Machine Learning for Intrusion Detection in Cyber Security: Applications, Challenges, and Recommendations
Abstract
Abstract Views: 100Modern life revolves around networks and cybersecurity has emerged as a critical study field. The health of the software and hardware running on a network is monitored by an Intrusion Detection System (IDS) which is a fundamental cybersecurity approach. After decades of research, the existing IDSs have developed the capability to confront hurdles in order to improve detection accuracy, reduce false alarm rates, and detect unexpected attacks. Many academics have concentrated on designing such IDSs that employ machine learning approaches to overcome the aforementioned difficulties. Machine learning approaches are capable to discover important distinctions that exist between normal and aberrant data with great accuracy. Moreover, these approaches are also very generalizable which allows them to detect unknown attacks. The survey conducted in the current study offers ataxonomy of IDS based on machine learning that uses data objects as the critical dimension to classify and summarize the IDS literature. This form of classification structure is appropriate for cyber security researchers.
Downloads
References
I. Levin and M. Dan, “Culture and society in the digital age,” Information, vol. 12, no. 2, Art. no. 68, Feb. 2021, doi: https://doi.org/10.3390/info120 20068
N. A. Usmani, T. Ahmed, and M. Faisal, “An IoT-based Framework toward a Feasible Safe and Smart City Using Drone Surveillance,” in Smart Cities, K. Kumar, G. Saini, D. Manh Nguyen, N. Kumar, and R. Shah, Eds., CRC Press, 2022, pp. 97–112.
K. F. Steinmetz, A. Pimentel, and W. R. Goe, “Performing social engineering: A qualitative study of information security deceptions,” Comput. Hum. Behav., vol. 124, Art. no. 106930, 2021, doi: https://doi.org/10.1016/j.chb.20 21.106930
Z. Ahmad, A. K. Shahid, C. S. Wai, J. Abdullah, and F. Ahmad, “Network intrusion detection system: A systematic study of machine learning and deep learning approaches,” Trans. Emerg. Telecommun. Technol., vol. 32, no. 1, Art. no. 4150, 2021, doi: https://doi.org/10.1002/ett.4150
M. Sarhan, S. Layeghy, and M. Portmann, “Towards a standard feature set for network intrusion detection system datasets,” Mobile Netw. Appl., vol. 1, pp. 1-14, 2021, doi: https://doi.org/10.1007/s11036- 021-01843-0
A. Thakkar and R. Lohiya, “A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions,” Artif. Intell. Rev., vol. 55, pp. 453–563, 2021, doi: https://doi.org/10.1007/s10462- 021-10037-9
R. Leszczyna, “Review of cybersecurity assessment methods: Applicability perspective,” Comput. Secur., vol. 108, Art. no. 102376, 2021, doi: https://doi.org/10.1016/j.cose.2 021.102376 [8] H. Wu, N. Ba, S. Ren, et al., “The impact of internet development on the health of Chinese residents: Transmission mechanisms and empirical tests,” Socio-Econom. Plann. Sci., vol. 81, Art. no. 101178, 2021, doi: https://doi.org/10.1016/j.seps.2021.101178
H. Wu, Y. Hao, S. Ren, X. Yang, and G. Xie, “Does internet development improve green total factor energy efficiency? Evidence from China,” Energy Policy, vol. 153, Art. no. 112247, 2021, doi: https://doi.org/10.1016/j.enpol.2021.112247
A. Churcher, R. Ullah, J. Ahmad, et al., “An experimental analysis of attack classification using machine learning in IoT networks,” Sensors, vol. 21, no. 2, Art. no. 446, 2021, doi: https://doi.org/10.3390/s21020446
J. Perháč, V. Novitzká, W. Steingartner, and Z. Bilanová, “Formal model of IDS based on BDI logic,” Math., vol. 9, no. 18, Art. no. 2290, 2021, doi: https://doi.org/10.3390/math9182290
N. Abosata, S. A. Rubaye, G. Inalhan, and C. Emmanouilidis, “Internet of things for system integrity: a
comprehensive survey on security, attacks and countermeasures for industrial applications,” Sensors, vol. 21, no. 11, Art. no. 3654, 2021, doi: https://doi.org/10.3390/s21113654
A. Khraisat and A. Alazab, “A critical review of intrusion detection systems in the internet of things: techniques, deployment strategy, validation strategy, attacks, public datasets and challenges,” Cybersecur., vol. 4, no. 1, pp. 1–27, 2021, doi: https://doi.org/10.1186/s42400-021-00077-7
D. Chen, P. Wawrzynski, and Z. Lv, “Cyber security in smart cities: A review of deep learning-based applications and case studies,” Sustain. Cities Soci., vol. 66, Art. no. 102655, 2021, doi: https://doi.org/10.1016/j.scs.2020.102655
M. Mahdavisharif, S. Jamali, and R. Fotohi, “Big data-aware intrusion detection system in communication networks: a deep learning approach,” J. Grid Comput., vol. 19, no. 4, pp. 1–28, 2021, doi: https://doi.org/10.1007/s10723-021-09581-z
P. Kumar, G. P. Gupta, and R. Tripathi, “Design of anomaly-based intrusion detection system using fog computing for IoT network,” Aut. Control Comput. Sci., vol. 55, no. 2, pp. 137–147, 2021, doi: https://doi.org/10.3103/S01464 11621020085
V. Ponnusamy, M. Humayun, N. Jhanjhi, A. Yichiet, and M. F. Almufareh, “Intrusion detection systems in internet of things and mobile ad-hoc networks,” Comput. Syst. Sci. Eng., vol. 40, no. 3, pp. 1199– 1215, 2022, doi: https://doi.org/10.32604/csse.2 022.018518
Y. Jiang and Y. Atif, “A selective ensemble model for cognitive cybersecurity analysis,” J. Netw. Comput. Appl., vol. 193, Art. no. 103210, 2021, doi: https://doi.org/10.1016/j.jnca.2 021.103210
I. Castiglioni, L. Rundo, M. Codari, et al., “AI applications to medical images: From machine learning to deep learning,” Physica Med., vol. 83, pp. 9–24, 2021, doi: https://doi.org/10.1016/j.ejmp. 2021.02.006
A. O. Drewek, M. Pietrołaj, and J. Rumiński, “A survey of neural networks usage for intrusion detection systems,” J. Ambient Intell. Humaniz. Comput., vol. 12, no. 1, pp. 497–514, 2021. https://doi.org/10.1007/s12652 -020-02014-x
P. G. George and V. R. Renjith, “Evolution of safety and security risk assessment methodologies towards the use of bayesian networks in process industries,” Process Saf. Environ. Prot., vol. 149, pp. 758–775, 2021, doi: https://doi.org/10.1016/j.psep. 2021.03.031
A. J. Obaid, K. A. Alghurabi, S. A. Albermany, and S. Sharma, “Improving extreme learning machine accuracy utilizing genetic algorithm for intrusion detection purposes,” in Research in Intelligent and Computing in Engineering, R. N. Kumar, N. H. Quang, V. Kumar Solanki, M. Cardona, P. K. Pattnaik, Eds., Singapore: Springer, 2021, pp. 171–177, doi: https://doi.org/10.1007/978- 981-15-7527-3_17
M. Choraś and M. Pawlicki, “Intrusion detection approach based on optimised artificial neural network,” Neurocomput., vol. 452, pp. 705–715, 2021, doi:
https://doi.org/10.1016/j.neucom.2020.07.138
M. Ajdani and H. Ghaffary, “Design network intrusion detection system using support vector machine,” Int. J. Commun. Syst., vol. 34, no. 3, Art. no. 4689, 2021, doi: https://doi.org/10.1002/dac.4689
M. Mohammadi, T. A. Rashid, S. H. T. Karim, et al, “A comprehensive survey and taxonomy of the SVM-based intrusion detection systems,” J. Netw. Comput. Appl., vol. 178, Art. no. 102983, 2021, doi: https://doi.org/10.1016/j.jnca.2021.102983
M. Zubair, A. Ali, S. Naeem, F. Jamal and C. Chesneau, “Emotion recognition from facial expression using machine vision approach,” J. Appl. Emerg. Sci., vol. 10, no. 1, pp. 12–21, 2020.
X. Duan, S. Ying, W. Yuan, H. Cheng, and X. Yin, “QLLog: A log anomaly detection method based on Q-learning algorithm,” Info. Process. Manag., vol. 58, no. 3, Art. no. 102540, 2021, doi: https://doi.org/10.1016/j.ipm.2021.102540
R. Kajal, D. Syamala, and G. Ajay, “Decision tree-based Algorithm for Intrusion Detection,” Int. J. Adv. Netw. Appl., vol. 7, no. 4, pp. 2828–2834, 2021.
N. Kaur, M. Bansal, and S. S. Sran, “Scrutinizing attacks and evaluating performance appraisal parameters via feature selection in intrusion detection system,” Res. Squ., vol. 10, pp. 1–14, 2021, doi: : https://doi.org/10.21203/rs.3.rs-748765/v1
Q. V. Dang, “Studying the fuzzy clustering algorithm for intrusion detection on the attacks to the domain name system,” in 2021 5th World Conf. Smart Trends Syst. Secur. Sustainab. (WorldS4), London, United Kingdom, 29–30 July, 2021, IEEE, pp. 271–274, doi: https://doi.org/10.1109/WorldS451998.2021.9514038
M. Almseidin, J. Al-Sawwa, and M. Alkasassbeh, “Anomaly-based Intrusion Detection System Using Fuzzy Logic,” in 2021 Int. Conf. Inform. Technol., IEEE, Amman, Jordan, July 14–15, 2021, pp. 290-295, doi:https://doi.org/10.1109/ICIT52 682.2021.9491742
A. Alsaleh and W. Binsaeedan, “The influence of salp swarm algorithm-based feature selection on network anomaly intrusion detection,” IEEE Access, vol. 9, pp. 112466- 112477, Aug. 2021, doi: https://doi.org/10.1109/ACCE SS.2021.3102095
J. E. Fontecha, P. Agarwal, M. N. Torres, S. Mukherjee, L. J. Walteros, and J. P. Rodríguez, “A two‐stage data‐driven spatiotemporal analysis to predict failure risk of urban sewer systems leveraging machine learning algorithms,” Risk Anal., vol. 41, no. 12, pp. 122-151, Dec. 2021, doi: https://doi.org/10.1111/risa.13 742
R. Abdulhammed, M. Faezipour, A. Abuzneid, and A. Alessa, “Effective features selection and machine learning classifiers for improved wireless intrusion detection,” in 2018 Int. Symp. Netw, Comput. Commun., Rome, Italy, June 19–21, 2018, pp. 1– 6, doi: https://doi.org/10.1109/ISNCC .2018.8530969
A. Ali and S. Naeem, “The controller parameter optimization for nonlinear systems using particle swarm optimization and genetic algorithm,” J. Appl. Emerg. Sci., vol. 12, no. 1, 2022.
K. S. Bhosale, M. Nenova, and G. Iliev, “Data mining based advanced algorithm for intrusion detections in communication networks,” in 2018 Int. Conf. Comput. Tech. Electron. Mechanic. Syst., Belgaum, India, Dec. 21–22, 2018, pp. 297–300, doi: https://doi.org/10.1109/CTEM S.2018.8769173
K. K. Gulla, P. Viswanath, S. B. Veluru, and R. R. Kumar, “Machine learning based intrusion detection techniques,” in Handbook of computer Networks and Cyber Security, B. Gupta, G. Perez, D. Agrawal, D. Gupta. Eds., Springer, 2020. pp. 873–888.
K. A. Taher, B. M. Y. Jisan, and M. M. Rahman, “Network intrusion detection using supervised machine learning technique with feature selection,” in 2019 Int. Conf. Robot. Elect. Signal Process. Tech., 10–12 Jan. 2019, pp. 643–64, doi:https://doi.org/10.1109/ICREST.2019.8644161
S. Naeem and A. Ali, “Bees algorithm based solution of non-convex dynamic power dispatch issues in thermal units,” J. Appl. Emerg. Sci., vol. 12, no. 1, 2022.
M. Latah and l. Toker, “An efficient flow-based multi-level hybrid intrusion detection system for software-defined networks,” CCF Trans. Netw., vol. 3, no. 3, pp. 261–271, 2020, doi: https://doi.org/10.1007/s42045-020-00040-z
J. Gu and S. Lu, “An effective intrusion detection approach using SVM with naïve Bayes feature embedding,” Comput. Secur., vol. 103, Art. no. 102158, 2021, doi: https://doi.org/10.1016/j.cose.2020.102158
P. Pokharel, R. Pokhrel, and S. Sigdel, “Intrusion detection system based on hybrid classifier and user profile enhancement techniques,” in 2020 Int. Work. Big Data Inform. Secur., pp. 137–144, 2020.
A. Kumari and A. K. Mehta, “A hybrid intrusion detection system based on decision tree
and support vector machine,” In 2020 IEEE 5th Int. Conf. Comput. Commun. Autom., Greater Noida, India, Oct. 30–31, 2020, pp. 396–400.
S. M. Taghavinejad, M. Taghavinejad, L. Shahmiri, M. Zavvar, and M. H. Zavvar, “Intrusion detection in iot-based smart grid using hybrid decision tree,” in 2020 6th Int. Conf. Web Res., Tehran, Iran, Apr. 22–23, 2020, pp. 152–156, https://doi.org/10.1109/ICWR49608.2020.9122320
A. V. Kachavimath, S. V. Nazare, and S. S. Akki, “Distributed denial of service attack detection using naïve bayes and k-nearest neighbor for network forensics,” in 2020 2nd Int. Conf. Innov. Mecha. Indust. Appl., Bangalore, India, Mar. 5–7, 2020, pp. 711–717, doi: https://doi.org/10.1109/ICIMIA48430.2020.9074929
G. Sah and S. Banerjee, “Feature reduction and classifications techniques for intrusion detection system,” in 2020 Int. Conf. Commun. Sig. Process., Chennai, India, July 28-30, 2020, pp. 1543-1547, doi:https://doi.org/10.1109/ICCSP 48568.2020.9182216
S. Waskle, L. Parashar, and U. Singh, “intrusion detection system using PCA with random forest approach,” in 2020 Int. Conf. Electron. Sustain. Commun. Syst., Coimbatore, India, July 2–4, 2020 pp. 803– 808, doi: https://doi.org/10.1109/ICESC 48915.2020.9155656
Q. R. S. Fitni and K. Ramli, “Implementation of ensemble learning and feature selection for performance improvements in anomaly-based intrusion detection systems,” In 2020 IEEE Int. Conf. Indust. 4.0, Artif. Intell. Commun. Technol., Bali, Indonesia, July 7–8, 2020, pp. 118–124, doi: https://doi.org/10.1109/IAICT 50021.2020.9172014
M. Ghurab, G. Gaphari, F. Alshami, R. Alshamy, and S. Othman, “A detailed analysis of benchmark datasets for network intrusion detection system,” Asian J. Res. Comput. Sci., vol. 7, no. 4, pp. 14-33, 2021.
M. Ragab and M. F. S. Sabir, “Outlier detection with optimal hybrid deep learning enabled intrusion detection system for ubiquitous and smart environment,” Sustain. Energy Technol. Assess., vol. 52, Art. no. 102311, Aug. 2022, doi: https://doi.org/10.1016/j.seta.2 022.102311
Z. Wang, Y. Liu, D. He, and S. Chan, “Intrusion detection methods based on integrated deep learning model,” Comput. Secur., vol. 103, Art. no. 102177, Apr. 2021, doi: https://doi.org/10.1016/j.cose.2 021.102177
N. Jose and J. Govindarajan, “DOMAIN-Based intelligent network intrusion detection system,” in Invent. Comput. Info. Technol., S. Smys, V. E. Balas, R. Palanisamy, Eds., Singapore, Springer, pp. 449- 462, 2022, doi: https://doi.org/10.1007/978- 981-16-6723-7_34
S. Roy, J. Li, B. J. Choi, and Y. Bai, “A lightweight supervised intrusion detection mechanism for IoT networks,” Future Gener. Comput. Syst., vol. 127, pp. 276–285, Feb. 2022, doi: https://doi.org/10.1016/j.future .2021.09.027
Copyright (c) 2022 Samreen Naeem, Aqib Ali, Sania Anam Ali, Muhammad Munawar Ahmed
This work is licensed under a Creative Commons Attribution 4.0 International License.