Cyber Threat Intelligence in Intrusion Detection: A Systematic Review of Detection Strategies

Article Sidebar

PDF HTML
Published: Feb 1, 2024
DOI: https://doi.org/10.29070/md9c9378
Keywords:
Intrusion Detection System (IDS), Network Security, Anomaly Detection, Machine Learning (ML), Deep Learning (DL), Cyber Threat Detection

Main Article Content

Authors

Parag Deoskar

Research Scholar, LNCT University, Bhopal, M.P.

Dr. Ajay Kumar Sachan

Professor, Dept. of CSE, LNCT University, Bhopal, M.P.

Abstract

In the digital age, the need for robust Intrusion Detection Systems (IDS) is critical to safeguarding essential infrastructures due to the increasing sophistication of cyber security threats. While traditional IDS methods, such as signature-based and anomaly-based detection, have their merits, they often struggle to address emerging cyber threats like zero-day attacks, polymorphic malware, and advanced persistent threats (APTs). Recent advancements in machine learning (ML) and deep learning (DL) have significantly enhanced IDS capabilities, enabling them to detect threats in a more intelligent and adaptive manner. This review paper provides a comprehensive analysis of various intrusion detection approaches, including traditional, hybrid, and next-generation methods. It explores how deep neural networks (DNNs), convolutional neural networks (CNNs), recurrent neural networks (RNNs), and transformers can be used to identify complex attack patterns. Furthermore, we examine the role of feature selection techniques, data preprocessing methods, and publicly available datasets, such as UNSW-NB15, TCP/IP, and KDD99, in boosting the performance of IDS. The paper also discusses the challenges involved in implementing real-time IDS, including computational overhead, false positives, adversarial attacks, and scalability issues in cloud and IoT environments. Special attention is given to the potential of federated learning and blockchain-based IDS solutions for decentralized and privacy-preserving threat detection. Overall, this study provides researchers and cybersecurity professionals with a thorough understanding of the current state of intrusion detection, highlighting its limitations and potential advancements. The goal is to guide the development of more efficient and intelligent IDS solutions in the future.

Downloads

Download data is not yet available.

Article Details

Issue

Vol. 19 No. 1 (2024): International Journal of Information Technology and Management (IJITM)

Section

Articles

References

  1. Musa, U.S.; Chhabra, M.; Ali, A.; Kaur, M. Intrusion Detection System using Machine Learning Techniques: A Review. In Proceedings of the 2020 International Conference on Smart Electronics and Communication (ICOSEC), Trichy, India, 10–12 September 2020; pp. 149–155.
  2. Aljabri, M.; Altamimi, H.S.; Albelali, S.A.; Maimunah, A.H.; Alhuraib, H.T.; Alotaibi, N.K.; Alahmadi, A.A.; Alhaidari, F.; Mohammad, R.M.A.; Salah, K. Detecting malicious URLs using machine learning techniques: Review and research directions.IEEE Access 2022, 10, 121395–121417.
  3. Okey, O.D.; Maidin, S.S.; Adasme, P.; Lopes Rosa, R.; Saadi, M.; Carrillo Melgarejo, D.; Zegarra Rodríguez, D. BoostedEnML: Efficient technique for detecting cyberattacks in IoT systems using boosted ensemble machine learning. Sensors 2022, 22, 7409.
  4. Htun, H.H.; Biehl, M.; Petkov, N. Survey of feature selection and extraction techniques for stock market prediction. Financ. Innov. 2023, 9, 26.
  5. Bhuyan, M.H.; Bhattacharyya, D.K.; Kalita, J.K. Network Traffic Anomaly Detection and Prevention: Concepts, Techniques, and Tools; Springer: Berlin/Heidelberg, Germany, 2017.
  6. Zhendong Wang; Yong Zeng; Yaodi Liu; Dahai Li (2021)“Deep Belief Network Integrating Improved Kernel-Based Extreme Learning Machine for Network Intrusion Detection” DOI: 10.1109/ACCESS.2021.3051074, Page(s): 16062 – 16091, 12 January 2021
  7. Ghada Abdelmoumin; Danda B. Rawat; Abdul Rahman (2022)“On the Performance of Machine Learning Models for Anomaly-Based Intelligent Intrusion Detection Systems for the Internet of Things” DOI: 10.1109/JIOT.2021.3103829, Page(s): 4280 – 4290, 10 August 2021
  8. Safa Otoum; Burak Kantarci; Hussein T. Mouftah (2019) “On the Feasibility of Deep Learning in Sensor Network Intrusion Detection” DOI: 10.1109/LNET.2019.2901792, Page(s): 68 – 71, 26 February 2019
  9. Gustavo De Carvalho Bertoli; Lourenço Alves Pereira Júnior; Osamu Saotome; Aldri L. Dos Santos; Filipe Alves Neto Verri; Cesar Augusto Cavalheiro Marcondes (2021) “An End-to-End Framework for Machine Learning-Based Network Intrusion Detection System” DOI: 10.1109/ACCESS.2021.3101188, Page(s): 106790 – 106805, 30 July 2021
  10. Ngan Tran; Haihua Chen; Jay Bhuyan; Junhua Ding (2022) “Data Curation and Quality Evaluation for Machine Learning-Based Cyber Intrusion Detection” DOI: 10.1109/ACCESS.2022.3211313, Page(s): 121900 – 121923, 03 October 2022
  11. Eysed Mohammad Hadi Mirsadeghi; Hayretdin Bahsi; Risto Vaarandi; Wissem Inoubli (2023) “Learning From Few Cyber-Attacks: Addressing the Class Imbalance Problem in Machine Learning-Based Intrusion Detection in Software-Defined Networking” DOI: 10.1109/ACCESS.2023.3341755, Page(s): 140428 – 140442,12 December 2023
  12. Shahneela Pitafi; Toni Anwar; I. Dewa Made Widia,Faculty of Vocational (2023)“Revolutionizing Perimeter Intrusion Detection: A Machine Learning-Driven Approach With Curated Dataset Generation for Enhanced Security” DOI: 10.1109/ACCESS.2023.3318600, Page(s): 106954 – 106966, 25 September 2023
  13. Bing Gao; Bing Bu; Wei Zhang; Xiang Li (2021) “An Intrusion Detection Method Based on Machine Learning and State Observer for Train-Ground Communication Systems” DOI: 10.1109/TITS.2021.3058553, Page(s): 6608 – 6620, 19 February 2021
  14. Liu, J.; Dong, Y.; Zha, L.; Tian, E.; Xie, X. Event-based security tracking control for networked control systems against stochastic cyber-attacks. Inf. Sci. 2022, 612, 306–321.
  15. Zha, L.; Liao, R.; Liu, J.; Xie, X.; Tian, E.; Cao, J. Dynamic event-triggered output feedback control for networked systems subject to multiple cyber attacks. IEEE Trans. Cybern. 2021, 52, 13800–13808.
  16. Qu, F.; Tian, E.; Zhao, X. Chance-Constrained H-infinity State Estimation for Recursive Neural Networks Under Deception Attacks and Energy Constraints: The Finite-Horizon Case. IEEE Trans. Neural Netw. Learn. Syst. 2022
  17. Chen, H.; Jiang, B.; Ding, S.X.; Huang, B. Data-driven fault diagnosis for traction systems in high-speed trains: A survey, challenges, and perspectives. IEEE Trans. Intell. Transp. Syst. 2020, 23, 1700–1716.
  18. Abbas Jamalipour; Sarumathi Murali (2021) “A Taxonomy of Machine-Learning-Based Intrusion Detection Systems for the Internet of Things: A Survey” DOI: 10.1109/JIOT.2021.3126811, Page(s): 9444 – 9466, 10 November 2021
  19. Xianwei Gao; Chun Shan; Changzhen Hu; Zequn Niu; Zhen Liu (2019) “An Adaptive Ensemble Machine Learning Model for Intrusion Detection” DOI: 10.1109/ACCESS.2019.2923640, Page(s): 82512 – 82521, 19 June 2019
  20. MohammadNoor Injadat; Abdallah Moubayed; Ali Bou Nassif; Abdallah Shami (2020) “Multi-Stage Optimized Machine Learning Framework for Network Intrusion Detection” DOI: 10.1109/TNSM.2020.3014929, Page(s): 1803 – 1816, 07 August 2020
  21. Rui Fu; Xiaojun Ren; Ye Li; Yongtang Wu; Hao Sun; Mohammed Abdulhakim Al-Absi (2023) “Machine-Learning-Based UAV-Assisted Agricultural Information Security Architecture and Intrusion Detection” DOI: 10.1109/JIOT.2023.3236322, Page(s): 18589 – 18598, 30 January 2023
  22. Yeongje Uhm; Wooguil Pak (2021) “Service-Aware Two-Level Partitioning for Machine Learning-Based Network Intrusion Detection With High Performance and High Scalability” DOI: 10.1109/ACCESS.2020.3048900, Page(s): 6608 – 6622, 04 January 2021
  23. Chunyang Fan; Jie Cui; Hulin Jin; Hong Zhong; Irina Bolodurina; Debiao He (2024) “Auto-Updating Intrusion Detection System for Vehicular Network: A Deep Learning Approach Based on Cloud-Edge-Vehicle Collaboration” DOI: 10.1109/TVT.2024.3399219, Page(s): 15372 – 15384, 10 May 2024
  24. Saikat Das; Sajal Saha; Annita Tahsin Priyoti; Etee Kawna Roy; Frederick T. Sheldon; Anwar Haque (2021)“Network Intrusion Detection and Comparative Analysis Using Ensemble Machine Learning and Feature Selection” DOI: 10.1109/TNSM.2021.3138457, Page(s): 4821 – 4833, 27 December 2021
  25. Muaadh A. Alsoufi,Shukor Razak,Maheyzah Md Siraj,Ibtehal Nafea,Ibtehal Nafea,Fuad A. Ghaleb,Faisal Saeed,Maged Nasser (2021) “Anomaly-Based Intrusion Detection Systems in IoT Using Deep Learning: A Systematic Literature Review” 2021, 11(18), 8383; https://doi.org/10.3390/app11188383, 9 September 2021
  26. Redhwan Al-amri,Raja Kumar Murugesan,Mustafa Man,Alaa Fareed Abdulateef,Mohammed A. Al-Sharafi,Mohammed A. Al-Sharafi,Ammar Ahmed Alkahtani (2021) “A Review of Machine Learning and Deep Learning Techniques for Anomaly Detection in IoT Data” 2021, 11(12), 5320; https://doi.org/10.3390/app11125320, 8 June 2021
  27. Muhammad Almas Khan,Muazzam A. Khan,Sana Ullah Jan,Jawad Ahmad,Sajjad Shaukat Jamal,Awais Aziz Shah,William J. Buchanan (2021) “A Deep Learning-Based Intrusion Detection System for MQTT Enabled IoT” 2021, 21(21), 7016; https://doi.org/10.3390/s21217016, 22 October 2021
  28. Yakub Kayode Saheed , Aremu Idris Abiodun , Sanjay Misra c, Monica Kristiansen Holone c, Ricardo Colomo-Palacios c(2022) “A machine learning-based intrusion detection for detecting internet of things network attacks” Volume 61, Issue 12, December 2022, Pages 9395-9409,
  29. Vanlalruata Hnamte, Jamal Hussain (2023) “DCNNBiLSTM: An Efficient Hybrid Deep Learning-Based Intrusion Detection System ” Volume 10, June 2023, 100053,
  30. Albara Awajan (2023) “A Novel Deep Learning-Based Intrusion Detection System for IoT Networks” 2023, 12(2), 34; https://doi.org/10.3390/computers12020034, 5 February 2023
  31. Iqbal H. Sarker,Yoosef B. Abushark.Fawaz Alsolami.Asif Irshad Khan (2020)“IntruDTree: A Machine Learning Based Cyber Security Intrusion Detection Model” 2020, 12(5), 754; https://doi.org/10.3390/sym12050754, 6 May 2020
  32. Mohanad Sarhan , Siamak Layeghy , Nour Moustafa , Marcus Gallagher , Marius Portmann (2021)“Feature extraction for machine learning-based intrusion detection in IoT networks” Volume 10, Issue 1, February 2024, Pages 205-216, https://doi.org/10.1016/j.dcan.2022.08.012
  33. Abbas Jamalipour; Sarumathi Murali (2022)“A Taxonomy of Machine-Learning-Based Intrusion Detection Systems for the Internet of Things: A Survey” DOI: 10.1109/JIOT.2021.3126811, Page(s): 9444 – 9466, 10 November 2021
  34. Zahedi Azam; Md. Motaharul Islam; Mohammad Nurul Huda (2023) “Comparative Analysis of Intrusion Detection Systems and Machine Learning-Based Model Analysis Through Decision Tree” DOI: 10.1109/ACCESS.2023.3296444, Page(s): 80348 – 80391, 18 July 2023
  35. Elhanashi, A.; Lowe Sr, D.; Saponara, S.; Moshfeghi, Y. Deep learning techniques to identify and classify COVID-19 abnormalities on chest X-ray images. In Proceedings of the Real-Time Image Processing and Deep Learning 2022; SPIE: Bellingham, WA, USA, 2022;Volume 12102, pp. 15–24.
  36. Zheng, Q.; Zhao, P.; Wang, H.; Elhanashi, A.; Saponara, S. Fine-grained modulation classification using multi-scale radio transformer with dual-channel representation. IEEE Commun. Lett. 2022, 26, 1298–1302.
  37. Elhanashi, A.; Gasmi, K.; Begni, A.; Dini, P.; Zheng, Q.; Saponara, S. Machine Learning Techniques for Anomaly-Based DetectionSystem on CSE-CIC-IDS2018 Dataset. In Applications in Electronics Pervading Industry, Environment and Society: APPLEPIES 2022;Springer: Berlin/Heidelberg, Germany, 2023; pp. 131–140.
  38. Pisner, D.A.; Schnyer, D.M. Support vector machine. In Machine Learning; Elsevier: Amsterdam, The Netherlands, 2020;pp. 101–121.
  39. Widodo, A.; Yang, B.S. Support vector machine in machine condition monitoring and fault diagnosis. Mech. Syst. Signal Process.2007, 21, 2560