Comprehensive Review of Intrusion Detection Techniques: ML and DL in Different Networks
With the increasing number of new attacks, virtualized and distributed networks require greater attention and investment in cybersecurity. Organizations must rely on effective Intrusion Detection Systems (IDS) to detect both known and novel attacks. Therefore, Machine Learning (ML) and Deep Learning...
Saved in:
| Main Authors: | , , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11036755/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849706111306825728 |
|---|---|
| author | Imane Rakine Aziz Oukaira Kamal El Guemmat Issam Atouf Sara Ouahabi Mohamed Talea Tarik Bouragba |
| author_facet | Imane Rakine Aziz Oukaira Kamal El Guemmat Issam Atouf Sara Ouahabi Mohamed Talea Tarik Bouragba |
| author_sort | Imane Rakine |
| collection | DOAJ |
| description | With the increasing number of new attacks, virtualized and distributed networks require greater attention and investment in cybersecurity. Organizations must rely on effective Intrusion Detection Systems (IDS) to detect both known and novel attacks. Therefore, Machine Learning (ML) and Deep Learning (DL) techniques have been widely used for intrusion detection. Several studies have reviewed ML and DL-based detection models, but they often overlook the specific networks targeted by these models. It is crucial to understand not only which methods are effective but also the contexts in which they are effective. This study aims to fill this gap by reviewing and classifying recent contributions based on their target networks. It focuses on three key network types: Cloud Computing (CC), Internet of Things (IoT), and Software-Defined Networks (SDN). Our study emphasizes the importance of thoroughly understanding the strengths and vulnerabilities of a given network, which is an important step towards developing effective ML- and DL-based intrusion detection approaches. We first provide an overview of related works and our research steps, followed by a presentation of ML and DL techniques, and commonly used datasets in this field. Next, a detailed presentation of the current research on IDS based on ML and DL techniques by network categories is provided. The strengths and limitations of ML and DL algorithms, which are frequently used for intrusion detection, are highlighted. Finally, the challenges are discussed and future research directions are proposed. |
| format | Article |
| id | doaj-art-80341e3dc6b24399b58feba9c88c9968 |
| institution | DOAJ |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-80341e3dc6b24399b58feba9c88c99682025-08-20T03:16:17ZengIEEEIEEE Access2169-35362025-01-011310434510436710.1109/ACCESS.2025.357999011036755Comprehensive Review of Intrusion Detection Techniques: ML and DL in Different NetworksImane Rakine0https://orcid.org/0009-0001-3299-8149Aziz Oukaira1https://orcid.org/0000-0002-4472-6124Kamal El Guemmat2https://orcid.org/0000-0002-1136-4841Issam Atouf3https://orcid.org/0000-0002-6339-3732Sara Ouahabi4Mohamed Talea5Tarik Bouragba6Information Processing Laboratory, Faculty of Science Ben M’Sik, Hassan II University, Casablanca, MoroccoElectrical Engineering Department, Faculty of Engineering, Université de Moncton, Moncton, NB, CanadaENSET, Hassan II University, Mohammedia, MoroccoInformation Processing Laboratory, Faculty of Science Ben M’Sik, Hassan II University, Casablanca, MoroccoFaculty of Science Ben M’Sik, Hassan II University, Casablanca, MoroccoInformation Processing Laboratory, Faculty of Science Ben M’Sik, Hassan II University, Casablanca, MoroccoEIGSI Casablanca, Casablanca, MoroccoWith the increasing number of new attacks, virtualized and distributed networks require greater attention and investment in cybersecurity. Organizations must rely on effective Intrusion Detection Systems (IDS) to detect both known and novel attacks. Therefore, Machine Learning (ML) and Deep Learning (DL) techniques have been widely used for intrusion detection. Several studies have reviewed ML and DL-based detection models, but they often overlook the specific networks targeted by these models. It is crucial to understand not only which methods are effective but also the contexts in which they are effective. This study aims to fill this gap by reviewing and classifying recent contributions based on their target networks. It focuses on three key network types: Cloud Computing (CC), Internet of Things (IoT), and Software-Defined Networks (SDN). Our study emphasizes the importance of thoroughly understanding the strengths and vulnerabilities of a given network, which is an important step towards developing effective ML- and DL-based intrusion detection approaches. We first provide an overview of related works and our research steps, followed by a presentation of ML and DL techniques, and commonly used datasets in this field. Next, a detailed presentation of the current research on IDS based on ML and DL techniques by network categories is provided. The strengths and limitations of ML and DL algorithms, which are frequently used for intrusion detection, are highlighted. Finally, the challenges are discussed and future research directions are proposed.https://ieeexplore.ieee.org/document/11036755/Intrusion detection system (IDS)machine learning (ML)deep learning (DL)cloud computing (CC)Internet of Things (IoT)software defined network (SDN) |
| spellingShingle | Imane Rakine Aziz Oukaira Kamal El Guemmat Issam Atouf Sara Ouahabi Mohamed Talea Tarik Bouragba Comprehensive Review of Intrusion Detection Techniques: ML and DL in Different Networks IEEE Access Intrusion detection system (IDS) machine learning (ML) deep learning (DL) cloud computing (CC) Internet of Things (IoT) software defined network (SDN) |
| title | Comprehensive Review of Intrusion Detection Techniques: ML and DL in Different Networks |
| title_full | Comprehensive Review of Intrusion Detection Techniques: ML and DL in Different Networks |
| title_fullStr | Comprehensive Review of Intrusion Detection Techniques: ML and DL in Different Networks |
| title_full_unstemmed | Comprehensive Review of Intrusion Detection Techniques: ML and DL in Different Networks |
| title_short | Comprehensive Review of Intrusion Detection Techniques: ML and DL in Different Networks |
| title_sort | comprehensive review of intrusion detection techniques ml and dl in different networks |
| topic | Intrusion detection system (IDS) machine learning (ML) deep learning (DL) cloud computing (CC) Internet of Things (IoT) software defined network (SDN) |
| url | https://ieeexplore.ieee.org/document/11036755/ |
| work_keys_str_mv | AT imanerakine comprehensivereviewofintrusiondetectiontechniquesmlanddlindifferentnetworks AT azizoukaira comprehensivereviewofintrusiondetectiontechniquesmlanddlindifferentnetworks AT kamalelguemmat comprehensivereviewofintrusiondetectiontechniquesmlanddlindifferentnetworks AT issamatouf comprehensivereviewofintrusiondetectiontechniquesmlanddlindifferentnetworks AT saraouahabi comprehensivereviewofintrusiondetectiontechniquesmlanddlindifferentnetworks AT mohamedtalea comprehensivereviewofintrusiondetectiontechniquesmlanddlindifferentnetworks AT tarikbouragba comprehensivereviewofintrusiondetectiontechniquesmlanddlindifferentnetworks |