Deep Learning-Based Network Intrusion Detection Systems: A Systematic Literature Review

Machine Learning algorithms have been used to develop models in different fields like banking, healthcare, transportation, cybersecurity, and others. Many studies have shown the use of Machine Learning in network security by detecting network intrusions. However, the increase in user devices increases the data size and hence increases the complexity of the network. Cyber attackers continue to create advanced cyber attacks, and identifying them becomes extremely challenging. On the other hand, traditional Machine Learning models cannot efficiently handle large amounts of data and complexity. Therefore, this study examines how Deep Learning methods can be implemented for the Network Intrusion Detection Systems. The Network Intrusion Detection System (NIDS) helps to secure businesses within companies' networks from bad actors. As Deep Learning advances, network security experts must incorporate the techniques within the NIDS to minimize the effects of cyber attacks. For the investigation of the Deep Learning techniques in implementing NIDS, a study used Preferred Reporting Items for Systematic reviews and Meta-Analysis (PRISMA) framework to conduct a systematic literature review and summarizes 111 studies published between 2021 and November 2023. Articles were analyzed by categorizing them into Deep Learning algorithms, architectures and datasets. The performance comparisons have been evaluated based on available articles' results on various datasets. Methods have been compared based on precision, recall and F1 score metrics. The results revealed that the most commonly used datasets are CICIDS2017, CSE-CIC-IDS2018, CICDDoS2019, NSL-KDD and UNSW-NB15. Furthermore, it was observed that hybrid implementation approaches have been shown to produce accurate and robust models compared with traditional methods. Finally, the results further demonstrated the need to explore using Machine Learning in NIDS.