Adapting Intrusion Detection Systems Using Machine Learning: Techniques, Performance Analysis and Hybridisation with Snort
摘要
Intrusion Detection systems (IDSs) are crucial for alleviating and detecting cybersecurity attacks. Conventional signature-based IDSs, such as Snort, effectively detect known attacks but struggle with novel and budding threats. Machine learning (ML) has emerged as a controlling tool for developing IDSs by identifying attack patterns, improving anomaly detection and reducing false positives. This paper reviews various ML techniques applied to intrusion detection, analysing their performance across different datasets and attack trends. Supervised, unsupervised and deep learning approaches are explored, highlighting their strengths and limitations. Furthermore, the integration of ML with Snort is discussed as a hybrid method to enhance detection accuracy and adaptableness. Whilst ML-based IDSs show significant promises, challenges such as dataset quality, adversarial attacks and computational constraints remain. Upcoming research should put effort into lightweight models, real-time processing and explainable artificial intelligence to improve practical deployment. This review’s findings focus on the capability of ML-driven IDSs to deliver resilient and adaptable solutions for cybersecurity.