DOI: 10.14569/IJACSA.2025.0160378

Intrusion Detection System-Based Network Behavior Analysis: A Systemic Literature Review

Author 1: Mohammed Janati
Author 2: Fayçal Messaoudi

International Journal of Advanced Computer Science and Applications(IJACSA), Volume 16 Issue 3, 2025.

Abstract: An Intrusion Detection System (IDS) in cyberspace, as of now, plays primarily as a means of detecting illegal access and activity in a network. Due to the rapidly evolving cyber threats, the traditional signature-based IDS have started losing their effectiveness, leading to the emergence of advanced alternatives to these traditional technologies, such as Network Behavior Analysis (NBA). Unlike conventional signature-based systems, NBA monitors behavioral patterns for deviations and potential threats, which is a far more flexible and powerful way of detecting intrusion. While NBA-based IDS is a growing field of interest, the existing research in this area is mostly disoriented, mostly concentrating on single features like machine learning, deep learning algorithms, specific detection processes, or unique environments such as IoT and cloud systems. This systematic literature review (SLR) follows the guidelines proposed by Kitchenham to collect various studies, highlights research gaps, and provides an overview of the existing evidence. Spanning literature from January 2014 to April 2024, it comprehensively highlights the methods, datasets, types of detectable cyber-attacks, performance metrics, and the challenges that besiege existing NBA-based IDS. This shows the urgency for much more flexible and robust solutions, i.e., providing solutions through advanced Artificial Intelligence (AI) techniques in response to the increasing cyberspace complexities. Therefore, this review provides fundamental perspectives for researchers and practitioners and makes an important contribution towards stimulating future research efforts to design more effective and robust IDS solutions.

Keywords: Artificial Intelligence (AI); deep learning; machine learning; cybersecurity; Intrusion Detection System; Network Behavior Analysis (NBA); Systematic Literature Review (SLR)

Mohammed Janati and Fayçal Messaoudi, “Intrusion Detection System-Based Network Behavior Analysis: A Systemic Literature Review” International Journal of Advanced Computer Science and Applications(IJACSA), 16(3), 2025. http://dx.doi.org/10.14569/IJACSA.2025.0160378

@article{Janati2025,
title = {Intrusion Detection System-Based Network Behavior Analysis: A Systemic Literature Review},
journal = {International Journal of Advanced Computer Science and Applications},
doi = {10.14569/IJACSA.2025.0160378},
url = {http://dx.doi.org/10.14569/IJACSA.2025.0160378},
year = {2025},
publisher = {The Science and Information Organization},
volume = {16},
number = {3},
author = {Mohammed Janati and Fayçal Messaoudi}
}


Copyright Statement: This is an open access article licensed under a Creative Commons Attribution 4.0 International License, which permits unrestricted use, distribution, and reproduction in any medium, even commercially as long as the original work is properly cited.

IJACSA

Upcoming Conferences

Future of Information and Communication Conference (FICC) 2025

28-29 April 2025

Computing Conference 2025

19-20 June 2025

IntelliSys 2025

28-29 August 2025

Future Technologies Conference (FTC) 2025

6-7 November 2025