Intrusion Detection Systems (IDSs) are an essential element of modern cyber defense, alerting users to when and where cyber-attacks occur. Machine learning can enable IDSs to further distinguish between benign and malicious behaviors, but it comes with several challenges, including lack of quality training data and high false-positive rates. Generative Machine Learning Models (GMLMs) can help overcome these challenges. This article offers an in-depth exploration of GMLMs’ application to intrusion detection. It gives (1) a systematic mapping study of research at the intersection of GMLMs and IDSs, and (2) a detailed review providing insights and directions for future research.

入侵检测系统 (IDS) 是现代网络防御的重要组成部分，可提醒用户网络攻击发生的时间和地点。机器学习可以使 IDS 进一步区分良性和恶意行为，但它也面临着一些挑战，包括缺乏高质量的训练数据和高误报率。生成机器学习模型 (GMLM) 可以帮助克服这些挑战。本文深入探讨了 GMLM 在入侵检测中的应用。它提供了 (1) 对 GMLM 和 IDS 交叉点的研究进行系统映射研究，以及 (2) 详细回顾，为未来的研究提供见解和方向。