“…Information-Centric: If we examine the information used for the detection, then IDS systems can be further categorized into Host-based Intrusion Detection (HID) and Networkbased Intrusion Detection (NID). Host-based methods detect intrusions by examining data gathered from hosts, such as device memory, application logs [62,90,94,123,132,138,141], the change of system configuration [79], Network-based methods collect data from either a network, a hub or a router and detect anomalies at the source, destination, protocol and payload from network data [9,31,51,63,72,88,111,113,122]. Analysis-Centric: This category focuses on different analysis techniques for detecting outliers.…”