Machine Learning and Deep Learning Methods for Intrusion Detection Systems: A Survey
Hongyu Liu,Bo Lang +1 more
TLDR
A taxonomy of IDS is proposed that takes data objects as the main dimension to classify and summarize machine learning- based and deep learning-based IDS literature, and believes that this type of taxonomy framework is fit for cyber security researchers.Abstract:
Networks play important roles in modern life, and cyber security has become a vital research area. An intrusion detection system (IDS) which is an important cyber security technique, monitors the state of software and hardware running in the network. Despite decades of development, existing IDSs still face challenges in improving the detection accuracy, reducing the false alarm rate and detecting unknown attacks. To solve the above problems, many researchers have focused on developing IDSs that capitalize on machine learning methods. Machine learning methods can automatically discover the essential differences between normal data and abnormal data with high accuracy. In addition, machine learning methods have strong generalizability, so they are also able to detect unknown attacks. Deep learning is a branch of machine learning, whose performance is remarkable and has become a research hotspot. This survey proposes a taxonomy of IDS that takes data objects as the main dimension to classify and summarize machine learning-based and deep learning-based IDS literature. We believe that this type of taxonomy framework is fit for cyber security researchers. The survey first clarifies the concept and taxonomy of IDSs. Then, the machine learning algorithms frequently used in IDSs, metrics, and benchmark datasets are introduced. Next, combined with the representative literature, we take the proposed taxonomic system as a baseline and explain how to solve key IDS issues with machine learning and deep learning techniques. Finally, challenges and future developments are discussed by reviewing recent representative studies.read more
Citations
More filters
Journal ArticleDOI
Network Intrusion Detection System: A systematic study of Machine Learning and Deep Learning approaches
Zeeshan Ahmad,Zeeshan Ahmad,Adnan Shahid Khan,Cheah Wai Shiang,Johari Abdullah,Farhan Ahmad,Farhan Ahmad +6 more
TL;DR: The concept of IDS is clarified and the taxonomy based on the notable ML and DL techniques adopted in designing network‐based IDS (NIDS) systems is provided, which highlights various research challenges and provided the future scope for the research in improving ML andDL‐based NIDS.
Journal ArticleDOI
Prediction of daily global solar radiation using different machine learning algorithms: Evaluation and comparison
TL;DR: All machine learning algorithms tested in this study can be used in the prediction of daily global solar radiation data with a high accuracy; however, the ANN algorithm is the best fitting algorithm among all algorithms.
Journal ArticleDOI
An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset
TL;DR: A flow-based intrusion detection model, SGM-CNN, which integrates imbalanced class processing with convolutional neural network, and investigates the impact of different numbers of convolution kernels and different learning rates on model performance is designed.
Journal ArticleDOI
Detection of DDoS attacks with feed forward based deep neural network model
TL;DR: The experiments carried out on the CICDDoS2019 dataset containing the current DDoS attack types created in 2019 showed that the attacks on network traffic were detected with 99.99% success and the attack types were classified with an accuracy rate of 94.57%.
Journal ArticleDOI
Towards a Reliable Comparison and Evaluation of Network Intrusion Detection Systems Based on Machine Learning Approaches
TL;DR: The guideline and steps recommended will definitively help the research community to fairly assess NIDSs, although the definitive framework is not a trivial task and, therefore, some extra effort should still be made to improve its understandability and usability further.
References
More filters
Proceedings Article
ImageNet Classification with Deep Convolutional Neural Networks
TL;DR: The state-of-the-art performance of CNNs was achieved by Deep Convolutional Neural Networks (DCNNs) as discussed by the authors, which consists of five convolutional layers, some of which are followed by max-pooling layers, and three fully-connected layers with a final 1000-way softmax.
Journal ArticleDOI
Long short-term memory
TL;DR: A novel, efficient, gradient based method called long short-term memory (LSTM) is introduced, which can learn to bridge minimal time lags in excess of 1000 discrete-time steps by enforcing constant error flow through constant error carousels within special units.
Journal ArticleDOI
ImageNet classification with deep convolutional neural networks
TL;DR: A large, deep convolutional neural network was trained to classify the 1.2 million high-resolution images in the ImageNet LSVRC-2010 contest into the 1000 different classes and employed a recently developed regularization method called "dropout" that proved to be very effective.
Journal ArticleDOI
A fast learning algorithm for deep belief nets
TL;DR: A fast, greedy algorithm is derived that can learn deep, directed belief networks one layer at a time, provided the top two layers form an undirected associative memory.
Posted Content
Sequence to Sequence Learning with Neural Networks
TL;DR: This paper presents a general end-to-end approach to sequence learning that makes minimal assumptions on the sequence structure, and finds that reversing the order of the words in all source sentences improved the LSTM's performance markedly, because doing so introduced many short term dependencies between the source and the target sentence which made the optimization problem easier.
Related Papers (5)
UNSW-NB15: a comprehensive data set for network intrusion detection systems (UNSW-NB15 network data set)
Nour Moustafa,Jill Slay +1 more