| Abstrakt: |
Anomaly intrusion detection is a critical component of modern cybersecurity systems, aiming to identify and flag abnormal activities or behaviors that deviate from expected patterns within computer networks. Unlike signature-based intrusion detection systems that rely on known attack patterns, anomaly detection techniques focus on detecting unknown or novel attacks that lack predefined signatures. In recent years, machine learning and deep learning techniques have emerged as promising solutions to provide an additional layer of defense against emerging threats and zero-day attacks. This survey article provides a comprehensive review of the state of the art in network intrusion detection using ML and DL. We start by presenting an overview of the challenges and requirements associated with intrusion detection in today's dynamic network environments. We then delve into the fundamental concepts and methodologies of ML and DL, highlighting their strengths and limitations when applied to intrusion detection. We discuss the various types of network intrusion detection datasets commonly used in research, along with the preprocessing techniques employed to ensure data quality. We explore different feature selection and extraction methods that enable the effective representation of network traffic data, facilitating accurate intrusion detection. We review their architectural designs, training processes, and optimization techniques while discussing their performance in terms of detection accuracy. We highlight the current research trends and challenges in the field, including adversarial attacks, interpretability, scalability, and real-time processing. We conclude with potential future directions and recommendations for researchers and practitioners. [ABSTRACT FROM AUTHOR] |
