A comprehensive review on detection of cyber-attacks: Data sets, methods, challenges, and future research directions
Date
2022
Authors
Journal Title
Journal ISSN
Volume Title
Publisher
ScienceDirect
Open Access Color
OpenAIRE Downloads
OpenAIRE Views
Abstract
Rapid developments in network technologies and the amount and scope of data transferred on networks are increasing day by day. Depending on this situation, the density and complexity of cyber threats and attacks are also expanding. The ever-increasing network density makes it difficult for cyber-security professionals to monitor every movement on the network. More frequent and complex cyber-attacks make the detection and identification of anomalies in network events more complex. Machine learning offers various tools and techniques for automating the detection of cyber attacks and for rapid prediction and analysis of attack types. This study discusses the approaches to machine learning methods used to detect attacks. We examined the detection, classification, clustering, and analysis of anomalies in network traffic. We gave the cyber-security focus, machine learning methods, and data sets used in each study we examined. We investigated which feature selection or dimension reduction method was applied to the data sets used in the studies. We presented in detail the types of classification carried out in these studies, which methods were compared with other methods, the performance metrics used, and the results obtained in tables. We examined the data sets of network attacks presented as open access. We suggested a basic taxonomy for cyber attacks. Finally, we discussed the difficulties encountered in machine learning applications used in network attacks and their solutions.
Description
ORCID
Keywords
Adversarial machine learning; Cyber attacks; Cyber security; Deep learning; Geometric deep learning; Intrusion detection; Machine learning
Turkish CoHE Thesis Center URL
Fields of Science
Citation
WoS Q
Q1
Scopus Q
Source
Internet of Things
Volume
20