Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey
<p dir="ltr">Network intrusion detection systems are crucial for securing information technology and operational technology networks against cyberattacks. While machine learning and deep learning techniques hold significant promise for enhancing these systems, their performance is hi...
Saved in:
| Main Author: | |
|---|---|
| Other Authors: | , , , , |
| Published: |
2025
|
| Subjects: | |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1864513533109075968 |
|---|---|
| author | Somaya Eltanbouly (22565864) |
| author2 | Jezia Zakraoui (14151399) Abdulaziz Al-Ali (16393288) Abdelhak Belhi (22565867) Sandy Rahme (16888770) Abdelaziz Bouras (20036553) |
| author2_role | author author author author author |
| author_facet | Somaya Eltanbouly (22565864) Jezia Zakraoui (14151399) Abdulaziz Al-Ali (16393288) Abdelhak Belhi (22565867) Sandy Rahme (16888770) Abdelaziz Bouras (20036553) |
| author_role | author |
| dc.creator.none.fl_str_mv | Somaya Eltanbouly (22565864) Jezia Zakraoui (14151399) Abdulaziz Al-Ali (16393288) Abdelhak Belhi (22565867) Sandy Rahme (16888770) Abdelaziz Bouras (20036553) |
| dc.date.none.fl_str_mv | 2025-06-27T12:00:00Z |
| dc.identifier.none.fl_str_mv | 10.1109/access.2025.3581354 |
| dc.relation.none.fl_str_mv | https://figshare.com/articles/journal_contribution/Network_Packet_Transformation_Approaches_for_Intrusion_Detection_Systems_A_Survey/30542768 |
| dc.rights.none.fl_str_mv | CC BY 4.0 info:eu-repo/semantics/openAccess |
| dc.subject.none.fl_str_mv | Information and computing sciences Cybersecurity and privacy Data management and data science Machine learning Intrusion detection NIDS data transformation packet transformation Telecommunication traffic Data models Surveys Reviews Data visualization Payloads Numerical models Taxonomy Network intrusion detection Generative adversarial networks |
| dc.title.none.fl_str_mv | Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey |
| dc.type.none.fl_str_mv | Text Journal contribution info:eu-repo/semantics/publishedVersion text contribution to journal |
| description | <p dir="ltr">Network intrusion detection systems are crucial for securing information technology and operational technology networks against cyberattacks. While machine learning and deep learning techniques hold significant promise for enhancing these systems, their performance is highly dependent on how network traffic data is transformed and represented. In a survey of recent popular papers, we identified four main categories of data representations: numerical, pixel-based, sequence-based, and graph-based approaches. The identified transformations capture information either from network traffic packets, flows, or both. Using insights from the literature and additional experiments conducted on the CICIDS-2017 dataset, we assessed each representation not only in terms of its ability to enhance detection performance but also in terms of computational efficiency. Our findings highlight the need for future research to improve data transformation techniques, especially in terms of dataset labeling and inference time reporting, to support the development of more robust and practical network intrusion detection systems.</p><h2>Other Information</h2><p dir="ltr">Published in: IEEE Access<br>License: <a href="https://creativecommons.org/licenses/by/4.0/deed.en" target="_blank">https://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1109/access.2025.3581354" target="_blank">https://dx.doi.org/10.1109/access.2025.3581354</a></p> |
| eu_rights_str_mv | openAccess |
| id | Manara2_37eb1d60bbf520f51a103dea7248b790 |
| identifier_str_mv | 10.1109/access.2025.3581354 |
| network_acronym_str | Manara2 |
| network_name_str | Manara2 |
| oai_identifier_str | oai:figshare.com:article/30542768 |
| publishDate | 2025 |
| repository.mail.fl_str_mv | |
| repository.name.fl_str_mv | |
| repository_id_str | |
| rights_invalid_str_mv | CC BY 4.0 |
| spelling | Network Packet Transformation Approaches for Intrusion Detection Systems: A SurveySomaya Eltanbouly (22565864)Jezia Zakraoui (14151399)Abdulaziz Al-Ali (16393288)Abdelhak Belhi (22565867)Sandy Rahme (16888770)Abdelaziz Bouras (20036553)Information and computing sciencesCybersecurity and privacyData management and data scienceMachine learningIntrusion detectionNIDSdata transformationpacket transformationTelecommunication trafficData modelsSurveysReviewsData visualizationPayloadsNumerical modelsTaxonomyNetwork intrusion detectionGenerative adversarial networks<p dir="ltr">Network intrusion detection systems are crucial for securing information technology and operational technology networks against cyberattacks. While machine learning and deep learning techniques hold significant promise for enhancing these systems, their performance is highly dependent on how network traffic data is transformed and represented. In a survey of recent popular papers, we identified four main categories of data representations: numerical, pixel-based, sequence-based, and graph-based approaches. The identified transformations capture information either from network traffic packets, flows, or both. Using insights from the literature and additional experiments conducted on the CICIDS-2017 dataset, we assessed each representation not only in terms of its ability to enhance detection performance but also in terms of computational efficiency. Our findings highlight the need for future research to improve data transformation techniques, especially in terms of dataset labeling and inference time reporting, to support the development of more robust and practical network intrusion detection systems.</p><h2>Other Information</h2><p dir="ltr">Published in: IEEE Access<br>License: <a href="https://creativecommons.org/licenses/by/4.0/deed.en" target="_blank">https://creativecommons.org/licenses/by/4.0/</a><br>See article on publisher's website: <a href="https://dx.doi.org/10.1109/access.2025.3581354" target="_blank">https://dx.doi.org/10.1109/access.2025.3581354</a></p>2025-06-27T12:00:00ZTextJournal contributioninfo:eu-repo/semantics/publishedVersiontextcontribution to journal10.1109/access.2025.3581354https://figshare.com/articles/journal_contribution/Network_Packet_Transformation_Approaches_for_Intrusion_Detection_Systems_A_Survey/30542768CC BY 4.0info:eu-repo/semantics/openAccessoai:figshare.com:article/305427682025-06-27T12:00:00Z |
| spellingShingle | Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey Somaya Eltanbouly (22565864) Information and computing sciences Cybersecurity and privacy Data management and data science Machine learning Intrusion detection NIDS data transformation packet transformation Telecommunication traffic Data models Surveys Reviews Data visualization Payloads Numerical models Taxonomy Network intrusion detection Generative adversarial networks |
| status_str | publishedVersion |
| title | Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey |
| title_full | Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey |
| title_fullStr | Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey |
| title_full_unstemmed | Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey |
| title_short | Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey |
| title_sort | Network Packet Transformation Approaches for Intrusion Detection Systems: A Survey |
| topic | Information and computing sciences Cybersecurity and privacy Data management and data science Machine learning Intrusion detection NIDS data transformation packet transformation Telecommunication traffic Data models Surveys Reviews Data visualization Payloads Numerical models Taxonomy Network intrusion detection Generative adversarial networks |