Title: Intrusion detection in forensics based on machine learning techniques: a review

Authors: Fathollah Bistouni; Mohsen Jahanshahi; Kong Fah Tee

Addresses: Department of Computer Engineering, Central Tehran Branch, Islamic Azad University, Tehran, 13117773591, Iran ' Department of Computer Engineering, Central Tehran Branch, Islamic Azad University, Tehran, 13117773591, Iran ' School of Engineering, University of Greenwich, Kent, ME4 4TB, UK

Abstract: Penetration into various systems, including information, organisations, banks and other systems has become a challenge. Intrusion detection systems (IDS) today have a great impact on detecting attacks and intrusions on many systems including forensics, and a nuclear design that can accurately perform the intrusion detection process is crucial. This paper discusses machine learning techniques of IDS design and implementation in forensics. In general, machine learning is categorised into three general categories: supervised, unsupervised and semi-supervised learning to detect intrusion. In each of these categories, techniques have been put forward that each one with its outstanding capabilities and features can be effective in detecting intrusion. Surveys and analyses show that supervised techniques have higher accuracy and capability to detect intrusions into the IDS.

Keywords: intrusion detection; machine learning; forensics; data mining; supervised learning; unsupervised; semi-supervised.

DOI: 10.1504/IJFE.2021.118915

International Journal of Forensic Engineering, 2021 Vol.5 No.2, pp.126 - 156

Received: 09 Apr 2020
Accepted: 28 Apr 2021
Published online: 11 Nov 2021 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article