Machine learning and deep learning methods for intrusion detection systems: recent developments and challenges

• Published in: Soft computing (Berlin, Germany) Vol. 25; no. 15; pp. 9731 - 9763
• Main Authors: Kocher, Geeta, Kumar, Gulshan
• Format: Journal Article
• Language: English
• Published: Berlin/Heidelberg Springer Berlin Heidelberg 01.08.2021
• Subjects: Artificial Intelligence; Computational Intelligence; Control; Engineering; Foundations; Mathematical Logic and Foundations; Mechatronics; Robotics; Deep learning; Recurrent neural network; Deep belief network; Intrusion detection system; Network intrusion detection system
• ISSN: 1432-7643; 1433-7479
• DOI: 10.1007/s00500-021-05893-0

Deep learning (DL) is gaining significant prevalence in every field of study due to its domination in training large data sets. However, several applications are utilizing machine learning (ML) methods from the past several years and reported good performance. However, their limitations in terms of data complexity give rise to DL methods. Intrusion detection is one of the prominent areas in which researchers are extending DL methods. Even though several excellent surveys cover the growing body of research on this subject, the literature lacks a detailed comparison of ML methods such as ANN, SVM, fuzzy approach, swarm intelligence and evolutionary computation methods in intrusion detection, particularly on recent research. In this context, the present paper deals with the systematic review of ML methods and DL methods in intrusion detection. In addition to reviewing ML and DL methods, this paper also focuses on benchmark datasets, performance evaluation measures and various applications of DL methods for intrusion detection. The present paper summarizes the recent work, compares their experimental results for detecting network intrusions. Furthermore, current research challenges are identified for helping fellow researchers in the era of DL-based intrusion detection.