@Article{jcs.2026.080477,
AUTHOR = {Darlington Chigozie Okeke},
TITLE = {A Systematic Review of Machine Learning Techniques in Intrusion Detection Systems},
JOURNAL = {Journal of Cyber Security},
VOLUME = {8},
YEAR = {2026},
NUMBER = {1},
PAGES = {319--356},
URL = {http://www.techscience.com/JCS/v8n1/67570},
ISSN = {2579-0064},
ABSTRACT = {Background: The evolution of modern networked systems in complexity, volume, and diversity has markedly increased the cyber-attack area. Conventional signature-based intrusion detection systems (IDS) will no longer be adequate for identifying advanced threats. A data-driven, adaptive approach that can identify malicious network activity is provided by machine learning (ML) techniques. This review aims to study, compare, and analyze ML-based approaches in IDS and improve the security defense mechanism. Methods: This systematic review followed the PRISMA 2020 guidelines. ML-based IDS peer-reviewed papers were identified from five scientific databases. Abstracts, full texts, and titles were filtered using predetermined inclusion and exclusion criteria, resulting in a sample of 53 primary studies. Data extraction included the algorithms used, the data used, and the metrics used to evaluate. Findings: The data show that most supervised ML techniques, such as decision trees, support vector machines, ensemble models, and deep learning systems (e.g., convolutional and recurrent neural networks), are predominant. In the majority of studies, high detection accuracy was obtained in controlled experimental settings. Conclusions: ML is a significant addition to intrusion detection, especially for anomaly detection and zero-day attack detection. However, the actual implementation is still limited due to the lack of detailed assessment systems and strict robustness testing. Future studies can focus on reproducibility, the use of diverse datasets, adversarial robustness, and the development of explainable ML methods.},
DOI = {10.32604/jcs.2026.080477}
}