Skip to main content

A Survey of Network Features for Machine Learning Algorithms to Detect Network Attacks

  • 307 Accesses

Part of the Lecture Notes in Computer Science book series (LNAI,volume 13758)


The immeasurable amount of data in network traffic has increased its vulnerability. Therefore, monitoring and analyzing traffic for threat hunting is inevitable. Analyzing and capturing real-time network traffic is challenging due to privacy and space concerns. However, many simulated datasets are available. Machine-learning based intrusion detection systems are trained on these datasets for attack detection. Selection of correct features has significant importance in determining the efficiency of various Ml-based algorithms. Hence, this paper provides a literature survey of the various machine learning based IDS. Features, attacks, machine learning algorithms and their corresponding datasets are identified in the survey. The survey may help researchers in identifying benchmark features correlated to network attacks. At the time of writing this paper there is no such IDS that associates network features to attacks.


  • IDS-Intrusion Detection System
  • DoS- Denial of Service
  • Cyber space
  • NetFlow

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-031-21967-2_7
  • Chapter length: 12 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   89.00
Price excludes VAT (USA)
  • ISBN: 978-3-031-21967-2
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   119.99
Price excludes VAT (USA)
Fig. 1.
Fig. 2.
Fig. 3.






  5. Pawar, M.V., Anuradha, J.: Network security and types of attacks in network. Procedia Comput. Sci. 48, 503–506 (2015)

    CrossRef  Google Scholar 

  6. . Mahjabin, T., Xiao, Y., Sun, G., Jiang, W.: A survey of distributed denial-of-service attack, prevention, and mitigation techniques. Int. J. Distrib. Sensor Netw. 13(12), 1550147717741463 (2017)

  7. Malak, A.: Intelligent techniques for detecting network attacks: review and research directions. Sensors 21(21), 7070 (2021)

    CrossRef  Google Scholar 

  8. Deshmukh, R.V., Devadkar, K.K.: Understanding DDoS attack & its effect in cloud environment. Procedia Comput. Sci. 49, 202–210 (2015)

    CrossRef  Google Scholar 

  9. Mallik, A.: Man-in-the-middle-attack: Understanding in simple words. Cyberspace: Jurnal Pendidikan Teknologi Informasi 2(2), 109–134 (2019)

    Google Scholar 

  10. Rahim, R.: Man-in-the-middle-attack prevention using interlock protocol method. ARPN J. Eng. Appl. Sci 12(22), 6483–6487 (2017)

    Google Scholar 

  11. Eian, I.C., Lim, K.Y., Yeap, M.X.L., Yeo, H.Q., Fatima, Z.: Wireless networks: active and passive attack vulnerabilities and privacy challenges (2020). Preprints

    Google Scholar 


  13. Krombholz, K., Hobel, H., Huber, M., Weippl, E.: Advanced social engineering attacks. J. Inf. Secur. Appl. 22, 113–122 (2015)

    Google Scholar 

  14. Banerjee, J., Maiti, S., Chakraborty, S., Dutta, S., Chakraborty, A., Banerjee, J.S.: Impact of machine learning in various network security applications. In: 2019 3rd International Conference on Computing Methodologies and Communication (ICCMC), pp. 276–281. IEEE (2019)

    Google Scholar 






  20. Gustavsson, V.: Machine Learning for a Network-based Intrusion Detection System: An application using Zeek and the CICIDS2017 dataset (2019)

    Google Scholar 

  21. Sarhan, M., Layeghy, S., Moustafa, N., Portmann, M.: Netflow datasets for machine learning-based network intrusion detection systems. arXiv preprint arXiv:2011.09144 (2020)


  23. Sarhan, M., Layeghy, S., Moustafa, N., Portmann, M.: Towards a standard feature set of nids datasets. arXiv preprint arXiv:2101.11315 (2021)

  24. Zhang, J., Liang, Q., Jiang, R., Li, X.: A feature analysis based identifying scheme using GBDT for DDoS with multiple attack vectors. Appl. Sci. 9(21), 4633 (2019)

    CrossRef  Google Scholar 

  25. Sarhan, M., Layeghy, S., Portmann, M.: An explainable machine learning-based network intrusion detection system for enabling generalisability in securing IoT networks. arXiv preprint arXiv:2104.07183 (2021)

  26. Alaidaros, H., Mahmuddin, M.: Flow-based approach on bro intrusion detection. J. Telecommun. Electron. Comput. Eng. 9(2–2), 139–145 (2017)

    Google Scholar 

  27. Sharafaldin, I., Lashkari, A.H., Ghorbani, A.: A toward generating a new intrusion detection dataset and intrusion traffic characterization. In: ICISS, vol. 1, pp. 108–116 (2018)

    Google Scholar 

  28. Elsayed, M.S., Le-Khac, N.A., Dev, S., Jurcut, A.D.: Machine-learning techniques for detecting attacks in SDN. arXiv preprint arXiv:1910.00817 (2019)

  29. Prakash, A., Priyadarshini, R.: An intelligent software defined network controller for preventing distributed denial of service attack. In: 2018 Second International Conference on Inventive Communication and Computational Technologies (ICICCT), pp. 585–589. IEEE (2018)

    Google Scholar 

  30. Li, D., Yu, C., Zhou, Q., Yu, J.: Using SVM to detect DDoS attack in SDN network. In: IOP Conference Series: Materials Science and Engineering, vol. 466, no. 1, p. 012003. IOP Publishing (2018)

    Google Scholar 

  31. Al-Sarem, M., et al.: An aggregated mutual information based feature selection with machine learning methods for enhancing IoT botnet attack detection. Sensors (Basel, Switzerland) 22, 1–185 (2021).

  32. Maldonado, J., Riff, M.C., Neveu, B.: A review of recent approaches on wrapper feature selection for intrusion detection. Expert Syst. Appl. 198, 116822 (2022). ISSN 0957–4174, (

Download references

Author information

Authors and Affiliations


Corresponding authors

Correspondence to Joveria Rubab , Hammad Afzal or Waleed Bin Shahid .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Rubab, J., Afzal, H., Shahid, W.B. (2022). A Survey of Network Features for Machine Learning Algorithms to Detect Network Attacks. In: Nguyen, N.T., Tran, T.K., Tukayev, U., Hong, TP., Trawiński, B., Szczerbicki, E. (eds) Intelligent Information and Database Systems. ACIIDS 2022. Lecture Notes in Computer Science(), vol 13758. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-031-21966-5

  • Online ISBN: 978-3-031-21967-2

  • eBook Packages: Computer ScienceComputer Science (R0)