A study of network intrusion detection systems using artificial intelligence/machine learning

Abstract

The rapid growth of the Internet and communications has resulted in a huge increase in transmitted data. These data are coveted by attackers and they continuously create novel attacks to steal or corrupt these data. The growth of these attacks is an issue for the security of our systems and represents one of the biggest challenges for intrusion detection. An intrusion detection system (IDS) is a tool that helps to detect intrusions by inspecting the network traffic. Although many researchers have studied and created new IDS solutions, IDS still needs improving in order to have good detection accuracy while reducing false alarm rates. In addition, many IDS struggle to detect zero-day attacks. Recently, machine learning algorithms have become popular with researchers to detect network intrusion in an efficient manner and with high accuracy. This paper presents the concept of IDS and provides a taxonomy of machine learning methods. The main metrics used to assess an IDS are presented and a review of recent IDS using machine learning is provided where the strengths and weaknesses of each solution is outlined. Then, details of the different datasets used in the studies are provided and the accuracy of the results from the reviewed work is discussed. Finally, observations, research challenges and future trends are discussed.