A Survey on Data-driven Network Intrusion Detection

被引:89
作者
Chou, Dylan [1 ]
Jiang, Meng [2 ]
机构
[1] Carnegie Mellon Univ, Pittsburgh, PA 15213 USA
[2] Univ Notre Dame, Notre Dame, IN 46556 USA
来源
ACM COMPUTING SURVEYS | 2022年 / 54卷 / 09期
关键词
Network intrusion detection; data mining; machine learning; DEEP LEARNING APPROACH; FEATURE-SELECTION; DETECTION SYSTEM; ANOMALY DETECTION; NEURAL-NETWORKS; DATA STREAMS; ROUGH SET; ALGORITHM; ENSEMBLE; DIMENSIONALITY;
D O I
10.1145/3472753
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
Data-driven network intrusion detection (NID) has a tendency towards minority attack classes compared to normal traffic. Many datasets are collected in simulated environments rather than real-world networks. These challenges undermine the performance of intrusion detection machine learning models by fitting machine learning models to unrepresentative "sandbox" datasets. This survey presents a taxonomy with eight main challenges and explores common datasets from 1999 to 2020. Trends are analyzed on the challenges in the past decade and future directions are proposed on expanding NID into cloud-based environments, devising scalable models for large network data, and creating labeled datasets collected in real-world networks.
引用
收藏
页数:36
相关论文
共 201 条
[41]   Casting out demons: Sanitizing training data for anomaly sensors [J].
Cretu, Gabriela F. ;
Stavrou, Angelos ;
Locasto, Michael E. ;
Stolfo, Salvatore J. .
PROCEEDINGS OF THE 2008 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 2008, :81-+
[42]   LITNET-2020: An Annotated Real-World Network Flow Dataset for Network Intrusion Detection [J].
Damasevicius, Robertas ;
Venckauskas, Algimantas ;
Grigaliunas, Sarunas ;
Toldinas, Jevgenijus ;
Morkevicius, Nerijus ;
Aleliunas, Tautvydas ;
Smuikys, Paulius .
ELECTRONICS, 2020, 9 (05)
[43]   Data preprocessing for anomaly based network intrusion detection: A review [J].
Davis, Jonathan J. ;
Clark, Andrew J. .
COMPUTERS & SECURITY, 2011, 30 (6-7) :353-375
[44]   PCA filtering and probabilistic SOM for network intrusion detection [J].
De la Hoz, Eduardo ;
De La Hoz, Emiro ;
Ortiz, Andres ;
Ortega, Julio ;
Prieto, Beatriz .
NEUROCOMPUTING, 2015, 164 :71-81
[45]  
Divekar A, 2018, PROCEEDINGS ON 2018 IEEE 3RD INTERNATIONAL CONFERENCE ON COMPUTING, COMMUNICATION AND SECURITY (ICCCS), P1, DOI 10.1109/CCCS.2018.8586840
[46]  
Dokas P., 2002, Proceeding NSF Workshop on Next Generation Data Mining, P21
[47]  
Dong YT, 2019, PROCEEDINGS OF 2019 IEEE 8TH JOINT INTERNATIONAL INFORMATION TECHNOLOGY AND ARTIFICIAL INTELLIGENCE CONFERENCE (ITAIC 2019), P1221, DOI [10.1109/ITAIC.2019.8785714, 10.1109/itaic.2019.8785714]
[48]   A novel feature-selection approach based on the cuttlefish optimization algorithm for intrusion detection systems [J].
Eesa, Adel Sabry ;
Orman, Zeynep ;
Brifcani, Adnan Mohsin Abdulazeez .
EXPERT SYSTEMS WITH APPLICATIONS, 2015, 42 (05) :2670-2679
[49]   Evolving deep learning architectures for network intrusion detection using a double PSO metaheuristic [J].
Elmasry, Wisam ;
Akbulut, Akhan ;
Zaim, Abdul Halim .
COMPUTER NETWORKS, 2020, 168
[50]   Intrusion Detection Using Big Data and Deep Learning Techniques [J].
Faker, Osama ;
Dogdu, Erdogan .
PROCEEDINGS OF THE 2019 ANNUAL ACM SOUTHEAST CONFERENCE (ACMSE 2019), 2019, :86-93
12345678910