Review of Machine Learning Algorithm for Intrusion Detection System
Keywords:
Intrusion Detection System, Machine Learning, Review, SLRAbstract
Intrusion Detection Systems (IDS) are essential components in cybersecurity that aim to detect, identify, and mitigate threats to information systems. In recent years, the application of machine learning algorithms has significantly enhanced the effectiveness of IDS. This systematic literature review (SLR) analyzes and summarizes research studies on IDS using machine learning techniques from 2019 to 2023. The review focuses on key aspects such as datasets, machine learning algorithms, and types of attacks detected. The analysis reveals that Support Vector Machine (SVM) and Random Forest (RF) are the most frequently employed algorithms due to their high accuracy and robustness. Datasets such as NSL-KDD, KDD-Cup’99, and UNSW-NB15 are commonly used for training and evaluating IDS models. Various attack types, including Denial of Service (DoS), User to Root (U2R), Remote to Local (R2L), and Probing, are addressed in these studies. This SLR highlights the strengths and limitations of different machine learning approaches in IDS, offering insights into current trends and future research directions. The findings suggest a growing trend towards the use of ensemble methods and optimization techniques to improve IDS performance. Additionally, the review underscores the importance of diverse and realistic datasets for the accurate evaluation of IDS models. This comprehensive analysis aims to provide researchers and practitioners with a detailed understanding of the advancements in IDS using machine learning, guiding future research and development in this critical area of cybersecurity
References
Abdulrahman, A. A., & Ibrahem, M. K. (2021). Intrusion detection system using data stream classification. Iraqi Journal of Science, 62(1), 319–328. https://doi.org/10.24996/ijs.2021.62.1.30
Ajdani, M., & Ghaffary, H. (2021a). Design network intrusion detection system using support vector machine. International Journal of Communication Systems, 34(3), 1–10. https://doi.org/10.1002/dac.4689
Ajdani, M., & Ghaffary, H. (2021b). Introduced a new method for enhancement of intrusion detection with random forest and PSO algorithm. Security and Privacy, 4(2), 1–10. https://doi.org/10.1002/spy2.147
Alamiedy, T. A., Anbar, M., Alqattan, Z. N. M., & Alzubi, Q. M. (2020). Anomaly-based intrusion detection system using multi-objective grey wolf optimisation algorithm. Journal of Ambient Intelligence and Humanized Computing, 11(9), 3735–3756. https://doi.org/10.1007/s12652-019-01569-8
Albahar, M. A., Binsawad, M., Almalki, J., & ... (2020). Improving intrusion detection system using artificial neural network. (IJACSA) International Journal of Advanced Computer Science and Applications, 11(6), 578–588. https://doi.org/https://dx.doi.org/10.14569/IJACSA.2020.0110670
Ali, A. H., Aljanabi, M., & Ahmed, M. A. (2020). Fuzzy generalized hebbian algorithm for large-scale intrusion detection system. International Journal of Integrated Engineering, 12(1), 81–90. https://doi.org/10.30880/ijie.2020.12.01.008
Altwaijry, H., & Algarny, S. (2012). Bayesian based intrusion detection system. Journal of King Saud University - Computer and Information Sciences, 24(1), 1–6. https://doi.org/10.1016/j.jksuci.2011.10.001
Al-Yaseen, W. L. (2019). Improving intrusion detection system by developing feature selection model based on firefly algorithm and support vector machine. IAENG International Journal of Computer Science, 46(4), 1–7. https://www.scopus.com/inward/record.uri?eid=2-s2.0-85077145406&partnerID=40&md5=ccf0f8fb4257444332c608c72ca10255
Anitha, P., & Kaarthick, B. (2021). Oppositional based Laplacian grey wolf optimization algorithm with SVM for data mining in intrusion detection system. Journal of Ambient Intelligence and Humanized Computing, 12(3), 3589–3600. https://doi.org/10.1007/s12652-019-01606-6
Aziz, M. N., & Ahmad, T. (2021). Clustering under-sampling data for improving the performance of intrusion detection system. Journal of Engineering Science and Technology, 16(2), 1342–1355.
Balyan, A. K., Ahuja, S., Lilhore, U. K., Sharma, S. K., Manoharan, P., Algarni, A. D., Elmannai, H., & Raahemifar, K. (2022). A Hybrid Intrusion Detection Model Using EGA-PSO and Improved Random Forest Method. In Sensors (Vol. 22, Issue 16). https://doi.org/10.3390/s22165986
Bhati, B. S., & Rai, C. S. (2019). Analysis of Support Vector Machine-based Intrusion Detection Techniques. Arabian Journal for Science and Engineering, 45(4), 2371–2383. https://doi.org/10.1007/s13369-019-03970-z
Chang, W.-Y., Chen, Y.-L., Chen, H., & Tsai, C.-W. (2020). An Effective Hyperparameter Selection for Deep Learning Algorithm in Intrusion Detection System. Communications_of_the_CCISA, 26(4), 1–16.
Chen, F., Cheng, R., Zhu, Y., Miao, S., & Zhou, L. (2020). An Intrusion Detection Method for Enterprise Network Based on Backpropagation Neural Network. Ingenierie Des Systemes d’Information, 25(3), 377–382. https://doi.org/10.18280/isi.250313
Dwivedi, S., Vardhan, M., & Tripathi, S. (2022). Defense against distributed DoS attack detection by using intelligent evolutionary algorithm. International Journal of Computers and Applications, 44(3), 219–229. https://doi.org/10.1080/1206212X.2020.1720951
Farooq, M. (2022). Supervised Learning Techniques for Intrusion Detection System based on Multi-layer Classification Approach. International Journal of Advanced Computer Science and Applications, 13(3), 311–315. https://doi.org/10.14569/IJACSA.2022.0130338
Farzadnia, E., Shirazi, H., & Nowroozi, A. (2021). A New Intrusion Detection System Using the Improved Dendritic Cell Algorithm. Computer Journal, 64(8), 1193–1214. https://doi.org/10.1093/comjnl/bxaa140
Gurung, S., Kanti Ghose, M., & Subedi, A. (2019). Deep Learning Approach on Network Intrusion Detection System using NSL-KDD Dataset. International Journal of Computer Network and Information Security, 11(3), 8–14. https://doi.org/10.5815/ijcnis.2019.03.02
Guntoro, G., Lisnawita, L., & Costaner, L. (2024). Enhancing Cybersecurity: Innovative Hybrid Feature Selection for Intrusion Detection. https://doi.org/10.4108/eai.30-10-2023.2343092
Hamza, M. A., Abdalla Hashim, A. H., Mohamed, H. G., Alotaibi, S. S., Mahgoub, H., Mehanna, A. S., & Motwakel, A. (2022). Hyperparameter Tuned Deep Learning Enabled Intrusion Detection on Internet of Everything Environment. Computers, Materials and Continua, 73(3), 6579–6594. https://doi.org/10.32604/cmc.2022.031303
Iqbal, A., & Aftab, S. (2019). A feed-forward and pattern recognition ANN model for network intrusion detection. International Journal of Computer Network and Information Security (IJCNIS), 4(3), 19–25. https://doi.org/10.5815/ijcnis.2019.04.03
Kasongo, S. M., & Sun, Y. (2020). Performance Analysis of Intrusion Detection Systems Using a Feature Selection Method on the UNSW-NB15 Dataset. Journal of Big Data, 7(1). https://doi.org/10.1186/s40537-020-00379-6
Khan, M. A., Iqbal, N., Imran, Jamil, H., & Kim, D.-H. (2023). An optimized ensemble prediction model using AutoML based on soft voting classifier for network intrusion detection. Journal of Network and Computer Applications, 212, 103560. https://doi.org/https://doi.org/10.1016/j.jnca.2022.103560
Khonde, S. R., & Ulagamuthalvi, V. (2019). Ensemble-based semi-supervised learning approach for a distributed intrusion detection system. Journal of Cyber Security Technology ISSN:, 3(3), 1–26. https://doi.org/10.1080/23742917.2019.1623475
Kilichev, D., & Kim, W. (2023). Hyperparameter Optimization for 1D-CNN-Based Network Intrusion Detection Using GA and PSO. Mathematics, 11(17), 1–31. https://doi.org/10.3390/math11173724
Kocher, G., & Kumar, G. (2021). Analysis of Machine Learning Algorithms with Feature Selection for Intrusion Detection using UNSW-NB15 Dataset. International Journal of Network Security & Its Applications, 13(1), 21–31. https://doi.org/10.5121/ijnsa.2021.13102
Konasani, V. R., & Kadre, S. (2021). Machine Learning and Deep Learning Using Python and TensorFlow. In Machine Learning and Deep Learning Using Python and TensorFlow. https://www.accessengineeringlibrary.com/content/book/9781260462296%0Ahttps://www.accessengineeringlibrary.com/content/book/9781260462296.abstract
Kshirsagar, D., & Kumar, S. (2021). An efficient feature reduction method for the detection of DoS attack. ICT Express, 7(3), 371–375. https://doi.org/https://doi.org/10.1016/j.icte.2020.12.006
Kunang, Y. N., Nurmaini, S., Stiawan, D., & Suprapto, B. Y. (2020). Improving Classification Attacks in IOT Intrusion Detection System using Bayesian Hyperparameter Optimization. 2020 3rd International Seminar on Research of Information Technology and Intelligent Systems, ISRITI 2020, 146–151. https://doi.org/10.1109/ISRITI51436.2020.9315360
Kunang, Y. N., Nurmaini, S., Stiawan, D., & Suprapto, B. Y. (2021). Attack classification of an intrusion detection system using deep learning and hyperparameter optimization. Journal of Information Security and Applications, 58. https://doi.org/10.1016/j.jisa.2021.102804
Logeswari, G., Bose, S., & Anitha, T. (2023). An Intrusion Detection System for SDN Using Machine Learning. Intelligent Automation and Soft Computing, 35(1), 867–880. https://doi.org/10.32604/iasc.2023.026769
Maniriho, P., Mahoro, L. J., Niyigaba, E., Bizimana, Z., & ... (2020). Detecting intrusions in computer network traffic with machine learning approaches. International Journal of Intelligent Engineering and Systems, 13(3), 433–445. 10.22266/ijies2020.0630.39
Maseer, Z. K., Yusof, R., Bahaman, N., Mostafa, S. A., & Foozy, C. F. M. (2021). Benchmarking of Machine Learning for Anomaly Based Intrusion Detection Systems in the CICIDS2017 Dataset. IEEE Access, 9, 22351–22370. https://doi.org/10.1109/ACCESS.2021.3056614
Masum, M., Shahriar, H., Haddad, H., Faruk, M. J. H., Valero, M., Khan, M. A., Rahman, M. A., Adnan, M. I., Cuzzocrea, A., & Wu, F. (2021). Bayesian Hyperparameter Optimization for Deep Neural Network-Based Network Intrusion Detection. Proceedings - 2021 IEEE International Conference on Big Data, Big Data 2021, Ml, 5413–5419. https://doi.org/10.1109/BigData52589.2021.9671576
Mazini, M., Shirazi, B., & Mahdavi, I. (2019). Anomaly network-based intrusion detection system using a reliable hybrid artificial bee colony and AdaBoost algorithms. Journal of King Saud University - Computer and Information Sciences, 31(4), 541–553. https://doi.org/10.1016/j.jksuci.2018.03.011
Mebawondu, J. O., Alowolodu, O. D., Mebawondu, J. O., & Adetunmbi, A. O. (2020a). Network intrusion detection system using supervised learning paradigm. Scientific African, 9, e00497. https://doi.org/https://doi.org/10.1016/j.sciaf.2020.e00497
Mebawondu, J. O., Alowolodu, O. D., Mebawondu, J. O., & Adetunmbi, A. O. (2020b). Network intrusion detection system using supervised learning paradigm. Scientific African, 9, e00497. https://doi.org/10.1016/j.sciaf.2020.e00497
Meira, J., Andrade, R., Praça, I., Carneiro, J., Bolón-Canedo, V., Alonso-Betanzos, A., & Marreiros, G. (2020). Performance evaluation of unsupervised techniques in cyber-attack anomaly detection. Journal of Ambient Intelligence and Humanized Computing, 11(11), 4477–4489. https://doi.org/10.1007/s12652-019-01417-9
Mighan, S. N., & Kahani, M. (2021). A novel scalable intrusion detection system based on deep learning. International Journal of Information Security, 20(3), 387–403. https://doi.org/10.1007/s10207-020-00508-5
Mousavi, S. M., Majidnezhad, V., & Naghipour, A. (2019). A new intelligent intrusion detector based on ensemble of decision trees. Journal of Ambient Intelligence and Humanized Computing, 13(7), 3347–3359. https://doi.org/10.1007/s12652-019-01596-5
Thakkar, A., & Lohiya, R. (2022). A survey on intrusion detection system: feature selection, model, performance measures, application perspective, challenges, and future research directions. In Artificial Intelligence Review (Vol. 55, Issue 1). Springer Netherlands. https://doi.org/10.1007/s10462-021-10037-9
Thaseen, I. S., Kumar, C. A., & Ahmad, A. (2019). Integrated Intrusion Detection Model Using Chi-Square Feature Selection and Ensemble of Classifiers. Arabian Journal for Science and Engineering, 44(4), 3357–3368. https://doi.org/10.1007/s13369-018-3507-5
Velliangiri, S. (2020). A hybrid BGWO with KPCA for intrusion detection. Journal of Experimental and Theoretical Artificial Intelligence, 32(1), 165–180. https://doi.org/10.1080/0952813X.2019.1647558
Wu, T., Fan, H., Zhu, H., You, C., Zhou, H., & Huang, X. (2022). Intrusion detection system combined enhanced random forest with SMOTE algorithm. Eurasip Journal on Advances in Signal Processing, 2022(1). https://doi.org/10.1186/s13634-022-00871-6
Guntoro, G., & Omar, M. N. B. (2024). A Systematic Literature Review of Intrusion Detection System in Network Security. In Communications in computer and information science (pp. 96–107). https://doi.org/10.1007/978-981-99-9589-9_8
