[go: up one dir, main page]
More Web Proxy on the site http://driver.im/ Skip to main content
Log in

Deep learning techniques to detect cybersecurity attacks: a systematic mapping study

  • Published:
Empirical Software Engineering Aims and scope Submit manuscript

Abstract

Context

Recent years have seen a lot of attention into Deep Learning (DL) techniques used to detect cybersecurity attacks. DL techniques can swiftly analyze massive datasets, and automate the detection and mitigation of a wide variety of cybersecurity attacks with superior results. However, no systematic study exists that summarizes these DL techniques since most studies are informal literature surveys or focus on different subjects.

Objective

To deliver a comprehensive and systematic summary of the existing DL techniques used to detect cybersecurity attacks as they are described in the literature. To identify open challenges for future research.

Method

We conducted a systematic mapping study about DL techniques to detect cybersecurity attacks driven by eleven research questions. We followed existing guidelines when defining our research protocol to increase the repeatability and reliability of our results.

Results

From an initial set of 1839 papers, we identified 116 relevant primary studies, primarily published in the last three years. We investigated multiple aspects of the DL techniques, such as the cybersecurity attack types to detect, their application domains, the programming languages, libraries, operating systems, and frameworks used to implement the DL techniques, the datasets used to train the DL models, the types of research carried out (academic or industrial), the performance of the techniques, and the advantages and disadvantages of each technique. We present a new taxonomy comprising 36 different DL techniques. We identified 14 application domains, eight cybersecurity attacks, and 93 publicly available datasets, among other results.

Conclusions

We provide six lessons learned along with recommendations for future research directions. The most active research areas in DL techniques for the identification of cybersecurity attacks discuss CNN and LSTM techniques. DL techniques in cybersecurity is a rapidly growing and developing research area, with many open challenges, including the lack of (a) research conducted in industrial settings, (b) real-time datasets, (c) studies focusing on promising DL techniques and relevant cybersecurity attacks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Price includes VAT (United Kingdom)

Instant access to the full article PDF.

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

Explore related subjects

Discover the latest articles, news and stories from top researchers in related subjects.

Data Availability

All data generated or analysed during this study are included in this published article (and its supplementary information files).

Notes

  1. https://www.itu.int/en/ITU-T/studygroups/com17/Pages/cybersecurity.aspx – last access on January 31, 2022

  2. https://csrc.nist.gov/glossary/term/Cyber_Attack

  3. We will provide the link to the replication package once the manuscript is accepted for publication.

References

  • Ahmed A, Krishnan VVG, Foroutan SA, Touhiduzzaman M, Srivastava A, Wu Y, Hahn A, Sindhu S (2018) Cyber physical security analytics for anomalies in transmission protection systems. In: IEEE Industry Applications Society Annual Meeting, IAS 2018, Portland, OR, USA, September 23-27, 2018, IEEE, pp 1–8. https://doi.org/10.1109/IAS.2018.8544672

  • Al-Haija Q, Sabatto S (2020) An efficient deep-learning-based detection and classification system for cyber-attacks in iot communication networks. Electronics 9(12):2152. https://doi.org/10.3390/electronics9122152

    Article  Google Scholar 

  • Al-Hawawreh M, Moustafa N, Garg S, Hossain MS (2020) Deep learning-enabled threat intelligence scheme in the internet of things networks. IEEE Transactions on Network Science and Engineering pp 1–1. https://doi.org/10.1109/TNSE.2020.3032415

  • Al-Qatf M, Yu L, Al-Habib M, Al-Sabahi K (2018) Deep learning approach combining sparse autoencoder with SVM for network intrusion detection. IEEE Access 6:52843–52856. https://doi.org/10.1109/ACCESS.2018.2869577

    Article  Google Scholar 

  • Alauthman M, Aslam N, Al-kasassbeh M, Khan S, Al-Qerem A, Raymond Choo KK (2020) An efficient reinforcement learning-based botnet detection approach. J Netw Comp Appl 150:102479. https://doi.org/10.1016/j.jnca.2019.102479

    Article  Google Scholar 

  • Aldweesh A, Derhab A, Emam AZ (2020) Deep learning approaches for anomaly-based intrusion detection systems: A survey, taxonomy, and open issues. Knowl Based Syst 189. https://doi.org/10.1016/j.knosys.2019.105124

  • Aleesa AM, Zaidan BB, Zaidan AA, Sahar NM (2020) Review of intrusion detection systems based on deep learning techniques: coherent taxonomy, challenges, motivations, recommendations, substantial analysis and future directions. Neural Comput Appl 32(14):9827–9858. https://doi.org/10.1007/s00521-019-04557-3

    Article  Google Scholar 

  • Ali R, Ali A, Iqbal F, Khattak A M, Aleem S (2019) A systematic review of artificial intelligence and machine learning techniques for cyber security. In: Tian Y, Ma T, Khan M K (eds) Big data and security. Springer, Singapore, pp 584–593

  • Alom MZ, Taha TM (2017) Network intrusion detection for cyber security using unsupervised deep learning approaches. In: 2017 IEEE National Aerospace and Electronics Conference (NAECON), pp 63–69. https://doi.org/10.1109/NAECON.2017.8268746

  • Alrawashdeh K, Purdy C (2016) Toward an online anomaly intrusion detection system based on deep learning. In: 15th IEEE International Conference on Machine Learning and Applications, ICMLA 2016, Anaheim, CA, USA, December 18-20, 2016, IEEE Computer Society, pp 195–200. https://doi.org/10.1109/ICMLA.2016.0040

  • Alrawashdeh K, Purdy C (2018) Fast hardware assisted online learning using unsupervised deep learning structure for anomaly detection. In: 2018 International Conference on Information and Computer Technologies (ICICT), pp 128–134. https://doi.org/10.1109/INFOCT.2018.8356855

  • Amodei D, Ananthanarayanan S, Anubhai R, Bai J, Battenberg E, Case C, Casper J, Catanzaro B, Chen J, Chrzanowski M, Coates A, Diamos G, Elsen E, Engel JH, Fan L, Fougner C, Hannun AY, Jun B, Han T, LeGresley P, Li X, Lin L, Narang S, Ng AY, Ozair S, Prenger R, Qian S, Raiman J, Satheesh S, Seetapun D, Sengupta S, Wang C, Wang Y, Wang Z, Xiao B, Xie Y, Yogatama D, Zhan J, Zhu Z (2016) Deep speech 2 : End-to-end speech recognition in english and mandarin. In: Balcan M, Weinberger KQ (eds) Proceedings of the 33nd International Conference on Machine Learning, ICML 2016, New York City, NY, USA, June 19-24, 2016, JMLR.org, JMLR Workshop and Conference Proceedings, vol 48, pp 173–182

  • Andriole SJ (2020) Blockchain, cryptocurrency, and cybersecurity. IT Prof 22(1):13–16. https://doi.org/10.1109/MITP.2019.2949165

    Article  Google Scholar 

  • Anthi E, Williams L, Rhode M, Burnap P, Wedgbury A (2021) Adversarial attacks on machine learning cybersecurity defences in industrial control systems. J Infor Secur Appl 58:102717. https://doi.org/10.1016/j.jisa.2020.102717

    Google Scholar 

  • Araujo F, Ayoade G, Al-Naami K, Gao Y, Hamlen KW, Khan L (2019) Improving intrusion detectors by crook-sourcing. In: Balenson D (ed) Proceedings of the 35th Annual Computer Security Applications Conference, ACSAC 2019, San Juan, PR, USA, December 09-13, 2019, ACM, pp 245–256. https://doi.org/10.1145/3359789.3359822

  • Ayoade G, Araujo F, Al-Naami K, Mustafa AM, Gao Y, Hamlen KW, Khan L (2020) Automating cyberdeception evaluation with deep learning. In: 53rd Hawaii International Conference on System Sciences, HICSS 2020, Maui, Hawaii, USA, January 7-10, 2020, ScholarSpace, pp 1–10

  • Bagaa M, Taleb T, Bernabé JB, Skarmeta AF (2020) A machine learning security framework for iot systems. IEEE Access 8:114066–114077. https://doi.org/10.1109/ACCESS.2020.2996214

    Article  Google Scholar 

  • Basumallik S, Ma R, Eftekharnejad S (2019) Packet-data anomaly detection in pmu-based state estimator using convolutional neural network. Int J Elec Power & Energy Syst 107:690–702. https://doi.org/10.1016/j.ijepes.2018.11.013

    Article  Google Scholar 

  • Bengio Y (2009) Learning deep architectures for AI. Found Trends Mach Learn 2(1):1–127. https://doi.org/10.1561/2200000006

    Article  MathSciNet  MATH  Google Scholar 

  • Benzaid C, Taleb T (2020) AI for beyond 5g networks: A cyber-security defense or offense enabler?. IEEE Netw 34(6):140–147. https://doi.org/10.1109/MNET.011.2000088

    Article  Google Scholar 

  • Berman DS, Buczak AL, Corbett CL (2019) A survey of deep learning methods for cyber security. Inf 10(4):122

    Google Scholar 

  • Bhamidipati S, Kim K, Sun H, Orlik P, Zhang J (2019) Joint BP and RNN for resilient GPS timing against spoofing attacks. In: S H, L Y, W M (eds) Artificial Intelligence for Communications and Networks (AICON), Springer, Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 287. https://doi.org/10.1007/978-3-030-22971-9_17

  • Bhuvaneswari ANG, Selvakumar S (2019) Deep radial intelligence with cumulative incarnation approach for detecting denial of service attacks. Neurocomputing 340:294–308. https://doi.org/10.1016/j.neucom.2019.02.047

    Article  Google Scholar 

  • Brereton P, Kitchenham BA, Budgen D, Turner M, Khalil M (2007) Lessons from applying the systematic literature review process within the software engineering domain. J Syst Softw 80(4):571–583. https://doi.org/10.1016/j.jss.2006.07.009

    Article  Google Scholar 

  • Budgen D, Turner M, Brereton P, Kitchenham BA (2008) Using mapping studies in software engineering. In: Proceedings of the 20th Annual Workshop of the Psychology of Programming Interest Group, PPIG 2008, Lancaster, UK, September 10-12, 2008, Psychology of Programming Interest Group, p 20

  • Canizo M, Triguero I, Conde A, Onieva E (2019) Multi-head CNN-RNN for multi-time series anomaly detection: An industrial case study. Neurocomputing 363:246–260. https://doi.org/10.1016/j.neucom.2019.07.034

    Article  Google Scholar 

  • Carrasco MAM, Wu C (2020) Review: Deep learning methods for cybersecurity and intrusion detection systems. In: IEEE Latin-American Conference on Communications, LATINCOM 2020, Santo Domingo, Dominican Republic, November 18-20, 2020, IEEE, pp 1–6. https://doi.org/10.1109/LATINCOM50620.2020.9282324

  • Chockwanich N, Visoottiviseth V (2019) Intrusion detection by deep learning with tensorflow. In: 2019 21st International Conference on Advanced Communication Technology (ICACT), pp 654–659. https://doi.org/10.23919/ICACT.2019.8701969

  • Corin RD, Millar S, Scott-Hayward S del Rincón JM, Siracusa D (2020) Lucid: A practical, lightweight deep learning solution for ddos attack detection. IEEE Trans Netw Serv Manag 17(2):876–889. https://doi.org/10.1109/TNSM.2020.2971776

  • Cui Z, Xue F, Cai X, Cao Y, Wang G, Chen J (2018) Detection of malicious code variants based on deep learning. IEEE Trans Ind Informatics 14(7):3187–3196. https://doi.org/10.1109/TII.2018.2822680

    Article  Google Scholar 

  • Demertzis K, Iliadis L, Tziritas N, Kikiras P (2020) Anomaly detection via blockchained deep learning smart contracts in industry 4.0. Neural Comput Appl 32(23):17361–17378. https://doi.org/10.1007/s00521-020-05189-8

    Article  Google Scholar 

  • Ding F, Li H Luo F, Hu H, Cheng L, Xiao H, Ge R (2020) Deeppower: Non-intrusive and deep learning-based detection of iot malware using power side channels. In: Sun H, Shieh S, Gu G, Ateniese G (eds) ASIA CCS ’20: The 15th ACM Asia Conference on Computer and Communications Security, Taipei, Taiwan, October 5-9, 2020, ACM, pp 33–46. https://doi.org/10.1145/3320269.3384727

  • Diro AA, Chilamkurti NK (2018a) Distributed attack detection scheme using deep learning approach for internet of things. Future Gener Comput Syst 82:761–768. https://doi.org/10.1016/j.future.2017.08.043

  • Diro AA, Chilamkurti NK (2018b) Distributed attack detection scheme using deep learning approach for internet of things. Future Gener Comput Syst 82:761–768. https://doi.org/10.1016/j.future.2017.08.043

  • Dixit P, Silakari S (2021) Deep learning algorithms for cybersecurity applications: A technological and status review. Comput Sci Rev 39:100317. https://doi.org/10.1016/j.cosrev.2020.100317

    Article  MathSciNet  Google Scholar 

  • Dutta V, Choras M, Pawlicki M, Kozik R (2020) A deep learning ensemble for network anomaly and cyber-attack detection. Sensors 20(16):4583. https://doi.org/10.3390/s20164583

    Article  Google Scholar 

  • Ebrahimi M, Jr JFN, hen H (2020) Semi-supervised cyber threat identification in dark net markets: A transductive and deep learning approach. J Manag Inf Syst 37(3):694–722

  • Erfani SM, Rajasegarar S, Karunasekera S, Leckie C (2016) High-dimensional and large-scale anomaly detection using a linear one-class SVM with deep learning. Pattern Recognit 58:121–134. https://doi.org/10.1016/j.patcog.2016.03.028

    Article  Google Scholar 

  • Evans D (2011) The internet of things- how the next evolution of the internet is changing everything. CISCO https://www.cisco.com/c/dam/en_us/about/ac79/docs/innov/IoT_IBSG_0411FINAL.pdf

  • Faker O, Dogdu E (2019) Intrusion detection using big data and deep learning techniques. In: Lo D, Kim D, Gamess E (eds) Proceedings of the 2019 ACM Southeast Conference, ACM SE ’19, Kennesaw, GA, USA, April 18-20, 2019, ACM, pp 86–93 https://doi.org/10.1145/3299815.3314439

  • Fang X, Xu M, Xu S, Zhao P (2019) A deep learning framework for predicting cyber attacks rates. EURASIP J Inf Secur 2019:5. https://doi.org/10.1186/s13635-019-0090-6

    Article  Google Scholar 

  • Farukee MB, Shabit MSZ, Haque MR, Sattar AHMS (2020) Ddos attack detection in iot networks using deep learning models combined with random forest as feature selector. In: Anbar M, Abdullah N, Manickam S (eds) Advances in Cyber Security - Second International Conference ACeS 2020, Penang, Malaysia, December 8-9, 2020, Revised Selected Papers, Springer, Communications in Computer and Information Science, vol 1347, pp 118–134

  • Ferrag MA, Maglaras LA, Moschoyiannis S, anicke H (2020) Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study. J Inf Secur Appl 50:1–21. https://doi.org/10.1016/j.jisa.2019.102419

    Google Scholar 

  • Fujita H, Gaeta A, Loia V, Orciuoli F (2019) Resilience analysis of critical infrastructures: A cognitive approach based on granular computing. IEEE Trans Cybern 49(5):1835–1848. https://doi.org/10.1109/TCYB.2018.2815178

    Article  Google Scholar 

  • Gamage S, Samarabandu J (2020) Deep learning methods in network intrusion detection: A survey and an objective comparison. J Netw Comput Appl 169:102767. https://doi.org/10.1016/j.jnca.2020.102767

    Article  Google Scholar 

  • Garcia-Teodoro P, Verdejo JED, Maciá-Fernández G, Vázquez E (2009) Anomaly-based network intrusion detection: Techniques, systems and challenges. Comput Secur 28(1-2):18–28. https://doi.org/10.1016/j.cose.2008.08.003

    Article  Google Scholar 

  • Ghanem WAHM, Jantan A (2020) A new approach for intrusion detection system based on training multilayer perceptron by using enhanced bat algorithm. Neural Comput Appl 32(15):11665–11698

    Article  Google Scholar 

  • Goodfellow IJ, Bengio Y, Courville AC (2016) Deep Learning. Adaptive computation and machine learning. MIT Press, Cambridge

    MATH  Google Scholar 

  • Habibi MR, ahoo S, Rivera S, Dragievi T, Blaabjerg F (2021) Decentralized coordinated cyberattack detection and mitigation strategy in dc microgrids based on artificial neural networks. IEEE J Emerg Selected Topics in Power Electron 9(4):4629–4638. https://doi.org/10.1109/JESTPE.2021.3050851

    Article  Google Scholar 

  • Haghnegahdar L, Wang Y (2020) A whale optimization algorithm-trained artificial neural network for smart grid cyber intrusion detection. Neural Comput Appl 32(13):9427–9441. https://doi.org/10.1007/s00521-019-04453-w

    Article  Google Scholar 

  • Hammadi AYA, Lee D, eun CY, amiani E, Kim S, Yoo PD, Choi H (2020) Novel EEG sensor-based risk framework for the detection of insider threats in safety critical industrial infrastructure. IEEE Access 8:206222–206234. https://doi.org/10.1109/ACCESS.2020.3037979

    Article  Google Scholar 

  • Hanif S, Ilyas T, Zeeshan M (2019) Intrusion detection in iot using artificial neural networks on unsw-15 dataset. In: 2019 IEEE 16th International Conference on Smart Cities: Improving Quality of Life Using ICT IoT and AI (HONET-ICT), pp 152–156 https://doi.org/10.1109/HONET.2019.8908122

  • Hatcher WG, Yu W (2018) A survey of deep learning: Platforms, applications and emerging research trends. IEEE Access 6:24411–24432. https://doi.org/10.1109/ACCESS.2018.2830661

    Article  Google Scholar 

  • He K, Zhang X, Ren S, Sun J (2016) Deep residual learning for image recognition. In: 2016 IEEE Conference on Computer Vision and Pattern Recognition, CVPR 2016, Las Vegas, NV, USA, June 27-30, 2016, IEEE Computer Society, pp 770–778. https://doi.org/10.1109/CVPR.2016.90

  • He Y, Mendis GJ, Wei J (2017) Real-time detection of false data injection attacks in smart grid: A deep learning-based intelligent mechanism. IEEE Trans Smart Grid 8(5):2505–2516. https://doi.org/10.1109/TSG.2017.2703842

    Article  Google Scholar 

  • Hemalatha J, Roseline SA, Geetha S, Kadry SN, Damasevicius R (2021) An efficient densenet-based deep learning model for malware detection. Entropy 23(3):344. https://doi.org/10.3390/e23030344

    Article  MathSciNet  Google Scholar 

  • Hendler D, Kels S, Rubin A (2018) Detecting malicious powershell commands using deep neural networks. In: Kim J, Ahn G, Kim S, Kim Y, López J, Kim T (eds) Proceedings of the 2018 on Asia Conference on Computer and Communications Security AsiaCCS 2018, Incheon, Republic of Korea, June 04-08, 2018, ACM, pp 187–197. https://doi.org/10.1145/3196494.3196511

  • Highnam K Puzio, D, Luo S, Jennings NR (2021) Real-time detection of dictionary DGA network traffic using deep learning. SN Comput Sci 2 (2):110. https://doi.org/10.1007/s42979-021-00507-w

  • Hindy H, Atkinson R, Tachtatzis C, Colin JN, Bayne E, Bellekens X (2020) Utilising deep learning techniques for effective zero-day attack detection. Electronics 9(10):1684. https://doi.org/10.3390/electronics9101684

    Article  Google Scholar 

  • Hinton G, Deng L, Yu D, Dahl GE, Mohamed AR, Jaitly N, Senior A, Vanhoucke V, Nguyen P, Sainath TN, Kingsbury B (2012) Deep neural networks for acoustic modeling in speech recognition: The shared views of four research groups. IEEE Signal . Processing Magazine 29(6):82–97. https://doi.org/10.1109/MSP.2012.2205597

    Article  Google Scholar 

  • Homayoun S, Dehghantanha A, Ahmadzadeh M, Hashemi S, Khayami R, Choo KR, Newton DE (2019) DRTHIS: deep ransomware threat hunting and intelligence system at the fog layer. Future Gener Comput Syst 90:94–104. https://doi.org/10.1016/j.future.2018.07.045

    Article  Google Scholar 

  • Hou S, Saas A, Chen L, Ye Y (2016) Deep4maldroid: A deep learning framework for android malware detection based on linux kernel system call graphs. In: 2016 IEEE/WIC/ACM International Conference on Web Intelligence - Workshops, WI 2016 Workshops, Omaha, NE, USA, October 13-16, 2016, IEEE Computer Society, pp 104–111. https://doi.org/10.1109/WIW.2016.040

  • Hu P, Ning H, Qiu T, Song H, Wang Y, Yao X (2017) Security and privacy preservation scheme of face identification and resolution framework using fog computing in internet of things. IEEE Internet Things J 4(5):1143–1155. https://doi.org/10.1109/JIOT.2017.2659783

    Article  Google Scholar 

  • Kao H (2018) R2-D2: color-inspired convolutional neural network (cnn)-based android malware detections. In: Abe N, Liu H, Pu C, Hu X, Ahmed NK, Qiao M, Song Y, Kossmann D, Liu B, Lee K, Tang J, e J, altz JS (eds) IEEE International Conference on Big Data, Big Data 2018, Seattle, WA, USA, December 10-13, 2018, IEEE, pp 2633–2642 https://doi.org/10.1109/BigData.2018.8622324

  • Hussain B, Du Q, un B, an Z (2021) Deep learning-based ddos-attack detection for cyber-physical system over 5g network. IEEE Trans Ind Informatics 17 (2):860–870. https://doi.org/10.1109/TII.2020.2974520

    Article  Google Scholar 

  • Ibor AE, Oladeji FA, Okunoye OB, Ekabua OO (2020) Conceptualisation of cyberattack prediction with deep learning. Cybersecur 3(1):14. https://doi.org/10.1186/s42400-020-00053-7

    Article  Google Scholar 

  • Ibor AE, ladeji FA, Okunoye OB, Uwadia CO (2021) Novel adaptive cyberattack prediction model using an enhanced genetic algorithm and deep learning (adacdeep). Information Security Journal: A Global Perspective 0(0):1–20. https://doi.org/10.1080/19393555.2021.1883777

    Google Scholar 

  • Imtiaz SI ur Rehman, S, Javed AR, alil Z, Liu X, Lnumay WS (2021) Deepamd: Detection and identification of android malware using high-efficient deep artificial neural network. Future Gener Comput Syst 115:844–856. https://doi.org/10.1016/j.future.2020.10.008

  • Jagtap SS, Sriram VSS, Subramaniyaswamy V (2021) A hypergraph based kohonen map for detecting intrusions over cyber-physical systems traffic. Future Gener Comput Syst 119:84–109. https://doi.org/10.1016/j.future.2021.02.001

    Article  Google Scholar 

  • Jahromi AN, ashemi S, ehghantanha A, Parizi RM, hoo KR (2020) An enhanced stacked LSTM method with no random initialization for malware threat hunting in safety and time-critical systems. IEEE Trans Emerg Top Comput Intell 4(5):630–640. https://doi.org/10.1109/TETCI.2019.2910243

    Article  Google Scholar 

  • Jahromi AN, arimipour H, Dehghantanha A, hoo KR (2021) Toward detection and attribution of cyber-attacks in iot-enabled cyber-physical systems. IEEE Internet Things J 8(17):13712–13722. https://doi.org/10.1109/JIOT.2021.3067667

    Article  Google Scholar 

  • Javeed D, ao T, Khan MT (2021) Sdn-enabled hybrid dl-driven framework for the detection of emerging cyber threats in iot. Electronics 10(8):918

    Article  Google Scholar 

  • Jia T, Wu Y, ou C, Li Y (2021) Logflash: Real-time streaming anomaly detection and diagnosis from system logs for large-scale software systems learning. In: 21st IEEE International Conference on Software Quality, Reliability, and Security QRS 2021, Hainan Island,China, December 16-20, 2021, IEEE Computer Society

  • Karbab EB, Debbabi M, Derhab A, Mouheb D (2018) Maldozer: Automatic framework for android malware detection using deep learning. Digit Investig 24(Supplement):S48–S59. https://doi.org/10.1016/j.diin.2018.01.007

    Article  Google Scholar 

  • Karimipour H, Dehghantanha A, Parizi RM, Choo KR, Leung H (2019) A deep and scalable unsupervised machine learning system for cyber-attack detection in large-scale smart grids. IEEE Access 7: 80778–80788. https://doi.org/10.1109/ACCESS.2019.2920326

    Article  Google Scholar 

  • Kasim Ö (2020) An efficient and robust deep learning based network anomaly detection against distributed denial of service attacks. Comput Networks 180:107390. https://doi.org/10.1016/j.comnet.2020.107390

    Article  Google Scholar 

  • Kaur S, Singh M (2020) Hybrid intrusion detection and signature generation using deep recurrent neural networks. Neural Comput Appl 32(12):7859–7877. https://doi.org/10.1007/s00521-019-04187-9

    Article  Google Scholar 

  • Khan FA, Gumaei A, erhab A, ussain A (2019) A novel two-stage deep learning model for efficient network intrusion detection. IEEE Access 7:30373–30385. https://doi.org/10.1109/ACCESS.2019.2899721

    Article  Google Scholar 

  • Kim AC, Park M, Lee DH (2020a) AI-IDS: application of deep learning to real-time web intrusion detection. IEEE Access 8:70245–70261. https://doi.org/10.1109/ACCESS.2020.2986882

  • Kim H, Park J, won H, ang K, hoi S, Seo H (2020b) Detecting block cipher encryption for defense against crypto ransomware on low-end internet of things. In: You I (ed) Information Security Applications - 21st International Conference, WISA 2020, Jeju Island, South Korea, August 26-28, 2020, Revised Selected Papers, Springer, Lecture Notes in Computer Science, vol 12583, pp 16–30. https://doi.org/10.1007/978-3-030-65299-9_2

  • Kim T, Kang B, Rho M, Sezer S, Im EG (2019) A multimodal deep learning method for Android malware detection using various features. IEEE Trans Inf Forensics Secur 14(3):773–788. https://doi.org/10.1109/TIFS.2018.2866319

    Article  Google Scholar 

  • Kitchenham B, Charters S (2007) Guidelines for performing systematic literature reviews in software engineering. Tech. Rep. EBSE 2007-001, Keele University and Durham University Joint Report

  • Kitchenham BA, Brereton P (2013) A systematic review of systematic review process research in software engineering. Inf Softw Technol 55 (12):2049–2075. https://doi.org/10.1016/j.infsof.2013.07.010

    Article  Google Scholar 

  • Kravchik M, Shabtai A (2021) Efficient cyber attack detection in industrial control systems using lightweight neural networks and pca. IEEE Transactions on Dependable and Secure Computing pp 1–1. https://doi.org/10.1109/TDSC.2021.3050101

  • Krishna CGL, Murphy RR (2017) A review on cybersecurity vulnerabilities for unmanned aerial vehicles. In: IEEE International Symposium on Safety, Security and Rescue Robotics, SSRR 2017, Shanghai, China, October 11-13, 2017, IEEE, pp 194–199. https://doi.org/10.1109/SSRR.2017.8088163

  • Krizhevsky A, Sutskever I, Hinton GE (2017) Imagenet classification with deep convolutional neural networks. Commun ACM 60(6):84–90. https://doi.org/10.1145/3065386

    Article  Google Scholar 

  • Larriva-Novo X, Vega-Barbas M, Villagrá VA, Rodrigo MS (2020) Evaluation of cybersecurity data set characteristics for their applicability to neural networks algorithms detecting cybersecurity anomalies. IEEE Access 8:9005–9014. https://doi.org/10.1109/ACCESS.2019.2963407

    Article  Google Scholar 

  • Lee J, Kim J, Kim I, Han K (2019) Cyber threat detection based on artificial neural networks using event profiles. IEEE Access 7:165607–165626. https://doi.org/10.1109/ACCESS.2019.2953095

    Article  Google Scholar 

  • Lee SJ, Yoo PD, Asyhari AT, Jhi Y, Chermak L, Yeun CY, Taha K (2020) IMPACT: impersonation attack detection via edge computing using deep autoencoder and feature abstraction. IEEE Access 8:65520–65529. https://doi.org/10.1109/ACCESS.2020.2985089

    Article  Google Scholar 

  • Lezzi M, Lazoi M, Corallo A (2018) Cybersecurity for industry 4.0 in the current literature: A reference framework. Comput Ind 103:97–110. https://doi.org/10.1016/j.compind.2018.09.004

    Article  Google Scholar 

  • Li D, Chen D, Jin B, Shi L, Goh J, Ng S (2019a) MAD-GAN: multivariate anomaly detection for time series data with generative adversarial networks. In: Tetko IV, Kurková V, Karpov P, heis FJ (eds) Artificial Neural Networks and Machine Learning - ICANN 2019: Text and Time Series - 28th International Conference on Artificial Neural Networks, Munich, Germany, September 17-19, 2019, Proceedings, Part IV, Springer, Lecture Notes in Computer Science, vol 11730, pp 703–716. https://doi.org/10.1007/978-3-030-30490-4_56

  • Li Y, Xiong K, Chin T, Hu C (2019b) A machine learning framework for domain generation algorithm-based malware detection. IEEE Access 7:32765–32782. https://doi.org/10.1109/ACCESS.2019.2891588

  • Li Z, Zou D, Xu S, Ou X, Jin H, Wang S, Deng Z, Zhong Y (2018) Vuldeepecker: A deep learning-based system for vulnerability detection. In: 25th Annual Network and Distributed System Security Symposium, NDSS 2018, San Diego, California, USA, February 18-21, 2018, The Internet Society

  • Lingam G, Rout RR, Somayajulu DVLN (2019) Adaptive deep q-learning model for detecting social bots and influential users in online social networks. Appl Intell 49(11):3947–3964. https://doi.org/10.1007/s10489-019-01488-3

    Article  Google Scholar 

  • Liu H, Lang B (2019) Machine learning and deep learning methods for intrusion detection systems: A survey. Applied Sciences 9(20):4396. https://doi.org/10.3390/app9204396

    Article  Google Scholar 

  • Liu J, Xiao Y, Li S, Liang W, Chen CLP (2012) Cyber security and privacy issues in smart grids. IEEE Commun Surv Tutorials 14(4):981–997. https://doi.org/10.1109/SURV.2011.122111.00145

    Article  Google Scholar 

  • Lopez-Martin M, Carro B, Sanchez-Esguevillas A (2020) Application of deep reinforcement learning to intrusion detection for supervised problems. Expert Systems with Applications 141:112963. https://doi.org/10.1016/j.eswa.2019.112963

    Article  Google Scholar 

  • Loukas G, Vuong T, Heartfield R, Sakellari G, Yoon Y, Gan D (2018) Cloud-based cyber-physical intrusion detection for vehicles using deep learning. IEEE Access 6:3491–3508. https://doi.org/10.1109/ACCESS.2017.2782159

    Article  Google Scholar 

  • Lu Y, Xu LD (2019) Internet of things (iot) cybersecurity research: A review of current research topics. IEEE Internet Things J 6(2):2103–2115. https://doi.org/10.1109/JIOT.2018.2869847

    Article  Google Scholar 

  • Mahdavifar S, Ghorbani AA (2020) Dennes: deep embedded neural network expert system for detecting cyber attacks. Neural Comput Appl 32 (18):14753–14780. https://doi.org/10.1007/s00521-020-04830-w

    Article  Google Scholar 

  • Maimó LF, Clemente FJG, Pérez MG, Pérez GM (2017). In: On the performance of a deep learning-based anomaly detection system for 5g networks 2017 IEEE SmartWorld, Ubiquitous Intelligence & Computing, Advanced & Trusted Computed, Scalable Computing & Communications, Cloud & Big Data Computing, Internet of People and Smart City Innovation, SmartWorld/SCALCOM/UIC/ATC/CBDCom/IOP/SCI 2017, San Francisco, CA, USA, August 4-8, 2017, IEEE, pp 1–8. https://doi.org/10.1109/UIC-ATC.2017.8397440

  • Maimó LF, Gómez ÁLP, Clemente FJG, Pérez MG, Pérez GM (2018) A self-adaptive deep learning-based system for anomaly detection in 5g networks. IEEE Access 6:7700–7712. https://doi.org/10.1109/ACCESS.2018.2803446

    Article  Google Scholar 

  • Maurya S, Jain A (2020) Deep learning to combat phishing. Journal of Statistics and Management Systems 6:945–957

    Article  Google Scholar 

  • McDermott CD Majdani, F, Petrovski A (2018) Botnet detection in the internet of things using deep learning approaches. In: 2018 International Joint Conference on Neural Networks, IJCNN 2018, Rio de Janeiro, Brazil, July 8-13, 2018, IEEE, pp 1–8. https://doi.org/10.1109/IJCNN.2018.8489489

  • Mendiratta S (2019) It trends and web engineering. In: International Conference on contemporary Computing and Informatics, IC3I 2019, Singapore, December 12-14, 2019, IEEE, pp 179–185

  • Michie D, Spiegelhalter DJ, Taylor CC (1994) Machine Learning, Neural and Statistical Classification. Ellis Horwood, Chichester

    MATH  Google Scholar 

  • Mnih V, Badia AP, Mirza M, Graves A, Lillicrap TP, Harley T, Silver D, Kavukcuoglu K (2016) Asynchronous methods for deep reinforcement learning. In: Balcan M, Weinberger KQ (eds) Proceedings of the 33nd International Conference on Machine Learning, ICML 2016, New York City, NY, USA, June 19-24, 2016, JMLR.org, JMLR Workshop and Conference Proceedings, vol 48, pp 1928–1937

  • Moore SR, Ge H, Li N, Proctor RW (2019) Cybersecurity for Android applications: permissions in Android 5 and 6. Int J HumanComput Interact 35(7):630–640. https://doi.org/10.1080/10447318.2018.1489580

    Article  Google Scholar 

  • Naseer S, Saleem Y, Khalid S, Bashir MK, Han J, Iqbal MM, Han K (2018) Enhanced network anomaly detection based on deep neural networks. IEEE Access 6:48231–48246. https://doi.org/10.1109/ACCESS.2018.2863036

    Article  Google Scholar 

  • Ndichu S, Kim S, Ozawa S, Misu T, Makishima K (2019) A machine learning approach to detection of javascript-based attacks using AST features and paragraph vectors. Appl Soft Comput 84. https://doi.org/10.1016/j.asoc.2019.105721

  • Ni S, Qian Q, Zhang R (2018) Malware identification using visualization images and deep learning. Comput Secur 77:871–885. https://doi.org/10.1016/j.cose.2018.04.005

    Article  Google Scholar 

  • Niu W, Cao R, Zhang X, Ding K, Zhang K, Li T (2020a) Opcode-level function call graph based Android malware classification using deep learning. Sensors 20(13):3645. https://doi.org/10.3390/s20133645

  • Niu W, Zhang X, Du X, Zhao L, Cao R, Guizani M (2020b) A deep learning based static taint analysis approach for iot software vulnerability location. Measurement 152:107139. https://doi.org/10.1016/j.measurement.2019.107139

  • Niyaz Q, Sun W, Javaid AY (2017) A deep learning based ddos detection system in software-defined networking (SDN). EAI Endorsed Trans Security Safety 4(12):e2. https://doi.org/10.4108/eai.28-12-2017.153515

    Google Scholar 

  • Nunes E, Diab A, Gunn AT, Marin E, Mishra V, Paliath V, Robertson J, Shakarian J, Thart A, Shakarian P (2016) Darknet and deepnet mining for proactive cybersecurity threat intelligence. In: IEEE Conference on Intelligence and Security Informatics, ISI 2016, Tucson, AZ, USA, September 28-30, 2016, IEEE, pp 7–12. https://doi.org/10.1109/ISI.2016.7745435

  • Onishi H (2014) Approaches for vehicle cyber security. In: IEEE Conference on Communications and Network Security, CNS 2014, San Francisco, CA, USA, October 29-31, 2014, IEEE, pp 506–507. https://doi.org/10.1109/CNS.2014.6997527

  • Ouairy L, Le-Bouder H, Lanet J L Zincir-Heywood N, Bonfante G, Debbabi M, Garcia-Alfaro J (eds) (2019) Protection of systems against fuzzing attacks. Springer International Publishing, Cham

  • Pan Y, Sun F, Teng Z, White J, Schmidt DC, Staples J, Krause L (2019) Detecting web attacks with end-to-end deep learning. J Internet Serv Appl 10(1):16:1–16:22. https://doi.org/10.1186/s13174-019-0115-x

    Article  Google Scholar 

  • Parra GDLT, Rad P, Choo KR, Beebe N (2020) Detecting internet of things attacks using distributed deep learning. J Netw Comput Appl 163:102662. https://doi.org/10.1016/j.jnca.2020.102662

    Article  Google Scholar 

  • Pektas A, Acarman T (2019) Deep learning to detect botnet via network flow summaries. Neural Comput Appl 31(11):8021–8033. https://doi.org/10.1007/s00521-018-3595-x

    Article  Google Scholar 

  • Petersen K, Feldt R, Mujtaba S, Mattsson M (2008) Systematic mapping studies in software engineering. In: Visaggio G, Baldassarre MT, Linkman SG, Turner M (eds) 12th International Conference on Evaluation and Assessment in Software Engineering, EASE 2008, University of Bari, Italy, 26-27 June 2008, BCS, Workshops in Computing

  • Popoola SI, Adebisi B, Hammoudeh M, Gui G, Gacanin H (2021) Hybrid deep learning for botnet attack detection in the internet-of-things networks. IEEE Internet Things J 8(6):4944–4956. https://doi.org/10.1109/JIOT.2020.3034156

    Article  Google Scholar 

  • Preuveneers D, Rimmer V, Tsingenopoulos I, Spooren J, Joosen W, Ilie-Zudor E (2018) Chained anomaly detection models for federated learning: An intrusion detection case study. Applied Sciences 8(12):2663–2683

    Article  Google Scholar 

  • Radford A, Metz L, Chintala S (2016) Unsupervised representation learning with deep convolutional generative adversarial networks. In: Bengio Y, LeCun Y (eds) 4th International Conference on Learning Representations, ICLR 2016, San Juan, Puerto Rico, May 2-4, 2016, Conference Track Proceedings

  • Ramaiah M, Chandrasekaran V, Ravi V, Kumar N (2021) An intrusion detection system using optimized deep neural network architecture. Trans Emerg Telecommun Technol 32:4. https://doi.org/10.1002/ett.4221

    Google Scholar 

  • Ravi V, Alazab M, Srinivasan S, Arunachalam A, P Soman K (2021) Adversarial defense: Dga-based botnets and dns homographs detection through integrated deep learning. IEEE Transactions on Engineering Management pp 1–18. https://doi.org/10.1109/TEM.2021.3059664

  • Rhode M, Burnap P, Jones K (2018) Early-stage malware prediction using recurrent neural networks. Comput Secur 77:578–594. https://doi.org/10.1016/j.cose.2018.05.010

    Article  Google Scholar 

  • Ronen R, Radu M, Feuerstein C, Yom-Tov E, Ahmadi M (2018) Microsoft malware classification challenge. CoRR abs/1802.10135

  • Rong C, Gou G, Cui M, Xiong G, Li Z, Guo L Park N, Sun K, Foresti S, Butler K, Saxena N (eds) (2020) Transnet: Unseen malware variants detection using deep transfer learning. Springer International Publishing, Cham

  • Roseline SA, Hari G, Geetha S, Krishnamurthy R (2019) Vision-based malware detection and classification using lightweight deep learning paradigm. In: Nain N, Vipparthi SK, Raman B (eds) Computer Vision and Image Processing - 4th International Conference, CVIP 2019, Jaipur, India, September 27-29, 2019, Revised Selected Papers, Part II, Springer, Communications in Computer and Information Science, vol 1148, pp 62–73. https://doi.org/10.1007/978-981-15-4018-9_6

  • Russell SJ, Norvig P (2020) Artificial Intelligence: A Modern Approach (4th Edition). Pearson, New York

    MATH  Google Scholar 

  • Saharkhizan M, Azmoodeh A, Dehghantanha A, Choo KR, Parizi RM (2020) An ensemble of deep recurrent neural networks for detecting iot cyber attacks using network traffic. IEEE Internet Things J 7(9): 8852–8859. https://doi.org/10.1109/JIOT.2020.2996425

    Article  Google Scholar 

  • Shams EA, Rizaner A, Ulusoy AH (2021) A novel context-aware feature extraction method for convolutional neural network-based intrusion detection systems. Neural Comput Appl 33(20):13647–13665

    Article  Google Scholar 

  • Shang L, Guo D, Ji Y, Li Q (2021) Discovering unknown advanced persistent threat using shared features mined by neural networks. Comput Networks 189:107937. https://doi.org/10.1016/j.comnet.2021.107937

    Article  Google Scholar 

  • Sharma B, Mangrulkar R (2019) Deep learning applications in cyber security: a comprehensive review, challenges and prospects. International Journal of Engineering Applied Sciences and Technology 4(8):148–1594

    Article  Google Scholar 

  • Sharmeen S, Huda S, Abawajy J, assan MM (2020) An adaptive framework against Android privilege escalation threats using deep learning and semi-supervised approaches. Appl Soft Comput 89:106089

    Article  Google Scholar 

  • Shi W, Sun H (2020) Deepbot: a time-based botnet detection with deep learning. Soft Comput 24(21): 16605–16616. https://doi.org/10.1007/s00500-020-04963-z

    Article  Google Scholar 

  • Shone N, Tran NN, Phai VD, Shi Q (2018) A deep learning approach to network intrusion detection. IEEE Trans Emerg Top Comput Intell 2 (1):41–50. https://doi.org/10.1109/TETCI.2017.2772792

    Article  Google Scholar 

  • Shrivastava V, Damodaran SS, Kamble M (2020) Adalward: a deep-learning framework for multi-class malicious webpage detection. Journal of Cyber Security Technology 4(3):153–195. https://doi.org/10.1080/23742917.2020.1714195

    Article  Google Scholar 

  • Siddiqui S, Khan MS, Ferens K, Kinsner W (2017) Fractal based cognitive neural network to detect obfuscated and indistinguishable internet threats. In: Howard N, Wang Y, ussain A, Hamdy F, Widrow B, Zadeh LA (eds) 16th IEEE International Conference on Cognitive Informatics & Cognitive Computing, ICCI*CC 2017, Oxford, United Kingdom, July 26-28, 2017, IEEE Computer Society, pp 297–308. https://doi.org/10.1109/ICCI-CC.2017.8109765

  • Sjøberg DIK, Hannay JE, Hansen O, Kampenes VB, Karahasanovic A, Liborg N, Rekdal AC (2005) A survey of controlled experiments in software engineering. IEEE Trans Software Eng 31(9):733–753. https://doi.org/10.1109/TSE.2005.97

    Article  Google Scholar 

  • Srinivas J, Das AK, Kumar N (2019) Government regulations in cyber security: Framework, standards and recommendations. Future Gener Comput Syst 92:178–188. https://doi.org/10.1016/j.future.2018.09.063

    Article  Google Scholar 

  • Sun CC, Hahn A, Liu CC (2018) Cyber security of a power grid: State-of-the-art. International Journal of Electrical Power & Energy Systems 99:45–56. https://doi.org/10.1016/j.ijepes.2017.12.020

    Article  Google Scholar 

  • Sun G, Qian Q (2021) Deep learning and visualization for identifying malware families. IEEE Trans Dependable Secur Comput 18(1):283–295. https://doi.org/10.1109/TDSC.2018.2884928

    Article  MathSciNet  Google Scholar 

  • Taheri S, Salem M, Yuan JS (2018) Leveraging image representation of network traffic data and transfer learning in botnet detection. Big Data and Cognitive Computing 2(4):37

    Article  Google Scholar 

  • Thamilarasu G, Chawla S (2019) Towards deep-learning-driven intrusion detection for the internet of things. Sensors 19(9):1977

    Article  Google Scholar 

  • Tian Q, Han D, Li K, Liu X, Duan L, Castiglione A (2020) An intrusion detection approach based on improved deep belief network. Appl Intell 50(10):3162–3178. https://doi.org/10.1007/s10489-020-01694-4

    Article  Google Scholar 

  • Ullah F, Naeem H, Jabbar S, Khalid S, Latif MA, Al-Turjman FM, Mostarda L (2019) Cyber security threats detection in internet of things using deep learning approach. IEEE Access 7:124379–124389

    Article  Google Scholar 

  • Ussath M, Jaeger D, Cheng F, Meinel C (2017) Identifying suspicious user behavior with neural networks. In: 4th IEEE International Conference on Cyber Security and Cloud Computing, CSCloud 2017, New York, NY, USA, June 26-28, 2017, IEEE Computer Society, pp 255–263. https://doi.org/10.1109/CSCloud.2017.10

  • Valliammal N, Shaju B (2018) Deep learning algorithm based cyber-attack detection in cyber-physical systems-a survey. International Journal of Advanced Technology and Engineering Exploration 5(49):489–494

    Article  Google Scholar 

  • Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Al-Nemrat A, Venkatraman S (2019a) Deep learning approach for intelligent intrusion detection system. IEEE Access 7:41525–41550. https://doi.org/10.1109/ACCESS.2019.2895334

  • Vinayakumar R, Alazab M, Soman KP, Poornachandran P, Venkatraman S (2019b) Robust intelligent malware detection using deep learning. IEEE Access 7:46717–46738. https://doi.org/10.1109/ACCESS.2019.2906934

  • Vinayakumar R, Soman K, Prabaharan P, Akarsh S (2019c) Application of deep learning architectures for cyber security. Cybersecurity and Secure Information Systems Advanced Sciences and Technologies for Security Applications. https://doi.org/10.1007/978-3-030-16837-7_6

  • Vinayakumar R, Soman K, Prabaharan P, Akarsh S, Elhoseny M (2019d) Deep learning framework for cyber threat situational awareness based on email and url data analysis. Cybersecurity and Secure Information Systems Advanced Sciences and Technologies for Security Applications. https://doi.org/10.1007/978-3-030-16837-7_6

  • Vinayakumar R, Alazab M, Srinivasan S, Pham QV, Padannayil SK, Simran K (2020) A visualized botnet detection system based deep learning for the internet of things networks of smart cities. IEEE Transactions on Industry Applications 56(4):4436–4456. https://doi.org/10.1109/TIA.2020.2971952

  • Wang H, Mumtaz S, Li H, Liu J, Yang F (2021) An identification strategy for unknown attack through the joint learning of space-time features. Future Gener Comput Syst 117:145–154. https://doi.org/10.1016/j.future.2020.11.023

    Article  Google Scholar 

  • Wei B, Hamad RA, Yang L, He X, ang H, Gao B, Woo WL (2019) A deep-learning-driven light-weight phishing detection sensor. Sensors 19 (19):4258. https://doi.org/10.3390/s19194258

    Article  Google Scholar 

  • Wieringa RJ, Maiden NAM, Mead NR, Rolland C (2006) Requirements engineering paper classification and evaluation criteria: a proposal and a discussion. Requir Eng 11(1):102–107. https://doi.org/10.1007/s00766-005-0021-6

    Article  Google Scholar 

  • Wohlin C (2014) Guidelines for snowballing in systematic literature studies and a replication in software engineering. In: Shepperd MJ, Hall T, Myrtveit I (eds) 18th International Conference on Evaluation and Assessment in Software Engineering, EASE ’14, London, England, United Kingdom, May 13-14, 2014, ACM, pp 38:1–38:10. https://doi.org/10.1145/2601248.2601268

  • Wu Y, Schuster M, Chen Z, Le QV, Norouzi M, Macherey W, Krikun M, Cao Y, Gao Q, Macherey K, Klingner J, Shah A, Johnson M, Liu X, Kaiser L, Gouws S, Kato Y, Kudo T, Kazawa H, Stevens K, Kurian G, Patil N, Wang W, Young C, Smith J, Riesa J, Rudnick A, Vinyals O, Corrado G, Hughes M, Dean J (2016) Google’s neural machine translation system: Bridging the gap between human and machine translation. CoRR abs/1609.08144

  • Xin Y, Kong L, Liu Z, Chen Y, Li Y, Zhu H, Gao M, Hou H, Wang C (2018) Machine learning and deep learning methods for cybersecurity. IEEE Access 6:35365–35381. https://doi.org/10.1109/ACCESS.2018.2836950

    Article  Google Scholar 

  • Xiong R, Cao J, Yu Q (2018) Reinforcement learning-based real-time power management for hybrid energy storage system in the plug-in hybrid electric vehicle. Applied Energy 211:538–548

    Article  Google Scholar 

  • Yamin MM, Katt B (2018) Detecting malicious windows commands using natural language processing techniques. In: Lanet J, Toma C (eds) Innovative Security Solutions for Information Technology and Communications - 11th International Conference, SecITC 2018, Bucharest, Romania, November 8-9, 2018, Revised Selected Papers, Springer, Lecture Notes in Computer Science, vol 11359, pp 157–169. https://doi.org/10.1007/978-3-030-12942-2_13

  • Yang J, Lim H (2021) Deep learning approach for detecting malicious activities over encrypted secure channels. IEEE Access 9:39229–39244. https://doi.org/10.1109/ACCESS.2021.3064561

    Article  Google Scholar 

  • Yang W, Zuo W, Cui B (2019) Detecting malicious urls via a keyword-based convolutional gated-recurrent-unit neural network. IEEE Access 7:29891–29900. https://doi.org/10.1109/ACCESS.2019.2895751

    Article  Google Scholar 

  • Yerima SY, Alzaylaee MK, Shajan A, Vinod P (2021) Deep learning techniques for Android botnet detection. Electronics 10(4):519. https://doi.org/10.3390/electronics10040519

    Article  Google Scholar 

  • Yin C, Zhu Y, Fei J, He X (2017) A deep learning approach for intrusion detection using recurrent neural networks. IEEE Access 5:21954–21961. https://doi.org/10.1109/ACCESS.2017.2762418

    Article  Google Scholar 

  • Yousefi-Azar M, Hamey LGC, Varadharajan V, Chen S (2018) Malytics: A malware detection scheme. IEEE Access 6:49418–49431. https://doi.org/10.1109/ACCESS.2018.2864871

    Article  Google Scholar 

  • Yuan X, Li C, Li X (2017) Deepdefense: Identifying ddos attack via deep learning. In: 2017 IEEE International Conference on Smart Computing, SMARTCOMP 2017, Hong Kong, China, May 29-31, 2017, IEEE Computer Society, pp 1–8. https://doi.org/10.1109/SMARTCOMP.2017.7946998

  • Yuan Y, Adhatarao SS, Lin M, Yuan Y, Liu Z, Fu X (2020) ADA: adaptive deep log anomaly detector. In: 39th IEEE Conference on Computer Communications, INFOCOM 2020, Toronto, ON, Canada, July 6-9, 2020, IEEE, pp 2449–2458 https://doi.org/10.1109/INFOCOM41043.2020.9155487

  • Yuan Z, Lu Y, Xue Y (2016) Droiddetector: Android malware characterization and detection using deep learning. Tsinghua Science and Technology 21 (1):114–123. https://doi.org/10.1109/TST.2016.7399288

    Article  Google Scholar 

  • Zhao J, Zhao J, Shetty S, Pan J W, Kamhoua C, Kwiat K (2019) Transfer learning for detecting unknown network attacks. EURASIP Journal on Information Security 2019:2510–2523

    Article  Google Scholar 

  • Zhao J, Liu X, Yan Q, Li B, Shao M, Peng H (2020a) Multi-attributed heterogeneous graph convolutional network for bot detection. Inf Sci 537:380–393. https://doi.org/10.1016/j.ins.2020.03.113

  • Zhao Y, Chen J, Guo Q, Teng J, Wu D (2020b) Network anomaly detection using federated learning and transfer learning. In: Yu S, Mueller P, Qian J (eds) Security and Privacy in Digital Economy - First International Conference, SPDE 2020, Quzhou, China, October 30 - November 1, 2020, Proceedings, Springer, Communications in Computer and Information Science, vol 1268, pp 219–231. https://doi.org/10.1007/978-981-15-9129-7_16

  • Zhong M, Zhou Y, Chen G (2021) Sequential model based intrusion detection system for iot servers using deep learning methods. Sensors 21(4):1113. https://doi.org/10.3390/s21041113

    Article  Google Scholar 

  • Zhong W, Gu F (2019) A multi-level deep learning system for malware detection. Expert Syst Appl 133: 151–162. https://doi.org/10.1016/j.eswa.2019.04.064

    Article  Google Scholar 

  • Zhou H, Hu Y, Yang X, Pan H, Guo W, Zou CC (2020) A worm detection system based on deep learning. IEEE Access 8:205444–205454. https://doi.org/10.1109/ACCESS.2020.3023434

    Article  Google Scholar 

Download references

Acknowledgements

This research was supported in part by the Air Force Research Laboratory (AFRL) and Department of Homeland Security (DHS) Science and Technology (S&T) Directorate under award FA8750-19-C-0077.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Damiano Torre.

Ethics declarations

Conflict of Interests

The authors declared that they have no conflict of interest.

Additional information

Communicated by: Foutse Khomh

Publisher’s note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Appendix: A

Appendix: A

In this appendix, we present the complete list of 93 datasets used by the authors of the 116 primary studies discussed in this work. Table 19 describes the Name of the dataset (first column), the Year when the dataset was created and or released (second column), the cybersecurity attacks (i.e., CA) involved in each dataset as described in the primary studies (third column), the Domain in which the dataset was applied (fourth column), the link to access the dataset (fifth column), the number of files (NF) included in the dataset (e.g., csv, cdf, accdb files) (sixth column), the dataset attacks (DA) types covered by the dataset as described by the author of the dataset (seventh column), the size (in terms of the number of records) and/or the features and/or the number of applications involved (S/F/A) in each dataset (when these details are provided) (eighth column), and the quality (Q) of the dataset scored as poor (P), fair (F), and good (G) (ninth column). In order to provide a score for each dataset, we considered: (i) how well is the dataset maintained, (ii) the size of it, (iii) how easy is to access it, and (iv) the different types of attacks that cover. Our recommendation in order to properly use the list of 93 datasets is the following: the reader should (a) first look first the application domains of interest (i.e., Domain), (b) second look a the types of cybersecurity attacks covered by each dataset (i.e., CA and DA), and (c) finally look at the score we provide as an ultimate indication. Some of the datasets report NA as the number of files when the files are incrementally added monthly (e.g., NXDomain), NA as size and/or features, when these details are not shared and the amount of files is too large to summarize them, or when the dataset is continuously updated.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Torre, D., Mesadieu, F. & Chennamaneni, A. Deep learning techniques to detect cybersecurity attacks: a systematic mapping study. Empir Software Eng 28, 76 (2023). https://doi.org/10.1007/s10664-023-10302-1

Download citation

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10664-023-10302-1

Keywords

Navigation