateless	Detection	Passive	Yes	Yes	IV
[23]	AD	HIDS	Application Variables	Stateful	Detection	Passive	No	No	IV AC
[47]	AD	HIDS	Get, Post, Header	Stateful	Detection	Passive	No	No	AC SV
[48]	AD	NIDS	Get, Post, Header	Stateless	Detection	Passive	No	No	IV
[16]	HD	HIDS	Get, Post, Header	Stateless	Prevention	Active & Dynamic	No	No	IV BD
[49]	PD	HIDS	Get, Post, Header, Response	Stateful	Prevention	Active & Static	Yes	No	IV AC SV OV
[50]	PD	HIDS	Get, Post, Header	Stateless	Prevention	Active & Static	Yes	No	IV
[51]	AD	NIDS	Get, Post, Header	Stateless	Detection	Passive	Yes	No	IV
[52]	HD	HIDS	Get, Post, Header	Stateful	Detection	Passive	No	Yes	IV BD

AD: Anomaly-based Detection IV: Input Validation.
SD: Signature-based Detection OV: Output Validation.
PD: Policy-based Detection. AC: Access Control.
HD: Hybrid-based Detection. SV: Session Verification.
HIDS: Host-based Intrusion Detection System. BD: Bot Detection.
NIDS: Network-based Intrusion Detection System.