survey

Open access

A Survey on Data-driven Network Intrusion Detection

Authors:

Meng JiangAuthors Info & Claims

ACM Computing Surveys (CSUR), Volume 54, Issue 9

Article No.: 182, Pages 1 - 36

https://doi.org/10.1145/3472753

Published: 08 October 2021 Publication History

All formats PDF

Abstract

Data-driven network intrusion detection (NID) has a tendency towards minority attack classes compared to normal traffic. Many datasets are collected in simulated environments rather than real-world networks. These challenges undermine the performance of intrusion detection machine learning models by fitting machine learning models to unrepresentative “sandbox” datasets. This survey presents a taxonomy with eight main challenges and explores common datasets from 1999 to 2020. Trends are analyzed on the challenges in the past decade and future directions are proposed on expanding NID into cloud-based environments, devising scalable models for large network data, and creating labeled datasets collected in real-world networks.

References

[1]

Shaza Merghani Abdelrahman and Ajith Abraham. 2014. Intrusion detection using error correcting output code based ensemble. In International Conference on Hybrid Intelligent Systems. 181–186.

[2]

R. Abdulhammed, M. Faezipour, A. Abuzneid, and A. AbuMallouh. 2019. Deep and machine learning approaches for anomaly-based intrusion detection of imbalanced network traffic. IEEE Sensors Lett. 3, 1 (2019), 1–4.

[3]

Adebayo O. Adetunmbi, Samuel O. Falaki, Olumide S. Adewale, and Boniface K. Alese. 2008. Network intrusion detection based on rough set and k-nearest neighbour. Int. J. Comput. ICT Res. 2, 1 (2008), 60–66.

[4]

Mohiuddin Ahmed, Abdun Naser Mahmood, and Jiankun Hu. 2016. A survey of network anomaly detection techniques. J. Netw. Comput. Applic. 60 (2016), 19–31.

Digital Library

[5]

Muhammad Ahsan, Muhammad Mashuri, Muhammad Hisyam Lee, Heri Kuswanto, and Dedy Dwi Prastyo. 2020. Robust adaptive multivariate Hotelling’s T2 control chart based on kernel density estimation for intrusion detection system. Exp. Syst. Applic. 145 (2020), 113105.

[6]

J. Aiken and S. Scott-Hayward. 2019. Investigating adversarial attacks against network intrusion detection systems in SDNs. In IEEE Conference on Network Function Virtualization and Software Defined Networks. 1–7.

[7]

O. Y. Al-Jarrah, A. Siddiqui, M. Elsalamouny, P. D. Yoo, S. Muhaidat, and K. Kim. 2014. Machine-learning-based feature selection techniques for large-scale network intrusion detection. In IEEE International Conference on Distributed Computing Systems Workshops. 177–181.

[8]

M. Al-Qatf, Y. Lasheng, M. Al-Habib, and K. Al-Sabahi. 2018. Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6 (2018), 52843–52856.

[9]

Abdulaziz Aldribi, Issa Traoré, Belaid Moa, and Onyekachi Nwamuo. 2020. Hypervisor-based cloud intrusion detection through online multivariate statistical change tracking. Comput. Secur. 88 (2020), 101646.

Digital Library

[10]

Kevin Allix, Tegawendé François D. Assise Bissyande, Jacques Klein, and Yves Le Traon. 2014. Machine Learning-based Malware Detection for Android Applications: History Matters!Technical Report. University of Luxembourg, SnT.

[11]

H. S. Alsaadi, R. Hedjam, A. Touzene, and A. Abdessalem. 2020. Fast binary network intrusion detection based on matched filter optimization. In IEEE International Conference on Informatics, IoT, and Enabling Technologies. 195–199.

[12]

Kasun Amarasinghe, Kevin Kenney, and Milos Manic. 2018. Toward explainable deep neural network based anomaly detection. In International Conference on Human System Interaction. 311–317.

[13]

Kasun Amarasinghe and Milos Manic. 2019. Explaining what a neural network has learned: Toward transparent classification. In IEEE International Conference on Fuzzy Systems. 1–6.

Digital Library

[14]

A. An, C. Chan, N. Shan, N. Cercone, and W. Ziarko. 1997. Applying knowledge discovery to predict water-supply consumption. IEEE Expert 12, 4 (1997), 72–78.

Digital Library

[15]

G. Apruzzese and M. Colajanni. 2018. Evading botnet detectors based on flows and random forest with adversarial samples. In IEEE International Symposium on Network Computing and Applications. 1–8.

[16]

M. Azizjon, A. Jumabek, and W. Kim. 2020. 1D CNN based network intrusion detection with normalization on imbalanced data. In International Conference on Artificial Intelligence in Information and Communication. 218–224.

[17]

Seyed Mojtaba Hosseini Bamakan, Huadong Wang, and Yong Shi. 2017. Ramp loss K-support vector classification-regression: A robust and sparse multi-class approach to the intrusion detection problem. Knowl.-based Syst. 126 (2017), 113–126.

[18]

Seyed Mojtaba Hosseini Bamakan, Huadong Wang, Tian Yingjie, and Yong Shi. 2016. An effective intrusion detection framework based on MCLP/SVM optimized by time-varying chaos particle swarm optimization. Neurocomputing 199 (2016), 90–102.

Digital Library

[19]

Punam Bedi, Neha Gupta, and Vinita Jindal. 2020. Siam-IDS: Handling class imbalance problem in intrusion detection systems using siamese neural network. Procedia Comput. Sci. 171 (2020), 780–789.

[20]

Mustapha Belouch, Salah El Hadaj, and Mohamed Idhammad. 2018. Performance evaluation of intrusion detection based on machine learning using Apache Spark. Procedia Comput. Sci. 127 (2018), 1–6.

Digital Library

[21]

Hassina Bensefia and Nacira Ghoualmi. 2011. A new approach for adaptive intrusion detection. In International Conference on Computational Intelligence and Security. 983–987.

Digital Library

[22]

Jane Bromley, Isabelle Guyon, Yann LeCun, Eduard Säckinger, and Roopak Shah. 1994. Signature verification using a “siamese” time delay neural network. In International Conference on Advances in Neural Information Processing Systems. 737–744.

[23]

A. L. Buczak and E. Guven. 2016. A survey of data mining and machine learning methods for cyber security intrusion detection. IEEE Commun. Surv. Tutor. 18, 2 (2016), 1153–1176.

Digital Library

[24]

Mohamad Bydon, Clemens M. Schirmer, Eric K. Oermann, Ryan S. Kitagawa, Nader Pouratian, Jason Davies, Ashwini Sharan, and Lola B. Chambless. 2020. Big data defined: A practical review for neurosurgeons. World Neurosurg. 133 (2020), e842–e849.

[25]

J. B. D. Caberera, B. Ravichandran, and R. K. Mehra. 2000. Statistical traffic modeling for network intrusion detection. In 8th International Symposium on Modeling, Analysis and Simulation of Computer and Telecommunication Systems. 466–473.

[26]

Pedro Casas, Johan Mazel, and Philippe Owezarski. 2012. Unsupervised network intrusion detection systems: Detecting the unknown without knowledge. Comput. Commun. 35, 7 (2012), 772–783.

Digital Library

[27]

Chia-Mei Chen, Ya-Lin Chen, and Hsiao-Chung Lin. 2010. An efficient network intrusion detection. Comput. Commun. 33, 4 (2010), 477–484.

Digital Library

[28]

Feilong Chen, Supranamaya Ranjan, and Pang-Ning Tan. 2011. Detecting bots via incremental LS-SVM learning with dynamic feature adaptation. In ACM SIGKDD International Conference on Knowledge Discovery and Data Mining.

Digital Library

[29]

Jinyin Chen, Yi-tao Yang, Ke-ke Hu, Hai-bin Zheng, and Zhen Wang. 2019. DAD-MCNN: DDoS attack detection via multi-channel CNN. In International Conference on Machine Learning and Computing. 484–488.

Digital Library

[30]

Meng-Hui Chen, Pei-Chann Chang, and Jheng-Long Wu. 2016. A population-based incremental learning approach with artificial immune system for network intrusion detection. Eng. Applic. Artif. Intell. 51 (2016), 171–181.

Digital Library

[31]

T. Chen, X. Pan, Y. Xuan, J. Ma, and J. Jiang. 2010. A naive feature selection method and its application in network intrusion detection. In International Conference on Computational Intelligence and Security. 416–420.

[32]

A. Cheng. 2019. PAC-GAN: Packet generation of network traffic using generative adversarial networks. In IEEE Annual Information Technology, Electronics and Mobile Communication Conference. 0728–0734.

[33]

Zouhair Chiba, Noureddine Abghour, Khalid Moussaid, Amina El Omri, and Mohamed Rida. 2018. A novel architecture combined with optimal parameters for back propagation neural networks applied to anomaly network intrusion detection. Comput. Secur. 75 (2018), 36–58.

[34]

Yuk Ying Chung and Noorhaniza Wahid. 2012. A hybrid network intrusion detection system using simplified swarm optimization. Appl. Soft Comput. 12, 9 (2012), 3014–3022.

Digital Library

[35]

Henry Clausen, Robert Flood, and David Aspinall. 2020. Traffic generation using containerization for machine learning. arXiv preprint arXiv:2011.06350 (2020).

[36]

Christos Constantinides, Stavros Shiaeles, Bogdan Ghita, and Nicholas Kolokotronis. 2019. A novel online incremental learning intrusion prevention system. In IFIP International Conference on New Technologies, Mobility and Security. 1–6.

[37]

Gabriela F. Cretu, Angelos Stavrou, Michael E. Locasto, Salvatore J. Stolfo, and Angelos D. Keromytis. 2008. Casting out demons: Sanitizing training data for anomaly sensors. In IEEE Symposium on Security and Privacy. 81–95.

[38]

Robertas Damasevicius, Algimantas Venckauskas, Sarunas Grigaliunas, Jevgenijus Toldinas, Nerijus Morkevicius, Tautvydas Aleliunas, and Paulius Smuikys. 2020. LITNET-2020: An annotated real-world network flow dataset for network intrusion detection. Electronics 9, 5 (2020).

[39]

Jonathan J. Davis and Andrew J. Clark. 2011. Data preprocessing for anomaly based network intrusion detection: A review. Comput. Secur. 30, 6 (2011), 353–375.

Digital Library

[40]

Knowledge Discovery and Data Mining. 1999. KDD Cup 1999: Computer Network Intrusion Detection. Retrieved from https://www.kdd.org/kdd-cup/view/kdd-cup-1999/Data.

[41]

Abhishek Divekar, Meet Parekh, Vaibhav Savla, Rudra Mishra, and Mahesh Shirole. 2018. Benchmarking datasets for anomaly-based network intrusion detection: KDD CUP 99 alternatives. In IEEE International Conference on Computing, Communication and Security. 1–8.

[42]

Paul Dokas, Levent Ertoz, Vipin Kumar, Aleksandar Lazarevic, Jaideep Srivastava, and Pang-Ning Tan. 2002. Data mining for network intrusion detection. In NSF Workshop on Next Generation Data Mining. 21–30.

[43]

L. Dongxia and Z. Yongbo. 2012. An intrusion detection system based on honeypot technology. In International Conference on Computer Science and Electronics Engineering. 451–454.

[44]

Adel Sabry Eesa, Zeynep Orman, and Adnan Mohsin Abdulazeez Brifcani. 2015. A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems. Exp. Syst. Applic. 42, 5 (2015), 2670–2679.

Digital Library

[45]

Wisam Elmasry, Akhan Akbulut, and Abdul Halim Zaim. 2020. Evolving deep learning architectures for network intrusion detection using a double PSO metaheuristic. Comput. Netw. 168 (2020), 107042.

Digital Library

[46]

Osama Faker and Erdogan Dogdu. 2019. Intrusion detection using big data and deep learning techniques. In ACM Southeast Conference. 86–93.

Digital Library

[47]

W. Fan, Z. Du, D. Fernández, and V. A. Villagrá. 2018. Enabling an anatomic view to investigate honeypot systems: A survey. IEEE Syst. J. 12, 4 (2018), 3906–3919.

[48]

Nabila Farnaaz and M. A. Jabbar. 2016. Random forest modeling for network intrusion detection system. Procedia Comput. Sci. 89, 1 (2016), 213–217.

[49]

Wenying Feng, Qinglei Zhang, Gongzhu Hu, and Jimmy Xiangji Huang. 2014. Mining network data for intrusion detection through combining SVMs with ant colony networks. Fut. Gen. Comput. Syst. 37 (2014), 127–140.

[50]

Feng Xie, Hongyu Yang, Yong Peng, and Haihui Gao. 2012. Data fusion detection model based on SVM and evidence theory. In IEEE International Conference on Communication Technology. 814–818.

[51]

Gabriel Macia Fernandez, Jose Camacho, Roberto Magan-Carri, Pedro Garcia-Teodoro, and Roberto Theron. 2016. UGR’16: A new dataset for the evaluation of cyclostationarity-based network IDSs. Computers and Security 73 (2018), 411–424.

[52]

Romain Fontugne, Pierre Borgnat, Patrice Abry, and Kensuke Fukuda. 2010. MAWILab: Combining diverse anomaly detectors for automated anomaly labeling and performance benchmarking. In ACM CoNEXT’10.

[53]

Canadian Institute for Cybersecurity. 2009. NSL-KDD Dataset. Retrieved from https://www.unb.ca/cic/datasets/nsl.html.

[54]

Canadian Institute for Cybersecurity. 2017. Intrusion Detection Evaluation Dataset (CICIDS2017). Retrieved from https://www.unb.ca/cic/datasets/ids-2017.html.

[55]

Canadian Institute for Cybersecurity. 2018. UNB CSE-CIC-IDS2018 on AWS. Retrieved from https://www.unb.ca/cic/datasets/ids-2018.html.

[56]

Krishna Gade, Sahin Geyik, Krishnaram Kenthapadi, Varun Mithal, and Ankur Taly. 2020. Explainable AI in industry: Practical challenges and lessons learned. In the Web Conference. 303–304.

Digital Library

[57]

S. M. Gaffer, M. E. Yahia, and K. Ragab. 2012. Genetic fuzzy system for intrusion detection: Analysis of improving of multiclass classification accuracy using KDDCup-99 imbalance dataset. In International Conference on Hybrid Intelligent Systems. 318–323.

[58]

Sannasi Ganapathy, Kanagasabai Kulothungan, Sannasy Muthurajkumar, Muthusamy Vijayalakshmi, Palanichamy Yogesh, and Arputharaj Kannan. 2013. Intelligent feature selection and classification techniques for intrusion detection in networks: A survey. EURASIP J. Wirel. Commun. Netw. 2013, 1 (2013), 271.

[59]

X. Gao, C. Shan, C. Hu, Z. Niu, and Z. Liu. 2019. An adaptive ensemble machine learning model for intrusion detection. IEEE Access 7 (2019), 82512–82521.

[60]

Y. Gao, Y. Liu, Y. Jin, J. Chen, and H. Wu. 2018. A novel semi-supervised learning approach for network intrusion detection on cloud-based robotic system. IEEE Access 6 (2018), 50927–50938.

[61]

Pedro Garcia-Teodoro, Jesus Diaz-Verdejo, Gabriel Maciá-Fernández, and Enrique Vázquez. 2009. Anomaly-based network intrusion detection: Techniques, systems and challenges. Comput. Secur. 28, 1–2 (2009), 18–28.

Digital Library

[62]

Nico Görnitz, Marius Kloft, Konrad Rieck, and Ulf Brefeld. 2009. Active learning for network intrusion detection. In ACM Workshop on Security and Artificial Intelligence. 47–54.

Digital Library

[63]

Y. Gu, K. Li, Z. Guo, and Y. Wang. 2019. Semi-supervised K-means DDoS detection method using hybrid feature selection algorithm. IEEE Access 7 (2019), 64351–64365.

[64]

Y. Guo, B. Wang, X. Zhao, X. Xie, L. Lin, and Q. Zhou. 2010. Feature selection based on Rough set and modified genetic algorithm for intrusion detection. In International Conference on Computer Science Education. 1441–1446.

[65]

Govind P. Gupta and Manish Kulariya. 2016. A framework for fast and efficient cyber security network intrusion detection using Apache Spark. Procedia Comput. Sci. 93 (2016), 824–831.

[66]

W. Haider, J. Hu, J. Slay, B. P. Turnbull, and Y. Xie. 2017. Generating realistic intrusion detection system dataset based on fuzzy qualitative modeling. J. Netw. Comput. Applic. 87 (2017), 185–192.

Digital Library

[67]

Bahram Hajimirzaei and Nima Jafari Navimipour. 2019. Intrusion detection for cloud computing using neural networks and artificial bee colony optimization algorithm. ICT Express 5, 1 (2019), 56–59.

[68]

Eric Hamilton. 2019. What is edge computing: The network edge explained. Cloudw. Retr. 3 (2019), 18–20.

[69]

H. He, X. Sun, H. He, G. Zhao, L. He, and J. Ren. 2019. A novel multimodal-sequential approach based on multi-view features for network intrusion detection. IEEE Access 7 (2019), 183207–183221.

[70]

Chandima HewaNadungodage, Yuni Xia, and John Jaehwan Lee. 2016. GPU-accelerated outlier detection for continuous data streams. In IEEE International Parallel and Distributed Processing Symposium. 1133–1142.

[71]

G. E. Hinton and R. R. Salakhutdinov. 2006. Reducing the dimensionality of data with neural networks. Science 313, 5786 (2006), 504–507.

[72]

Shi-Jinn Horng, Ming-Yang Su, Yuan-Hsin Chen, Tzong-Wann Kao, Rong-Jian Chen, Jui-Lin Lai, and Citra Dwi Perkasa. 2011. A novel intrusion detection system based on hierarchical clustering and support vector machines. Exp. Syst. Applic. 38, 1 (2011), 306–313.

Digital Library

[73]

Y. Hsu, Z. He, Y. Tarutani, and M. Matsuoka. 2019. Toward an online network intrusion detection system based on ensemble learning. In IEEE International Conference on Cloud Computing. 174–178.

[74]

Weiming Hu, Wei Hu, and Steve Maybank. 2008. Adaboost-based algorithm for network intrusion detection. IEEE Trans. Syst., Man, Cybern. 38, 2 (2008), 577–583.

Digital Library

[75]

Shin-Ying Huang, Fang Yu, Rua-Huan Tsaih, and Yennun Huang. 2015. Network-traffic anomaly detection with incremental majority learning. In International Joint Conference on Neural Networks. 1–8.

[76]

M. Ichino and J. Sklansky. 1984. Optimum feature selection by zero-one integer programming. IEEE Trans. Syst., Man, Cybern. SMC-14, 5 (1984), 737–746.

[77]

Sheikh Rabiul Islam, William Eberle, Sheikh K. Ghafoor, Ambareen Siraj, and Mike Rogers. 2019. Domain knowledge aided explainable artificial intelligence for intrusion detection and response. arXiv preprint arXiv:1911.09853 (2019).

[78]

Ahmad Javaid, Quamar Niyaz, Weiqing Sun, and Mansoor Alam. 2016. A deep learning approach for network intrusion detection system. In EAI International Conference on Bio-inspired Information and Communications Technologies. 21–26.

Digital Library

[79]

H. J. Jeong, W. Hyun, J. Lim, and I. You. 2012. Anomaly teletraffic intrusion detection systems on Hadoop-based platforms: A survey of some problems and solutions. In 15th International Conference on Network-based Information Systems. 766–770.

[80]

H. Jiang, Z. He, G. Ye, and H. Zhang. 2020. Network intrusion detection based on PSO-Xgboost model. IEEE Access 8 (2020), 58392–58401.

[81]

K. Jiang, W. Wang, A. Wang, and H. Wu. 2020. Network intrusion detection combined hybrid sampling with deep hierarchical network. IEEE Access 8 (2020), 32464–32476.

[82]

Meng Jiang, Alex Beutel, Peng Cui, Bryan Hooi, Shiqiang Yang, and Christos Faloutsos. 2016. Spotting suspicious behaviors in multimodal data: A general metric and algorithms. IEEE Trans. Knowl. Data Eng 28, 8 (2016), 2187–2200.

Digital Library

[83]

Meng Jiang, Peng Cui, Alex Beutel, Christos Faloutsos, and Shiqiang Yang. 2016. Catching synchronized behaviors in large networks: A graph mining approach. ACM Trans. Knowl. Discov. Data 10, 4 (2016), 1–27.

Digital Library

[84]

Meng Jiang, Peng Cui, and Christos Faloutsos. 2016. Suspicious behavior detection: Current trends and future directions. IEEE Intell. Syst. 31, 1 (2016), 31–39.

Digital Library

[85]

Meng Jiang, Christos Faloutsos, and Jiawei Han. 2016. CatchTartan: Representing and summarizing dynamic multicontextual behaviors. In 22nd ACM SIGKDD International Conference on Knowledge Discovery and Data Mining (KDD’16). 945–954.

Digital Library

[86]

X. Kang, B. Song, X. Du, and M. Guizani. 2020. Adversarial attacks for image segmentation on multiple lightweight models. IEEE Access 8 (2020), 31359–31370.

[87]

Gurdip Kaur, Meenu Khurana, and Monika Sethi. 2011. Intrusion detection system using honeypots and swarm intelligence. In International Conference on Advances in Computing and Artificial Intelligence. 34–38.

Digital Library

[88]

Nathan Keegan, Soo-Yeon Ji, Aastha Chaudhary, Claude Concolato, Byunggu Yu, and Dong Hyun Jeong. 2016 . A survey of cloud-based network intrusion detection analysis. Hum.-centr. Comput. Inf. Sci. 6 (2016), 19.

[89]

Chaouki Khammassi and Saoussen Krichen. 2017. A GA-LR wrapper approach for feature selection in network intrusion detection. Comput. Secur. 70 (2017), 255–277.

[90]

F. A. Khan, A. Gumaei, A. Derhab, and A. Hussain. 2019. A novel two-stage deep learning model for efficient network intrusion detection. IEEE Access 7 (2019), 30373–30385.

[91]

Jiyeon Kim, Jiwon Kim, Hyunjung Kim, Minsun Shim, and Eunjung Choi. 2020. CNN-based network intrusion detection against denial-of-service attacks. Electronics 9, 6 (2020).

[92]

Levent Koc, Thomas A. Mazzuchi, and Shahram Sarkani. 2012. A network intrusion detection system based on a Hidden Naive Bayes multiclass classifier. Exp. Syst. Applic. 39, 18 (2012), 13492–13500.

Digital Library

[93]

Eduardo De la Hoz, Emiro De La Hoz, Andrés Ortiz, Julio Ortega, and Beatriz Prieto. 2015. PCA filtering and probabilistic SOM for network intrusion detection. Neurocomputing 164 (2015), 71–81.

Digital Library

[94]

MIT Lincoln Laboratory. 1998. 1998 Darpa intrusion detection evaluation dataset. Retrieved from https://www.ll.mit.edu/r-d/datasets/1998-darpa-intrusion-detection-evaluation-dataset.

[95]

Fukudu Labs. 2020. Mawilab. Retrieved from http://www.fukuda-lab.org/mawilab/documentation.html#labels.

[96]

Aleksandar Lazarevic, Levent Ertoz, Vipin Kumar, Aysel Ozgur, and Jaideep Srivastava. 2003. A comparative study of anomaly detection schemes in network intrusion detection. In SIAM International Conference on Data Mining. 25–36.

[97]

T. A. Le, T. H. Chu, Q. U. Nguyen, and X. H. Nguyen. 2014. Malware detection using genetic programming. In IEEE Symposium on Computational Intelligence for Security and Defense Applications. 1–6.

[98]

John Zhong Lei and Ali A. Ghorbani. 2012. Improved competitive learning neural networks for network intrusion and fraud detection. Neurocomputing 75, 1 (2012), 135–145.

Digital Library

[99]

Hongda Li, Hongxin Hu, Guofei Gu, Gail-Joon Ahn, and Fuqiang Zhang. 2018. VNIDS: Towards elastic security with safe and efficient virtualization of network intrusion detection systems. In ACM SIGSAC Conference on Computer and Communications Security. 17–34.

Digital Library

[100]

Peipei Li, Xindong Wu, Xuegang Hu, and Hao Wang. 2015. Learning concept-drifting data streams with random ensemble decision trees. Neurocomputing 166 (2015), 68–83.

Digital Library

[101]

Y. Li, Z. Li, and R. Wang. 2011. Intrusion detection algorithm based on semi-supervised learning. In International Conference of Information Technology, Computer Engineering and Management Sciences. 153–156.

[102]

Yanmiao Li, Yingying Xu, Zhi Liu, Haixia Hou, Yushuo Zheng, Yang Xin, Yuefeng Zhao, and Lizhen Cui. 2020. Robust detection for network intrusion of industrial IoT based on multi-CNN fusion. Measurement 154 (2020), 107450.

[103]

Jinping Liu, Jiezhou He, Wuxia Zhang, Tianyu Ma, Zhaohui Tang, Jean Paul Niyoyita, and Weihua Gui. 2019. ANID-SEoKELM: Adaptive network intrusion detection based on selective ensemble of kernel ELMs with random features. Knowl.-based Syst. 177 (2019), 104–116.

[104]

Jinxin Liu, Burak Kantarci, and Carlisle Adams. 2020. Machine learning-driven intrusion detection for Contiki-NG-based IoT networks exposed to NSL-KDD dataset. In ACM Workshop on Wireless Security and Machine Learning.

Digital Library

[105]

Jinping Liu, Wuxia Zhang, Zhaohui Tang, Yongfang Xie, Tianyu Ma, Jingjing Zhang, Guoyong Zhang, and Jean Paul Niyoyita. 2020. Adaptive intrusion detection via GA-GOGMM-based pattern learning with fuzzy rough set-based attribute selection. Exp. Syst. Applic. 139 (2020), 112845.

[106]

Wei Liu, LinLin Ci, and LiPing Liu. 2020. A new method of fuzzy support vector machine algorithm for intrusion detection. Appl. Sci. 10 (2020).

[107]

Jie Lu, Vahid Behbood, Peng Hao, Hua Zuo, Shan Xue, and Guangquan Zhang. 2015. Transfer learning using computational intelligence: A survey. Knowl.-based Syst. 80 (2015), 14–23.

Digital Library

[108]

Ma Yue, Lian Hong, and X. F. Zhang. 2010. Researches on the IPv6 network safeguard linked system. In International Conference on Computer Science and Information Technology. 387–390.

[109]

Gabriel Maciá-Fernández, José Camacho, Roberto Magán-Carrión, Pedro García-Teodoro, and Roberto Therón. 2018. UGR’16: A new dataset for the evaluation of cyclostationarity-based network IDSs. Comput. Secur. 73 (2018).

[110]

Roberto Magán-Carrión, Daniel Urda, Ignacio Díaz-Cano, and Bernabé Dorronsoro. 2020. Towards a reliable comparison and evaluation of network intrusion detection systems based on machine learning approaches. Appl. Sci. 10, 5 (2020).

[111]

Shraddha Mane and Dattaraj Rao. 2021. Explaining network intrusion detection system using explainable AI framework. arXiv preprint arXiv:2103.07110 (2021).

[112]

M. A. Manzoor and Y. Morgan. 2016. Real-time support vector machine based network intrusion detection system using Apache Storm. In Annual Information Technology, Electronics and Mobile Communication Conference. 1–5.

[113]

Daniel L. Marino, Chathurika S. Wickramasinghe, and Milos Manic. 2018. An adversarial approach for explainable AI in intrusion detection systems. In IECON Annual Conference of the IEEE Industrial Electronics Society. 3237–3243.

[114]

Nathan Martindale, Muhammad Ismail, and Douglas A. Talbert. 2020. Ensemble-based online machine learning algorithms for network intrusion detection systems using streaming data. Information 11, 6 (2020), 315.

[115]

Maja Mataric. 1991. A comparative analysis of reinforcement learning methods. http://bitsavers.informatik.uni-stuttgart.de/pdf/mit/ai/aim/AIM-1322.pdf.

[116]

Johan Mazel, Romain Fontugne, and Kensuke Fukuda. 2014. A taxonomy of anomalies in backbone network traffic. In International Wireless Communications and Mobile Computing Conference. 30–36.

[117]

Joseph W. Mikhail, John M. Fossaceca, and Ronald Iammartino. 2019. A semi-boosted nested model with sensitivity-based weighted binarization for multi-domain network intrusion detection. ACM Transactions on Intelligent Systems and Technology (TIST) 10, 3 (2019), 1–27.

Digital Library

[118]

Robert Mitchell and Ing-Ray Chen. 2014. A survey of intrusion detection in wireless network applications. Comput. Commun. 42 (2014), 1–23.

Digital Library

[119]

Chirag Modi, Dhiren Patel, Bhavesh Borisaniya, Hiren Patel, Avi Patel, and Muttukrishnan Rajarajan. 2013. A survey of intrusion detection techniques in Cloud. J. Netw. Comput. Applic. 36, 1 (2013), 42–57.

Digital Library

[120]

Sara Mohammadi, Hamid Mirvaziri, Mostafa Ghazizadeh-Ahsaee, and Hadis Karimipour. 2019. Cyber intrusion detection by combined feature selection algorithm. J. Inf. Secur. Applic. 44 (2019), 80–88.

[121]

Valerio Morfino and Salvatore Rampone. 2020. Towards near-real-time intrusion detection for IoT devices using supervised learning and Apache Spark. Electronics 9, 3 (2020).

[122]

N. Moustafa and J. Slay. 2015. The significant features of the UNSW-NB15 and the KDD99 data sets for network intrusion detection systems. In International Workshop on Building Analysis Datasets and Gathering Experience Returns for Security. 25–31.

[123]

N. Moustafa and J. Slay. 2015. UNSW-NB15: A comprehensive data set for network intrusion detection systems. In Military Communications and Information Systems Conference. 1–6.

[124]

Biswanath Mukherjee, L. Todd Heberlein, and Karl N. Levitt. 1994. Network intrusion detection. IEEE Netw. 8, 3 (1994), 26–41.

Digital Library

[125]

Saurabh Mukherjee and Neelam Sharma. 2012. Intrusion detection using naive Bayes classifier with feature reduction. Procedia Technol. 4 (2012), 119–128.

[126]

R. Newman. 2009. Computer Security: Protecting Digital Resources. Jones and Bartlett Publishers.

[127]

Quoc Phong Nguyen, Kar Wai Lim, Dinil Mon Divakaran, Kian Hsiang Low, and Mun Choon Chan. 2019. GEE: A gradient-based explainable variational autoencoder for network anomaly detection. In IEEE Conference on Communications and Network Security. 91–99.

[128]

Fakhroddin Noorbehbahani, Ali Fanian, Rasoul Mousavi, and Homa Hasannejad. 2017. An incremental intrusion detection system using a new semi-supervised stream classification method. Int. J. Commun. Syst. 30, 4 (2017), e3002.

[129]

Stephen Northcutt and Judy Novak. 2002. Network Intrusion Detection. Sams Publishing.

[130]

Markus Ring, Sarah Wunderlich, Dominik Grüdl, Dieter Landes, and Andreas Hotho. 2017. Flow-based benchmark data sets for intrusion detection. In Proceedings of the 16th European Conference on Cyber Warfare and Security. 361–369.

[131]

The University of New South Wales. 2015. The UNSW-NB15 Dataset Description. Retrieved from https://www.unsw.adfa.edu.au/unsw-canberra-cyber/cybersecurity/ADFA-NB15-Datasets/.

[132]

Kaunas University of Technology. 2020. LITNET-2020: An Annotated Real-world Network Flows Dataset for Network Intrusion Detection.Retrieved from https://dataset.litnet.lt/.

[133]

Takwa Omrani, Adel Dallali, Belgacem Chibani Rhaimi, and Jaouhar Fattahi. 2017. Fusion of ANN and SVM classifiers for network attack detection. In International Conference on Sciences and Techniques of Automatic Control and Computer Engineering. 374–377.

[134]

Mrutyunjaya Panda, Ajith Abraham, and Manas Ranjan Patra. 2012. A hybrid intelligent approach for network intrusion detection. Procedia Eng. 30 (2012), 1–9.

[135]

Mrutyunjaya Panda and Manas Ranjan Patra. 2007. Network intrusion detection using naive bayes. Int. J. Comput. Sci. Netw. Secur. 7, 12 (2007), 258–263.

[136]

Darsh Patel, Kathiravan Srinivasan, Chuan-Yu Chang, Takshi Gupta, and Aman Kataria. 2020. Network anomaly detection inside consumer networks–A hybrid approach. Electronics 9, 6 (2020), 923.

[137]

Y. Peng, J. Su, X. Shi, and B. Zhao. 2019. Evaluating deep learning based network intrusion detection system in adversarial environment. In IEEE International Conference on Electronics Information and Emergency Communication.

[138]

Robi Polikar, Lalita Udpa, Satish Udpa, and Vasant Honavar. 2004. An incremental learning algorithm with confidence estimation for automated identification of NDE signals. IEEE Trans. Ultrason., Ferroelect., Freq. Contr. 51, 8 (2004), 990–1001.

[139]

H. E. Poston. 2012. A brief taxonomy of intrusion detection strategies. In IEEE National Aerospace and Electronics Conference. 255–263.

[140]

Mahendra Prasad, Sachin Tripathi, and Keshav Dahal. 2020. An efficient feature selection based Bayesian and Rough set approach for intrusion detection. Appl. Soft Comput. 87 (2020), 105980.

Digital Library

[141]

M. R. Gauthama Raman, Kannan Kirthivasan, and V. S. Shankar Sriram. 2017. Development of rough set–hypergraph technique for key feature identification in intrusion detection systems. Comput. Electric. Eng. 59 (2017), 189–200.

[142]

N. Ravi and S. M. Shalinie. 2020. Semi-supervised learning based security to detect and mitigate intrusions in IoT network. IEEE Internet Things J. 7, 11 (2020), 11041–11052.

[143]

Paulo Angelo Alves Resende and André Costa Drummond. 2018. A survey of random forest based methods for intrusion detection systems. ACM Comput. Surv. 51, 3 (2018).

[144]

Markus Ring, Daniel Schlör, Dieter Landes, and Andreas Hotho. 2019. Flow-based network traffic generation using generative adversarial networks. Comput. Secur. 82 (2019), 156–172.

Digital Library

[145]

Markus Ring, Sarah Wunderlich, Dominik Grüdl, Dieter Landes, and Andreas Hotho. 2017. Creation of flow-based data sets for intrusion detection. J. Inf. Warf. 16, 4 (2017), 40–53.

[146]

Markus Ring, Sarah Wunderlich, Dominik Grüdl, Dieter Landes, and Andreas Hotho. 2017. Flow-based benchmark data sets for intrusion detection. In European Conference on Cyber Warfare and Security. 361–369.

[147]

Markus Ring, Sarah Wunderlich, Deniz Scheuring, Dieter Landes, and Andreas Hotho. 2019. A survey of network-based intrusion detection data sets. Comput. Secur. 86 (2019), 147–167.

Digital Library

[148]

A. Sahu, Z. Mao, K. Davis, and A. E. Goulart. 2020. Data processing and model selection for machine learning-based network intrusion detection. In IEEE International Workshop Technical Committee on Communications Quality and Reliability. 1–6.

[149]

Roberto Saia, Salvatore Carta, Diego Reforgiato Recupero, Gianni Fenu, and Maria Madalina Stanciu.2019. A discretized extended feature space (DEFS) model to improve the anomaly detection performance in network intrusion detection systems. In International Joint Conference on Knowledge Discovery, Knowledge Engineering and Knowledge Management. 322–329.

[150]

Fadi Salo, Ali Bou Nassif, and Aleksander Essex. 2019. Dimensionality reduction with IG-PCA and ensemble classifier for network intrusion detection. Comput. Netw. 148 (2019), 164–175.

[151]

Mohanad Sarhan, Siamak Layeghy, and Marius Portmann. 2021. An explainable machine learning-based network intrusion detection system for enabling generalisability in securing IoT networks. arXiv preprint arXiv:2104.07183 (2021).

[152]

Martin Sarnovsky and Jan Paralic. 2020. Hierarchical intrusion detection using machine learning and knowledge model. Symmetry 12, 2 (2020), 203.

[153]

K. Selvakumar, Marimuthu Karuppiah, L. SaiRamesh, S. K. Hafizul Islam, Mohammad Mehedi Hassan, Giancarlo Fortino, and Kim-Kwang Raymond Choo. 2019. Intelligent temporal classification and fuzzy rough set-based feature selection algorithm for intrusion detection system in WSNs. Inf. Sci. 497 (2019), 77–90.

Digital Library

[154]

Kamalakanta Sethi, Rahul Kumar, Nishant Prajapati, and Padmalochan Bera. 2020. Deep reinforcement learning based intrusion detection system for cloud infrastructure. In International Conference on COMmunication Systems & NETworkS. 1–6.

[155]

A. Shafee, M. Baza, D. A. Talbert, M. M. Fouda, M. Nabil, and M. Mahmoud. 2020. Mimic learning to generate a shareable network intrusion detection model. In IEEE Annual Consumer Communications Networking Conference. 1–6.

[156]

Shahaboddin Shamshirband, Amineh Amini, Nor Badrul Anuar, Miss Laiha Mat Kiah, Ying Wah Teh, and Steven Furnell. 2014. D-FICCA: A density-based fuzzy imperialist competitive clustering algorithm for intrusion detection in wireless sensor networks. Measurement 55 (2014), 212–226.

[157]

Z. Shi, J. Li, and C. Wu. 2019. DeepDDoS: Online DDoS attack detection. In IEEE Global Communications Conference. 1–6.

[158]

N. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi. 2018. A deep learning approach to network intrusion detection. IEEE Trans. Emerg. Top. Comput. Intell. 2, 1 (2018), 41–50.

[159]

W. Shuyue, Y. Jie, and F. Xiaoping. 2011. Research on intrusion detection method based on SVM co-training. In International Conference on Intelligent Computation Technology and Automation. 668–671.

[160]

Kamran Siddique, Zahid Akhtar, Farrukh Aslam Khan, and Yangwoo Kim. 2019. KDD Cup 99 data sets: A perspective on the role of data sets in network intrusion detection research. Computer 52, 2 (2019), 41–51.

[161]

A. Singla, E. Bertino, and D. Verma. 2019. Overcoming the lack of labeled data: Training intrusion detection models using transfer learning. In IEEE International Conference on Smart Computing. 69–74.

[162]

Robin Sommer and Vern Paxson. 2010. Outside the closed world: On using machine learning for network intrusion detection. In IEEE Symposium on Security and Privacy. 305–316.

Digital Library

[163]

Tongtong Su, Huazhi Sun, Jinqi Zhu, Sheng Wang, and Yabo Li. 2020. BAT: Deep learning methods on network intrusion detection using NSL-KDD dataset. IEEE Access 8 (2020), 29575–29585.

[164]

P. Kola Sujatha, C. Suba Priya, and A. Kannan. 2012. Network intrusion detection system using genetic network programming with support vector machine. In International Conference on Advances in Computing, Communications and Informatics. 645–649.

[165]

Mateusz Szczepański, Michał Choraś, Marek Pawlicki, and Rafał Kozik. 2020. Achieving explainability of intrusion detection system by hybrid oracle-explainer approach. In International Joint Conference on Neural Networks. 1–8.

[166]

Z. Tan, A. Jamdagni, X. He, and P. Nanda. 2010. Network intrusion detection based on LDA for payload feature selection. In IEEE Globecom Workshops. 1545–1549.

[167]

Bo Tang and Haibo He. 2017. A local density-based approach for outlier detection. Neurocomputing 241 (2017), 171–180.

Digital Library

[168]

Shahroz Tariq, Sangyup Lee, and Simon S. Woo. 2020. CANTransfer: Transfer learning based intrusion detection on a controller area network using convolutional LSTM network. In Annual ACM Symposium on Applied Computing. 1048–1055.

[169]

Yogita Thakran and Durga Toshniwal. 2012. Unsupervised outlier detection in streaming data using weighted clustering. In International Conference on Intelligent Systems Design and Applications. 947–952.

[170]

I. S. Thaseen and C. A. Kumar. 2016. An integrated intrusion detection model using consistency based feature selection and LPBoost. In International Conference on Green Engineering and Technologies. 1–6.

[171]

M. Thottan and Chuanyi Ji. 2003. Anomaly detection in IP networks. IEEE Trans. Sig. Process. 51, 8 (2003), 2191–2204.

Digital Library

[172]

M. Usama, M. Asim, S. Latif, J. Qadir, and Ala-Al-Fuqaha. 2019. Generative adversarial networks for launching and thwarting adversarial attacks on network intrusion detection systems. In International Wireless Communications Mobile Computing Conference. 78–83.

[173]

K. Keerthi Vasan and B. Surendiran. 2016. Dimensionality reduction using principal component analysis for network intrusion detection. Perspect. Sci. 8 (2016), 510–512.

[174]

Cheng-Ru Wang, Rong-Fang Xu, Shie-Jue Lee, and Chie-Hong Lee. 2018. Network intrusion detection using equality constrained-optimization-based extreme learning machines. Knowl.-based Syst. 147 (2018), 68–80.

[175]

Maonan Wang, Kangfeng Zheng, Yanqing Yang, and Xiujuan Wang. 2020. An explainable machine learning framework for intrusion detection systems. IEEE Access 8 (2020), 73127–73141.

[176]

Quanmin Wang and Xuan Wei. 2020. The detection of network intrusion based on improved Adaboost algorithm. In International Conference on Cryptography, Security and Privacy. 84–88.

Digital Library

[177]

Wei Wang, Thomas Guyet, René Quiniou, Marie-Odile Cordier, Florent Masseglia, and Xiangliang Zhang. 2014. Autonomic intrusion detection: Adaptively detecting anomalies over unlabeled audit data streams in computer networks. Knowl.-based Syst. 70 (2014), 103–117.

[178]

W. Wong, H. Chen, C. Hsu, and T. Chao. 2011. Reinforcement learning of robotic motion with genetic programming, simulated annealing and self-organizing map. In International Conference on Technologies and Applications of Artificial Intelligence. 292–298.

[179]

Binhan Xu, Shuyu Chen, Hancui Zhang, and Tianshu Wu. 2017. Incremental k-NN SVM method in intrusion detection. In IEEE International Conference on Software Engineering and Service Science. 712–717.

[180]

C. Xu, J. Shen, and X. Du. 2020. A method of few-shot network intrusion detection based on meta-learning framework. IEEE Trans. Inf. Forens. Secur. 15 (2020), 3540–3552.

[181]

C. Xu, J. Shen, X. Du, and F. Zhang. 2018. An intrusion detection system using a deep neural network with gated recurrent units. IEEE Access 6 (2018), 48697–48707.

[182]

S. Xu, Y. Qian, and R. Q. Hu. 2019. Data-driven edge intelligence for robust network anomaly detection. IEEE Trans. Netw. Sci. Eng. 7, 3 (2019), 1481–1492.

[183]

H. Yang and F. Wang. 2019. Wireless network intrusion detection based on improved convolutional neural network. IEEE Access 7 (2019), 64366–64374.

[184]

Y. Yang, K. Zheng, B. Wu, Y. Yang, and X. Wang. 2020. Network intrusion detection based on supervised adversarial variational auto-encoder with regularization. IEEE Access 8 (2020).

[185]

Yang Yi, Jiansheng Wu, and Wei Xu. 2011. Incremental SVM based on reserved set for network intrusion detection. Exp. Syst. Applic. 38, 6 (2011), 7698–7707.

Digital Library

[186]

Dong Yin, Raphael Gontijo Lopes, Jonathon Shlens, Ekin D. Cubuk, and Justin Gilmer. 2019. A Fourier perspective on model robustness in computer vision. arXiv preprint arXiv:1906.08988 (2019).

[187]

Ying Wang, Yongjun Shen, and Guidong Zhang. 2016. Research on intrusion detection model using ensemble learning methods. In IEEE International Conference on Software Engineering and Service Science. 422–425.

[188]

S. Youm, Y. Kim, K. Shin, and E. Kim. 2020. An authorized access attack detection method for realtime intrusion detection system. In IEEE Annual Consumer Communications Networking Conference. 1–6.

[189]

D. YuanTong. 2019. Research of intrusion detection method based on IL-FSVM. In Joint International Information Technology and Artificial Intelligence Conference. 1221–1225.

[190]

F. Zhang and D. Wang. 2013. An effective feature selection approach for network intrusion detection. In IEEE Eighth International Conference on Networking, Architecture and Storage. 307–311.

[191]

Hongpo Zhang, Lulu Huang, Chase Q. Wu, and Zhanbo Li. 2020. An effective convolutional neural network based on SMOTE and Gaussian mixture model for intrusion detection in imbalanced dataset. Comput. Netw. 177 (2020).

[192]

Jiong Zhang, Mohammad Zulkernine, and Anwar Haque. 2008. Random-forests-based network intrusion detection systems. IEEE Trans. Syst., Man, Cybern. 38, 5 (2008), 649–659.

Digital Library

[193]

Wenhao Zhang, Ramin Ramezani, and Arash Naeim. 2019. WOTBoost: Weighted oversampling technique in boosting for imbalanced learning. In IEEE International Conference on Big Data. 2523–2531.

[194]

Y. Zhang, X. Chen, D. Guo, M. Song, Y. Teng, and X. Wang. 2019. PCCN: Parallel cross convolutional neural network for abnormal network traffic flows detection in multi-class imbalanced network traffic flows. IEEE Access 7 (2019), 119904–119916.

[195]

Y. Zhang, X. Chen, L. Jin, X. Wang, and D. Guo. 2019. Network intrusion detection: Based on deep hierarchical network and original flow data. IEEE Access 7 (2019), 37004–37016.

[196]

Y. Zhang, Q. Yang, S. Lambotharan, K. Kyriakopoulos, I. Ghafir, and B. AsSadhan. 2019. Anomaly-based network intrusion detection using SVM. In International Conference on Wireless Communications and Signal Processing. 1–6.

[197]

J. Zhao, S. Shetty, and J. W. Pan. 2017. Feature-based transfer learning for network security. In IEEE Military Communications Conference. 17–22.

[198]

Juan Zhao, Sachin Shetty, Jan Wei Pan, Charles Kamhoua, and Kevin Kwiat. 2019. Transfer learning for detecting unknown network attacks. EURASIP J. Inf. Secur. 2019, 1 (2019), 1.

[199]

Tong Zhao, Chuchen Deng, Kaifeng Yu, Tianwen Jiang, Daheng Wang, and Meng Jiang. 2020. Error-bounded graph anomaly loss for GNNs. In ACM International Conference on Information and Knowledge Management (CIKM’20).

Digital Library

[200]

Ming Zheng, Tong Li, Rui Zhu, Yahui Tang, Mingjing Tang, Leilei Lin, and Zifei Ma. 2020. Conditional Wasserstein generative adversarial network-gradient penalty-based approach to alleviating imbalanced data classification. Inf. Sci. 512 (2020), 1009–1023.

Digital Library

[201]

Ying Zhong, Wenqi Chen, Zhiliang Wang, Yifan Chen, Kai Wang, Yahui Li, Xia Yin, Xingang Shi, Jiahai Yang, and Keqin Li. 2020. HELAD: A novel network anomaly detection model based on heterogeneous ensemble learning. Comput. Netw. 169 (2020), 107049.

Digital Library

[202]

Yingying Zhu, Junwei Liang, Jianyong Chen, and Zhong Ming. 2017. An improved NSGA-III algorithm for feature selection used in intrusion detection. Knowl.-based Syst. 116 (2017), 74–85.

[203]

Wei Zong, Yang-Wai Chow, and Willy Susilo. 2020. Interactive three-dimensional visualization of network intrusion detection data for machine learning. Fut. Gen. Comput. Syst. 102 (2020), 292–306.

Cited By

Le THuynh-The T(2025)Cyberattacks Classification by Tuning Deep Hyperparameters Using Bayesian Optimization2025 19th International Conference on Ubiquitous Information Management and Communication (IMCOM)10.1109/IMCOM64595.2025.10857492(1-7)Online publication date: 3-Jan-2025
https://doi.org/10.1109/IMCOM64595.2025.10857492
Zhang Y(2025)FWA-SVM Network Intrusion Identification Technology for Network SecurityIEEE Access10.1109/ACCESS.2025.353261913(18579-18593)Online publication date: 2025
https://doi.org/10.1109/ACCESS.2025.3532619
Li JMeng XQi ZGuo DFu C(2025)Attack stage detection method based on vector reconstruction error autoencoder and explainable artificial intelligenceThe Journal of Supercomputing10.1007/s11227-024-06473-381:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s11227-024-06473-3
Show More Cited By

Index Terms

A Survey on Data-driven Network Intrusion Detection

Recommendations

Enhancing byte-level network intrusion detection signatures with context
CCS '03: Proceedings of the 10th ACM conference on Computer and communications security

Many network intrusion detection systems (NIDS) use byte sequences as signatures to detect malicious activity. While being highly efficient, they tend to suffer from a high false-positive rate. We develop the concept of contextual signatures as an ...
An artificial intelligence membrane to detect network intrusion

We propose an artificial intelligence membrane to detect network intrusion, which is analogous to a biological membrane that prevents viruses from entering cells. This artificial membrane is designed to monitor incoming packets and to prevent a ...
Agent-oriented network intrusion detection system using data mining approaches

Most of the existing commercial Network Intrusion Detection System (NIDS) products are signature-based but not adaptive. In this paper, an adaptive NIDS using data mining technology is developed. Data mining approaches are used to accurately capture the ...

Comments

Information & Contributors

Information

Published In

cover image ACM Computing Surveys

ACM Computing Surveys Volume 54, Issue 9

December 2022

800 pages

ISSN:0360-0300

EISSN:1557-7341

DOI:10.1145/3485140

Editor:
Albert Zomaya
University of Sydney, Australia

Issue’s Table of Contents

Copyright © 2021 Association for Computing Machinery.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 08 October 2021

Accepted: 01 June 2021

Revised: 01 May 2021

Received: 01 September 2020

Published in CSUR Volume 54, Issue 9

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Survey
Refereed

Funding Sources

NSF

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

80
Total Citations
View Citations
5,900
Total Downloads

Downloads (Last 12 months)1,605
Downloads (Last 6 weeks)182

Reflects downloads up to 08 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Le THuynh-The T(2025)Cyberattacks Classification by Tuning Deep Hyperparameters Using Bayesian Optimization2025 19th International Conference on Ubiquitous Information Management and Communication (IMCOM)10.1109/IMCOM64595.2025.10857492(1-7)Online publication date: 3-Jan-2025
https://doi.org/10.1109/IMCOM64595.2025.10857492
Zhang Y(2025)FWA-SVM Network Intrusion Identification Technology for Network SecurityIEEE Access10.1109/ACCESS.2025.353261913(18579-18593)Online publication date: 2025
https://doi.org/10.1109/ACCESS.2025.3532619
Li JMeng XQi ZGuo DFu C(2025)Attack stage detection method based on vector reconstruction error autoencoder and explainable artificial intelligenceThe Journal of Supercomputing10.1007/s11227-024-06473-381:1Online publication date: 1-Jan-2025
https://dl.acm.org/doi/10.1007/s11227-024-06473-3
Wang MYang NGuo YWeng N(2024)Learn-IDS: Bridging Gaps between Datasets and Learning-Based Network Intrusion DetectionElectronics10.3390/electronics1306107213:6(1072)Online publication date: 14-Mar-2024
https://doi.org/10.3390/electronics13061072
Yazdanypoor MCirillo SSolimando G(2024)Developing a Hybrid Detection Approach to Mitigating Black Hole and Gray Hole Attacks in Mobile Ad Hoc NetworksApplied Sciences10.3390/app1417798214:17(7982)Online publication date: 6-Sep-2024
https://doi.org/10.3390/app14177982
Husák MManoj DKumar P(2024)Machine Learning in Intrusion Detection: An Operational Perspective2024 20th International Conference on Network and Service Management (CNSM)10.23919/CNSM62983.2024.10814637(1-7)Online publication date: 28-Oct-2024
https://doi.org/10.23919/CNSM62983.2024.10814637
Yang LShami ADehghantanha AParizi REpiphaniou G(2024)Towards Autonomous Cybersecurity: An Intelligent AutoML Framework for Autonomous Intrusion DetectionProceedings of the Workshop on Autonomous Cybersecurity10.1145/3689933.3690833(68-78)Online publication date: 6-Nov-2024
https://dl.acm.org/doi/10.1145/3689933.3690833
Yang SZheng XLi JXu JWang XNgai EBaeza-Yates RBonchi F(2024)ReCDA: Concept Drift Adaptation with Representation Enhancement for Network Intrusion DetectionProceedings of the 30th ACM SIGKDD Conference on Knowledge Discovery and Data Mining10.1145/3637528.3672007(3818-3828)Online publication date: 25-Aug-2024
https://dl.acm.org/doi/10.1145/3637528.3672007
Freitas SGharib ASerra ESpezzano F(2024)GraphWeaver: Billion-Scale Cybersecurity Incident CorrelationProceedings of the 33rd ACM International Conference on Information and Knowledge Management10.1145/3627673.3680057(4479-4486)Online publication date: 21-Oct-2024
https://dl.acm.org/doi/10.1145/3627673.3680057
Jiang JWang DZhang G(2024)QPause: Quantum-Resistant Password-Protected Data Outsourcing for Cloud StorageIEEE Transactions on Services Computing10.1109/TSC.2023.333100017:3(1140-1153)Online publication date: May-2024
https://doi.org/10.1109/TSC.2023.3331000
Show More Cited By

View Options

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

HTML Format

View this article in HTML Format.

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Article

Figures

Tables

Media

View Issue’s Table of Contents