A Systematic Analysis and Review on Intrusion Detection Systems Using Machine Learning and Deep Learning Algorithms

Sneha Leela Jacob; Parveen Sultana Habibullah

doi:10.47852/bonviewJCCE42023249

Authors

Sneha Leela Jacob School of Computer Science and Engineering, Vellore Institute of Technology, India https://orcid.org/0009-0004-9087-1930
Parveen Sultana Habibullah School of Computer Science and Engineering, Vellore Institute of Technology, India https://orcid.org/0000-0001-9108-5043

DOI:

https://doi.org/10.47852/bonviewJCCE42023249

Keywords:

intrusion detection system, machine learning, deep learning, network security

Abstract

An intrusion detection system (IDS) is crucial for defending computer networks and systems from cyberattacks, unauthorized entry, and harmful activities. Machine learning (ML) and deep learning (DL) based IDS is a security solution that uses sophisticated algorithms to automatically identify and predict malicious activity occurring within a computer network. It improves the network's security and identification of threats using various algorithms to monitor network traffic patterns, spot anomalies, and discern between normal and abnormal behavior. This study reviews 58 papers on the topic of IDS that implement various ML and DL techniques. The most commonly used techniques are the support vector machine (SVM), decision tree (DT), random forest (RF), K nearest neighbors, gradient boosting (GB), Naïve-Bayes (NB), multilayer perceptron (MLP), artificial neural network, recurrent neural network, and convolutional neural network (CNN). These techniques are tested on four different datasets: KDD Cup, NSL-KDD, UNSW-NB15, and Kyoto. The experimentation showed that, among ML algorithms, the DT classifier has the best average training time of 2.8s, the best average testing time of 0.08s, but achieved an average accuracy of 97.46% across all datasets. On the other hand, the NB classifier is easier to implement but took an average of 4.40s in training time, 1.28s in testing time, and has the least average accuracy of 74.22% across all datasets. The more sophisticated techniques such as SVM, MLP, GB, and CNN are time consuming with CNN taking the highest time in three out of four datasets. The RF algorithm achieved an average accuracy of 99.51%, the highest level of accuracy among all algorithms. In this way, a comprehensive analysis of the strengths and weaknesses of various ML and DL algorithms for IDS is presented.

Received: 26 April 2024 | Revised: 12 June 2024 | Accepted: 25 June 2024

Conflicts of Interest
The authors declare that they have no conflicts of interest in this work.

Data Availability Statement
Data sharing is not applicable to this article as no new data were created or analyzed in this study.

Author Contribution Statement
Sneha Leela Jacob: Methodology, Software, Validation, Formal analysis, Investigation, Writing – original draft, Writing – review & editing, Visualization. Parveen Sultana Habibullah: Conceptualization, Validation, Supervision, Project administration.