Shallow and Deep Networks Intrusion Detection System: A Taxonomy and Survey

TL;DR

This paper provides a comprehensive taxonomy and survey of shallow and deep learning-based intrusion detection systems, analyzing their techniques, performance, and feature selection impacts to guide future research.

Contribution

It introduces a detailed taxonomy of IDS using shallow and deep networks and reviews their machine learning techniques, performance, and feature selection considerations.

Findings

Analyzes the performance of ML techniques in IDS detection accuracy

Highlights the importance of feature selection in ML-based IDS

Discusses false and true positive rates for reliable IDS modeling

Abstract

Intrusion detection has attracted a considerable interest from researchers and industries. The community, after many years of research, still faces the problem of building reliable and efficient IDS that are capable of handling large quantities of data, with changing patterns in real time situations. The work presented in this manuscript classifies intrusion detection systems (IDS). Moreover, a taxonomy and survey of shallow and deep networks intrusion detection systems is presented based on previous and current works. This taxonomy and survey reviews machine learning techniques and their performance in detecting anomalies. Feature selection which influences the effectiveness of machine learning (ML) IDS is discussed to explain the role of feature selection in the classification and training phase of ML IDS. Finally, a discussion of the false and true positive alarm rates is presented to help researchers model reliable and efficient machine learning based intrusion detection systems.