A Survey on Data-driven Network Intrusion Detection

被引:89
作者
Chou, Dylan [1 ]
Jiang, Meng [2 ]
机构
[1] Carnegie Mellon Univ, Pittsburgh, PA 15213 USA
[2] Univ Notre Dame, Notre Dame, IN 46556 USA
关键词
Network intrusion detection; data mining; machine learning; DEEP LEARNING APPROACH; FEATURE-SELECTION; DETECTION SYSTEM; ANOMALY DETECTION; NEURAL-NETWORKS; DATA STREAMS; ROUGH SET; ALGORITHM; ENSEMBLE; DIMENSIONALITY;
D O I
10.1145/3472753
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Data-driven network intrusion detection (NID) has a tendency towards minority attack classes compared to normal traffic. Many datasets are collected in simulated environments rather than real-world networks. These challenges undermine the performance of intrusion detection machine learning models by fitting machine learning models to unrepresentative "sandbox" datasets. This survey presents a taxonomy with eight main challenges and explores common datasets from 1999 to 2020. Trends are analyzed on the challenges in the past decade and future directions are proposed on expanding NID into cloud-based environments, devising scalable models for large network data, and creating labeled datasets collected in real-world networks.
引用
收藏
页数:36
相关论文
共 201 条
[1]  
AbdElrahman SM, 2014, 2014 14TH INTERNATIONAL CONFERENCE ON HYBRID INTELLIGENT SYSTEMS (HIS), P181, DOI 10.1109/HIS.2014.7086194
[2]   Deep and Machine Learning Approaches for Anomaly-Based Intrusion Detection of Imbalanced Network Traffic [J].
Abdulhammed, Razan ;
Faezipour, Miad ;
Abuzneid, Abdelshakour ;
AbuMallouh, Arafat .
IEEE SENSORS LETTERS, 2019, 3 (01)
[3]  
Adetunmbi A.O., 2008, International Journal of Computing and ICT Research, V2, P60
[4]   A survey of network anomaly detection techniques [J].
Ahmed, Mohiuddin ;
Mahmood, Abdun Naser ;
Hu, Jiankun .
JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2016, 60 :19-31
[5]   Robust adaptive multivariate Hotelling's T2 control chart based on kernel density estimation for intrusion detection system [J].
Ahsan, Muhammad ;
Mashuri, Muhammad ;
Lee, Muhammad Hisyam ;
Kuswanto, Heri ;
Prastyo, Dedy Dwi .
EXPERT SYSTEMS WITH APPLICATIONS, 2020, 145
[6]   Investigating Adversarial Attacks against Network Intrusion Detection Systems in SDNs [J].
Aiken, James ;
Scott-Hayward, Sandra .
2019 IEEE CONFERENCE ON NETWORK FUNCTION VIRTUALIZATION AND SOFTWARE DEFINED NETWORKS (IEEE NFV-SDN), 2019,
[7]   Machine-Learning-Based Feature Selection Techniques for Large-Scale Network Intrusion Detection [J].
Al-Jarrah, O. Y. ;
Siddiqui, A. ;
Elsalamouny, M. ;
Yoo, P. D. ;
Muhaidat, S. ;
Kim, K. .
2014 IEEE 34TH INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS WORKSHOPS (ICDCSW), 2014, :177-181
[8]   Deep Learning Approach Combining Sparse Autoencoder With SVM for Network Intrusion Detection [J].
Al-Qatf, Majjed ;
Yu Lasheng ;
Al-Habib, Mohammed ;
Al-Sabahi, Kamal .
IEEE ACCESS, 2018, 6 :52843-52856
[9]   Hypervisor-based cloud intrusion detection through online multivariate statistical change tracking [J].
Aldribi, Abdulaziz ;
Traore, Issa ;
Moa, Belaid ;
Nwamuo, Onyekachi .
COMPUTERS & SECURITY, 2020, 88
[10]  
Allix K., 2014, Machine Learning-Based Malware Detection for Android Applications: History Matters!