| [95] |
Malware Detection |
Deep Convolutional Neural Network (DCNN) |
Hand-engineered malware features have no requirement. To make the process easier, the network is trained end-to-end to understand suitable properties and conduct classifications. After the model has been trained, it may be effectively and executed on a GPU with efficiency, permitting a large number of files to be scanned rapidly.
|
For dynamic and static malware detection on several platforms, it is impractical. Malware detection is incompatible with the design and creation of data augmentation methods.
|
| [96] |
Intrusion Detection System (IDS) |
Artificial Neural Network (ANN), Stacked Auto Encoder (SAE) |
Select the most important features only to reduce their dimensionality. It is suitable for resource-constrained devices. The reduced input features are sufficient for classification tasks.
|
|
| [97] |
Network Traffic Identification |
Stacked autoencoder and one-dimensional convolution neural network (CNN) |
Both of the tasks such as traffic characterization and application identification are dealt with. Automatic feature extraction saves time and money by eliminating the need for experts to detect and extract handmade elements from traffic, resulting in higher accuracy for traffic classification.
|
Low efficiency for multi-channel (e.g., differentiating between various types of Skype traffic such as that of chats, video and voice calls) classification and accuracy in classifying Tor’s traffic, etc.
|
| [98] |
Spam Email Detection |
Bidirectional Encoder Representations from Transformers (BERT) |
|
|
| [78] |
Intrusion Detection (5G) |
RBM; RNN |
It can manage traffic fluctuation. Optimising the computational resources at any point in time along with refining the performance and behaviour of analysis and detection procedures is the primary goal. The architecture may adapt and adjust by itself the anomaly detection system depending on the amount of network flows gathered in real-time from 5G subscribers’ user equipment, reducing resource consumption and maximising efficiency.
|
Because of the abundance of network traffic handled by a RAN, accuracy suffers. Model is not trained for a real-time environment.
|
| [99] |
False Data Injection |
RBM |
The detection scheme is unaffected by the number of attacked data, SVE detection thresholds, and certain degrees of noise in the surroundings. Model can achieve high accuracy for detection in presence of the operation faults occurring now and then.
|
|
| [100] |
Keystroke Verification |
RNN |
|
|
| [101] |
Border Gateway Protocol Anomaly Detection |
RNN |
Solve the problem of bursts and noise in dynamic Internet traffic that occur regularly. It learns and grasps traffic patterns using historical features in a sliding time span. The classifier performs well.
|
It’s vulnerable to overfitting, and using the dropout algorithm to prevent it is challenging. This method is affected by various random weight initialization.
|
| [102] |
DGA |
CNN RNN |
|
|
| [103] |
Insider Threat |
DFNN RNN CNN GNN |
DFNN: To detect anomalies one can employ the concept of utilising a deep autoencoder. RNN: Capturing temporal information of the users’ activity sequences. CNN: Great accuracy and precision if the data of a users’ activity can be represented in the form of images. GNN: Organisation information networks are fairly powerful to model the graph data.
|
Data that is extremely unbalanced. In attacks, there is a lot of temporal information. Fusion of heterogeneous data. There aren’t any practical evaluation metrics. Interpretability. Subtle and Adaptive Threats. Fine-grained Detection.
|
