Host Based

Host-based intrusion detection systems (HIDS) aim to identify malicious activities within a computer system by analyzing system logs and other internal data. Current research focuses on improving detection accuracy and efficiency using machine learning techniques, particularly graph neural networks and federated learning, to analyze complex data structures like provenance graphs and to handle the privacy concerns associated with centralized approaches. These advancements enhance the ability to detect sophisticated attacks, such as advanced persistent threats (APTs), in real-time, leading to improved cybersecurity and more effective incident response. The development of explainable anomaly detection methods is also a growing area of interest.