



























Data-driven methods have been widely used in network intrusion detection (NID) systems. However, there are currently a number of challenges derived from how the datasets are being collected. Most attack classes in network intrusion datasets are considered the minority compared to normal traffic and many datasets are collected through virtual machines or other simulated environments rather than real-world networks. These challenges undermine the performance of intrusion detection machine learning models by fitting models such as random forests or support vector machines to unrepresentative "sandbox" datasets. This survey presents a carefully designed taxonomy highlighting eight main challenges and solutions and explores common datasets from 1999 to 2020. Trends are analyzed on the distribution of challenges addressed for the past decade and future directions are proposed on expanding NID into cloud-based environments, devising scalable models for larger amount of network intrusion data, and creating labeled datasets collected in real-world networks.
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。