Network Intrusion Detection Systems: A Systematic Literature Review of Hybrid Deep Learning Approaches
Stephen Kahara Wanjau1, Geoffrey Mariga Wambugu2, Aaron Mogeni Oirere3
1Stephen Kahara Wanjau*, School of Computing and Information Technology, Murang’a University of Technology, Murang’a, Kenya.
2Geoffrey Mariga Wambugu, School of Computing and Information Technology, Murang’a University of Technology, Murang’a, Kenya.
3Aaron Mogeni Oirere, School of Computing and Information Technology, Murang’a University of Technology, Murang’a, Kenya.
Manuscript received on 11 April 2022. | Revised Manuscript received on 20 May 2022. | Manuscript published on 30 June 2022. | PP: 1-16 | Volume-10 Issue-7, June, 2022. | Retrieval Number: 100.1/ijese.F25300510622 | DOI: 10.35940/ijese.F2530.0610722
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: Network Intrusion Detection Systems (NIDSs) have become standard security solutions that endeavours to discover unauthorized access to an organizational computer network by scrutinizing incoming and outgoing network traffic for signs of malicious activity. In recent years, deep learning based NIDSs have emerged as an active area of research in cybersecurity and several surveys have been done on these systems. Although a plethora of surveys exists covering this burgeoning body of research, there lacks in the literature an empirical analysis of the different hybrid deep learning models. This paper presents a review of hybrid deep learning models for network intrusion detection and pinpoints their characteristics which researchers and practitioners are exploiting to develop modern NIDSs. The paper first elucidates the concept of network intrusion detection systems. Secondly, the taxonomy of hybrid deep learning techniques employed in designing NIDSs is presented. Lastly, a survey of the hybrid deep learning based NIDS is presented. The study adopted the systematic literature review methodology, a formal and systematic procedure by conducting bibliographic review, while defining explicit protocols for obtaining information. The survey results suggest that hybrid deep learning-based models yield desirable performance compared to other deep learning algorithms. The results also indicate that optimization, empirical risk minimization and model complexity control are the most important characteristics in the design of hybrid deep learning-based models. Lastly, key issues in the literature exposed in the research survey are discussed and then propose several potential future directions for researchers and practitioners in the design of deep learning methods for network intrusion detection.
Keywords: Complexity Control, Empirical Risk Minimization, Hybrid Deep Learning, Network Intrusion Detection, Optimization.
Scope of the Article: Deep Learning