An Overview of Machine Learning Algorithms for Intrusion Detection in Networked Systems
Keywords:
Intrusion Detection Systems (IDS), Machine Learning, Network Security, Supervised Learning, Unsupervised Learning, Anomaly Detection, Cybersecurity, False Positive Rate, Real-Time Detection, Explainable AI (XAI)Abstract
With the rapid evolution of digital communication and widespread connectivity, networked systems have become a prime target for cyber-attacks. Traditional Intrusion Detection Systems (IDS), which rely on predefined rules or signature patterns, struggle to detect novel and sophisticated threats, making them inadequate in modern network environments. To address these limitations, Machine Learning (ML) has emerged as a promising approach to enhance IDS capabilities by enabling systems to learn from historical data and detect abnormal behaviors effectively.This survey provides a comprehensive overview of various machine learning algorithms applied to intrusion detection in networked systems. It explores both supervised and unsupervised learning techniques, highlighting their strengths, weaknesses, and applicability in real-time security scenarios. Popular ML models such as Support Vector Machines (SVM), Decision Trees (DT), Random Forests (RF), k-Nearest Neighbors (KNN), Naive Bayes (NB), and clustering methods are examined in terms of accuracy, efficiency, and adaptability.The paper also discusses key performance metrics used for evaluating ML-based IDS, including accuracy, precision, recall, F1-score, and false positive rate. By reviewing recent advancements and comparative studies, the survey identifies current challenges in the field such as imbalanced datasets, high false alarm rates, and the need for real-time intrusion detection. Finally, it outlines future research directions, including the integration of explainable AI, edge-based detection systems, and adversarial robustness, to build more secure and intelligent IDS for evolving network environments.
Downloads
References
D. E. Denning, "An Intrusion-Detection Model," IEEE Transactions on Software Engineering, vol. SE-13, no. 2, pp. 222–232, Feb. 1987, doi: 10.1109/TSE.1987.232894.
T. Shon and J. Moon, "A hybrid machine learning approach to network anomaly detection," Information Sciences, vol. 177, no. 18, pp. 3799–3821, Sep. 2007, doi: 10.1016/j.ins.2007.03.025.
W. Wang, X. Zhang, S. Gombault, and S. J. Knapskog, "Attribute selection in intrusion detection with hybrid genetic and deep neural networks," Cluster Computing, vol. 22, no. 1, pp. 1–13, Jan. 2019, doi: 10.1007/s10586-018-1859-4.
J. A. Abraham and V. R. Bindu, "Intrusion Detection and Prevention in Networks Using Machine Learning and Deep Learning Approaches: A Review," 2021 International Conference on Advancements in Electrical, Electronics, Communication, Computing and Automation (ICAECA), Coimbatore, India, 2021, pp. 1–4, doi: 10.1109/ICAECA52838.2021.9675595.
W. Yang, W. Wan, L. Guo and L.-J. Zhang, "An Efficient Intrusion Detection Model Based on Fast Inductive Learning," 2007 International Conference on Machine Learning and Cybernetics, Hong Kong, China, 2007, pp. 3249–3254, doi: 10.1109/ICMLC.2007.4370708.
Y.-X. Meng, "The Practice on Using Machine Learning for Network Anomaly Intrusion Detection," 2011 International Conference on Machine Learning and Cybernetics, Guilin, China, 2011, pp. 576–581, doi: 10.1109/ICMLC.2011.6016798.
M. S. Rahman, W. T. Islam and M. R. A. Khan, "Enhancing Cybersecurity with an Investigation into Network Intrusion Detection System Using Machine Learning," 2024 IEEE 3rd International Conference on Robotics, Automation, Artificial-Intelligence and Internet-of-Things (RAAICON), Dhaka, Bangladesh, 2024, pp. 107–110, doi: 10.1109/RAAICON64172.2024.10928505.
V. Kathiresan, S. Karthik, P. Divya and D. P. Rajan, "A Comparative Study of Diverse Intrusion Detection Methods using Machine Learning Techniques," 2022 International Conference on Computer Communication and Informatics (ICCCI), Coimbatore, India, 2022, pp. 1–6, doi: 10.1109/ICCCI54379.2022.9740744.
A. Kiran, S. W. Prakash, B. A. Kumar, Likhitha, T. Sameeratmaja and U. S. S. R. Charan, "Intrusion Detection System Using Machine Learning," 2023 International Conference on Computer Communication and Informatics (ICCCI), Coimbatore, India, 2023, pp. 1–4, doi: 10.1109/ICCCI56745.2023.10128363.
A. Phadke, M. Kulkarni, P. Bhawalkar and R. Bhattad, "A Review of Machine Learning Methodologies for Network Intrusion Detection," 2019 3rd International Conference on Computing Methodologies and Communication (ICCMC), Erode, India, 2019, pp. 272–275, doi: 10.1109/ICCMC.2019.8819748.
K. Shanthi and R. Maruthi, "Machine Learning Approach for Anomaly-Based Intrusion Detection Systems Using Isolation Forest Model and Support Vector Machine," 2023 5th International Conference on Inventive Research in Computing Applications (ICIRCA), Coimbatore, India, 2023, pp. 136–139, doi: 10.1109/ICIRCA57980.2023.10220620.
A. A. Yilmaz, "Intrusion Detection in Computer Networks using Optimized Machine Learning Algorithms," 2022 3rd International Informatics and Software Engineering Conference (IISEC), Ankara, Turkey, 2022, pp. 1–5, doi: 10.1109/IISEC56263.2022.9998258.
V. Sharma and D. J. Shah, "A Novel Approach to Intrusion Detection Systems Using Hybrid Machine Learning Techniques," 2024 International Conference on Artificial Intelligence and Quantum Computation-Based Sensor Application (ICAIQSA), Nagpur, India, 2024, pp. 1–6, doi: 10.1109/ICAIQSA64000.2024.10882184.
Downloads
Published
Issue
Section
License
Copyright (c) 2025 International Journal of Scientific Research in Science, Engineering and Technology
This work is licensed under a Creative Commons Attribution 4.0 International License.
