Treffer: Automated Network Defense: A Systematic Survey and Analysis of AutoML Paradigms for Network Intrusion Detection.

As cyberattacks grow increasingly sophisticated, advanced Network Intrusion Detection Systems (NIDS) have become essential for securing cyberspace. While Machine Learning (ML) is foundational to modern NIDS, its effectiveness is often hampered by a resource-intensive development pipeline involving feature engineering, model selection, and hyperparameter tuning. Automated Machine Learning (AutoML) promises a solution, but its application to the massive, high-speed data streams in NIDS is fundamentally a parallel and distributed computing challenge. This paper argues that the scalability and performance of AutoML in NIDS are governed by the underlying computational paradigm. We introduce a novel taxonomy of AutoML frameworks, uniquely classifying them by their parallel and distributed architectures. Through a comprehensive meta-analysis of over 15 NID methods on benchmark datasets, we demonstrate how the performance of leading systems is a direct consequence of their chosen computational paradigm. Finally, we identify frontier challenges and future research directions at the intersection of AutoML, NIDS, and high-performance distributed systems, focusing on computational scalability, security, and end-to-end automation. [ABSTRACT FROM AUTHOR]

Copyright of Applied Sciences (2076-3417) is the property of MDPI and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)