A Survey of Data Stream-Based Intrusion Detection Systems
Detecting malicious activities in network environments poses a challenge that attracts significant attention due to its complexity and importance. Advances in the field have led to the development of several algorithms that approach the problem under the view of a data stream machine learning task....
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/10965698/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1849723249265475584 |
|---|---|
| author | Rodrigo Sanches Miani Gustavo Di Giovanni Bernardo Guilherme Weigert Cassales Hermes Senger Elaine Ribeiro de Faria |
| author_facet | Rodrigo Sanches Miani Gustavo Di Giovanni Bernardo Guilherme Weigert Cassales Hermes Senger Elaine Ribeiro de Faria |
| author_sort | Rodrigo Sanches Miani |
| collection | DOAJ |
| description | Detecting malicious activities in network environments poses a challenge that attracts significant attention due to its complexity and importance. Advances in the field have led to the development of several algorithms that approach the problem under the view of a data stream machine learning task. This task involves a set of steps: data collection or choice of public datasets, data pre-processing, data reduction, development or application of data mining techniques, and evaluation methodology. However, these steps must address the inherent issues of dynamic environments such as data streams and intrusion detection systems. These issues include, but are not limited to, the continuous influx of data, changes in both normal and attack class distributions, the emergence of new attack types, and the scarcity of labeled data examples to update the decision models. This survey provides an overview of intrusion detection systems (IDS) using data stream machine learning techniques, characterizing the literature approaches according to the classic steps of the data mining task. In addition, we discuss recommendations for practical IDS development and highlight datasets and tools that can aid in detecting malicious behavior. Finally, we outline potential avenues for future research and open questions in the field. |
| format | Article |
| id | doaj-art-9a070a2b76e44ad9adca2502d54005b5 |
| institution | DOAJ |
| issn | 2169-3536 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | IEEE |
| record_format | Article |
| series | IEEE Access |
| spelling | doaj-art-9a070a2b76e44ad9adca2502d54005b52025-08-20T03:11:05ZengIEEEIEEE Access2169-35362025-01-0113729537298310.1109/ACCESS.2025.356110510965698A Survey of Data Stream-Based Intrusion Detection SystemsRodrigo Sanches Miani0https://orcid.org/0000-0002-8176-8040Gustavo Di Giovanni Bernardo1https://orcid.org/0009-0000-6945-7955Guilherme Weigert Cassales2https://orcid.org/0000-0003-4029-2047Hermes Senger3https://orcid.org/0000-0003-1273-9809Elaine Ribeiro de Faria4Faculty of Computing, Federal University of Uberlândia, Uberlândia, BrazilFaculty of Computing, Federal University of Uberlândia, Uberlândia, BrazilAI Institute, University of Waikato, Hamilton, New ZealandDepartment of Computer Science, Federal University of São Carlos, São Carlos, BrazilFaculty of Computing, Federal University of Uberlândia, Uberlândia, BrazilDetecting malicious activities in network environments poses a challenge that attracts significant attention due to its complexity and importance. Advances in the field have led to the development of several algorithms that approach the problem under the view of a data stream machine learning task. This task involves a set of steps: data collection or choice of public datasets, data pre-processing, data reduction, development or application of data mining techniques, and evaluation methodology. However, these steps must address the inherent issues of dynamic environments such as data streams and intrusion detection systems. These issues include, but are not limited to, the continuous influx of data, changes in both normal and attack class distributions, the emergence of new attack types, and the scarcity of labeled data examples to update the decision models. This survey provides an overview of intrusion detection systems (IDS) using data stream machine learning techniques, characterizing the literature approaches according to the classic steps of the data mining task. In addition, we discuss recommendations for practical IDS development and highlight datasets and tools that can aid in detecting malicious behavior. Finally, we outline potential avenues for future research and open questions in the field.https://ieeexplore.ieee.org/document/10965698/Computer networkscybersecuritydata-streamintrusion detection systemsmachine-learning |
| spellingShingle | Rodrigo Sanches Miani Gustavo Di Giovanni Bernardo Guilherme Weigert Cassales Hermes Senger Elaine Ribeiro de Faria A Survey of Data Stream-Based Intrusion Detection Systems IEEE Access Computer networks cybersecurity data-stream intrusion detection systems machine-learning |
| title | A Survey of Data Stream-Based Intrusion Detection Systems |
| title_full | A Survey of Data Stream-Based Intrusion Detection Systems |
| title_fullStr | A Survey of Data Stream-Based Intrusion Detection Systems |
| title_full_unstemmed | A Survey of Data Stream-Based Intrusion Detection Systems |
| title_short | A Survey of Data Stream-Based Intrusion Detection Systems |
| title_sort | survey of data stream based intrusion detection systems |
| topic | Computer networks cybersecurity data-stream intrusion detection systems machine-learning |
| url | https://ieeexplore.ieee.org/document/10965698/ |
| work_keys_str_mv | AT rodrigosanchesmiani asurveyofdatastreambasedintrusiondetectionsystems AT gustavodigiovannibernardo asurveyofdatastreambasedintrusiondetectionsystems AT guilhermeweigertcassales asurveyofdatastreambasedintrusiondetectionsystems AT hermessenger asurveyofdatastreambasedintrusiondetectionsystems AT elaineribeirodefaria asurveyofdatastreambasedintrusiondetectionsystems AT rodrigosanchesmiani surveyofdatastreambasedintrusiondetectionsystems AT gustavodigiovannibernardo surveyofdatastreambasedintrusiondetectionsystems AT guilhermeweigertcassales surveyofdatastreambasedintrusiondetectionsystems AT hermessenger surveyofdatastreambasedintrusiondetectionsystems AT elaineribeirodefaria surveyofdatastreambasedintrusiondetectionsystems |