Article Preview
TopIntroduction
The Internet has now become an unavoidable part of everyone's life. The Internet is transforming how people learn and work as the Internet and social life become increasingly intertwined, rendering this vast interrelated network vulnerable to a variety of progressively serious security risks. The ability to recognize various network threats, particularly those that have never been seen before, is a critical issue that must be addressed immediately.
The rapid computer and internet technologies development is becoming an attackers’ opportunity to break into network systems, using some of their specific information. Though, an incredible number of attacks were introduced giving rise to network security challenges. Nowadays, network security researchers have introduced fields like cryptography (Belfedhal & Faraoun, 2015; Benaissa et al., 2021), and Intrusion Detection System (IDS) (Chaibi et al., 2020; Denning, 1987).
Cybersecurity appears to be vital in protecting key facilities from attacks and illegal access. Cybersecurity encompasses a wide range of technology and procedures. Some cybersecurity areas include application security, data security, network monitoring, disaster recovery, operational security, end-user education, and so on.
Cyberattacks are an advanced form of warfare that is devoid of weapons but extremely destructive and pernicious, exposing sensitive personal and business information, disrupting crucial tasks, exposing continuous vulnerabilities, and allowing unauthorized access to devices and software, all of which impose high costs on the country's economy. For most reputable firms, cybersecurity is a perennial challenge.
The basic network and machines are protected from unwanted access, damage, dysfunction, and alteration by two types of traditional security systems: network security systems and host security systems. Each of these systems may include a variety of security management components, including as firewalls, intrusion detection systems (IDSs), and antiviruses, which assist monitoring a system or network and send alerts if harmful behaviour is detected. The concept of Intrusion Detection System (IDS) proposed by (Denning, 1987) is useful for detecting, identifying and tracking intruders. (Endorf et al., 2004) proposed a methodology classifying IDS into two categories: signature-based detection and anomaly-based detection. Signature-based detection approaches utilize predetermined signatures of harmful behaviors. As a result, they are only used to identify known attacks. Anomaly detection approaches, on the other hand, describe typical patterns and identify harmful activity based on departures from those patterns. As a result, anomaly-based detection approaches can discover zero-day intrusions. (Buczak & Guven, 2015).
(Dokas et al., 2002; Wu & Yen, 2009) developed data mining methods for IDS. Also, the use of Artificial Intelligence (AI), Machine Learning (ML) and Deep Learning (DL) technologies has sparked a new wave of network security research. The application of neural networks to intrusion detection, in particular, has become a critical issue in current network security technologies (Tavallaee et al., 2009; Ingre & Yadav 2015).
With its complexity and capacity to self-learn, DL enables more accurate and quicker processing. Its success in numerous fields, as well as the limitations of traditional cybersecurity techniques, necessitates more research into the use of DL in security domains. Cybersecurity areas, like as cyberattack detection, can benefit from DL (Tang, 2016; Wang, 2015).
The incapability of robust cybersecurity strategies to deal with the increasing evolution of cyberattacks, the failure to identify new risks, challenges in the analysis process of complex events, and restrictions of efficient virtualization as the quantity of data and attack grow, are the major challenges facing network security solutions in development. The use of DL approaches to solve these issues is the main strategy that researchers are interested in: DDoS attacks detection, behavioral abnormalities detection, malware and protocol detection are just a few examples of how DL approaches can be used to solve cybersecurity problems.