NLP Methods in Host-based Intrusion Detection Systems: A Systematic Review and Future Directions
The Host-Based Intrusion Detection Systems (HIDS) are widely used for defending against cybersecurity attacks. An increasing number of HIDS have started leveraging the advances in Natural Language Processing (NLP) technologies that have shown promising results in precisely detecting low footprint, zero-day attacks and predict attacker's next steps. We conduct a systematic review of the literature on NLP-based HIDS in order to build a systematized body of knowledge. We develop an NLP-based HIDS taxonomy for comparing the features, techniques, attacks, datasets, and metrics found from the reviewed papers. We highlight the prevalent practices and the future research areas.
READ FULL TEXT