{"title":"Deep learning based network intrusion detection system: a systematic literature review and future scopes","authors":"Yogesh, Lalit Mohan Goyal","doi":"10.1007/s10207-024-00896-y","DOIUrl":null,"url":null,"abstract":"<p>With the immense growth of the internet, sensitive, confidential, important corporate and individual data passing through the internet has grown rapidly. Due to the limitation of security systems, potential hackers and attackers have possessed vulnerabilities and attacks for intruding into the network to gain confidential and sensitive information to affect the performance of networks by breaching network confidentiality. Thereby, to counterfeit these attacks and abnormal behaviors, a network intrusion detection system (NIDS), acts as a crucial branch of cybersecurity for analysis and monitoring the network traffic regularly to report and detect abnormal and malicious activities in a network. Currently, various reviews and survey papers have covered various techniques for NIDS, out of which, mostly followed a non-systematic way of approach without an in-depth analysis of techniques and evaluation metrics used by deep learning(DL) based NIDS models. In addition, various reviews focused on machine learning (ML) and DL-based methodology, but with less emphasis on DL techniques (i.e. AE, CNN, DNN, DBN, RNN, and Hybrid DL) based classification. Thereby, the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) methodology was used to accomplish this work by providing a comprehensive and detailed overview of DL-based NIDS. Research papers for this work were collected from five well-known databases (ScienceDirect, IEEE, Hindawi, SpringerNature, and MDPI) which were cut among several reputable conference proceedings and reputable journals. Across the 750 articles identified in the literature, 72 research papers were finally marked and selected for synthesis and analysis to find the answers to research questions. In addition, we identified various potential research challenges in the current domain based on research findings. Lastly, to design an efficient NIDS, we concluded our study by identifying high-impact and promising future research areas in the NIDS domain.</p>","PeriodicalId":50316,"journal":{"name":"International Journal of Information Security","volume":"216 1","pages":""},"PeriodicalIF":2.4000,"publicationDate":"2024-08-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Journal of Information Security","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1007/s10207-024-00896-y","RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
With the immense growth of the internet, sensitive, confidential, important corporate and individual data passing through the internet has grown rapidly. Due to the limitation of security systems, potential hackers and attackers have possessed vulnerabilities and attacks for intruding into the network to gain confidential and sensitive information to affect the performance of networks by breaching network confidentiality. Thereby, to counterfeit these attacks and abnormal behaviors, a network intrusion detection system (NIDS), acts as a crucial branch of cybersecurity for analysis and monitoring the network traffic regularly to report and detect abnormal and malicious activities in a network. Currently, various reviews and survey papers have covered various techniques for NIDS, out of which, mostly followed a non-systematic way of approach without an in-depth analysis of techniques and evaluation metrics used by deep learning(DL) based NIDS models. In addition, various reviews focused on machine learning (ML) and DL-based methodology, but with less emphasis on DL techniques (i.e. AE, CNN, DNN, DBN, RNN, and Hybrid DL) based classification. Thereby, the Preferred Reporting Items for Systematic Reviews and Meta-Analyses (PRISMA) methodology was used to accomplish this work by providing a comprehensive and detailed overview of DL-based NIDS. Research papers for this work were collected from five well-known databases (ScienceDirect, IEEE, Hindawi, SpringerNature, and MDPI) which were cut among several reputable conference proceedings and reputable journals. Across the 750 articles identified in the literature, 72 research papers were finally marked and selected for synthesis and analysis to find the answers to research questions. In addition, we identified various potential research challenges in the current domain based on research findings. Lastly, to design an efficient NIDS, we concluded our study by identifying high-impact and promising future research areas in the NIDS domain.
期刊介绍:
The International Journal of Information Security is an English language periodical on research in information security which offers prompt publication of important technical work, whether theoretical, applicable, or related to implementation.
Coverage includes system security: intrusion detection, secure end systems, secure operating systems, database security, security infrastructures, security evaluation; network security: Internet security, firewalls, mobile security, security agents, protocols, anti-virus and anti-hacker measures; content protection: watermarking, software protection, tamper resistant software; applications: electronic commerce, government, health, telecommunications, mobility.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
