Journal of Cyber Security and Risk Auditing

ISSN: 3079-5354 (Online)

Utilizing IDS and IPS to Improve Cybersecurity Monitoring Process

by 

Sokroeurn Ang ;

Mony Ho ;

Sopheaktra Huy ;

Midhunchakkaravarthy Janarthanan

PDF logoPDF

Published: 2025/07/02

Abstract

Intrusion detection system (IDS) and intrusion prevention system (IPS) are crucial for protecting cyberattacks that target organizational information systems, IDS is focusing on detecting cyberattacks while IPS is focusing on preventing cyberattack. The research examines the limitations of IDS and IPS in detecting and preventing threats, highlighting that both systems rely on signature and anomaly-based detection methods. However, these detection techniques require significant enhancements, as current implementations in IDS and IPS may not effectively address all threats. The main objective of this study is to discover the limitation feature of IDS and IPS in detecting and preventing threats. The data collection and analysis are using a combination of quantitative and qualitative approaches, based on an in-depth review of research and review articles. The analysis shows that attackers can exploit information systems due to the absence of latest signatures and anomaly-based detection in intrusion detection systems (IDS) and intrusion prevention systems (IPS). The findings recommend that cybersecurity professionals should regularly update and verify both signature-based and anomaly-based detection mechanisms, as well as implement both network-based and host-based level to ensure that IDS and IPS can effectively detect and prevent threats in real time.

Keywords

Intrusion Detection System (IDS)Intrusion Prevention System (IPS)SignatureAnomalyCyberattackCyber threat

Doi Link

https://doi.org/10.63180/jcsra.thestap.2025.3.7

How to Cite the Article

Ang, S., Ho, M., Huy, S., & Janarthanan, M. (2025). Utilizing IDS and IPS to Improve Cybersecurity Monitoring Process. Journal of Cyber Security and Risk Auditing, 2025(3), 77–88.https://doi.org/10.63180/jcsra.thestap.2025.3.7

Utilizing IDS and IPS to Improve Cybersecurity Monitoring Process is licensed under CC BY 4.0CCBY

References

  1. Gupta, N., Jindal, V., & Bedi, P. (2023). A survey on intrusion detection and prevention systems. SN Computer Science, 4(439), 1–5. https://doi.org/10.1007/s42979-023-01926-7
  2. Otoum, Y., & Nayak, A. (2021). AS-IDS: Anomaly and signature-based IDS for the Internet of Things. Journal of Network and Systems Management, 29(3), 1–24. https://doi.org/10.1007/s10922-021-09589-6
  3. Quincozes, S. E., Albuquerque, C., Passos, D., & Mossé, D. (2021). A survey on intrusion detection and prevention systems in digital substations. Computer Networks, 184, 8–15. https://doi.org/10.1016/j.comnet.2020.107679
  4. Hawedi, M., Talhi, C., & Boucheneb, H. (2018). Multi-tenant intrusion detection system for public cloud (MTIDS). Journal of Supercomputing, 74(12), 5201–5208. https://doi.org/10.1007/s11227-018-2572-6
  5. National Institute of Standards and Technology. (2007, February). Guide to intrusion detection and prevention systems (IDPS) (Special Publication 800-94). https://csrc.nist.gov/publications/detail/sp/800-94/final
  6. Ring, M., Wunderlich, S., Scheuring, D., Landes, D., & Hotho, A. (2019). A survey of network-based intrusion detection data sets. Computers & Security, 87, 157–163. https://doi.org/10.1016/j.cose.2019.06.005
  7. Seo, W., & Pak, W. (2021). Real-time network intrusion prevention system based on hybrid machine learning. IEEE Access, 9, 46387–46393. https://doi.org/10.1109/ACCESS.2021.3066620
  8. Ring, M., Wunderlich, S., Scheuring, D., Landes, D., & Hotho, A. (2019). A survey of network-based intrusion detection data sets. Computers & Security, 87, 148–151. https://doi.org/10.1016/j.cose.2019.06.005
  9. Garcia, C. F. J., & Blandon, T. E. G. A. (2022). A deep learning-based intrusion detection and prevention system for detecting and preventing denial-of-service attacks. IEEE Access, 10, 83044–83050. https://doi.org/10.1109/ACCESS.2022.319664
  10. Keegan, N., Ji, S.-Y., Chaudhary, A., Concolato, C., Yu, B., & Jeong, D. H. (2016). A survey of cloud-based network intrusion detection analysis. Human-Centric Computing and Information Sciences, 6(19), 1–17. https://doi.org/10.1186/s13673-016-0076-z
  11. Ahmad, Z., Khan, A. S., Shiang, C. W., Abdullah, J., & Ahmad, F. (2020). Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Transactions on Emerging Telecommunications Technologies, 32(1), 1–9. https://doi.org/10.1002/ett.4150
  12. Sajid, M., Malik, K. R., Almogren, A., Malik, T. S., Khan, A. H., Tanveer, J., & Rehman, A. U. (2024). Enhancing intrusion detection: A hybrid machine and deep learning approach. Journal of Cloud Computing, 13(123), 6–18. https://doi.org/10.1186/s13677-024-00685-x
  13. Pinto, A., Herrera, L.-C., Donoso, Y., & Gutierrez, J. A. (2023). Survey on intrusion detection systems based on machine learning techniques for the protection of critical infrastructure. Sensors, 23(5), 6–11. https://doi.org/10.3390/s23052415
  14. Issa, M. M., Aljanabi, M., & Muhialdeen, H. M. (2024). Systematic literature review on intrusion detection systems: Research trends, algorithms, methods, datasets, and limitations. Journal of Intelligent Systems, 33(1), 15–26. https://doi.org/10.1515/jisys-2023-0248
  15. Yang, Z., Liu, X., Li, T., Wu, D., Wang, J., Zhao, Y., & Han, H. (2022). A systematic literature review of methods and datasets for anomaly-based network intrusion detection. Computers & Security, 102, 7–17. https://doi.org/10.1016/j.cose.2022.102675
  16. Kumar, A., Abhishek, K., Ghalib, M. R., Shankar, A., & Cheng, X. (2022). Intrusion detection and prevention system for an IoT environment. Computers & Security, 114, 540–550. https://doi.org/10.1016/j.cose.2022.102675
  17. Saito, S., Maruhashi, K., Takenaka, M., & Torii, S. (2016). TOPASE: Detection and prevention of brute force attacks with disciplined IPs from IDS logs. Journal of Information Processing, 24(4), 217–224. https://doi.org/10.2197/ipsjjip.24.217
  18. Aburomman, A. A., & Reaz, I. B. M. (2016). Review of IDS development methods in machine learning. International Journal of Electrical and Computer Engineering (IJECE), 6(6), 2432–2434. https://doi.org/10.11591/ijece.v6i6.12478
  19. Modi, C., Patel, D., Patel, H., Borisaniya, B., Patel, A., & Rajarajan, M. (2013). A survey of intrusion detection techniques in Cloud. Journal of Network and Computer Applications, 36(1), 48–53. https://doi.org/10.1016/j.jnca.2012.05.003
  20. Cañola Garcia, J. F., & Taborda Blandon, G. E. (2022). A deep learning-based intrusion detection and prevention system for detecting and preventing denial-of-service attacks. IEEE Access, 10, 83050–83055. https://doi.org/10.1109/ACCESS.2022.3196642
  21. Vanin, P., Newe, T., Dhirani, L. L., O'Connell, E., O'Shea, D., Lee, B., & Rao, M. (2022). A study of network intrusion detection systems using artificial intelligence/machine learning. Applied Sciences, 12(21), 10–22. https://doi.org/10.3390/app122211752
  22. Thakkar, A., & Lohiya, R. (2022). A survey on intrusion detection system: Feature selection, model, performance measures, application perspective, challenges, and future research directions. Artificial Intelligence Review, 55(4), 470–510. https://doi.org/10.1007/s10462-021-10037-9
  23. Kwon, H.-Y., Kim, T., & Lee, M.-K. (2022). Advanced intrusion detection combining signature-based and behavior-based detection methods. Electronics, 11(6), 2–4. https://doi.org/10.3390/electronics11060867
  24. Kikissagbe, B. R., & Adda, M. (2024). Machine learning-based intrusion detection methods in IoT systems: A comprehensive review. Electronics, 13(18), 1–2. https://doi.org/10.3390/electronics13183601
  25. Giri, A. L., & Annamalai, S. (2022). Intrusion detection system for local networks – A review study. In Proceedings of the 2nd International Conference on Advances in Computing, Innovation and Technology in Engineering (ICACITE) (pp. 1388–1391). https://doi.org/10.1109/ICACITE53722.2022.9823433
  26. Korčák, M., Lámer, J., & Jakab, F. (2014). Intrusion prevention/intrusion detection system (IPS/IDS) for WiFi networks. International Journal of Computer Networks & Communications (IJCNC), 6(4), 78–80. https://doi.org/10.5121/ijcnc.2014.6407
  27. Jayalaxmi, P. L. S. L. S., Saha, R., Kumar, G., Conti, M., & Kim, T.-H. (2022). Machine and deep learning solutions for intrusion detection and prevention in IoTs: A survey. IEEE Access, 10, 121185–121187. https://doi.org/10.1109/ACCESS.2022.3220622
  28. Chung, C.-J., Khatkar, P., Xing, T., Lee, J., & Huang, D. (2013). NICE: Network intrusion detection and countermeasure selection in virtual network systems. IEEE Transactions on Dependable and Secure Computing, 10(4), 200–210. https://doi.org/10.1109/TDSC.2013.8
  29. Hart, M., Richardson, E., & Dave, R. (2024). The effects of IDS/IPS placement on big data systems in geo distributed wide area networks. International Journal of Advanced Computer Science and Applications, 15(9), 11–17. https://doi.org/10.14569/IJACSA.2024.0150902
  30. Ruíz-Lagunas, J. J., Antolino-Hernández, A., Torres-Millarez, C., Paniagua-Villagómez, O., Reyes-Gutiérrez, M. R., & Ferreira-Medina, H. (2019). How to improve the IoT security implementing IDS/IPS tool using Raspberry Pi 3B+. International Journal of Advanced Computer Science and Applications, 10(9), 399–402. https://doi.org/10.14569/IJACSA.2019.0100952
  31. Niksefat, S., Kaghazgaran, P., & Sadeghiyan, B. (2017). Privacy issues in intrusion detection systems: A taxonomy, survey, and future directions. Computer Science Review, 25, 70–73. https://doi.org/10.1016/j.cosrev.2017.07.001
  32. Seo, W., & Pak, W. (2021). Real-time network intrusion prevention system based on hybrid machine learning. IEEE Access, 9, 46386–46395. https://doi.org/10.1109/ACCESS.2021.3066620
  33. KKumar, S., Gupta, S., & Arora, S. (2021). Research trends in network-based intrusion detection systems: A review. IEEE Access, 9, 157761–157774. https://doi.org/10.1109/ACCESS.2021.3129775
  34. Samrin, R., & Vasumathi, D. (2017). Review on anomaly-based network intrusion detection system. In 2017 International Conference on Electrical, Electronics, Communication, Computer and Optimization Techniques (ICEECCOT) (pp. 142–145). https://doi.org/10.1109/ICEECCOT.2017.8284655
  35. Keegan, N., Ji, S.-Y., Chaudhary, A., Concolato, C., Yu, B., & Jeong, D. H. (2016). A survey of cloud-based network intrusion detection analysis. Human-Centric Computing and Information Sciences, 6(1), 2–14. https://doi.org/10.1186/s13673-016-0076-z
  36. Bedogni, L., Bousdekis, A., Von Stietencron, M., Pinto, A., Herrera, L.-C., Donoso, Y., & Gutierrez, J. A. A. (2023). Survey on intrusion detection systems based on machine learning techniques for the protection of critical infrastructure. Sensors, 23(5), 2–13. https://doi.org/10.3390/s23052415
  37. Ho, C.-Y., Lai, Y.-C., Chen, I.-W., Wang, F.-Y., & Tai, W.-H. (2012). Statistical analysis of false positives and false negatives from real traffic with intrusion detection/prevention systems. IEEE Communications Magazine, 50(3), 146–153. https://doi.org/10.1109/MCOM.2012.6163595
  38. Saito, S., Maruhashi, K., Takenaka, M., & Torii, S. (2016). TOPASE: Detection and prevention of brute force attacks with disciplined IPs from IDS logs. Journal of Information Processing, 24, 217–224. https://doi.org/10.2197/ipsjjip.24.217
  39. Sangaiah, A. K., Javadpour, A., & Pinto, P. (2023). Towards data security assessments using an IDS security model for cyberphysical smart cities. Information Sciences, 617, 2–13. https://doi.org/10.1016/j.ins.2023.119530
  40. Ahmad, Z., Khan, A. S., Shiang, C. W., Abdullah, J., Ahmad, F., & Khan, A. S. (2020). Network intrusion detection system: A systematic study of machine learning and deep learning approaches. Transactions on Emerging Telecommunications Technologies, 31(10), 1–23. https://doi.org/10.1002/ett.4150
  41. Banu, N., & Sangeetha, S. K. B. K. B. (2025). Intrumer: A multi-module distributed explainable IDS/IPS for securing cloud environment. Computers, Materials & Continua, 72(1), 1–10. https://doi.org/10.32604/cmc.2024.059805
  42. Behravan, M., & Ghaffarian, S. (2019). A survey of intrusion detection and prevention systems. Journal of Computer Networks and Communications, 2019, 1–9. https://doi.org/10.1155/2019/5368421
  43. Yadav, S., & Saxena, M. (2020). Reducing false positives in intrusion detection systems using hybrid machine learning algorithms. Future Generation Computer Systems, 107, 107–115. https://doi.org/10.1016/j.future.2019.12.033
  44. Ahmad, A., & Khan, M. K. (2019). Machine learning-based IDS for reducing false positives in network security. Computers & Security, 87, 101557–101565. https://doi.org/10.1016/j.cose.2019.101557
  45. Wang, F., & Yao, L. (2020). A deep learning approach for intrusion detection system with reduced false positives. Journal of Network and Computer Applications, 155, 2–10. https://doi.org/10.1016/j.jnca.2020.102530
  46. Alsmadi, I., & Xu, D. (2015). Security of Software Defined Networks: A survey. Computers & Security, 53, 80–90. https://doi.org/10.1016/j.cose.2015.05.006
  47. Sharma, A., & Rani, A. (2018). Reducing false positives in intrusion detection systems using ensemble learning. Journal of Computer Science and Technology, 33(5), 1034–1040. https://doi.org/10.1007/s11390-018-1845-6
  48. Zhao, W., & Zhao, Z. (2024). Providing a hybrid approach to increase the accuracy of intrusion detection systems in computer networks. Journal of Engineering and Applied Science, 71, Article 123, 2–17. https://doi.org/10.1186/s44147-024-00404-y
  49. Sowmya, T., & Mary Anita, E. A. (2023). A comprehensive review of AI-based intrusion detection system. Measurement: Sensors, 28, Article 100827, 2–10. https://doi.org/10.1016/j.measen.2023.100827
  50. Spathoulas, G. P., & Katsikas, S. K. (2010). Reducing false positives in intrusion detection systems. Computers & Security, 29(1), 36–40. https://doi.org/10.1016/j.cose.2009.07.008
  51. Asad, H., Adhikari, S., & Gashi, I. (2024). A perspective–retrospective analysis of diversity in signature-based open-source network intrusion detection systems. International Journal of Information Security, 23, 1332–1342. https://doi.org/10.1007/s10207-023-00794-9