Abstract
Deep learning (DL) is gaining significant prevalence in every field of study due to its domination in training large data sets. However, several applications are utilizing machine learning (ML) methods from the past several years and reported good performance. However, their limitations in terms of data complexity give rise to DL methods. Intrusion detection is one of the prominent areas in which researchers are extending DL methods. Even though several excellent surveys cover the growing body of research on this subject, the literature lacks a detailed comparison of ML methods such as ANN, SVM, fuzzy approach, swarm intelligence and evolutionary computation methods in intrusion detection, particularly on recent research. In this context, the present paper deals with the systematic review of ML methods and DL methods in intrusion detection. In addition to reviewing ML and DL methods, this paper also focuses on benchmark datasets, performance evaluation measures and various applications of DL methods for intrusion detection. The present paper summarizes the recent work, compares their experimental results for detecting network intrusions. Furthermore, current research challenges are identified for helping fellow researchers in the era of DL-based intrusion detection.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abdullah B, Abd-Alghafar I, Salama GI, Abd-Alhafez A (2009) Performance evaluation of a genetic algorithm based approach to network intrusion detection system. In: International conference on aerospace sciences and aviation technology. The Military Technical College, pp 1–17
Abubakar AI, Chiroma H, Muaz SA, Ila LB (2015) A review of the advances in cyber security benchmark datasets for evaluating data-driven based intrusion detection systems. In: SCSE, pp 221–227
Aburomman AA, Reaz MBI (2016) Ensemble of binary SVM classifiers based on pca and lda feature extraction for intrusion detection. In: 2016 IEEE advanced information management, communicates, electronic and automation control conference (IMCEC). IEEE, pp 636–640
Aghdam MH, Kabiri P (2016) Feature selection for intrusion detection system using ant colony optimization. IJ Netw Secur 18(3):420–432
Aissa NB, Guerroumi M (2016) Semi-supervised statistical approach for network anomaly detection. Procedia Comput Sci 83:1090–1095
Akilandeswari V, Shalinie SM (2012) Probabilistic neural network based attack traffic classification. In: 2012 Fourth international conference on advanced computing (ICoAC). IEEE, pp 1–8
Al-Dhafian B, Ahmad I, Al-Ghamid A (2015) An overview of the current classification techniques in intrusion detection. In: Proceedings of the international conference on security and management (SAM). The Steering Committee of The World Congress in Computer Science, Computer, p 82
Al-Yaseen WL, Othman ZA, Nazri MZA (2017) Multi-level hybrid support vector machine and extreme learning machine based on modified k-means for intrusion detection system. Expert Syst Appl 67:296–303
Ali MH, Al Mohammed BAD, Ismail A, Zolkipli MF (2018) A new intrusion detection system based on fast learning network and particle swarm optimization. IEEE Access 6:20255–20261
Aljumah A (2017) Detection of distributed denial of service attacks using artificial neural networks. In: IJACSA international journal of advanced computer science and applications, vol 8(8)
Almomani A, Alauthman M, Albalas F, Dorgham O, Obeidat A (2020) An online intrusion detection system to cloud computing based on neucube algorithms. In: Cognitive analytics: concepts, methodologies, tools, and applications. IGI Global, pp 1042–1059
Alsubhi K, Aib I, Boutaba R (2012) Fuzmet: a fuzzy-logic based alert prioritization engine for intrusion detection systems. Int J Netw Manag 22(4):263–284
Alzaylaee MK, Yerima SY, Sezer S (2020) Dl-droid: deep learning based android malware detection using real devices. Comput Secur 89:101663
Aminanto ME, Kim K (2016a) Deep learning-based feature selection for intrusion detection system in transport layer. In: Proceedings of the Korea Institutes of information security and cryptology conference, pp 740–743
Aminanto ME, Kim K (2016b) Detecting impersonation attack in wifi networks using deep learning approach. In: International workshop on information security applications. Springer, pp 136–147
Aminanto ME, Kim K (2017) Improving detection of wi-fi impersonation by fully unsupervised deep learning. In: International workshop on information security applications. Springer, pp 212–223
Aminanto ME, Choi R, Tanuwidjaja HC, Yoo PD, Kim K (2017) Deep abstraction and weighted feature selection for wi-fi impersonation detection. IEEE Trans Inf Forensics Secur 13(3):621–636
Arabo A (2019) Distributed ids using agents: an agent-based detection system to detect passive and active threats to a network. In: ICCWS 2019 14th international conference on cyber warfare and security: ICCWS 2019. Academic Conferences and Publishing Limited, p 11
Arrieta AB, Díaz-Rodríguez N, Del Ser J, Bennetot A, Tabik S, Barbado A, García S, Gil-López S, Molina D, Benjamins R et al (2020) Explainable artificial intelligence (xai): concepts, taxonomies, opportunities and challenges toward responsible ai. Inf Fusion 58:82–115
Ashfaq RAR, Wang XZ, Huang JZ, Abbas H, He YL (2017) Fuzziness based semi-supervised learning approach for intrusion detection system. Inf Sci 378:484–497
Bamakan SMH, Amiri B, Mirzabagheri M, Shi Y (2015) A new intrusion detection approach using pso based multiple criteria linear programming. Procedia Comput Sci 55:231–237
Bamakan SMH, Wang H, Yingjie T, Shi Y (2016) An effective intrusion detection framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization. Neurocomputing 199:90–102
Belavagi MC, Muniyal B (2016) Performance evaluation of supervised machine learning algorithms for intrusion detection. Procedia Comput Sci 89:117–123
Bengio Y et al (2009) Learning deep architectures for ai. Found Trends Mach Learn 2(1):1–127
Beni G, Wang J (1993) Swarm intelligence in cellular robotic systems. In: Robots and biological systems: towards a new bionics? Springer, pp 703–712
Brugger ST, Chow J (2007) An assessment of the Darpa ids evaluation dataset using snort. UCDAVIS Dept Comput Sci 1(2007):22
Caminero G, Lopez-Martin M, Carro B (2019) Adversarial environment reinforcement learning algorithm for intrusion detection. Comput Netw 159:96–109
Çavuşoğlu Ü (2019) A new hybrid approach for intrusion detection using machine learning methods. Appl Intell 49(7):2735–2761
Chaabouni N, Mosbah M, Zemmari A, Sauvignac C, Faruki P (2019) Network intrusion detection for iot security based on learning techniques. IEEE Commun Surv Tutor 21(3):2671–2701
Chen H, Schuffels C, Orwig R (1996) Internet categorization and search: a self-organizing approach. J Vis Commun Image Represent 7(1):88–102
Chen CP, Zhang CY, Chen L, Gan M (2015) Fuzzy restricted Boltzmann machine for the enhancement of deep learning. IEEE Trans Fuzzy Syst 23(6):2163–2173
Chevalier R, Plaquin D, Villatel M, Hiet G (2020) Intrusion detection systems. US Patent App. 16/486,331
Chitrakar R, Huang C (2012) Anomaly based intrusion detection using hybrid learning approach of combining k-medoids clustering and Naive Bayes classification. In: 2012 8th International conference on wireless communications, networking and mobile computing. IEEE, pp 1–5
Cloudstor (2019) Cloudstor. https://cloudstor.aarnet.edu.au/plus/index.php/s/2DhnLGDdEECo4ys. Accessed 15 Apr 15 2020
Creech G, Hu J (2013) Generation of a new ids test dataset: time to retire the kdd collection. In: 2013 IEEE wireless communications and networking conference (WCNC). IEEE, pp 4487–4492
Crosbie M, Spafford G, et al. (1995) Applying genetic programming to intrusion detection. In: Working notes for the AAAI symposium on genetic programming. MIT Press, Cambridge, pp 1–8
Dong B, Wang X (2016) Comparison deep learning method to traditional methods using for network intrusion detection. In: 2016 8th IEEE international conference on communication software and networks (ICCSN). IEEE, pp 581–585
Eesa AS, Orman Z, Brifcani AMA (2015) A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Expert Syst Appl 42(5):2670–2679
Effendy DA, Kusrini K, Sudarmawan S (2017) Classification of intrusion detection system (ids) based on computer network. In: 2017 2nd International conferences on information technology, information systems and electrical engineering (ICITISEE). IEEE, pp 90–94
Farnaaz N, Jabbar M (2016) Random forest modeling for network intrusion detection system. Procedia Comput Sci 89:213–217
Farzaneh B, Montazeri MA, Jamali S (2019) An anomaly-based ids for detecting attacks in rpl-based internet of things. In: 2019 5th International conference on web research (ICWR). IEEE, pp 61–66
Feng F, Liu X, Yong B, Zhou R, Zhou Q (2019) Anomaly detection in ad-hoc networks based on deep learning model: a plug and play device. Ad Hoc Netw 84:82–89
Ferrag MA, Maglaras L, Moschoyiannis S, Janicke H (2020) Deep learning for cyber security intrusion detection: approaches, datasets, and comparative study. J Inf Secur Appl. https://doi.org/10.1016/j.jisa.2019.102419
Gamage S, Samarabandu J (2020) Deep learning methods in network intrusion detection: a survey and an objective comparison. J Netw Comput Appl 169:102767
Gautam RKS, Doegar EA (2018) An ensemble approach for intrusion detection system using machine learning algorithms. In: 2018 8th International conference on cloud computing, data science & engineering (confluence). IEEE, pp 14–15
geopolitical-attacks (2019) geopolitical-attacks. https://www.privacyaffairs.com/geopolitical-attacks/3. Accessed 15 Apr 2020
Gharib A, Sharafaldin I, Lashkari AH, Ghorbani AA (2016) An evaluation framework for intrusion detection dataset. In: 2016 International conference on information science and security (ICISS). IEEE, pp 1–6
Ghose N, Lazos L, Rozenblit J, Breiger R (2019) Multimodal graph analysis of cyber attacks. In: 2019 Spring simulation conference (SpringSim). IEEE, pp 1–12
Gomez J, Dasgupta D (2002) Evolving fuzzy classifiers for intrusion detection. In: Proceedings of the 2002 IEEE workshop on information assurance, pp 321–323
Gu J, Lu S (2021) An effective intrusion detection approach using SVM with Naïve Bayes feature embedding. Comput Secur 103:102158
Gu J, Wang L, Wang H, Wang S (2019) A novel approach to intrusion detection using SVM ensemble with feature augmentation. Comput Secur 86:53–62
Guo C, Ping Y, Liu N, Luo SS (2016) A two-level hybrid approach for intrusion detection. Neurocomputing 214:391–400
Gupta BB, Joshi RC, Misra M (2012) Ann based scheme to predict number of zombies in a ddos attack. IJ Netw Secur 14(2):61–70
Hajimirzaei B, Navimipour NJ (2019) Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm. ICT Express 5(1):56–59
Hasan M, Islam MM, Zarif MII, Hashem M (2019) Attack and anomaly detection in iot sensors in iot sites using machine learning approaches. Internet Things 7:100059
He D, Chen X, Zou D, Pei L, Jiang L (2018) An improved kernel clustering algorithm used in computer network intrusion detection. In: 2018 IEEE international symposium on circuits and systems (ISCAS). IEEE, pp 1–5
Hodo E, Bellekens X, Iorkyase E, Hamilton A, Tachtatzis C, Atkinson R (2017) Machine learning approach for detection of nontor traffic. In: Proceedings of the 12th international conference on availability, reliability and security, pp 1–6
Hussain MS, Khan KUR (2020) A survey of ids techniques in manets using machine-learning. In: Proceedings of the third international conference on computational intelligence and informatics. Springer, pp 743–751
Ibrahim LM, Basheer DT, Mahmod MS (2013) A comparison study for intrusion database (kdd99, nsl-kdd) based on self organization map (som) artificial neural network. J Eng Sci Technol 8(1):107–119
Jacob NM, Wanjala MY (2018) A review of intrusion detection systems. Glob J Comput Sci Technol 5:66
Javaid A, Niyaz Q, Sun W, Alam M (2016) A deep learning approach for network intrusion detection system. In: Proceedings of the 9th EAI international conference on bio-inspired information and communications technologies (formerly BIONETICS), pp 21–26
Jebur SA, Nasereddin H (2015) Enhanced solutions for misuse network intrusion detection system using sga and ssga. Int J Comput Sci Netw Secur 15(5):66
Kabir E, Hu J, Wang H, Zhuo G (2018) A novel statistical technique for intrusion detection systems. Fut Gener Comput Syst 79:303–318
Kalteh AM, Hjorth P, Berndtsson R (2008) Review of the self-organizing map (som) approach in water resources: analysis, modelling and application. Environ Model Softw 23(7):835–845
Kandan AM, Kathrine GJ, Melvin AR (2019) Network attacks and prevention techniques—a study. In: 2019 IEEE international conference on electrical, computer and communication technologies (ICECCT). IEEE, pp 1–6
Kang MJ, Kang JW (2016) Intrusion detection system using deep neural network for in-vehicle network security. PLoS ONE 11(6):6
Kevric J, Jukic S, Subasi A (2017) An effective combining classifier approach using tree algorithms for network intrusion detection. Neural Comput Appl 28(1):1051–1058
Khan FA, Gumaei A (2019) A comparative study of machine learning classifiers for network intrusion detection. In: International conference on artificial intelligence and security. Springer, pp 75–86
Kim G, Lee S, Kim S (2014) A novel hybrid intrusion detection method integrating anomaly detection with misuse detection. Expert Syst Appl 41(4):1690–1700
Kim J, Kim J, Thu HLT, Kim H (2016) Long short term memory recurrent neural network classifier for intrusion detection. In: 2016 International conference on platform technology and service (PlatCon). IEEE, pp 1–5
Kudłacik P, Porwik P, Wesołowski T (2016) Fuzzy approach for intrusion detection based on users commands. Soft Comput 20(7):2705–2719
Kumar G, Kumar K, Sachdeva M (2010) The use of artificial intelligence based techniques for intrusion detection: a review. Artif Intell Rev 34(4):369–387
Kumar V, Chauhan H, Panwar D (2013) K-means clustering approach to analyze nsl-kdd intrusion detection dataset. Int J Soft Comput Eng 6:66
Kurniabudi K, Purnama B, Sharipuddin S, Darmawijoyo D, Stiawan D, Samsuryadi S, Heryanto A, Budiarto R (2019) Network anomaly detection research: a survey. Indones J Electr Eng Inform 7(1):37–50
Kyoto (2019) Kyoto. http://www.takakura.com/Kyoto_data/. Accessed 15 Apr 2020
Kyoto2006+ (2015) Kyoto2006+ dataset. http://www.takakura.com/Kyoto_data/. Accessed Feb 2015
Le Goues C, Nguyen T, Forrest S, Weimer W (2011) Genprog: a generic method for automatic software repair. IEEE Trans Softw Eng 38(1):54–72
Li W (2004) Using genetic algorithm for network intrusion detection. Proc US Dept Energy Cyber Secur Group 1:1–8
Li Y, Ma R, Jiao R (2015) A hybrid malicious code detection method based on deep learning. Int J Secur Appl 9(5):205–216
Liao HJ, Lin CHR, Lin YC, Tung KY (2013) Intrusion detection system: a comprehensive review. J Netw Comput Appl 36(1):16–24
Lin WC, Ke SW, Tsai CF (2015) Cann: an intrusion detection system based on combining cluster centers and nearest neighbors. Knowl Based Syst 78:13–21
Liu H, Lang B, Liu M, Yan H (2019) Cnn and rnn based payload classification methods for attack detection. Knowl Based Syst 163:332–341
Luo J (1999) Integrating fuzzy logic with data mining methods for intrusion detection. Master’s thesis, Mississippi State University. Department of Computer Science
Ma T, Wang F, Cheng J, Yu Y, Chen X (2016) A hybrid spectral clustering and deep neural network ensemble algorithm for intrusion detection in sensor networks. Sensors 16(10):1701
Mahoney MV, Chan PK (2003) An analysis of the 1999 darpa/lincoln laboratory evaluation data for network anomaly detection. In: International workshop on recent advances in intrusion detection. Springer, pp 220–237
Mäkelä A (2019) Network anomaly detection based on wavenet. In: Internet of things, smart spaces, and next generation networks and systems: 19th international conference, NEW2AN 2019, and 12th conference, ruSMART 2019, St. Petersburg, Russia, August 26–28, 2019, proceedings, vol 11660. Springer, p 424
Maniyar PS, Musande V (2016) Rules based intrusion detection system using genetic algorithm. Int J Comput Sci Netw 5(3):554–558
Manzoor I, Kumar N et al (2017) A feature reduced intrusion detection system using ANN classifier. Expert Syst Appl 88:249–257
Mehmood T, Rais HBM (2016) Machine learning algorithms in context of intrusion detection. In: 2016 3rd International conference on computer and information sciences (ICCOINS). IEEE, pp 369–373
Meng T, Jing X, Yan Z, Pedrycz W (2020) A survey on machine learning for data fusion. Inf Fusion 57:115–129
Mohamad Tahir H, Hasan W, Md Said A, Zakaria NH, Katuk N, Kabir NF, Omar MH, Ghazali O, Yahya NI (2015) Hybrid machine learning technique for intrusion detection system
Mousavi SM, Majidnezhad V, Naghipour A (2019) A new intelligent intrusion detector based on ensemble of decision trees. J Ambient Intell Hum Comput 66:1–13
Muna AH, Moustafa N, Sitnikova E (2018) Identification of malicious activities in industrial internet of things based on deep learning models. J Inf Secur Appl 41:1–11
Napiah MN, Idris MYIB, Ramli R, Ahmedy I (2018) Compression header analyzer intrusion detection system (cha-ids) for 6lowpan communication protocol. IEEE Access 6:16623–16638
Nehinbe JO (2011) A critical evaluation of datasets for investigating idss and ipss researches. In: 2011 IEEE 10th international conference on cybernetic intelligent systems (CIS). IEEE, pp 92–97
Ngiam J, Khosla A, Kim M, Nam J, Lee H, Ng AY (2011) Multimodal deep learning. OpenReview
Nguyen MT, Kim K (2020) Genetic convolutional neural network for intrusion detection systems. Fut Gener Comput Syst 113:418–427
Nguyen TT, Reddi VJ (2019) Deep reinforcement learning for cyber security. arXiv preprint arXiv:1906.05799
Nskh P, Varma MN, Naik RR (2016) Principle component analysis based intrusion detection system using support vector machine. In: 2016 IEEE international conference on recent trends in electronics, information & communication technology (RTEICT). IEEE, pp 1344–1350
Nyathi T, Pillay N (2018) Comparison of a genetic algorithm to grammatical evolution for automated design of genetic programming classification algorithms. Expert Syst Appl 104:213–234
Ojugo A, Eboka A, Okonta O, Yoro R, Aghware F (2012) Genetic algorithm rule-based intrusion detection system (gaids). J Emerg Trends Comput Inf Sci 3(8):1182–1194
Othman SM, Ba-Alwi FM, Alsohybe NT, Al-Hashida AY (2018) Intrusion detection model using machine learning algorithm on big data environment. J Big Data 5(1):1–12
Palmieri F (2019) Network anomaly detection based on logistic regression of nonlinear chaotic invariants. J Netw Comput Appl 148:102460
Pandey A, Sinha A, PS A (2019) Intrusion detection using sequential hybrid model. arXiv preprint arXiv:1910.12074
Porras PA, Fong MW, Valdes A (2002) A mission-impact-based approach to infosec alarm correlation. In: International workshop on recent advances in intrusion detection. Springer, pp 95–114
Praanna K, Sruthi S, Kalyani K, Tejaswi AS (2020) A CNN-LSTM model for intrusion detection system from high dimensional data
Pradhan M, Nayak CK, Pradhan SK (2020) Intrusion detection system (ids) and their types. In: Securing the internet of things: concepts, methodologies, tools, and applications. IGI Global, pp 481–497
Prusty S, Levine BN, Liberatore M (2011) Forensic investigation of the oneswarm anonymous filesharing system. In: Proceedings of the 18th ACM conference on Computer and communications security, pp 201–214
Qin X, Lee W (2003) Statistical causality analysis of infosec alert data. In: International workshop on recent advances in intrusion detection. Springer, pp 73–93
Rao CS, Raju KB (2019) Mapreduce accelerated signature-based intrusion detection mechanism (idm) with pattern matching mechanism. In: Soft computing in data analytics. Springer, pp 157–164
Revathi S, Malathi A (2013) A detailed analysis on nsl-kdd dataset using various machine learning techniques for intrusion detection. Int J Eng Res Technol 2(12):1848–1853
Sakurada M, Yairi T (2014) Anomaly detection using autoencoders with nonlinear dimensionality reduction. In: Proceedings of the MLSDA 2014 2nd workshop on machine learning for sensory data analysis, pp 4–11
Saleh AI, Talaat FM, Labib LM (2019) A hybrid intrusion detection system (hids) based on prioritized k-nearest neighbors and optimized svm classifiers. Artif Intell Rev 51(3):403–443
Sangster B, O’Connor T, Cook T, Fanelli R, Dean E, Morrell C, Conti GJ (2009) Toward instrumenting network warfare competitions to generate labeled datasets. In: CSET
Sanjaya SKSSS, Jena K (2014) A detail analysis on intrusion detection datasets. In: 2014 IEEE international advance computing conference (IACC)
Saranya T, Sridevi S, Deisy C, Chung TD, Khan MA (2020a) Performance analysis of machine learning algorithms in intrusion detection system: a review. Procedia Comput Sci 171:1251–1260
Saranya T, Sridevi S, Deisy C, Chung TD, Khan MA (2020b) Performance analysis of machine learning algorithms in intrusion detection system: a review. Procedia Comput Sci 171:1251–1260
Sato M, Yamaki H, Takakura H (2012) Unknown attacks detection using feature extraction from anomaly-based ids alerts. In: 2012 IEEE/IPSJ 12th international symposium on applications and the internet. IEEE, pp 273–277
Şen S, Clark JA (2009) A grammatical evolution approach to intrusion detection on mobile ad hoc networks. In: Proceedings of the second ACM conference on Wireless network security, pp 95–102
Seo S, Park S, Kim J (2016) Improvement of network intrusion detection accuracy by using restricted Boltzmann machine. In: 2016 8th International conference on computational intelligence and communication networks (CICN). IEEE, pp 413–417
Serrano W (2019) The blockchain random neural network in cybersecurity and the internet of things. In: IFIP international conference on artificial intelligence applications and innovations. Springer, pp 50–63
Sharafaldin I, Gharib A, Lashkari AH, Ghorbani AA (2018) Towards a reliable intrusion detection benchmark dataset. Softw Networking 2018(1):177–200
Shen Y, Han T, Yang Q, Yang X, Wang Y, Li F, Wen H (2018) Cs-cnn: enabling robust and efficient convolutional neural networks inference for internet-of-things applications. IEEE Access 6:13439–13448
Shiravi A, Shiravi H, Tavallaee M, Ghorbani AA (2012) Toward developing a systematic approach to generate benchmark datasets for intrusion detection. Comput Secur 31(3):357–374
Shone N, Ngoc TN, Phai VD, Shi Q (2018) A deep learning approach to network intrusion detection. IEEE Trans Emerg Top Comput Intell 2(1):41–50
Signal detection theory (2019) Signal detection theory. http://gim.unmc.edu/dxtests/roc2.htm/. Accessed 2019
Sohi SM, Seifert JP, Ganji F (2021) Rnnids: enhancing network intrusion detection systems through deep learning. Comput Secur 102:102151
Sommer R, Paxson V (2010) Outside the closed world: on using machine learning for network intrusion detection. In: 2010 IEEE symposium on security and privacy. IEEE, pp 305–316
Song J, Takakura H, Okabe Y, Eto M, Inoue D, Nakao K (2011) Statistical analysis of honeypot data and building of kyoto 2006+ dataset for nids evaluation. In: Proceedings of the first workshop on building analysis datasets and gathering experience returns for security, pp 29–36
Sperotto A, Sadre R, Van Vliet F, Pras A (2009) A labeled data set for flow-based intrusion detection. In: International workshop on IP operations and management. Springer, pp 39–50
Srimuang W, Intarasothonchun S (2015) Classification model of network intrusion using weighted extreme learning machine. In: 2015 12th International joint conference on computer science and software engineering (JCSSE). IEEE, pp 190–194
Srinivas J, Das AK, Kumar N (2019) Government regulations in cyber security: framework, standards and recommendations. Fut Gener Comput Syst 92:178–188
Srivastava N, Salakhutdinov RR (2012) Multimodal learning with deep Boltzmann machines. In: Advances in neural information processing systems, pp 2222–2230
Srivastava N, Hinton G, Krizhevsky A, Sutskever I, Salakhutdinov R (2014) Dropout: a simple way to prevent neural networks from overfitting. J Mach Learn Res 15(1):1929–1958
Tabakhi S, Moradi P, Akhlaghian F (2014) An unsupervised feature selection algorithm based on ant colony optimization. Eng Appl Artif Intell 32:112–123
Taddeo M, McCutcheon T, Floridi L (2019) Trusting artificial intelligence in cybersecurity is a double-edged sword. Nat Mach Intell 66:1–4
Tang TA, Mhamdi L, McLernon D, Zaidi SAR, Ghogho M (2016) Deep learning approach for network intrusion detection in software defined networking. In: 2016 International conference on wireless networks and mobile communications (WINCOM). IEEE, pp 258–263
Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analysis of the kdd cup 99 data set. In: 2009 IEEE symposium on computational intelligence for security and defense applications. IEEE, pp 1–6
Tidjon LN, Frappier M, Mammar A (2019) Intrusion detection systems: a cross-domain overview. IEEE Commun Surv Tutor 21(4):3639–3681
Tirumala SS (2014) Implementation of evolutionary algorithms for deep architectures. In: CEUR workshop proceedings
Tong X, Wang Z, Yu H (2009) A research using hybrid rbf/elman neural networks for intrusion detection system secure model. Comput Phys Commun 180(10):1795–1801
Tsoukalas LH, Uhrig RE (1997) Fuzzy and neural approaches in engineering. 18216097198
U. of massachusetts amherst (2019) U. of massachusetts amherst, optimistic tcp acking. http://traces.cs.umass.edu/. Accessed 12 Feb 2019
Uci (2019) Uci. http://archive.ics.uci.edu/ml/datasets/kdd+cup+1999+data. Accessed 15 Apr 2020
Unb (2019a) Unb. http://www.unb.ca/cic/datasets/nsl.html. Accessed 15 Apr 2020
Unb (2019b) https://www.unb.ca/cic/datasets/ids.html Accessed 15 Apr 2020
Unb (2019c) https://www.unb.ca/cic/datasets/dos-dataset.html. Accessed 15 Apr 2020
Viegas F, Rocha L, Gonçalves M, Mourão F, Sá G, Salles T, Andrade G, Sandin I (2018) A genetic programming approach for feature selection in highly dimensional skewed data. Neurocomputing 273:554–569
Vinayakumar R, Alazab M, Soman K, Poornachandran P, Al-Nemrat A, Venkatraman S (2019) Deep learning approach for intelligent intrusion detection system. IEEE Access 7:41525–41550
Wang H, Gu J, Wang S (2017) An effective intrusion detection framework based on SVM with feature augmentation. Knowl Based Syst 136:130–139
Wisesty UN, et al. (2017) Comparative study of conjugate gradient to optimize learning process of neural network for intrusion detection system (ids). In: 2017 3rd International conference on science in information technology (ICSITech). IEEE, pp 459–464
Worku A (2019) Minimizing black hole attack in mobile ad hoc network with anomaly based ids approach. PhD thesis, ASTU
Yang S, Li M, Liu X, Zheng J (2013) A grid-based evolutionary algorithm for many-objective optimization. IEEE Trans Evol Comput 17(5):721–736
Yang Y, Zheng K, Wu C, Niu X, Yang Y (2019) Building an effective intrusion detection system using the modified density peak clustering algorithm and deep belief networks. Appl Sci 9(2):238
Yin C, Zhu Y, Fei J, He X (2017) A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5:21954–21961
Yu J, Reddy YR, Selliah S, Kankanahalli S, Reddy S, Bharadwaj V (2004) Trinetr: an intrusion detection alert management systems. In: 13th IEEE international workshops on enabling technologies: infrastructure for collaborative enterprises. IEEE, pp 235–240
Zhang Q, Yang LT, Chen Z (2015a) Deep computation model for unsupervised feature learning on big data. IEEE Trans Serv Comput 9(1):161–171
Zhang Q, Yang LT, Chen Z (2015b) Privacy preserving deep computation model on cloud for big data feature learning. IEEE Trans Comput 65(5):1351–1362
Zhang Y, Zhang Y, Zhang N, Xiao M (2020) A network intrusion detection method based on deep learning with higher accuracy. Procedia Comput Sci 174:50–54
Zhao L, Hu Q, Wang W (2015) Heterogeneous feature selection with multi-modal deep neural networks and sparse group lasso. IEEE Trans Multimed 17(11):1936–1948
Zhao S, Li W, Zia T, Zomaya AY (2017) A dimension reduction model and classifier for anomaly-based intrusion detection in internet of things. In: 2017 IEEE 15th international conference on dependable, autonomic and secure computing, 15th international conference on pervasive intelligence and computing, 3rd international conference on big data intelligence and computing and cyber science and technology congress (DASC/PiCom/DataCom/CyberSciTech). IEEE, pp 836–843
Ziegler S (2019) Internet of things cybersecurity paradigm shift, threat matrix and practical taxonomy. In: Internet of things security and data protection. Springer, pp 1–7
Author information
Authors and Affiliations
Corresponding author
Ethics declarations
Conflict of Interest
On behalf of all authors, the corresponding author states that there is no conflict of interest.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
About this article
Cite this article
Kocher, G., Kumar, G. Machine learning and deep learning methods for intrusion detection systems: recent developments and challenges. Soft Comput 25, 9731–9763 (2021). https://doi.org/10.1007/s00500-021-05893-0
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00500-021-05893-0