رویکرد یادگیری عمیق برای سیستم تشخیص نفوذ
ترجمه نشده

رویکرد یادگیری عمیق برای سیستم تشخیص نفوذ

عنوان فارسی مقاله: رویکردهای یادگیری عمیق برای سیستم های تشخیص نفوذ مبتنی بر ناهنجاری: بررسی، طبقه بندی و موضوعات باز
عنوان انگلیسی مقاله: Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues
مجله/کنفرانس: سیستم های دانش بنیان – Knowledge-Based Systems
رشته های تحصیلی مرتبط: مهندسی کامپیوتر
گرایش های تحصیلی مرتبط: هوش مصنوعی، امنیت اطلاعات
کلمات کلیدی فارسی: تشخیص نفوذ، تشخیص ناهنجاری، یادگیری عمیق
کلمات کلیدی انگلیسی: Intrusion detection, Anomaly detection, Deep learning
نوع نگارش مقاله: مقاله پژوهشی (Research Article)
شناسه دیجیتال (DOI): https://doi.org/10.1016/j.knosys.2019.105124
دانشگاه: King Saud University, Riyadh, 12372, Saudi Arabia
صفحات مقاله انگلیسی: 37
ناشر: الزویر - Elsevier
نوع ارائه مقاله: ژورنال
نوع مقاله: ISI
سال انتشار مقاله: 2020
ایمپکت فاکتور: 6.610 در سال 2019
شاخص H_index: 94 در سال 2020
شاخص SJR: 1.460 در سال 2019
شناسه ISSN: 0950-7051
شاخص Quartile (چارک): Q1 در سال 2019
فرمت مقاله انگلیسی: PDF
وضعیت ترجمه: ترجمه نشده است
قیمت مقاله انگلیسی: رایگان
آیا این مقاله بیس است: بله
آیا این مقاله مدل مفهومی دارد: دارد
آیا این مقاله پرسشنامه دارد: ندارد
آیا این مقاله متغیر دارد: ندارد
کد محصول: E14199
رفرنس: دارای رفرنس در داخل متن و انتهای مقاله
فهرست مطالب (انگلیسی)

Abstract

۱٫ Introduction

۲٫ Related surveys

۳٫ Background of deep learning architectures

۴٫ Intrusion detection system (IDS)

۵٫ Taxonomy of a deep learning-based IDS

۶٫ Descriptive and comparative study of deep learning-based IDS methods

۷٫ Discussion and findings

۸٫ Challenges and future directions

۹٫ Conclusion

Acknowledgements

References

بخشی از مقاله (انگلیسی)

Abstract

The massive growth of data that are transmitted through a variety of devices and communication protocols have raised serious security concerns, which have increased the importance of developing advanced intrusion detection systems (IDSs). Deep learning is an advanced branch of machine learning, composed of multiple layers of neurons that represent the learning process. Deep learning can cope with large-scale data and has shown success in different fields. Therefore, researchers have paid more attention to investigating deep learning for intrusion detection. This survey comprehensively reviews and compares the key previous deep learningfocused cybersecurity surveys. Through an extensive review, this survey provides a novel finegrained taxonomy that categorizes the current state-of-the-art deep learning-based IDSs with respect to different facets, including input data, detection, deployment, and evaluation strategies. Each facet is further classified according to different criteria. This survey also compares and discusses the related experimental solutions proposed as deep learning-based IDSs. By analysing the experimental studies, this survey discusses the role of deep learning in intrusion detection, the impact of intrusion detection datasets, and the efficiency and effectiveness of the proposed approaches. The findings demonstrate that further effort is required to improve the current state-of-the art. Finally, open research challenges are identified, and future research directions for deep learning-based IDSs are recommended.

Introduction

In recent years, the world has witnessed a significant evolution in the different areas of connected technologies such as smart grids, the Internet of vehicles, long-term evolution, and 5G communication. By 2022, it is expected that the number of IP-connected devices will be three times larger than the global population, producing 4.8 ZB of IP traffic annually, as reported by Cisco [1]. This accelerated growth raises overwhelming security concerns due to the exchange of huge amounts of sensitive information through resource-constrained devices and over the untrusted “Internet” using heterogeneous technologies and communication protocols. To maintain sustainable and secure cyberspace, advanced security controls and resilience analysis [2] should be applied in the earlier stages before deployment. The applied security controls are responsible for preventing, detecting, and responding to attacks. For detection purposes, an intrusion detection system (IDS) is a widely used technique for detecting internal and external intrusions that target a system, as well as anomalies that indicate potential intrusions and suspicious activities. An IDS involves a set of tools and mechanisms for monitoring the computer system and the network traffic, in addition to analysing activities with the aim of detecting possible intrusions targeting the system [3]. An IDS can be implemented as signature-based, anomaly-based, or hybrid IDS. In signature-based IDS, intrusions are detected by comparing monitored behaviours with pre-defined intrusion patterns, while anomaly-based IDS focuses on knowing normal behaviour in order to identify any deviation [4]. Different techniques are used to detect anomalies, such as statistical-based, knowledge-based, and machine learning techniques; recently, deep learning methods have been investigated [5].