Intrusion Detection systems (IDSs) are crucial for alleviating and detecting cybersecurity attacks. Conventional signature-based IDSs, such as Snort, effectively detect known attacks but struggle with novel and budding threats. Machine learning (ML) has emerged as a controlling tool for developing IDSs by identifying attack patterns, improving anomaly detection and reducing false positives. This paper reviews various ML techniques applied to intrusion detection, analysing their performance across different datasets and attack trends. Supervised, unsupervised and deep learning approaches are explored, highlighting their strengths and limitations. Furthermore, the integration of ML with Snort is discussed as a hybrid method to enhance detection accuracy and adaptableness. Whilst ML-based IDSs show significant promises, challenges such as dataset quality, adversarial attacks and computational constraints remain. Upcoming research should put effort into lightweight models, real-time processing and explainable artificial intelligence to improve practical deployment. This review’s findings focus on the capability of ML-driven IDSs to deliver resilient and adaptable solutions for cybersecurity.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Adapting Intrusion Detection Systems Using Machine Learning: Techniques, Performance Analysis and Hybridisation with Snort

  • Sajjad Abdulbari Alfaris,
  • Husam Akif Abdulmalik Al-Ameen,
  • Zaid Ameen Abduljabbar,
  • Vincent Omollo Nyangaresi

摘要

Intrusion Detection systems (IDSs) are crucial for alleviating and detecting cybersecurity attacks. Conventional signature-based IDSs, such as Snort, effectively detect known attacks but struggle with novel and budding threats. Machine learning (ML) has emerged as a controlling tool for developing IDSs by identifying attack patterns, improving anomaly detection and reducing false positives. This paper reviews various ML techniques applied to intrusion detection, analysing their performance across different datasets and attack trends. Supervised, unsupervised and deep learning approaches are explored, highlighting their strengths and limitations. Furthermore, the integration of ML with Snort is discussed as a hybrid method to enhance detection accuracy and adaptableness. Whilst ML-based IDSs show significant promises, challenges such as dataset quality, adversarial attacks and computational constraints remain. Upcoming research should put effort into lightweight models, real-time processing and explainable artificial intelligence to improve practical deployment. This review’s findings focus on the capability of ML-driven IDSs to deliver resilient and adaptable solutions for cybersecurity.