Towards an efficient model for network intrusion detection system (IDS): systematic literature review

With the recent rise in internet usage, the volume of crucial, private, and confidential data traveling online has increased. Attackers have made attempts to break into the network due to weaknesses in the security mechanisms, gaining access to sensitive data that could disrupt the operation of the systems and jeopardize the confidentiality of the data. Intrusion detection systems, a key component of cybersecurity, were used to defend against these potential threats. Numerous review papers have examined various intrusion detection system (IDS) approaches for networks, many of which focused primarily on the anomaly-based IDS while paying less attention to the signature and hybrid-based approaches. Additionally, a lot of these studies took a non-systematic approach, comparing existing techniques, without taking into account the in-depth analytical synthesis of methodologies and results of the approaches to provide a thorough grasp of state-of-the-art. In order to provide a thorough assessment of the current status of Network IDS, this work provides an in-depth insight into what is attainable in the research of Anomaly, Signature, and Hybrid-Based methods by adhering to the principles of Preferred Reporting Items for Systematic Reviews and Meta-Analyses and guidelines for Software Engineering Domain. We discovered unexplored study topics and unsolved research issues based on the study's findings. We end by highlighting potential, high impact future research areas in order to improve the IDS model.