Hamza Kheddar;Diana W. Dawoud;Ali Ismail Awad;Yassine Himeur;Muhammad Khurram Khan
{"title":"Reinforcement-Learning-Based Intrusion Detection in Communication Networks: A Review","authors":"Hamza Kheddar;Diana W. Dawoud;Ali Ismail Awad;Yassine Himeur;Muhammad Khurram Khan","doi":"10.1109/COMST.2024.3484491","DOIUrl":null,"url":null,"abstract":"Modern communication networks have to meet the performance requirements of contemporary industrial control systems (ICSs), which are increasingly being connected to the external Internet. This connectivity exposes them to vulnerabilities that necessitate timely and effective protection measures. The integration of intrusion-detection systems (IDSs) into communication networks serves as a preventive mechanism to defend against malicious threats and hostile activities, ensuring secure operations within the broader industrial infrastructure. This review explores the cutting-edge artificial-intelligence techniques that are employed in the development of IDSs for diverse industrial control networks, emphasizing the application of deep reinforcement learning (DRL) within IDS-based systems across various communication networks. DRL has been successful in solving complex sequential decision-making problems in various domains, including robotics, game playing, and natural-language processing. The review examines a broad scope of publications, and these are categorized into three groups: DRL-only and IDS-only in the introduction and background, and DRL-based IDS papers in the core section of the review. This seeks to provide researchers with an overview of the current state of DRL approaches in IDSs for various network types. Through a meticulous comparative analysis with existing surveys, our review stands out, emphasizing its uniqueness and comprehensiveness. This inclusivity extends beyond traditional boundaries, encompassing a wide array of IDS techniques and environments, ranging from the Internet of Things to ICSs, smart grids, and other domains. Additionally, this review provides useful information such as the datasets used, types of DRL employed, pretrained networks, IDS techniques, evaluation metrics, and improvements gained. Furthermore, the algorithms and methods used in several studies are presented to illustrate the principles of each DRL-based IDS subcategory clearly and in depth. A detailed taxonomy is presented, providing nuanced insights into diverse applications with a triple focus on IDSs, deep-learning, and DRL techniques, which makes this review unique.","PeriodicalId":55029,"journal":{"name":"IEEE Communications Surveys and Tutorials","volume":"27 4","pages":"2420-2469"},"PeriodicalIF":34.4000,"publicationDate":"2024-10-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=10729241","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IEEE Communications Surveys and Tutorials","FirstCategoryId":"94","ListUrlMain":"https://ieeexplore.ieee.org/document/10729241/","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}
引用次数: 0
Abstract
Modern communication networks have to meet the performance requirements of contemporary industrial control systems (ICSs), which are increasingly being connected to the external Internet. This connectivity exposes them to vulnerabilities that necessitate timely and effective protection measures. The integration of intrusion-detection systems (IDSs) into communication networks serves as a preventive mechanism to defend against malicious threats and hostile activities, ensuring secure operations within the broader industrial infrastructure. This review explores the cutting-edge artificial-intelligence techniques that are employed in the development of IDSs for diverse industrial control networks, emphasizing the application of deep reinforcement learning (DRL) within IDS-based systems across various communication networks. DRL has been successful in solving complex sequential decision-making problems in various domains, including robotics, game playing, and natural-language processing. The review examines a broad scope of publications, and these are categorized into three groups: DRL-only and IDS-only in the introduction and background, and DRL-based IDS papers in the core section of the review. This seeks to provide researchers with an overview of the current state of DRL approaches in IDSs for various network types. Through a meticulous comparative analysis with existing surveys, our review stands out, emphasizing its uniqueness and comprehensiveness. This inclusivity extends beyond traditional boundaries, encompassing a wide array of IDS techniques and environments, ranging from the Internet of Things to ICSs, smart grids, and other domains. Additionally, this review provides useful information such as the datasets used, types of DRL employed, pretrained networks, IDS techniques, evaluation metrics, and improvements gained. Furthermore, the algorithms and methods used in several studies are presented to illustrate the principles of each DRL-based IDS subcategory clearly and in depth. A detailed taxonomy is presented, providing nuanced insights into diverse applications with a triple focus on IDSs, deep-learning, and DRL techniques, which makes this review unique.
期刊介绍:
IEEE Communications Surveys & Tutorials is an online journal published by the IEEE Communications Society for tutorials and surveys covering all aspects of the communications field. Telecommunications technology is progressing at a rapid pace, and the IEEE Communications Society is committed to providing researchers and other professionals the information and tools to stay abreast. IEEE Communications Surveys and Tutorials focuses on integrating and adding understanding to the existing literature on communications, putting results in context. Whether searching for in-depth information about a familiar area or an introduction into a new area, IEEE Communications Surveys & Tutorials aims to be the premier source of peer-reviewed, comprehensive tutorials and surveys, and pointers to further sources. IEEE Communications Surveys & Tutorials publishes only articles exclusively written for IEEE Communications Surveys & Tutorials and go through a rigorous review process before their publication in the quarterly issues.
A tutorial article in the IEEE Communications Surveys & Tutorials should be designed to help the reader to become familiar with and learn something specific about a chosen topic. In contrast, the term survey, as applied here, is defined to mean a survey of the literature. A survey article in IEEE Communications Surveys & Tutorials should provide a comprehensive review of developments in a selected area, covering its development from its inception to its current state and beyond, and illustrating its development through liberal citations from the literature. Both tutorials and surveys should be tutorial in nature and should be written in a style comprehensible to readers outside the specialty of the article.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
