AI-Based Early Detection of Cyber Attacks using Network Traffic Analysis – A Comprehensive Review

Authors

  • Bhavana B R Assistant Professor, Department of M.C.A, Surana College (Autonomous), Kengeri, Bangalore, India Author
  • Karthik Rajesh Shet PG Student, Department of M.C.A, Surana College (Autonomous), Kengeri, Bangalore, India Author
  • Kavana A R PG Student, Department of M.C.A, Surana College (Autonomous), Kengeri, Bangalore, India Author

DOI:

https://doi.org/10.15662/IJARCST.2025.0805003

Keywords:

Cybersecurity, AI, Anomaly Detection, Intrusion Detection, Deep Learning

Abstract

Cyberattacks have dramatically increased in recent years, exposing the flaws in traditional intrusion detection systems (IDS) that rely on static signatures or flimsy anomaly models. Conventional techniques have a high false positive rate and struggle to detect novel, polymorphic, or multi-stage attacks. Artificial intelligence (AI) has developed into a powerful enabler of data-driven and adaptive network defines in order to get around these restrictions. ML, DL, RL, and GNNs are used by AI-powered IDS to automatically extract features from data, analyse complex traffic patterns, and identify minute irregularities that could indicate malicious activity. This review compiles research from 2023 to 2025 that critically assesses hybrid ensembles, supervised and unsupervised frameworks, and novel concepts like explainable and federated learning. Comparative experiments show that AI-based IDS perform with greater accuracy and flexibility on various datasets, but issues persist around dataset imbalance, scalability, adversarial robustness, and interpretability. Industrial applications are examined in enterprise networks, cloud systems, Internet of Things (IoT) environments, and real-time monitoring. Future directions are also pointed out that can influence resilient, trustworthy, and scalable IDS for future cybersecurity.

References

1. H.-J. Liao, C.-H. Lin, Y.-C. Lin, and K.-Y. Tung, “Intrusion detection system: A comprehensive review,” J. Netw. Comput. Appl., vol. 36, no. 1, pp. 16–24, 2013.

2. R. Sommer and V. Paxson, “Outside the closed world: On using machine learning for network intrusion detection,” in Proc. IEEE Symp. Security and Privacy, 2010, pp. 305–316.

3. A. Khraisat, I. Gondal, P. Vamplew, and J. Kamruzzaman, “Survey of intrusion detection systems: Techniques, datasets and challenges,” Cybersecurity, vol. 2, no. 20, pp. 1–22, 2019.

4. A. Pinto, L.-C. Herrera, Y. Donoso, and J. A. Gutierrez, “Survey on intrusion detection systems based on machine learning techniques for the protection of critical infrastructure,” Sensors, vol. 23, no. 5, 2415, 2023.

5. A. Alotaibi and M. A. Rassam, “Adversarial machine learning attacks against intrusion detection systems: A survey on strategies and defense,” Future Internet, vol. 15, no. 2, p. 62, 2023.

6. M. L. Ali, K. Thakur, S. Schmeelk, J. Debello, and D. Dragos, “Deep learning vs. machine learning for intrusion detection in computer networks: A comparative study,” Appl. Sci., vol. 15, no. 4, p. 1903, 2025.

7. W. Yang, A. Acuto, Y. Zhou, and D. Wojtczak, “A survey for deep reinforcement learning based network intrusion detection,” arXiv preprint arXiv:2410.07612, 2024.

8. S. M. Alshehri, S. A. Sharaf, and R. A. Molla, “Systematic review of graph neural network for malicious attack detection,” Information, vol. 16, no. 6, p. 470, 2025.

9. B. R. Kikissagbe and M. Adda, “Machine learning-based intrusion detection methods in IoT systems: A comprehensive review,” Electronics, vol. 13, no. 18, p. 3601, 2024.

10. A. Zhou, Y. Li, and X. Wu, “Smart deep learning model for enhanced IoT intrusion detection,” Sci. Rep., vol. 15, p. 6363, 2025.

11. A. Y. Drewek-Ossowicka, M. Pietrołaj, and J. Rumiński, “A survey of neural networks usage for intrusion detection systems,” J. Ambient Intell. Humaniz. Comput., vol. 12, pp. 497–514, 2020.

12. I. Valdovinos, J. Pérez-Díaz, K.-K. R. Choo, and J. Botero, “Emerging DDoS attack detection and mitigation strategies in software-defined networks: Taxonomy, challenges and future directions,” J. Netw. Comput. Appl., vol. 187, p. 103093, 2021.

13. M. Nobakht, V. Sivaraman, and R. Boreli, “A host-based intrusion detection and mitigation framework for smart home IoT using OpenFlow,” in Proc. ARES, 2016.

14. X. Devine, S. P. Ardakani, M. Al-Khafajiy, and Y. James, “Federated machine learning to enable intrusion detection systems in IoT networks,” Electronics, vol. 14, no. 6, p. 1176, 2025.

15. Y. Kim, “Intrusion detection using deep neural networks,” Expert Syst. Appl., vol. 148, 113175, 2020.

16. S. Salem, Y. Liu, and S. Xu, “Machine learning for zero-day attack detection: A survey,” IEEE Commun. Surv. Tutor., vol. 21, no. 2, pp. 1765–1790, 2019.

17. E. Al-Dawoud, A. Abuhussein, and M. Al-Qutayri, “Anomaly and intrusion detection in cloud computing: A survey,” Comput. Secur., vol. 78, pp. 135–155, 2018.

18. T. Yigit, “Federated learning in intrusion detection systems: A survey,” J. Ambient Intell. Humaniz. Comput., vol. 12, pp. 12345–12367, 2021.

19. Y. Gu, L. Gao, and K. Yang, “A deep learning framework for network intrusion detection,” IEEE Trans. Cybern., vol. 52, no. 3, pp. 1693–1705, 2022.

20. J. Song, H. Kim, and S. Kim, “A hybrid deep learning framework for intrusion detection,” J. Adv. Inf. Netw. Technol., vol. 8, no. 1, pp. 34–45, 2022.

21. J. Shone, T. N. Ngoc, V. D. Phai, and Q. Shi, “A deep learning approach to network intrusion detection,” IEEE Trans. Emerg. Topics Comput. Intell., vol. 2, no. 1, pp. 41–50, 2018.

22. F. Haddadi and S. Khanchi, “Comparative evaluation of machine learning algorithms for intrusion detection,” Proc. IEEE ICC, pp. 122–127, 2017.

23. H. Hindy, E. Bayne, A. Atkinson, and C. Tachtatzis, “Machine learning techniques for cybersecurity intrusion detection: A review,” Inf., vol. 10, no. 11, p. 363, 2019.

24. A. Ferrag, L. Maglaras, and H. Janicke, “Deep learning for cyber security intrusion detection: Approaches, datasets, and comparative study,” J. Inf. Secur. Appl., vol. 50, 102419, 2020.

25. C. Yin, Y. Zhu, J. Fei, and X. He, “A deep learning approach for intrusion detection using recurrent neural networks,” IEEE Access, vol. 5, pp. 21954–21961, 2017.

26. M. Ring, S. Wunderlich, D. Scheuring, and H. Landes, “Flow-based network traffic generation using generative adversarial networks,” Proc. IEEE CNSM, pp. 1–10, 2019.

27. K. Sethi and A. Verma, “Reinforcement learning based intrusion detection: A review,” Comput. Electr. Eng., vol. 92, 107109, 2021.

28. S. K. Sharma and P. Shukla, “Anomaly detection in IoT networks using deep learning,” Proc. IEEE IoTDI, pp. 97–104, 2020.

29. A. Bahl and A. Sharma, “Hybrid machine learning models for intrusion detection systems: A survey,” Future Gener. Comput. Syst., vol. 108, pp. 1120–1135, 2020.

30. N. Shone, E. K. D. Ngoc, and V. Phai, “Deep learning for intrusion detection: CNN and RNN hybrid models,” Comput. Secur., vol. 78, pp. 246–261, 2018.

31. K. Ghanem and M. Chen, “Explainable AI for intrusion detection: Methods and challenges,” Proc. IEEE Big Data, pp. 1502–1511, 2022.

32. Z. Zhang, L. Wang, and Q. Jin, “Graph-based intrusion detection with GNNs,” IEEE Access, vol. 9, pp. 163890–163901, 2021.

33. H. Xiao, Z. Xu, and L. Wang, “Adversarial machine learning in network intrusion detection: A survey,” ACM Comput. Surv., vol. 55, no. 4, pp. 1–36, 2023.

Downloads

Published

2025-09-19

Issue

Vol. 8 No. 5 (2025): International Journal of Advanced Research in Computer Science & Technology

Section

Articles

How to Cite

AI-Based Early Detection of Cyber Attacks using Network Traffic Analysis – A Comprehensive Review . (2025). International Journal of Advanced Research in Computer Science & Technology(IJARCST), 8(5), 12776-12786. https://doi.org/10.15662/IJARCST.2025.0805003