Skip to main content
SpringerLink
Log in

Machine Learning and Deep Learning Approaches for Intrusion Detection: A Comparative Study

  • Conference paper
  • First Online:
Inventive Communication and Computational Technologies

Part of the book series: Lecture Notes in Networks and Systems ((LNNS,volume 311))

Abstract

Intrusion detection is a major challenge for security experts in the cyber world. Traditional IDS failed to detect complex and unknown cyber-attacks. Machine learning has become a vibrant technology for cybersecurity. There exists several machine learning algorithms to detect intrusion. Most classifiers are well suited to detect the attacks. However, improving accuracy and detecting unknown attacks in existing IDSs is a great challenge. Therefore, the detailed comparative study of various machine learning approaches such as artificial neural networks, support vector machine, decision tree, and hybrid classifiers used by researchers for intrusion detection are done. Deep learning is an emerging approach which suits well for large data. Deep learning techniques find optimal feature set and classify low-frequency attacks better than other techniques. This study also summarizes literatures in deep learning approaches such as deep auto-encoder, Boltzmann machine, recurrent neural networks, convolutional neural networks, and deep neural networks. Moreover, the datasets used in various literatures and the analysis of deep learning approaches based on the performance metrics are also done. Future directions to detect intrusion are also provided. This study in fact will be helpful to develop IDS based on artificial intelligence approaches such as machine learning and deep learning.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 129.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 169.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Cyber attacks, ALERT: DNS hijacking activity (2019). Online https://www.ncsc.gov.uk/alerts/alert-dns-hijacking-activity

  2. C.F. Tsai, Y.F. Hsu, C.Y. Lin, W.Y. Lin, Intrusion detection by machine learning: a review. Exp. Syst. Appl. 36(10), 11994–1200 (2009)

    Google Scholar 

  3. A. Buczak, E. Guven, A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutorials 99 (2015)

    Google Scholar 

  4. P. Mishra, V. Varadharajan, U. Tupakula, E.S. Pilli, A detailed investigation and analysis of using machine learning techniques for intrusion detection. IEEE Commun. Surv. Tutorials (2018)

    Google Scholar 

  5. M. Tavallaee, E. Bagheri, W. Lu, A.A. Ghorbani, A detailed analysis of the KDD CUP 99 data set, in IEEE Symposium on Computational Intelligence in Security and Defense Applications (CISDA 2009) (2009), pp. 1–6

    Google Scholar 

  6. N. Moustafa, J. Slay, The evaluation of network anomaly detection systems: statistical analysis of the UNSW-NB15 data set and the comparison with the KDD99 data set. Inf. Secur. J. 25(1–3), 18–31 (2016)

    Google Scholar 

  7. C. Kolias, G. Kambourakis, A. Stavrou, S. Gritzalis, Intrusion detection in 802.11 networks: empirical evaluation of threats and a public dataset. IEEE Commun. Surv. Tutor 18(1), 184–208 (2015)

    Google Scholar 

  8. I. Sharafaldin, A.H. Lashkari, A.A. Ghorbani, Toward generating a new intrusion detection dataset and intrusion traffic characterization, in ICISSP 2018—Proceedinggs of 4th International Conference on Information Systems Security and Privacy (2018), pp. 108–116

    Google Scholar 

  9. C.R. Wang, R.F. Xu, S.J. Lee, C.H. Lee, Network intrusion detection using equality constrained-optimization-based extreme learning machines. Knowl. Based Syst. (2018)

    Google Scholar 

  10. Z. Chiba, N. Abghour, K. Moussaid, A. El, M. Rida, A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection. Comput. Secur. (2018)

    Google Scholar 

  11. F. Zhao, Applied sciences a filter feature selection algorithm based on mutual information for intrusion detection (2018)

    Google Scholar 

  12. S. Thaseen, A. Kumar, Intrusion detection model using fusion of chi-square feature selection and multi class SVM. J. King Saud Univ. Comput. Inf. Sci. 29(4), 462–472 (2017)

    Google Scholar 

  13. M. Safaldin, M. Otair, L. Abualigah, Improved binary gray wolf optimizer and SVM for intrusion detection system in wireless sensor networks. J. Ambient Intell. Humaniz. Comput. (2020)

    Google Scholar 

  14. A.S. Eesa, Z. Orman, A. Mohsin, A. Brifcani, Expert systems with applications a novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Exp. Syst. Appl. 1–10 (2014)

    Google Scholar 

  15. J. Zhong, A. A. Ghorbani, Neurocomputing Improved competitive learning neural networks for network intrusion and fraud detection. Neurocomputing 75(1), 135–145 (2012)

    Google Scholar 

  16. W.L. Al-Yaseen, Z.A. Othman, M.Z.A. Nazri, Multi-level hybrid support vector machine and extreme learning machine based on modified K-means for intrusion detection system. Exp. Syst. Appl. 67, 296–303 (2017)

    Google Scholar 

  17. J. Gu, S. Lu, An effective intrusion detection approach using SVM with naïve Bayes feature embedding. Comput. Secur. 103 (2021)

    Google Scholar 

  18. V. Hajisalem, S. Babaie, A hybrid intrusion detection system based on ABC-AFS algorithm for misuse and anomaly detection. Comput. Netw. 136, 37–50 (2018)

    Google Scholar 

  19. F. Farahnakian, J. Heikkonen, A deep auto-encoder based approach for intrusion detection system, in International Conference on Advanced Communications Technology (2018), pp. 178–183

    Google Scholar 

  20. N. Shone, T.N. Ngoc, V.D. Phai, Q. Shi, A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2(1), 41–50 (2018)

    Google Scholar 

  21. X. Zhang, J. Chen, Deep learning based intelligent intrusion detection (2017)

    Google Scholar 

  22. C. Yin, Y. Zhu, J. Fei, X. He, A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 21954–2196 (2017)

    Google Scholar 

  23. J. Kim, J. Kim, H. Le, T. Thu, H. Kim, Long short term memory recurrent neural network classifier for intrusion detection (2016)

    Google Scholar 

  24. T. Su, H. Sun, J. Zhu, S. Wang, Y. Li, BAT: deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access 29575–29585 (2020)

    Google Scholar 

  25. S. Ho, S. Jufout, S. Al, K. Dajani, M. Mozumdar, A novel intrusion detection model for detecting known and innovative cyberattacks using convolutional neural network. IEEE Open J. Comput. Soc. 2, 14–25 (2021)

    Google Scholar 

  26. S.S. Roy, A. Mallik, R. Gulati, M.S. Obaidat, P.V. Krishna, A deep learning based artificial neural network approach for intrusion detection, in Mathematics and Computing. ICMC 2017. Communications in Computer and Information Science ed. by D. Giri, R. Mohapatra, H. Begehr, M. Obaidat, vol 655. (Springer, Singapore, 2017)

    Google Scholar 

  27. S.M. Kasongo, Y. Sun, A deep learning method with wrapper based feature extraction for wireless intrusion detection system. Comput. Secur. 92 (2020)

    Google Scholar 

  28. P. Devan, N. Khare, An efficient XGBoost–DNN-based classification model for network intrusion detection system. Neural Comput. Appl. 12499–12514 (2020)

    Google Scholar 

  29. T. Brugger, KDD Cup ‘99 dataset (Network Intrusion) considered harmful (2007)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Information Technology, Velammal Engineering College, Chennai, India

    G. Prethija

  2. Department of Computer Science and Engineering, Velammal Engineering College, Chennai, India

    Jeevaa Katiravan

Authors
  1. G. Prethija
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jeevaa Katiravan
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Electronics and Communication Engineering, Gnanamani College of Technology, Namakkal, Tamil Nadu, India

    G. Ranganathan

  2. Department of Electrical and Computer Engineering, Ryerson Communications Lab, Toronto, ON, Canada

    Xavier Fernando

  3. Rutgers University, New Brunswick, NJ, USA

    Fuqian Shi

Rights and permissions

Reprints and permissions

Copyright information

© 2022 The Author(s), under exclusive license to Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Prethija, G., Katiravan, J. (2022). Machine Learning and Deep Learning Approaches for Intrusion Detection: A Comparative Study. In: Ranganathan, G., Fernando, X., Shi, F. (eds) Inventive Communication and Computational Technologies. Lecture Notes in Networks and Systems, vol 311. Springer, Singapore. https://doi.org/10.1007/978-981-16-5529-6_7

Download citation

  • DOI: https://doi.org/10.1007/978-981-16-5529-6_7

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-16-5528-9

  • Online ISBN: 978-981-16-5529-6

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation