E. RQ5: Method Perform Best for IDS V.

CONCLUSION AND FUTURE WORKS

According to the study [23] have reported that ANN via
classification work very well. On the other hand, many IDS
methods are proposed for various types of network attacks
using a machine learning approach, but most of them are
unable to detect recent unknown attacks [24]. However, the
application of a strong IDS network security framework with
the data mining approach is the best solution for maintaining
the integrity, availability, reliability of data and services
available on the web [25]. Moreover, there are some methods
can be applied to bulid an IDS such as SVM, NN, DT and
each other. SVM seems to be a method can used in attack
detection models that have relatively high efficiency and
effective [26], [6], [27], [28], [17]. SVM is the best
classification algorithm and can be applied on real time
traffic [14]. But, its lengthy training time restricts its usage
[11]. In addition, SVM mainly works on single-view data,
whereas single-view training may cause over-fitting
problems when there are only small size training samples
[18].
F. RQ6: Proposed Method Improvement for IDS
There are several researchers who have proposed
techniques and methods to improve detection accuracy using
machine learning classifier for IDS [26]. Eventhough various
intrusion detection methods have been proposed, but most of
them are unable to detect recent unknown attacks. Whereas
the others methods can not detect the intrusion as real-time
as [24]. The recent years, there are techniques proposed try
increase to detection accuracy on IDS: 1) ensembling
machine learning methods [1], [18], [14]. 2) using boosting
algorithm [11], [29], [30]. 3) combined feature selection
algorithm [20]. Based on these results, until now there is no
proven method that is consistently accurate in overcoming
these challenges. So, there are still opportunities to build
intrusion detection models using more accurate and reliable
classification algorithms.
To find out the latest trends regarding the techniques,
methods and datasets used by researchers in the IDS field, a
literature review is necessary. After conducting literature
reviews on articles published in 2016 to 2020 in several
reputable journals, 62 articles were finally obtained
discussing research related to IDS. This literature review is
conducted systematically which is known as systematic
literature review (SLR).
Based on an analysis of selected primary studies,
research in the IDS field currently focuses on seven
techniques, there are: clustering, estimation, classification,
association, prediction, statistic, and dataset analysis. The
total distribution of intrusion detection techniques on the
research studies most use classification techniques as much
as (81%), clustering (8%), estimation (3%), dataset analysis
(3%), prediction (2%), association (2%) and the minor
research covered only 1% for statistic. In addition, the
research studies used public datasets as 79% and private
datasets as 21%.
Eighteen methods/algorithms have been implemented on
IDS topic. Then, there are six methods most implemented in
IDS, they are: k-NN (7%), RF (7%), NB (15%), DT (17%),
NN (20%), and SVM (34%). Several researchers proposed
some techniques and methods to improve the accuracy of
machine learning classifier on IDS. Specifically using
ensembling some machine learning methods, using boosting
algorithm, bagging algorithm, stacking algorithm, etc. So,
future work may ensemble classifier methods can tackle the
classification problem and can improve accuracy in detecting
intrusions.
ACKNOWLEDGMENT
We are mainly thanks to “Lembaga Pengelola Dana
Pendidikan (LPDP)” who funded this research. Grateful to
an ICICoS 2020 committee and four reviewer for their
comments and suggestions wich helped improve the paper
greatly.

TABLE II. THE LIST OF PRIMARY STUDIES IN THE FIELD OF INTRUSION DETECTION SYSTEM (IDS)

Years Ref. Publications Datasets Methods (Algorithm) Techniques

2016 [18] Computers & Security Public J48 (Decision Tree), SVM, Naïve Bayes, RBFNetwork, IBK (KNN) ensemble (J48+Naïve Classification
Bayes), Ensemble (J48+SVM), Ensemble (J48+IBK).
[23] Computers & Security Public ANN (Artificial Neural Network) Classification
[24] Journal of Supercomputing Public J48, REPTree, random forest tree, conjunctive rule, SVM, and Naïve Bayes Classification
[31] Journal of Supercomputing Private C4.5 (Decision Tree) Classification
[25] Microsystem Technologies Public ANN (Artificial Neural Network) Classification
[32] International Journal of Fuzzy Systems Public FIS: Fuzzy Inference Systems Classification
2017 [33] Computers & Security Public Genetic algorithm, Logistic Regression Classification
[12] Computers & Security Public DT: Decision Tree, Compare Entropy Estimation
[26] Expert Systems with Applications Public SVM, K-Means Classification
[6] Knowledge-Based Systems Public SVM Classification
[34] Measurement: Journal of the International Measurement Private Bayesian Games Classification
Confederation
2018 [35] Chaos, Solitons & Fractals Public k-NN Classification
[27] Computers & Electrical Engineering Public SVM, Naïve Bayes, Decision Tree Classification
[2] Computers & Security Public K-Means, uzzy C-Means Clustering
[36] Computers & Security Private Bayesian Games Classification
[37] Computers & Security Public - Dataset
Analysis
[28] Future Generation Computer Systems Public SVM Classification
[14] Future Generation Computer Systems Private Decision Tree, SVM, K-NN, Ensemble Prediction
[17] Knowledge-Based Systems Public SVM Classification
[38] Journal of Supercomputing Private Decision Tree, SVM, Naïve Bayes Classification
[11] Soft Computing Public SVM Classification
[10] EURASIP Journal on Wireless Communications and Networking Private Apriori Clustering
[39] Cluster Computing Public Naïve bayes, C4.5, SVM, EMSSVM, IREMSVM Classification
2019 [40] IEEE Access Public Random Forest (RF) Classification
[41] IET Networks Public Hidden Markov Model (HMM) Estimation
[30] IEEE Access Public Neural Network Classification
[42] IEEE Latin America Transactions Private ANN, K-Means Classification
[43] IEEE Internet of Things Journal Public Neural Network Classification
[8] Applied Soft Computing Journal Private SVM Classification
[44] Applied Soft Computing Journal Public SVM, Rule Base, Neuro Fuzzy Classification
[45] Applied Soft Computing Journal Public CNN: Convolutional Neural Network Classification
[7] Computer Communications Public Random Forest Classification
[9] Computer Networks Private Naive Bayes Classification
[3] Computers & Electrical Engineering Public Naive Bayes, Deep Neural Network Classification
[1] Computers & Security Public SVM Classification
[46] Computers & Security Public C4.5, Bayesian Network (BN) Classification
[20] Journal of Network and Computer Applications Public Decision Tree (ID3), SVM Classification
[15] Vehicular Communications Private GUSUM (Cumulative Sum) Statistic