Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey
Network intrusion detection systems are crucial for securing information technology and operational technology networks against cyberattacks. While machine learning and deep learning techniques hold significant promise for enhancing these systems, their performance is highly dependent on how network...
Saved in:
| Main Authors: | , , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
IEEE
2025-01-01
|
| Series: | IEEE Access |
| Subjects: | |
| Online Access: | https://ieeexplore.ieee.org/document/11043147/ |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Network intrusion detection systems are crucial for securing information technology and operational technology networks against cyberattacks. While machine learning and deep learning techniques hold significant promise for enhancing these systems, their performance is highly dependent on how network traffic data is transformed and represented. In a survey of recent popular papers, we identified four main categories of data representations: numerical, pixel-based, sequence-based, and graph-based approaches. The identified transformations capture information either from network traffic packets, flows, or both. Using insights from the literature and additional experiments conducted on the CICIDS-2017 dataset, we assessed each representation not only in terms of its ability to enhance detection performance but also in terms of computational efficiency. Our findings highlight the need for future research to improve data transformation techniques, especially in terms of dataset labeling and inference time reporting, to support the development of more robust and practical network intrusion detection systems. |
|---|---|
| ISSN: | 2169-3536 |