Meta-analysis and systematic review for anomaly network intrusion detection systems: Detection methods, dataset, validation methodology, and challenges

IF 1.3 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS IET Networks Pub Date : 2024-06-18 DOI:10.1049/ntw2.12128

Ziadoon K. Maseer, Qusay Kanaan Kadhim, Baidaa Al-Bander, Robiah Yusof, Abdu Saif

{"title":"Meta-analysis and systematic review for anomaly network intrusion detection systems: Detection methods, dataset, validation methodology, and challenges","authors":"Ziadoon K. Maseer, Qusay Kanaan Kadhim, Baidaa Al-Bander, Robiah Yusof, Abdu Saif","doi":"10.1049/ntw2.12128","DOIUrl":null,"url":null,"abstract":"<p>Intrusion detection systems built on artificial intelligence (AI) are presented as latent mechanisms for actively detecting fresh attacks over a complex network. The authors used a qualitative method for analysing and evaluating the performance of network intrusion detection system (NIDS) in a systematic way. However, their approach has limitations as it only identifies gaps by analysing and summarising data comparisons without considering quantitative measurements of NIDS's performance. The authors provide a detailed discussion of various deep learning (DL) methods and explain data intrusion networks based on an infrastructure of networks and attack types. The authors’ main contribution is a systematic review that utilises meta-analysis to provide an in-depth analysis of DL and traditional machine learning (ML) in notable recent works. The authors assess validation methodologies and clarify recent trends related to dataset intrusion, detected attacks, and classification tasks to improve traditional ML and DL in NIDS-based publications. Finally, challenges and future developments are discussed to pose new risks and complexities for network security.</p>","PeriodicalId":46240,"journal":{"name":"IET Networks","volume":"13 5-6","pages":"339-376"},"PeriodicalIF":1.3000,"publicationDate":"2024-06-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1049/ntw2.12128","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"IET Networks","FirstCategoryId":"1085","ListUrlMain":"https://onlinelibrary.wiley.com/doi/10.1049/ntw2.12128","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 0

Abstract

Intrusion detection systems built on artificial intelligence (AI) are presented as latent mechanisms for actively detecting fresh attacks over a complex network. The authors used a qualitative method for analysing and evaluating the performance of network intrusion detection system (NIDS) in a systematic way. However, their approach has limitations as it only identifies gaps by analysing and summarising data comparisons without considering quantitative measurements of NIDS's performance. The authors provide a detailed discussion of various deep learning (DL) methods and explain data intrusion networks based on an infrastructure of networks and attack types. The authors’ main contribution is a systematic review that utilises meta-analysis to provide an in-depth analysis of DL and traditional machine learning (ML) in notable recent works. The authors assess validation methodologies and clarify recent trends related to dataset intrusion, detected attacks, and classification tasks to improve traditional ML and DL in NIDS-based publications. Finally, challenges and future developments are discussed to pose new risks and complexities for network security.

Abstract Image

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

异常网络入侵检测系统的元分析和系统综述：检测方法、数据集、验证方法和挑战

建立在人工智能（AI）基础上的入侵检测系统是主动检测复杂网络上新攻击的潜在机制。作者采用定性方法系统地分析和评估了网络入侵检测系统（NIDS）的性能。不过，他们的方法也有局限性，因为这种方法只通过分析和总结数据比较找出差距，而没有考虑对 NIDS 性能进行定量测量。作者详细讨论了各种深度学习（DL）方法，并根据网络和攻击类型的基础架构解释了数据入侵网络。作者的主要贡献在于利用荟萃分析法进行了系统综述，对近期著名作品中的深度学习和传统机器学习（ML）进行了深入分析。作者评估了验证方法，并阐明了与数据集入侵、检测到的攻击和分类任务相关的最新趋势，以改进基于 NIDS 的出版物中的传统 ML 和 DL。最后，作者还讨论了网络安全面临的新风险和复杂性所带来的挑战和未来发展。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

IET Networks COMPUTER SCIENCE, INFORMATION SYSTEMS-

CiteScore

5.00

自引率

0.00%

发文量

审稿时长

33 weeks

期刊介绍： IET Networks covers the fundamental developments and advancing methodologies to achieve higher performance, optimized and dependable future networks. IET Networks is particularly interested in new ideas and superior solutions to the known and arising technological development bottlenecks at all levels of networking such as topologies, protocols, routing, relaying and resource-allocation for more efficient and more reliable provision of network services. Topics include, but are not limited to: Network Architecture, Design and Planning, Network Protocol, Software, Analysis, Simulation and Experiment, Network Technologies, Applications and Services, Network Security, Operation and Management.