Journal of Ambient Intelligence and Humanized Computing (2021) 12:497–514

https://doi.org/10.1007/s12652-020-02014-x

ORIGINAL RESEARCH

A survey of neural networks usage for intrusion detection systems

Anna Drewek‑Ossowicka1 · Mariusz Pietrołaj1 · Jacek Rumiński1

Received: 19 August 2019 / Accepted: 17 April 2020 / Published online: 12 May 2020
© The Author(s) 2020

Abstract
In recent years, advancements in the field of the artificial intelligence (AI) gained a huge momentum due to the worldwide
appliance of this technology by the industry. One of the crucial areas of AI are neural networks (NN), which enable commer‑
cial utilization of functionalities previously not accessible by usage of computers. Intrusion detection system (IDS) presents
one of the domains in which neural networks are widely tested for improving overall computer network security and data
privacy. This article gives a thorough overview of recent literature regarding neural networks usage in intrusion detection
system area, including surveys and new method proposals. Short tutorial descriptions of neural network architectures, intru‑
sion detection system types and training datasets are also provided.

Keywords Neural network · Deep learning · Machine learning · Intrusion detection system

1 Introduction implementation or improvement (Saied et al. 2016; Kang

Cyber security is an extremely important topic for contem‑
porary society. Instant access to the global network expose
individuals and organizations to cyber threats. For a while
now, various methods as firewalls and antivirus software
have been being used in order to protect both user’s privacy
and sensitive data (Choo 2011). Intrusion detection system
(IDS) represents another important area for cyber security.
IDS focuses on network traffic or particular computer envi‑
ronment analysis in order to identify signs related to mali‑
cious activity (Liao et al. 2013).
The recent rise of interest in the field of artificial intel‑
ligence (AI) resulted in major advancements of, among oth‑
ers, pattern recognition or anomaly detection mechanisms.
Neural networks (NN) are a common choice for such prob‑
lems and their usage is no longer held back. Mainly due to
increase of available computational power. Such situation
encouraged researchers to adapt NN architectures for IDS
* Anna Drewek‑Ossowicka
and Kang 2016; Yin et al. 2017).
This article presents the results of a literature survey con‑
cerning neural networks usage in the cyber security area,
specifically—intrusion detection systems. It is focused on
reviewing literature in the context of the appliance of par‑
ticular NN models in terms of intrusion detection systems.
NN became an emerging area of interest in machine learning
(ML) research activities, due to several breakthrough events,
like success of convolution neural network proposals for
ImageNet competition (Krizhevsky et al. 2012). This work
also describes and compares recent NN methods, models
used for defining new, refined IDS solutions, proposed in
the reviewed literature.
The main contributions of this paper are the following:
• Review of the most relevant recent papers—methods
proposal, surveys and tutorials for intrusion detection
systems.
• The main focus of neural network appliance for IDSs.
Other surveys known to authors generally focus on a
wider field of machine learning.

[email protected]
• Solid base of knowledge for future researchers in terms
Mariusz Pietrołaj of NN appliance to IDS.
[email protected]
• Stating and defining problems which have a challenging
Jacek Rumiński impact for related research.
[email protected]
1
Faculty of Electronics, Telecommunications and Informatics,
Gdańsk University of Technology, Gdańsk, Poland

13
Vol.:(0123456789)
498
This paper is organized in the following way. Section 2
describes background of the presented research. The third
chapter presents theoretical overview of IDS and NN related
terms. Section 4 gives a summary of datasets that are used
for IDSs, including custom solutions that we came across
during our research. Next, the fifth part of this paper reveals
the methodology of the literature review and decisions
made during that process. Section 6 includes the results
of our literature review, including an overview of surveys,
new method proposals and other papers with categoriza‑
tion based on AI area and IDS focus. Section seven covers
NN security. The last, eighth part presents our conclusion
derived from the presented work.
2 Background
In our work we decided to focus mostly on neural network
appliances for modern IDSs. Based on the conducted review
and to our best knowledge, most surveys cover wide areas
such as machine learning and/or data mining (Buczak and
Guven 2016), not only neural networks. Additionally, some
of them are older than 2015, which is our limit for searching
the papers (Ahmad et al. 2009; Shah and Trivedi 2012; Vin‑
churkar and Reshamwala 2012). Such approach can be lim‑
ited in terms of describing specific architectures or network
models used for threats detection. Another important aspect
is also a role of NN in particular solution as it can be used
for classification or e.g. reduction of data dimension, which
is proved by available hybrid IDS methods (Pandeeswari
and Kumar 2016; Erfani et al. 2016; Al-Yaseen et al. 2017).
It can be spotted that neural networks are one of the
most advancing technologies in terms of real-life influence.
Robust usage of NN in mobile solutions, automotive, IoT,
medical and military companies makes it an exciting tech‑
nology, which is highly adaptable by industry. All of these
have a high impact on number of analysis regarding NN
appliance for security and privacy branches including IDS
and network tracking tools.
Finally, due to rapid advancements in AI filed, new, more
efficient algorithms and NN specifications are described
(Almási et al. 2016). This is why focusing on the latest
experiments is so important.
3 Intrusion detection systems and machine
learning
3.1 Intrusion detection system
Intrusion detection systems are entities for auditing sys‑
tems and network operations against hostile actions and
policy violations (Tran et al. 2018). The IDS model
13
A. Drewek‑Ossowicka et al.
was described firstly in 80s, by, among others, Denning
(1987). IDSs can be divided into categories using several
approaches. First two types are: network-based and host-
based, depending on where the intrusive behavior may be
observed. Network-based IDSs monitor and analyze net‑
work traffic and are focused on network security. Host-
based IDSs identify malicious activities by monitoring
processes and system events on the software environment
that is related to particular computer (Camastra et al. 2013;
Buczak and Guven 2016).
Another division of types of IDSs is based on the data
analytics approaches, which have been used: signature-
based (misuse-based), anomaly-based and hybrid. Signa‑
ture-based approach analyses network packets or data from
particular system (e.g. logs) in order to find signatures, pat‑
terns which are characteristic for intrusive behavior. This
type of technique is significantly more effective in terms of
known attacks as it leverages previously labelled data from
database. Although it is characterized by being simple and
effective method, it cannot recognize unknown attacks and
requires frequent database updates (Liao et al. 2013; Modi
et al. 2013; Lin et al. 2015; Buczak and Guven 2016).
Anomaly-based approach analyzes data in order to recog‑
nize abnormal situations, that differs from normal network
and system behaviors. This kind of ability may be achieved
based on previously provided data, which were used to train
a particular algorithm. The described method is promising,
because, in contrast to previous technique, it enables finding
zero-day attacks. It also allows more robust customization
for a particular system or network. The significant draw‑
back in this case is the fact, that these kinds of techniques
are characterized by a high level of false positive alarms,
due to the fact that they are not based only on labelled data,
but taught to recognize anomalies based on previously pro‑
vided data, which may end up with finding situations that are
anomalies, but not necessarily cyber security attacks (Liao
et al. 2013; Camastra et al. 2013; Buczak and Guven 2016;
Besharati et al. 2019).
Hybrid techniques are combinations of signature and
anomaly detection. Such method is created in order to com‑
bine the advantages of both previous solutions—to minimize
false alarm results and also raise detection effectiveness for
known attacks (Buczak and Guven 2016).
A comprehensive review conducted by Liao et al. (2013)
marks out also some additional types, like wireless-based,
network behavior analysis, mixed IDS and stateful protocol
analysis. Wireless-based IDS is analogous to network-based,
it captures wireless traffic. Network behavior analysis sys‑
tem analyses network traffic to find malicious attacks with
not expected traffic flows. Mixed IDSs combine multiple
technologies to provide a more comprehensive and accu‑
rate intrusion detection. Stateful protocol analysis, on the
other hand, is used to analyze specific states of the particular
A survey of neural networks usage for intrusion detection systems 499

Table 1  Summary of some of IDSs types (Liao et al. 2013)

IDS Detection area Host-based

Network-based
Wireless-based
Network behavior analysis
Mixed
Detection methodology Signature-based
Anomaly-based
Stateful protocol analysis

network protocol, to find potentially harmful patterns. (Liao

et al. 2013) (Table 1).
Camastra et al. (2013) presents also the categorization of Fig. 1  The simple architecture of a three layer feed-forward neural
network (LeNail 2019). Created using a program distributed with
machine learning and soft computing (SC) approaches used
MIT license: https​://githu​b.com/alexl​enail​/NN-SVG and described
for IDS modeling. Four groups of ML and SC are described: in the article under CC-BY license: https​://joss.theoj​.org/paper​
supervised learning-based approaches, unsupervised learn‑ s/10.21105​/joss.00747​.pdf
ing-based approaches, statistical modeling-based approaches
and ensemble-based approaches. First approach is used for
hence the name. Figure 2 depicts a simple diagram of NN
detecting attacks that are known, while unsupervised tech‑
learning process including backpropagation step. With a
niques works for new intrusions. Statistical modeling-based
proper number of neurons and hidden layers, MLP should
approach is used for monitoring user behavior and assess‑
be able to learn quite accurate approximation of a relation
ing whether it differs anyhow from the behavior defined as
function between input and output data.
‘normal’. Ensemble-based approaches on the other hand,
Recurrent neural network (RNN) presents an extension of
combine several models in order to improve efficiency and
standard feed-forward NN that leverages time and sequence
accuracy.
dependencies. The main difference introduced by RNN
architecture is a cyclic neuron connection, which enables
3.2 Neural networks inference to take into consideration previous conditions of
neurons. This feature allows a network unit to remember its
In literature, it is not obvious to find unambiguous artificial previous state (Elman 1990). RNN is especially useful in the
neural network definition (Guresen and Kayakutlu 2011). area of language and video processing, where the context of
The accurate explanation is given by Haykin describing data sequence is highly relevant to the structure of the input
ANN as a “massively parallel combination of simple pro‑ data. A major obstacle for training RNN is a known problem
cessing unit which can acquire knowledge from the environ‑ of gradient exploding or vanishing (Kim et al. 2016).
ment through a learning process and store the knowledge
in its connections” (Haykin 1994; Guresen and Kayakutlu
2011). In general, it can be stated, that neural networks aim
to resemble inference of human brain.
Many different architectures of neural networks have been
applied for the domain of intrusion detection systems. The
most extensively used are described below (Veen 2016):
Multi-layer perceptron (MLP) is a feed-forward NN built
from single perceptrons, which are simple computational
models resembling biological neurons (Rosenblatt 1958).
The network consists of at least three fully connected layers
of perceptrons: input, hidden and output layer. The Fig. 1
presents a general example of such a network. Neurons
inside a particular layer have no connection with each other.
Supervised training of MLP usually uses backpropagation Fig. 2  The generalized learning process of artificial neural network,
algorithm based on the input and output examples provided including feedforward and backpropagation steps (LeNail 2019).
Created using a program distributed with MIT license: https​://githu​
to the network. The error between predicted and calculated b.com/alexl​enail​/NN-SVG and described in the article under CC-BY
results is back propagated to previous layers of the network, license: https​://joss.theoj​.org/paper​s/10.21105​/joss.00747​.pdf

13
500
Long short term memory (LSTM) has been presented as a
solution to difficulties related to RNN. LSTM helps to over‑
come the previously mentioned vanishing and the explod‑
ing gradient problem, existing in RNN. In order to avoid
weight conflicts this architecture introduces a new memory
cell (Hochreiter and Schmidhuber 1997). The structure of
such cell includes input, output and forget gates. The main
advantage of this architecture is the ability of the network to
learn over long sequences of data. This is why it is widely
used for text and video processing.
Autoencoder (AE) represents a variation of MLP used
in an unsupervised manner, although, as present by Fig. 3.,
the architecture of the network is quite similar. One of the
possible ways of using AE is compression or reduction of
input dimensionality. Input layer processes data to output
layer through limited number of hidden units, which create
a bottleneck in the network structure and encode provided
data (Bourlard and Kamp 1988). Decoding takes place in the
further layers till the output layer, which usually corresponds
with the number of neurons in the input layer. Such network
construction resembles a shape of an hourglass.
Sparse autoencoder (sparse AE) is a NN, which architec‑
ture is opposite to AE presented earlier. Instead of having a
bottleneck in the central part of the network, central hidden
layer is the one with the highest number of neurons, which
is depicted in Fig. 4 Sparse AE represents an example of
an unsupervised method for learning overcomplete features.
The proposed model consists of the encoder, the “sparsify‑
ing” logistics which is a non-linear data transformer, and the
decoder (Ranzato et al. 2007). This architecture is mostly
used in order to extricate features from a large set of unla‑
beled data.
Deep belief network (DBN) is an example of deep neural
network, which basically consists of stacked restricted boltz‑
mann machines (RBM) that communicate with each other.
RBM is a simple two layer neural network, that can gain the
Fig. 3  The architecture of an autoencoder (LeNail 2019). Created
using a program distributed with MIT license: https​://githu​b.com/
alexl​enail​/NN-SVG and described in the article under CC-BY
license: https​://joss.theoj​.org/paper​s/10.21105​/joss.00747​.pdf
13
A. Drewek‑Ossowicka et al.
Fig. 4  The architecture of a sparse autoencoder (LeNail 2019). Cre‑
ated using a program distributed with MIT license: https​://githu​
b.com/alexl​enail​/NN-SVG and described in the article under CC-BY
license: https​://joss.theoj​.org/paper​s/10.21105​/joss.00747​.pdf
knowledge about the probability distribution of particular
inputs. DBN tries to overcome the problem of not optimal
solutions achieved by commonly used gradient based learn‑
ing algorithms. An unsupervised greedy layer-wise learning
algorithm utilized by DBN focuses on training the network
part by part in order to find an optimal general solution (Liu
et al. 2017).
Convolutional neural network (CNN) is a deep neural
network consisted of multiple layers, as presented on Fig. 5
The main usage of CNN is image recognition, but with addi‑
tional architectural or input modifications, it can be used for
various other use cases. CNN in its design provides specific
functions for filtering layers as convolution and pooling. In
contrast to other NN architectures, not all of the layers in
CNNs are fully connected. Some neurons focus on a specific
group of data which helps to analyze or extract features for
a particular region of an image. As these NNs are usually
designed to deal with 2D shape, they are mostly used for
data or image classification (Lecun et al. 1998; Guo et al.
2016).
Extreme learning machine (ELM) is an example of
another modification of a standard feed-forward neural
network. The main purpose of this solution is to address
Fig. 5  An example of convolution neural network architecture
(LeNail 2019). Created using a program distributed with MIT license:
https​://githu​b.com/alexl​enail​/NN-SVG and described in the arti‑
cle under CC-BY license: https​://joss.theoj​.org/paper​s/10.21105​/
joss.00747​.pdf
A survey of neural networks usage for intrusion detection systems 501
bottlenecks that are slowing training process and come
mostly from using backpropagation based algorithms.
This method can speed up the training of the network up
to a thousand times with similar accuracy in comparison to
standard NN methods. Such result is achieved by random
connection between neuron layers and different learning
algorithm based on least square fit (Huang et al. 2006).
Self-organizing map (SOM)defines yet another NN mech‑
anism for unsupervised data aggregation. One of the goals
stated for SOM is a reduction of dimensional complexity of
input data. Due to that, such network architecture can find
specific clusters of categories in a large input database. In
contrast to the commonly used approaches, backpropagation
is replaced here with a competitive learning algorithm to
enable mapping of features (Kohonen 1982).
3.3 Other machine learning methods
Lots of research focuses on hybrid approaches to IDS, which
makes NN only a part of the final method. Several different
machine learning architectures are used in terms of IDS. The
examples that appear in the reviewed literature are using the
following other (ML) techniques:
K-nearest neighbors (K-NN) is a supervised learning
algorithm based on calculating the Euclidean distance
between given input data. K-NN method is commonly used
for classification of given collection. The simplicity of the
solution comes from categorization of the input according to
calculated Euclidean distances from the classified samples
from the training set. Based on that a particular element is
classified by the majority of types within K-nearest neigh‑
bors, hence the name (Cunningham and Delany 2007).
Support-vector machine (SVM)belongs to supervised
ML methods and is motivated through statistical learning
theory. The process of training SVMs relates to solving a
constrained quadratic optimization problem. The easiest
explanation of SVM execution can be stated as finding an
optimal hyperplane solution, that separates examples into
two separate groups. In case of 2D space such hyperplane
will be a straight line. Its main role is a binary classification
of a given data. When given unlabeled data SVM can be
used as a clustering mechanism (Evgeniou and Pontil 2001).
4 Datasets
Neural network training requires a significant amount of data
in order to approximate effective correlation between pro‑
vided input and expected results. This issue is particularly
noticeable in case of supervised learning. Unfortunately,
major part of publicly available datasets for IDSs is usually
quite old and do not provide ideal representation of network
traffic and possible threats. This obstacle might be resolved
by gathering data manually or using customized versions
of already available datasets. However, not having common
benchmark for new IDS implementations makes it difficult
to compare methods in terms of accuracy and false-positive
alerts.
The following section gives an overview of datasets avail‑
able for, among others, neural network training regarding
IDS implementation, that were used in discussed papers and
beyond. Some custom methods to generate training data are
mentioned as well (Narudin et al. 2016; Wang et al. 2017)
in order to help researchers find new ways to verify their
own IDSs.
4.1 Public datasets
4.1.1 DARPA 1998 and DARPA 1999
The Defense Advanced Research Projects Agency (DARPA)
datasets are treated as a basic, publicly available standard.
DARPA 1998 was introduced by Cyber Systems and Tech‑
nology Group of the Massachusetts Institute of Technology
Lincoln Laboratory (Lincoln Laboratory 1998; Lippmann
et al. 2000a, 2000b; Buczak and Guven 2016).
It was created based on (including both network and OS
data):
• TCP/IP network data.
• Solaris basic security module logs.
• Solaris file system dumps (root and user) (Buczak and
Guven 2016).
This dataset consists of network and operating system
data. The data was being gathered for 9 weeks, 7 for training
and 2 for testing set (Lippmann et al. 2000b).
DARPA 1999 is a successor of DARPA 1998. In this case,
data was being gathered for 5 weeks, 3 for training and 2 for
testing. The major distinction between them is an expanded
range of available attack scenarios (Lippmann et al. 2000a).
However DARPA 1998 and DARPA 1999 are usually pre‑
sented as commonly used datasets for experiments, during
our research we did not encounter new methods using them.
The possible reason behind it is, that those datasets turned
out to not be fully capable of simulating physical network
systems (McHugh 2000; Aljawarneh et al. 2018) and are
currently being replaced by newer proposals.
4.1.2 KDD Cup 1999
The KDD Cup 1999 dataset (KDD Cup 1999) is one of the
most often used datasets for evaluating IDSs. It utilizes TCP/
IP data from DARPA 1998 dataset. While DARPA 1998
13
502
consists of about 5 million records in training data and
around 2 million records in testing data, KDD Cup 1999
training part has around 4,900,000 connection vectors (Tav‑
allaee et al. 2009). Each vector has 41 features and is clas‑
sified as normal connection or an attack. Additionally it can
belong to one of four attack types (Tavallaee et al. 2009;
Dhanabal and Shantharajah 2015):
Denial of service (DOS)—a case when an attacker pur‑
posely uses victims resources with flood number of mali‑
cious request in order to make it unable to handle legitimate
calls to the service.
User to root (U2R)—rising normal user privileges to a
super user (root) by exploiting some vulnerabilities in the
attacked system.
Probe (probing)—exploring or examining victim or its
environment in order to gain information. Port scanning or
checking duration of connection are only a few examples.
Root to local (R2L)—access of an unauthorized entity to
a remote machine and gaining local privileges.
The 41 features are divided into three groups (Tavallaee
et al. 2009):
Basic features—general features for TCP connections.
Content features—features describing invalid behaviors
for single connections helping discovering R2L and U2R
attacks.
Traffic features—features defined using time window.
Besides huge popularity and number of available data,
KDD Cup 1999 struggles with problems. Some of them
were inherited from DARPA’98 dataset like the fact of being
fully synthetic dataset or lack of the examination of possible
dropped packets while the dataset was being created. KDD
Cup 1999 itself suffers also from not even distribution of the
attacks and record redundancy (Tavallaee et al. 2009). While
describing KDD Cup 99, we spotted, that one of the traffic
features—dst_host_same_src_port_rate—is described in lit‑
erature as “same_src_port_rate for destination host” (KDD
Cup 1999; Shanmugavadivu and Nagarajan 2011; Amiri
et al. 2011; Songma et al. 2012), while in KDD Cup 1999, to
our best knowledge, we could not find same_src_port_rate
feature, hence lack of description in Table 2.
4.1.3 NSL‑KDD
NSL-KDD is a dataset that was created to overcome the
issues of DARPA and KDD Cup 1999 datasets (Tavallaee
et al. 2009; Dhanabal and Shantharajah 2015). It was pro‑
posed by Tavallaee et al. (2009). The main advantages over
KDD Cup 1999 are (NSL-KDD 2009):
• Lack of redundant records in training set and no records
in testing set, that are duplicated.
• The number of records is feasible, so there is no need of
creating subsets of the dataset for the experiments.
13
A. Drewek‑Ossowicka et al.
• Inverse proportion number of particular records from
each difficulty level group to the percentage of records
in the original KDD Cup 1999 dataset.
NSL-KDD is still not perfect (due to problems that are
going to be listed in the next section), nevertheless can be
used for effective benchmarking for IDSs.
4.1.4 UNSW‑NB15
Extensive usage of KDD Cup 1999 and NSL-KDD datasets
resulted in discovering the following challenges:
• Missing some low footprint attack characteristics,
• Missing some traffic schemes (e.g. normal and modern),
• Discrepancy between distribution of particular data sets
(training vs. testing) (Moustafa and Slay 2016).
UNSW-NB15 was created as a response to the above
problems. It was created with the usage of an IXIA Perfect‑
Storm tool in the Cyber Range Lab of the Australian Centre
for Cyber Security (ACCS) (UNSW-NB15 2015; Moustafa
and Slay 2016). UNSW-NB15 consists of 49 features. There
are two attributes for the data provided: label (0 for nor‑
mal and 1 for otherwise) and attack_cat for attack category
(Moustafa and Slay 2016). There are five categories of fea‑
tures: Flow, Basic, Content, Time and Additional Generated
Features. The types of attacks are: Fuzzers, Analysis, Back‑
doors, DoS, Exploits, Generic, Reconnaissance, Shellcode,
Worms (Moustafa and Slay 2015, 2016) (Table 3).
4.1.5 Kyoto2006+
Another example of publicly available benchmark data
for IDS training and testing is Kyoto2006 + dataset. It pre‑
sents 24 different network related features which have been
extracted from servers placed at Kyoto University. 14 fea‑
tures are obtained from KDD Cup 99, while 10 other features
were newly added (Song et al. 2011). Data was gathered for
three years from 2006 to 2009 (Ambusaidi et al. 2016). It
was created as an alternative for KDD Cup 1999 (Song et al.
2011). There is also benchmark version described, which
contains 17 features (14 derived from KDD Cup 1999 and 3
additional) (Kyoto dataset 2015).
4.2 Other datasets
Some of the researchers decided to experiment with other
than any of presented above public datasets. Erfani et al.
(2016) used six real-life datasets and two synthetic ones.
The six real-life ones were received from the UCI Machine
Learning Repository:
A survey of neural networks usage for intrusion detection systems 503

Table 2  Features of individual TCP connections in KDD Cup 1999 (KDD Cup 1999; Amiri et al. 2011)
Feature Description

Basic features
Duration Connection length expressed in seconds
Protocol_type Type of connection protocol, e.g. udp
Service Destination network service, e.g. telnet
Flag Connection status—normal/error
Src_bytes Bytes from source to destination point
Dst_bytes Bytes from destination point to source
Land 1 or 0 – if connection is from the same host/port
Wrong_fragment Number of incorrect fragments
Urgent Number of packets marked as urgent
Content features
Hot “Hot” indicators—number
Num_failed_logins Failed logins attempted—number
Logged_in 1 or 0—if login trial was successful
Num_compromised “Compromised” conditions - number
Root_shell 1 or 0—if root shell was accessed
Su_attempted 1 or 0—if there was “su root” attempt
Num_root “Root” accesses—number
Num_file_creations File creation operations—number
Num_shells Shell prompts—number
Num_access_files Operations on access control files—number
Num_outbound_cmds Outbound commands in ftp conn—number
Is_hot_login 1 or 0—if login is on the “hot” list
Is_guest_login 1 or 0—if the login is classified as “guest”
Traffic features
Count Connections as current to the same host—number in the past two seconds
Srv_count Connections as current to the same service—number in the past two seconds
Serror_rate Connections having “SYN” errors—percentage
Srv_serror_rate Connections having “SYN” errors—percentage (service)
Rerror_rate Connections having “REJ” errors—percentage
Srv_rerror_rate Connections having “REJ” errors—percentage (service)
Same_srv_rate Connections to the same service—percentage
Diff_srv_rate Connections to different services—percentage
Srv_diff_host_rate Connections to different hosts—percentage
Dst_host_count Count for destination host
Dst_host_srv_count srv_count for destination host
Dst_host_same_srv_rate Same_srv_rate for destination host
Dst_host_diff_srv_rate Diff_srv_rate for destination host
Dst_host_same_src_port_rate Lack of detailed description
Dst_host_srv_diff_host_rate Srv_diff_host_rate for destination host
Dst_host_serror_rate Serror_rate for destination host
Dst_host_srv_serror_rate Srv_serror_rate for destination host
Dst_host_rerror_rate Rerror_rate for destination host
Dst_host_srv_rerror_rate Srv_rerror_rate for destination host

• Forest adult gas sensor array drift (Gas). and have dimensionalities of 54, 123, 128, 242, 315 and
• Opportunity activity recognition (OAR), 561 attributes. Synthetic datasets were “Banana” dataset,
• Daily and sport activity (DSA), created by mixing “two banana shaped distributions” and
• Human activity recognition using smartphones (HAR),

13
504 A. Drewek‑Ossowicka et al.

Table 3  UNSW-NB15—group of features and labels (Moustafa and It was used for Deep Belief Network to generate signatures
Slay 2015, 2016) for malware records.
Group of fea‑ Name Group of fea‑ Name An interesting example is provided by Du et al. (2017) -
tures tures HDFS log dataset and OpenStack log dataset. First comes
from Hadoop - based environment, second from the Open‑
Flow features srcip Time features sjit
Stack environment. Those datasets are particularly inter‑
sport djit
esting due to be some examples of datasets based on logs,
dstip stime
not network packets.
dsport ltime
Wang et al. (2017) present, on the other hand, an exam‑
proto sintpkt
ple of self-generate dataset called USTC-TFC2016. It con‑
Basic features state dintpkt
sists of two parts. First contains ten types of malware traf‑
dur tcprtt
fic from publicly accessible website, second contains ten
sbytes synack
types of non-malware traffic.
dbytes ackdat
Network traffic data can also be gathered by NetFlow,
sttl Additional is_sm_ips_ports
features which was created as Cisco router feature, as mentioned in
dttl ct_state_ttl
(Buczak and Guven 2016). Network flow in this understand‑
sloss ct_flw_http_mthd
ing is an order of packets sharing exactly the same packet
dloss is_ftp_login
features: IP protocol, source port, destination port, IP type of
service ct_ftp_cmd
service, ingress interface, source IP address and destination
sload ct_srv_src
IP address (Buczak and Guven 2016).
dload ct_srv_dst
Both approaches (public vs. private/privately generated)
spkts ct_dst_ltm
datasets have their pros and cons. In case of public datasets
dpkts ct_src_ ltm
it is possible to easily compare the results of the experiments
Content features swin ct_src_dport_ltm
with other methods results and benchmark particular solu‑
dwin ct_dst_sport_ltm
tions. On the other hand, those datasets are considered two
stcpb ct_dst_src_ltm
general and not flexible enough to address contemporary
dtcpb Labels attack_cat
smeansz
needs in terms of IDSs. Private datasets can be prepared for
label
dmeansz
specific experiment and better address particular needs, nev‑
trans_depth
ertheless they can be a subject of privacy concerns and have
res_bdy_len
too specific form, that is hard to be used on a wider scale.

5 Research method

the second one was “Smiley”—combination of Gaussians
and arc shaped distributions (Erfani et al. 2016).
Kang and Kang (2016) were working on the data created
by packet generator open car test-bed and network experi‑
ments (OCTANE) (Borazjani et al. 2014), which was able to
generate CAN (controller area network) packets, a standard
for in-vehicle network communication.
Narudin et al. (2016) focused on mobile malware
detection. They used two datasets: public (MalGenome)
and self-collected, private dataset. MalGenome consists
of 1260 malwares records categorized into 49 different
groups. It was gathered between 2010 and 2011 (Narudin
et al. 2016).
Saied et al. (2016) used artificial neural network for
detecting DDoS attacks. In order to generate datasets, they
built safe, realistic network, where they performed DDoS
attacks (TCP, UDP and ICMP protocols).
David and Netanyahu (2015) used an extensive dataset
provided by C4 Security with multiple malware categories.
This paper is designed for researchers, who need a complex
source of data concerning available literature in terms of
Neural Network usage for Intrusion Detection Systems. We
decided to review the newest scientific literature concern‑
ing the topic above. In order to achieve that, we performed
a systematic literature review. Google Scholar database was
used for performing research for two search strings: (1)
“intrusion detection system” AND “neural network”, (2)
“intrusion detection system” AND “neural networks”. We
did not include the word “artificial” in the search string, due
to the fact that in the articles NN are covered by both “neural
network(s)” and “artificial neural network(s)” phrase, so we
did not want to exclude accidentally any important articles.
Especially, taking into consideration the fact, that quite fre‑
quently, “Artificial Neural Network” term is used for par‑
ticular architecture, like multi-layer perceptron. These search
string were searched separately, due to lack of confirmation
that Google Scholar accepts any parenthesis in search strings
(Tay 2015). Publish or Perish software (Harzing 2007) was

13
A survey of neural networks usage for intrusion detection systems 505
used to perform the queries due to the ease of exporting data
to Excel files, which was necessary to perform later review.
We searched for articles from between 2015 and 2019 and
sorted the results based on number of citations. The search
was performed on April 6th, 2019. The goal was to review
the literature that currently has the biggest influence and
we decided that citations count is a quite good indicator
of the potential paper impact, as the authors of other sur‑
veys/literature reviews proposed (Buczak and Guven 2016).
From each, sorted list (from each of two search strings) we
excluded patents and books in order to focus on journal and
conference papers. After exclusion we chose 50 positions
from each list and merged both lists. Majority of entries
were repeated so the final number of journals prepared for
abstract review was 62 articles. Next, we performed an
abstract review to assess if a particular article is relevant to
our research. The final list of articles for literature review
contained 34 articles (Fig. 6).
We are conscious that citation number is not flawless.
The older the paper is the bigger chance it obviously gets
to obtain high number of citations. That is why the decision
was to review papers from short time range. We are also
aware that survey and tutorials, due to its informative nature,
are getting high number of citations in general, hence in
the final summary they are presented in a separate category
(Table 4).
6 Results
The reviewed articles can be categorized into three separate
groups. First one consists of surveys focused on machine
learning algorithms usage for IDSs. It covers not only par‑
ticular examples of intrusion detection methods, but also
general knowledge about Artificial Intelligence and data‑
sets available for ML algorithms training. The second group
gathers all articles that focus on new methods proposals or
experiments including strict neural network usage and hybrid
solutions for IDSs. The third group, which depicts articles
Fig. 6  Number of the articles at each of manual literature review
steps
Table 4  Search criteria used for literature review
Search parameter Value
Database Google Scholar
Search date 06th of April 2019
Search strings “Intrusion detection
system” AND “neural
network”
“Intrusion detection
system” AND “neural
networks”
Timeline 2015–2019
Sorting Highest citation count
Document type Journals
Conference papers
that cannot be categorized into one of two first groups. Ten
articles have been marked as other as they focus mostly on
datasets itself or machine learning methods, which are not
strictly related to NN. For the purpose of this research we
decided to include them as well as they present a wider range
of available IDS solutions. The below chart summarizes
ratio of the reviewed articles (FIg. 7):
6.1 Surveys
During the conducted literature review we came across cou‑
ple of surveys regarding possible IDS implementations or
enhancements with usage of Artificial Intelligence. Most of
the articles present a good theoretical machine learning and
IDSs background for researchers interested in this field. Nev‑
ertheless, neural networks are usually treated only as a small
part of available solutions. It is also worth mentioning, that
papers that emphasized recent advancements in deep learn‑
ing were able to depict a wider area of NN field.
Having in mind how important the aspect of datasets is
for NN related methods, we decided to review mentioned
surveys in terms of described or proposed datasets. This
shows, that besides long-serving databases as KDD Cup
1999, NSL-KDD etc. it is hard to define reliable dataset for
Fig. 7  The categories of the final group of the reviewed articles
13
506 A. Drewek‑Ossowicka et al.

Table 5  Summary of reviewed surveys

Authors Citations AI area focus Datasets focus Summary Year
(6th Apr 2019)

Buczak and Guven (2016) 423
Agrawal and Agrawal (2015) 139
Fadlullah et al.. (2017) 117
Narudin et al. (2016) 104
Kwon et al. (2019)
Machine learning and data mining: Netflow Detailed overview of available 2016
Neural networks DARPA 1998 data mining and Machine Learn‑
Association and fuzzy associa‑ DARPA 1999 ing methods including com‑
tion rules, KDD Cup 99 parison of datasets, performance
Bayesian network, NSL-KDD comparisons and recommenda‑
Clustering, tions against IDS implementa‑
Decision trees, tion
Ensemble learning,
Evolutionary computation,
Hidden Markov models,
Inductive learning
Naïve Bayes,
vSequential pattern mining,
Support vector machine
Clustering: N/A Overview of available Data 2015
k-means, Mining techniques and hybrid
k-medoids, methods with examples that have
EM clustering, been implemented for IDSs.
Outlier detection algorithms Focused on Anomaly Detection
classification:
Classification tree,
Fuzzy logic,
Naïve Bayes network,
Genetic algorithm,
Neural networks,
Support vector machine
hybrid:
Cascading supervised techniques,
Combining supervised and unsu‑
pervised techniques
Machine learning and deep learn‑ N/A Overview of deep learning archi‑ 2017
ing: tectures and their appliances for
Convolutional NN network related traffic control
Recurrent NN
Long short term memory NN
Stacked auto-encoder
Deep Boltzmann machines
Deep reinforcement learning
Machine learning: MalGenom Focus on mobile malware detec‑ 2016
Random forest Custom, self- tion also with usage of IDS.
J48 collected Overview of possible appliances
Multi-layer perceptron database of described methods and their
Bayesian network verification on chosen datasets.
k-NN It is not a classic survey, rather
evaluation of existing methods –
authors decided to keep it in this
category, as to our best under‑
standing it provides evaluation
for machine learning classifiers
51 Deep learning and machine learn‑ KDD Cup 99 Overview of multiple methods of 2017
ing: NSL-KDD data dimensionality reduction
Restricted Boltzmann machine and possible DL appliances to
Deep belief network IDS enhancement. Authors per‑
Deep neural network formed also an experiment with
Recurrent neural network Fully Connected Network model
for NSL-KDD dataset

13
A survey of neural networks usage for intrusion detection systems 507
benchmarking that could be used across all reviewed solu‑
tions. UNSW-NB15 is an example of the newer one.
Table 5 briefly summarizes surveys that were finally cho‑
sen for review in our research. As mentioned before, we
decided to focus on two major aspects, which are AI area
and datasets described in a particular paper. This gives a
good base for further data gathering or research in terms of
NN and IDSs.
Not all ML techniques have been thoroughly explained in
this paper. The number of proposed solutions is so high, that
we decided to list them in the table and redirect our readers
to a specific article.
6.2 New methods proposals and experiments
Major part of the reviewed articles presents new methods
for IDSs, based on neural network or performed experi‑
ments. The below table summarizes NN architectures used
by researchers. Additionally, dataset used for method vali‑
dation is stated. We did not perform accuracy comparison
of the proposed solutions. Such comparison might be not
informative due to different datasets or data subsets that
were used. Additionally there are some differences during
data preparation steps or type of attacks detected by particu‑
lar IDS. Due to vast variety of available methods proposal,
only part of the below algorithms or NN architectures have
been described in this article. For each listed publication,
column “method used” enlist general mechanism used by the
particular solution. For more details the reader is redirected
to the related paper (Table 6).
6.3 Other related papers
Some of the papers that we reviewed could not be easily
classified to the category of surveys or new method propos‑
als/experiments. In this group we placed works that present:
• Interesting IDS enhancing methods, that are not directly
connected to neural networks,
• Papers that focus on datasets itself.
However, this paper focuses on NN based IDSs, we think
that mentioning most cited ML based solution might be
beneficial for future research. As we presented, quite often
hybrid methods are used instead of plain NN. Although
those articles do not match exactly our criteria of research,
we found them useful in terms of appliance in the field of
IDS.
Publications focusing on comparison and analysis of the
datasets might be especially helpful as number of public
training data for IDS is quite limited. Extended knowledge
on structure and possible challenges of these common
learning sets might enable researchers to improve the accu‑
racy of the proposed solutions (Table 7).
7 Security concerns
In this paper, we present the overview of the latest literature
concerning NN usage in IDSs. While describing this topic,
it is important to highlight, that IDS can be itself a subject
of security attack (Corona et al. 2013). Also machine learn‑
ing based solutions usage in modern IDS architecture can
raise security concerns. Appliance of machine learning in
cybersecurity area may result in undesirable inheritance of
its flaws by NN based IDSs and new vectors of attacks.
Corona et al. (2013) provided an interesting taxonomy
proposal for adversarial attacks against Intrusion Detection
Systems in general. The types of attacks that can directly
harm NN based IDSs are, among others poisoning and eva‑
sion (Corona et al. 2013; Pitropakis et al. 2019). The first
type of attacks concerns manipulating training data in order
to decrease algorithm’s performance, resulting in, for exam‑
ple, misclassification (Baracaldo et al. 2018). This obviously
concerns wide usage of ML algorithms, not only in IDSs
(Baracaldo et al. 2018). Evasion attacks, on the other hand,
are focused on the testing phase of the algorithm. Pitropakis
et al. (2019) provide an example of such attack in the con‑
text of NN and IDSs. They describe experiment prepared by
Demetrio et al. (2019), where the evasion black-box attack
was performed against convolutional neural network, in
order to compromise its classification possibilities (Pitropa‑
kis et al. 2019).
Another classification of attacks that can be performed on
ML based IDSs is differentiation between black-box, gray-
box and white-box attacks (Darvish Rouani et al. 2019). In
case of black-box attacks, intruder has no knowledge about
the ML algorithm or model. Gray-box attacks involves only
knowledge about ML algorithm or model, but without any
information about model parameters. In terms of white-box
attack – the attacker has knowledge about all of the above
(Darvish Rouani et al. 2019).
The most important thing is, how IDSs that use ML in
general (including NN), can be defended from adversarial
attacks. One of the solutions for defending from poisoning
attack is training data manipulation, nevertheless it can cost
increased computational resources (Corona et al. 2013). One
of the proposals in the literature for NN defense in general is
Mixup, which, among others, helps to act against adversar‑
ial examples (Zhang et al. 2018; Stewart 2019). Yuan et al.
(2019) presented a classification of two types of defense
strategies against adversarial examples: reactive and proac‑
tive. The first type consists of adversarial detecting, input
reconstruction and network verification, while the second
13
 Table 6  List of reviewed new IDS method
508

Authors Citations Dataset Method used IDS focus Summary Year

(6th Apr 2019)

13
Erfani et al. (2016) 198
Ashfaq et al. (2017) 187
Javaid et al. (2016) 142
Kang and Kang (2016) 120
Tang et al. (2016)
Saied et al. (2016)
Aljawarneh et al. (2018)
Ozay et al. (2016)
Six real-life and two synthetic Hybrid: N/A New method proposal of 2016
datasets (not network related) DBN - reduction of data unsupervised dimensionality
dimensionality reduction. No example on
SVM – anomaly detection network traffic database has
been presented.
NSL-KDD Hybrid: DOS Semi-supervised ML method. 2017
NN - preparation of fuzzy U2R Results compared with:
membership vector R2L J48, Naive Bayes, NB tree,
Fuzziness based algorithm- cat‑ PROBE Random forests, Random tree,
egorization Multi-layer perceptron,
SVM. Two-class classification:
normal vs. attack
NSL-KDD Hybrid: DOS ML method for IDS enhance‑ 2016
Sparse AE – unsupervised U2R ment – Self-taught learning. 2,
feature learning R2L 5 and 23 – class classification.
Soft-max regression - classifier PROBE
Generated with OCTANE simu‑ DBN VANET communication: Method for threats detection in 2016
lation software DNN Vehicle to vehicle automotive communication.
Vehicle to infrastructure
96 NSL-KDD Deep NN (three hidden layers) DOS Method based on six feature 2016
U2R subset from NSL-KDD.
R2L Comparison of results with:
PROBE J48, Naive Bayes, NB Tree,
Random Forest, Random
Tree, MLP, SVM. Focused on
Software Defined Networking
94 Generated with simulation of NN DDOS Supervised method for detec‑ 2016
DDOS attacks with special tion of known and unknown
tools. DDOS attacks in real time.
93 NSL-KDD Hybrid: DOS Method including variety of 2018
First - filtering data with Vote U2R available classifiers. Clear
algorithm R2L comparison of presented
Second: two of classifiers: PROBE mechanism in respect to pos‑
J48 sible attack types. Binary and
Meta pagging multiclass classification.
Random tree
REPTree
AdaBoostM1
Decision stump
Naïve Bayes
88 Generated test system for smart Various machine learning Smart grid related attacks Technical overview with perfor‑ 2016
grid techniques mance and accuracy compari‑
A. Drewek‑Ossowicka et al.

son of new ML methods for

smart grid attack detection
 Table 6  (continued)
Authors Citations Dataset Method used IDS focus Summary Year
(6th Apr 2019)

Yin et al. (2017)
Singh et al. (2015)
82 NSL-KDD Recurrent NN DOS Method including experiments 2017
U2R with different topologies of
R2L recurrent neural network.
PROBE Detailed comparison with
other ML methods as : J48,
Naïve Bayes, NB Tree Ran‑
dom Forest, MLP, SVM
79 NSL-KDD Online sequential extreme DOS Methodology with reduced 2015
Kyoto 2006+ learning machine (OS-ELM) U2R computational time and mem‑
R2L ory requirements. Multiple
PROBE topology of proposed neural
network architecture are pro‑
posed based on manipulation
of neurons count in hidden
layer. Results of the proposed
technique are compared with:
A survey of neural networks usage for intrusion detection systems

ANN, AdaBoost, Native

Bayes and ELM
Kim et al. (2016) 74 KDD Cup 1999 LSTM + RNN DOS ML method with training data 2016
U2R based on KDD Cup 99 subset.
R2L The article includes experi‑
PROBE mentation on NN param‑
eters in order to improve the
proposed solution. Results are
compared with: GRNN, PNN,
RBNN, KNN, SVN, Bayesian
Hodo et al. (2016) 66 Internet packets NN DOS Method focused on IoT security 2016
DDOS against DoS and DDoS
attacks. The solution is vali‑
dated based on a simulated
IoT Network
Pandeeswari and Kumar (2016) 62 KDD Cup 1999 Hybrid: DOS Hybrid method proposed for 2016
Fuzzy means clustering (FMC) U2R cloud environments. Results
- clustering of incoming data R2L compared with: Naïve Bayes
NN - trained based on FMC PROBE and ANN
output

13
509
 Table 6  (continued)
510

Authors Citations Dataset Method used IDS focus Summary Year

(6th Apr 2019)

13
De la Hoz et al. (2015) 61 NSL-KDD Hybrid: DOS Unsupervised hybrid method 2015
Principal component analysis U2R for Intrusion Detection Sys‑
(PCA) / Fisher discriminant R2L tems including variation of
ratio (FDR) - feature selection PROBE hybrid classification methods
and noise removal based on SOM.
Self-organizing map - clas‑
sification
Du et al. (2017) 60 HDFS logs LSTM Suspicious activities: Method based on system logs 2017
OpenStack logs DOS as a training data. Verification
VAST challenge 2011 (testing) Port scan done also on VAST challenge
Socially engineered attack 2011 dataset
Undocumented IP address
Shone et al. (2018) 56 KDD Cup 99 Non-symmetric deep AE DOS Method based on stacked AE 2018
NSL-KDD Random forest U2R and Random Forest. Extensive
R2L comparison with DBN results
PROBE per each network threat
defined in KDD dataset
Alom et al. (2015) 50 NSL-KDD DBN DOS Method plainly using DBN. 2015
U2R According to authors it
R2L achieves better accuracy than
PROBE SVM and DBN-SVM based
solutions with only subset of
NSL-KDD database used as a
training input
Wang, et al. (2017) 47 Self-created USTC-TFC2016 CNN 10 types of normal traffic, e.g. Method taking network traffic 2017
Gmail data as images - training input
10 types of malware traffic, e.g. for CNN. Using raw traffic
Cridex data. The paper includes new
data set of network traffic cre‑
ated by authors called USTC-
TFC2016 (around 3.71 GB)
along with data preprocessing
toolkit called USTC-TK2016
Alheeti et al. (2015) 46 Generated with simulation NN VANET communication (DOS): IDS method for DOS detection 2015
tools: SUMO and MOVE Vehicle to vehicle in VANET infrastructure
Vehicle to infrastructure
A. Drewek‑Ossowicka et al.
A survey of neural networks usage for intrusion detection systems 511

Table 7  Other reviewed papers

Authors Citations AI Area Dataset focus Summary Year
(06.04.2019)

Lin et al. (2015) 214 Cluster center and nearest KDD Cup 99 Proposal of a new ML feature 2015
neighbor approach (CANN). representation method based
Contains k-NN on cluster center and nearest
neighbor approach
Aburomman and Ibne Reaz 132 Hybrid: KDD Cup 99 Hybrid machine learning 2016
(2016) SVM method trained with random
k-NN subsets of KDD Cup 99
dataset. Several ensemble
approach usage
Moustafa and Slay (2016) 125 N/A KDD Cup 99 Comparison of databases in 2016
NSL-KDD terms of complexity and
UNSW-NB15 usability for ML related
techniques applied to IDSs
Vasilomanolakis et al. (2015) 116 Neural Networks: N/A Overview of Collaborative 2015
HIDE method IDSs approaches and pos‑
Several other Collaborative sible network related threats
IDS architectures
Ambusaidi et al. (2016) 111 Least square SVM KDD Cup 99 Supervised filter-based 2016
NSL-KDD feature selection algorithm
Kyoto2006 + is presented for finding opti‑
mal data features for further
classification
Dhanabal and Shantharajah 97 Machine learning: NSL-KDD A thorough analysis of NSL- 2015
(2015) J48 KDD database for IDS
SVM appliance. Additionally ML
Naïve Bayes techniques are used in order
to check NSL-KDD usabil‑
ity as a training data
Weller-Fahy et al. (2015) 72 Machine Learning N/A Overview of multiple meth‑ 2015
ods defining similarity and
distance measures in area of
Network Intrusion Anomaly
Detection
Iglesias and Zseby (2015) 61 Machine learning: NSL-KDD Proposal of multi-stage fea‑ 2015
Decision tree classifiers ture selection method based
Naïve Bayes on stepwise regression
k-NN wrappers and filters
ANN
SVM
David and Netanyahu (2015) 61 DBN Custom malware database Novel method of malware 2015
signature detection based on
network traffic and host logs
Ingre and Yadav (2015) 48 NN NSL-KDD Evaluation of NSL-KDD 2015
performance using NN
related method for binary
and five-class classification
for each attack type

type contains network distillation, adversarial training and 8 Conclusions

classifier robustifying.
Defensive techniques for Neural Network adversarial
attacks seem to be discussed in the literature very recently.
This highlights the importance of the topics for contempo‑
rary Neural Network usage.
The paper summarizes the literature review performed in
order to present neural network architectures usage for intru‑
sion detection systems. We decided to perform it, as cyber
security tends to be an emerging research topic and constant
progression in the Neural network area is a fact. Neural net‑
work architectures are widely used for creating new models

13
512
for IDSs. Nevertheless, it is significant that they are quite
often combined with other ML techniques in hybrid mod‑
els, which show themselves as quite efficient solutions. Pure
NN solutions may seem to be not sufficient to create highly
operational solutions.
There is also a long-lasting challenge with available data‑
sets for performing experiments for IDSs. There are several
public datasets described in these articles, but all of them
have their drawbacks, like age or record redundancy. They
are also not always representative for real-life data. But on
the other hand, due to be publicly available, they enable
researchers to perform comparable benchmarking. Some
experiments are being executed based on self-generated
datasets. They may be more suitable for particular research‑
ers groups need, but they are subject to privacy concerns.
One another important observation that came from out
literature review, is the fact that NN are also quite often
used for working on reduction of dimensionality of the data,
generating signatures for datasets or general working on data
preparation. High-dimensionality of data can cause inability
of an effective training of ML algorithm and this is being
currently spotted in the newest articles.
Quite significant is that nowadays researchers are look‑
ing for effective solutions for other fields then only “clas‑
sic” computer network. Intrusion detection systems are now
applied to the areas like internet of things, clouds, auto‑
motive, smart grids and mobile communication. Those all
topics were covered by the articles we reviewed, simultane‑
ously being emerging technological areas, where cyberse‑
curity plays a crucial role. Therefore it is clearly shown that
approaching challenges will be connected to the fact that
new network protocols and network types are being created.
One of the biggest challenges we can see ahead in terms
of intrusion detection systems is to have a possibility of
creating system that could be reactive to any new and low
frequent attacks. Currently available public databases are
not a sufficient base for such a use case. One of the promis‑
ing approaches that can be taken is focusing on particular
types of attacks and preparing solution directly for them, as
showed in couple of reviewed papers. This could make pro‑
posed solutions more adaptive to new types of threats. Addi‑
tionally, what would have to be addressed is the enormous
amount of data that are processed every day in the world.
IDSs that will be created in future will have to be resistant
to the problems connected with data volume.
It is worth to highlight that only basis of security implica‑
tions of NN usage in IDSs are covered in this article. This is
an important area of research that should not be neglected
at the expense of studies on precision and performance of
NN based IDSs.
Based on the conducted review we tried to create a coher‑
ent source of knowledge about NN appliance for IDSs. This
work is meant as an overall introduction for future work in
13
A. Drewek‑Ossowicka et al.
the field. We hope that all the solutions and datasets enlisted
in this paper will enable researchers for more efficient and
influential work regarding new IDS proposals.
Open Access This article is licensed under a Creative Commons Attri‑
bution 4.0 International License, which permits use, sharing, adapta‑
tion, distribution and reproduction in any medium or format, as long
as you give appropriate credit to the original author(s) and the source,
provide a link to the Creative Commons licence, and indicate if changes
were made. The images or other third party material in this article are
included in the article’s Creative Commons licence, unless indicated
otherwise in a credit line to the material. If material is not included in
the article’s Creative Commons licence and your intended use is not
permitted by statutory regulation or exceeds the permitted use, you will
need to obtain permission directly from the copyright holder. To view a
copy of this licence, visit http://creat​iveco​mmons​.org/licen​ses/by/4.0/.
References
Aburomman AA, Ibne Reaz MB (2016) A novel SVM-kNN-PSO
ensemble method for intrusion detection system. Appl Soft Com‑
put 38:360–372. https​://doi.org/10.1016/j.asoc.2015.10.011
Agrawal S, Agrawal J (2015) Survey on anomaly detection using data
mining techniques. Procedia Comput Sci 60:708–713. https​://doi.
org/10.1016/j.procs​.2015.08.220
Ahmad I, Abdullah AB, Alghamdi AS (2009) Artificial neural net‑
work approaches to intrusion detection: a review. In: Proceed‑
ings of the 8th Wseas International Conference on Telecom‑
munications and Informatics. World Scientific and Engineering
Academy and Society (WSEAS), pp 200–205
Al-Yaseen WL, Othman ZA, Nazri MZA (2017) Multi-level hybrid
support vector machine and extreme learning machine based on
modified K-means for intrusion detection system. Expert Syst
Appl 67:296–303. https​://doi.org/10.1016/j.eswa.2016.09.041
Alheeti KMA, Gruebler A, McDonald-Maier KD (2015) An intru‑
sion detection system against malicious attacks on the com‑
munication network of driverless cars. In: 2015 12th Annual
IEEE Consumer Communications and Networking Conference
(CCNC). pp 916–921
Aljawarneh S, Aldwairi M, Yassein MB (2018) Anomaly-based
intrusion detection system through feature selection analysis
and building hybrid efficient model. J Comput Sci 25:152–160.
https​://doi.org/10.1016/j.jocs.2017.03.006
Almási A-D, Woźniak S, Cristea V et al (2016) Review of advances
in neural networks: neural design technology stack. Neu‑
rocomputing 174:31–41. https ​ : //doi.org/10.1016/j.neuco​
m.2015.02.092
Alom MdZ, Bontupalli V, Taha TM (2015) Intrusion detection using
deep belief networks. In: 2015 National Aerospace and Electron‑
ics Conference (NAECON). pp 339–344
Ambusaidi MA, He X, Nanda P, Tan Z (2016) Building an intrusion
detection system using a filter-based feature selection algorithm.
IEEE Trans Comput 65:2986–2998. https​://doi.org/10.1109/
TC.2016.25199​14
Amiri F, Rezaei Yousefi M, Lucas C et al (2011) Mutual informa‑
tion-based feature selection for intrusion detection systems. J
Netw Comput Appl 34:1184–1199. https​://doi.org/10.1016/j.
jnca.2011.01.002
Ashfaq RAR, Wang X-Z, Huang JZ et al (2017) Fuzziness based semi-
supervised learning approach for intrusion detection system. Inf
Sci 378:484–497. https​://doi.org/10.1016/j.ins.2016.04.019
A survey of neural networks usage for intrusion detection systems 513
Baracaldo N, Chen B, Ludwig H et al (2018) Detecting poisoning
attacks on machine learning in IoT environments. In: 2018 IEEE
International Congress on Internet of Things (ICIOT). pp 57–64
Besharati E, Naderan M, Namjoo E (2019) LR-HIDS: logistic regres‑
sion host-based intrusion detection system for cloud environ‑
ments. J Ambient Intell Humaniz Comput 10:3669–3692. https​://
doi.org/10.1007/s1265​2-018-1093-8
Borazjani PN, Everett CE, McCoy D (2014) OCTANE: An extensible
open source car security testbed. In: Proceedings of the Embedded
Security in Cars Conference. p 10
Bourlard H, Kamp Y (1988) Auto-association by multilayer percep‑
trons and singular value decomposition. Biol Cybern 59:291–294.
https​://doi.org/10.1007/BF003​32918​
Buczak AL, Guven E (2016) A survey of data mining and machine
learning methods for cyber security intrusion detection. IEEE
Commun Surv Tutor 18:1153–1176. https​://doi.org/10.1109/
COMST​.2015.24945​02
Camastra F, Ciaramella A, Staiano A (2013) Machine learning and
soft computing for ICT security: an overview of current trends.
J Ambient Intell Humaniz Comput 4:235–247. https ​ : //doi.
org/10.1007/s1265​2-011-0073-z
Choo K-KR (2011) The cyber threat landscape: challenges and future
research directions. Comput Secur 30:719–731. https​: //doi.
org/10.1016/j.cose.2011.08.004
Corona I, Giacinto G, Roli F (2013) Adversarial attacks against
intrusion detection systems: taxonomy, solutions and open
issues. Inform Sci 239:201–225. https ​ : //doi.org/10.1016/j.
ins.2013.03.022
Cunningham P, Delany SJ (2007) K-nearest neighbour classifiers. Mult
Classif Syst 34:1–17
Darvish Rouani B, Samragh M, Javidi T, Koushanfar F (2019) Safe
machine learning and defeating adversarial attacks. IEEE Secur
Priv 17:31–38. https​://doi.org/10.1109/MSEC.2018.28887​79
David OE, Netanyahu NS (2015) DeepSign: deep learning for auto‑
matic malware signature generation and classification. In: 2015
International Joint Conference on Neural Networks (IJCNN). pp
1–8
Demetrio L, Biggio B, Lagorio G et al (2019) Explaining vulnerabili‑
ties of deep learning to adversarial malware binaries. https:​ //arxiv​
.org/abs/1901.03583​
Denning DE (1987) An intrusion-detection model. IEEE Trans Softw
Eng SE 13:222–232. https​://doi.org/10.1109/TSE.1987.23289​4
Dhanabal L, Shantharajah DSP (2015) A study on NSL-KDD dataset
for intrusion detection system based on classification algorithms.
Int J Adv Res Comput Commun Eng 4:446–452
Du M, Li F, Zheng G, Srikumar V (2017) DeepLog: anomaly detec‑
tion and diagnosis from system logs through deep learning. In:
Proceedings of the 2017 ACM SIGSAC Conference on Computer
and Communications Security. ACM, pp 1285–1298
Elman JL (1990) Finding structure in time. Cogn Sci 14:179–211. https​
://doi.org/10.1207/s1551​6709c​og140​2_1
Erfani SM, Rajasegarar S, Karunasekera S, Leckie C (2016) High-
dimensional and large-scale anomaly detection using a linear
one-class SVM with deep learning. Pattern Recognit 58:121–134.
https​://doi.org/10.1016/j.patco​g.2016.03.028
Evgeniou T, Pontil M (2001) Support vector machines: theory and
applications. In: Paliouras G, Karkaletsis V, Spyropoulos CD
(eds) Machine learning and its applications: advanced lectures.
Springer, Berlin, pp 249–257
Fadlullah ZMD, Tang F, Mao B et al (2017) State-of-the-art deep
learning: evolving machine intelligence toward tomorrow’s intel‑
ligent network traffic control systems. IEEE Commun Surv Tutor
19:2432–2455. https​://doi.org/10.1109/COMST​.2017.27071​40
Guo Y, Liu Y, Oerlemans A et al (2016) Deep learning for visual
understanding: a review. Neurocomputing 187:27–48. https​://
doi.org/10.1016/j.neuco​m.2015.09.116
Guresen E, Kayakutlu G (2011) Definition of artificial neural networks
with comparison to other networks. Procedia Comput Sci 3:426–
433. https​://doi.org/10.1016/j.procs​.2010.12.071
Harzing A-W (2007) Publish or Perish. In: Harzing.com. https​://harzi​
ng.com/resou​rces/publi​sh-or-peris​h. Accessed 1 Apr 2019
Haykin S (1994) Neural networks: a comprehensive foundation, 1st
edn. Prentice Hall PTR, USA
Hochreiter S, Schmidhuber J (1997) Long short-term memory. Neural
Comput 9:1735–1780. https:​ //doi.org/10.1162/neco.1997.9.8.1735
Hodo E, Bellekens X, Hamilton A et al (2016) Threat analysis of IoT
networks using artificial neural network intrusion detection sys‑
tem. In: 2016 International Symposium on Networks, Computers
and Communications (ISNCC). pp 1–6
De la Hoz E, De La Hoz E, Ortiz A et al (2015) PCA filtering and
probabilistic SOM for network intrusion detection. Neurocom‑
puting 164:71–81. https​://doi.org/10.1016/j.neuco​m.2014.09.083
Huang G-B, Zhu Q-Y, Siew C-K (2006) Extreme learning machine:
theory and applications. Neurocomputing 70:489–501. https:​ //doi.
org/10.1016/j.neuco​m.2005.12.126
Iglesias F, Zseby T (2015) Analysis of network traffic features
for anomaly detection. Mach Learn 101:59–84. https​: //doi.
org/10.1007/s1099​4-014-5473-9
Ingre B, Yadav A (2015) Performance analysis of NSL-KDD dataset
using ANN. In: 2015 International Conference on Signal Process‑
ing and Communication Engineering Systems. pp 92–96
Javaid A, Niyaz Q, Sun W, Alam M (2016) A deep learning approach
for network intrusion detection system. In: Proceedings of the 9th
EAI International Conference on Bio-inspired Information and
Communications Technologies (formerly BIONETICS). ICST,
pp 21–26
KDD Cup (1999) KDD Cup 1999 Data. In: KDD Cup 1999 Data.
http://kdd.ics.uci.edu/datab ​ a ses/kddcu ​ p 99/kddcu ​ p 99.html.
Accessed 1 Jun 2019
Kang M-J, Kang J-W (2016) Intrusion detection system using deep
neural network for In-vehicle network security. PLoS One. https​
://doi.org/10.1371/journ​al.pone.01557​81
Kim J, Kim J, Thu HLT, Kim H (2016) Long short term memory
recurrent neural network classifier for intrusion detection. In:
2016 International Conference on Platform Technology and
Service (PlatCon). pp 1–5
Kohonen T (1982) Self-organized formation of topologically correct
feature maps. Biol Cybern 43:59–69. https​://doi.org/10.1007/
BF003​37288​
Krizhevsky A, Sutskever I, Hinton GE (2012) ImageNet classifica‑
tion with deep convolutional neural networks. In: Pereira F,
Burges CJC, Bottou L, Weinberger KQ (eds) Advances in neural
information processing systems 25. Curran Associates, Inc., pp
1097–1105
Kwon D, Kim H, Kim J et al (2019) A survey of deep learning-based
network anomaly detection. Clust Comput 22:949–961. https​://
doi.org/10.1007/s1058​6-017-1117-8
Kyoto dataset (2015) Traffic Data from Kyoto University’s Honey‑
pots. http://www.takak​ura.com/Kyoto​_data/. Accessed 1 Jun
2019
LeNail A (2019) NN-SVG: publication-ready neural network archi‑
tecture schematics. J Open Source Softw 4:747. https​: //doi.
org/10.21105​/joss.00747​
Lecun Y, Bottou L, Bengio Y, Haffner P (1998) Gradient-based
learning applied to document recognition. Proc IEEE 86:2278–
2324. https​://doi.org/10.1109/5.72679​1
Liao H-J, Richard Lin C-H, Lin Y-C, Tung K-Y (2013) Intrusion
detection system: a comprehensive review. J Netw Comput Appl
36:16–24. https​://doi.org/10.1016/j.jnca.2012.09.004
Lin W-C, Ke S-W, Tsai C-F (2015) CANN: An intrusion detec‑
tion system based on combining cluster centers and
13
514
nearest neighbors. Knowl-Based Syst 78:13–21. https​: //doi.
org/10.1016/j.knosy​s.2015.01.009
Lincoln L (1998) DARPA 1998 & 1999 datasets. In: DARPA 1998
1999 Datasets. https​://www.ll.mit.edu/r-d/datas​ets. Accessed 1
Apr 2020
Lippmann R, Haines JW, Fried DJ et al (2000a) The 1999 DARPA
off-line intrusion detection evaluation. Comput Netw 34:579–
595. https​://doi.org/10.1016/S1389​-1286(00)00139​-0
Lippmann RP, Fried DJ, Graf I et al (2000b) Evaluating intrusion
detection systems: the 1998 DARPA off-line intrusion detection
evaluation. In: Proceedings DARPA Information Survivability
Conference and Exposition. DISCEX’00. pp 12–26 vol.2
Liu W, Wang Z, Liu X et al (2017) A survey of deep neural network
architectures and their applications. Neurocomputing 234:11–
26. https​://doi.org/10.1016/j.neuco​m.2016.12.038
McHugh J (2000) Testing Intrusion detection systems: a critique of
the 1998 and 1999 DARPA intrusion detection system evalua‑
tions as performed by Lincoln Laboratory. ACM Trans Inf Syst
Secur TISSEC 3:262–294
Modi C, Patel D, Borisaniya B et al (2013) A survey of intrusion
detection techniques in Cloud. J Netw Comput Appl 36:42–57.
https​://doi.org/10.1016/j.jnca.2012.05.003
Moustafa N, Slay J (2016) The evaluation of network anomaly
detection systems: statistical analysis of the UNSW-NB15 data
set and the comparison with the KDD99 data set. Inf Secur
J Glob Perspect 25:18–31. https ​ : //doi.org/10.1080/19393​
555.2015.11259​74
Moustafa N, Slay J (2015) UNSW-NB15: a comprehensive data set for
network intrusion detection systems (UNSW-NB15 network data
set). In: 2015 Military Communications and Information Systems
Conference (MilCIS). pp 1–6
NSL-KDD (2009) NSL-KDD | Datasets | Research | Canadian Insti‑
tute for Cybersecurity | UNB. https:​ //www.unb.ca/cic/datase​ ts/nsl.
html. Accessed 1 Jun 2019
Narudin FA, Feizollah A, Anuar NB, Gani A (2016) Evaluation of
machine learning classifiers for mobile malware detection. Soft
Comput 20:343–357. https​://doi.org/10.1007/s0050​0-014-1511-6
Ozay M, Esnaola I, Yarman Vural FT et al (2016) Machine learning
methods for attack detection in the smart grid. IEEE Trans Neural
Netw Learn Syst 27:1773–1786. https​://doi.org/10.1109/TNNLS​
.2015.24048​03
Pandeeswari N, Kumar G (2016) Anomaly detection system in cloud
environment using fuzzy clustering based ANN. Mob Netw Appl
21:494–505. https​://doi.org/10.1007/s1103​6-015-0644-x
Pitropakis N, Panaousis E, Giannetsos T et al (2019) A taxonomy
and survey of attacks against machine learning. Comput Sci Rev
34:100199. https​://doi.org/10.1016/j.cosre​v.2019.10019​9
Ranzato M, Poultney C, Chopra S, Cun YL (2007) Efficient learning of
sparse representations with an energy-based model. In: Schölkopf
B, Platt JC, Hoffman T (eds) Advances in veural information pro‑
cessing systems 19. MIT Press, pp 1137–1144
Rosenblatt F (1958) The perceptron: a probabilistic model for informa‑
tion storage and organization in the brain. Psychol Rev 65:386–
408. https​://doi.org/10.1037/h0042​519
Saied A, Overill RE, Radzik T (2016) Detection of known and
unknown DDoS attacks using artificial neural networks. Neu‑
rocomputing 172:385–393. https ​ : //doi.org/10.1016/j.neuco​
m.2015.04.101
Shah B, Trivedi BH (2012) Artificial neural network based intrusion
detection system: a survey. Int J Comput Appl 39:13–18
Shanmugavadivu R, Nagarajan N (2011) Network intrusion detec‑
tion system using fuzzy logic. Indian J Comput Sci Eng IJCSE
2:101–111
Shone N, Ngoc TN, Phai VD, Shi Q (2018) A deep learning approach
to network intrusion detection. IEEE Trans Emerg Top Comput
Intell 2:41–50. https​://doi.org/10.1109/TETCI​.2017.27727​92
13
A. Drewek‑Ossowicka et al.
Singh R, Kumar H, Singla RK (2015) An intrusion detection system
using network traffic profiling and online sequential extreme
learning machine. Expert Syst Appl 42:8609–8624. https​://doi.
org/10.1016/j.eswa.2015.07.015
Song J, Takakura H, Okabe Y et al (2011) Statistical analysis of hon‑
eypot data and building of Kyoto 2006 + dataset for NIDS evalu‑
ation. In: Proceedings of the First Workshop on Building Analysis
Datasets and Gathering Experience Returns for Security. ACM,
pp 29–36
Songma S, Chimphlee W, Maichalernnukul K, Sanguansat P (2012)
Classification via k-means clustering and distance-based outlier
detection. In: 2012 Tenth International Conference on ICT and
Knowledge Engineering. pp 125–128
Stewart M (2019) Security vulnerabilities of neural networks. In:
Medium. https​://towar​dsdat​ascie​nce.com/hacki​ng-neura​l-netwo​
rks-2b9f4​61ffe​0b. Accessed 1 Jan 2020
Tang TA, Mhamdi L, McLernon D et al (2016) Deep learning approach
for network intrusion detection in software defined networking. In:
2016 International Conference on Wireless Networks and Mobile
Communications (WINCOM). pp 258–263
Tavallaee M, Bagheri E, Lu W, Ghorbani AA (2009) A detailed analy‑
sis of the KDD CUP 99 data set. In: 2009 IEEE Symposium on
Computational Intelligence for Security and Defense Applica‑
tions. pp 1–6
Tay A (2015) 6 common misconceptions when doing advanced
Google Searching. http://musin​gsabo​utlib​raria​nship​.blogs​pot.
com/2015/10/6-commo ​ n -misco ​ n cept ​ i ons-when-doing ​ . html.
Accessed 1 Apr 2019
Tran NN, Sarker R, Hu J (2018) An Approach for Host-Based Intrusion
Detection System Design Using Convolutional Neural Network.
In: Hu J, Khalil I, Tari Z, Wen S (eds) Mobile Networks and Man‑
agement. Springer International Publishing, Cham, pp 116–126
UNSW-NB15 (2015) The UNSW-NB15 data set description. https​
://www.unsw.adfa.edu.au/unsw-canbe​r ra-cyber​/cyber​secur ​ity/
ADFA-NB15-Datas​ets/. Accessed 1 Jun 2019
Vasilomanolakis E, Karuppayah S, Mühlhäuser M, Fischer M (2015)
Taxonomy and survey of collaborative intrusion detection. ACM
Comput Surv CSUR. https​://doi.org/10.1145/27162​60
Veen F van (2016) The Neural Network Zoo. In: Asimov Inst. https​
://www.asimo​vinst​itute​.org/neura​l-netwo​rk-zoo/. Accessed 1 Jun
2019
Vinchurkar DP, Reshamwala A (2012) A review of intrusion detection
system using neural network and machine learning technique. Int
J Eng Sci Innov Technol IJESIT 1:10
Wang W, Zhu M, Zeng X et al (2017) Malware traffic classification
using convolutional neural network for representation learning.
In: 2017 International Conference on Information Networking
(ICOIN). pp 712–717
Weller-Fahy DJ, Borghetti BJ, Sodemann AA (2015) A survey of
distance and similarity measures used within network intrusion
anomaly detection. IEEE Commun Surv Tutor 17:70–91. https​://
doi.org/10.1109/COMST​.2014.23366​10
Yin C, Zhu Y, Fei J, He X (2017) A deep learning approach for intru‑
sion detection using recurrent neural networks. IEEE Access
5:21954–21961. https​://doi.org/10.1109/ACCES​S.2017.27624​18
Yuan X, He P, Zhu Q, Li X (2019) Adversarial examples: attacks and
defenses for deep learning. IEEE Trans Neural Netw Learn Syst
30:2805–2824. https​://doi.org/10.1109/TNNLS​.2018.28860​17
Zhang H, Cisse M, Dauphin YN, Lopez-Paz D (2018) Mixup: beyond
empirical risk minimization. https​://arxiv​.org/abs/1710.09412​
Publisher’s Note Springer Nature remains neutral with regard to
jurisdictional claims in published maps and institutional affiliations.