Advancements in Intrusion Detection Systems

The field of intrusion detection systems is moving towards leveraging advanced machine learning techniques and federated learning approaches to improve detection accuracy and robustness. Researchers are exploring the use of transformer-based models, such as BERT, and attention-based mechanisms to enhance the performance of intrusion detection systems. Additionally, there is a growing interest in developing transferable and generalizable models that can adapt to new and unknown attacks. The use of joint-dataset learning and meta-learning approaches is also being investigated to improve the detection of zero-day attacks and reduce the need for labeled data. Notable papers in this area include:

  • A paper that proposes a two-tiered anomaly detection approach for SQL using DistilBERT, which combines unsupervised and supervised machine learning techniques to accurately identify anomalous activities.
  • A paper that presents FetFIDS, a feature embedding attention-based federated network intrusion detection algorithm that outperforms state-of-the-art systems in a federated environment.
  • A paper that proposes BERTector, a scalable framework based on BERT that integrates traffic-aware semantic tokenization, supervised fine-tuning, and low-rank adaptation for efficient training.
  • A paper that develops a hierarchical IDS for zero-day attack detection in Internet of Medical Things networks, which achieves high accuracy and F1-score on the CICIoMT2024 dataset.

Sources

Leveraging large language models for SQL behavior-based database intrusion detection

FetFIDS: A Feature Embedding Attention based Federated Network Intrusion Detection Algorithm

Developing a Transferable Federated Network Intrusion Detection System

BERTector: Intrusion Detection Based on Joint-Dataset Learning

A Hierarchical IDS for Zero-Day Attack Detection in Internet of Medical Things Networks

Built with on top of