Abstract
Network anomaly detection systems (NADSs) play a significant role in every network defense system as they detect and prevent malicious activities. Therefore, this paper offers an exhaustive overview of different aspects of anomaly-based network intrusion detection systems (NIDSs). Additionally, contemporary malicious activities in network systems and the important properties of intrusion detection systems are discussed as well. The present survey explains important phases of NADSs, such as pre-processing, feature extraction and malicious behavior detection and recognition. In addition, with regard to the detection and recognition phase, recent machine learning approaches including supervised, unsupervised, new deep and ensemble learning techniques have been comprehensively discussed; moreover, some details about currently available benchmark datasets for training and evaluating machine learning techniques are provided by the researchers. In the end, potential challenges together with some future directions for machine learning-based NADSs are specified.
| Original language | English |
|---|---|
| Article number | 529 |
| Number of pages | 41 |
| Journal | Entropy |
| Volume | 23 |
| Issue number | 5 |
| DOIs | |
| Publication status | Published - 25 Apr 2021 |
| Externally published | Yes |
Keywords
- machine learning
- classifier systems
- malicious behavior detection systems
- dataset
- data pre-processing