The role of machine and deep learning in modern intrusion detection systems: A comprehensive review

IF 4 3区计算机科学 Q1 COMPUTER SCIENCE, HARDWARE & ARCHITECTURE

Computers & Electrical Engineering Pub Date : 2025-04-17 DOI:10.1016/j.compeleceng.2025.110318

Uday Chandra Akuthota, Lava Bhargava

{"title":"The role of machine and deep learning in modern intrusion detection systems: A comprehensive review","authors":"Uday Chandra Akuthota, Lava Bhargava","doi":"10.1016/j.compeleceng.2025.110318","DOIUrl":null,"url":null,"abstract":"<div><div>Network intrusion benchmark datasets serve an essential role in improving the advancement of research in cybersecurity because they provide standardized resources for assessing the effectiveness of intrusion detection systems and associated cybersecurity solutions. This review article provides a detailed examination of the cutting-edge in network intrusion benchmark datasets, concentrating on their features, content, utilization, and implications for cybersecurity research. We systematically review a wide variety of benchmark datasets that are often utilized in the industry, which include the DARPA, KDDcup99, NSL-KDD, Kyoto, UNSW-NB15, and CICIDS-17 datasets. We analyzed each dataset, including its performance based on machine learning and deep learning models, by critically synthesizing existing literature. Additionally, we discussed the common challenges existing in intrusion detection systems. Furthermore, we provided a description of various machine learning and deep learning algorithms used for intrusion detection applications. This study aims to assist researchers in choosing suitable datasets and techniques for evaluating and benchmarking intrusion detection systems, ultimately advancing cybersecurity research and the development of reliable and efficient cybersecurity solutions.</div></div>","PeriodicalId":50630,"journal":{"name":"Computers & Electrical Engineering","volume":"124 ","pages":"Article 110318"},"PeriodicalIF":4.0000,"publicationDate":"2025-04-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Computers & Electrical Engineering","FirstCategoryId":"94","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S0045790625002617","RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, HARDWARE & ARCHITECTURE","Score":null,"Total":0}

引用次数: 0

Abstract

Network intrusion benchmark datasets serve an essential role in improving the advancement of research in cybersecurity because they provide standardized resources for assessing the effectiveness of intrusion detection systems and associated cybersecurity solutions. This review article provides a detailed examination of the cutting-edge in network intrusion benchmark datasets, concentrating on their features, content, utilization, and implications for cybersecurity research. We systematically review a wide variety of benchmark datasets that are often utilized in the industry, which include the DARPA, KDDcup99, NSL-KDD, Kyoto, UNSW-NB15, and CICIDS-17 datasets. We analyzed each dataset, including its performance based on machine learning and deep learning models, by critically synthesizing existing literature. Additionally, we discussed the common challenges existing in intrusion detection systems. Furthermore, we provided a description of various machine learning and deep learning algorithms used for intrusion detection applications. This study aims to assist researchers in choosing suitable datasets and techniques for evaluating and benchmarking intrusion detection systems, ultimately advancing cybersecurity research and the development of reliable and efficient cybersecurity solutions.

查看原文本刊更多论文

机器和深度学习在现代入侵检测系统中的作用：综述

网络入侵基准数据集为评估入侵检测系统和相关网络安全解决方案的有效性提供了标准化资源，因此在提高网络安全研究进展方面发挥着至关重要的作用。这篇综述文章提供了网络入侵基准数据集的前沿的详细检查，集中在他们的特点，内容，利用，以及对网络安全研究的影响。我们系统地回顾了行业中经常使用的各种基准数据集，包括DARPA， KDDcup99, NSL-KDD，京都，UNSW-NB15和CICIDS-17数据集。通过批判性地综合现有文献，我们分析了每个数据集，包括其基于机器学习和深度学习模型的性能。此外，我们还讨论了入侵检测系统中存在的常见挑战。此外，我们还提供了用于入侵检测应用的各种机器学习和深度学习算法的描述。本研究旨在帮助研究人员选择合适的数据集和技术来评估和基准入侵检测系统，最终推进网络安全研究和开发可靠高效的网络安全解决方案。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Computers & Electrical Engineering 工程技术-工程：电子与电气

CiteScore

9.20

自引率

7.00%

发文量

661

审稿时长

47 days

期刊介绍： The impact of computers has nowhere been more revolutionary than in electrical engineering. The design, analysis, and operation of electrical and electronic systems are now dominated by computers, a transformation that has been motivated by the natural ease of interface between computers and electrical systems, and the promise of spectacular improvements in speed and efficiency. Published since 1973, Computers & Electrical Engineering provides rapid publication of topical research into the integration of computer technology and computational techniques with electrical and electronic systems. The journal publishes papers featuring novel implementations of computers and computational techniques in areas like signal and image processing, high-performance computing, parallel processing, and communications. Special attention will be paid to papers describing innovative architectures, algorithms, and software tools.