{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,15]],"date-time":"2026-01-15T00:20:11Z","timestamp":1768436411975,"version":"3.49.0"},"reference-count":81,"publisher":"MDPI AG","issue":"2","license":[{"start":{"date-parts":[[2017,3,27]],"date-time":"2017-03-27T00:00:00Z","timestamp":1490572800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Algorithms"],"abstract":"<jats:p>In the past few decades, the rise in attacks on communication devices in networks has resulted in a reduction of network functionality, throughput, and performance. To detect and mitigate these network attacks, researchers, academicians, and practitioners developed Intrusion Detection Systems (IDSs) with automatic response systems. The response system is considered an important component of IDS, since without a timely response IDSs may not function properly in countering various attacks, especially on a real-time basis. To respond appropriately, IDSs should select the optimal response option according to the type of network attack. This research study provides a complete survey of IDSs and Intrusion Response Systems (IRSs) on the basis of our in-depth understanding of the response option for different types of network attacks. Knowledge of the path from IDS to IRS can assist network administrators and network staffs in understanding how to tackle different attacks with state-of-the-art technologies.<\/jats:p>","DOI":"10.3390\/a10020039","type":"journal-article","created":{"date-parts":[[2017,3,27]],"date-time":"2017-03-27T10:49:10Z","timestamp":1490611750000},"page":"39","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":145,"title":["From Intrusion Detection to an Intrusion Response System: Fundamentals, Requirements, and Future Directions"],"prefix":"10.3390","volume":"10","author":[{"given":"Shahid","family":"Anwar","sequence":"first","affiliation":[{"name":"Faculty of Computer Systems & Software Engineering (FSKKP), Universiti Malaysia Pahang, LebuhrayaTun Razak Gambang, 26300 Kuantan"}]},{"given":"Jasni","family":"Mohamad Zain","sequence":"additional","affiliation":[{"name":"Center for Computer Technology & Networking Studies, Faculty of Computer & Mathematical Sciences,Universiti Teknologi MARA (UiTM), 40450 Shah Alam, Malaysia"}]},{"given":"Mohamad Fadli","family":"Zolkipli","sequence":"additional","affiliation":[{"name":"Faculty of Computer Systems & Software Engineering (FSKKP), Universiti Malaysia Pahang, LebuhrayaTun Razak Gambang, 26300 Kuantan"}]},{"given":"Zakira","family":"Inayat","sequence":"additional","affiliation":[{"name":"Department of Computer Science, University of Engineering and Technology Peshawar, Peshawar 2500, Pakistan"},{"name":"Center for Mobile Cloud Computing Research (C4MCCR), University of Malaya, 50603 Kuala Lumpur,"}]},{"given":"Suleman","family":"Khan","sequence":"additional","affiliation":[{"name":"Center for Mobile Cloud Computing Research (C4MCCR), University of Malaya, 50603 Kuala Lumpur,"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-7276-0258","authenticated-orcid":false,"given":"Bokolo","family":"Anthony","sequence":"additional","affiliation":[{"name":"Faculty of Computer Systems & Software Engineering (FSKKP), Universiti Malaysia Pahang, LebuhrayaTun Razak Gambang, 26300 Kuantan"}]},{"given":"Victor","family":"Chang","sequence":"additional","affiliation":[{"name":"International Business School Suzhou (IBSS), Xi\u2019an Jiaotong-Liverpool University, 111 Ren\u2019ai Road, SuzhouDushu Lake Science and Education Innovation Industrial Park, Suzhou 215123"}]}],"member":"1968","published-online":{"date-parts":[[2017,3,27]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","first-page":"102","DOI":"10.1016\/j.future.2016.03.013","article-title":"Secure searching on cloud storage enhanced by homomorphic indexing","volume":"65","author":"Ren","year":"2016","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_2","unstructured":"(2016, September 20). Asia Pacific Computer Emergency Response Team. Available online: http:\/\/www.apcert.org\/."},{"key":"ref_3","unstructured":"(2016, September 20). Malaysia Computer Emergency Responce Team Incident Statistics. Available online: http:\/\/www.mycert.org.my\/en\/."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Scarfone, K., and Mell, P. (2007). Guide to Intrusion Detection and Prevention Systems (IDPS), NIST Special Publication. Report Number: 800-94.","DOI":"10.6028\/NIST.SP.800-94"},{"key":"ref_5","first-page":"1","article-title":"Cloud-Based Intrusion Detection and Response System: Open Research Issues, and Solutions","volume":"7","author":"Inayat","year":"2017","journal-title":"Arab. J. Sci. Eng."},{"key":"ref_6","unstructured":"Fraga, J., and Powell, D. (1985, January 12\u201315). A fault-and intrusion-tolerant file system. Proceedings of the 3rd International Conference on Computer Security, Dublin, Ireland."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"53","DOI":"10.1016\/j.jnca.2015.12.006","article-title":"Intrusion response systems: Foundations, design, and challenges","volume":"62","author":"Inayat","year":"2016","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Anuar, N.B., Papadaki, M., Furnell, S., and Clarke, N. (2010, January 2\u20134). An investigation and survey of response options for Intrusion Response Systems (IRSs). Proceedings of the Information Security for South Africa (ISSA), Johannesburg, South Arfica.","DOI":"10.1109\/ISSA.2010.5588654"},{"key":"ref_9","doi-asserted-by":"crossref","unstructured":"Hajian, S., Domingo-Ferrer, J., and Martinez-Balleste, A. (2011, January 11\u201315). Discrimination prevention in data mining for intrusion and crime detection. Proceedings of the 2011 IEEE Symposium on Computational Intelligence in Cyber Security (CICS), Paris, France.","DOI":"10.1109\/CICYBS.2011.5949405"},{"key":"ref_10","first-page":"855","article-title":"A survey on security Issues and vulnerabilities on cloud computing","volume":"4","author":"Neela","year":"2013","journal-title":"Int. J. Comput. Sci. Eng. Technol. (IJCSET)"},{"key":"ref_11","unstructured":"Wu, Z., Xu, Z., and Wang, H. (2012, January 14\u201317). Whispers in the Hyper-space: High-speed Covert Channel Attacks in the Cloud. Proceedings of the USENIX Security Symposium, Washington, DC, USA."},{"key":"ref_12","unstructured":"Yarom, Y., and Falkner, K. (2014, January 20\u201322). FLUSH+ RELOAD: A High Resolution, Low Noise, L3 Cache Side-Channel Attack. Proceedings of the USENIX Security, San Diego, CA, USA."},{"key":"ref_13","doi-asserted-by":"crossref","unstructured":"Chang, C.-W., Lee, S., Lin, B., and Wang, J. (2010). The taming of the shrew: Mitigating low-rate TCP-targeted attack. IEEE Trans. Netw. Serv. Manag., 7.","DOI":"10.1109\/TNSM.2010.I8P0308"},{"key":"ref_14","unstructured":"Anwar, S., Zain, J.M., Zolkipli, F., and Inayat, Z. (2014, January 28\u201329). A Review Paper on Botnet and Botnet Detection Techniques in Cloud Computing. Proceedings of the ISCI 2014\u2014IEEE Symposium on Computers & Informatics, Sabah, Malaysia."},{"key":"ref_15","doi-asserted-by":"crossref","first-page":"831","DOI":"10.1016\/j.cose.2010.09.003","article-title":"A behaviorist perspective on corporate harassment online: Validation of a theoretical model of psychological motives","volume":"29","author":"Workman","year":"2010","journal-title":"Comput. Secur."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"159","DOI":"10.1007\/s11276-006-8870-6","article-title":"Access points vulnerabilities to DoS attacks in 802.11 networks","volume":"14","author":"Bernaschi","year":"2008","journal-title":"Wirel. Netw."},{"key":"ref_17","doi-asserted-by":"crossref","unstructured":"Duc, A., Dziembowski, S., and Faust, S. (2014, January 11\u201315). Unifying Leakage Models: From Probing Attacks to Noisy Leakage. Proceedings of the Annual International Conference on the Theory and Applications of Cryptographic Techniques, Copenhagen, Denmark.","DOI":"10.1007\/978-3-642-55220-5_24"},{"key":"ref_18","unstructured":"Halfond, W.G., Viegas, J., and Orso, A. (2006, January 13\u201315). A classification of SQL-injection attacks and countermeasures. Proceedings of the IEEE International Symposium on Secure Software Engineering, Washington, DC, USA."},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Naser, A., Majid, M.A., Zolkipli, M.F., and Anwar, S. (2014, January 22\u201324). Trusting cloud computing for personal files. Proceedings of the 2014 International Conference on Information and Communication Technology Convergence (ICTC), Busan, South Korea.","DOI":"10.1109\/ICTC.2014.6983188"},{"key":"ref_20","unstructured":"Hoque, M.S., Mukit, M., Bikas, M., and Naser, A. (arXiv, 2012). An implementation of intrusion detection system using genetic algorithm, arXiv."},{"key":"ref_21","doi-asserted-by":"crossref","unstructured":"Ranjan, S., Swaminathan, R., Uysal, M., and Knightly, E.W. (2006, January 23\u201329). DDoS-Resilient Scheduling to Counter Application Layer Attacks Under Imperfect Detection. Proceedings of the INFOCOM, Barcelona, Spain.","DOI":"10.1109\/INFOCOM.2006.127"},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Yi, S., Naldurg, P., and Kravets, R. (2001, January 4\u20135). Security-aware ad hoc routing for wireless networks. Proceedings of the 2nd ACM International Symposium on Mobile Ad Hoc Networking & Computing, Long Beach, CA, USA.","DOI":"10.1145\/501449.501464"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Liu, F., Yarom, Y., Ge, Q., Heiser, G., and Lee, R.B. (2015, January 17\u201321). Last-level cache side-channel attacks are practical. Proceedings of the 2015 IEEE Symposium on Security and Privacy (SP), San Jose, CA, USA.","DOI":"10.1109\/SP.2015.43"},{"key":"ref_24","unstructured":"(2016, September 12). US-CERT, Available online: https:\/\/www.us-cert.gov\/ncas\/tips\/ST04-004."},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"27","DOI":"10.1155\/2014\/547062","article-title":"A Comprehensive Review on Adaptability of Network Forensics Frameworks for Mobile Cloud Computing","volume":"2014","author":"Khan","year":"2014","journal-title":"Sci. World J."},{"key":"ref_26","doi-asserted-by":"crossref","unstructured":"Genge, B., Siaterlis, C., and Karopoulos, G. (2013, January 24\u201327). Data fusion-base anomay detection in networked critical infrastructures. Proceedings of the 2013 43rd Annual IEEE\/IFIP Conference on Dependable Systems and Networks Workshop (DSN-W), Budapest, Hungary.","DOI":"10.1109\/DSNW.2013.6615505"},{"key":"ref_27","unstructured":"Sequeira, D. (2016, September 09). Intrusion Prevention Systems Security\u2019s Silver Bullet?. Available online: http:\/\/www.sans.org\/reading-room\/whitepapers\/detection\/intrusion-prevention-systems-securitys-silver-bullet-366?show=366.php&cat=detection."},{"key":"ref_28","doi-asserted-by":"crossref","unstructured":"Anwar, J.M.Z.S., Zolkipli, M.F., Inayat, Z., Jabir, A.N., and Odili, J.B. (2015, January 19\u201321). Response Option for Attacks Detected by Intrusion Detection System. Proceedings of the 4th International Conference on Software Engineering and Computer System, Kuantan, Malaysia.","DOI":"10.1109\/ICSECS.2015.7333109"},{"key":"ref_29","first-page":"281","article-title":"A comprehensive taxonomy of DDOS attacks and defense mechanism applying in a smart classification","volume":"7","author":"Asosheh","year":"2008","journal-title":"WSEAS Trans. Comput."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"1","DOI":"10.1016\/j.cose.2014.04.009","article-title":"Taxonomy of intrusion risk assessment and response system","volume":"45","author":"Cheriet","year":"2014","journal-title":"Comput. Secur."},{"key":"ref_31","unstructured":"Foo, B., Wu, Y.-S., Mao, Y.-C., Bagchi, S., and Spafford, E. (July, January 28). ADEPTS: Adaptive intrusion response using attack graphs in an e-commerce environment. Proceedings of the International Conference on Dependable Systems and Networks, Yokohama, Japan."},{"key":"ref_32","doi-asserted-by":"crossref","unstructured":"Genge, B., and Haller, P. (2016, January 17\u201319). A hierarchical control plane for software-defined networks-based industrial control systems. Proceedings of the IFIP Networking Conference (IFIP Networking) and Workshops, Vienna, Austria.","DOI":"10.1109\/IFIPNetworking.2016.7497208"},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Stakhanova, N., Basu, S., and Wong, J. (2007, January 21\u201323). A Cost-Sensitive Model for Preemptive Intrusion Response Systems. Proceedings of the AINA, ON, Canada.","DOI":"10.1109\/AINA.2007.9"},{"key":"ref_34","unstructured":"Ilgun, K. (1993, January 24\u201326). USTAT: A real-time intrusion detection system for UNIX. Proceedings of the 1993 IEEE Computer Society Symposium on Research in Security and Privacy, Okland, CA, USA."},{"key":"ref_35","doi-asserted-by":"crossref","first-page":"2047","DOI":"10.1007\/s11235-011-9484-6","article-title":"Protection of MANETs from a range of attacks using an intrusion detection and prevention system","volume":"52","author":"Nadeem","year":"2013","journal-title":"Telecommun. Syst."},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"368","DOI":"10.1016\/j.adhoc.2013.08.017","article-title":"An intrusion detection & adaptive response mechanism for MANETs","volume":"13","author":"Nadeem","year":"2014","journal-title":"Ad Hoc Netw."},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Kizza, J.M. (2009). A Guide to Computer Network Security, Springer.","DOI":"10.1007\/978-1-84800-917-2"},{"key":"ref_38","doi-asserted-by":"crossref","unstructured":"Khan, S., Gani, A., Wahab, A.W.A., and Bagiwa, M.A. (2015, January 6\u20138). SIDNFF: Source identification network forensics framework for cloud computing. Proceedings of the 2015 IEEE International Conference on Consumer Electronics-Taiwan (ICCE-TW), Taipei, Tiwan.","DOI":"10.1109\/ICCE-TW.2015.7216975"},{"key":"ref_39","unstructured":"Ragsdale, D.J., Carver, C.A., Humphries, J.W., and Pooch, U.W. (2000, January 8\u201311). Adaptation techniques for intrusion detection and intrusion response systems. Proceedings of the 2000 IEEE International Conference on Systems, Man, and Cybernetics, Nashville, TN, United States."},{"key":"ref_40","unstructured":"Carver, A.C.J. (2001). Adaptive Agent-Based Intrusion Response. [Ph.D. Thesis, Texas A&M University]."},{"key":"ref_41","doi-asserted-by":"crossref","unstructured":"Anwar, S., Zain, J.M., Inayat, Z., Haq, R.U., Karim, A., and Jabir, A.N. (2016, January 11\u201312). A Static Approach Towards Mobile Botnet Detection. Proceedings of the 2016 3rd International Conference on Electronic Design (ICED), Phuket, Thailand.","DOI":"10.1109\/ICED.2016.7804708"},{"key":"ref_42","unstructured":"Toth, T., and Kruegel, C. (2002, January 9\u201313). Evaluating the impact of automated intrusion response mechanisms. Proceedings of the 18th Annual Computer Security Applications Conference, Washington, DC, USA."},{"key":"ref_43","unstructured":"Jou, Y., Gong, F., Sargor, C., Wu, X., Wu, S., Chang, H., and Wang, F. (, January 25\u201327). Design and implementation of a scalable intrusion detection system for the protection of network infrastructure. Proceedings of the DARPA Information Survivability Conference and Exposition, DISCEX\u201900, Hilton Head, CA, USA."},{"key":"ref_44","unstructured":"Porras, P.A., and Neumann, P.G. (1997, January 7\u201310). EMERALD: Event monitoring enabling response to anomalous live disturbances. Proceedings of the 20th National Information Systems Security Conference, Baltimore, MD, USA."},{"key":"ref_45","doi-asserted-by":"crossref","first-page":"1294","DOI":"10.1109\/SURV.2012.111412.00045","article-title":"A review on distributed application processing frameworks in smart mobile devices for mobile cloud computing","volume":"15","author":"Shiraz","year":"2013","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_46","unstructured":"Ying, L., Yan, Z., and Ou, Y. (2010, January 2\u20134). The design and implementation of host-based intrusion detection system. Proceedings of the 2010 Third International Symposium on Intelligent Information Technology and Security Informatics (IITSI), Jian, China."},{"key":"ref_47","unstructured":"(2016, August 15). Intrusion Prevention for the Cisco ASA 5500-X, Series. Available online: http:\/\/www.cisco.com\/c\/dam\/en\/us\/products\/collateral\/security\/asa-5500-series-next-generation-firewalls\/data_sheet_c78_459036.pdf."},{"key":"ref_48","doi-asserted-by":"crossref","first-page":"31","DOI":"10.1016\/j.cose.2004.06.011","article-title":"A taxonomy of network and computer attacks","volume":"24","author":"Hansman","year":"2005","journal-title":"Comput. Secur."},{"key":"ref_49","doi-asserted-by":"crossref","unstructured":"Zhang, Y., and Lee, W. (2000, January 6\u201311). Intrusion detection in wireless ad-hoc networks. Proceedings of the 6th Annual International Conference on Mobile Computing and Networking, Boston, MA, USA.","DOI":"10.1145\/345910.345958"},{"key":"ref_50","first-page":"169","article-title":"A taxonomy of intrusion response systems","volume":"1","author":"Stakhanova","year":"2007","journal-title":"Int. J. Inf. Comput. Secur."},{"key":"ref_51","doi-asserted-by":"crossref","first-page":"24","DOI":"10.1016\/j.future.2015.09.031","article-title":"Cloud computing adoption framework: A security framework for business clouds","volume":"57","author":"Chang","year":"2016","journal-title":"Future Gen. Comput. Syst."},{"key":"ref_52","doi-asserted-by":"crossref","first-page":"25","DOI":"10.1016\/j.jnca.2012.08.007","article-title":"An intrusion detection and prevention system in cloud computing: A systematic review","volume":"36","author":"Patel","year":"2013","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_53","doi-asserted-by":"crossref","first-page":"20","DOI":"10.1109\/65.484228","article-title":"Cooperating security managers: A peer-based intrusion detection system","volume":"10","author":"White","year":"1996","journal-title":"Netw. IEEE"},{"key":"ref_54","doi-asserted-by":"crossref","first-page":"37","DOI":"10.3233\/JCS-1999-7103","article-title":"NetSTAT: A network-based intrusion detection system","volume":"7","author":"Vigna","year":"1999","journal-title":"J. Comput. Secur."},{"key":"ref_55","doi-asserted-by":"crossref","first-page":"18","DOI":"10.1016\/j.cose.2008.08.003","article-title":"Anomaly-based network intrusion detection: Techniques, systems and challenges","volume":"28","year":"2009","journal-title":"Comput. Secur."},{"key":"ref_56","doi-asserted-by":"crossref","unstructured":"Nadeem, A., and Howarth, M. (2009, January 21\u201324). Adaptive intrusion detection & prevention of denial of service attacks in MANETs. Proceedings of the 2009 International Conference on Wireless Communications and Mobile Computing: Connecting the World Wirelessly, Leipzig, Germany.","DOI":"10.1145\/1582379.1582581"},{"key":"ref_57","first-page":"101","article-title":"Network intrusion detection system using fuzzy logic","volume":"2","author":"Shanmugavadivu","year":"2011","journal-title":"Indian J. Comput. Sci. Eng. (IJCSE)"},{"key":"ref_58","unstructured":"Lindqvist, U., and Jonsson, E. (1997, January 4\u20137). How to systematically classify computer security intrusions. Proceedings of the 1997 IEEE Symposium on Security and Privacy, Oakland, CA, USA."},{"key":"ref_59","doi-asserted-by":"crossref","first-page":"201","DOI":"10.1016\/j.ins.2013.03.022","article-title":"Adversarial attacks against intrusion detection systems: Taxonomy, solutions and open issues","volume":"239","author":"Corona","year":"2013","journal-title":"Inf. Sci."},{"key":"ref_60","unstructured":"Banerjee, U., and Arya, K. (2014). Emerging Trends in Computing and Communication, Springer."},{"key":"ref_61","first-page":"12","article-title":"Big Data: The End of Privacy or a New Beginning?","volume":"3","author":"Rubinstein","year":"2013","journal-title":"Int. Data Priv. Law"},{"key":"ref_62","unstructured":"(2016, September 28). TechNet. Available online: http:\/\/technet.microsoft.com\/en-us\/library\/cc959354.aspx."},{"key":"ref_63","doi-asserted-by":"crossref","first-page":"42","DOI":"10.1016\/j.jnca.2012.05.003","article-title":"A survey of intrusion detection techniques in cloud","volume":"36","author":"Modi","year":"2013","journal-title":"J. Netw. Comput. Appl."},{"key":"ref_64","unstructured":"(1970, January 01). Spam and Fraud Activity Trends. Available online: http:\/\/www.symantec.com\/."},{"key":"ref_65","doi-asserted-by":"crossref","first-page":"2027","DOI":"10.1109\/SURV.2013.030713.00201","article-title":"A Survey of MANET Intrusion Detection & Prevention Approaches for Network Layer Attacks","volume":"15","author":"Nadeem","year":"2012","journal-title":"IEEE Commun. Surv. Tutor."},{"key":"ref_66","doi-asserted-by":"crossref","unstructured":"Moore, D., and Shannon, C. (2002, January 6\u20138). Code-Red: A case study on the spread and victims of an Internet worm. Proceedings of the 2nd ACM SIGCOMM Workshop on Internet Measurment, Marseille, France.","DOI":"10.1145\/637241.637244"},{"key":"ref_67","doi-asserted-by":"crossref","unstructured":"Wang, Z., and Lee, R.B. (2006, January 1\u201315). Covert and side channels due to processor architecture. Proceedings of the 22nd Annual Computer Security Applications Conference, ACSAC\u201906, Washington, DC, USA.","DOI":"10.1109\/ACSAC.2006.20"},{"key":"ref_68","doi-asserted-by":"crossref","unstructured":"Khan, N., Yaqoob, I., Hashem, I.A.T.H., Inayat, Z., Ali, W.K.M., Alam, M., Shiraz, M., and Gani, A. (2014). Big Data: Survey, Technologies, Opportunities, and Challenges. Sci. World J., 2014.","DOI":"10.1155\/2014\/712826"},{"key":"ref_69","doi-asserted-by":"crossref","unstructured":"Xu, Q., and Liu, G. (2009, January 11\u201314). Configuring clark-wilson integrity model to enforce flexible protection. Proceedings of the International Conference on Computational Intelligence and Security, CIS\u201909, San Jose, CA, USA.","DOI":"10.1109\/CIS.2009.249"},{"key":"ref_70","doi-asserted-by":"crossref","unstructured":"Bace, R., and Mell, P. (2001). NIST Special Publication on Intrusion Detection Systems, Macmillan. DTIC Document 2001.","DOI":"10.6028\/NIST.SP.800-31"},{"key":"ref_71","doi-asserted-by":"crossref","first-page":"21","DOI":"10.1016\/j.dss.2010.06.001","article-title":"A cost-based analysis of intrusion detection system configuration under active or passive response","volume":"50","author":"Yue","year":"2010","journal-title":"Decis. Support Syst."},{"key":"ref_72","unstructured":"Raju, P.N. (2005). State-of-the-Art Intrusion Detection: Technologies, Challenges, and Evaluation. [Master Thesis, Link\u00f6ping University]."},{"key":"ref_73","unstructured":"Cansian, A.M., Moreira, E., Carvalho, A., and Bonifacio, J. (, January 10\u201312). Network intrusion detection using neural networks. Proceedings of the International Conference on Computational Intelligence and Multimedia Applications, Gold Coast, Australia."},{"key":"ref_74","unstructured":"Bonifaco, J., and Moreira, E. (September, January 31). An adaptive intrusion detection system using neural networks. Proceedings of the International Federation for Information Processing (IFIP) Information Security & Privacy Conference, Poznan, Poland."},{"key":"ref_75","unstructured":"Bace, R.G. (2016, September 20). Intrusion Detection. Available online: http:\/\/books.google.com.my\/books?isbn=1578701856."},{"key":"ref_76","unstructured":"Hasswa, A., Zulkernine, M., and Hassanein, H. (,  2005). Routeguard: An intrusion detection and response system for mobile ad hoc networks. Proceedings of the IEEE International Conference on Wireless and Mobile Computing, Networking and Communications, (WiMob\u20192005), Big Island, HI, USA."},{"key":"ref_77","unstructured":"Wang, S.-H., Tseng, C.H., Levitt, K., and Bishop, M. (2007). Recent Advances in Intrusion Detection, Springer."},{"key":"ref_78","unstructured":"Hawrylkiw, D. (2014, April 30). SANS. Available online: http:\/\/www.sans.org\/security-resources\/idfaq\/auto_res.php."},{"key":"ref_79","unstructured":"(1970, January 01). Symantec. Available online: http:\/\/www.symantec.com\/security_response\/writeup.jsp?docid=2001-080421-3353-99."},{"key":"ref_80","unstructured":"Anuar, N.B., Furnell, S., Papadaki, M., and Clarke, N. (2009). Response Mechanisms for Intrusion Response Systems (IRSs), University of Plymouth."},{"key":"ref_81","unstructured":"Kruegel, C., Valeur, F., and Vigna, G. (2004). Intrusion Detection and Correlation: Challenges and Solutions, Springer."}],"container-title":["Algorithms"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/1999-4893\/10\/2\/39\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T18:31:22Z","timestamp":1760207482000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/1999-4893\/10\/2\/39"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2017,3,27]]},"references-count":81,"journal-issue":{"issue":"2","published-online":{"date-parts":[[2017,6]]}},"alternative-id":["a10020039"],"URL":"https:\/\/doi.org\/10.3390\/a10020039","relation":{},"ISSN":["1999-4893"],"issn-type":[{"value":"1999-4893","type":"electronic"}],"subject":[],"published":{"date-parts":[[2017,3,27]]}}}