•  
  •  
 

Document Type

Article

Keywords

Intrusion Detection Systems, Zero-day attacks, False Negative Rate, IIoT Security

Abstract

Zero-day attacks are one of the great challenges that intrusion detection systems have been facing and keep on facing today, especially worsening within Industrial Internet of Things environments since their ability to take advantage of unknown vulnerabilities results in a high rate of false negatives. It is under this framework that this paper presents a set of experiments that have been carried out with the objective of analyzing the consequences of zero-day attacks with regard to performance degradation in Intrusion Detection System (IDS) and, secondly, and with greater emphasis, about those failings which have been pointed out up to now as those affecting precision in detection. This has been done through the systematic review of 200 research papers published from the years 2023 to 2024, further categorized into the four main focus areas: general AI-based IDS, Machine learning (ML)-based IDS, Deep Learning (DL)-based IDS, and Deep Reinforcement Learning (DRL)-based IDS. Accordingly, 45% were DL-based IDS reviews; 35% related to machine learning; 15% consisted of the ones about DRL-based ones, while 5% pertain to the General AI-based ones. Results show that the approaches with DL-based systems will come up with extensive promises, reducing the impact brought by false negatives, besides extending the issues even when one considers a background of adversarial attack issues. It underlines that, in IDS, apart from accuracy, detection specificity and recall are also of essence for dealing with low frequent but high-impact zero-day threats. These techniques further make the following proposal: the use of both machine learning and deep learning techniques should be improved in enhancing the performance of IDS.

Download

Share

COinS