Scribd
Upload
23 views4 pages

SLR Cybersecurity ML

This systematic literature review examines the application of machine learning (ML) techniques in detecting and mitigating network attacks, highlighting key methodologies, datasets, and evaluation metrics. Findings indicate that while ML, particularly deep learning, shows promise in improving detection rates, challenges such as adversarial attacks and dataset limitations hinder real-world deployment. Future research should focus on developing robust ML models and addressing practical application issues.

Uploaded by

Edmir Kore
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
23 views4 pages

SLR Cybersecurity ML

This systematic literature review examines the application of machine learning (ML) techniques in detecting and mitigating network attacks, highlighting key methodologies, datasets, and evaluation metrics. Findings indicate that while ML, particularly deep learning, shows promise in improving detection rates, challenges such as adversarial attacks and dataset limitations hinder real-world deployment. Future research should focus on developing robust ML models and addressing practical application issues.

Uploaded by

Edmir Kore
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 4

Detecting and Mitigating Network

Attacks Using Machine Learning: A


Systematic Literature Review
Abstract
Cybersecurity threats, particularly network attacks, have evolved in complexity, frequency,
and severity. Traditional defense mechanisms are often insufficient to detect sophisticated
attacks, leading researchers to explore machine learning (ML) techniques. This review
systematically examines studies that utilize ML methods to detect and mitigate network
attacks. We synthesize key methodologies, datasets, evaluation metrics, and highlight
challenges and future research directions. Findings suggest that ML provides robust
mechanisms for detecting novel attacks; however, real-world deployment challenges, such
as adversarial attacks and dataset limitations, persist.

Keywords
Cybersecurity, Network Attacks, Machine Learning, Intrusion Detection, Adversarial ML.

1. Introduction
Network security has become a critical concern with the rise of complex cyber threats.
Machine learning has emerged as a potent approach for detecting anomalies, identifying
intrusions, and mitigating network attacks. ML models can automatically adapt to evolving
threats and uncover patterns that traditional rule-based systems might miss. This
systematic literature review (SLR) aims to synthesize the current state-of-the-art in
applying ML to network security.

2. Methodology
Research Questions:

- RQ1: What machine learning techniques are commonly used for network attack detection?

- RQ2: What datasets and evaluation metrics are prevalent?

- RQ3: What are the main challenges and limitations in this field?

Search Strategy:
- Databases: IEEE Xplore, ScienceDirect, SpringerLink, ACM Digital Library.

- Keywords: "Network Attack Detection", "Machine Learning", "Cybersecurity", "Intrusion


Detection", "Anomaly Detection".

Inclusion Criteria:

- Studies applying ML techniques to detect network attacks.

- Peer-reviewed articles between 2018 and 2024.

Exclusion Criteria:

- Non-English papers.

- Papers not focusing on ML applications.

Quality Assessment:

- Relevance, novelty, experimental validation, clarity.

Data Extraction:

- Author(s), Year, ML method, Dataset, Evaluation metrics, Key findings.

3. Results
Overview of Selected Studies:

- 28 studies were selected after applying inclusion and exclusion criteria.

ML Techniques in Network Attack Detection:

- Supervised Learning: RF, SVM, DT, ANN

- Deep Learning: CNN, LSTM, RNN

- Unsupervised Learning: Autoencoders, Isolation Forests, Clustering

- Reinforcement Learning: For dynamic adaptation in evolving network conditions.


Datasets Used:

- NSL-KDD, CICIDS2017, UNSW-NB15, Bot-IoT

Evaluation Metrics:

- Accuracy, Precision, Recall, F1-Score, ROC-AUC

4. Discussion
Strengths and Limitations:

- ML models demonstrate high detection rates, particularly deep learning models.

- Overfitting and generalization to unseen attacks remain concerns.

- Imbalanced datasets lead to biased models.

Challenges in Real-world Applications:

- Adversarial machine learning poses a significant threat.

- Real-time processing requirements are demanding.

- Dataset quality and availability affect model performance.

Future Research Directions:

- Development of adversarially robust ML models.

- Use of federated learning for privacy-preserving detection.

- Synthetic data generation for training using GANs.

5. Conclusion
Machine learning offers promising solutions for network attack detection and mitigation,
with deep learning methods achieving state-of-the-art results. However, practical
deployment still faces challenges like adversarial attacks, real-time processing needs, and
dataset biases. Future research must focus on enhancing robustness and real-world
applicability.
References
- Abdullah et al. (2024). https://doi.org/10.31272/JEASD.28.3.4

- Nadeem et al. (2023). https://doi.org/10.1109/ACCESS.2023.3277397

- Kamil et al. (2024). https://doi.org/10.58496/MJCS/2024/002

- Abd Al-Ameer & Bhaya (2023). https://doi.org/10.18280/isi.280509

- Maseer et al. (2023). https://arxiv.org/abs/2308.02805

- Alatwi & Morisset (2021). https://arxiv.org/abs/2112.03315

- Kimanzi et al. (2024). https://arxiv.org/abs/2402.17020

- Di Mauro et al. (2020). https://arxiv.org/abs/2009.09011

You might also like