Review on the application of deep learning in network attack detection

With the development of new technologies such as big data, cloud computing, and the Internet of Things, network attack technology is constantly evolving and upgrading, and network attack detection technology is forced to undergo corresponding iterative evolution. Three main problems are associated with these technologies: the automatic representation of heterogeneous and complex network traffic data, the uneven network attack samples, and the contradiction between the accuracy of the anomaly detection model and the continuous evolution of attacks. Researchers have proposed several network attack detection techniques based on deep learning to address these problems. This study reviews and analyzes the studies aimed at dealing with such problems, considering multiple factors, such as models, traffic representation and feature extraction, threat detection model training, and model robustness improvement. Finally, the existing problems and challenges associated with the current research are analyzed with respect to data category imbalance, high-dimensional massive data processing, concept distribution drift, real-time interpretability of the detection model, and the security of the model. [Display omitted] •Deep learning models commonly used in network attack detection.•Traffic characterization and feature extraction based on deep learning.•Threat detection model training based on deep learning.•Improved model robustness based on adversarial learning.•Existing problems and challenges of network attack detection.