Applying Generative Machine Learning to Intrusion Detection: A Systematic Mapping Study and Review

James Halvorsen, Clemente Izurieta, Haipeng Cai, Assefaw Gebremedhin

Research output: Contribution to journalArticlepeer-review

1 Scopus citations

Abstract

Intrusion Detection Systems (IDSs) are an essential element of modern cyber defense, alerting users to when and where cyber-attacks occur. Machine learning can enable IDSs to further distinguish between benign and malicious behaviors, but it comes with several challenges, including lack of quality training data and high false-positive rates. Generative Machine Learning Models (GMLMs) can help overcome these challenges. This article offers an in-depth exploration of GMLMs' application to intrusion detection. It gives (1) a systematic mapping study of research at the intersection of GMLMs and IDSs, and (2) a detailed review providing insights and directions for future research.

Original languageEnglish
Article number257
JournalACM Computing Surveys
Volume56
Issue number10
Early online dateJun 22 2024
DOIs
StatePublished - Jun 22 2024

Keywords

  • Cyber Alert Generation
  • Evaluation Metrics
  • Flow Generation
  • Generative Models
  • Penetration Testing
  • Unbalanced Datasets

Cite this