基于人工智能的入侵检测方法评述:全面分析

IF 1.7 Q2 ENGINEERING, MULTIDISCIPLINARY
Salman Muneer, Umer Farooq, Atifa Athar, Muhammad Ahsan Raza, Taher M. Ghazal, S. Sakib
{"title":"基于人工智能的入侵检测方法评述:全面分析","authors":"Salman Muneer, Umer Farooq, Atifa Athar, Muhammad Ahsan Raza, Taher M. Ghazal, S. Sakib","doi":"10.1155/2024/3909173","DOIUrl":null,"url":null,"abstract":"Intrusion detection (ID) is critical in securing computer networks against various malicious attacks. Recent advancements in machine learning (ML), deep learning (DL), federated learning (FL), and explainable artificial intelligence (XAI) have drawn significant attention as potential approaches for ID. DL-based approaches have shown impressive performance in ID by automatically learning relevant features from data but require significant labelled data and computational resources to train complex models. ML-based approaches require fewer computational resources and labelled data, but their ability to generalize to unseen data is limited. FL is a relatively new approach that enables multiple entities to train a model collectively without exchanging their data, providing privacy and security benefits, making it an attractive option for ID. However, FL-based approaches require more communication resources and additional computation to aggregate models from different entities. XAI is critical for understanding how AI models make decisions, improving interpretability and transparency. While existing literature has explored the strengths and weaknesses of DL, ML, FL, and XAI-based approaches for ID, a significant gap exists in providing a comprehensive analysis of the specific use cases and scenarios where each approach is most suitable. This paper seeks to fill this void by delivering an in-depth review that not only highlights strengths and weaknesses but also offers guidance for selecting the appropriate approach based on the unique ID context and available resources. The selection of an appropriate approach depends on the specific use case, and this work provides insights into which method is best suited for various network sizes, data availability, privacy, and security concerns, thus aiding practitioners in making informed decisions for their ID needs.","PeriodicalId":15716,"journal":{"name":"Journal of Engineering","volume":null,"pages":null},"PeriodicalIF":1.7000,"publicationDate":"2024-04-15","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"A Critical Review of Artificial Intelligence Based Approaches in Intrusion Detection: A Comprehensive Analysis\",\"authors\":\"Salman Muneer, Umer Farooq, Atifa Athar, Muhammad Ahsan Raza, Taher M. Ghazal, S. Sakib\",\"doi\":\"10.1155/2024/3909173\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Intrusion detection (ID) is critical in securing computer networks against various malicious attacks. Recent advancements in machine learning (ML), deep learning (DL), federated learning (FL), and explainable artificial intelligence (XAI) have drawn significant attention as potential approaches for ID. DL-based approaches have shown impressive performance in ID by automatically learning relevant features from data but require significant labelled data and computational resources to train complex models. ML-based approaches require fewer computational resources and labelled data, but their ability to generalize to unseen data is limited. FL is a relatively new approach that enables multiple entities to train a model collectively without exchanging their data, providing privacy and security benefits, making it an attractive option for ID. However, FL-based approaches require more communication resources and additional computation to aggregate models from different entities. XAI is critical for understanding how AI models make decisions, improving interpretability and transparency. While existing literature has explored the strengths and weaknesses of DL, ML, FL, and XAI-based approaches for ID, a significant gap exists in providing a comprehensive analysis of the specific use cases and scenarios where each approach is most suitable. This paper seeks to fill this void by delivering an in-depth review that not only highlights strengths and weaknesses but also offers guidance for selecting the appropriate approach based on the unique ID context and available resources. The selection of an appropriate approach depends on the specific use case, and this work provides insights into which method is best suited for various network sizes, data availability, privacy, and security concerns, thus aiding practitioners in making informed decisions for their ID needs.\",\"PeriodicalId\":15716,\"journal\":{\"name\":\"Journal of Engineering\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.7000,\"publicationDate\":\"2024-04-15\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Engineering\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1155/2024/3909173\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q2\",\"JCRName\":\"ENGINEERING, MULTIDISCIPLINARY\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Engineering","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1155/2024/3909173","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q2","JCRName":"ENGINEERING, MULTIDISCIPLINARY","Score":null,"Total":0}
引用次数: 0

摘要

入侵检测(ID)对于确保计算机网络免受各种恶意攻击至关重要。机器学习 (ML)、深度学习 (DL)、联合学习 (FL) 和可解释人工智能 (XAI) 作为 ID 的潜在方法,其最新进展引起了广泛关注。基于 DL 的方法通过自动学习数据中的相关特征,在 ID 方面取得了令人印象深刻的性能,但需要大量的标记数据和计算资源来训练复杂的模型。基于 ML 的方法需要的计算资源和标注数据较少,但它们对未见数据的泛化能力有限。FL 是一种相对较新的方法,能让多个实体在不交换数据的情况下集体训练一个模型,具有隐私和安全方面的优势,因此对 ID 来说是一种有吸引力的选择。然而,基于 FL 的方法需要更多的通信资源和额外的计算,才能汇总来自不同实体的模型。XAI 对于理解人工智能模型如何做出决策、提高可解释性和透明度至关重要。虽然现有文献已经探讨了基于 DL、ML、FL 和 XAI 的 ID 方法的优缺点,但在全面分析每种方法最适合的特定用例和场景方面还存在很大差距。本文旨在填补这一空白,通过深入评述,不仅强调了优缺点,还为根据独特的 ID 环境和可用资源选择合适的方法提供了指导。选择合适的方法取决于具体的使用案例,这项工作提供了有关哪种方法最适合各种网络规模、数据可用性、隐私和安全问题的见解,从而帮助从业人员针对其 ID 需求做出明智的决定。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
A Critical Review of Artificial Intelligence Based Approaches in Intrusion Detection: A Comprehensive Analysis
Intrusion detection (ID) is critical in securing computer networks against various malicious attacks. Recent advancements in machine learning (ML), deep learning (DL), federated learning (FL), and explainable artificial intelligence (XAI) have drawn significant attention as potential approaches for ID. DL-based approaches have shown impressive performance in ID by automatically learning relevant features from data but require significant labelled data and computational resources to train complex models. ML-based approaches require fewer computational resources and labelled data, but their ability to generalize to unseen data is limited. FL is a relatively new approach that enables multiple entities to train a model collectively without exchanging their data, providing privacy and security benefits, making it an attractive option for ID. However, FL-based approaches require more communication resources and additional computation to aggregate models from different entities. XAI is critical for understanding how AI models make decisions, improving interpretability and transparency. While existing literature has explored the strengths and weaknesses of DL, ML, FL, and XAI-based approaches for ID, a significant gap exists in providing a comprehensive analysis of the specific use cases and scenarios where each approach is most suitable. This paper seeks to fill this void by delivering an in-depth review that not only highlights strengths and weaknesses but also offers guidance for selecting the appropriate approach based on the unique ID context and available resources. The selection of an appropriate approach depends on the specific use case, and this work provides insights into which method is best suited for various network sizes, data availability, privacy, and security concerns, thus aiding practitioners in making informed decisions for their ID needs.
求助全文
通过发布文献求助,成功后即可免费获取论文全文。 去求助
来源期刊
Journal of Engineering
Journal of Engineering ENGINEERING, MULTIDISCIPLINARY-
CiteScore
4.20
自引率
0.00%
发文量
68
期刊介绍: Journal of Engineering is a peer-reviewed, Open Access journal that publishes original research articles as well as review articles in several areas of engineering. The subject areas covered by the journal are: - Chemical Engineering - Civil Engineering - Computer Engineering - Electrical Engineering - Industrial Engineering - Mechanical Engineering
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信